JFSC "Board Effectiveness" expectations – are you testing this year?

The Jersey Financial Services Commission (JFSC) has not issued a standalone "Board Effectiveness" guidance document. However, it embeds expectations regarding board oversight, particularly in relation to the CO, MLRO and MLCO roles, in its  

• REGISTERED PERSON CODES = https://www.jerseyfsc.org/industry/codes-of-practice/
• SUPERVISED PERSON AML/CFT/CPF CODES OF PRACTICE, = https://www.jerseyfsc.org/industry/financial-crime/amlcftcpf-handbooks/amlcftcpf-handbook/
• THEMATIC EXAMINATIONS, https://www.jerseyfsc.org/industry/examinations/examination-findings-and-questionnaires/
• CONSULTATION PAPERS. https://www.jerseyfsc.org/industry/consultations/
• Guidance Note: Compliance Monitoring https://www.jerseyfsc.org/industry/codes-of-practice/investment-business-code-of-practice/

These matters are discussed further below

In the Registered person codes, a Registered person must:-

• ORGANISE and control its affairs EFFECTIVELY for the proper performance of its business activities
• SUBJECT to appropriate regular review, all aspects of corporate governance arrangements to ensure their continuing adequacy (EFFECTIVENESS) in light of the registered person’s business activities and risk profiles,
• UNDERTAKE a periodic self-assessment, or external assessment, of the board’s EFFECTIVENESS.
• ASSESS, on at least an annual basis, of the extent to which COMPLIANCE RISK IS MANAGED EFFECTIVELY [3.5.1.3]

In the JFSC AML handbook and the Money Laundering Order, Relevant and Supervised Persons (also the above-registered person) must:-

• Article 11(11) of the Money Laundering Order requires a relevant person to
• Establish and maintain adequate procedures for monitoring compliance with and testing the EFFECTIVENESS of: (i) its policies and procedures; (ii) its measures to promote AML/CFT/CPF awareness; and (iii) its training of relevant employees (see Section 9 of this Handbook).
• [COP5] The board must ASSESS both the EFFECTIVENESS  of, and compliance with,
• Systems and controls (including policies and procedures) and
• Take prompt action necessary to address any deficiencies (see sections 2.4.1 and 2.4.2 of this Handbook)
• [COP11] A supervised person must
• Check that the systems and controls (including policies and procedures) are operating EFFECTIVELY, and
• Test that they comply
• 2.4.1 EFFECTIVENESS of systems and controls Guidance notes 42. A supervised person may demonstrate that it checks that systems and controls (including policies and procedures) are adequate and operating EFFECTIVELY where
• The Board periodically considers the efficacy (capacity to have the desired outcome) of those systems and controls (including policies and procedures
• When reviewing a BRA, the board should ensure it captures all relevant risks and considers how EFFECTIVE the business’s control environment is at managing those risks. EFFECTIVENESS can be evidenced by
• Considering the findings of control testing, such as periodic reviews and reviewing data collected by the supervised person.
• [COP104] A supervised person must keep adequate and orderly records showing how the Board/senior management has assessed both
• The EFFECTIVENESS of, and compliance with, systems and controls (including policies and procedures) in line with section 2.3 of this Handbook, including reports presented by the MLCO on compliance matters and the MLRO on reporting, for a period of five years after the end of the calendar year in which a matter is considered.
• A supervised person may demonstrate that it checks that systems and controls (including policies and procedures) are operating EFFECTIVELY, where the board periodically considers the EFFECT  of those systems and controls (including policies and procedures, and those in place at branches and in respect of subsidiaries), considering the information that is available to it, including:
• Reports presented by the MLCO and others (e.g., where appropriate, risk management and internal audit functions) on compliance matters and MLRO on reporting; › reports summarising findings from supervisory and themed examinations and action taken or being taken to address recommendations; › the number and percentage of customers that have been assessed by the supervised person as presenting a higher risk; › the number of applications to establish business relationships or carry-out one-off transactions which have been declined due to CDD issues, along with reasons; › the number of business relationships terminated due to CDD issues, along with reasons; › the number of “existing customers” that have still to be remediated under Section 4.9.2 of this Handbook; › details of failures by an obliged person or customer to provide information and evidence on demand and without delay under Articles 16, 16A and 17B-D of the Money Laundering Order, and action taken; › the number of alerts generated by automated on-going monitoring systems; › the number of internal SARs made to the MLRO (or Deputy MLRO), the number of subsequent external SARs submitted to the FIU, and timeliness of reporting (by business area if appropriate); › inquiries made by the FIU, or production orders received, without issues having previously been identified by CDD or reporting policies and procedures, along with reasons; › results of testing of awareness of relevant employees with policies and procedures and legislation; › the number and scope of exemptions granted to policies and procedures, including at branches and subsidiaries, along with reasons.
• Monitoring the EFFECTIVENESS of screening, awareness, and training - Such monitoring and testing should also be considered in the context of the board’s periodic  check that systems and controls (including policies and procedures) are operating EFFECTIVELY, as set out at section 2.4.1 of this Handbook

In the JFSC Guidance Note: Compliance Monitoring the JFSC says

• A  registered person may wish to extend the CMP to include relevant legislative and regulatory requirements where a more informed or updated view of the EFFECTIVENESS of controls is required for the risk assessment.
• The benefits for registered persons are having a robust approach to Compliance Monitoring, being able to demonstrate the board’s oversight of the EFFECTIVENESS of controls implemented to mitigate Compliance Risk;
• It is also important to note that material breaches identified by the registered person and reported to the JFSC tend to be considered more favourably than if the JFSC (or third party acting on behalf of the JFSC) identifies a material breach. This is because it demonstrates EFFECTIVE governance by a registered person and enables the registered person to also report the remedial action taken and/or planned to address the issue

BELOW - JFSC FINDINGS AND EXPECTATIONS ON THE ABOVE MATTERS

1. MLRO – Thematic Exam & Key Board Expectations (2019)

• Dedicated thematic review: In 2019, the JFSC conducted a targeted thematic review: “The Role of the Money Laundering Reporting Officer”. [jerseyfsc.org], [jerseyfsc.org]
• The review assessed governance aspects, including whether the MLRO had sufficient independence, authority, and direct oversight by the Board/management.
• It also evaluated the practical execution of core duties, including timely internal/external SAR submission, proper documentation, clear responsibilities, and complete independence. [comsuregroup.com]
• Findings – Board oversight weaknesses:
• A significant 96% of entities reviewed had adverse findings, with common concerns about weak board oversight of MLRO duties. [jerseyfsc.org], [comsuregroup.com]
• Notable deficiencies included poor documentation of MLRO decisions, delays in SAR handling, lack of SAR register maintenance, and insufficient board-level acknowledgement of MLROs’ internal escalations. [comsuregroup.com]
• Best practice inference:While explicit board EFFECTIVENESS guidance wasn’t published, the theme implicitly conveys that boards must:
• Ensure MLRO independence and seniority.
• Regularly review and support MLRO activities.
• Demand documented oversight and follow-up of AML-related issues.

2. MLCO – Thematic Exam (2022/2023)

• Targeted review: In May 2023, JFSC published findings from its 2022 thematic examination of the MLCO role. [jerseyfsc.org]
• The review examined whether MLCOs had appropriate seniority, authority, independence, and access to the board (per AML/CFT/CPF Handbook, Section 2.1). [jerseyfsc.org]
• Best practice guidance (echoed in third-party analysis):
• MLCOs should have a clear, periodically updated role profile, adequate authority, and direct board access.
• They should present compliance findings at board meetings.
• Use independent validation of compliance monitoring.
• Ensure compliance monitoring plans (CMPs) are risk-based, aligned to legal requirements, and backed by board-driven remediation where needed. [comsuregroup.com], [sonataone.com]

3. Financial Crime Examination Feedback (2023–2024)

• In August 2025, JFSC released its most recent Financial Crime Examination Feedback, summarising common MLRO/MLCO findings: [comsuregroup.com], [jerseyfsc.org]

🟠 Weaknesses identified:

1. Insufficient resourcing of compliance teams risks the execution of AML functions. [comsuregroup.com]
2. Independence compromised, where MLRO/MLCO also held business-facing roles without adequate mitigation. [comsuregroup.com]
3. Inadequate oversight of DMLROs, with inconsistent SAR handling. [comsuregroup.com]

✅ Recognised good practices:

• Risk-rated conflicts: All potential conflicts of interest should be logged, rated, and reviewed (especially annually). [comsuregroup.com]
• Structured oversight: MLROs should hold scheduled review meetings with DMLROs, document and cover SAR progress, FIU communications, and workload management. [comsuregroup.com]

4. Key Persons Regime – Green Paper (2024)

• JFSC’s October 2024 Green Paper on the Key Persons regime (encompassing MLRO, MLCO, CO, etc.) urges industry feedback on improving board and compliance functionality. [jerseyfsc.org]
• It notes that Boards must ensure these roles are fully empowered and appropriately based in Jersey.
• It raised questions around residency requirements and whether board-level oversight is sufficiently enabled.

Summary of Best & Bad Practices

Here are the direct links to the JFSC thematic review reports and documents:

• MLRO Themed Examination (2019) – “The Role of the Money Laundering Reporting Officer”JFSC feedback document [jerseyfsc.org], [jerseyfsc.org]
• MLCO Themed Examination (2022) – “The role of the Money Laundering Compliance Officer” (issued May 10, 2023)JFSC feedback document [jerseyfsc.org], [jerseyfsc.org]

Summary Table: JFSC Expectations for Boards on MLRO/MLCO

Further Details: Board-Level Resourcing

JFSC has repeatedly emphasised that under-resourcing of the MLRO/MLCO function is a common and critical weakness:

• MLRO – Many entities lacked sufficient staffing and systems to support SAR analysis and escalation EFFECTIVELY . [jerseyfsc.org], [jerseyfsc.org]
• MLCO – The role must come with adequate budget, headcount, and technical support; without these, compliance monitoring cannot be performed EFFECTIVELY . [jerseyfsc.org], [sonataone.com]

BOARD EFFECTIVENESS CHECKLIST BASED ON THESE EXPECTATIONS.

Board Effectiveness Checklist for MLRO & MLCO Oversight

1. Appointment & Independence

• MLRO and MLCO roles are formally appointed and documented.
• Both roles have independence from business operations, and conflicts are identified, risk-rated, and mitigated.
• Roles have direct access to the Board and senior management.

2. Role Clarity

• Up-to-date role profiles exist for MLRO and MLCO, detailing responsibilities and authority.
• Deputies (DMLRO) are appointed where necessary, with clear oversight arrangements.

3. Board Oversight & Reporting

• MLRO and MLCO provide regular reports to the Board (e.g., SAR statistics, compliance monitoring results, remediation progress).
• Board minutes reflect active engagement with  AML/CFT/CPF compliance issues.
• Escalations and decisions are documented and tracked.

4. Resourcing

• Compliance function is adequately staffed and funded.
• MLRO and MLCO have access to the necessary tools, systems, and training.
• Board reviews resourcing at least annually.

5. Compliance Monitoring

• MLCO maintains a risk-based Compliance Monitoring Plan (CMP) aligned with regulatory requirements.
• CMP results and remediation actions are presented to the Board.
• Independent validation of compliance monitoring is performed periodically.

6. SAR Governance

• SAR register is maintained and reviewed by the Board.
• Internal SARs are escalated promptly; external SARs are filed without delay.
• Board ensures MLRO has the capacity to manage SAR workload EFFECTIVELY .

7. Conflict Management

• All potential conflicts of interest for MLRO/MLCO are logged and reviewed by the Board.
• Mitigation measures are documented and monitored.

8. Structured Oversight

• Regular documented meetings between MLRO and DMLRO occur, with Board oversight.
• MLCO compliance findings are discussed at the Board level with clear follow-up actions.

9. Training & Awareness

• Board members receive  AML/CFT/CPF training annually.
• MLRO and MLCO roles are included in Board induction and ongoing governance reviews.

DO YOU WANT COMSURE TO ASSIST WITH YOUR EFFECTIVENESS TESTING? ALL YOU NEED TO DO IS CALL THE COMSURE TEAM