State of Financial Crime 2023 Report
A Money Laundering Reporting Officer (MLRO) is a person responsible for implementing and overseeing a company’s anti-money laundering (AML) compliance program.
The duties of the MLRO may involve serious legal consequences that result in civil and criminal action. Money Laundering Reporting Officers take on significant personal liability within their firm: if AML protections are found to have been insufficient, a firm’s MLRO may face significant fines and, in severe cases, a prison sentence.
The MLRO is an extremely important position within a business, so senior managers must understand and think carefully about the role.
What are the responsibilities of an MLRO?
In addition to ensuring their firm’s compliance with AML controls, MLROs have a duty to:
- Deal with any information, knowledge, or suspicion of money laundering – and properly disclose such matters to law enforcement
- Design relevant policies and procedures
- Keep records and file internal and external reports
- Ensure customer due diligence is performed
- Participate in the ongoing review of their firm’s internal policies, procedures, and professional relationships, to ensure that money laundering and other financial crimes are detected and reported in compliance with regional laws
- Provide training to colleagues within their firm
- Advise senior management about their firm’s risk of exposure to money laundering – and how to manage that risk
MLRO relationship with the C-Suite
Since financial regulations may extend criminal liability for AML offenses to corporate persons, it is important that MLROs have good access to the C-Suite. In practice, this means that MLROs must be able to effectively communicate important AML/CFT information to board members and understand when to escalate compliance incidents so that suspicious activity reports are filed with the appropriate authorities.
An MLRO’s relationship with the C-Suite may be complex. Firms should think carefully about how to embed an MLRO within their governance infrastructure, taking into account any relevant personal liabilities or obligations. Ultimately, an MLRO should be able to exert effective influence over an executive board and be able to instill a strong, company-wide compliance culture.
Money Laundering Reporting Officers and Regtech Advancement
Technological advances play an increasingly important role in financial regulatory compliance. With that in mind, MLROs must be able to identify any potential deficiencies in their AML/CFT compliance technology along with any emerging opportunities to strengthen their compliance response with new Regtech integrations. Accordingly, firms should ensure that their MLRO has a sufficient level of technological competence before their appointment, and understand how to manage Regtech deployments in a risk management context.
Who should be an MLRO?
Dedication, honesty, and integrity are fundamental traits for a Money Laundering Reporting Officer. Similarly, senior management employees must be committed to giving their MLRO ongoing professional support.
While there are no regulatory requirements for who should be appointed MLRO, certain prominent criteria should be considered when hiring for the role.
Money Laundering Reporting Officer Authority
An MLRO should hold a position of sufficient seniority within their firm – so that they can access the files and information they need to carry out their anti-money laundering duties. Their position should also allow them to design, implement, and enforce their firm’s AML compliance program and systems.
Given the legal implications of the role and the personal liability they assume, an MLRO should be at least a director-level employee with the knowledge and experience to be able to make decisions with confidence.
MLROs must be able to assess money laundering risk. This skill requires not only an understanding of criminal methodologies but an understanding of the behavior and business practices of customers and clients, who may themselves be exposed to risk.
The ability to conduct an effective risk assessment is so important for MLROs because they are responsible for calibrating their firm’s anti-money laundering systems to suit their compliance obligations. In practice, this means avoiding the dangerous legal liabilities of under-compliance, and the potentially costly burdens of over-compliance.
MLRO Legal Privilege
An MLRO should have a strong grasp of the concept of legal professional privilege since they might be required to disclose sensitive information to law enforcement – with legal implications for their firm and its employees. Knowing what information must be revealed, and when is, therefore, a central focus of the mandate. With this in mind, while an MLRO does not necessarily need to be legally trained, knowledge of the field is useful. Alternatively, a Money Laundering Reporting Officer might be given access to good legal advice about this aspect of their role.
MLROs in the UK
Under the UK’s Money Laundering Regulations 2007, all businesses within the regulated financial services sector are required to appoint an MLRO. The Financal Conduct Authority (FCA) handbook outlines the role of an MLRO in respect of these regulations, highlighting their reporting obligations to the National Crime Agency (NCA).
The FCA points out that an individual appointed as a Money Laundering Reporting Officer should have sufficient authority to carry out their duties effectively. In larger organizations, MLROs may have to delegate some of their responsibilities or appoint deputies to help manage their work.
MLROs in the EU
In response to emerging criminal threats and a changing financial landscape, the EU announced a review of its AML/CFT framework in July 2021. The review included a ‘package of legislative proposals, known as the AML/CFT regulation (AMLR).
The AMLR is intended to strengthen the EU’s AML/CFT rules and ensure the consistent application of AML/CFT rules across the bloc. The regulation emphasizes the need for firms’ senior management employees to take responsibility for their AML/CFT programs, including ensuring suitable board oversight and the appointment of a compliance officer – equivalent to the MLRO role. The legislation stipulates that the compliance officer should possess the following skills, traits, and qualities:
- Individual skills, knowledge, and expertise to carry out their functions effectively
- Good repute, honesty, and integrity
The regulations also require firms to put the following measures in place to facilitate the compliance officer’s AML/CFT function:
- Firms should assess their compliance officer to ensure they are capable of performing their duties. Assessment records should be retained.
- Compliance officer conflicts of interest should be disclosed.
- Firms should have a nominated officer for reporting to the relevant financial intelligence unit (FIU).
- Internal AML/CFT policies, controls, and procedures should be recorded in writing.
- Firms should implement a whistleblowing service to protect employees and senior management employees that report regulatory breaches.
- Firms should perform ongoing monitoring of their AML/CFT programs to ensure they remain effective in a changing financial landscape.
- A firm’s AML/CFT program should have an independent audit function.
You can find out more about the EU’s new planned AML framework in our guide.
Originally published 15 May 2018, updated 27 February 2023
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).