Knowledge Base

This IAB guide provides members an overview of what is meant by ‘Business Continuity’ how it may be important for your practice and some tips on a practical approach to planning.

Under the Anti Money Laundering Regulations 2017 (s40), you also have a legal duty in respect of the information you hold on record. You are required to keep CDD records for 5 years, even where your engagement with that client has ceased. So, you need to make sure those records are kept secure and available.

Broadly speaking ‘effects’ are going to involve: Absence of key people, access to, or loss of: Premises, Electronic data, Systems including communications, Assets like equipment, supplies or hard copy records.

First you need to assess who and what is ‘critical’ for your business: Key Staff, Key Locations, Key Services, Key Systems, Key Assets.

It is important to avoid assumptions, for example: ‘If we couldn’t get into the office, we would just work from home’.

If the office is unavailable, a ‘work from home’ solution is a good idea, but it needs an active and effective plan, which should be tested beforehand so you and anyone else involved understands any issues and how to fix them.

Having identified the most pressing issues and considered how long certain effects might need to be managed the next step is to work out the different types of solutions you will need: Preventive measures, Fall-Back Arrangements, Scalable Duration Plans, Generic Solutions.

Make sure your CDD records are protected. Test arrangements so you know they work. Communicate with the people that would be involved.