Article

Art Market Interventions: What to expect and how to prepare

Published
January 31, 2022

2022 began with our most requested and anticipated online event to date: Art Market Interventions: What to expect and how to prepare.

With the UK and EU art market now formally regulated - and the USA heading in a similar direction with Antiquities, it’s becoming increasingly common a gallery gets in touch asking for advice.

In this article we will explore a portion of this event pertaining to Actionable measures and pitfalls to avoid, in the hope this may help you identify any short comings in current processes ahead of an inspection.

If you would prefer to watch the January event you can do so here.

1. Collecting ID and Proofs of Address is not Customer Due Diligence

An AMP must correctly discharge their obligations to perform Customer Due Diligence on all occasional and frequent transactions, equal to - or in excess of €10,000 - irrespective of the method of payment.

Evidence of Customer Due Diligence will take the form of a series of unique Reports and Records proving that certain legal minimums were observed -
and any additional information gathered - or known about the customer -
that was considered on a specific date before the deed of ownership of a work of art passes from the AMP to its customer.

Reports and Records of CDD could be viewed as defending one’s right to transact.

2. Risk Assessment & AML Policy

Ensure your Risk Assessment and AML Policy include a date indicating when they were last reviewed.

It’s standard practice that these documents are reviewed every 12 months and display a date indicating this, even if you make no changes.

Your Risk Assessment should adequately reflect the risks you believe you have identified where possible.

Include estimated percentage figures addressing a breakdown of things like - who your customers are e.g. Companies or Trusts - as well as where your customers are located geographically.

These documents are enormously important to get right and must contain sufficient detail, even if you believe your business is low risk.


3. Avoid relying too heavily on the use of templates

Each AMPs business - while for most will be far from complex - is unique and so to should the detail present in your Risk Assessment reflect your business.

Be mindful that the AML Policy must be an accurate reflection of the who, what, why, where and when - the processes and policies - you employ to comply with the regulations.


4. Don’t use email to send and receive ID’s and other sensitive information

We strongly advise all Art Businesses against the sending and receiving of IDs - and other sensitive information over email, given the ongoing threats and routine email hacking that is taking place in the UK and International Art Market.

GDPR remains in effect, even though AML supersedes this. Ensure you can immediately restrict access to any personal information if this is requested by your customer. If anything in relation to your AML duties are handled by more than one person, you must have processes in place that allow you to restrict access to any personal information connected with your customer such that it be viewable by the Nominated Officer only.


5. Formal AML training isn’t optional

Ensure that you have evidence of having received formal AML Training on file. It’s important that any member of staff involved in the request, receipt or analysis of information obtained - or stored for Due Diligence - has received training.

Training is typically refreshed every 12-18 months, or sooner depending upon the business's policy.


6. Checking for PEPs and Sanctions are required, this alone is not sufficient

While it’s important to check clients for PEPs and Sanctions, this is not indicative of Due Diligence. Be mindful that the point of the exercise is to review information from a range of sources, supplementing your analysis and review of the customer.


7. Store, maintain and update all evidence of CDD

Ensure all evidence of CDD performed on a specific date is stored, maintained and updated over the 5 year period. Consult the information required under the regulations and use this as the basis of a report or record to prove you satisfied your legal requirements.


8. Written Client Risk Assessments are essential

After performing Customer Due Diligence, your reporting and recording keeping obligations are concluded through a written narrative that demonstrates why you felt it was safe to proceed with a transaction and the basis for any decisions you reach.


9. Ensure you have the means to monitor and maintain all evidence of CDD.

Once you have performed Due Diligence, it may be that you won’t need to ask clients for information again on the basis that their circumstances remain unchanged.  However, relative to the varying levels of risk that apply - or new risks that may arise over time - you’re legally obligated to have systems in place that allow you to identify when and if a customer's ‘risk profile’ changes throughout the lifetime of your 5 year ‘business relationship’.


10. Non-registration is not advised.

Auditors often use ‘intelligence units’ to gather insight with respect to any business which is in a regulated sector that hasn’t registered.
Using other sources of information, expect them to have a rough approximate idea of the total number of businesses within a regulated sector and to work back from this.

For those of you located in the UK, GOV.UK provides access to a list of approved, registered AMPs that anyone may wish to consult.  This list shows who has successfully registered and is supervised by HMRC.
This will include UK businesses as well as those that participate in UK fairs or trade occasionally in the UK.


11. Dealing with well known clients, or museums doesn’t mean AML isn’t required.

There have been rare instances, where a gallery has been informed - or has understood - that because it deals with what it believes to be low risk clients and museums, that AML regulation doesn’t apply.

While the degree of risk will be lower, HMRC will not grant exceptions.