A Bermudian-based company has been hit with civil penalties totalling $600,000 for failing to fully comply with financial regulations.

In a statement released today,the Bermuda Monetary Authority said it had levied the penalty on Meritus Trust Company Ltd.

The BMA said it was because of failures to adequately comply with some obligations under the Proceeds of Crime (Anti-Money Laundering & Anti-Terrorist Financing) Regulations 2008, the Trusts Act and the Corporate Service Provider Business Act 2012.

The statement said Meritus had since remediated the identified breaches “to the satisfaction of the authority”.

A spokesman for Meritus Trust said: “Meritus respects the important work the authority does to ensure its licensed entities are strictly adhering to the highest standards of regulatory compliance.

“Having fully addressed all inspection findings in the two years since the BMA’s review, we are well positioned for the future.

“As we move forward, Meritus will continue to be a trusted leader in the international family wealth management industry and an employer of choice in Bermuda.”

The BMA conducted virtual on-site inspections in July 2022 and identified a number of breaches relating to Meritus’s obligations.

It said Meritus did not adequately comply with all requirements of the AML/ATF regulations, in particular, in relation to:

• Internal controls that failed to recognise that maintenance of an independent audit function through the appointment of an independent third party amounts to outsourcing as defined in the AML/ATF regulations

• Insufficient risk rating of all its products and services

• Inappropriate customer risk assessments

• Inadequate documentation of policies and procedures which did not recognise that the company’s complex business required it to have more robust and sophisticated governance and internal control frameworks than it did

• Not having all customer due diligence information available to the BMA during on-site inspections

• Insufficient evidence of ongoing monitoring screening in a small number of files

• An over-reliance on manual processes for PEP screening

• Insufficient documentation of reliance on third parties to provide CDD to the company

• Training that was not adequately documented in the customer risk assessment processes

• An over-reliance on manual processes to implement international sanctions policies and procedures and sanctions screening

The BMA statement added: “Further, the company failed to meet certain minimum criteria for licensing requirements under the Trusts Act and the CSPB Act, namely, conducting its business in a manner that fully complied with prudent business requirements and implementation of adequate corporate governance policies and systems of control consistent with the nature of the company's risk profile.”

According to the statement, the BMA asked for the breaches to be remediated by July 31, 2023.

It said: “The company complied within the requisite time frame and with the authority’s directions in a timely and expeditious manner throughout the process of remediating the breaches.

“The authority has since confirmed to the company its closure of the on-site due to the successful remediation.”

The BMA also said it had regard for mitigating factors including:

• The company’s commitment to ensuring that high standards are applied at all times and its overall culture of compliance

• The breaches were, for the most part, related to insufficient sophistication pertaining to processes, including how they are documented

• The risk of loss to clients, which was determined to be low

• The manner in which the company complied with direction and co-operated with the authority throughout the remediation process, including the provision of regular updates

• The implementation of measures to prevent the recurrence of the identified breaches

The BMA said it also took into consideration the nature of the breaches as well as comparable cases in determining the appropriate level of civil penalties to impose.

It added: “This matter highlights the importance of licensees implementing appropriate and up-to-date AML/ATF policies and procedures in order to avoid the risk of financial products or legal structures being used as a vehicle for money laundering or terrorist financing along with the expectation that its trust and corporate services business is at all times compliant with the requisite minimum criteria for licensing obligations.”

Download PDF File

2024-12-30-11-58-40-Notice---Enforcement-Action---Civil-Penalties---Meritus-Trust-Company-Limited.pdf

• To read the BMA’s full statement, see Related Media