Irish c-bank identifies weaknesses across registration applications by virtual asset firms
The Central Bank of Ireland has identified common weaknesses across a number of applications by virtual asset service providers (VASPs). This was made clear by Gerry Cross, Director of Financial Regulation.
Ireland transposed the fifth Anti-Money Laundering Directive (5AMLD) into Irish law by way of the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021 (“2021 Act”) and the provisions of the 2021 Act that relate to VASPs commenced on 23 April 2021. All VASPs established in Ireland are required to register with the Central Bank for anti-money laundering / countering of the financing of terrorism (AML/CFT) purposes only.
The Central Bank has proactively engaged with the sector to raise awareness in relation to the obligations on VASP entities.
Since the commencement of the legislation a significant number of firms have expressed an intention to seek a registration through the completion of a pre-registration form. To date 55% of the pre-registration submissions have been followed up with a complete applications.
The Central Bank has applied a significant level of resources to assessing these applications and as at the middle of May 2022, 80% of the complete applications have been assessed by the Central Bank and the applicant firms provided with the Central Bank’s observations on their applications and proposed AML/CFT frameworks.
With respect to the remaining 20% of applications they were either incomplete applications i.e. they did not contain the necessary information and/or documentation and consequently further information has been requested from the applicant, or the applications were only recently submitted and therefore they are currently in the course of assessment by the Central Bank.
Through the review of applications received to date, the Central Bank has identified common weaknesses across a number of applications.
- A number of firms had not assessed and documented the money laundering / terrorist financing risks as they pertain to the firm’s customers and business activities. Such a risk assessment is the foundation for an effective ML/TF control framework and its absence results in firms submitting inadequate ML/TF frameworks;
- Several firms submitted group policies/procedures that were not sufficiently tailored to Ireland’s legislative and regulatory requirements;
- The Central Bank received several registration applications where the firm failed to demonstrate how they screen for politically exposed persons (PEPs) for both new and existing customers.
In order for the authorisation/registration process to be smooth and timely, it is essential that applications do reflect all of the key information and understanding required for registration or authorisation to ensure the speediest process.