Del registro a la supervisión: los exámenes de la FIA en las Islas Vírgenes Británicas marcan una nueva etapa para las APNFD

Sep 24, 2025

A Shifting Focus

The FIA serves as both registrar and supervisor of Designated Non-Financial Businesses and Professions (DNFBPs) in the British Virgin Islands (Islas Vírgenes Británicas) for AML/CFT/CPF purposes. DNFBPs now face a pivotal shift in regulatory oversight.

What began as a push to ensure all DNFBPs were registered with the BVI Financial Investigation Agency (FIA) has evolved into active supervision.  Commencing in 2022, the BVI FIA focused heavily on outreach to ensure DNFBPs (and Non-Profit Organisations) understood that registration is a legal requirement and what this meant in practice, not just for AML/CFT/CPF obligations, but also for duties such as notifying the FIA of changes to owners, controllers or key officers.

Since 2024, in line with the findings of the BVI’s Mutual Evaluation Report and International FATF standards, the FIA has placed much greater emphasis on supervising registered DNFBPs. This includes carrying out onsite and offsite examinations, providing guidance and, where necessary, taking enforcement action. Turning Oversight into Advantage

“Compliance is not a cost – it’s a competitive advantage”

For DNRBPs, FIA examinations should not be viewed merely as a compliance hurdle. They present an opportunity to turn regulatory feedback into a competitive edge that protects clients, sustains growth and strengthens revenue.

The Cost of Non-Compliance

The consequences of failing to meet BVI AML/CFT/CPF obligations are significant.  Findings of non-compliance can result in:

  • Financial penalties;
  • Mandatory remediation within strict timeframes; and
  • Long-term reputational damage.

Non-compliance is not just a regulatory issue, it directly undermines a DNFBPs credibility and business viability.

The true cost of compliance failure is not just the fine, it’s lost credibility

Key Findings from FIA Examinations

  • Policies that do not match practice: AML/CFT/CPF manuals look fine on paper but do not reflect the real processes and procedures utilised by the DNFBP. Often, upon further examination, the processes and procedures are not in compliance with BVI AML/CFT/CPF obligations.
  • Incorrect Risk Assessments:
  1. The customer risk assessment frameworks of most DNFBPs do not consider the risk considerations required under the legislation. Also, DNFBPs have often not times established a risk based approach to customer due diligence, with varied procedures from low risk assessed customers to higher risk assessed customers.
  2. Institutional risk assessments are not accurately identifying and properly quantifying how the DNFBP is assessing and calculating its AML/CTF/CPF risks.

 

  • MLRO competence: Previously, MLROs were not required to be approved by the BVI FIA.  Generally, it has been observed that whilst DNFBPs have appointed MLROs as required under the legislation (before the approval requirement), these MLROs only have a basic knowledge of the AML/CFT/CPF framework.  This leads to deficiencies within the DNFBPs framework, as the MLROs are unfamiliar with the BVI regulatory requirements and how to ensure that the DNFBP effectively applies these. This also results in the MLRO failing to properly investigate and determine suspicious activities or transactions.

Weak suspicious activity reporting: Low STR volumes and thin narratives suggest staff are not spotting or documenting red flags. This has also been linked to a likelihood that staff are not receiving enough training to help them correctly identify these red flags.

These patterns show a maturing environment where FIA BVI inspections look for substance, not checklists.

What this Means for DNFBPs

Whether already registered or still completing registration, DNFBPs in the BVI should expect examinations. Examiners will look for clear alignment between your risk assessments, written procedures and the transaction evidence maintained on the file.

Your AML/CFT/CPF obligations cannot be treated as static documents. They must function as live, operation systems, owned by the Board and senior management, understood by staff, and, consistently demonstrated in transaction records and day-to-day practices.

Five Steps to get Inspection Ready

  1. Make the Manual Operational: Align your AML/CFT/CPF manual with your business’s operations. Outdated or “Template policies are red flags.  Ensure staff are trained on the live version use.  
  2. Strengthen Risk Assessments: Build both customer and institutional risk assessments that reflect legislative requirements.  Apply a consistent risk-based approach so higher-risk clients clearly trigger EDD, senior management approvals, and enhanced monitoring.
  3. Appoint and Support the MLRO: Many DNFBPs appoint MLROs from within their operations as a cost-saving measure.  While this can work, it becomes costly if the MLRO lacks competence, independence, or authority, or if they are conflicted by business decisions. Appoint individuals with the right qualifications and ensure they are properly trained, resourced, and empowered to protect the business.
  4. Invest in Targeted Training: Deliver ongoing, role-specific training across the business. Staff should know how to spot red flags, escalate concerns and contribute to stronger STRs with substantive narratives.

Document Everything: Keep records that demonstrate compliance in practice: version-controlled manuals, documented risk assessments, CDD files, approvals and monitoring logs.  Examiners will ask for proof, so have it ready and accessible.

How Gold Leaf Can Help

Gold Leaf partners with DNFBPs to turn supervision into strength. We have worked with many DNFBPs to review FIA inspection reports, design remediation strategies, and guide the implementation of corrective actions. Our role goes beyond fixing deficiencies. We help firms understand the “why” behind the findings, so improvements are both sustainable and defensible.

We also prepare DNFBPs for upcoming examinations through our tailored internal audits. By testing your systems before the regulator does, we help you identify weaknesses early, remediate them effectively, and face examinations with confidence.

Our team combines legal, regulatory, and compliance expertise with pragmatic, business-focused solutions.  We don’t just remediate. We equip your teams to own compliance, embedding it into your operations as a shield for business integrity and growth.

Gold Leaf: Building resilience through compliance