Sanctions, KYC & AML and Corporate Policies
Today’s environment puts an emphasis on compliance. We ensure that you safely navigate the diverse patchwork of international regulations and will help you to implement best international practices
Corporate policies have become prominent tools in risk management over the last decade or so.
The adoption of corporate policies may be driven by legislation, by market expectation, or just by objective commercial necessity.
Today’s corporate policies may include:
- know your customer (KyC) / anti-money laundering policies
- environmental and social governance (ESG) policies
- various corporate governance policies
- conflict minerals policies
- conflict of interest / trading on own account policies
- gift and hospitality policies
- sanctions policies
It is easy to see how these policies aim to implement certain soft or hard legal requirements arising from the US Foreign Corrupt Practices Act of 1977, the UK Bribery Act 2010, the EU Anti-Money Laundering Directives, the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, G20/OECD Principles of Corporate Governance and many others.
In practice each of those policies will tax personnels’ time and corporate resources. And over-burdening rules are not likely to be implemented in practice. For that reason, the use of “ideal” templates rarely meets the objectives and so a hefty KYC policy appropriate for a bank will not quite suit a trading house or a start-up. However, even the basic policies cannot be so loose so as to fail to meet the objectives.
Prior to 2022, the prominent position among corporate policies probably belonged to KyC policies. Depending on the nature of the business, these could stretch to 200+ pages. As usual the corporate had to make choice on a number of matters when creating a KyC policy, including on the form of evidence required on the depth of diligence as to beneficial ownership for corporate, on renewal/updates.
From 2022, the focus strongly shifted to sanctions policies.
We often hear that the sanctions regime today is in the state of constant flux – but that should not detract from the value of a sanctions policy because a policy is meant to primarily set out the principles of sanctions’ compliance and implement the mechanisms to ensure such compliance.
When drafting a sanctions’ policy, corporate will have to make certain choices depending on the risk profile, for example: whether the group’s operations have sufficient nexus with the US (which since 2017 clarifications may mean simply the use of US dollar), whether voluntary compliance with EU, Swiss or UK sanctions is required, whether Russia as whole should be deemed a sanctioned territory and many others.
It is often assumed that the EU, Swiss and UK sanctions are equivalent, but in fact this is not quite the case. As a rule, the UK Regulations are clearer, and, in some cases, have a narrower scope of application than the EU sanctions. The Swiss sanctions, whilst very closely following the EU Regulations’ texts, at times still have a narrower scope of application, too.
It is also interesting that with reference to the EU Sanctions, as can be seen from the various iterations of the Commissions Frequently Asked Questions, the scope of sanctions activities appears to be evolving with time and that the political will behind the text of the Regulations must be taken into account to predict how a particular restriction is meant to be applied.
