Compliance and Guidance for the Farm Secretary General points for the Farm Secretary General points for your client Anti Money Laundering Supervision Data Protection Regulations Performing Rights Society Permissions

Self-employed bookkeeper or farm secretary Decide on a Service Level Agreement or letter Consider Professional Indemnity Insurance Register for Anti Money Laundering Supervision Make sure you are correctly authorised by your client for Bank, HMRC, RPA etc. Always act in a professional manner

Checks for your Client Health and Safety Policies Risk Assessments & COSHH Assessments Farm Assurance – Red Tractor checklist Auto-enrolment scheme in place if applicable Employers Liability Insurance General Data Protection Regulations Performing Rights Society Permissions

Anti Money Laundering Regulations As a self-employed Bookkeeper (Accountancy Service Provider) you need to have an AML supervision licence from: The professional body with which you qualified (usually included in your practice licence) Through IAgSA with ICB (£90 per annum) may rise to £100 in April 2018 With HMRC (£115 per annum increasing to £130 from 1st Dec 2017 with initial application fee of £100)

The Institute of Certified Bookkeepers As an appointed supervisor ICB need to ensure that all practicing members are properly protected from failing to comply and provide the best level of support to members Contact details as below: Tel: 0845 060 2345 0207 856 2567 www.bookkeepers.org.uk Email: memberservices@bookkeepers.org.uk New Address: 122 – 126 Tooley Street London SE1 2TU Problems: georgia.wilton@bookkeepers.org.uk

Updates in AML Regulations 26th June 2017 Brief Summary of the Main Changes: Office for Professional Body Anti—Money Laundering Supervision (OPBAS) Criminality test for renewals after 1st Nov 2017 Policies & Procedures update to reflect risk based 2017 Regulations Client Due Diligence more stringent but already allowed for in AML on line. Online AML will be compulsory with ICB from 31st December 2017

Due Diligence: Changes If relying on third party DD – obtain information on the beneficial owner and have a written arrangement that you are relying on third party. MLR 2007 required information on foreign PEPs. This is now extended to UK PEPs. Tougher rules on trusts. Verify beneficial ownership.

Other Changes Cash transactions: Threshold for eligible cash transactions - one transaction or a series of linked transactions – comes down to Euro 10,000 and is extended to receiving as well as making payments. Data Retention: Must retain records for 5 years after end of client relationship and you must delete data once the five year period has elapsed.

The ICB Inspection Process Telephone Call Letter/email confirming date and listing what will happen and what documents will be inspected An inspection may take 2 – 3 hours

During the ICB Inspection Completion of questionnaire Inspection of Policies and Procedures Statement Inspection of forms MLR7 (training record) Inspection of filing and storage Check AML Online Check copies of due diligence evidence Agree actions required (if any) Complete report summary.

Most Common Errors Limited Company Due Diligence: Certificate of Incorporation Personal ID for directors owning 25% or more Driving Licence/Passport: You must have seen the original document. If you have not met the client you must have a certified copy Unacceptable due diligence: P60, mobile bills, 6-48 agents form or anything generated from your own software. Storage: Files in a locked cabinet Training: Every year and record keeping Annual Review for AML Online: Must recalculate before exiting.

Most Common Errors (cont….) Over riding AML online risk assessment: Proper explanation needed, but why bother to change it? Clients not met face to face: Enhanced due diligence needed and any copy evidence must be certified. Final Note: If ICB have to make a second inspection it is at your own expense.

DATA PROTECTION REGULATIONS Current Data Protection Act will be replaced by the General Data Protection Regulation on 25th May 2018 This is evolution not revolution and turns it into a Gold Star Service Still regulated by Information Commissioner’s Office (ICO) Helpline for small organisations 0303 123 1113 option 4 www.ico.org.uk

Information Commissioner’s Office To check if you need to register there is an easy check facility on the ICO website. https://ico.org.uk/for-organisations/register/self-assessment/ This will tell you if you need to register however you can always register voluntarily.

Information Commissioner’s Office When checking the self-assessment registration tool note: If you tick “yes” to using CCTV you will need to register In Question 7 - if you tick ”yes” to accountancy and Audit you will need to register. If you only do book-keeping, payroll and records do not tick the accountancy box, it is covered in Question 8 and you will not have to register. If you need to register the following information will be useful otherwise move on to “Some things for you to think about”

Information Commissioner’s Office https://ico. org The ICO has produced a package of tools and resources to help you get ready for the GDPR. These resources include: 12 steps to help you get ready Self assessment checklist Data protection reform webpages  New advice service for small organisations

Information Commissioner’s Office 12 steps to take now Awareness Information you hold Communicating privacy information Individuals’ rights Subject access requests Lawful basis for processing personal data

12 steps to take now (cont…..) Consent Children Data Breaches Data Protection by Design and Data Protection Impact Assessments Data Protection Officers International

Some things for you to think about If you work remotely, who can see what you are viewing/who can access information? Can you dispose of things securely? How many copies of your documents exist? Do you need to keep multiple copies? Always think about who to share information with before you share it Do they have a business reason to see it? Is it going externally? Do I need to encrypt it?

Performing Rights Society www.prsformusic.com If music is ever played on your premises for customers or staff; for example, through radio, TV, CD, MP3 or computer speakers, or at live events, this is considered a ‘public performance’. The Copyright, Designs and Patents Act 1988 states you need to get permission from the copyright holder to ‘perform’ music in public – and a music licence grants you this permission.