UT-2022-00097 - [2024] UKUT 00352 (TCC)

During the Relevant Period, the Applicant had written procedures for conducting customer due diligence (“CDD”). In particular, the Applicant’s Compliance Manual stated that these measures involved identifying the customer, verifying their identity, identifying the beneficial owner and their identity, and obtaining information on the purpose and intended nature of the business relationship. The Applicant’s Anti-Money Laundering Policy required the Applicant to obtain confirmation of checks undertaken on investors and an understanding of the source of funds where the client was an unregulated fund.

The onboarding process commenced for the Solo Clients on 29 January 2015. None of those clients had a prior relationship with the Applicant. Identical emails from each of the 166 Solo Clients were received which all read:

“Hi,

I would like to be on boarded for brokerage services I authorise Solo Capital Partners LLP to release any KYC you require.

Kind regards”

The Applicant did not question why 166 purportedly independent entities sent identical emails requesting to be clients.

Mr Lawrence led the Applicant’s onboarding process. He sought advice from the Applicant’s compliance consultants, CPA Audit. Mr Mansell drew our attention to a number of email exchanges between Mr Lawrence and CPA Audit which show that Mr Lawrence was concerned to ensure that the Solo Business was compliant and indicated that he would do what he was advised to achieve that result. Initially, CPA Audit advised that if the Applicant were trading for Solo’s underlying clients, it would need to on-board each of those clients, as elective or per se professional clients because the Applicant was not authorised to deal with retail clients. That meant that the Applicant would have to do at least the equivalent of Enhanced Due Diligence on those firms and their shareholders and directors in order to classify the clients correctly.

Later, Mr Lawrence became aware that other authorised firms that had established a relationship with the Applicant had provided Introduction Certificates which certified that they had carried out their own due diligence on the clients concerned. This was in the context of Regulation 17 of the Money Laundering Regulations 2007 (“MLRs”). This allows a firm to rely on another authorised firm’s due diligence measures, although as that regulation makes clear, the firm seeking to place reliance remains liable for any failure to apply the necessary measures.

Between 10 February and 25 March 2015 the Applicant received know your customer packs (“KYC Packs”) from Solo and accompanying Introduction Certificates. The Applicant reviewed the KYC Packs itself with limited guidance from CPA Audit. CPA Audit reviewed sample KYC packs for each type of client and advised that the files met the bare minimum Anti-Money Laundering requirements and allowed the Applicant to qualify those customers as professional clients as they were a business (or a pension fund) set up purely to make investments. CPA Audit went on to advise the Applicant to obtain some idea of why the clients were wanting to trade, noting that all or some of the clients appeared to be “shells” with no funds. CPA Audit remarked:

“This all seems a little disconcerting as you are being asked to trade significant volumes of shares with shells. Suspicious, but other firms are doing it…”

CPA Audit advised that an Introductory Certificate would be sufficient as Solo would have the responsibility for completing the necessary due diligence. CPA Audit did not advise that, despite this reliance, the Applicant would remain responsible for any failure to apply the required due diligence measures. CPA Audit did, however, point out that it was the Applicant’s responsibility to find out why the client was transacting the business. The Applicant says that CPA Audit became more comfortable with the Solo Clients’ business following a call with them, but there is no note or other contemporaneous record of this call and in an interview with the Authority, CPA Audit’s principal gave evidence to the effect that Mr Lawrence had simply made up his mind that the understanding he had was sufficient. We are therefore not satisfied that CPA Audit gave comfort to Mr Lawrence in the manner suggested.

The Applicant now accepts that it erred in reviewing the packs “in silos” and recognises that a proper review would have identified red flags. The Applicant did not meet any of the Solo Clients and it did not seek any information as to the source of their funds or the reasons that they were trading. Instead, it decided to rely upon CDD purportedly carried out by the Solo Group. Guidance from the Joint Money Laundering Steering Group (“the JMLSG Guidance”) makes it clear that whether a firm wishes to place reliance on a third party will be part of the firm’s risk-based assessment which may include consideration of matters such as the nature of the customer, the product/service and the sort of sums involved. The guidance makes it clear that the assessment as to whether or not a firm should accept confirmation from a third party that appropriate CDD measures have been carried out on the customer will be risk-based, and cannot be based simply on a single factor. The guidance also states that the firm relying on the confirmation of a third party needs to know among other things (i) the identity of the customer and beneficial owner whose identity is being verified, and (ii) the level of CDD that has been carried out.

There is no evidence that CPA Audit advised on the JMSLG Guidance or Regulation 17 of the MLRs on which the relevant passage is based and the Applicant did not carry out a risk-based assessment as to whether it was appropriate to rely upon the Solo Group’s purported CDD. The Applicant’s Compliance Manual and Anti-Money Laundering Policy did not address the circumstances in which the Applicant was able to rely on another firm’s CDD.

As a consequence of not conducting its own due diligence, the Applicant did not gain any understanding as to the Solo Clients’ source of funds and wealth, as prescribed by the Applicant’s own Anti-Money Laundering Policy and the JMLSG Guidance.

In his evidence, Mr Meadows accepted the Authority’s assessment that there was no separate risk assessment undertaken in relation to the Solo Business and that the Applicant’s policies and procedures were deficient in this respect. He did, though, explain that the Applicant sought to discharge its responsibilities by seeking advice through CPA Audit. As the Authority submitted and Mr Meadows accepted, the Applicant was not able effectively to monitor the Solo Clients’ transactions following the commencement of trading.

Regulation 14 (2) of the MLRs required firms to implement Enhanced Due Diligence measures (“EDD”) for any client that has not been physically present for identification purposes. Both the Compliance Manual and the Anti-Money Laundering Policy prescribed the implementation of EDD in the circumstances.

Mr Meadows accepted that the Applicant failed to carry out any EDD in respect of the Solo Clients before commencing trading with them, relying instead upon the Introduction Certificates provided by the Solo Group.

It was clear, however, that the Applicant did have some concerns about the Solo Trading which led it to engage a second external compliance consultant, Compliance Asset, to conduct EDD in respect of the Solo Clients. This, however, did not happen until on or about 31 March 2015, some 5 weeks after the Applicant had commenced trading with the Solo Clients. Compliance Asset reported the outcome of their file review of the Solo Client files to Mr Meadows on 2 June 2015. The report identified significant deficiencies in the information that the Applicant needed to comply with its due diligence requirements, but indicated that most of the issues identified were not time critical and could be retrospectively remediated. Compliance Asset did not advise Mr Meadows of any red flags that would have arisen from looking across the KYC packs that they reviewed. Compliance Asset did not advise the Applicant to cease trading pending its review.