Authority publishes phase two findings of TCSP review

The Isle of Man Financial Services Authority has published the findings of phase two of its thematic review relating to Trust and Corporate Service Providers (“TCSP”).


Desk-based inspections were conducted during 2023 to test the effectiveness of Business Risk Assessments (“BRA”) at a total of 70 licenceholders.


A BRA is an important part of a firm’s compliance and risk management framework to help detect and prevent money laundering, terrorist financing, and the proliferation of weapons of mass destruction.


The phase two TCSP report, which is available to view online, sets out the findings, including examples of best practice, case studies, and the Authority’s observations.


The data will inform the Authority’s overall picture of risk and has fed into the AML/CFT Handbook and guidance aimed at helping Island firms to meet their obligations in respect of the Anti-Money Laundering and Countering the Financing of Terrorism (“AML/CFT”) Code 2019.


The National Risk Assessment identifies the TCSP sector as one of the highest risk business sectors in the Isle of Man. The Authority carried out the two-part review to evaluate the strength of BRA controls and processes in place at a cohort of Island firms.


Phase one focused on data collection and analysis, with a BRA questionnaire issued to 106 TCSPs. The feedback from phase one is set out in a report published in July 2023. The desk-based inspections completed in phase two of the thematic enabled the Authority to gather further data and assess how BRAs are being used to evidence a firm’s understanding of the risks they face.


Thematic reviews continue to be a key part of the Authority’s supervisory approach, as they offer an efficient way to identify areas of risk. This work supports the Authority’s objectives of protecting consumers, reducing financial crime, and maintaining confidence in the finance sector through effective regulation.


Ian Spence, Head of the Authority’s AML/CFT Supervision Division, said: ‘The ability of regulated and designated businesses to clearly document and record risks posed to the firm by its business and customers is crucial in combating money laundering, terrorist financing, and proliferation of weapons of mass destruction, while also ensuring firms meet their obligations and requirements under the AML/CFT Code 2019. An effective and thorough knowledge and assessment of the risks a firm faces – a business risk assessment – is one of the key building blocks from which to consider what risk-based mitigation controls and procedures are needed.’


He added: ‘The BRA thematic reports offer some useful learning points and suggestions of best practice to all firms, whether they were involved in the inspections or not. We would also recommend that all firms refer to our AML/CFT Handbook, which was updated following this thematic, when developing appropriate procedures and controls, especially the BRA.’