The Central Bank has found an overall lack of compliance among certain financial firms that have a specific obligation to meet anti-money laundering and terrorist financing obligations.

The rules apply to firms listed in Schedule 2 of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, that are not already licenced by the bank, such as certain lenders, financial leasing firms and safe custody services.

Following inspections and review meetings, the bank discovered there was a failure by boards to show responsibility for ensuring the control framework around the issue is properly implemented.

In many instances, the issue was only included on the board's agenda when the Central Bank notified the company of its plans to examine the matter.

It also found a poor level of understanding of what was required from boards and senior management.

Risk assessments and documentation specific to a firm to support them were lacking and there was a failure to put in place and implement policies and procedures specific to the individual firms.

Firms had also failed to implement the requirements of the 2010 act in a timely manner.

There were also issues identified in cases where the function of complying with anti-money laundering and terrorist financing rules were outsourced to third parties.

"The culture and tone of any organisation is set from the top," said Seána Cunningham, Director of Enforcement and Anti-Money Laundering at the Central Bank.

"It therefore rests with the board of these firms to ensure that the necessary AML/CFT governance, risk assessment, policies and procedures, training and awareness are embedded throughout the organisation," she said.

"While some firms may choose to outsource AML/CFT activities to third party service providers, boards cannot outsource the responsibility for compliance," she added.

The regulator has warned that it will use all means it can to identify firms that aren't registered and will take appropriate action against them.

Its expectations have been set out in a letter to be sent to the CEOs and boards of firms that come under the scope of the act.

"We will continue to engage directly with those firms where compliance weaknesses and failures have been identified to ensure that they are addressed," said Ms Cunningham.

"We also require all firms to review the content of this letter to ensure that they assess their own compliance with the issues identified."