5.8. Special considerations for DNFBP supervisors
136. Some sectors, in particular DNFBPs, have a very large number of entities such that understanding ML/TF risks of each entity is difficult as supervisors may have no or little data on individual entity activities. In addition, the range of sizes of entities (from sole traders up to groups operating internationally) and the diversity of activities undertaken by DNFBPs often makes understanding and assessing ML/TF risks across all sub-sectors challenging, in the absence of highly specialised resources (supervisors) who are knowledgeable and experienced in the specific activities carried out by all types of DNFBPs.
137. On a more practical level, data collection from DNFBP sub-sectors may be difficult due to:
• the sub-sectors having little or no capacity to generate or produce the type of comprehensive and reliable data required by supervisors to asses risk, due to a lack of understanding by the entities
• a lack of legal authority to collect data (particularly in the case of selfregulating bodies (SRBs))
• challenges in identifying reporting entities or determining whether a person/company is a reporting entity, especially in those sectors that are not directly regulated or licensed by any licensing authorities or self-regulating bodies (SRBs), and
• the absence of compliance data on individual entities (e.g. in lower risk sectors, or newly regulated subsectors with no history of supervision or regulatory relationship); meaning that assessing the effectiveness of control frameworks and hence residual risk in some DNFBPs is a particular challenge.