CySec imposes administrative fine of €18.000
The Cyprus Securities and Exchange Commission informs the investors that decided to impose the administrative fine of €18.000 in total against Cyprus Investment firm “Regency Asset Management (Cyprus) Ltd” for breaching the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007, as in force (“the Law”) and the Directive DI144 – 2007-08 of 2012 of the Cyprus Securities and Exchange Commission for the Prevention of Money Laundering and Terrorist Financing (“the Directive”), after CySec’s probe into the firm’s offices in April 2013.
More precisely, the following administrative fines were imposed:
1. The amount of € 13.000 for violating section 58 (a) of the Law, since the systems and ways of application of customer due diligence and identification procedures have not been adequate or appropriate, according with the following articles of the Law:
61:”Ways of application of customer due diligence and identification procedures”,
63:”Simplified customer due diligence and identification procedures”,
64:”Enhanced due diligence measures” and
65:”Transactions on behalf of another person” of the Act
and sections of the Directive:
7:”Customers’ acceptance policy”,
9:”Compliance officer’s duties”,
12:”Application of measures and procedures on a risk based approach”,
14:”Design and implementation of measures and procedures to manage and mitigate the risks”,
18:”Obligation for customer identification and due diligence procedures”,
21:”Construction of an economic profile”,
22:”Specific customer identification issues”,
24:”Enhanced customer identification and due diligence procedures”,
26:”Ongoing monitoring of accounts and transactions”
33:”Certification and language of documents”
as well as Parts IV (Application of Appropriate Measures and Procedures on a risk based Approach) and V (Customer Identification and due Diligence procedures).
2. The amount of € 2.000 for breaching paragraph 25 (4) [“Reliance on third parties for customer identification and due diligence”] in relation of additional procedures / measures the Financial Organisation must apply before accepting the customer identification data verified by third person as defined on paragraph 25(4).
3. The amount of € 1.000 for breaching paragraph 9 (1) [“Compliance officer’s duties”], subparagraphs (d), (i) and (ia) of the Directive, since the compliance officer of the Company: (i) did not monitor and asses the correct and effective implementation of the risk management and procedure Manual and more precisely the policy for the acceptance of clients. (ii) did not ensure the preparation and maintenance of the list of customers categorized following a risk based approach and did not ensure to update those lists. (iii) did not implement appropriate measures for detecting, recording and evaluating all risks arising from the Company’s existing customers.
4. The amount of € 2.000 for breaching paragraph 5 (d) of the Directive since the Company’s Board of Directors did not assure that appropriate, effective and sufficient systems and controls were introduced for achieving the above mentioned requirement and compliance.
Finally, CySec, before taking its decision, has taken into account that the company has already made and intends to make further corrective measures to comply with the provisions of the Law and had not committed a similar offense in the past.
Source: CySec
