Providing AML & Safeguarding Audit Services to Fire Financial Services Limited
Fire Financial Services Limited (trading as Fire) is a regulated provider of payment services. The Firm consists of two legal entities:
- Fire Financial Services Limited, an Irish incorporated entity (“Fire-EU”), regulated as a Payment Institution by the Central Bank of Ireland (“CBI”); and
- Fire Financial Services Limited, a UK incorporated entity (“Fire-UK”), authorised as an Electronic Money Institution by the Financial Conduct Authority (“FCA”).
Fire is a payments services provider, helping businesses automate their payments and access a range of integrated payment services, through an API.
AML Audit
We have carried out several AML audits for Fire since 2017, ensuring the requirements of applicable legislation in both jurisdictions are met, namely:
- The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (CIA) as amended by the Criminal Justice Act 2013 and 2018 (CIA) in Ireland; and
- The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Act 2017 (MLR 2017) as amended by the Money Laundering and Terrorist Financing Regulations 2019 (MLR 2019) in the UK.
Our work included reviewing the Firm’s compliance with its Anti-Money Laundering & Countering Financial Terrorism & Financial Sanctions Policy (AML & CFT Policy), Customer Due Diligence (personal and business) Policy and the AML Risk-Based Approach Policy for both personal and business accounts.
We performed a high-level review and testing of specific areas, such as:
- Governance – AML training, role of the MLRO and internal reporting
- MLRO independence
- Client on-boarding and Customer Due Diligence (personal and business) processes to include testing for compliance with Customer Due Diligence documentation as defined in the Firm’s AML & CFT Policy
- Reporting of suspicious transactions/activity
- PEP and sanction screening processes at client on-boarding and later stages of the customer relationship
- Transaction and activity monitoring
- MLRO independence
- On-going compliance – transaction monitoring, PEP and sanctions screening, etc.
On each occasion our final report summarised our findings, recommendations and conclusions and incorporated management comments. Our report was then circulated to the Audit & Risk Committee and the Board of Directors (Fire-EU and Fire-UK).
Safeguarding Audit
Fire-EU must satisfy the CBI and Fire-UK must satisfy the FCA that they have adequate arrangements in place to safeguard the funds of payment service users. The Firm engages an independent third party to perform audits of their established safeguarding procedures annually.
During 2023, we were engaged to carry out safeguarding audits for both entities in accordance with the respective requirements prescribed by the CBI and FCA.
Our final reports outlining our findings and recommended actions were presented to the Audit & Risk Committee and Board of Directors (Fire-EU and Fire-UK). The reports in respect of Fire-EU were subsequently shared with the CBI in accordance with the requirements of the CBI Dear CEO Letter dated 20th January 2023 and the CBI Safeguarding Notice dated 25th May 2023.