Timing
4.10 The customers’ identity and where applicable the identity of beneficial owners, must be verified before entering into a business relationship or occasional transaction.
You can make an exception to when customer due diligence is carried out on any party to a sale only if both the following apply:
● it is necessary not to interrupt the normal conduct of business
● there is little risk of money laundering or terrorist financing
However, this exception is very limited as the verification must still be completed by the time the business relationship is entered into. Nor does this exception mean that you can use it where it is hard to verify a customer’s or beneficial owner’s identity.
To use this exception, a business will have to explain in its risk assessment why it considers the business relationship or transaction has little risk of money laundering or terrorist financing.
Extent of customer due diligence
4.16 The extent of customer due diligence measures depends on the degree of risk. It depends on the type of seller or buyer, business relationship, product or transaction and any geographical risk.
It goes beyond simply carrying out identity checks to understanding who you are dealing with. This is because even people you already know may become involved in illegal activity at some time, for example where their personal circumstances change or they face some new financial pressure. Your customer due diligence measures should reduce the risk of this and the opportunities for staff to be influenced.
This means that you will need to consider the level of identification, verification and ongoing monitoring that is needed depending on the risks you assessed. You must be able to show that the extent of these procedures is appropriate when asked to do so.
Non-compliance with customer due diligence
4.17 If you cannot comply with the customer due diligence measures, you must not:
● carry on estate agency work with, or for, the seller or buyer
● establish a business relationship or carry out an occasional transaction with the seller or buyer.
4.18 If you cannot comply with the customer due diligence measures, you must:
● terminate any existing business relationship with the seller or buyer
● consider whether to make a suspicious activity report.
Identifying individuals
4.36 As part of your customer due diligence measures, you must identify individuals. You should obtain a private individual’s full name, date of birth and residential address as a minimum.
4.37 You should verify these using current government issued documents with the person’s full name and photo, with a date of birth or residential address such as:
● a valid passport
● a valid photo card driving licence (full or provisional)
● a national identity card
● a firearms certificate
● an identity card issued by the Electoral Office for Northern Ireland.
4.38 Where the person does not have one of the above documents you may wish to ask for the following:
● a government issued document (without a photo) which includes the person’s full name and also secondary evidence of the person’s address, for example an old style driving licence or recent evidence of entitlement to state or local authority funded benefit such as housing benefit, council tax benefit, pension, tax credit
● secondary evidence of the person’s address, not downloaded from the internet, for example a utility bill, bank, building society or credit union statement or a most recent mortgage statement.
4.39 You should check the documents to satisfy yourself of the person’s identity. This may include checking:
● spellings
● validity
● photo likeness
● whether addresses match
● whether there are anomalies in the documents that suggest they are forgeries or fakes.
Electronic verification
4.45 An electronic records check carried out on limited information establishes only that an individual exists, not that the seller or buyer is that individual. For example, simply carrying out electronic verification to check the name and address of a person you have not seen does not mean that you have verified that the person you are dealing with is who they say they are. You should ensure that the checks you use show that you have identified the customer, verified the identity and that they are, in fact, the same person that is using your services (to protect against impersonation). You should therefore verify key confidential facts, that only the seller or buyer may know to establish who they say they are. For example, testing background information such as their place of birth, how long they have been resident at an address with previous addresses when resident for a short period or education history. Manual identity documents can be checked alongside electronic verification where greater risk is indicated. An electronic records check is not always appropriate. For example, the Council for Mortgage Lenders notes that electronic verification products may not be suitable for fraud prevention purposes, such as verifying that a person’s signature is genuine.