Independent Reviews
July 18, 2021Board Compliance Reporting Do’s and Don’ts
November 4, 2021
![]()
For September’s blog we will discuss TSB and what went wrong within its compliance structure that caused them to suffer a $3.5 million penalty.
Case Summary
TSB failed to follow basic compliance rules and regulations and four breaches of their AML/CFT Act were identified which are highlighted below. The civil proceedings held against TSB were an escalated regulatory response by the Reserve Bank to ongoing non-compliance by the company- a formal warning was issued to TSB in 2016 where they failed to respond appropriately. As a result of the penalties incurred TSB has now embarked on a remediation programme.
Breach 1 – TSB’s AML/CFT programme didn’t have adequate and effective procedures, policies and controls for monitoring and managing compliance with, and the internal communication of and training in, those procedures, policies, and controls.
Breach 2- TSB failed to review and maintain its AML/CFT programme as required.
Breach 3- TSB failed to conduct an adequate risk assessment in respect of its realty operations as required.
Breach 4- TSB failed to have regard to certain countries it deals with in conducting its risk assessment as required. The countries included Botswana, Ghana, Serbia, Sri Lanka and Trinidad and Tobago.
Case Views
Breach 1- it appears as if TSB failed to implement effective monitoring systems and to conduct testing on these systems. Monitoring and testing would have aided TSB in discovering and addressing any deficiencies within their systems. In addition, they failed to implement a robust training and communication programme for said policies and procedures. Training and communication needed to be ongoing to ensure efficiency within the organisation. Furthermore, the company’s board of directors/senior management should have made certain that all their employees understood the company’s policies and procedures and their role in combatting against ML, TF and PF. Proof of this training, receipt and understanding of the company’s AML manual should always be documented.
Breach 2- compliance is ever changing and evolving, especially as new products and services are introduced to the market. TSB clearly lacked the ability to review and update their programmes to meet these market changes and demands. Furthermore, they most likely did not ensure that all employees adopt the AML/CFT processes put in place, probably due to poor supervision and management, and an absence of employee feedback.
Breach 3- a risk assessment for any company is important. TSB seemed as not to conduct a risk assessment or applied a risk rating to determine their high risked, medium risked and low risked clients within the realty operations. Developing a risked assessment would have assisted the company in realizing the level of due diligence and ongoing due diligence needed to be applied, whether standard, simplified or enhanced due diligence.
Breach 4- TSB needed a comprehensive risk-based framework which would analyze the geographical risks involved. The company should have conducted the appropriate screening due to the threats posed by these locations and gather the necessary information and reports to make them more compliant and avoid paying penalties. It would also help in determining who are acceptable or unacceptable clients.
Based on the findings in the above case study we can see the importance of an effective customer due diligence process, risk-based approach, communication and training programme and monitoring. We at Wiltshire Consultancy can assist you today in creating a robust compliance structure, email us today!
