Guidance for trust and company service providers
Updated 18 March 2021
Trust and company service providers (TCSPs) are at a high risk of being used for money laundering or terrorist financing. The creation and management of trusts and companies might be readily used to disguise the ownership and control of assets that can help criminals to hide the proceeds of crime.
The services TCSPs provide can be used to make transactions and ownership/control of property, more complicated and anonymous, which makes it harder to tell if funds have come from an illegitimate source.
If your firm provides any service as a TCSP, you are in scope of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended) ('the regulations') and must be in full compliance with them, including any requirements specific to TCSPs. Our guidance summarises some of your obligations.
Definition
A TCSP is defined in the regulations (R12(2)) as a firm or sole practitioner (which under the regulations includes an SRA regulated freelance solicitor) providing any of the following services:
- forming companies or other legal persons;
- acting, or arranging for another person to act:
- as a director or secretary of a company
- as a partner of a partnership
- in a similar capacity in relation to other legal persons
- providing a registered office, business address, correspondence or administrative address or other related services for a company, partnership or any other legal person or legal arrangement
- acting, or arranging for another person to act, as:
- a trustee of an express trust or similar legal arrangement
- a nominee shareholder for a person other than a company whose securities are listed on a regulated market
Please note that it does not matter how infrequently you might do TCSP work, or whether it might be provided as ancillary to some other legal service. Compliance with the regulations is still required in all cases.
Registration as a TCSP
The regulations require that before any firm or sole practitioner (which under the regulations includes an SRA-regulated freelance solicitor) can act as a TCSP, they must be included on HMRC’s register of TCSPs. You can do this easily, by telling us either via an FA10 (for firms applying for authorisation) or FA10b (for firms that are already authorised) that you are intending to undertake TCSP work. See guidance on this on our website. Freelancers can provide this information via the SRA-regulated freelance solicitor notification form.
No contact with HMRC is needed. We will apply the statutory fit and proper test (R58) (having regard to information we have access to about the background of the individuals in question) to you, your firm and any beneficial owners, managers or officers and make our recommendation to HMRC. HMRC will then make the decision whether to include you on the register of TCSPs.
You may not undertake TCSP work until the process is complete. Our decision letter might include notification of a waiting period that must be observed before you can legally undertake TCSP work. You must comply with this. HMRC is the final decision maker in any application to their TCSP register, and they may choose to refuse registration. We will notify you if this is the case and include information on any next steps or further options you might have.
You must already be eligible for authorisation by us (under our Authorisation of Firms Rules), or currently authorised by us or be an SRA-regulated freelance solicitor for us to be able to supervise you for TCSP work.
Higher risk aspects of TCSP work
TCSP work is high risk for money laundering and terrorist financing. The specific risk factors that relate to such work must be taken into account in producing your risk assessment and underlying policies, procedures and controls.
Source | Risk areas | Comment |
---|---|---|
2017 National Risk Assessment (NRA) | TCSP work provided 'in conjunction with other financial, legal or accountancy services.' |
Whereas forming a company may not in itself create serious risk in an AML context, providing this service in order to house funds from a property transaction might mean that the overall set of services present a risk that is greater than the sum of their parts. The NRA listed TCSP work among the 'services at highest risk of exploitation.' |
Non-compliance with the regulations |
Non-compliance as a TCSP is particularly problematic as the higher risks exposes the firm to an even greater risk of exploitation by criminals when they do not comply. |
|
A widespread underestimation of risks present in clients or matters, suggested by the low number of Suspicious Activity Reports (SARs) submitted to the National Crime Agency (NCA) as compared to some other sectors. |
Given the high-risk nature of TCSPs, one might have reasonably expected a higher number of SARs to be submitted by this group, all other things being equal. But the low numbers of SARs suggest firms might not have correctly identified high-risk clients or transactions, or had failed to form a suspicion of money laundering when to do so might have been reasonable. |
|
Observations as a supervisor |
TCSPs with international clients (particularly clients that are themselves corporate service providers) and providing virtual office services |
Money laundering often tries to move money across jurisdictions in order to frustrate local law enforcement and hide from the authorities. Risks are heightened where a TCSP is able to offer multiple addresses for virtual offices. |
Range of services offered, eg a firm that only helps set up trusts might present a lower risk than one that helps set up trusts and companies and offers services to manage these entities. |
This aligns with observations from the NRA. A firm offering multiple, in-scope services is more likely to be seen as a one-stop shop for laundering the proceeds of crime. |
|
Inherent Risks |
TCSPs might help a client to set up an entity in good faith, only for the client to then use it for money laundering or terrorist financing without the knowledge of the firm. |
The more limited ability to monitor ongoing risk makes it critical for a person providing TCSP services to carefully consider any possible future uses for any entity they help set up while they can still readily monitor how their services are used. If you form a company as a service, this means a business relationship has been formed (R4) and you will need to conduct ongoing monitoring. Effective ongoing monitoring is the only effective measure to ensure an entity you have created is not used for money laundering or terrorist financing. |
The involvement of non-natural persons (eg limited liability companies) in arrangements or transactions, might make them inherently more complex and more difficult to understand the identities of those benefitting from the transaction.
|
The ability to use such entities to promote anonymity is influenced by the oversight of the system for registering companies and trusts in that jurisdiction, adding a further area of risk to consider. |
Key Issue: not correctly identifying TCSP work
We are aware of instances where firms were engaged in TCSP work but had not correctly identified what they were doing as TCSP work. This is usually because the work is incorrectly seen as a piece of ancillary work on another related matter (in or out of scope of the regulations), rather than a distinct piece of TCSP work. Such work is always in scope and might bring other compliance requirements and most importantly the need to be supervised for AML before undertaking it.
Examples of this could include setting up or helping to manage:
- a special purpose or single use vehicle in order to facilitate a conveyancing transaction
- an entity to manage a shared freehold of a property
- a trust as a part of the management of a deceased person’s estate
It is important to note, that as with most other areas of the regulations, any work in scope is subject to the full requirements, no matter how limited the work may be. Just because a service may be provided alongside or ancillary to another main service does not mean it is not TCSP work in scope of the regulations.
Red Flags of potential money laundering
Many of the red flags present in TCSP work are common to other areas of activity, eg being involved in facilitating transactions and work which the firm does not understand, does not make sense, has no underlying commercial rationale or is unnecessarily complex.
Red flags that are more specific to TCSP work include where the client wants or appears to seek:
- to involve a pre-existing entity for a transaction, without adequate explanation. Such instances may reflect a desire to have a transaction chain appear to be going through more well-established and seemingly lower-risk entities than is the case as well as simply adding a further layer of complexity
- to involve entities in a jurisdiction that is known to have rules and requirements that might facilitate anonymity or opacity, eg no need to register the entity with a centralised oversight body or no need to update the information of the individuals associated with the entity
- to use entities that involve multiple countries that are unconnected with the client or the transaction with no legitimate reason
- to create or use an entity type that is noted to provide greater opacity or secrecy without a legitimate reason, eg Scottish Limited Partnerships
- to take any action which might disguise the actual controlling party of an entity, eg to use family relationships to add an apparent layer of separation between the actual controller of assets and either the trustee(s) or beneficiaries of a trust
- to use or in any way involve a structure that has bearer shares (ie shares whose legal owner is whoever 'bears' the documentation)
loans involving entities in the client’s control are frequently paid back before the set term of the loan agreement. This can suggest that the loan was not needed, and the transaction was a cover for transferring funds in order to complicate the ownership of the funds
Other links
Legal Sector Affinity Group – General AML guidance for the legal sector.