Lux Property Consultancy Group Limited respects your privacy and is committed to protecting your personal data.
Please read this Privacy Police carefully – it describes why and how we collect and use personal data and provides information about your rights.
Lux Property Consultancy Group Limited, (“Lux”, “We” or “Us”) is a private limited company by shares incorporated under the Laws of England and Wales with company no.13328034, and with registered office at Spaces 71-75 Uxbridge Road Aurora, Ealing, London, England, W5 5SL.
Personal data that we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified.
We may collect, use, store and transfer different kinds of personal data about you. This may include:
- Your name, your address, your personal or business phone number and email address
- The names and other details about third parties who are involved in the issues we are helping you with.
Who can access your personal data
Your personal data will be collected and processed primarily by Us and our staff.
All personal data collected are processed by the Company manually or through the use of a specific software. Only for purposes strictly connected to the provision of the services you have requested, your personal data may be also communicated and transmitted to third parties, as the services providers, consultants.
Where we engage third party service providers to provide products or other business services and operations, we provide them with only the personal information they need to perform the service or provide the product we request. We contractually require them to securely protect the information, and not to use it for any other purpose.
For the proper execution of our services, we may share information with selected third party such as:
1) HubSpot, a Customer Relationship Management service which help us on the day-to-day management of our clients and providers records. You can access their policy here [https://legal.hubspot.com/privacy-policy?hubs_content=www.hubspot.com/data-privacy/privacy-shield&hubs_content-cta=hsg-nav__box-link]
2) B2Business Limited, our appointed company secretary, that provides us with anti-money laundry and compliance supervision services. You can access their policy here [https://www.b2business.london/privacy-policy.php]
How we use your personal data and information we collect
We only use your personal data and information we collect when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- To register you as a client and to manage our relationship with you. Depending on the circumstances, this may include special category personal data. Here, the processing of your information is carried out on the basis of your explicit consent.
- To compile business contact information and maintain up to date clients records and comply with relevant law.
Where the processing is based on your consent, you have the right to withdraw your consent at any time by contacting us using the details set out below. Please note that this will not affect the lawfulness of processing based on consent before its withdrawal.
Where do Lux Property Consultancy store your information
Lux Property Consultancy is headquartered in the UK and we mainly collect, process, and store your data here. From time to time, some of your personal information may be digitally stored into physical or virtual cloud servers that are located in European Union and or the US. In some circumstances, your data may be stored in the US by some of our partners as listed above.
We do not offer any product or service to children. In certain circumstances (for example [.]) we may need to collect the name and the date of birth of your children and may need to share this with the service provider that perform services for us. We require that all the third parties we may share your children data to respect the security of your children personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes – we only permit them to process your personal data for specified purposes and in accordance with our instructions.
Lawful basis for processing
Data Protection Legislation requires that we meet certain conditions before we are allowed to use your data in the manner described in this notice, including having a “lawful basis” for the processing. The basis for processing will be as follows:
- You have given us your consent for processing your personal data.
- The processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract
- Legitimate interests. The processing of your personal data may be necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or by fundamental rights and freedoms which require protection of personal data.
We may transfer your personal data outside the European Economic Area (EEA).
We will only transfer Personal Information outside of the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your Personal Information, for example, by way of data transfer agreement incorporating the current standard contractual clauses adopted by the European Commission when it comes with data protection law. We will also ensure that there is adequate protection in place before sending anything to other countries outside the EEA, as they may have different data protection laws and for that reason, we take steps to ensure that all the transfers are protected by safeguards including the use of standards contractual clauses approved by the European Commission.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have established procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your personal data shall be retained for a period strictly necessary for the use and the purposes described above. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Under certain circumstances, you may have the following rights under data protection legislation in relation to your personal data:
- Right to request access to your personal data – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
- Right to request correction of your personal data – the right to have your data rectified if it inaccurate or incomplete. Right to request erasure of your personal data – the right to request that we delete or remove your data from your system.
- Right to request restriction of the processing your personal date – – the right to “block” us from using your data or limit the way in which we can use it.
- Right to request the transfer of your personal data – the right to request that we move, copy or transfer your data.
- Right to object – the right to object to our use if your data including where we use it for our legitimate interests.
To make enquires, exercise any of your rights set out above, or withdraw your consent to the processing of your data (where consent is our legal basis for processing your data), please contact us via this email address at firstname.lastname@example.org
If you wish to complain about our use of personal data, please send an email with the details of your complaint to the [.] info so that we can look into the issue and respond to you. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO website.
Lux Property Consultancy will update this Policy from time to time to make sure it remains compliant and accurate, and if there are significant changes Lux Property Consultancy will notify you through the website and at the email address that you have provided to us.
Please check back from to time to time for updates.
Last updated on October the 19th, 2021
Policies Controls & Procedures
Lux Property Consultancy Group Limited
Company No. 13328034
AML Policies, Controls and Procedures Document
1. Introduction and Policy Statement.
2. The Assessment of Money Laundering Risk Policy.
3. Verification of Clients’ Identity Policy.
4. Knowing The Client’s Business as part of CDD Policy.
5. Ongoing Monitoring of Client’s Activities Policy.
6. Keeping Records of Client Due Diligence Information Policy.
7. Policy and Procedure for Internal Suspicion Reporting Policy.
8. Policy and Procedure for Formal Disclosures to the Authorities Policy.
9. Policy and Procedure for Stopping/Continuing Work Following a Suspicion Report Policy.
10. Policy and Procedure for AML Training Policy.
11. Policy and Procedure for the Monitoring and Management of Compliance Policy.
1. Introduction and policy statement
Regulation 19 of The Money Laundering Regulations 2017 require supervised firms to “establish and maintain policies, controls and procedures to mitigate and effectively manage the risks of money laundering and terrorist financing identified in any risk assessment undertaken by the relevant person under regulation 18.
“Anti-Money Laundering Policies, Controls and Procedures Policy Statements” is the policy of Lux Property Consultancy Group Limited (the “Company”) that all members of staff at all levels shall diligently and actively participate in preventing the services of the Company from being exploited by criminals and terrorists for money laundering purposes.
its objectives are:
• ensuring the Company’s compliance with all applicable laws, statutory regulation, and requirements.
• protecting the Company’s and all its staff as individuals from the risks associated with breaches of the law, regulations and requirements.
• making a positive contribution to the fight against crime and terrorism.
• ensuring the good name of the Company against the risk of reputational damage presented by implication in money laundering and terrorist financing activities.
To profitably and effectively reach and achieve these objectives, the Company’s policy shall be that:
• all the member of staff as individuals shall meet in the appropriate way as their role and position in the Company their personal obligations;
• neither commercial considerations nor loyalty to clients shall be allowed to take precedence over the Company’s anti-money laundering commitment;
• the Company shall appoint the sole practitioner to be responsible for anti-money laundering compliance. Company shall notify the supervisory Authority, which is actually is HMRC AML Supervision, and supply the name of the responsible director;
• the Company shall appoint a Money Laundering Reporting Officer (MLRO) and inform the supervisory authority of their name. In particular, the nominated MRLO of the Company is B2Business Limited, a private limited company incorporated under the law of England and Wales which is also appointed as the Secretary of the Company. Furthermore, the Company shall reserve to appoint a deputy, if available, to cover in the absence of the MLRO. The MLRO and deputy shall be afforded every assistance and cooperation by all members of staff in carrying out the duties of their appointments;
• the Company shall carry out a Company-wide assessment of the risks of money laundering and terrorist financing to which the Company is subject and edit and implement appropriate controls to mitigate and manage successfully the risks identified;
• the Company shall establish and maintain documented, proportionate policies and procedures, including controls, which delineate the actions to be taken by staff to prevent money laundering and terrorist financing in the course of their work.
The MLRO shall keep these under review to ensure their continuing compliance.
UK Legislation enacted to combat money laundering is as follows: –
✓ The Money Laundering, Terrorist Financing and Transfer of
✓ Funds Regulations 2017 (SI 2017 No. 692).✓ The Proceeds of Crime Act 2002 (as amended by the Crime and Courts Act 2013 and the Serious Crime Act 2015).
✓ The Terrorism Act 2000 (as amended by the Anti-Terrorism, Crime and Security Act 2001, the Terrorism Act 2006 and the Terrorism Act 2000 and Proceeds of Crime Act 2002 (Amendment) Regulations 2007.
✓ The Criminal Finances Act 2017
✓ The National Risk Assessment 2017
✓ The European Union the Fourth Anti Money Laundering Directive
The Company understands that these policies and procedures are to be read with and should operate alongside the guidance provided in AML Trust and company service provider guidance for money laundering supervision.
The UK courts must have regard to this approved guidance in deciding whether businesses or individuals affected by it have committed an offence under MLR 2017 or Sections 330-331 Proceeds of Crime Act (as amended). It is therefore important that everyone working in this practice is familiar with this.
This document and the guidance set out in MLR Regulations 2017 are applicable to all clients taken on by this practice and applied as required throughout the business relationship and afterwards.
2. The assessment of money laundering risk policy
It is the policy of the Company to successfully assess and identify any risk related to money laundering and terrorist financing represented by the business we conduct so that the Company will mitigate that risk by applying all the proper level(s) of Client Due Diligence.
2.1 Controls and procedures
The Company shall assess the money laundering risk represented by our clients and the business conducted in accord with three levels:
• the range normally dealt with by the Company, requiring the Company’s normal level of Client Due Diligence;
• an extraordinary high level of risk requiring an enhanced level of Client Due Diligence (and shall be assessed by enhanced level of CDD).
The Company shall identify, maintain and keep up-to-date a lists of risk factors relating to our clients, products or services, transactions, delivery channels and geographic areas.
The Company shall assess the level of risk associated with these factors by analysing indicators including:
• client characteristics (individual or legal entity/corporate, status, location, occupation);
• the purpose of the engagements, levels of assets and transactions;
• regularity or duration of business relationships.
The Company shall update the risk assessment annually to address new and emerging risks, and to comply with new information supplied by the Supervisory Authority.
The Company shall keep an up-to-date written record of all steps taken and shall provide the risk assessment to the Supervisory Authority upon request as well as the information on which it was based;
The risk of money laundering or terrorist financing represented by each client will be assessed:
• during the new client acceptance process and before undertaking any work;
• at whenever time the Company’s process of ongoing monitoring indicates that a change in the business of an established client may represent a change in money laundering risk.
Client risk assessment shall be carried out by the MLRO who will determine the appropriate due diligence measures in respect of each client, and it will be based on:
• the Company-wide risk assessment;
• assessment of the level of risk arising in any particular case.
The assessment of each individual client relationships will be recorded, confirming that the Company has taken into account both the Company-wide risk assessment and any other relevant factors considered.
3. Verification of clients’ identity policy
It is the policy of the Company to verify the identity of all clients, ensuring that procedures reflect client risk characteristics. The Company shall check that clients are not the subject of sanctions or other statutory measures prohibiting the Company from providing its services.
Where clients are an individual person or persons acting on their own behalf, the identity of the individual(s) will be verified by the Company’s MLRO with a written notice. Also, the MLRO shall provide appropriate training to the authorised staff authorised to verify such details, if any.
The member of staff conducting verification of identity will complete the process by checking that the client is not the subject of sanctions or other statutory measures, using the screening methods set out by the MLRO.
Where the individual is a UK national resident in the UK, and will be seen in person the verification and identity checks will be conducted by examination of:
• one document containing a photograph confirming the individual’s name and date of birth (i.e. a passport);
• one document confirming the individual’s residential address (i.e. a utility bill, bank statements and other official documents or other sources of customers information including information held by credit reference agencies like Experian and Equifax– this document is required even if the document confirming name also has the address).
Where the individual is not a UK national, or not resident in the UK, or will not be seen in person by the member of staff carrying out the verification, the MLRO will make a risk-based decision on the means of verification to be accepted; the verification and identity checks will be conducted by examination of
• one document containing a photograph confirming the individual’s name (i.e. a passport);
• one document confirming the individual’s address (i.e. a utility bill, bank statements and other official documents or other sources of customers information including information held by credit reference agencies– this document is required even if the document confirming name also has the address).
Where clients are based overseas and outside the EU, the procedure is that the lists of high risk third countries must be consulted to determine if the client is resident in any of the relevant countries. These lists are as follows:
European Union’s High Risk Third Country List, amended in March 2017 and October 2017 In addition a new list was adopted on 13th February 2019.
Where the client is not the beneficial owner of assets involved, the MLRO will take the necessary steps to determine who is the beneficial owner, and take reasonable measures to verify their identity, according to this procedure.
Where the client is a legal entity/corporate entity (i.e. a private limited company) the MLRO will check that the legal entity is appropriately registered and appropriately incorporated; also, the MLRO shall determine:
• who are the principal beneficial owners;
• who are the people with significant control (PSCs);
• their identity will be verified according to this policy and procedure.
Where the client is a listed company or a regulated firm, the MLRO will check that the client is appropriately registered, and that the person with whom the firm is dealing is properly authorised to act on the client’s behalf, and will verify the identity of that person according to this procedure, in addition to that of the client entity.
In all cases assessed as presenting a higher money laundering risk, where enhanced client due diligence is required, the MLRO shall decide the appropriate additional steps to verify the client’s identity.
All the actions and process involving the verification to identify the clients as well as all the actions and process taken to verify the identity of legal entities will be recorded by way of keeping photocopies of documents produced.
As part of the CDD process the MLRO is aware of the need to identify and scrutinise:
(i) any case where:
(a) a transaction is complex and unusually large, or there is an unusual pattern of transactions; and
(b) the transaction or transactions have no apparent economic or legal purpose; and
(ii) any other activity or situation which the MLRO may consider as particularly likely by its nature to be related to money laundering or terrorist financing;
The MLRO is also aware of the need to take additional CDD/EDD monitoring measures, where appropriate, to prevent the use for money laundering or terrorist financing of products and transactions which might favour anonymity.
The MLRO will sign off on the client due diligence before the client is taken on.
Where the Company proposes to have, or to continue, a business relationship with a PEP [as defined in Regulation 35(12)(a)], family member or known associate of PEP, they are required to have the approval form the MLRO; to take adequate measures to establish the customer’s sources of funds relevant to the proposed business relationship or transaction. Once the business relationship is entered into, conducting enhanced ongoing monitoring of the business relationship with that person.
4. Knowing the client’s business as part of CDD policy
The policy of the Company is to obtain all the information enabling us to assess the purpose and intended nature of every client’s relationship with our Company. This Know Your Client’s Business information will allow us to maintain our assessment of the on-going money laundering risk, and notice changes or anomalies in the client’s arrangements that could indicate money laundering. It is the policy of the Company not to offer its services, or to withdraw from providing its services if a satisfactory understanding of the nature and purpose of the client’s business with us cannot be achieved.
The MLRO will personally obtain Know Your Client’s Business information from clients:
• on acceptance of a new client;
• on receipt of a new instruction from a client whose arrangements are of a one-off nature;
• on any significant change in the client’s arrangements such as the size or frequency of transactions, nature of business conducted, involvement of new parties or jurisdictions
Or when a significant change in the client’s arrangements occurs, such as size or frequency of transactions.
• as an ongoing exercise throughout the client relationship.
Know Your Client’s Business information sought from clients will include, but not be limited to:
• the client’s reason, purpose and business justification for choosing the company and the client’s reason, purpose and business behind the services the client is asking to the Company;
• the provenance of funds or assets involved in the client’s arrangements;
• the nature, size, frequency, source and destination of the transactions;
The information will be obtained by asking the client pertinent questions, and the answers given by the client will be verified where this is possible throughout the business relationship.
Answers not readily verifiable will not be considered.
If answers are inconsistent or implausible with other information, or if the client refuses to provide answers to due diligence enquiries the MLRO will decide whether the Company should withdraw for the relationship or, possibly, considering possible grounds to suspect money laundering.
To assist with future monitoring, in the client’s file will be recorded all the information provided by the client.
5. Ongoing monitoring of client’s activities policy
It is the policy of the Company to monitor clients’ transactions; each transactions or instructions will be monitored to scrutinise possible grounds of money laundering, and if changes occurs a re-assessment of money laundering risk will be provided upon.
Periodically, every client’s file will be reviewed to check the adequacy of all the information held and that the level of client due diligence is still appropriate.
The periodic review will be conduct as follow:
For high risk client, every six months;
For all other clients, annually. Periodic review of client files for AML due diligence purposes can be conducted at the same time as business development reviews, but the AML review must be separately noted on the file.
6. Keeping records of client due diligence information policy
It is the policy of the Company to establish and maintain systems to keep records of enquiries and information obtained while exercising client due diligence for AML purpose.
When information is being collected for AML client due diligence, the MLRO will ensure that:
• each information collected is recorded in the client’s file;
• all instances are recorded where information requested has not been forthcoming, or explanations provided have not been satisfactory.
The Company shall have systems archive CDD records to ensure their availability for a minimum of five years from the date of the completion of the transaction or enquiry.
The Company shall have data systems which facilitate the retrieval off all records in order to respond to fully to enquiries from financial investigators.
Any personal data obtained for CDD shall be processes only to comply with AML Regulation
The Company shall inform any new clients that any personal data received from the client will be processed only for the purposes of preventing money laundering and terrorist financing.
For clients who have been the subject of a suspicion report, relevant records will be retained separately from the Company’s routine archives, and not destroyed
The MLRO shall at all times protect the Company’s position with regard to the Data Protection Act 1998 and Data Protection Act 2018 and the possible implications of a subject access request made under the Act in recording money laundering suspicion reports.
7. Policy and procedure for internal suspicion reporting policy
It is the policy of the Company that every member of staff, if any, shall remain alert and report any single suspicion for which they believe there are grounds accordingly with the Company’s procedure and accordingly with the individual role or position in the Company. No-one is expected to have a greater knowledge and understanding of clients’ affairs than is appropriate to their role.
Every member of staff must be aware for the possibility that the Company’s services could be used for money laundering purposes.
A member of staff becoming aware of a possible suspicion shall gather relevant information that is routinely available to them and decide whether there are reasonable grounds to suspect money laundering; if after gathering the information the member of staff is properly satisfied that there no ground for suspicion so no further action should be taken. If, on the other hands, a member of staff decides that there may be grounds for suspicion shall in normal circumstances raise the matter with the MLRO, if they both agree that there are no grounds for suspicion, no further action should be taken. In this case, the member of staff must submit a report to the MLRO in the format provided by the MLOR and the MLOR must assist the staff in fulfilling the report. A member of staff who forms or is aware of a suspicion of money laundering shall not discuss it with any outside party, or any other member of staff unless directly involved in the matter causing suspicion. No member of staff shall at any time disclose a money laundering suspicion to the person suspected, whether or not a client, or to any outside party.
The requirement to gather relevant information does not extend to undertaking research or investigation, beyond using information sources readily available within the Company.
Clients may be asked for relevant information, but only in the context of routine client contact relevant to the business in hand.
8. Policy and procedure for formal disclosures to the authorities policy
It is the policy of the Company that the MLRO shall receive and evaluate internal suspicion’s report and decide whether a formal disclosure is to be made to the authorities. If so deciding, the MLRO will make the formal disclosure on behalf of the firm, using the appropriate mechanism.
On receipt of report from a member of staff, the MLRO shall acknowledge its receipt in writing, referring to the report by its date and unique file number, without including the name of the person(s) suspected.
This confirms to the member of staff that their legal obligation to report has been fulfilled.
The MLRO shall open and maintain a log of the progress of the report. This log shall be held securely and shall not form part of the client file.
Following receipt of a report, the MLRO shall gather all relevant information held within the firm, and make all appropriate enquiries of members of staff anywhere in the firm, in order properly to evaluate the report.
The MLRO shall then decide whether they personally believe there are reasonable grounds for suspicion, and make a decision on the Company’s obligation to make a formal disclosure to the authorities. If deciding that a formal disclosure to the authorities is required, the MLRO shall make such disclosure by the appropriate means. The MLRO shall document in the report log the reasons for deciding to make or not to make a formal disclosure.
The MLRO shall where appropriate inform the originator of the internal report whether or not a formal disclosure has been made. The MLRO shall inform all those, and only those, members of staff who need to be aware of the suspicion in order to protect them and the firm from possible money laundering offences in connection with any related business. Following a formal disclosure, the MLRO shall take such actions as required by the authorities in connection with the disclosure.
9. Policy and procedure for stopping/ continuing work following a suspicion report policy
It is the policy of the Company that from the moment a suspicion of money laundering arises, no further work will be carried out on the matter that gave rise to the suspicion.
10. Policy and procedure for AML training policy
It is the policy of the Company that recruitment of all new staff will include assessment as described in section 21(2) of the Money Laundering Regulations that regular AML Training is undertaken and that a written record of the training delivered is maintained. It is the policy of the Company that all staff who have client contact, or access to information about clients’ affairs, shall receive anti-money laundering training to ensure that their knowledge and understanding is at an appropriate level, and ongoing training at least annually to maintain awareness and ensure that the Company’s legal obligations are met. A record of the undertaken training must be kept as well as a record that the staff have achieved an appropriate level of knowledge and understanding.
Post appointment, staff assessment according to section 21(2) of the Money Laundering Regulations will be incorporated into the firm’s regular staff appraisal process.
Alternative AML training methods can be approved by the MLRO to provide suitable training activities to all members of staff who have client contact, or access to information about clients’ affairs.
The MLRO will:
• inform every member of staff of the training programme that they are required to undertake, and the timetable for completion
• check that every member of staff has completed the training programme assigned to them, issuing reminders to any who have not completed to timetable
• refer to the business owner any cases where members of staff fail to respond to reminders and have not completed their assigned training
• keep records of training completed, including the results of tests or other evaluations demonstrating that each individual has achieved an appropriate level of competence. 7 On completion of a training cycle, the MLRO will ensure the continuity of ongoing training while giving consideration to:
• the effectiveness of the programme completed • the need to keep training information up to date with changes in laws, regulations, guidance and practice.
The MLRO will determine the training needs of his or her own role, and ensure that he or she obtains appropriate knowledge and understanding as required to fulfil the obligations of the appointment.
11. Policy and procedure for the monitoring and management of compliance policy
It is the policy of the Company to monitor our compliance with legal and regulatory AML requirements and conduct an annual independent AML compliance audit, the findings of which are to be considered and appropriate recommendations for action set out.
The MLRO will monitor continuously all aspects of the Company’s AML policies and procedures, together with the legal and regulatory changes which might impact the Company wide risk assessment.
Any deficiencies in AML compliance requiring urgent rectification will be dealt with immediately by the MLRO.
Approved by the Sole Director, Mr Jonathan Anthony Robert Lebrett
Last Updated 12.10.2021
Mr Jonathan Anthony Robert Lebrett
For and behalf of
Lux Property Consultancy Group Limited