Service notice - myRegistry will be unavailable due to scheduled maintenance from 6:00pm on Tuesday 30 December until 2:00am on Wednesday 31 December and 12:30pm on Wednesday 31 December until 9:00am on Thursday 1 January. Our Security Interests Register will also be unavailable from 6:00pm on Tuesday 30 December until 2:00am on Wednesday 31 December.

Public statement

Jersey Post Limited

Jersey Post Limited

Jersey Post Limited

Issued: 8 November 2024

1 Action

1.1 The JFSC has determined it necessary and proportionate to issue this public statement having concluded that, between January 2019 and December 2022 (the Relevant Period), JPL failed to effectively organise and control its affairs for the proper performance of its MSB activities. The JFSC concluded that JPL’s contraventions in this regard warranted a Band 2A civil financial penalty. However, pursuant to its obligations under Article 21B(3)(e) of the Commission Law, the JFSC determined it reasonable and proportionate to impose a zero penalty.

1.2 This public statement relates only to JPL’s conduct, during the Relevant Period, in the provision of MSB and not to its wider postal operations.

1.3. During the Relevant Period, the JPL Board demonstrated inadequate knowledge of the requirements of the regulatory framework and over-relied on JPL’s compliance function to ensure compliance. However, JPL’s compliance function was itself not operating effectively. The JPL Board did not self-identify this issue and had not conducted a review of the effectiveness of its compliance function.

1.4 The JPL Board, during the Relevant Period, is considered to have operated ineffectively in discharging its regulatory responsibilities, leading to significant and material deficiencies in JPL’s compliance with the regulatory framework. Had an adequate JPL Board effectiveness assessment been conducted, as required by the MSB Code, these deficiencies may have been identified at an earlier stage.

1.5 JPL’s failures left it vulnerable to significant financial crime risk, posing a material risk to the integrity and stability of Jersey’s financial services industry.

1.6 Definitions used in this public statement can be found in the glossary.

2 Background

2.1 JPL’s principal activity is as Jersey’s postal operator, however, it also provides a range of regulated financial services products to customers through its post office counters as part of its community provision.

2.2 During the Relevant Period, these activities included bureaux de change services, money transfer, agency banking and cheque encashment services. JPL provided certain of these services as an agent for various regulated financial service providers. Each of these activities are defined as ‘money service business’ in the FS(J)L.

2.3 With respect to the provision of MSB services, JPL is required to comply, in full, with the applicable regulatory framework and is regulated by the JFSC in this regard. The JPL Board during the Relevant Period failed to understand this.

3 Detailed findings

3.1 The investigation findings incorporate the findings of: (i) a 2022 JFSC on-site examination of JPL and; and (ii) the findings of an Independent Reporting Consultant voluntarily appointed by JPL following the said on-site examination.

3.2 As stated above, during the Relevant Period, JPL’s Board is considered to have operated ineffectively in discharging its regulatory responsibilities, leading to significant and material deficiencies in its compliance with the regulatory framework. These deficiencies are summarised below.

Board administration

3.3 The JPL Board did not operate with a formally approved Terms of Reference, or equivalent document, that set out the individual and collective responsibilities of JPL Board members. JPL Board meetings during the Relevant Period were also held infrequently.

3.4 During the Relevant Period, the JPL Board considered that, as the principal activity of JPL was the provision of postal services and the regulated services undertaken by JPL was very small — both by turnover, being between 0.78% and 1.97% of JPL’s total revenue during the Relevant Period and by average transaction, being less than £370 — and low risk, regulated activities did not require more oversight at JPL Board level.

3.5 As a result, during the JPL Board meetings that were held, discussion regarding JPL’s compliance with the regulatory framework focussed on AML/CFT/CPF matters and did not include JPL’s compliance responsibilities relating to the MSB Code and FS(J)L. The JPL Board also failed to challenge or discuss the information and data presented by the MLRO and MLCO.

3.6 JPL Board minutes were overly brief and therefore inadequate since they did not evidence whether, or how, the JPL Board discharged its responsibilities over the financial regulated activities of JPL, including its oversight of the effectiveness of systems and controls

3.7 Although a Board effectiveness review was carried out by JPL in 2021, it did not focus on JPL’s regulated activities and therefore did not meet the requirements of the MSB Code. Had the review been broader, JPL's deficiencies (as detailed in this public statement) may have been identified sooner.

Assessment of business risk

3.8 During the Relevant Period, the JPL Board was responsible for identifying risks faced by the business and for ensuring appropriate systems and controls were designed and implemented to manage those risks.

3.9 JPL’s BRA, the principal risk management document, was found to be inadequate. It contained out of date information on products and services provided by JPL and failed to record an assessment of all risks relevant to the MSB business(including certain ML/TF/PF risks).

3.10 There was no evidence of JPL Board discussion, scrutiny or challenge on the content of the BRA, indicating a lack of attention from JPL Board members as to its adequacy.

Systems and controls, including policies and procedures

3.11 During the Relevant Period, JPL did not have written policies or procedures to demonstrate how it complied with its obligations under the FS(J)L and the MSB Code.

3.12 As a result of the lack of policies and procedures, and an over reliance on its ineffective compliance function, JPL failed to adequately monitor its compliance with the FS(J)L and the MSB Code. This included a failure to comply with notification requirements under the FS(J)L regarding changes to Principal Persons and a breach of span of control requirements under the MSB Code.

3.13 JPL lacked adequate AML/CFT/CPF systems and controls, including policies and procedures, resulting in significant failures to comply with the regulatory framework and to manage ML/TF/PF risk. JPL’s AML/CFT/CPF policies consisted of high-level statements with no accompanying procedures other than JPL’s AML Handbook, which was also found to be deficient.

3.14 While certain of JPL’s identification measures were compliant or, in two service offerings, were more prudent than required under the regulatory framework, JPL failed to:

3.14.1 Retain copies of relevant customer identity documents from the point of transaction;

3.14.2 With the exception of its money transfer service, implement controls to identify ‘linked transactions’ and manage risks posed by them;

3.14.3 Record and maintain an adequate PEP policy;

3.14.4 Record information in JPL’s systems regarding the purpose and nature of transactions; and

3.14.5 Appropriately screen customers to identify ML/TF/PF risks.

Monitoring of systems and controls

3.15 While limited AML/CFT/CPF related monitoring activities were undertaken during the Relevant Period, JPL did not adopt a comprehensive risk-based compliance monitoring programme to ensure that it was monitoring adherence with its relevant obligations under the regulatory framework.

On-going monitoring

3.16 JPL failed to document the nature, scope, or extent of its review of all bureaux de change transactions above the statutory threshold carried out post transaction by the MLRO. There was also a lack of documented procedures in this regard.

Compliance reporting

3.17 MLCO reports to the JPL Board were limited in scope. The reports failed to consider key AML/CFT/CPF matters such as transaction monitoring outcomes and changes to policies and procedures and did not highlight high priority compliance matters requiring heightened focus of the JPL Board.

3.18 MLRO reports were static and provided little in the way of trend analysis in respect of SARs. The reports contained content that would typically be reported by the MLCO due, in part, to a crossover of responsibilities between the MLRO and MLCO and the activities of each not being aligned with their responsibilities as set out in the AML/CFT/CPF Code.

3.19 The JPL Board received no CO reporting during the Relevant Period. In the absence of any reporting and compliance monitoring as referred to above, the JPL Board could not adequately monitor JPL’s compliance with its obligations under the MSB Code and the FS(J)L.

Training of employees

3.20 JPL’s AML/CFT/CPF training was not appropriately tailored to the roles and responsibilities of its employees. For example, whilst training would be tailored verbally, the same AML/CFT/CPF training material was provided to both post office counter staff and the JPL Board. In addition, the training did not cover the countering of terrorist financing as required by the AML/CFT/CPF Code.

Suspicious activity reporting

3.21 JPL failed to establish and maintain reporting procedures relating to the investigation and handling of internal SARs by its MLRO or Deputy MLRO. As a result, on occasion, JPL failed to
fully document enquiries undertaken in relation to an internal SAR or the basis for reporting, or not reporting, to the FIU.

3.22 In addition, the failure to establish and maintain proper SAR procedures resulted in some SARs submitted to the FIU being unclear in terms of setting out the suspicion and the background to the transactions leading to the suspicion.

4 Mitigating factors

4.1 JPL fully cooperated with the JFSC throughout the investigation, accepting the findings and demonstrating candour and transparency in its communications.

4.2 Following the examination, JPL took prompt action to understand the root cause of the issues through the appointment of the Independent Reporting Consultant, sharing the resultant report with the JFSC and subsequently committing to a significant remediation exercise. To date, JPL has:

4.2.1 Constituted a new Board of Executive Directors with greater relevance of experience;

4.2.2 Appointed a new Group Head of Compliance between December 2022 and June 2023 for the purposes of initiating the remediation exercise and subsequently engaged external compliance support to provide additional oversight for its MLRO and MLCO;

4.2.3 Conducted training of staff and JPL Board members;

4.2.4 Ceased providing agency banking and money transfer services due to the level of risk and the cost of mitigating the risk being unstainable to JPL; and

4.2.5 Conducted a full evaluation of its future financial services offering (including systems requirements).

5 Sanction

5.1 The JFSC concluded that JPL, to a significant and material extent, negligently contravened requirements of the regulatory framework. Under the Commission Law, such contraventions warranted a civil financial penalty.

5.2 Article 21B(3)(e) of the Commission Law requires the JFSC to consider the potential financial consequences to the registered person (in this case JPL) but also to third parties (including customers). In the circumstances of this case, having carefully considered JPL and third parties, the JFSC has determined it reasonable and proportionate to impose a zero penalty.

5.3 The JFSC issues this public statement under Articles 25(b) of the FS(J)L and 26(b) of the Supervisory Bodies Law to support its objectives to:

5.3.1 Protect and enhance the reputation and integrity of Jersey in commercial and financial matters; and

5.3.2 Counter financial crime.

For further enquiries, please contact the Enforcement team.

Glossary

AML/CFT/CPF

Anti-money laundering/countering the financing of terrorism/countering of proliferation financing

AML/CFT/CPF Code

AML/CFT/CPF Code of Practice as set out in the Handbook for the Prevention and Detection of Money Laundering, the Financing of Terrorism, and the countering of proliferation financing for Regulated Financial Services Business, effective between 1 January 2019 and 31 December 2022.

BRA

Business risk assessment

CO

Compliance Officer

the Commission Law

Financial Services Commission (Jersey) Law 1998

FS(J)L

Financial Services (Jersey) Law 1998

FIU

Jersey Financial Intelligence Unit

JFSC

Jersey Financial Services Commission

JPL

Jersey Post Limited

JPL Board

JPL’s Board of directors

ML/TF/PF

Money laundering/terrorist financing/proliferation financing

MLCO

Money Laundering Compliance Officer

MLO

Money Laundering (Jersey) Order 2008

MLRO

Money Laundering Reporting Officer

MSB

Money Service Business

MSB Code

Money Service Business Code of Practice

PEP

Politically exposed person

the regulatory framework

Collectively, the FS(J)L, MSB Code, MLO, the Supervisory Bodies Law and the AML/CFT/CPF Code.

SAR

Suspicious Activity Report

Supervisory Bodies Law

Proceeds of Crime (Supervisory Bodies) (Jersey) Law 2008