Financial Crime World

Bermuda’s AML/CTF Regulations: Obligated Entities Brace for Customer Due Diligence and Record-Keeping

Bermuda’s financial institutions and designated non-financial businesses (obliged entities) must comply with the rigorous money laundering and terroristic financing (AML/CTF) regulations under the Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing) Regulations 2008 to safeguard Bermuda’s financial system from illicit activities.

Key Responsibilities for Obliged Entities

As obliged entities, these businesses have the following duties:

Customer Due Diligence

  • Establishing a new business relationship or carrying out occasional transactions
  • Suspecting money laundering or terrorist financing
  • Doubting the authenticity of identification data

Ongoing Monitoring

  • Examining complex transactions or unusual transaction patterns
  • Maintaining updated records of customer due diligence and transactions

Record-Keeping Duties

  • Sufficient records of customers’ identity, transactions, and due diligence evidence
  • Keeping records for five years post-business relationship termination

Reporting Procedures

  • Establishing internal reporting procedures
  • Identifying a Reporting Officer
  • Fines and penalties for non-reporting

Audit Function

  • Maintaining an independent audit function
  • Evaluating the AML/CTF framework, internal controls, and compliance functions

Employee Awareness Training

  • Properly training all employees on Bermuda’s AML/CTF laws and prevention methods

Compliance Officer

  • Designating a Compliance Officer
  • Ensuring regulatory procedures and controls are implemented and monitored
  • Maintaining AML/CTF regulation compliance

Customer Due Diligence

Obliged entities must apply due diligence measures when:

  • Establishing a new business relationship
  • Carrying out occasional transactions
  • Suspecting money laundering or terrorist financing
  • Doubting the authenticity of identification data

Ongoing Monitoring

Entities must investigate transactions throughout the business relationship and examine:

  • Complex, unusually large transactions or unusual transaction patterns
  • Transaction consistency with the customer’s profile

Entities must maintain updated records of customer due diligence and transactions.

Record-Keeping Duties

Entities must keep sufficient records of customers’ identity, transactions, and due diligence evidence for five years post-business relationship termination.

Reporting Procedures

Entities must have internal reporting procedures, where suspected transactions are reported to their designated Reporting Officer. Failure to report may lead to fines and other penalties.

Audit Function

Entities must maintain an independent audit function to evaluate the robustness and effectiveness of their AML/CTF framework, internal controls, and compliance functions.

Employee Awareness Training

All employees must be adequately trained on Bermuda’s AML/CTF laws and prevention methods to ensure ongoing compliance.

Compliance Officer

Entities must designate a Compliance Officer responsible for ensuring all regulatory procedures are properly implemented and monitored, maintaining regulatory compliance.