Recent developments underscore importance of KYC and related due diligence
February 2022 | SPECIAL REPORT: CORPORATE FRAUD
Financier Worldwide Magazine
February 2022 Issue
In an increasingly fast-paced, highly competitive business environment involving internationally interconnected supply chains and buoyed by ever-changing technology, business relationships rise and fall at a breakneck pace. Fostering and enhancing such relationships is crucial to success in many industries.
But at the same time, if not approached and managed prudently, dealings with contractors, suppliers and other third parties pose significant risks and can cause significant harm to the organisation. Due diligence, including know your customer/counterparty (KYC) measures, is a vital element of any organisation’s compliance framework, and is integral to managing the legal, financial and reputational risks of doing business globally.
Evolving regulatory and legislative developments underscore the importance of companies having strong diligence measures, including KYC, in place for dealings with third parties, which may include assessment of their dealings throughout their own supply chains. For parties doing business in Canada, recent developments include: (i) amendments enhancing Canada’s anti-money laundering (AML) legislation; (ii) implementation of beneficial ownership registries; (iii) civil liability for human rights abuses overseas; (iv) sanctions for human rights abuses; and (v) legislation from certain jurisdictions over supply chain diligence.
In light of these risks, it is increasingly important for companies to understand who they are doing business with and the source of any property in respect of which they transact. This includes counterparty identification, ascertaining beneficial ownership, as well as taking steps to ensure compliance by agents, consultants, contractors, suppliers and subsidiaries in accordance with the company’s risk profile.
Counterparty identification
Companies should always understand the identity of parties they do business with to ensure compliance with sanctions and money laundering obligations, among others. As such, all organisations should take appropriate steps to ascertain the identity of all counterparties and to understand the source of the funds they deal with.
Canada’s principal AML legislation, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), imposes various obligations for certain specified organisations, including client identification, collection of beneficial ownership information, reporting and record keeping.
Entities subject to the Act include financial services providers, money services businesses and other businesses susceptible to being used for money laundering and terrorist financing. In addition, the Criminal Code makes it an offence for any individual or entity to transact in any property while knowing or believing it is the proceeds of crime.
Recent legislative and regulatory developments have aimed at strengthening client identification measures, with a particular focus on the importance of beneficial ownership information. A beneficial owner is the real person (i.e., not a corporate vehicle) that ultimately owns, controls or benefits from a company or trust and the income it generates.
On 1 June 2021, amendments came into force under the PCMLTFA imposing (among other things) additional KYC and beneficial ownership obligations on reporting entities under the Act. The June 2021 amendments are the latest in a series of ongoing changes that have been made to the PCMLTFA and its regulations, effectively overhauling the AML and anti-terrorist financing (AML/ATF) regulatory landscape in Canada.
Notably, under the new amendments, reporting entities must take reasonable measures to confirm the accuracy of information regarding beneficial ownership of all clients and ensure that the information is updated on an ongoing basis. To that end, the Canadian government’s April 2021 Budget announced the implementation of a publicly accessible beneficial ownership registry for corporations in Canada. The US Department of the Treasury has similarly recently proposed a centralised beneficial ownership database.
Companies must also undertake sufficient screening to ensure they are compliant with sanctions in the jurisdictions in which they operate. Sanctions in Canada – which are enacted under various statutes and regulations thereunder – take legislative measures against dealings in respect of sanctioned jurisdictions, individuals and entities, as well as specified transactions such as arms and related materials, financial services and technical assistance.
In certain circumstances, Canadian companies may also be subject to sanctions imposed by other jurisdictions, including the lists maintained by the US Department of the Treasury’s Office of Foreign Assets Control. Organisations should ensure they have processes in place to ensure they do not transact with listed individuals or entities in jurisdictions in which they do business.
Supply chain diligence and liability for acts of agents
Careful diligence should be exercised throughout a company’s supply chain and with respect to any counterparties to ensure the organisation is not held responsible for the acts of subsidiaries or third parties engaged on its behalf.
Organisations may be held civilly or criminally liable for the acts of agents, subsidiaries and other counterparties, in particular if deemed to have participated in or been wilfully blind to improper conduct undertaken on the organisation’s behalf. This may include, among other things, foreign and domestic anti-corruption offences, fraud, human rights violations and other commercial and economic crime.
Bribery and corruption risks are heightened when engaging consultants, contractors and agents on behalf of the business, particularly in high-risk jurisdictions and when working with local partners with whom the company may have little familiarity. Further, individuals with leadership and oversight roles in such organisations may be held accountable for the actions (or inaction) of those entities. Particular scrutiny should be exercised if asked to work with a specific local partner by government officials.
Businesses may also be held responsible in certain circumstances for acts of subsidiaries or suppliers, including corruption as well as other illicit activity such as human rights violations. Notably, the Supreme Court of Canada held in the 2020 decision Nevsun Resources Ltd. v. Araya that Canadian corporations can be held civilly liable in Canada for breaches of customary international law (e.g., human rights abuses) committed by their subsidiaries abroad.
Recent legislative developments in Canada and overseas have aimed to reinforce human rights compliance and supply chain due diligence. A proposed Modern Slavery Act (Bill S-216) is currently before the Canadian Senate that would impose reporting obligations on specified large corporations detailing the steps they have taken to prevent and reduce the risk that forced and child labour is used at any step of their operations.
Additionally, amendments to the Customs Tariff would prohibit the importation of forced or child-labour made goods into Canada. Elsewhere, there is a trend among European countries (including France’s Duty of Vigilance Act, the Netherlands’ Child Labour Due Diligence Act, Germany’s Supply Chain Act, and the European Union’s (EU’s) proposed Due Diligence Act) to impose mandatory human rights due diligence regimes on corporations, requiring them to take active steps to identify and prevent human rights abuses in their global supply chains.
In December 2020, the EU introduced its Global Human Rights Sanctions Regime, which targets perpetrators of serious human rights violations or abuses worldwide. The sanctions, adopted on an ongoing basis by the Council of the European Union, will impose restrictions such as the freezing of funds applying to both individuals and entities, and a prohibition against any person or entity in the EU to make funds available to those listed, either directly or indirectly. The first set of sanctions was announced in March 2021.
To mitigate risk and ensure compliance throughout their organisation and supply chain, companies should exercise appropriate due diligence over agents, consultants and contractors acting on their behalf, include representations and warranties regarding compliance with laws in all agreements, and implement compliance protocols throughout their subsidiaries.
Diligence in commercial transactions
Businesses should undertake specific diligence during M&A, financing and other commercial transactions to ensure target companies have effective compliance policies and procedures in place and are not facing any actual or prospective enforcement actions or other liability.
Organisations may inherit liability of acquired companies – particularly in share purchase transactions – through corporate successor liability. They also may incur legal, reputational and business risks if target corporations or companies they invest in do not have sufficient measures in place to ensure compliance on an ongoing basis.
This has the potential not only to cause legal risk to the acquiring company but also to dilute the value of the investment if target companies become subject to regulatory action or face business interruptions as a result of compliance shortcomings after the deal closes.
To mitigate these risks, specific compliance due diligence should be undertaken related to anti-corruption, money laundering, sanctions and other white-collar crime during the transaction. Compliance representations and warranties should be included in transactional documents.
Summary
Alongside growing public consciousness about ethical business practices and corporate social responsibility, governments and international bodies seem to be taking compliance more seriously today than ever. Due diligence, and specifically KYC, are keystone elements to any organisation’s compliance framework, and allow companies to manage risks in their business and to respond to inquiries to demonstrate their commitment to compliance.
While having these pillars of compliance has always been good business practice and essential to building a reputable name, recent trends and developments signal that the pressure is on organisations to know exactly who they are engaged in business with.
Organisations should ensure that their KYC and related due diligence programmes are sufficiently robust and up-to-date to prevent misconduct and criminality from sneaking in through the cracks. These policies and procedures should be designed to be commensurate with an organisation’s specific risk profile, considering the jurisdictions in which it does business, the kinds of parties it contracts with, the nature of the product or service it offers and its potential uses, and any other areas of concern within its particular industry.
Officers and employees must then be adequately trained on the importance of these safeguards and how to implement them on the ground. Investment in appropriate due diligence and KYC upfront can save companies significant legal, financial and business costs down the road.
Lawrence E. Richie is a partner, Malcolm Aboud is an associate and Emilie Dillon is an articling student at Osler, Hoskin & Harcourt LLP. Mr Richie can be contacted on +1 (416) 862 6608 or by email: lritchie@osler.com. Mr Aboud can be contacted on +1 (416) 862 4207 or by email: maboud@osler.com. Ms Dillon can be contacted on +1 (416) 646 3937 or by email: edillon@osler.com.
© Financier Worldwide
BY
Lawrence E. Richie, Malcolm Aboud and Emilie Dillon
Osler, Hoskin & Harcourt LLP
Q&A: Tackling financial crime in Latin America
Global anti-money laundering – are you ready for a perfect regulatory storm?
Money laundering trends in the US
Recent developments underscore importance of KYC and related due diligence
COVID-19: detecting fraudulent schemes perpetrated by employees
Asset recovery in Germany for international corporations
Worldwide settlement of international corporate corruption offences
New US law enforcement leadership means business on corporate crime
Reflections on the first year of ASIC’s immunity policy for market misconduct