Author

Aidan Clifford is advisory services manager, ACCA Ireland

AML

Current trends in money laundering and the development of a ‘red flags’ training guide for practices were among the subjects discussed at the most recent meeting of the Joint Practices Group, which was hosted by ACCA. The group is an information sharing forum between the Garda’s National Economic Crime Bureau, its Financial Intelligence Unit and the profession, which seeks to strengthen anti-money laundering (AML) procedures in accounting practices.

The meeting was told that 27,000 suspicious transaction reports (STRs) were made in Ireland between January and September 2021, a 25% increase on the same period in 2020. The rise is attributed to a number of financial services firms relocating to Ireland from the UK following Brexit, an increase in Covid-related fraud, and a rise in fraud generally.

Currently, 354 accounting firms are registered on GoAML, the online STR portal, which is 182 more than last year. Although practices do not have to register with GoAML until they have an STR to make, registration is an indication that a firm stands ready to make a report. While accounting practices generally make very few STRs, 22 have been filed in 2021 to date. The meeting noted that STRs from accountants tend to be of high intelligence value, as professional accountants are well placed and trained to identify red flags.

Although invoice-redirect fraud was highlighted as particularly prevalent, there are indications that many businesses are not reporting instances, possibly because they assume the Garda will be unable to retrieve the funds. This, however, is by no means the case.

Because the stolen funds often sit in a money mule’s account for a period of time, a window of opportunity exists for retrieval. Millions of euro stolen through invoice redirect is intercepted every year and returned to its owners. Even where funds are not intercepted, knowledge of the offence allows the Garda to build a profile of the criminals involved, which can help thwart future fraud attempts. It is an offence under section 19 of the Criminal Justice Act 2011 for any person not to report such a crime.

Reporting any suspicion of money laundering or terrorist financing is one of six reporting obligations imposed on accountants. Many situations can give rise to multiple reporting obligations for a single offence, often to the same state agency.

Where a report is made under section 19 of the 2011 act or section 59 of the Criminal Justice (Theft and Fraud Offences) Act, 2001, that fact should be included in a GoAML report. Any report made to GoAML should be more than just a bald ‘suspicion of money laundering’ statement, and include at least the broad summary details of what specific crime it is that the accountant suspects may have occurred.

ACCA is an AML supervisor for 800 ACCA audit and non-audit accounting practices in Ireland, and has made AML resources available for members subject to supervision.

Solvency II

The European Commission has presented two proposals for directives designed to consolidate the Solvency II prudential rules that govern the insurance and reinsurance sector. The proposals not only aim to make the sector more resilient in the face of crises such as the Covid-19 pandemic and to protect policyholders better, they are also expected to stimulate long-term investment in the industry. Click here for more.

UK audit referrals

A number of UK audit firms no longer hold Irish audit status and are looking to assist their clients in engaging an Irish statutory auditor to audit Irish subsidiaries of UK groups. In many cases the UK firms wish to keep an involvement in these audits by acting as ‘subcontractors’ to the Irish audit firm.

Irish auditors taking on such appointments will need to plan and control such assignments carefully. The following is the absolute minimum required where the UK firm is supplying substantially all of the audit staff and the Irish auditor is acting only as audit engagement partner:

  • The resignation and appointment of a new auditor must be carried out formally and correctly.
  • The engagement letter must come from the Irish auditor, not the UK firm.
  • The incoming auditor will need to review the prior-year audit files and become familiar with the client and the audit.
  • The incoming auditor will need to lead the planning meeting with the UK audit management and staff and the client.
  • The new auditor will meet the client and those charged with governance in the subsidiary – a virtual meeting is fine (the planning meeting).
  • The new auditor will approve and sign off the audit plan prepared by the UK audit staff following the audit planning meeting.
  • The UK staff can do the audit fieldwork, in accordance with the plan.
  • The Irish auditor will need to keep in contact with the audit as it progresses and plan a halfway-point meeting to check on what is and is not going to plan, and amend the plan as necessary.
  • The UK firm will write a completion memo summarising the main issues arising.
  • The Irish auditor will review the working papers and sign off on the key or important working papers.
  • The Irish auditor will sign off the completion section of the file.
  • The Irish audit firm should consider doing the statutory financial statements disclosures – this will be easier than allowing the UK firm to do it.
  • The Irish auditor will meet the client for the closing meeting – virtual meetings are fine.
  • The Irish auditor will sign the audit report in the Irish audit firm’s name.

Referral audits such as these are likely to be selected for monitoring, so it is worth considering a hot or cold external review of audit quality.

Finally, the Irish auditor will need to take possession of the audit file (or an electronic copy). It will not be necessary to travel to the UK, as many firms have e-audit files and most audit reviews are done electronically. However, if the audit file is paper-based, you may need to travel to physically inspect it or get it scanned or couriered.

Operational resilience

One of the key tasks for the Central Bank is to ensure the operational resilience of entities under its supervision. This is defined as: ‘The ability of a firm, and the financial services sector as a whole, to identify and prepare for, respond and adapt to, recover and learn from an operational disruption.’

In consultation paper 140, Cross Industry Guidance on Operational Resilience, the Central Bank has set out proposals for improving operational resilience in the sector, and expects to issue guidance shortly. The principles and recommendations will be applicable to businesses in any sector.

Advertisement