Here’s why Nominated Officers and Deputies need to ‘second’ each other's reports to help their gallery comply.

July 20, 2020

In order for us to manage risk - and manage risk well - the Nominated Officer will need to appoint a Deputy to assist with the overseeing of the businesses AML obligations and to act in their absence.

While both the Nominated Officer and Deputy can act independently of the other - and the Nominated Officer has total autonomy - regulation requires you to:

  • “…record appropriately what has been done, and why”
  • [and that this should include] “…evidence of the work they have undertaken in complying with their legal and regulatory obligations”

Where Due Diligence is being carried out by the Deputy, the Nominated Officer should have appropriate systems in place that allow them to monitor and review work undertaken by the Deputy.

In practice then, a Nominated Officer should ‘second’ or ‘appraise’ reports written by the Deputy and visa versa.

Consider repeat clients, while Due Diligence is not required a second time, you’re still required to demonstrate you are periodically checking and monitoring your client relationships.

Working in conjunction around decisions of such importance not only reduces risk, rather provides robust evidence that shows a clear alignment around a business's AML and Due Diligence procedures and processes.



  1. Include and document your reasoning and decision making when you write your Due Diligence reports for your clients.
  2. Nominated Officers and Deputies should support one another by ‘seconding’ their reasoning as documented in their reports.
  3. Date, time-stamp and include the names of those responsible for carrying out your Due Diligence to provide traceability to make inspection simple.


References in guidance to which this article applies:

Section 34: All AMPs carrying out regulated activities under the ML Regulations must appoint a nominated officer of appropriate seniority within the business to receive reports of suspicious activity from staff and decide whether to report such knowledge or suspicions to the National Crime Agency. AMPs should appoint a deputy to act in the absence of the nominated officer. The nominated officer and deputy should have access to all client files, accounting records and other relevant information, sufficient to enable them to make independent decisions and to liaise with law enforcement.

Regulation 35(5)(b) Senior management approval  5.184: “Obtaining approval from senior management (see paragraph 5.174) for undertaking a transaction does not necessarily mean obtaining approval from the Board of directors (or equivalent body), but from a higher level of authority from the person seeking such approval. As risk dictates, AMPs should escalate decisions to more senior management levels. ”

Regulation 35(5)(b) 5.185: The appropriate level of seniority for sign off should therefore be determined by the level of increased risk associated with the transaction; and the senior manager approving a PEP transaction should have sufficient seniority and oversight to take informed decisions on issues that directly impact the AMP’s risk profile, and not (solely) on the basis that the individual is a PEP. When considering whether to approve a PEP relationship, senior management should base their decision on the level of ML/TF risk the AMP would be exposed to if it entered into that transaction and how well equipped the AMP is to manage that risk effectively.”

Section 40: “An AMP’s policies and procedures must include [...] Ongoing monitoring activities”

Regulation 18(1),(2),(3) 1.2 [...]: record appropriately what has been done, and why, and the steps taken to communicate the controls within the business.

Regulation 40 7.3: “AMPs must retain records concerning customer identification and transactions as evidence of the work they have undertaken in complying with their legal and regulatory obligations, as well as for use as evidence in any investigation conducted by law enforcement.”

See also:

  • Regulation 40(5) 7.10
  • Regulation 40(6) 7.11
  • Regulation 40(5) 7.20: Forms in which records have to be kept: […] in computerised or electronic form.
  • Regulation 19(3) 3.10, Regulation 30(2) 5.20 and Section 63: Obligation to keep records.


Nothing on this site constitutes legal advice or gives rise to a solicitor/client relationship. Specialist legal advice should be taken in relation to specific circumstances.

The contents of this site are for general information purposes only.

Whilst we endeavour to ensure that the information on this site is correct, no warranty, express or implied, is given as to its accuracy and we do not accept any liability for error or omission.

We shall not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract, tort or otherwise from the use of, or inability to use, this site or any material contained in it, or from any action or decision taken as a result of using this site or any such material.