Following conclusion of the consultation, the notice designating senior management functions was published on 12 January 2023 (the Notice). The Notice determines which senior managers in a registered person (as defined in the Financial Services Commission (Jersey) Law 1998 (the Commission Law) will fall within the scope of the civil financial penalties regime should they be culpable in a registered person’s significant and material contravention of the Money Laundering (Jersey) Order 2008 (MLO) or a JFSC Code of Practice.
CIVIL financial penalties
Article 21A of the Commission Law provides that where the JFSC is satisfied that a registered person (as defined in the Commission Law) has, to a significant and material extent, contravened the MLO or a JFSC Code of Practice the JFSC may impose a civil financial penalty on that registered person. Article 21A of the Commission Law also provides that if the JFSC is satisfied that the contravention by the registered person was:
- committed with the consent or connivance of, or was attributable to neglect on the part of any person who performs (or performed) a senior management function, or
- aided, abetted, counselled or procured by any person who performs (or performed) a senior management function,
the JFSC may impose a civil financial penalty on that person.
The Notice is published pursuant to Article 1(1) of the Commission Law. The publication of the Notice is significant in the context of the civil penalties regime, given how broad the label of “senior management” has the potential to be. Those working in financial services business in Jersey will, no doubt, be reviewing the Notice with a keen eye and assessing what it could mean for them. For those falling within scope of the Notice, this could ultimately mean personal financial accountability.
The Notice comes into effect on 13 March 2023 and in a statement published on the JFSC website, as a matter of best practice, registered persons should now identify which of their employees fall into one of the four categories of senior management function and those employees should be notified accordingly. This will necessitate reviews of committees, delegated functions, reporting lines and decision makers with the business of a registered person.
Senior management function scope
Article 1(1) of the Commission Law defines “senior management function” as a function designated as such by the JFSC by notice published on its website where:
- the function requires the individual performing it to be responsible for managing one or more aspects of the registered person’s affairs; and
- those aspects involve, or might involve, a risk of serious consequences –
- for the registered person, or
- for business or other interests in Jersey,
and in paragraph (a), managing one or more aspects of the registered person’s affairs includes a reference to taking decisions, or participating in the taking of decisions, about how one or more aspects of those affairs should be carried on.
The person’s function, and not their location, will be the determining factor in each case. Importantly, and as indicated in the Notice, persons within scope will be caught even if they are resident outside of Jersey. Similarly, to be within scope, a person need not be directly employed by the registered person; their employment contract could be with another group company. These factors, in particular, mean that the JFSC will have significant reach in imposing financial penalties and therefore the expanded regime will be a key component of the JFSC’s enforcement toolkit.
The Notice provides for 4 categories of senior management function:
Category 1: Those managing any aspect of a registered person’s local anti-money laundering / countering the financing of terrorism / countering proliferation financing (AML/CFT/CPF) compliance/risk function where that function is carried out by a person who sits below a board level but above the level of a key person role.
This category includes the function of line managing a key person. The Notice states that a person with management responsibilities for any aspect of a registered person’s local AML/CFT/CPF compliance/risk function but who simultaneously holds a key person role will also fall into Category 1.
Category 2. Those persons managing any aspect of a registered person’s affairs (excluding activities covered by Category 1) who sit below board level but report directly to the board or to a principal person of the registered person, have responsibility for the application of one or more of the registered person’s arrangements for meeting its statutory and regulatory obligations in connection with AML/CFT/CPF compliance and are able to exercise significant influence.
Someone who is able to exercise “significant influence” will, of course, be subjective and the JFSC’s own guidance here provides that it will be a question of fact in each case. This will, no doubt, mean the size and complexity of the registered person, the number of hierarchical layers of governance, reporting lines and risk profile of the business will all be considered. The JFSC considers, however, that an indication of having such influence is that the person is of sufficient seniority to take decisions that materially affect the registered person’s exposure to the risk of money laundering, terrorist financing or proliferation financing. It is not considered that “significant influence” will extend to providing non-binding advice or recommendations.
Category 3. Those carrying out a duty or responsibility (alone or jointly with others) that the MLO or an AML/CFT/CPF Code of Practice issued by the JFSC requires to be performed by senior management. Where authority has been delegated to a committee to carry out such a duty or responsibility, each member of the committee should be considered to fall into this category.
Category 4. Those performing the duties of a senior officer as referred to in Article 11(2)(a) of the Banking Business (General Provisions) (Jersey) Order 2002.
Whilst the categories appear to be heavily weighted towards those in an AML/CFT/CPF compliance role, the power to impose civil financial penalties under the Commission Law extends to significant and material breaches of not just the MLO but also the Codes of Practice issued by the JFSC under each of the financial services business laws. The focus on AML/CFT/CPF functions in the Notice is perhaps due to the broadening of the civil penalties regime pursuant to Financial Action Task Force (FATF) requirements and recommendations.
What is the potential liability?
For those within scope and found to be culpable in connection with a registered person’s “significant and material breach” of the MLO or a JFSC Code of Practice, they may face the imposition of a civil financial penalty.
The maximum penalty that the JFSC may impose on a natural person is set out in the Financial Services Commission (Financial Penalties) (Jersey) Order 2015. There are four penalty bands with the maximum fine being £400,000. In applying the methodology for calculating the amount of the penalty, the JFSC will consider, amongst other things, the seriousness of the contravention, any aggravating and mitigating factors and penalties imposed in other cases.
We previously touched upon what the JFSC would consider to be a “significant and material” breach and noted that the regulator would take a risk based approach to this, giving consideration to the consequences or potential consequences of the contravention. What will be “significant and material” for one financial services business, may not be for another.
What protection is available for those within scope?
Protection for those falling within scope will be limited. The JFSC’s Codes of Practice specifically state that a registered person must not pay a financial penalty imposed by the JFSC on any other person, nor can the registered person enter into, arrange, claim on or make a payment under a contract of insurance that is intended to have, or has or would have, the effect of indemnifying any person against all or part of a financial penalty imposed by the JFSC.
As such, the registered person will not be in a position to indemnify or insure those falling within scope of the civil penalties regime, although the restrictions referred to above are not intended to prevent a registered person from entering into, arranging, claiming on or making any payment under a contract of insurance which indemnifies any person against all or part of the costs of defending JFSC enforcement action or any costs the person may be ordered to pay to the JFSC.
These restrictions do not, of course, prevent individuals from exploring the possibility of obtaining their own cover – although this is likely to be an unattractive prospect.
Defining the “senior management function” is challenging, in that, Jersey is seeking to implement the FATF requirement to apply the penalty regime to senior management whilst providing a definition that is broad enough to cover the different management structures within a wide range of global financial institutions as well as local designated non-financial services businesses. We anticipate that publication of the Notice may see terms of reference for committees being reviewed and revised, there could be a move towards more clearly defined roles and job specifications in financial services businesses and delegation, where necessary, is likely to be limited and controlled.
Whilst the Notice now provides for accountability for individuals with AML/CFT/CPF, compliance or risk roles, it remains the case that primary responsibility will sit with the board of the registered person. Good governance and systems and controls will continue to be within firm focus of the JFSC in connection with AML/CFT/CPF compliance.