Is your Art Business
regulation ready?

From the 10th of June, the UK Art Market moves into the regulated sector where your sales and activity will be supervised by UK regulators as a result of the 5th Anti-Money Laundering Directive.
Start Quiz
Event Time
Takes less than 7 minutes

About this quiz

Being regulated means your art businesses will have to meet new obligations in order to comply with the law and avoid fines or prosecution.

This short quiz will help you identify if your business is ready for AML regulation. Upon completion, a breakdown of your results will be delivered to you via email.
Section One
Policies and Procedures
I/we have been carrying out Customer Due Diligence on all transactions since 10th January 2020 and have corresponding reports and records of Customer Due Diligence for each transaction undertaken.
I am/we are asking clients to provide ID documentation such as a Passport, Driving License, National Identity Card and Proof of Address e.g. Utility bill and or bank statement.
I/we receive these ID documents from clients via:
When we’re dealing with a new/unknown client or we are dealing with a remote enquirer we are requesting two forms of Proof of Address such as a Utility bill in addition to their ID document.
I/we have written a risk assessment and it:
Acknowledges potential risks I’ve identified inherent in my day-to-day operations.
Reflects the geographical markets in which we deal, the type of clients to whom we sell, the size and nature of my business.
Illustrates the type of transactions we undertake and if these sales are face-to-face or remote.
Documents conclusions we have drawn and the processes we will/have put in place are covered in our Policies, Controls and Procedures.
A Nominated Officer:
Has been appointed to oversee our duties
Understands they assume responsibility for reporting suspicious activity to the National Crime Agency
Has access to systems and controls that allow monitoring and review of activity and staff reports across the business
I/we have appointed a Deputy to oversee our duties in absence of the Nominated Officer:
Our policies, controls and procedures include:
A risk assessment
A policy statement which reflects how we intended to manage risk identified in our risk assessment
Evidence indicating any staff training to ensure implementation across the business
Ongoing monitoring of the effectiveness of our approach
References to any systems we use to help our business reduce risk
I have/our team has received training that:
Ensures staff are aware of the risk of money laundering, relevant legislation, their obligations and the businesses reporting processes and how to deal with potential suspicious activity
Is delivered sufficiently and often
Is documented indicating what has been done
Is managed and overseen by a director or senior member of the team
Our Suspicious Activity Reporting process:
Allows staff to raise an internal report should they suspect another person may be engaged in Money-Laundering:
Ensures such activity is elected to the Nominated Officer who will file a Suspicious Activity Report
Sees that we will seek consent from the National Crime Agency before proceeding with any transaction
Makes it clear to all members of staff that it is a criminal offence to inform or ‘tip-off’ another person that a disclosure has been made
Section Two
Your Due Diligence Process
Our Customer Due Diligence process enables us to:
Verify the identity of any private client, Director(s) of any companies/museums/trusts etc with whom we deal and the ultimate client when dealing with an agent
Use positive information sources to validate identity, position, occupation, location.
Qualify and keep a record of the country risk associated with the client
Prove whether or not the client is Politically Exposed, Sanctioned or High-Risk
Monitor and keep up-to-date Due Diligence Reports for each of our clients
I/we understand that in storing and saving sensitive, personal client data in an unsafe way is in breach of GDPR and Data Protection:
Section Three
Record Keeping & Reporting
I/we write Customer Due Diligence Reports for each transaction and our reports include:
A unique, written documented customer risk assessment
Our customer risk assessments are approved by the Nominated Officer, where they are written by the Deputy or other member of the team
The positive information sources we used to determine risk
Results of negative information that may indicate if a client is sanctioned or Politically Exposed.
The ID document of the client(s)
Any additional verification documents such as Proof of Address, or a certificate of incorporation if dealing with a company
Invoices for each transaction with the client over a 5 year period linked to the report
I/we are keeping records of Customer Due Diligence and transactions:
That ensures my client’s data and ID documents are stored securely and encrypted
Which include all evidence of Due Diligence such as ID documentation, any screenshots, company documentation and invoices etc
In any instances where we have relied on another business
Section Four
Relying on Due Diligence of other Art Businesses
When we rely on Customer Due Diligence carried out by another art business, we are able to:
Assess customer risk
Confirm the first and last name, date of birth and residential address
Confirm the level of Due Diligence that has been carried out
Store and retain all evidence for 5 years
Retrieve any ID documentation and verification data immediately upon request
Provide evidence that indicates the 3rd party is subject to regulation equivalent to 4th Money Laundering Directive
Receive confirmation of their obligation
Document steps taken to confirm the other business on whom we are relying satisfies these requirements
Your Details
Confirm your information
To receive your results via email, please enter and confirm your information below.
Note: Submitting may take a moment, please do not refresh the page.
submission received
Thank you.
Your answers and contact information have been received.
We will be in touch shortly over email to share your results.
Oops! Something went wrong while submitting the form.