Cross-border information-sharing—insubstantial guidance for UK corporates

Cross-border information-sharing—insubstantial guidance for UK corporates

Blog WilmerHale W.I.R.E. UK

On 12 May 2020 the UK belatedly published its statement on cross-border information-sharing within corporate groups (the Statement). This one-page document primarily consists of general acknowledgements of the importance of this subject and restatements of the existing law. As a practical tool it is something of a damp squib, however it does contain some limited guidance that may be of assistance to corporates when considering information-transfers between UK and non-UK subsidiaries, particularly relating to Suspicious Activity Reports (SARs).

The Statement forms part of the government’s action plan for combating economic crime, published in its Economic Crime Plan 2019-22.1 It was drafted in response to the Financial Action Task Force’s guidance (FATF Guidance) on standards for information sharing, published in 2017, which is a substantially more comprehensive and detailed document that provides an overview of the challenges faced by corporations and guidance for best practice.2 The Statement was explicitly modelled on Singapore’s statement made in response to the FATF Guidance and, as with Singapore’s statement, is primarily intended to publicly recognize and support the general principle of information sharing as an important means of combating financial crime.3

The Statement highlights that information sharing within a corporate entity allows the entity to take account of a more comprehensive pool of information on beneficial owners, customers and transactions. This in turn is likely to improve the effectiveness of its customer due diligence procedures and the quality of any SARs that it may submit to the UK Financial Intelligence Unit. Enforcement authorities will welcome this greater clarity, while cross-border information sharing will help corporations identify suspicious transactions more easily, take action more quickly and thereby reduce their regulatory risk profile.

Corporations should note that under s330 of the Proceeds of Crime Act 2002, a person may commit an offence if they fail to submit a SAR relating to information regarding potential money laundering outside the UK, if that conduct would constitute an offence in both the UK and the foreign jurisdiction. Some information disclosed by foreign subsidiaries of the same corporate group will fall into this category, so increased information sharing is likely to increase not only the quality of SARs, but the quantity too.

Information sharing as envisaged in the Statement is a two-way street, in which UK companies would share information with their non-UK group companies. The Statement advises that corporate groups may share information between subsidiaries including: (1) The information on which a SAR is based; (2) The fact of a SAR having been filed; and (3) The SAR itself. This necessarily involves the possibility of that information subsequently being disclosed to a foreign law enforcement authority. The Statement provides no guidance as to the form or types of information sharing processes that corporations may undertake, but refers readers to the FATF Guidance on potentially useful information sharing. Corporations must be mindful that this type of information sharing will be moderated by s333A of POCA, i.e. the Tipping Off offence.

It suggests that UK-based groups should ensure that their foreign operations are compliant with UK Anti-Money Laundering and Terrorist Financing (AML/TF) regulations (as required by Regulation 20, Money Laundering Regulations 2017), insofar as they are able to under the host country’s law.4 This is a reflection of Recommendation 18 of the FATF Guidance, which states that financial institutions should implement consistent AML/TF measures across their international subsidiaries and branches.

The Statement also touches on GDPR compliance, effectively stating that data transfers from the UK should be GDPR compliant.

In its Economic Crime Plan 2019-22, the government hinted that further statements may be released following on from this Statement.5 As hardly any of the Statement amounts to new guidance, further clarification would be most welcome.


1 Economic Crime Plan 2019-22, HM Government and UK Finance (July 2019)

2 FATF (2017), Guidance on private sector information sharing, FATF, Paris

3 Economic Crime Plan 2019-22, HM Government and UK Finance (July 2019) 3.9; FATF Guidance on Private Sector Information Sharing and Revised INR.18, Monetary Authority of Singapore, 5 March 2018

4 2007 No. 2157

5 3.15