The case concerned four breaches of the Anti-Money Laundering and Countering of Financing of Terrorism Act (Act) by CLSA Premium New Zealand Limited (CLSA). CLSA and the Financial Market Authority (FMA) agreed that CLSA’s conduct was in breach of the Act. The Court was tasked with determining the quantum of the penalty, concluding that a penalty of $770,000 was appropriate to reflect the gravity of the offending.
This case is the second decision in the past month concerning breaches of the Act. Similar to the previous decision, which we discussed here, these decisions provide further guidance for reporting entities and lawyers alike, illustrating the significant consequences that may flow from non-compliance.
CLSA is a licensed derivatives issuer and offers an online retail trading platform for derivatives. It is a reporting entity under the Act, and is therefore subject to the Act’s requirements and obligations. CLSA admitted that between April 2015 and November 2018 (the relevant period), it failed to comply with the Act in four respects (the civil liability acts):
- failure to conduct standard customer due diligence (CDD);
- failure to terminate existing business relationships when CDD could not be completed;
- failure to report suspicious transactions/activity; and
- failure to keep records.
For the relevant period, CLSA had between 21,000 to 37,000 customers, and undertook between 63,000 and 83,000 transactions annually, with a gross value of between $228 million and $652 million. Over this relevant period, the civil liability acts related to transactions worth approximately $49.5 million undertaken by 10 of its customers.
While CLSA admitted the breaches, CLSA sought a penalty of $420,000 while the FMA sought a penalty of $1.2 million.
Failures to conduct CDD
CLSA admitted to failing to conduct standard CDD for one customer and failing to undertake enhanced CDD in relation to 12 transactions undertaken by 10 customers. The total value of the 12 transactions was $49.5 million which represented a small proportion of CLSA’s total operations. The Court acknowledged the scale of the breaches must be a relevant factor in assessing the gravity of offending, and CLSA’s scale in comparison to other decisions, was significantly less. For example:
- In Ping An, there was a failure to perform CDD in 1,569 out of 1,588 transactions worth $105.4m, and a failure to undertake enhanced CDD in 519 transactions.
- In Department of Internal Affairs v Qian Duoduo Ltd, there was failure to carry out enhanced CDD in relation to 796 transactions worth $120.7m.
- In Department of Internal Affairs v Jin Yuan Finance Ltd, the failures related to 55,097 transactions worth $278.5m.
- In Department of Internal Affairs v OTT Trading Group Ltd, one of the reporting entities never undertook enhanced CDD despite $196m worth of transactions occurring during the relevant period.
The Court also considered the wider circumstances of the breaches. In CLSA’s favour, it had a risk assessment and anti-money laundering and countering the financing of terrorism (AML/CFT) compliance programme and AML/CFT polices in place. In addition, CLSA hired dedicated compliance officers and introduced a Risk, Audit and Compliance Committee (RACC) to oversee CLSA’s compliance and internal control functions.
However, CLSA had received a formal warning from the FMA in 2014. The RACC’s effectiveness was diminished as the executive directors, who (except one) were not part of the RACC, involved themselves in matters of compliance. Two compliance managers over the relevant periods resigned due to disagreements with the directors of CLSA. This included one compliance employee who was asked to resign by a director, as he was told that CLSA required someone “bendier” as their head of compliance. Lastly, there was correspondence with a customer that indicated CLSA was willing to accept unsatisfactory information, including objectively suspicious information, to retain a customer.
Altogether, the Court determined CLSA’s failure to conduct CDD was not inadvertent, not from a misunderstanding of its obligations under the Act, nor from erroneous advice. Rather, there was a “clear inference that CDD requirements were subordinated to continue KVB’s [CLSA] relationship with high worth customers.” Therefore, despite the scale, it was serious offending and Edwards J elected that a $400,000 penalty was appropriate.
Failure to terminate existing business relationships
CLSA admitted that on multiple occasions it failed to terminate business relationships with clients when it was unable to conduct CDD. On at least two occasions, two substantial transactions took place where the relationship should have been terminated six months prior.
CLSA pleaded that, for this civil liability act, the ‘one penalty rule’ should apply on the basis that the conduct for failing to terminate existing business relationships is the same conduct underpinning the failure to conduct CDD. This argument was put forward and applied in Jinu Yuan.
Edwards J acknowledged that while the obligations under the Act are clearly linked, the conduct underpinning each statutory obligation is different. Edwards J came to this conclusion, as each obligation is found in separate statutory provisions, breaches of the obligations constitute different civil liability acts with separate statutory penalties and there are different levels of culpability. However, Edwards J held that “the decision to apply the one penalty only rule, and the extent of the conflation of penalties, will necessarily be a fact-specific exercise.”
While there was substantial overlap with CLSA’s failure to undertake CDD, a separate penalty of $50,000 was justified.
Failure to report suspicious transactions/activity
CLSA admitted that it failed to report suspicious activities/transactions within the prescribed statutory timeframes on nine different occasions. CLSA did not forward a suspicious activity report at all for six of the occasions, and the remaining three occasions were filed late – 13, 114 and 175 days respectively. The Court noted that failing to file a report at all or filing a report 100 or more days late, was a serious breach of the Act. The seriousness was further aggravated, as one of the executive directors attempted to prevent a suspicious activity report being filed at all for a high worth customer. The Court concluded a penalty of $200,000 was appropriate.
Failure to keep records
Under the Act, reporting entities are required to maintain AML/CFT records in such a way that enables them to be viewed immediately on request or within a reasonable time of the request. This obligation relates to transaction records, reports of suspicious activities and identity and verification records.
In May 2018, the FMA sent notice to CLSA requiring it to produce certain records and documents. CLSA was only able to provide some of the requested documents. It was agreed that this was attributable to the third-party service provider that CLSA used to maintain its records that refused CLSA access. The Court acknowledged that the third-party service provider’s actions were a mitigating factor; nonetheless, CLSA must be responsible for its own state of affairs as “[r]eporting entities must ensure that arrangements with third parties allow them to meet their obligations under the Act.” The Court elected a penalty of $350,000.
Admission and Cooperation
It was agreed that CLSA cooperated and engaged constructively with the FMA to resolve the allegations. CLSA had admitted liability, agreed to the statement of facts, and made subsequent improvements in their compliance. In assessing what was an appropriate discount, Edwards J followed the approach taken by Mallon J, in Reserve Bank of New Zealand v TSB Bank Limited, that there is no limit at 25% for early admission and cooperation. The Court assessed the level of cooperation compared to other decisions and concluded that a 23% discount was appropriate.
Karen Chang, the head of enforcement at the FMA, best summarised the implications of the decision: “it sends a strong message that there are serious consequences for firms that choose to prioritise profit over requirements under the [AML/CFT] regime”. This decision, along with the other recent High Court decisions, demonstrates that the consequences of the Act are severe, and that enforcement is being taken. It is essential that reporting entities have systems in place to ensure compliance with the Act and where issues of non-compliance arise, it is best to act swiftly to remedy any potential breaches.
Disclaimer: The information contained in this article is current at the date of publishing and is of a general nature. It should be used as a guide only and not as a substitute for obtaining legal advice. Specific legal advice should be sought where required.