Financial Crime World

Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) Regulations

Customer Due Diligence

Customer due diligence is a critical component of anti-money laundering regulations, aimed at preventing financial institutions from being used for illicit activities. Financial institutions must establish procedures to identify and verify the identity of customers.

Requirements for Customer Due Diligence

  • Customer Identification: Customers are required to provide identification data, including name, address, date of birth, etc.
  • Purpose and Intended Nature of Business Relationship: The customer’s purpose and intended nature of the business relationship must be established.
  • Source of Funds and Wealth: The source of funds and wealth is identified.

Enhanced Due Diligence for Higher-Risk Customers

Enhanced due diligence measures are required for customers with higher-risk profiles, such as politically exposed persons (PEPs). Simplified due diligence measures can be applied to lower-risk customers.

Correspondent Banking

Correspondent banking involves financial institutions acting on behalf of other banks. To mitigate risks associated with correspondent banking, financial institutions must:

Requirements for Correspondent Banking

  • Gather Information: Gather information about the respondent bank, including its reputation and supervision quality.
  • Assess AML/CFT Controls: Assess the respondent bank’s anti-money laundering and terrorist financing controls.
  • Senior Management Approval: Obtain approval from senior management before establishing new correspondent relationships.
  • Clearly Understand Responsibilities: Clearly understand and document the respective AML/CFT responsibilities of each institution in the correspondent banking relationship.

Record-Keeping Procedures

Financial institutions must maintain procedures for retaining records, including customer identification data, business relationship information, and transaction records. Records must be retained for the period prescribed in the Act and be available upon request from the Supervisory Authority or competent authorities.

Requirements for Record-Keeping Procedures

  • Customer Identification Data: Maintain procedures for retaining customer identification data.
  • Business Relationship Information: Maintain procedures for retaining business relationship information.
  • Transaction Records: Maintain procedures for retaining transaction records.
  • Retention Period: Retain records for the period prescribed in the Act.

Third-Party Risk Management

Financial institutions relying on third parties to perform elements of customer due diligence must:

Requirements for Third-Party Risk Management

  • Obtain Necessary Information: Obtain necessary information from the third party.
  • Satisfy CDD Requirements: Satisfy themselves that the third party has measures in place to comply with CDD requirements.
  • Not Rely on Inadequately Supervised Countries: Not rely on third parties based in countries named as inadequately applying FATF Recommendations.
  • Retain Ultimate Responsibility: Retain ultimate responsibility for ensuring compliance with CDD requirements.