Financial Crime World

Ultimate Responsibility for Customer Due Diligence (CDD) Measures and Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) Compliance

Financial institutions have been reminded to take ultimate responsibility for their CDD measures and AML/CFT compliance. The Financial Supervisory Authority emphasizes that financial institutions must ensure they are meeting their CDD obligations, particularly when relying on third-party providers.

Immediate Access to Necessary Information

Financial institutions should be able to obtain necessary CDD information immediately from third-party providers. This includes:

  • Identification data
  • Other relevant documentation relating to CDD requirements

Institutions must take adequate steps to satisfy themselves that copies of this information will be made available without delay upon request.

Regulated Third-Party Providers

Financial institutions are required to ensure that the third-party providers they rely on are:

  • Regulated, supervised, or monitored
  • Have appropriate measures in place for compliance with CDD and record-keeping requirements
  • Based in a jurisdiction with AML/CTF regulations consistent with the standards set by the Financial Action Task Force (FATF)

Watch List Filtering Programs

Financial institutions are required to establish:

  • Risk-based policies and procedures for watch list filtering programs on customers and connected parties of transactions
  • Policies that detect, match, and filter individuals, legal persons, or organizations sanctioned under the Terrorism Financing Prevention Act or identified as terrorists or terrorist groups by foreign governments or international organizations

Ongoing Monitoring of Accounts and Transactions

Financial institutions are required to establish:

  • Internal control procedures for requests and inquiries regarding customer information made by various units
  • Policies and procedures for account and transaction monitoring based on a risk-based approach, including:
    • Complete ML/TF monitoring indicators
    • Parameters setting
    • Threshold amounts
    • Alerts
    • Operation procedures of monitoring

Politically Exposed Persons (PEPs)

Financial institutions are required to establish:

  • Risk management systems to determine whether customers and their beneficial owners or senior managerial officers are PEPs
  • Enhanced CDD measures for current PEPs of foreign governments, including:
    • Treating these customers as high-risk
    • Adopting enhanced CDD measures
  • The same provisions apply to family members and close associates of PEPs

Insurance Companies and Post Offices

Insurance companies and post offices engaging in simple life insurance business should take reasonable measures to identify and verify whether the beneficiary and its beneficial owner are PEPs before paying out benefits or cash surrender value.

Records Keeping

Financial institutions are required to keep records on all business relations and transactions with their customers in hard copy or electronic form, including:

  • Records maintained for at least five years
  • Longer period as otherwise required by law

By emphasizing the importance of ultimate responsibility for CDD measures and AML/CFT compliance, financial institutions can help prevent money laundering and terrorist financing activities. It is crucial that financial institutions ensure they are meeting their obligations to maintain public trust and confidence in the financial system.