Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1
EiendomsMegler 1 Midt-Norge
OVERARCHING RISK ASSESSMENT
Money laundering and terrorist financing etc.
These guidelines apply to EiendomsMegler 1 Midt-Norge
Basis in law Anti-Money Laundering Act, section 5
Responsible for compliance Anti-money laundering officer
Responsible for updating/revision Anti-money laundering officer
Version 1.0
Latest update 13.12. 2016
Considered by the board of directors
16.12. 2016
Contents 1. Introduction
1.1 Background
1.2 Threat picture
1.3 Development of rules and international standards
1.4 Definitions
2. Purpose of the risk assessment
3. Method for risk assessment
4. Brief overarching description of the business
5. Identification and assessment of risk
5.1 Description of the company’s general risk picture
5.1.1 The company’s size
5.1.2 The company’s service range and customers
5.1.3 The industry’s generally low knowledge level
5.1.4 Outdated IT system that requires manual processing
5.1.5 Organisation
5.2 Identification of risk indicators with analysis and assessment of identified risks
6. Risk-mitigating measures
6.1 Preventive measures
6.2 Measures in connection with customer establishment
6.3 Ongoing customer due diligence measures
6.4 Enhanced customer due diligence
6.5 Follow-up and monitoring
7. Ethics and responses
8. Audit
Audit history
2
Date Version Description Date considered by the board of
directors
December
2016
1.0 Document established 16.12.16
June 2016 0.0 Original risk
assessment
22.6.16
1. Introduction
1.1 Background
The object of the Anti-Money Laundering Act is to prevent and detect transactions related to
the proceeds of criminal acts or related to terrorist acts. The Act makes clear in its objects
clause that it applies not only to transactions related to money laundering or terrorist
financing, but to all acts related to the proceeds of criminal acts.
Section 5 of the Anti-Money Laundering Act builds on principle of ‘know your customer’,
including ‘know your customer’s business’, which internationally is one of the key
instruments for preventing the financial system from misuse for money laundering or terrorist
financing purposes.
Knowledge of one’s own business and its customers is important for practising a risk-based
approach in keeping with the requirements set by the legislation. EiendomsMegler 1 Midt-
Norge must in that context be able to demonstrate that control measures are geared to the risk
concerned. Authorities, customers and competitors must have confidence in EiendomsMegler
1 Midt-Norge’s professionalism and integrity, and be certain that the company’s services are
not exploited for the purpose of committing crime.
1.2 Threat picture
The threat picture as regards economic and financial crime has changed, not least in terms of
the rising level of organised, cross-border crime. More and more sophisticated attempts to
commit money laundering are noted, including through the establishment of shell companies
and use of intermediaries. The volume of cross-border transactions is increasing, as is the
number of foreign customers.
Nationally and internationally, money laundering is associated with serious – and often
organised – crime such as human trafficking, arms smuggling and drugs trading etc.
Extremists also exploit established financial institutions to fund terrorist activity. The trend is
disturbing. Financial institutions and broking firms are generally speaking particularly
susceptible to exploitation, and Norwegian broking firms are by no means spared from this.
The property industry is generally speaking suited to money laundering since the industry is
characterised by large sums of money and rapid transactions where the opportunity to gain a
knowledge of the client and their co-contractor is limited due to the estate agent’s brief period
of involvement with them.
3
Moreover, the purchase or construction of properties is regarded by the FATF as the sector
most frequently subject to money laundering in Europe.
In Norway – where house prices are ‘high’ (large transaction amounts), as are activity levels
in the new-build market – conditions are well suited to laundering large sums of money
rapidly. Given the disturbingly low level of expertise in the sector past and present, the risk of
exploitation for money laundering purposes is substantial.
1.3. Development of rules and international standards
The growing risk exposure in society is accompanied by continuous development of
legislation and international standards. Increased requirements are being set, along with more
specific and more stringent demands in terms of customer due diligence and customer
monitoring.
This is reflected in the EU’s Fourth Money Laundering Directive which was adopted on 20
May 2015 and is expected to be transposed into Norwegian law in 2017. The following
changes in the directive are worth noting:
More specific requirements to carry out risk-based customer due diligence and monitoring
Less leeway for, and increased requirements on, simplified customer due diligence
The definition of PEPs (politically exposed persons) is extended to include national persons
Increased focus on terrorist financing, including stricter requirements on customer identification and verification
Increased requirements on and responsibility for management to approve and follow-up on the framework and its implementation
Requirement of fines for breaches (maximum fines of at least EUR 5,000,000 or 10% of overall annual turnover).
In March 2016 Finanstilsynet (Norway’s financial supervisory authority) published Circular
6/2016: Guide on compliance with the anti-money laundering legislation in the estate agency
industry.
In December 2016 a working committee under the auspices of Real Estate Norway was
mandated to develop an industry standard for compliance with the anti-money laundering
legislation.
Finanstilsynet has defined compliance with the anti-money laundering legislation as a focal
area for the estate agency industry and has given notice of on-site inspections in 2017 with a
focus on this area. EM1 is likely to be subject to on-site inspection.
1.4 Definitions
AML – anti-money laundering
FATF – Financial Action Task Force. This is an international collaborative group established by the G7 group of countries in 1989 to combat the laundering of proceeds
of drug crime and other crime. The FATF now has 36 members including Norway and
most of the OECD countries. The European commission is also a member of the
4
FATF. The FATF has drawn up 40 recommendations for measures to combat money
laundering. They are recognised as the leading international standards in this area.
MT reports – Reports filed with Økokrim (Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime) based on
suspicious transactions.
PEPs - Politically exposed persons
2. Purpose of the risk assessment
Both customer due diligence and ongoing monitoring should be risk-based, i.e. based on an
assessment of the risk of transactions connected to the proceeds of criminal acts or to
circumstances covered by the Penal Code sections 131 to 136(a); cf. the Anti-Money
Laundering Act section 5.
The purpose of the risk assessment is:
to identify where the risk of money laundering and terrorist financing etc. is greatest,
to analyse the risk, and identify what types of customers should be subject to the enhanced due diligence
to develop concrete, risk-based customer due diligence measures on three levels – simplified, standard and enhanced – and to develop procedures for risk-based
monitoring and to adapt these procedures in such a way that suspicious transactions
are flagged and in the event reported as MT reports,
to document that measures are geared to the specific risk
Risk should always be assessed with reference to the type of customer, customer relationship,
product and/or transaction concerned. Based on the risk assessment, customer due diligence
and the ongoing monitoring should be carried out either in a simplified, standard or enhanced
manner. The customer due diligence measures should be geared to the identified risk, and,
based on risk assessment carried out, there may be a need to take steps to improve processes,
procedures and policies, as well as system support.
Simplified customer due diligence
Simplified customer due diligence can be applied where the conditions of the Anti-Money
Laundering Act section 13 and the Anti-Money Laundering Regulations are met. Before
simplified customer due diligence is carried out, sufficient information shall be obtained to
determine whether the conditions for simplified customer due diligence are met, cf. the Anti-
Money Laundering Act section 13, subsection (1), second sentence. Simplified customer due
diligence does not confer exemption from the obligation to conduct ongoing monitoring.
Standard customer due diligence
Standard customer due diligence and ongoing monitoring shall be applied where
circumstances requiring enhanced customer due diligence are not present, and simplified
customer due diligence cannot be undertaken. For the purposes of standard customer due
diligence, it will as a rule suffice to follow the ordinary customer due diligence procedures.
This will be the case for the majority of the business’s customers.
Enhanced customer due diligence
In situations which by their nature entail a high risk of transactions connected to the proceeds
of criminal acts or circumstances covered by the Penal Code sections 131 to 136(a), customer
5
due diligence and ongoing monitoring shall be carried out using enhanced measures. This
could be alone or as a result of a combination of various types of risk. It is therefore
important, as a part of the risk assessment, both to identify risk factors and to develop separate
enhanced due diligence measures that are risk mitigating.
3. Method for risk assessment
In order to ensure the best possible basis for preparing an overarching assessment of money
laundering and terrorist financing risk for the business, a risk assessment process has been
undertaken. To this end the AML officer – in consultation with an external adviser and
ongoing dialogue with estate agents, case officers and staff at the settlement department – has
carried out an overarching risk assessment for the business.
The following elements were included:
Description of the general risk picture for the business
Identification of risk indicators
Analysis and assessment of identified risks
Discussion related to risk-mitigating measures
As a basis for identification and assessment of risk, recourse is had not only to the involved
individuals’ knowledge and experience regarding the business’s customers, products and
transactions but also of technical material and analyses that are published by external sources
such as (i) the annual report of the Financial Intelligence Unit (FIU), (ii) Økokrim’s1 trend
report, (iii) Økokrim’s list of indicators, (iv) Kripos’2 trend report and (v) Finanstilsynet’s3
circular no. 6/2016.
As an aid to carrying out and documenting the risk assessment, a risk matrix has been
prepared. The risk matrix contains a risk assessment based on various risk indicators, also
termed “money laundering indicators” or “red flags”.
The risk matrix shall be used by the business’s staff to carry out ongoing risk-based customer
due diligence and is designed to ensure risk assessments of good quality, and documentation
of such risk assessments, thereby also facilitating the implementation of adequate internal
controls. Staff are required to risk classify assignments by completing a form (“risk
classification form”) based on the risk matrix upon entering into the assignment agreement
and thereafter once the contract has been signed.
The following criteria are applied when assessing risk:
SIMPLIFIED risk: Low/normal risk. No specific risks of money laundering or terrorist financing identified.
STANDARD risk: Risk which together with other criteria may entail an elevated risk of money laundering and terrorist financing and thus a need for enhanced due
diligence. Customers, products, transactions etc. with medium risk are ranked on a
scale from 1-3.
1 Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime 2 The National Criminal Investigation Service 3 The Financial Supervisory Authority of Norway
6
ADVANCED risk: Customers with an elevated risk of money laundering and terrorist financing. Criteria which in themselves are sufficient to subject a customer to
enhanced due diligence (e.g. PEPs)
For further details, see the risk matrix related to money laundering in which the identified
risks are shown.
4. Brief overarching description of the business
EiendomsMegler 1 Midt-Norge is the region’s largest real estate agency and is a member of
the EM1 Alliance. Its head office is in Trondheim, and the business has 28 branch offices co-
located with the parent banks (SpareBank 1 SMN, Sparebank 1 NV and Sparebank 1 SS). The
business is organised based on a strategy embracing a local footing in which the idea is that
local estate agents know local conditions best.
Commercial property and new-build transfers are organised in separate departments. The
company has about 240 employees distributed across administration, settlement department,
back office department and staff at the branch offices comprising estate agents, assistants,
trainees and case officers.
All settlements in the case of existing homes and new-builds are handled by the Central
Settlements Department in Trondheim.
Further, a total of 17 offices are attached to the central back office department, entailing that
all case processing for the departments concerned is carried out by this department. By ‘case
processing’ is meant the ‘preparing’ and ‘organising’ of assignments which essentially
consists of:
- Obtaining and collating statutory information - Drafting of documents for the property transaction - Preparing assignments that are due for settlement
Physical offices EiendomsMegler 1 Midt-Norge has 28 physical branch offices distributed across Trøndelag
and Møre and Romsdal.
The offices are located in Namsos, Rørvik, Steinkjer, Levanger, Verdal, Stjørdal, Fosen,
Orkanger, Trondheim, Oppdal, Hitra, Frøya, Melhus, Molde, Sunndalsøra, Surnadal,
Kristiansund, Ålesund, and Ørsta/Volda. EiendomsMegler 1 Midt-Norge has no divisions or
offices abroad.
See chapter 5 for a description of the business’s customers, customer relationships,
transaction type and aspects of the transaction.
5. Identification and assessment of risk
Summary
7
This chapter provides more detailed information regarding identification and assessment of
the risk picture for the business as regards money laundering and terrorist financing.
Point 5.1 gives an account of the general risk picture for the business in an overarching
perspective. As will be seen, attention is drawn to a number of factors representing inherent
risk in the business.
It is, however, important to make clear that the bulk of the business’s assignments and
customers belong in the category “standard”. A “normal assignment” in terms of volume
refers to consumers resident in Norway who intend to buy or sell property in connection with
the purchase of a new dwelling for which large parts of the purchase price are debt-financed,
entailing that the risk posed by the business is in general terms acceptable.
At the same time a number of risk indicators are identified, see point 5.2, to which the
employee is obliged to respond in the individual assignment.
In view of established procedures, including internal control procedures, and the ongoing
training carried out in the organisation, see point 6, risk associated with
assignments/customers posing elevated risk is considered to be handled satisfactorily. The
procedures require assignments/customers posing elevated risk to be identified and managed
in a timely and rightful manner.
5.1 Description of the company’s general risk picture
EM1 is assessed as facing an inherent risk of exploitation for money laundering purposes due
to
- the company’s size, - the company’s range of services, - the generally low level of knowledge in the sector - an outdated IT system requiring “manual processing” - (organisation of the business)
The final indent is in parenthesis since the organisation of the business also has its clear-cut
strengths as regards compliance with the AML legislation.
5.1.1 The company’s size
In its catchment area from Volda in the south to Rørvik in the north, the company has an
overall market share of just over 40%, producing a large number of transactions per year
(approaching 7,000).
The company’s organisation involving a large geographical sweep and a presence in the
largest towns in North Trøndelag and in Møre and Romsdal is in itself a risk factor due to the
distance this involves to the management, AML officerand the Central Settlement
Department/Central Back Office department.
Similarly the number of employees itself entails a risk, since about 240 persons with various
competences and experience have to be ‘reached out to’ in order to ensure compliance with
the AML legislation.
8
A high market share entails a relatively large proportion of transactions in the refurbishment
market, a market well suited to money laundering – for example when a property is
refurbished using illicit funds which are laundered when the property is sold.
5.1.2 The company’s service range and customers
The company offers all estate agency services from residential rentals.
The bulk of the business’s assignments and customers belong in the category “standard”. A
“normal assignment” in terms of volume refers to consumers resident in Norway who intend
either to buy or sell property in connection with the purchase of a new dwelling for which
large parts of the purchase price are debt-financed. These assignments do not pose an elevated
risk of money laundering/terrorist financing.
Where commercial property broking is concerned, such assignments are handled by the
Commercial Property Broking Department. The department has about 200 assignments per
year comprising 40% sales assignments and 60% rentals.
Commercial property broking is regarded as particularly vulnerable due to
- High transaction amounts - Complex corporate structures - Sales involving ‘in blanco’ deeds of conveyance - Potential difficulty in determining market value - Market values are easier to manipulate via for example fictive rental contracts
The Commercial Property Broking Department, which has an on-site case officer that
supervises the broking process ensuring that it is conducted in the correct manner, is in
addition monitored closely by the AML officer with a focus on the AML effort.
Settlement assignments (about 500 of about 7,000 transactions in all in 2015) are a risk driver
due to lower knowledge of:
- The parties - The agreement - The sale object, including the price
Transactions in the new-build market, numbering about 1,000 per year, pose particular risk
because of:
- The developer’s corporate structure - Desire for in blanco deed of conveyance/onward sale of the contract by the buyer
The New Build Department has its own quality officer attached to the department, and is
responsible for all customer establishment and case handling on the new-build side –
including new-build projects across the business’s entire market area. This constitutes a clear-
cut strength as regards compliance, ongoing monitoring and controls.
5.1.3 The industry’s generally low knowledge level
9
The issues involved in the AML effort appear ‘remote’, although attitudes have matured and
awareness of the issues has grown in the past year. The impression is that many estate agency
staff are reluctant to inform against or report customers that provide the basis for their
salaries.
There has been very little focus on AML in our sector, as in others, and the sector is
characterised by backlog due to lack of focus since the Act entered into force in 2009.
A large proportion of the staff have recently completed their education, only five hours of
which were devoted to the AML legislation. On the other hand there are experienced estate
agents who continue to work as they have done for many years and fail to take a healthy,
critical look at transactions.
The above refers to a backlog in terms of competence among the staff, but the measures taken
as described in point 6 are proving to have good effect in terms of compliance with the AML
legislation in the business.
5.1.4 Outdated IT system that requires manual processing
Present day IT tools have no module that ensures compliance with the AML legislation. They
offer no possibility of ‘automatic checks’ with associated ‘stop points’.
A large degree of manual work without physical stop points contributes to increased risk due
to greater room for human error.
5.1.5 Organisation
Thus far much responsibility for the AML effort has been placed on the AML officer,
rendering the business vulnerable in the AML officer’s absence. Phasing in the case officer in
charge of quality as an actor in the first line of defence, see point 6, reduces this risk.
An organisation structure involving the Central Settlement Department and the Central Back
Office splits up the process. This is liable to increase risk since it could lead to none of the
involved parties assuming ‘full ownership’ of the matter concerned.
The last mentioned risk is considered to satisfactorily addressed through the control
procedures that are established, see point 6, and the CSD-CCPD set-up accordingly adds
strength to the organisation of the business in terms of complying with the AML legislation. It
provides strong professional units on both the case officer and settlement side, which is in
itself a strong point since all settlements (except in the commercial area) are handled by a
department of dedicated staff, which strengthens opportunities for training and controls.
5.2 Identification of risk indicators with analysis and assessment of identified risks
Through the risk assessment process a number of risk factors have been identified which are
group as follows:
Type of customer/co-contractor
Knowledge of the customer/co-contractor
10
Transaction type
Aspects of the transaction
This grouping is considered to be in accordance with section 5 of the Anti-Money Laundering
Act which requires risk-based, ongoing monitoring to be carried out based on the “type of
customer, customer relationship, product or transaction.”
The following assessment criteria are applied when assessing risk:
Risk - level
Simplified due diligence controls Low/no risk. No specific risks of money laundering or terrorist financing identified
Standard due diligence controls Matters which on their own do not constitute risks but which together with other criteria may entail an elevated risk of money laundering or terrorist financing and thus a need for enhanced controls
Enhanced Matters which entail an elevated risk of money laundering or terrorist financing. Criteria which in themselves are sufficient to place a customer under enhanced controls (e.g. a PEP)
Risk based on type of customer/co-contractor Risk - level
Norwegian private customer
Foreign national, resident in Norway Foreign national, resident abroad Politically exposed person – PEP* Norwegian-registered company (limited company, general partnership, general partnership with shared liability, public limited company, housing cooperatives
Norwegian-registered foreign business
Foreign-registered company Public enterprise that meets requirements for simplified due diligence
Guardianship
Judicial administration of a deceased’s estate Private administration of a deceased’s estate Bankruptcy estate Property sale through power of attorney
Indication that customer/co-contractor is acting on behalf of others
Customer/co-contractor’s residence/address does not conform to their income level
Customer/co-contractor is an apparently ‘empty’ company
No risk based on aspects of the transaction Customer regularly provides assignments without being registered as a business engaged in property purchase and sale
11
One of the parties has no natural connection to the area in which the property is situated
Complex corporate structure/organisations whose ultimate beneficial owners are difficult to identify
No risk based on type of customer/co-contractor
*PEP: A person who holds/has held a prominent office or position in a state other than
Norway, or the child/spouse of such a person.
Risk based on knowledge of the customer/co-contractor incl. related parties**
Risk - level
Familiar from the media or other sources due to criminal involvement
Familiar from the media or other sources due to criminal sentence
Familiar from the media or other sources due to criminal investigation
No risk based on knowledge of the customer etc.
**Related parties = board member, shareholder, CEO, (and
spouse/child/partner/sibling/parent of such parties), parent company/subsidiary.
Risk based on transaction type Risk - level
Sale – ordinary sales assignment
Partial settlement (multiple payments, e.g. project)
Settlement assignment
Transfer of contract rights
No risk based on transaction type
Risk based on aspects of the transaction Risk - level
Money transferred to/from an account in a Norwegian bank
Money transferred to/from a foreign bank where the payer has a natural connection to the bank’s home country
Money transferred to/from a foreign bank where the payer has no natural connection to the country
Buyer finances the purchase entirely/partly out of own funds which do not conform to his finances.
Buyer states intention to make a cash deposit
Vendor financing
Purchase/sale using an ‘in blanco’ deed of conveyance
Settlement in a medium other than money
Short interval between purchase and onward sale
Customer not lawfully entitled to transfer title
Settlement to be made to a party other than the customer
Down payment paid by a party other than the buyer
12
Debt finance from an untraditional source
Settlement effected in unnecessarily many transactions
Seller accepts a loss
‘31.12 transfers’ – (the buyer pays before year-end and takeover is not immediately after year-end)
Unusual use of client account (early payment)
Transaction between a company and related parties***
Refurbished object with short period from purchase to onward sale
Changes made to the settlement agreement during the transfer process
Property bought unseen
Settlement will not be via the estate agent
No risk based on aspects of the transaction
The employee has, based on discretionary criteria, the opportunity to identify a customer for
enhanced due diligence upon customer establishment, or subsequently as part of ongoing
monitoring.
6. Risk-mitigating measures
The company has initiated a number of risk-mitigating measures to remedy the risk of money
laundering and terrorist financing. A continuous effort is being made to quality assure these
measures. This chapter presents a summary of those of greatest importance.
It is assumed that the risks attending the business that are singled out in point 5 are
satisfactorily handled through the measures described in the following, and that the business
complies with the requirements set by the AML legislation.
It is also assumed that the business will make a good showing in any inspection by
Finanstilsynet; see point 1.3.
6.1 Preventive measures
In line with the Anti-Money Laundering Act, the business has designated an AML officer.
The controller at the Specialist Department has been given for the implementation of internal
controls including reporting to the AML officer every third month.
The case officer in charge of quality in the respective departments has been given operative
responsibility for supervision and guidance in the first line of defence.
Employees receive basic training and guidance by a number of means, including through
courses for new staff, as well as through dedicated AML programmes
In 2015 and 2016 the following courses were completed by the employees:
- “Suspicious transactions”, completed by all employees - “Customer due diligence”, completed by all employees - “Customer due diligence”, a special course for the Commercial Broking Department
13
- “Customer due diligence”, a special course for the Settlement Department and Central Back Office case officers
In addition, the following documents have been developed, and reviewed by the estate agent
in charge at the respective departments.
- “Customer due diligence” - “Suspicious transactions”
In addition, ‘advice and tips’ are posted as a news item on the company’s intranet, Innsikt
(Insight).
This risk assessment, and “Overarching guidelines – measures to combat money laundering
and terrorist financing, adopted by the board of directors on 16.11.16” will be published on
the intranet.
Further, the business’s procedures and checklists incorporate control points designed to
ensure effective compliance with the established procedures for risk-based customer due
diligence. The case officer and settlement officer will halt and/or return a case to the
preceding stage if documentation of duly completed risk-based customer due diligence does
not rest on the case. Risk-based customer due diligence (risk classification of the assignment)
is performed on a continuous basis, and an additional explicit requirement is that this is
documented at minimum at two stages: (1) upon entering into the assignment agreement, (2)
once the contract meeting has been held.
All settlements for existing new-builds are handled by the Central Settlement Department; see
point 5.1.5 above.
Settlements for the Commercial Broking Department are carried out by the department’s case
officer in charge of quality. The case officer sits close to the department (at the same desk),
which is a clear advantage with regard to compliance, ongoing updates and controls.
The new build department has its own quality officer in the department, and is responsible for
all customer establishment and case handling on the new build-front, entailing a clear
advantage with regard to compliance, ongoing monitoring and controls.
6.2 Measures in connection with customer establishment
Identity check (proof of identity, certificate of registration, electronic identification (BankID) from another bank)
Check of ultimate beneficial owners
Standardised customer establishment processes – all customer relationships are established by a case officer
Under the terms of the assignment agreement, in order for an assignment to go ahead, it must be possible for satisfactory customer due diligence to be carried out
Assignments are not initiated unless confirmed ID, possibly a completed form identifying beneficial owners and a certificate of registration have been obtained. A
completed “Risk classification form” must also have been obtained.
Completion of a PEP self-declaration form, where relevant.*
14
*Screening the customer list against the Dow Jones PEP list and the UN terrorist list is
currently not a priority task. In view of the fact that the risk associated with PEPs (the parent
company SMN has thus far registered one PEP in its customer register), the company
considers – after weighing up the risks involved – that until such time as a new core system is
in place it is justifiable to omit screening the customer list against the registers mentioned.
Finanstilsynet has moreover announced that no requirement to carry out screening against the
above lists will be imposed.
6.3 Ongoing customer due diligence measures
A copy of confirmed ID, possibly a check on beneficial owners for the buyer must be obtained at the contract meeting at the latest.
The buyer, and seller, must be made aware via the prospectus that in order for the transaction to go ahead it must be possible to conduct satisfactory customer due
diligence in accordance with the Anti-Money Laundering Act.
The buyer must state on the requisite form how the money is to be transferred and the name of the account holder
The risk classification form must be completed after contract signing and before the property transfer is dispatched for settlement.
The Settlement Department shall check that identity documents and the risk classification form accompany the case upon dispatch for settlement. Settlement will
be halted in the unlikely event that these documents are not in place.
The Settlement Department conducts a check on who is actually paying the purchase price and who is to receive the payment, and under the procedures set is particularly
alert to transfers to/from other countries.
6.4 Enhanced customer due diligence
A manual risk assessment of customers is conducted upon customer establishment.
In the event of the money laundering indicator recording a hit in the “enhanced due diligence”
group, the agent together with department’s case officer in charge of quality decide whether
the customer should be monitored using additionally enhanced controls. The assessment is to
be documented in the Risk Classification Form. If the conclusion is that the case should be
monitored by means of enhanced due diligence measures, this is marked in the case
processing system in parallel with an alert to the AML officer who decides which suitable
enhanced due diligence measures are to be initiated.
For customers who are identified for enhanced customer due diligence, specific checks must
be carried out. This is done when the customer is so identified, and is in addition to ongoing
monitoring and checks. Specific procedures have been developed showing which due
diligence measures are to be carried out and documented.
Separate due diligence measures are defined for PEPs in keeping with the Anti-Money
Laundering Act. The Act requires the following measures to be introduced with respect to
customers who are PEPs:
1. Take suitable steps to establish the origin of the customer’s wealth and the capital included in the customer relationship or transaction. In the first instance this entails
asking the customer. If the customer’s explanation appears trustworthy, this may
15
suffice. Alternatively the company must investigate further by requiring
documentation confirming the customer’s information, for example wage slips,
documentation of inheritance, settlement for sale of a house, income tax return etc.
(Practically any form of assets, including cash (in excess of NOK 3,000), and income
(including lottery winnings in excess of a certain sum) are subject to tax assessment
and should therefore appear in the customer’s income tax return.)
2. Ensure that the decision maker (by decision maker is meant the employee who decides whether a customer relationship should be entered into with the person concerned)
obtains his or her superior’s approval before the customer relationship is established.
This entails reviewing the assessment and documentation in connection with the
customer due diligence process together with a superior, and the latter must approve
the customer establishment.
3. Conduct enhanced monitoring of the customer relationship. This entails conducting more thorough and more frequent checks of the customer relationship than in the case
of ordinary monitoring.
6.5 Follow-up and monitoring
In order to ensure that the business’s procedures and policies are complied with as intended,
first- and second-line controls have been introduced as described in “Overarching guidelines –
measures to combat money laundering and terrorist financing, adopted by the board of
directors on 16.11.16”.
The controller at the Quality Department conducts periodical checks on a random basis
related to customer establishment, enhanced customer due diligence etc, and the results of the
review are reported quarterly to the AML officer who thereafter reports to the board of
directors and management team.
7. Ethics and responses
The company has provided training, information, procedures and provisions designed to
ensure that all employees maintain an active and alert mindset with regard to combating
money laundering and other forms of economic and financial crime.
As regards ethics and responses, reference is made primarily to the parent company’s ethical
guidelines and uniform system of sanctions along with society’s laws, rules and provisions
that apply to the area concerned. Any violation by employees of guidelines, rules and law
provisions covered in this risk analysis (wilfully or through negligence) could have
consequences for their employment relationship, and may render them liable to criminal
prosecution.
8. Audit
This risk assessment shall be audited at least once per year, or more frequently if called for
(for example by changes in products or services). The AML officer is responsible for
coordinating the audit of the business lines.