Financial Crime World

Portugal’s CFT Regulations: A Guide to Compliance

The Portuguese government has implemented strict regulations to combat money laundering and terrorist financing (CFT) through the Anti-Money Laundering (AML) Law. To ensure compliance, financial institutions must establish an internal control system to manage ML/TF risks.

Key Components of the Internal Control System

According to the law, this system must include several key components:

  • A person of senior management must be designated to monitor compliance with the applicable legal framework.
  • An effective risk management model must be defined, including practices for identifying, assessing, and mitigating ML/TF risks.
  • Entities must define appropriate tools or information systems necessary for managing ML/TF risks, such as systems that allow the assessment or detection of politically exposed persons (PEPs) and other high-risk individuals.

Internal Policies and Procedures

Financial institutions must also establish internal policies and procedures to ensure employee communication about any violations of AML laws and regulations. These procedures should include:

  • Mechanisms for reporting suspicious transactions.
  • Regular training programs for employees.

Client Identification and Due Diligence

When establishing business relationships or carrying out occasional transactions, financial institutions must:

  • Identify and verify the identity of clients and beneficial owners.
  • Obtain information on the purpose and intended nature of the relationship, as well as the origin and destination of funds handled in the context of the transaction.

Simplified or Enhanced Due Diligence

Entities may apply simplified or enhanced due diligence measures if they deem the risk of ML/TF to be high. To ensure compliance, institutions must:

  • Maintain continuous monitoring of business relationships and transactions.
  • Conduct regular testing of their control systems to guarantee quality, adequacy, and effectiveness.

Record-Keeping and Training

The law also requires entities to:

  • Maintain records and documentation for at least seven years after the moment in which customer identification was processed or the end of a business relationship.
  • Establish adequate training programs for employees.
  • Put mechanisms in place to ensure that high standards are applied during the hiring process.

Conclusion

By following these guidelines, financial institutions in Portugal can ensure compliance with AML regulations and help prevent money laundering and terrorist financing activities.