CySEC has conducted an annual assessment of all the Compliance Officers’ Annual Reports (‘CO Reports’) and Internal Audit Reports (‘IA Reports’) for the year 2019 along with their Board of Directors minutes (‘BoD minutes’), as these were submitted to CySEC during 2020. CySEC during this annual review, assessed the compliance of Regulated Entities with their obligations under the Prevention and Suppression of Money Laundering and Terrorist Financing Law (‘the Law’) and the CySEC’s Directive for the Prevention of Money Laundering and Terrorist Financing (the ‘Directive’).
- What shall be noted?
In summary, CySEC has found common and recurring weaknesses/deficiencies concerning the content of the CO and IA Reports and their BoD minutes, based on which Regulated Entities should ensure that the following obligations are upheld in accordance with the Law and the Directive:
- The Compliance Officer’s obligation for the correct preparation of the Annual CO Report and the sufficient assessment of the level of compliance of the Regulated Entity in relation to the prevention of money laundering and terrorist financing.
- The Internal Auditor’s obligation for the correct preparation of the IA Report and the sufficient review and evaluation of the appropriateness, effectiveness and adequacy of the policy, practices, measures, procedures and control mechanisms applied by the Regulated Entity for the prevention of money laundering and terrorist financing.
- The Regulated Entity’s BoD obligation for the sufficient assessment and approval of the Annual Report and the Internal Audit Report and taking all appropriate measures for the correction of any weaknesses and/or deficiencies identified, as well as the implementation timeframe of these measures.
- The Regulated Entity’s BoD obligation to ensure the overall implementation of all requirements of the Law and the Directive, as well as to ensure that appropriate, effective and sufficient systems and controls are introduced for achieving the abovementioned requirement.
More detailed information on the weaknesses/deficiencies identified by CySEC can be found here.
- Next steps towards?
CySEC in its Circular has informed Regulated Entities that the weaknesses and deficiencies that were identified in the said annual assessment will be the subject of subsequent compliance checks by CySEC.
In addition, CySEC expects that Regulated Entities will prepare the Annual Reports for the year 2021 and onwards based on the CySEC findings.
Thus, if you need any help in assessing compliance of your Company with the regulatory framework and the preparation of the Reports, please let us know.
Our team of experts, can help you stay compliant by offering solutions tailored to your Company’s needs!