The term “Red Flag” originated during the days of gallant galleon combat where ships would signal their intent to engage each other in battle. Alas, those were simpler times. Criminals and scoundrels nowadays are unfortunately less forthright and you need to look for other signals that might be putting your business at risk.
As I pointed out in my other pieces, estate agency businesses are required by law to carry out sound anti-money laundering in their businesses. I spoke before about general issues with money laundering and senior manager responsibilities. Today I’m going to talk about a framework for thinking about what red flags to look for to evaluate your business risk.
Implementing a risk-based approach
HMRC mandates a risk-based approach. What does this mean? You need to think about what kind of risks that you might have and then put in place systems to catch related red flags when they pop up. Each business will have a slightly different risk profile based on location, typical clientele, nature of transactions, etc. If you’re a high street estate agency business in a smaller town, perhaps tax evasion or fraud is a higher risk than terrorist financing. If you are an estate agency with multiple clients in a number of countries, the items you should be analyzing may be quite different.
Gather your data
Once you have established what kind of business you are and recorded that process, you need to make sure that your systems intake the data that you need to assess each customer coming through the door. Things to gather include:
- Source of funds
- ID type and whether that ID is fraudulent
- Duration of previous residence
- Whether a face to face meeting took place
- Purchases through commercial entities that may hide beneficial owners
…and the list can literally go on for pages. But let’s not waste your browser space on that.
How to manage that data?
HMRC prescribes a regimen of making procedures easy for your staff to work with while remaining detailed enough to allow flexibility for multiple situations. You need to think about:
- How to apply risk management across a branch network
- How to manage and maintain records
- Is training in place?
In sum, if a random audit occurs, can you prove that all customers are properly risk assessed? Tools like MatrixVision‘s Compliance Management Portal help to bring your business into line with your processes day in and day out.