Financial Institutions Bear Ultimate Responsibility for AML/CFT Measures
============================================================
In a move to strengthen anti-money laundering (AML) and combating the financing of terrorism (CFT) measures, financial institutions are now required to take ultimate responsibility for ensuring compliance with regulations.
Establishing Policies and Procedures
Financial institutions must establish policies and procedures for conducting customer due diligence (CDD), including verifying the identity of customers, beneficial owners, and senior managerial officers. The CDD process must be risk-based, taking into account factors such as business nature, scale, and complexity.
Risk-Based Approach
- Factors to consider:
- Business nature
- Scale
- Complexity
Immediate Access to CDD Information
Financial institutions relying on third-party services must ensure that they can immediately obtain necessary CDD information from the third party. This includes obtaining copies of identification data and other relevant documentation upon request without delay.
Requirements for Third-Party Services
- Obtain necessary CDD information promptly
- Copies of identification data and other relevant documents
Regulated Third Parties
Financial institutions must also ensure that third parties are regulated, supervised or monitored, with appropriate measures in place for compliance with AML/CFT requirements.
Jurisdictional Requirements
- Verify that the jurisdiction where the third-party provider is based has AML/CFT regulations in place consistent with international standards set by the Financial Action Task Force (FATF)
Watch List Filtering Programs
Financial institutions are also required to establish watch list filtering programs on customers and connected parties of transactions. These programs must detect, match, and filter individuals, legal persons or organizations sanctioned under the Terrorism Financing Prevention Act or identified as terrorists or terrorist groups by foreign governments or international organizations.
Watch List Program Requirements
- Detect, match, and filter sanctioned individuals and entities
- Identify terrorists and terrorist groups
Ongoing Monitoring of Accounts and Transactions
To strengthen their AML/CFT capabilities, financial institutions are required to establish internal control procedures for requesting and inquiring about customer information. They must also use a database to consolidate basic information and transaction data on all customers and establish policies and procedures for account and transaction monitoring based on a risk-based approach.
Monitoring Requirements
- Request and inquire about customer information
- Consolidate basic information and transaction data
- Monitor accounts and transactions based on risk
Politically Exposed Persons (PEPs)
Financial institutions must also implement risk management systems to determine whether a customer or its beneficial owner is a PEP. For current PEPs, financial institutions must adopt enhanced CDD measures, while for former PEPs, they must assess the individual’s influence and potential risks.
Risk Management Systems
- Determine if a customer or beneficial owner is a PEP
- Enhanced CDD measures for current PEPs
- Assess influence and potential risks for former PEPs
Record-Keeping Requirements
Finally, financial institutions are required to keep records of all business relations and transactions with customers in hard copy or electronic form for at least five years or a longer period as otherwise required by law. These records must include information obtained through CDD measures, such as copies of passports, identity cards, driver’s licenses, and other relevant documents.
Record-Keeping Requirements
- Keep records of business relations and transactions with customers
- Information to be included:
- Copies of identification data and other relevant documentation
By strengthening AML/CFT measures, financial institutions can better protect the integrity of the financial system and prevent money laundering and terrorist financing activities.