Service notice – myRegistry and our Security Interests Register will be unavailable due to scheduled maintenance from 10:00am until 6:00pm on Saturday 29 November and 6:00pm on Tuesday 2 December until 2:00am on Wednesday 3 December.
Compliance function: Key Persons Regime green paper
Compliance function: Key Persons Regime green paperThe Jersey Financial Services Commission (JFSC) invites comments on this green paper by 6 December 2024. Responses can be submitted via SmartSurvey.
If you require any assistance, clarification or wish to discuss any aspect of the paper prior to formulating a response please contact our Policy team.
Responses will be grouped by type of respondent and quoted as such in our feedback paper. We will only publish the name of a respondent to a consultation where that respondent has consented to the publication of their name.
Alternatively, Timothy Hart at Jersey Finance Limited (JFL) is coordinating an industry response that will incorporate any matters raised by local businesses. Comments should be submitted to JFL by 6 December 2024.
The JFL contact is:
Timothy Hart
It is the policy of JFL (unless otherwise requested or agreed) to collate all responses and share them verbatim with the JFSC on an anonymised basis (with reference made only to the type of respondent, e.g. individual, law firm, trust company etc.). This collated, and anonymised response will typically be placed in JFL’s permanent electronic archive, which is currently open to all JFL members.
Glossary
Defined terms are indicated throughout this document as follows:
|
AML |
anti-money Laundering |
|
AT |
Assessment Team |
|
CFT |
Counter Financing of Terrorism |
|
Civil penalties regime |
means the ability for the JFSC to impose a financial penalty on a person who performs a “senior management” function in accordance with the Commission Law |
|
CO |
compliance officer |
|
Codes |
means Codes of Practice setting out the principles and detailed requirements that must be complied with when conducting financial services business. |
|
Commission Law |
Financial Services Commission (Jersey) Law 1998, as amended |
|
CPD |
Continuing Professional Development |
|
CPF |
counter proliferation financing |
|
FATF |
Financial Action Task Force |
|
FCA |
Financial Conduct Authority |
|
FI |
Financial Institutions |
|
FIAU |
Malta’s Financial Intelligence Analysis Unit |
|
Firm |
refers to registered persons, supervised persons, and financial institutions |
|
FIU |
Financial Intelligence Unit |
|
Financial Services Law |
Financial Services (Jersey) Law 1998, as amended |
|
Group Outsourcing |
an arrangement between a business and group service provider by which the group service provider performs an outsourced activity that would otherwise be undertaken by the business |
|
home jurisdiction |
the place where a person normally resides and conducts their employment. |
|
IOM |
Isle of Man |
|
JFSC |
Jersey Financial Services Commission |
|
Key Person |
as defined by the Financial Services Law and means a: compliance officer money laundering compliance officer money laundering reporting officer |
|
Managed Entity |
a registered person that relies upon the services of a registered person with a Financial Services (Financial Service Business) (Jersey) Order 2009 Class ZK registration (manager of a managed entity) to satisfy any parts of its regulatory obligations. |
|
ML |
money laundering |
|
MLCO |
money laundering compliance officer |
|
MLO |
Money Laundering (Jersey) Order 2008 |
|
MLRO |
money laundering reporting officer |
|
MoME |
Manager of a Managed Entity |
|
MONEYVAL |
Committee of Experts on the Evaluation of Anti-Money Laundering Measures and the Financing of Terrorism. |
|
NRA |
National Risk Assessment |
|
PF |
proliferation financing |
|
POCL |
Proceeds of Crime (Jersey) Law 1999 |
|
Principal persons |
Means the definition given to it in Article 1 of the Financial Services Law |
|
RegTech |
regulatory technologies |
|
SAR |
Suspicious activity report |
|
TCB |
trust company business |
|
TCSP |
trust company services provider |
|
TF |
terrorist financing |
1 Executive Summary
1.1 Overview
1.1.1 This green paper aims to explore and seek feedback on the status of the compliance function in Jersey.
1.1.2 There is a requirement that the compliance function of a firm be executed through three defined roles: money laundering reporting officer (MLRO), money laundering compliance officer (MLCO) both as defined in legislation, and the compliance officer (CO) as defined in the Codes. The Financial Services (Jersey) Law 1998 provides a collective definition of these roles as Key Persons.
1.1.3 Each of the MLRO and the MLCO must be employed by a Jersey firm and must be resident in the Bailiwick – that is the ‘employment nexus’ and ‘residency nexus’ respectively, must be present. We may grant variations to the residence nexus for COs in certain circumstances.
1.1.4 JFSC statistics estimate that there are more than 850 Key Persons in Jersey, the majority of which hold two of the MLRO/MLCO/CO roles. This does not, however, give the full picture of those who hold compliance functions - that figure is much greater. For ease of reference in this green paper, we will refer to the full cohort of those individuals who conduct compliance functions across the financial services industry as Compliance Professionals, a subset of which are Key Persons. While this paper is focussed on Key Persons, we are mindful of any impact on the wider population of Compliance Professionals in Jersey.
1.1.5 The following regimes and how the compliance function is regulated are not addressed in this green paper:
1.1.5.1 The notice designating existing senior management functions;
1.1.5.2 A managed entity’s use of a Manager of a Managed Entity (MoME) to fulfil its regulatory obligations; and
1.1.5.3 the anti-money laundering services provider (AMLSP), created as a function of the Proceeds of Crime (Jersey) Law 1999 (POCL) Schedule 2 / Money Laundering (Jersey) Order 2008 (MLO).
However, they may be relevant when formulating a response if considered as being contributors to, or alleviators of, the Key Person resourcing challenge.
1.1.6 The JFSC, Government and industry have all identified that the recruitment and retainment of Compliance Professionals is an ongoing challenge (the “resourcing challenges”). This was also raised in the recently published MONEYVAL Mutual Evaluation Report. Stakeholders have suggested a wide variety of reasons why this is the case and some of these will be explored and evaluated in this green paper.
1.1.7 There are many combinations and permutations which could address the “resourcing challenges” matrix but, as its starting point, we are seeking stakeholder views on three high level options it considers the most appropriate to commence the discussions. The first option is to retain the status quo; to keep both the Jersey employment and residency nexus, with, or without, certain enhancements for Key Person roles. The two other options consider whether there should be a relaxation, or severing, of the nexus for a Key Person to reside in Jersey or to be employed by a Jersey firm.
1.1.8 Whilst we are actively investigating solutions to the issues that have been raised, these must be balanced against wider objectives and obligations. These include:
1.1.8.1 As an IFC, Jersey is committed to adhering to Financial Action Task Force (FATF) standards with respect to anti-money laundering, combating of terrorist finance and countering proliferation financing (AML/CFT/CPF).
1.1.8.2 We must work within the bounds of the law. Although we can recommend legislative change, it is for Government to decide on changes to the law. Changes to legislation are not typically quick or easy.
1.1.8.3 The 2022-2025 Government plan has, as one of its common strategic policies, a priority to create a sustainable, vibrant economy and skilled local workforce for the future; care needs to be taken to ensure that goals are aligned.
1.1.8.4 Finally, we are mindful of the wider issues which may have an impact here but sit outside of the Commission’s direct responsibilities e.g. salary levels of Compliance Professionals, adoption, and investment in Regulatory Technologies (RegTech) solutions or Jersey’s ability to attract professionals from other jurisdictions.
1.1.9 We appreciate the contributions of Compliance Professionals on the viability and stability of the financial services industry. We look forward to collaborating with them and industry at large, to create a productive and satisfactory strategy to address the resourcing challenge.
1.1.10 Unless there is a need to make a specific reference to one of the mandated compliance roles, this paper will use the term Key Persons although there may be a slight nuance between the relevance of the context to each (i.e. the MLRO, MLCO and CO roles).
2 Green paper objectives
2.1 Basis for consultation
2.1.1 We have issued this green paper in accordance with Article 8(3) of the Commission Law, as amended, under which the JFSC “may, in connection with the carrying out of its functions …consult and seek the advice of such persons or bodies whether inside or outside Jersey as it considers appropriate”.
2.1.2 No statement made anywhere in this green paper is to be construed as either our current or future position. The statements/views/suggestions in this paper do not represent our agreed policy, but rather reflect our commitment to working with all stakeholders to find workable solutions.
2.2 Responding to the consultation
2.2.1 We invite comments in writing from interested parties. Where comments are made by an industry body or association, that body or association should also provide a summary of the type of individuals and/or institutions that it represents.
2.2.2 A response form has been published alongside this consultation, available at the following link: compliance function: key persons regime.
2.2.3 You can use this form when providing feedback, either directly or via JFL. For the avoidance of doubt, all responses received, in whatever fashion, will be considered, with the response form intended only to ease processing by the JFSC.
2.2.4 Comments should be submitted by 6 December 2024.
2.3 Next steps
2.3.1 Any further steps will be outlined in the feedback paper which we will publish in the first quarter of 2025.
3 The Key Person legal and regulatory framework
3.1 The context
3.1.1 This section examines the regulatory framework in which Key Persons operate, both internationally and locally. While there is a common international standard, the application of this varies by jurisdiction.
3.2 FATF framework
3.2.1 As a leading IFC, Jersey complies with international standards including the Financial Action Task Force (FATF) recommendations. The FATF recommendation directly concerning Jersey Key Persons is:
Recommendation 18: Financial institutions should develop internal policies, procedures and controls, including appropriate compliance management arrangements for the appointment of a compliance officer at the management level.
3.2.2 FATF Recommendation 26 (Regulation and Supervision of Financial Institutions) applies to us. The interpretive note to this recommendation sets out the risk-based approach to be adopted by supervising institutions including assessing the quality of the compliance function of the institution.
3.2.3 Jersey has developed the Key Person regime to ensure local firms have effective compliance management systems in accordance with Recommendation 18, and granted powers to us to regulate, supervise and enforce them in terms of Recommendation 26.
3.3 MONEYVAL findings
3.3.1 More recently Jersey underwent an assessment of its effective compliance with FATF requirements. MONEYVAL assesses the FATF Recommendations and outcomes. Jersey’s Fifth Round Mutual Evaluation report was published in May 2024; the report concluded that Jersey’s effectiveness in preventing financial crime was among the highest level found in jurisdictions evaluated around the world.
3.3.2 On Compliance Professionals, the report noted that:
‘In general, the AT [Assessment Team] observed a good culture of compliance whereby AML/CFT compliance officers are involved and listened to in key decision-making processes such as onboarding of higher-risk customers’ which attests to the value they bring to the financial services industry.
In its key findings on Immediate Outcome 4 (one of the indicia for the effectiveness of Recommendation 18) the report noted that: ‘… the availability of qualified resources in compliance functions was identified as a serious challenge’[1],
And in detail:
‘… the shortage of qualified AML/CFT compliance staff seems to be a persistent problem across most sectors. The average tenure of MLROs in recent years has been 14 months which attests to a high turnover rate and challenges that Jersey is facing in retaining qualified compliance professionals’[2].
3.3.3 On the matter of outsourcing the report notes:
‘... Some of the first line duties, such as onboarding and screening, are often outsourced to third-party entities that are located in other countries (“centres of excellence”). These outsourcing arrangements may be a source of vulnerability as they result in the detachment of important compliance functions from core operational processes of REs [Reporting Entities] …’[3]
3.3.4 These MONEYVAL quotes sum up the ambition of this green paper – to build on the existing strengths of the services provided by Compliance Professionals in Jersey, while addressing the resourcing challenges and improving Jersey’s compliance with international standards.
3.4 Key Person roles – Jersey law, regulation, and guidance
3.4.1 The table at 3.4.4 summarises Jersey’s Key Person regulatory framework.
3.4.2 While the CO role is not mandated by statute, unlike the MLRO and MLCO roles, it is currently a core component of Jersey’s regulatory framework and serves a valuable purpose in driving a culture of compliance. Removing or significantly reducing prominence of the CO role is a substantial undertaking and would require greater consideration that is not an objective of this green paper.
3.4.3 It must also be kept in mind that the ultimate responsibility for ensuring a firm has robust arrangements in place for compliance with the legal and regulatory framework rests with a firm’s board of directors (or equivalent).
3.4.4 The following table summarises the Legislative and policy requirements currently existent in the Jersey framework.
|
Key Person |
MLRO |
MLCO |
CO |
|
Legislative requirements |
Art 8 MLO: “to receive and consider reports in accordance with Article 21”. |
Art 7 MLO: ‘…to monitor whether the enactments in Jersey relating to money laundering and any relevant Code of Practice issued under Article 22 of the Proceeds of Crime (Supervisory Bodies) Law are being complied with…” |
N/A |
|
AML/CFT/CPF Handbook and Codes of Practice requirements |
Must: be employed by the supervised person or an enterprise in the same financial group as the supervised person be based in Jersey have independence, sufficient authority and resources, access to the board |
Must: be employed by the supervised person or an enterprise in the same financial group as the supervised person be based in Jersey have independence, sufficient authority, and resources |
ensure appropriate monitoring of operational performance and managing regulatory and compliance risks provide senior management and the board of directors with regular written reports on the firms’ compliance with the conduct and prudential requirements act as our principal point of contact on day-to-day regulatory matters this role does not always have to be Jersey based[4] |
|
Civil penalties regime |
Article 21A of the Commission law. |
Article 21A of the Commission law. |
Article 21A of the Commission law. |
|
Criminal penalties regime |
Article 34D of the Proceeds of Crime Law |
N/A |
N/A |
|
Specified Qualifications |
No |
No |
No[5] |
3.5 Key Persons in comparable jurisdictions
3.5.1 The way in which each country applies FATF Recommendations 18 and 26 is nuanced to their jurisdiction, making direct comparisons challenging. What is common between the jurisdictions is the existence of a MLRO-type role, even if the terminology used varies across the world. This table summarises nexus requirements for MLRO-type positions in comparable jurisdictions:
3.5.2 Even where a jurisdiction relaxes a nexus, it may not be a complete severance of the requirement and/or other conditions may become enforceable.
3.5.3 We note the following nuances in the compliance regimes of comparable jurisdictions:
Isle of Man
3.5.4 The Isle of Man compliance framework requires firms to appoint a Head of Compliance; this role can only be held by an Isle of Man resident. Heads of Compliance can be interviewed by the regulator when they resign from their post.
3.5.5 The outsourcing of the MLRO role is permitted under exceptional circumstances and not considered as a long-term option; only an individual can assume the role and the regulator treats the outsourced MLRO as an employee of the firm. The regulator examines the level of competence, and the time proposed to be allocated to the firm when assessing any application to outsource the function.
3.5.6 The Isle of Man Government has implemented strategies to attract essential talent. This includes a relocation scheme to assist firms to import skills that are not available locally[6] and working with institutions to develop a locally focussed compliance module offered as part of a business administration diploma[7].
Gibraltar
3.5.7 The MLRO is generally required to be employed by a firm full time, however they may reside in Gibraltar or the immediate surrounding area.
Guernsey
3.5.8 Guernsey allows for the outsourcing of the MLRO, MLCO, and CO roles, subject to the following limitations:
3.5.8.1 The MLRO role must be held by an individual who is resident in Guernsey.
3.5.8.2 The MLCO role must be held by an individual who is resident in Guernsey or the British Isles.
3.5.8.3 The CO role is subject to approval by the regulator. It can be outsourced to a natural or legal person resident in Guernsey.
3.5.9 The regulator does not formally approve outsourcing arrangements, as they are subject to the oversight of the supervised firm. The firm must ensure that it has the supportive business risk frameworks, infrastructure, detailed contingency plans, and an exit strategy in place, to support the engagement of a third party.
3.5.10 The supervised firm must ensure that the outsourced service provider has sufficient expertise and probity in place as well as satisfactory policies, procedures, and controls, which are continuously applied to an equivalent standard that reflects evolving regulatory requirements and emerging ML, TF, and PF risks.
UK
3.5.11 The FCA Handbook requires the appointment by a firm of a director or senior manager with overall responsibility for the establishment and maintenance of AML systems and controls. The MLRO must be both an employee of a firm and be based in the UK[8].
3.5.12 The UK compliance framework allows for firms to obtain compliance support, but it cannot contract out of its regulatory obligations.[9]
3.5.13 The Malta Financial Services Authority has recently summarised the outcomes of its supervisory actions between 2021 and 2023[10].
3.5.14 Outsourcing of the MLRO role is not permitted, subject to specific exceptions. The MLRO does not need to be in Malta or present where the firm’s operations are directed or the records kept. However, they must always: have access to the firms records and systems and be available for meetings or interviews with Malta’s Financial Intelligence Analysis Unit (FIAU) or other authority.[11]
Mauritius
3.5.15 Regulations require the appointment by a firm of a CO, MLRO and deputy MLRO (DMLRO), all of whom must be natural persons, and no outsourcing is permissible.
3.5.16 To be licensed each of the CO, MLRO and DMLRO are required to hold a relevant qualification from a recognised institution coupled with at least 5 years relevant industry experience. The 5-year experience requirement may be relaxed to 3 years where an applicant holds a valid AML/CFT professional certification. Where an applicant CO/MLRO/DMLRO has no formal qualifications the minimum relevant industry experience must be a minimum of 10 years. The qualification regime is reserved for non-banking financial services institutions.
4 The Jersey context
4.1 Compliance Professional employment market
4.1.1 In the Government’s April 2024 blog,[12] on the employment market it was observed that:
Alongside high employment, low unemployment and low levels of inactivity, Jersey has a high number of job vacancies. Typically, job vacancies are seen as evidence of labour shortages, but in the case of Jersey it might be better to view them as evidence of skills shortages. Jersey has suffered from declining productivity for a number of years. …
4.1.2 A review of the job adverts in the Jersey Evening Post (JEP) echoes the Key Person resourcing challenge. From August 2023 to July 2024, an average of 15% of all finance and insurance industry vacancies have been compliance related roles.
4.1.3 The average tenure of an MLRO is 14 months, as set out in the MONEYVAL report (refer Section 3.3) and aligns with the JEP statistics and the Government’s blog. However, none of these sources highlight why Compliance Professionals, including Key Persons, are leaving the roles in the first place. Further, they do not provide information on strategies firms are adopting to retain Compliance Professionals, build internal capabilities and capacity, or employ RegTech solutions.
4.1.4 The Financial Services Law requires firms to inform us when a Key Person ceases to act in that capacity. Some of the reasons stated by Key Persons for ceasing to act are:
4.1.4.1 to move to a Key Person position at another firm for more money or more seniority
4.1.4.2 to move to a non-Key Person position due to no longer having the risk appetite for the responsibility
4.1.4.3 concerns about workload
4.1.4.4 misalignment between the risk appetite of the firm and the Key Person.
4.1.4.5 concerns about a firm’s culture
4.1.4.6 holding a Key Person role was temporary.
4.1.4.7 relocation overseas
4.1.4.8 retirement
4.1.5 No distinct reason is favoured, suggesting that Key Person resourcing challenges are multi- dimensional.
4.2 Supervisory Risk Data Collection
4.2.1 As part of its broad data collection remit, the JFSC requires supervised businesses to provide certain data[13], including residency statistics of COs (and risk professionals). The following table summarizes the data of the previous two collection periods:
|
Metric / Year |
2022 |
2023 |
|
No. of Entities |
483 |
449 |
|
Compliance and Risk Employees Jersey based |
1034 |
1046 |
|
Compliance and risk Employees non-Jersey based |
143 |
174 |
|
Vacancies as % of all Compliance and risk Employees Roles |
8% |
6% |
4.2.2 Whilst there was a slight increase in the number of non-Jersey resident compliance and risk employees, the vast majority are residents in Jersey. There may be a correlation between the drop in vacancies for the subject roles and the increase in general compliance support outsourcing requests we received (see paragraph 5.2.5) and possibly restructuring the role to allow some activities to be outsourced or exercised outside Jersey.
5 The options
5.1 Outline
5.1.1 The following options (Options) are presented to facilitate the discussion around Key Person resourcing challenges:
5.1.1.1 Option 1: Status quo – retain employment and residency requirements for Key Persons with some enhancements such as: the use of regulatory technology; corporate culture; and a clearer career professional and academic path.
5.1.1.2 Option 2: Retain the employment connection of Key Persons and remove the Jersey residency requirement.
5.1.1.3 Option 3: Retain the Jersey residency requirement for Key Persons and remove the Key Person employment requirement.
5.1.2 These options are not independent of one another – for instance, the risks that come with removal of one nexus might be mitigated by strengthening the requirements of the other.
5.1.3 We have discounted what may be thought of as a fourth option which is the removal of both the residency and employment nexus. The primary reason for this is the difficulties that we, and other agencies, faced to enforce criminal and civil penalties against individuals who have contravened the law and have no connection to Jersey. This is of course particularly relevant for the MLRO role which is subject to both criminal and civil penalty regimes.
5.1.4 Extradition is usually reserved for the most serious crimes due to sovereignty, cost, and grounds of comity. The recognition and enforcement of a Jersey judgment debt in a foreign court is not always guaranteed.
5.2 Option 1 – Status Quo – retain employment and residency requirements for Key Persons
5.2.1 The first option for discussion would involve no change to the current legislative and regulatory regime. Whilst Option 2 and Option 3 aim to widen the pool of talent available for Key Person roles, attention must also be focussed on current and past local Key Persons to understand what challenges they have encountered throughout their careers. We are particularly interested in the views of this cohort.
5.2.2 The viability of this option will depend on what enhancements, if any, can be made to alleviate the resourcing problem. Included below are initial considerations for possible enhancements of the infrastructure that surround Key Persons.
Existing outsourcing framework
5.2.3 Currently, firms have the option to outsource certain compliance tasks.
5.2.4 Concerns have been expressed that outsourcing of certain compliance activities is not permitted under our Outsourcing Policy. We take this opportunity to clarify the position. Whilst the roles of each of the Key Persons cannot be outsourced, there is nothing that expressly prevents the outsourcing of certain compliance activities; albeit the overall responsibility remains with the relevant Key Person.
5.2.5 Between 2022 and 2023 we have noticed an 8.3% increase in notifications by firms to outsource compliance functions. The diagram below illustrates that increase and provides a breakdown by type of request:
5.2.6 The significant increase in general compliance support requests may indicate a drive by firms to improve efficiency and reduce the human capital burden.
5.2.7 All the options outlined later in this paper are aligned with the Outsourcing Policy, including Principle 1: “A Business is responsible for and accountable to the JFSC for any Outsourced Activity”. In other words, the governing body of a regulated firm retains ultimate responsibility for its legal or regulatory responsibilities.
Regulatory Technologies - “RegTech”
5.2.8 As noted in the JFSC Financial crime and regulatory technology guide,[14] RegTech “help businesses from a range of regulated sectors to achieve compliance, delivering significant business value in the process.”
5.2.9 The challenges around filling Key Person positions have been framed around retaining and recruitment. However, the implementation and adoption of RegTech solutions, subject to appropriate safeguards, can have a part to play by improving operational efficiency and regulatory compliance, leaving Compliance Professionals to focus on higher value tasks.
5.2.10 Jersey’s under-employment of RegTech for compliance functions was noted in the MONEYVAL report, including that: ‘… the lack of sufficiently effective IT systems may hamper the ability to view customer relationships as a whole and not only in the context of individual transactions …’[15]. With respect to Suspicious Activity Reports (SARs) which are the domain of MLROs: ‘… it was also revealed that IT-based transaction monitoring systems are rarely a source of SARs and that scenarios of suspicious activity used by the REs may not be keeping pace with the risks faced by Jersey …’[16].
5.2.11 Following a study on the use of RegTech in Jersey,[17] we have published two guides to assist in this area:
5.2.11.1 Financial Crime and Regulatory Technology Guide – explores both how this technology can be use and some of the regulatory considerations when adopting it.
5.2.11.2 Regulatory Technology Implementation Guide – step-by-step support for business managers implementing a RegTech solution.
5.2.12 There appears to be a hesitation to fully embrace RegTech. It is unclear whether this is due to: the reluctance of the firm to invest in the technology as they do not see the value; the apprehension of Key Persons to rely on it; or some other factor.
5.2.13 Although we are unable to approve or endorse any IT solution, we would be interested in understanding industry’s general perception on the use of RegTech for compliance purposes.
Career path – academics and experience
5.2.14 Unlike other career paths in the financial services sector, such as lawyers and accountants, there is no primary career path for Compliance Professionals. In other words, we are unaware of any dedicated undergraduate degree, and most Compliance Professionals have academics in other fields. If an individual chooses to pursue the compliance career path, they tend to study for international certificates and diplomas (if at all). Those qualifications do not have a Jersey focus.
5.2.15 Our Insurance, Investment Businesses and Trust Company Businesses Codes specify qualifications for certain employees to be deemed ‘suitably qualified.’ Although these are not specific to Key Persons, the same framework could be extended.
5.2.16 Given that Compliance Professional roles are predominantly practical, experience gained in industry is essential. Even if a specialist undergraduate degree in compliance function were to exist, in most circumstances, it would be asking too much of a recent graduate to undertake, a MLRO role, for example.
5.2.17 Balancing academics and experience to grade the ability level of a lawyer in private practice, for example, is common and could be applied here. This may allow for greater scope to develop a career path and consequently salary expectations.
Culture
5.2.18 A firm’s culture can have considerable influence on the performance of all employees. Key Persons, and particularly the MLRO, navigate the commercial imperatives of their employer against the criminal and civil penalty regime backdrop.
5.2.19 One viable way to enrich the culture of a firm is to entrench strong principles of corporate governance through a set of measurable principles described in a code of corporate governance. The UK Financial Conduct Authority (FCA) has recently reviewed its Corporate Governance Code, requiring company leadership to ensure, amongst other aspects, that effective internal controls are in place and that the culture of an organisation is embedded[18]. Thereby creating an onus on firms to establish measures of the embedment in corporate culture.
5.2.20 For example, we note that there are individuals who hold more than 200 Key Person roles, but without being able to assess the veracity of a firm’s culture, it is unclear whether these Key Persons are safely able to fulfil their duties. The introduction of a corporate governance code, even if only for compliance functions, combined with the use of exit interviews with us for Key Persons may be effective.
Question 1
How would you propose we improve the status quo - retaining both the residency and employment requirements? Please explain your reasons and what improvements, if any, you consider appropriate. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
The risks associated with these enhancements, and how they might be mitigated.
5.3 Option 2 – Retain employment connection of Key Persons to a Jersey firm and remove the Jersey residency requirement.
5.3.1 Jersey has a well-established residential and employment status regime, in addition to specific immigration criteria. This option focusses on risks, and potential mitigants of the removal of the residency nexus.
5.3.2 In removing, the residency nexus, a Jersey firm would theoretically be able to tap into a wider labour market for the employment of Key Persons. It is open to debate whether all Key Persons of a firm could avail themselves to severance of the residence nexus at the same time.
5.3.3 Due to the nature of the enforceability of criminal sanctions against individuals not resident within the jurisdiction. This option would not be open to roles where there is criminal liability such as the MLRO role.
5.3.4 Regardless of where they were based, the requirement for a Key Person to have sufficient skills and experience that meet the requirements of the relevant Codes would be retained. This may include the need for the individual to demonstrate to us that they are familiar with the differences between the Jersey regime and their home jurisdiction, both at the outset of any appointment and on an ongoing basis.
5.3.5 If the residency nexus were to be removed, careful consideration of the status of the home jurisdiction of the Key Person would be required. FATF grey or blacklisted jurisdictions may not be observed to align with Jersey’s long-standing commitment to being a leader in the fight against financial crime.
5.3.6 In the event a Key Person is permitted to be resident elsewhere, additional supervisory concerns may arise, particularly in considering the business risk framework and whether the firm has sufficient infrastructure to manage the additional risk of having a Key Person operating in a foreign jurisdiction.
5.3.7 A greater level of supervisory scrutiny may be necessary for a firm with a non-Jersey resident Key Person and depending on a variety of factors, may require higher supervisory fees.
Question 2.
What are the risks of removing the Jersey residency requirement? How would you propose that these risks be mitigated? Please explain your reasons. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
5.4 Option 3 – Retain the Jersey residency requirement for Key Persons and remove the Key Person employment requirement.
5.4.1 This option focusses on the removal of the employment nexus thus creating an attractive opportunity to provide independent Key Person services by qualified individuals, or by services firms already regulated and supervised by us, who wish to offer this model as a service line to third party firms. For the purposes of this discussion, we will collectively refer to these third parties as Providers.
5.4.2 As with Option 2, it is open to debate whether a firm could outsource only some or all its Key Person roles.
5.4.3 Dependent on the operating models of the Providers, there is also a risk of service concentration. Currently, there are very few Providers in Jersey that have the skills or capacity to perform compliance functions.
5.4.4 The variability of this model would be dependent on the appetite of the Providers to assume Key Person roles and the firms to require those services, neither of which is known.
5.4.5 A greater level of regulatory scrutiny may be necessary of a firm that outsourced its Key Person roles to Providers. Additionally, it may be necessary for some form of oversight mechanism to be created and supervised by the JFSC on the Providers themselves due to the types and volume of other clients availing their services. The aim would be to ensure that adequate levels of service were in fact being provided. The supervision of both sides would attract fees, which may be dependent on the scale and nature of the supervision required.
5.4.6 This option may lead to the regulation of Providers, who would be expected to demonstrate that they have qualifications, skills, and experience to assume Key Person roles in line with the industry expectations. This would also attract additional regulatory authorisation resources which may come at a cost.
Question 3.
What are the risks of removing the employment requirement? How would you propose that these risks be mitigated? Please explain your reasons. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
6 Conclusion
6.1.1 As previously noted, this green paper is explorative in nature. The paper’s goal has also been to demonstrate that the Key Person resourcing challenge is multifaceted.
6.1.2 Stakeholders are encouraged to consider the points raised in this paper when formulating their responses, however, we welcome all observations.
Question 4.
What is your experience with the use of RegTech and how could it be a solution for reducing the resourcing challenge for the Key Persons?
Question 5.
Is there an alternative solution or anything else that we have not considered in the paper? In your response, please give reasons to support your answer if not covered in other question responses.
Anonymous survey
Name (optional)
Email (optional)
Company (optional)
Industry represented (mandatory):
- Please rank the options in order of preference, with 1 being your preferred option, and 4 being you least preferred option:
Option 1 - retain the status quo i.e. retaining both the residency and employment requirements
Option 2 - retain the employment connection of Key Persons and remove the Jersey residency requirement
Option 3 - retain the Jersey residency requirement for Key Persons and remove the Key Person employment requirement? Please explain your reasons
- How would you propose we improve the status quo - retaining both the residency and employment requirements? Please explain your reasons and what improvements, if any, you consider appropriate. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
The risks associated with these enhancements, and how they might be mitigated
- What are the risks of removing the Jersey residency requirement? How would you propose that these risks be mitigated? Please explain your reasons. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
- What are the risks of removing the employment requirement? How would you propose that these risks be mitigated? Please explain your reasons. In your response, please consider the following:
How would the proposed option address the challenge in recruiting and retaining Key Persons?
How would the proposed option benefit the financial services industry in Jersey?
What effect would the proposed option have on Jersey’s compliance with FATF standards?
- What is your experience with the use of RegTech and do you agree it could be a solution for lessening the human capital burden for the compliance function? In your response, please consider the following: lDo you agree that RegTech is useful in addressing the challenge in recruiting and retaining Key Persons?
The risks associated with RegTech and how they might be mitigated.
- Is there an alternative solution or anything else that we have not considered in the paper? In your response, please give reasons to support your answer if not covered in other question responses.
[1] MONEYVAL Evaluation Report for Jersey Key Findings 5.1 https://rm.coe.int/moneyval-2024-7-5thround-mer-jers/1680b10dd7.
[2] Para 527
[3] Para 529
[4] Depending on size (group or otherwise), licence classification (insurance and AIFMDs), and geographic location of the business. Such variances are dealt with by the JFSC on a case-by-case basis.
[5] Some Codes of Practice require CPD
[6] Employee Relocation Incentive (iomdfenterprise.im)
[7] City & Guilds Level 3 Diploma in Business Administration (ucm.ac.im)
[8] SYSC 3.2 Areas covered by systems and controls - FCA Handbook
[9] Heads of compliance and MLROs | FCA
[10] Malta Financial Services Authority Guidance for MLROs in the Financial Services sector
[11] Implementing Procedures - FIAU (fiaumalta.org)
[12] Jersey Government Blog Population and Employment – What does the Data Tell us?
[13] 2023 AML/CFT/CPF and other Supervisory Risk Data Collection exercise — Jersey Financial Services Commission (jerseyfsc.org)
[14] Financial Crime and Regulatory Technology Guide
[15] Para 495
[16] Para 490