The Guernsey Financial Services Commission ("GFSC") has updated its Handbook on Countering Financial Crime and Terrorist Financing (the "Handbook") to cover virtual asset service providers ("VASPs") and other licensees regulated under the new Lending, Credit and Finance (Bailiwick of Guernsey) Law, 2022 (the "LCFL").
The update also adds the requirement to establish an independent audit compliance function, and includes provisions for the transparency and beneficial ownership of legal arrangements, such as trusts and limited partnerships with no legal personality, in each case to reflect changes to the Criminal Justice (Proceeds of Crime) (Bailiwick of Guernsey) Law, 1999, as amended ("POCL") that apply from 8 July 2023.
The updates to the Handbook apply from 10 July.
Independent compliance audit
The updates to the Handbook include a new requirement for specified businesses to establish an independent audit function to evaluate the adequacy and effectiveness of its AML/CFT policies, procedures and controls and their compliance with POCL and the Handbook.
An employee can perform the independent audit function, but that employee must be independent from the employees who either design, maintain or apply the AML/CFT policies, procedures and controls. Therefore, the Money Laundering Compliance Office (“MLCO”) cannot carry out the independent compliance audit function, but the Money Laundering Reporting Officer could, provided they are not also the MLCO and did not design or do not maintain the policies, procedures and controls.
An external service provider can perform the independent audit function, provided that they are conversant with Guernsey’s AML/CFT framework to examine and evaluate AML/CFT policies, procedures and controls.
Updates for VASPs and other LCFL licensees
The LCFL came into full force on 1 July 2023 and from that date affected businesses - including virtual asset service providers (“VASPs”), credit providers, payment services providers and payment platforms – have to be licensed.
The changes to the Handbook update various AML/CFT requirements to cover licensees under the LCFL, for example a bank opening a client money account for a LCFL licensee can, subject to certain conditions, treat that licensee as its customer and not carry out customer due diligence on the relevant underlying clients.
The GFSC have published a new chapter in the Handbook providing guidance on the new rules relating to the transfer of virtual assets by VASPs and the information requirements relating to such transfers. These requirements include:
- information that must be held by the "originating" VASP and "beneficiary" VASP;
- information that must be provided to the GFSC or other relevant authorities on request;
- information that must be verified by any "intermediary" VASP;
- requirements for batch transfers;
- requirements for intermediary VASPs and beneficiary VASPs to have risk-based policies for determining when to reject, suspend or otherwise refuse to execute virtual asset transfers because of information deficiencies, and taking appropriate follow-up action; and
- requirements for a disclosure to the GFSC by intermediary VASPs and beneficiary VASPs for repeated failures by an originating VASP, beneficiary VASP or intermediary VASP to comply with the POCL requirements as to the obtaining, holding, verification, retention, provision and use of information in respect of virtual asset transfers.
Updates for transparency and beneficial ownership of legal arrangements
The changes to the Handbook include provisions providing further details and guidance on the new POCL obligations relating to trustees and certain partners in general partnerships and limited partnerships with no legal personality. These new provisions do not apply to limited partners in limited partnerships.
The new obligations require certain trustees and partners to:
- keep up to date information on the identity of settlors, co-trustees, protectors, beneficiaries and any other controllers or partners;
- hold basic information on regulated agents of, and service providers to, the trust or partnership as the case may be, including investment advisory or management services, managerial services, accountancy services, tax advisory services, legal services, trust services, partnership services or corporate services This information must be kept accurate, up to date and updated on a timely basis;
- keep records for at least 5 years; and
- disclose their status as a trustee or partner when transacting with a financial services business or other business subject to AML/CFT standards.
The changes signify Guernsey's ongoing commitment to meeting international standards in relation to AML/CFT and sanctions. The requirements that a VASP holds and submits certain information on the originator and beneficiary of a virtual asset transfer are designed to be similar to existing requirements for wire transfers.
The new rules on VASPs take into account the proposed information disclosure requirements being considered in the UK and EU.