Customer Due Diligence/ Know Your Customer AML Regulation and Compliance Requirements,
Transcription
Customer Due Diligence/ Know Your Customer AML Regulation and Compliance Requirements,
Customer Due Diligence/ Know Your Customer Building Financial Market Integrity in Afghanistan: Anti-Money Laundering AML Regulation and Compliance Requirements, April 17, 2006 Emiko Todoroki The World Bank Table of Contents 1. 2. 3. 4. 5. 6. 7. 8. 9. Concept of Customer Due Diligence (CDD) CDD and Financial Institutions CDD in FATF Recommendation Customer Acceptance Policy Customer Identification CDD and Tipping Off On-going Monitoring of Accounts and Transactions Risk Management Recap 1. Concepts of CDD Customer Identification Ongoing Monitoring Know Your Customer (KYC) Customer Due Diligence (CDD) 2. CDD and Financial Institutions Why Customer Due Diligence? – – – – Reputation risk Operational risk Legal risk Concentration risk 3. CDD in FATF Recommendations FATF Recommendation 5 (Customer due diligence) 1. No anonymous accounts or accounts in obviously fictitious names. 2. Need for CDD measures, including identifying and verifying the identity of their customers. 3. Application of CDD on a risk sensitive basis. 4. Application of CDD both to all new customers and existing customers. 3. CDD in FATF Recommendations How is CDD applied in other FATF Recommendations? – FATF Recommendation 6 (politically exposed persons) – FATF Recommendation 7 (correspondent banking) – FATF Recommendation 8 (non-face-to-face customers) – FATF Recommendation 9 (intermediaries) – FATF Recommendation 10 (Record Keeping) – FATF Recommendation 11 (complex/large transactions) – FATF Recommendation 12 (DNFBPs) 4. Customer Acceptance Policy “Banks should develop clear acceptance policies and procedures, including a description of the types of customer that are likely to pose a higher than average risk to a bank”. In preparing such policy, following factors should be included: – – – – – – Customers’ background Country of origin Pubic or high profile position Linked accounts Business activities Other risk indicators 4. Customer Acceptance Policy Graduate Customer Acceptance Policy The most basic account opening requirements for an individual with a small account balance Extensive due diligence for an individual with a high net worth whose source of funds is unclear Note “It is important that the customer acceptance policy is not so restrictive that it results in a denial of access by the general public to banking services, especially for people who are financially or socially disadvantaged.” 5. Customer Identification (Key Issues for Supervisors) National supervisors should develop: customer identification program guidelines and best practices reflecting the various types of transactions that are most prevalent in the national banking system. 5. Customer Identification (Process of Customer Identification) i. ii. iii. Collecting the identification information Screening the customer Assessing the customer’s risk profile (if general due diligence is believed to be enough) Reconfirming the identification information (if enhanced due diligence is believed to be required) iv. v. Obtaining additional information Reconfirming the identification information 5. Customer Identification (Natural Persons) Identification Information Legal name and any other names used (such as maiden name) Correct permanent address (the full address should be obtained: a Post Office box number is not sufficient) Telephone number, fax number, and e-mail address Date and place of birth Nationality Occupation, public position held and/or name of employer An official personal identification number or other unique identifier contained in an unexpired official documents that bears a photograph of the customer Type of account and nature of the banking relationship Signature (source: General Guide to Account Opening and Customer Identification, BCBS) 5. Customer Identification (Natural Persons) Screening customers new customer applications existing customer base against lists of known or suspected money launderers/terrorists 5. Customer Identification (Natural Persons) Obtaining Additional Identification Documents If the financial institution believes that enhanced due diligence is required after the initial assessment of the customer’s risk profile, it should obtain additional information, such as: – – – – – Evidence of an individual’s permanent address sought through a credit reference agency search or through independent verification by home visits Personal reference (i.e. by an existing customer of the same institution) Prior bank reference and contact with the bank regarding the customer Source of wealth Verification of employment, public position held (where appropriate) 5. Customer Identification (Natural Persons) Reconfirming the Identification Confirming the date of birth from an official document (birth certificate, passport, identity card, social security records) Confirming the permanent address – Contacting the customer by telephone or by letter to confirm the information supplied after an account has been opened – Utility bill, tax assessment, bank statement, a letter from a public authority A disconnected phone or returned mail should warrant further investigation Confirming the validity of the official documentation provided through certification by an authorized person – Embassy official, notary public 5. Customer Identification (Legal Persons/Arrangements) Legal Elements of the Customer Identification 1. Verify that any person acting on behalf of the legal person/arrangement is so authorized. 2. Identify any person acting on behalf of the legal persons/arrangements. – Verification of the identity of directors/signatories – Directors: A directors exercises control over the business and thus over funds passing through the account – Signatories: A signatory to an account is able to exercise control or authority over funds passing through the account 5. Customer Identification (Legal Persons or Arrangements) Legal Elements of the Customer Identification 3. Identify the legal person/arrangement – Verification of the lawful existence of the company – Verification of the license if it is required in operating such business – – Is the legal person/arrangement regulated? – Is the legal person/arrangement required to observe AML/CFT controls? Verification of the type of legal form and business purposes 5. Customer Identification (Legal Persons/Arrangements) Legal Elements of the Customer Identification 4. Identify the beneficial owners – Verification of the identity of major share holders/beneficial owners – Share holder/beneficial owners: Any person who owns a significant proportion of shares in the business (say more than 20 percent) is able to exercise control in other way – Note: bearer shares, corporate vehicles It is important to obtain sufficient documentation to prove or establish that the legitimacy of legal person/arrangement. 5. Customer Identification (Legal Persons/Arrangements) Business Elements of the Customer Identification 1. 2. 3. 4. 5. Annual audited accounts, copies of business plan. Location of the headquarter, branches, plants, warehouses, overseas offices. Major customers/suppliers. Other financial institutions the legal person/arrangement has business relationships. Likely level of account activity and format (cash, checks, wires) It is important to obtain sufficient documentation to prove or establish that the business exist. 5. Customer Identification (Legal Persons/Arrangements) Ownership/Identification Mr. T ? Company E Mr. S Company F Ms. U Company D Mr. V Company C Company B Company A Mr. W Mr. X Bearer Shares Mr. Y Ms. Z Company A requested a new account. Which entities should be identified? 5. Customer Identification (Specific Identification Issues) A. Private Banking Customers ? What is private banking? The additional customer due diligence is required – – – – Current address and telephone number Business information Reasonable estimation of net worth Document the substance of discussions that take place 5. Customer Identification (Specific Identification Issues) B. Intermediaries ? Introduced business Client accounts opened by professional intermediaries FATF Rec 9: allows intermediaries or other third parties to perform some elements CDD process, provided that the criteria set out are met 5. Customer Identification (Specific Identification Issues) C. Politically Exposed Persons Who are politically exposed persons? Why are they risky? FATR Rec 8: ? a) b) c) d) To have appropriate risk management systems to determine the customer is a PEPs To obtain senior management approval for establishing business relationship with such customers To take reasonable measures to establish the source of wealth and source of funds To conduct enhanced ongoing monitoring of the business relationship 5. Customer Identification (Specific Identification Issues) D. Non-face-to-face customers ? What are non-face-to-face customers? Why are they risky? FATF Rec 8 Basel Committee on Banking Supervision 5. Customer Identification (Specific Identification Issues) E. Corresponding Banking What is corresponding banking? Why it is risky? Due diligence: ? – – – – – – – The respondent bank’s management, control (ownership), reputation Bank license Major activities and services provided to clients Location and organization Detail of AML/CFT procedures and controls, including know-yourcustomer procedures Details of any third-party entities that will use the correspondent banking services (including other financial institutions) Note: Shell banks 6. CDD and Tipping Off FATF Rec 14 “tipping off” is prohibited. But… if financial institution reasonably believes that performing the CDD process will tip off the customer or potential customer, it may choose not to pursue the CDD process and should file an STR to FIU. 7. Simplified or Reduced CDD Measures A country may allow its financial institutions to apply simplified or reduced CDD measures when identifying and verifying the identity of the customer and the beneficial owner (Interpretative Note to FATF Recommendation 5). – Financial institutions – Public companies that are subject to regulatory disclosure requirements – Government administrations or enterprises – DNFBPs and pooled account held by them 7. On-going Monitoring of Accounts/ Transaction and Know Your Customer 1. Monitoring and Screening of Customers Ongoing monitoring is an essential aspect of effective KYC procedures. 2. Intensified Monitoring for Higher Risk Accounts Senior management knowledge on clients policy and guidelines 3. Adopting Risk Based Approach Geographical Factors Customer Types Product Type – 8. Consolidated KYC Risk Management The board of directors of banks should be fully committed to an effective KYC program by establishing appropriate procedures and ensuring their effectiveness – A clear bank’s KYC policy in accordance with local supervisory practice – Allocation of relevant responsibilities – The channels for reporting suspicious transactions – Internal procedures for assessing the compliance – Ongoing employee-training program 9. Recap What is customer due diligence? What is ongoing monitoring? What is know your customer? What is customer acceptance policy? What are the difference between natural person and legal person in customer identification. When do you need to perform enhanced due diligence? Thank you Contact: Emiko Todoroki etodoroki@worldbank.org phone: +1-202-458-9466