Reporting financial institutions may use third party service providers to fulfil some or all of their due diligence obligations under the various automatic exchange of information regulations (FATCA, CDOT and CRS) but the requirements remain the responsibility of the financial institution. Any failure by a third-party service provider would be regarded as a failure by the financial institution.
For example, where an independent financial adviser (IFA) has the customer relationship for introducing business to a financial institution, such as Cash Value Insurance Contracts, the IFA is often best placed to obtain the self-certification needed to carry out the due diligence process on the new account. The financial institution may rely on the IFA to obtain the self-certifications on its behalf.
Similarly, when a financial institution engages a third party to run AML/KYC processes it may rely on the report provided on the basis that the third party has relied on appropriate Documentary Evidence in producing the report. In such a case, the reporting financial institution may not hold the original documents or certified copies of them. If HMRC requires sight of documents in these circumstances, photocopies will be acceptable subject to the financial institution being able to obtain originals or certified copies should that be necessary.