ECSH63389 - What action should compliance officers take?

Compliance officers should check that businesses are complying with their obligations under Regulations 18(A) and 19(A). This includes checking businesses are taking appropriate steps to identify andassess their risk of exposure to proliferation financing through adequaterisk assessments andmanaging and mitigating those risks effectively through policies controls and procedures.  Any failure to do so should be treated in the same way as any other compliance failure, that is the failure to comply with Regulation 18A and/or Regulation 19A is a breach of a relevant requirement in the Regulations, which  means that proportionate, dissuasive and effective enforcement action should be taken. 

However, many businesses that we supervise will have a very low exposure to PF risk and this should be considered when deciding what action to take.   

Where a business has struggled to identify any risks, the officer needs to explain the necessity of: 

at least reviewing the PF NRA and documenting when they did this 

their conclusions pointing to generic risks and responses that should assistin the event of a PF risk arising 

that these risksdidn’t require addition of any ongoing specific PF checks 

identifying any generic PCPs that could capture a PF issuee.g. PEP screening and EDD for high risk third countries