The Cyprus Securities and Exchange Commission (CySEC) has identified significant shortcomings in the anti-money laundering (AML) and counter-terrorist financing (CFT) reporting practices of regulated entities, including Cyprus Investment Firms (CIFs) and crypto service providers. These findings highlight the need for improvements in key areas such as inspection methods and the documentation of high-risk clients.
Key Areas for Improvement Among Cyprus Regulated Entities
In a circular, CySEC has outlined common deficiencies observed in the Compliance Officers' Annual Reports and Internal Audit Reports for 2022. These reports, submitted by various financial institutions under their supervision, including CIFs and Crypto Asset Service Providers (CASPs), revealed several areas requiring attention.
One of the primary concerns was the lack of detailed descriptions of the inspection methods used in the compliance reviews. CySEC emphasized that merely reporting the outcomes of inspections without detailing the methodologies employed is insufficient.
The regulator also criticized the reports for lacking specific information on identified deficiencies in AML measures. CySEC stressed that general overviews are inadequate and called for detailed accounts of weaknesses, their potential implications, and the proposed corrective actions, complete with implementation timelines.
Another issue highlighted was the insufficient data provided on high-risk customers. CySEC urged the inclusion of comparative data, including the number, origin, and type of high-risk clients, on a year-over-year basis.The circular also emphasized the importance of comprehensive documentation systems for ongoing account monitoring. Regulated entities were reminded to provide detailed plans for the next year's training programs for Compliance Officers and staff, along with clear information on the structure and responsibilities of the Compliance Officer's Department. Furthermore, entities like CIFs and CASPs were instructed to ensure that minutes from Board of Directors' meetings include timeframes for implementing corrective measures to address identified issues.
CySEC's Ongoing Battle for Compliance
These findings are part of CySEC's annual risk-based assessment, which aims to ensure financial institutions maintain robust defenses against money laundering and terrorist financing. Despite similar concerns being raised in previous assessments, the regulator's actions appear to have had limited impact so far.
CySEC has warned that recurring weaknesses will be subject to "rigorous compliance checks" and reminded entities of the potential administrative sanctions for non-compliance. This warning carries weight, as penalties have been imposed in the past. Significant fines have been issued for various regulatory breaches, including violations related to anti-money laundering (AML) measures. However, not all penalties have been tied to AML issues. For instance, a recent fine was imposed for offering excessively high financial leverage, which exceeded the limits set by European regulations. The entity involved has contested the regulator's decision and announced plans to challenge the fine.
Comentarios