MLR1PP7200 - Penalties Guidance: Interconnections between the Regulations

When considering if the Regulations have been breached the specific requirements demanded by each regulation must not be seen in isolation.

Some of the requirements are very specific such as the requirement to train staff while others such as the customer due diligence requirements are closely linked to each other. When a breach of one of these related Regulations occurs it is highly likely that the failing will have breached another related regulation. For example, a breach or Regulation 7 is likely to result in a failure to correctly apply risk-sensitive customer due diligence by staff who have not been trained. These connections are also underpinned by the connection between the individual Regulation and the risk-sensitive policy requirements in Regulation 20.

There is also an important connection between the requirements of the 2007 Regulations and the requirements of the 2003 Regulations which they replace. A lot of the specific requirements have changed but the general principles have not. For example, "customer due diligence" has replaced "know your customer" and the "risk based approach" has replaced "CATCH" but what is required of the business to comply has not changed fundamentally. These interconnections can best be understood by viewing them as parallel requirements. If a business consistently failed to comply with a fundamental principle of the 2003 Regulations and has continued with these failures, they will not be compliant with the 2007 Regulations.

This means that under specific circumstances consideration will need to be given to whether a breach is a related or parallel breach.