An investment company has been handed a hefty fine by the Financial Intelligence Analysis Unit (FIAU) over a number of anti-money laundering shortcomings which saw millions be invested without robust controls in place.

Southern Cross SICAV plc were fined €303,710 by the FIAU after being found to have committed four breaches of the Prevention of Money Laundering and Funding of Terrorism Regulations.

The fine, and the details as to why the company was fined, was published in an Administrative Measure Publication Notice by the FIAU this week, which came following an off-site compliance review last year.

The first shortcoming was in the company’s AML/CFT Procedures Manual, which the FIAU described as being “rather generic” which simply detailed the company’s legal obligations, without actually giving guidance on how it had to meet those obligations.

For example, the manual stated that after the identification and verification process is completed on a prospective customer, the Company is required to obtain information to establish the customer’s business and risk profile.

However, it did not provide any further explanation as to how this information would be obtained, documented and what documents would be required in specific instances.

The FIAU said that the manual was also found to be outdated.

The FIAU also identified breaches in the company’s Customer Risk Assessment (CRA) procedures, noting flaws in how the risk of certain customers was calculated.

The Committee assessing the company also learnt that in six out of 13 files reviewed, the CRAs had been conducted after the start of the business relationship, meaning that the company had embarked on these business relationships without first identifying and assessing the money laundering or financing of terrorism risks they could pose.

“This was considered by the Committee to be of serious concern in view of the large value of subscriptions in the sub-funds made by these customers, and that were allowed to take place notwithstanding the fact that the risks posed by these customers had not yet been established,” the report notes.

The compliance examination also revealed shortcomings by the company in terms of its obligations which require the identification and verification of natural persons, legal entities and, where applicable, the Beneficial Owner (BO).

From the file review, several shortcomings were noted in five customer files.

One concerned a customer which was a university, and therefore had no beneficial owners, which in turn meant that the controlling parties had to be identified and verified.  Here, the rector was identified only by name, his details were neither identified nor verified.

In another file, there was also no documentation obtained to confirm the residential address for two BOs. Additionally, the passport of one of the BOs was already expired at onboarding. The passport expired on 9 May 2014, while the customer was onboarded on 2 October 2015.

Finally, the FIAU said that the compliance examination found that the information concerning the customer’s anticipated level and nature of the activity was not obtained for all files reviewed.

Failures were also observed in the Company’s measures to obtain the source of wealth (SoW) and expected source of funds of its customers.

From the review, it also emerged that as opposed to the regular course of business, on three occasions the company invested its own funds in the business of its customers. This happened through payments of approximately €1 million to each of the investors, as well as being issued with units in fund.

“In view of this, there was no clear rationale as to why the company was investing in the business of its customers and whether this was in line with the prospectus and the customary business of the company,” the FIAU said.

The FIAU said that the investment rationales provided by the company were “rather difficult to understand” as well.

One such example, for instance, was the involvement of a university in the activity of leasing aircrafts.

“Therefore, after taking all the facts into consideration, the Committee determined that the Company was not in a position to build a comprehensive business and risk profile on its customers. A profile which would subsequently allow the Company to carry out the necessary level of ongoing monitoring,” the FIAU said.

Concluding, the monitoring committee expressed its concerns at the “company’s disregard to its AML/CFT obligations.”

The concluding remarks also reveal that the company has started the process of surrendering its Collective Investment Scheme License with the MFSA.  Had this not been the case, the FIAU said, further follow up directives would have been issued against the company.

“The Committee also considered the fact that the requirements breached are important obligations and that the failures are serious in nature, given that the Company was servicing professional investors, therefore allowing millions to be invested through the SICAV, without robust controls in place. The Company’s lack of regard towards its AML/CFT obligations, could have had an impact not only on its own operations but also had repercussions towards the local jurisdiction,” the FIAU said.

The company was therefore fined a total of €303,710.