Mitigating the risk of Proliferation Financing

A  policy template to help the regulated sector manage PF compliance

Proliferation Financing (PF) is an international crime which facilitates the movement and development of illegal goods in order to provide weapons of mass destruction for rogue states like Iran, North Korea and Russia. It has become an increasing cause of global concern over the last decade, and its potential consequences can be severe – from global instability to a catastrophic loss of life. 

Regulations and tools designed to disrupt PF means that the regulated sector needs to be aware of the dangers of PF and adopt appropriate policies and procedures to identify and manage the risks.

A series of amendments to the UK Money Laundering Regulations 2017 came into force September 1, 2022. The Money Laundering and Terrorist Financing Regulations 2022 include an obligation for regulated entities to identify, assess and mitigate the risk of PF. 

Regulated entities have the flexibility to create a new risk assessment on PF or to incorporate proliferation financing into their existing money laundering and terrorist financing risk assessments.

On an international level, the UN Security Council Resolution (UNSCR), requires countries to prohibit any non-state actor from financing the manufacture, acquisition, possession, development, transfer, or use of weapons of mass destruction (WMD). There are specific resolutions on North Korea and Iran.

The UK’s position in the global economy and international financial system makes it a prime location to raise funds to develop chemical, biological, radiological, and nuclear programmes that threaten international peace and security. UK firms are vulnerable to being used for PF due to their involvement in transactions such as mergers and acquisitions, capital raising and other business activities as well as providing legal advice and assistance to clients in high-risk jurisdictions. 

It’s not hard to get caught up in PF. Organisations in the regulated sector, from law firms to real estate to crypto currency, can accidentally get caught up in the provision of financial or other services which involve weapons of mass destruction. You could process a payment for a North Korean bank, or act for a client setting up a company to send chemical weapons to Iran. There is a lot of danger in PF and a lot to be aware of.

VinciWorks can help

VinciWorks has created this free-to-use policy template for managing PF compliance. Download and customise this policy template for use in your organisation.

Don’t miss our free webinar on Wednesday, 3 April 2024 UK time: Getting to grips with proliferation financing one year on.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.