Calls for a fundamental overhaul of the anti-money laundering (AML) aspects for the trust and corporate service providers (TCSP) sector are growing. Industry bodies have repeatedly highlighted that many TCSPs are failing to manage the high risk of money laundering through their services. This guest blog from AML specialists RiskScreen, one of TrustQuay's ecosystem partners, maps out the current state of play, and the concrete steps you can take.

TCSPs are facing tough new sanctions laws. Effective from May 10, 2022, the EU prohibits them from servicing trusts and similar structures connected with sanctioned Russian nationals.

These sanctions could affect TCSPs worldwide, because they apply to non-EU providers conducting any business in the EU or that have an EU person working for them.

Sanctions on Russians are a tough challenge for TCSPs owing to their continuously expanding list and the nuanced differences across EU, US, and UK sanctions regimes. Lawyers and consultants are recommending enhanced due diligence, similar to an AML approach, to ensure trusts are not acting for sanctioned individuals.

Though AML and sanctions are separate sets of laws and requirements, they both share three key needs to ensure that the TCSP is not unwittingly being used to circumvent sanctions or launder money:

1. Robust risk assessments
2. Know your customer (KYC) processes
3. Auditable surveillance and testing

Addressing TCSP vulnerabilities

TCSPs cover many activities including: acting as director or secretary of a company or similar position; providing a registered office or business address for a company; and acting as trustees of express trusts.

Criminals may seek to use these services to disguise the origin and ownership of ‘dirty money’, such as creating shell companies or trusts.

As RiskScreen highlighted in 2021, a landmark paper from Nottingham Trent University suggested a comprehensive overhaul of how such ‘off-the-shelf’ businesses are created.

The Financial Action Task Force (FATF) identified TCSPs as vulnerable to money laundering in its guidance to the sector in 2019. The task force also singled out the UK industry as particularly exposed to criminal exploitation, with corporate structures and trusts used in almost all high-end money laundering cases.

The View from Professional Bodies

In March 2021, the UK’s Solicitors Regulatory Authority (SRA) agreed that TCSPs are high risk and stated that there is an inherent danger in clients using entities for money laundering without the TCSP’s knowledge. The SRA warned that those forming companies as a service must actively monitor them to guard against this.

The SRA also noted the low number of suspicious activity reports (SARs) submitted to the National Crime Agency (NCA), despite the high risks. This suggests a widespread underestimation of the problem.

If anyone is in any doubt about the implications of submitted low numbers of SARs, they only have to look at the case of Robeco. The international asset management company was fined €2m by Dutch regulators for failing anti-money laundering compliance; suspicions were raised after Robeco reported far fewer suspect client transactions than similar firms.

Looking for a "flexible, scalable, auditable" AML & KYC software solution?

Contact us to find out more.

To counter the underestimation of risk, the SRA have highlighted red flags for potential money laundering in TCSPs, including:

  • Seeking to involve an existing entity without adequate explanation
  • Using entities in jurisdictions or entity types known to facilitate anonymity or opacity
  • The involvement of multiple countries unconnected with the client
  • Any action that might disguise or separate the actual controlling party
  • The use of bearer shares, whose legal owner is whoever ‘bears’ the documentation
  • Loans that are paid back early

In 2021, the Institute of Chartered Accountants in England and Wales (ICAEW) also found many deficiencies in TCSP AML processes among its members. It recommended numerous improvements, including:

  • Avoiding hijacked registered addresses
  • Questioning multiple nominee shareholdings or directorships, and asking for more details when asked to act as a nominee shareholder or director
  • Carry out firm-wide AML risk assessments
  • Training staff about red flags, risks, and customer-enhanced due diligence
  • Better onboarding in order to recognise risks

ICAEW stated that firms also need to make sure their staff understand how and when to make a SAR; and have provided information and guidance on how to request a defence against money laundering.

Changing attitudes

Insiders say that some in the TCSP sector believe that their AML and sanctions risk profile is lower than traditional financial institutions given their limited financial exposures.

But the underlying AML risk could actually be inherently higher, as a client could be just one layer among multiple corporate entities that hide ultimate ownership. This is why robust, risked-based AML programmes are especially important for TCSPs.

Another challenge is that providers depend on third-party service providers to execute trust and agency activities, so ‘know your vendor’ due diligence is also important - and increasingly so with Western countries’ growing focus on prosecuting violators to the fullest, however unwitting a party they may be.
This zero-tolerance approach is leading to ever more scrutiny of compliance cultures with TCSPs among those on the front line.

How can technology help?

These mounting pressures on TCSP compliance officers mean they need to take a proactive, risk-based stance to AML.

The problem is that many TCSPs are relying on an under-resourced and outdated manual money-laundering processes that simply aren’t up to the task.

Evolving technologies now offer flexible, scalable, and auditable technology that helps explain the logic behind each KYC and AML decision. This technology helps compliance officers maintain an effective and efficient process, while always keeping abreast and ahead of the fast-moving regulatory environment.

Looking for a "flexible, scalable, auditable" AML & KYC software solution?

Contact us to find out more.

About the Author


RiskScreen is a TrustQuay ecosystem partner.