Lucy Frew
Partner
Cayman Islands
May 26, 2020
Key Takeaways:
Private funds and hedge funds are already required to comply with the AML/CFT/PF/Sanctions regime. Private funds and limited investor hedge funds are now required to provide details of their compliance arrangements to the regulator, CIMA, as part of registration. This will bring them into line with larger hedge funds.
Private funds and hedge funds have a range of good options for how best to comply with the Cayman Islands AML/CFT/PF/Sanctions regime, with those most frequently used summarised below. This is an ideal opportunity for all funds to check whether their arrangements meet mandatory requirements and suit their preferred approach.
A fund has certain initial and ongoing investor-related obligations ("Investor Procedures") and must also implement certain internal controls ("Internal Controls"), which include designating suitable individuals to be MLRO, Deputy MLRO and AMLCO of the fund. Please click on the headings below for further details.
The obligations apply to the investment fund itself – not its overseas manager or advisor (which has no Cayman AML/CFT/PF/Sanctions obligations unless agreed contractually with the fund). The fund’s “operator” is responsible for ensuring the fund complies with AML/CFT/PF/Sanctions. The “operator” means the fund’s board of directors, general partner or trustee, depending on the fund’s legal form. AML/CFT/PF/Sanctions compliance is typically a fund expense.
As funds have no staff, in practice they invariably rely on, or delegate to, other entities to perform their AML/CFT/PF/Sanctions functions on their behalf. Typical arrangements are as follows and may include allocating performance of Investor Procedures and Internal Controls between two providers.
While funds are subject to an internal audit requirement as part of the Internal Controls, this does not necessitate engaging a third party auditor. All the fund’s Internal Control procedures including audit, reporting and compliance oversight can be performed by the fund’s Internal Controls provider.
The AML Regulations require a fund to conduct Investor Procedures which are, in summary, as follows.
a. Investor due diligence and risk rating – investors must be risk rated and there must be verification of the identity of investors and any beneficial owners (based on a 10% threshold) and persons acting on investors' behalf (such as authorised signatories). This means obtaining prescribed customer due diligence ("CDD") information, with documentary evidence being certified copies or legitimate electronic documents. Simplified due diligence ("SDD") can be applied to certain categories of lower risk investor or when relying on prescribed written assurances from certain third parties. Enhanced due diligence ("EDD") must be applied where higher risks are identified (for example, in the case of politically exposed persons).
b. Sanctions screening of investors – The Cayman Islands implements the international sanctions obligations of the UK which are extended to the Cayman Islands by Orders in Council. The majority of the sanctions in effect in the UK come from the UN Security Council and the European Union. OFAC is not directly applicable in the Cayman Islands and OFAC screening alone will not suffice.
c. Ongoing monitoring - ongoing monitoring of investors and transactions, including ensuring CDD remains relevant.
a. Suspicious activity reporting – the fund must implement procedures for the reporting of suspicious activity and potential sanctions breaches internally and externally, including the designation of two senior individuals as Money Laundering Reporting Officer ("MLRO") and Deputy MLRO. All reports of suspicious activity and potential sanctions breaches must be made to the Cayman Islands Financial Reporting Authority, even if a report is also made in another jurisdiction;
b. Compliance oversight – including the designation of a senior individual as anti-money laundering compliance officer ("AMLCO") (who may be the same individual as either the MLRO or the Deputy MLRO) to be responsible for ensuring that the measures required by the AML Regulations are complied with by the fund and who functions as the point of contact with competent authorities.
c. Record keeping – records relating to investor due diligence and transactions must be retained for at least five years following termination of the investor relationship. Various logs and registers must also be maintained.
d. Internal audit – The fund must have an independent internal audit function to test its AML/CFT/PF/Sanctions programme. This does not necessitate engaging a third party auditor. The term "audit" is used by CIMA in the sense of testing the efficacy and efficiency of the fund's AML/CFT systems, policies and procedures.
e. Training – while funds have no employees and are technically exempt from employee training requirements, CIMA requires the fund's operator, MLRO, Deputy MLRO and AMLCO and relevant staff involved in the business of the fund (in other words, at the providers of AML/CFT/PF/Sanctions functions to the fund) to receive training to ensure awareness of the Cayman Islands AML/CFT/PF/Sanctions regime, the fund's AML/CFT/PF/Sanctions programme and how to identify and treat suspicious activity.
There must be written policies and procedures covering the fund's various AML/CFT/PF/Sanctions obligations. However, in practice a fund will typically rely on the policies and procedures of its service provider(s). If that is its investment manager or advisor, it may prefer to have Cayman Islands policies and procedures for the fund which are separate from its own non-Cayman Islands version. A fund may choose to also maintain its own brief fund-level policies and procedures to cover its residual obligations.
The fund's AML/CFT/PF/Sanctions reliance or delegation arrangements must be subject to a written agreement containing certain prescribed terms. This does not need to be a standalone agreement – the necessary terms can be added to the administration agreement or investment management agreement or investment advisory agreement.
Any person who breaches the AML Regulations commits an offence and is liable on summary conviction to a fine of up to USD 600,000 or on indictable conviction to an unlimited fine and imprisonment for two years. Where an offence by an entity is committed with the consent or connivance of, or to be attributable to neglect on the part of, a director, member, partner, manager, secretary or other similar officer as applicable, that person as well as the entity are both liable.
In addition, CIMA now has power to impose administrative fines on licensed and regulated individuals and entities for non-compliance with the AML Regulations. These range from USD 6,000 fixed penalties for minor offences to USD 125,000 for individuals and USD 1.25 million for entities for very serious offences.
Walkers' specialist Regulatory & Risk Advisory group's extensive fund client base means it has an unparalleled overview of the market and regulatory expectations. We can advise on the options and provide support to help ensure that proposed arrangements are compliant. Walkers Professional Services can be relied to deal with a fund's Investor Procedures and/or Internal Controls. Please do not hesitate to contact your usual Walkers contact or a member of the Regulatory & Risk Advisory group in relation to this advisory.
Key Contacts
Partner
Cayman Islands
Senior Counsel
London