Policy and procedure on due diligence It is our policy to undertake a whole-firm risk assessment and ensure that evidence of identity is obtained and retained as appropriate to that risk assessment for all clients. Risks are grouped into categories, client risk, service risk, geographic risk. All risks, including those not within a category, will be assessed in isolation and also when grouped together. These risks will be used to assess the customer due diligence (CDD) process. This evidence will be obtained before service is provided and when periodic reviews are undertaken (if more evidence is required then and when changes occur during the relationship with the client). In all cases where the evidence is not available, the matter will be referred to the money laundering reporting officer (MLRO). Policy and procedure on assessing risk The business will analyse the money laundering and terrorist financing (MLTF) risks it faces and make proportionate responses to them. The business will tailor its responses in proportion to its perceptions of risk, which are comprised of evidence-based decision-making to enable the business to concentrate resources on the greatest threats. The business will document this risk assessment. The business will take the following steps: 1. identify the specific MLTF risks faced by different areas of the business and the different risk categories 2. assess the likelihood of each identified risk occurring and the impact that that would have on the business 3. to reduce the level of net risk (as calculated above) to an acceptable level, consider what mitigating steps the business can take; this would include reviewing the systems and controls, and ensuring staff understand and properly apply these. Policy and procedure on reporting It is our policy to report all suspicions identified to the National Crime Agency (NCA) where required. Policy and procedure on record keeping (client due diligence and money laundering issues only) It is our policy to maintain records of identification and consideration of money laundering issues for the entire period that we act for the client and for five years after we cease to act in accordance with the regulations. If we are required to retain them under statutory obligation, or to retain them for legal proceedings, or by client consent, the records will be retained for not more than 10 years after we cease to act. The client will be asked to give permission for the retention of copies of the documentation, which will be maintained securely. Policy and procedure on third-party reliance It is not generally our policy to give permission to a third party to rely on information obtained by us. The business may rely on information obtained from appropriate third parties to complete all or part of the CDD. The business will have a written agreement in place with such a third party to ensure that the other party will provide the CDD documentation immediately on request. Policy and procedure on internal control It is our policy to facilitate adequate internal control to allow for compliance with the regulations and other appropriate legislation. Policy and procedure on compliance management It is our policy to undertake a regular compliance review to ensure that the requirements of the regulations are being followed. Policy and procedure on communication It is the policy of this firm to ensure that all partners and relevant employees have access to adequate training to ensure that they have the necessary knowledge of the law relating to money laundering, terrorist financing and data protection, and receive regular training in how to recognise and deal with suspicious transactions that may be related to MLTF. Policy and procedure on training and awareness All relevant employees are made aware of MLTF law and are trained regularly to recognise and deal with transactions that may be related to MLTF, as well as to identify and report anything that gives grounds for suspicion. The business also provides anti-money laundering training to others such as sub-contractors who provide accountancy services to the business.