Every year, the companies most likely to be affected by money laundering and terrorist financing, such as those operating in the financial sectors (banking, insurance) and in high-risk areas (notaries, gaming operators, legal professions, chartered accountants, etc.), undergo a very special exercise: completing the QLB questionnaire to monitor practices and identify suspicious embezzlement operations.

What is QLB?

A real commitment to responsibility... with penalties!

This questionnaire is not a simple form! On the contrary, it's a highly strategic document that needs to be completed carefully and exhaustively. After all, the supervised establishments will be awarded a "system rating" on the basis of their responses. To complete it, it is necessary to collect the right data, devote time to coordinating the various departments concerned within the company, and respond perfectly to the various procedures for handover in approved environments.

Penalties for breaches of anti-money laundering regulations can be highly dissuasive, as illustrated by the case of Abeille Vie, which was ordered to pay 3.5 million euros to the ACPR's Commission des Sanctions at the end of 2023. These penalties are by no means anecdotal, and demonstrate the need for faultless compliance. All the more so as numerous bodies are keeping a close watch: ACPR, AMF, AMLA, GAFI, FAFT, DGCCRF, DGT, Tracfin, AFA, ANJ, etc.

As Deloitte points out, " the successful completion of the questionnaire depends on the deployment of an advanced system for monitoring business relationships and operations, and for managing and steering data. In particular, the organization must be able to reconcile, consolidate and report on data of various kinds, and have the capacity to easily identify risky business relationships and to break down business relationships according to risk levels. "^[1] And the data is very detailed: transaction volumes and amounts, number of business relationships, level of collection of supporting documents and asset declarations, internal staff affected by the AML-CFTsystem, etc.

2024 brings a new layer of complexity

Since January 1, 2024, this questionnaire has changed. Following instruction 2022-I-18 on information on the system for preventing money laundering and terrorist financing^[2]sector-specific questionnaires have been introduced, along with new self-assessment questions. Companies now have to answer 300 questions and draw up around 50 indicators to be able to report to the supervisory authority, detailing their activities AML-CFT.

All of which adds to the already time-consuming nature of the exercise! There is no shortage of obligations when it comes to applying the KYC ( Know Your Customer ) principle: you have to identify all third parties with whom you have a commercial relationship, keep proof of identification (previously checked), train employees and adapt your organization's internal processes. Not forgetting, where necessary, to file suspicious transaction reports.

Faced with what can only be described as rampant and lasting complexity (the temptation is great, on the part of the supervisory authorities, to add new obligations time and time again), what are the various possible options?

OPTION 1: CONTINUE TO SUFFER. AN EASY SOLUTION... BUT UNTENABLE IN THE LONG TERM!

The first option would be to resign oneself to the situation, absorbing the additional costs (of searching for information, of increased time spent by employees...). After all, companies are used to constantly integrating new compliance obligations! On the contrary, they are appearing at an ever-increasing pace: in areas other than the fight against money laundering, for example, we can cite electronic invoicing and the CSRD(Corporate Sustainability Reporting Directive), the new European directive on extra-financial reporting. While this status quo may be tempting in the short term, in the longer term, the increase in costs may become less bearable and the complexity totally unmanageable!

OPTION 2: ADAPT AT THE MARGIN. WHY NOT, BUT...

The second option is to optimize at the margins, for example by adapting processes or increasing the number and/or productivity of staff responsible for collecting data and completing the QLB. Until the next wave of complexity wipes out the few hard-won gains, for example when artificial intelligence gives new impetus to financial crime, and we have to try to regulate it as best we can. Informed observers of this approach may well judge: " Can do better ".

OPTION 3: COMBAT MONEY LAUNDERING WITH A SOFTWARE SOLUTION 

The third and most relevant strategy is to automate everything that can be automated with a suitable software solution. This approach meets three fundamental needs. Firstly, to increase the productivity of employees, who are subject to an ever-increasing number of obligations and significant volumes of data. An automated software solution will save them precious time. Secondly, it will meet the traceability requirements imposed, for example, on the verification of supporting documents. Finally, from an operational and commercial point of view, it is important to be able to clear up suspicions as quickly as possible, by meeting the needs of users, regulators and the business. Fortunately, the dynamism of the RegTech sector is making it possible to offer innovative solutions with functionalities that will considerably lighten the regulatory burden. For example: a reliable audit trail, the definition of a coherent compliance policy, the management of compliance lists, security, alert escalation, optimized profiling, adaptation to the growing volumes of data to be processed, not forgetting the inevitable connectivity, thanks to APIs...

A software solution that will provide a concrete response to managing the three Cs of the fight against money laundering:

- Complexity,

- Compliance,

- time-consumingtasks.

All the more reason to keep a cool head and step up prevention efforts, against a backdrop of inevitable regulatory tightening and diversification of criminal techniques!

Revision of the anti-money laundering questionnaire: major impacts.

Every year, companies whose activities are affected by money laundering and the financing of terrorism, such as those operating in the financial sectors (banking, insurance) and in high-risk areas (notaries, gaming operators, legal professions, chartered accountants, etc.), undergo a special exercise: completing the anti-money laundering questionnaire (QLB) to monitor practices and identify suspicious embezzlement operations.

A real commitment to responsibility... with penalties!

Definition of money laundering?

In short, money laundering involves concealing the source of ill-gotten funds and injecting them into the conventional financial system. Article 324.1 of the French Penal Code defines money laundering as follows:

Money laundering is the act of facilitating, by any means, the deceptive justification of the illicit origin of the assets or income of the perpetrator of a crime or misdemeanor that has procured the latter a direct or indirect profit. The act of money laundering itself constitutes an offence in its own right. Penal Code, article 324.1 (2013)

What is QLB?

The Anti-Money Laundering Questionnaire (AMLQ ) is a crucial tool for financial organizations and compliance teams, used annually to assess and improve their systems for combating money laundering and the financing of terrorism (AML-CFT). This process requires the collection and analysis of detailed information, serving both as an internal audit and as a means for the Autorité de Contrôle Prudentiel et de Résolution (ACPR) to deepen its understanding and control over AML-CFT practices within regulated entities. At the end of 2022, the ACPR enhanced this approach by publishing a new instruction and five appendices relating to QLB, aimed at strengthening the effectiveness and relevance of these assessments.

This questionnaire is not a simple form! On the contrary, it's a highly strategic document that needs to be completed carefully and exhaustively. After all, the supervised establishments will receive a "system rating" based on their responses. To complete it, it is necessary to collect the right data, devote time to coordinating the various departments concerned within the company, and respond perfectly to the various procedures for handover in approved environments.

Example of a penalty for non-compliance

In the event of non-compliance with the fight against money laundering, the financialfinancial penalties can be highly dissuasive, as in the case of insurance company Abeille Vie, which was ordered to pay 3.5 million euros to the ACPR's Commission des Sanctions at the end of 2023. These penalties are by no means anecdotal, and demonstrate the need for flawless compliance to detect criminal activity. All the more so as numerous bodies are keeping a close watch: ACPR, AMF, AMLA, GAFI, FAFT, DGCCRF, DGT, Tracfin, AFA, ANJ, etc.

As Deloitte points out, " the successful completion of the questionnaire depends on the deployment of an advanced system for monitoring business relationships and operations, and for managing and steering data. In particular, the organization must be able to reconcile, consolidate and retrieve data of various kinds, and have the capacity to easily identify risky business relationships and to break down business relationships according to risk levels. " And the data is very detailed: transaction volumes and amounts, number of business relationships, level of collection of supporting documents and asset declarations, internal staff concerned by the AML-CFTsystem, etc.

2024 brings a new layer of complexity

Since January 1, 2024, this questionnaire has evolved. Following instruction 2022-I-18 on information on the prevention of money laundering and terrorist financing, dedicated sectoral questionnaires have been introduced, along with new self-assessment questions. Reporting companies are now required to answer 300 questions and develop around 50 indicators in order to be able to report details of their activities to the supervisory authority AML-CFT.

All of which adds to the already time-consuming nature of the exercise! There is no shortage of obligations when it comes to applying the KYC ( Know Your Customer ) principle: you have to identify all third parties with whom you have a commercial relationship, keep proof of identification (previously checked), track theorigin of funds , train employees and adapt your organization's internal processes. Not forgetting, where necessary, to file suspicious transaction reports.

Faced with what can only be described as rampant and lasting complexity (the temptation on the part of supervisory authorities is great to add new obligations time and time again), what are the various possible options for controlling financial activities?