customer due d (cdd) a (aml) (cft) mcb s o · ulterior motives. to address the risks stemming from...
TRANSCRIPT
CUSTOMER DUE DILIGENCE (CDD) & ANTI-
MONEY LAUNDERING (AML) / COMBATING
FINANCING OF TERRORISM (CFT) POLICY
MCB SRI LANKA OPERATIONS
2015
Document Control Sheet
Title Of Policy Customer Due Diligence (CDD) & Anti-Money laundering (AML) / Combating Financing of
Terrorism (CFT) Policy
Associated Key Risk (if applicable) Money Laundering & Financing of Terrorism
Policy Owner Country General Manager MCB Sri Lanka & Local Compliance Officer
Final Review Group Head – Wholesale Banking Group and Compliance and Control Group
Review Frequency Once in two years
Latest Review/ Approval date Oct, 2015
Next review date 2 years from the approval date
Version Version 1.0
Reviewed by A&RARG & LAG
Concurred by President
Recommended By Standing Committee for Review of Policies (SCRP)
Approved By Board of Directors
Table of Contents
1. INTRODUCTION: ...........................................................................................................................................1
2. SCOPE ...........................................................................................................................................................2
3. OBJECTIVE OF THE POLICY IS TO COVER: .....................................................................................................3
4. ROLE AND RESPONSIBILITY OF COMPLIANCE OFFICER................................................................................3
5. ORGANIZATIONAL CHART OF COMPLIANCE FUNCTION ..............................................................................4
6. KEY ELEMENTS OF CUSTOMER DUE DILIGENCE ..........................................................................................5
I. Customer Identification: ....................................................................................................................... 5
II. Customer Verification ........................................................................................................................... 5
III. Customer Acceptance ........................................................................................................................... 6
IV. Accounts and Transaction Monitoring .................................................................................................. 6
V. Risk Management ................................................................................................................................. 7
7. CORRESPONDENT BANKING.........................................................................................................................7
8. RECORD KEEPING .........................................................................................................................................8
9. TRAINING .....................................................................................................................................................9
10. AML/CFT PROCEDURAL HANDBOOK ...........................................................................................................9
11. PERIODICITY FOR REVIEW OF POLICY ..........................................................................................................9
12. GLOSSARY .................................................................................................................................................... 10
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 1 of 10
1. INTRODUCTION: MCB Bank-Sri Lanka (‘the Bank’) is committed to combat Money Laundering and Terrorist Financing. Its commitment to the inhibition of ML/FT is reflected in this policy in compliance with the legislative requirements of authorities in Sri Lanka as well as with MCB’s Head Office in Pakistan. Reference was made to the following laws and regulations for the development of the policy:
Prevention of Money Laundering Act, No.05 of 2006 (PMLA)
Convention on the Suppression of Terrorist Financing Act, No.25 of 2005 (CSTFA)
Financial Transaction Reporting Act, No. 06 of 2006 (FTRA)
Know-Your-Customer and Customer Due Diligence Rules prescribed by FIU under FTRA
from time to time.
Applicable/ Relevant AML/CFT Guidelines issued by SBP (State Bank of Pakistan)
To further strengthen the regulatory framework to curb Money Laundering and Terrorist
Financing CBSL (Central Bank of Sri Lanka) has issued AML/CFT regulations, covering the
following aspects:
Key Elements Area Covered
Customer Due Diligence CDD Measures for Identifying, Verifying and Accepting new customers and maintaining relationship with existing customers.
Correspondent Banking CDD measures for establishing and maintaining relationship with Correspondent and Respondent Banks / Financial Institutions (FIs)
Wire Transfers / Fund Transfers
Responsibilities of Ordering, Intermediary and Beneficiary Institutions (as applicable) involved in processing wire transfers / fund transfer.
Maintenance of Accounts and General rules
All Measures prescribed by Central Bank of Sri Lanka under Licensed banks and Registered Finance Companies (Know your Customer (KYC) and Customer Due Diligence (CDD) Rules No. 1 of 2011 issued by Financial Intelligence Unit under the Financial Transactions Reporting Act No. 6 of 2006 is to be adhered to in letter and spirit.
Reporting of Transactions (STRs)
Guidelines for Reporting of Complex, Unusually Large, and out of pattern Transactions.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 2 of 10
In addition to the above, the international best practices such as FATF (Financial Action Task Force), Basel Committee on Banking Supervision (BCBS) on Customer Due Diligence, and UN (United Nations) resolutions concerning sanctions should also be followed to prevent the possible use of the Bank as a conduit for money laundering or terrorist financing activities. Amid increasing focus of banks and regulatory bodies on curbing ML (Money Laundering) / FT (Financing of Terrorism) activities, the AML / CFT policy of the Bank aims to provide guidelines for business, while establishing a business relationship with a new customer and maintaining/continuing relationship with existing customers in order to identify, assess, manage and mitigate risk on an ongoing basis and compliance with applicable laws and regulations.
2. SCOPE
This policy applies to each and every business segment and concerned employees to effectively
mitigate the risk of ML and FT. The document should be read in conjunction with the AML/CFT
Policy applicable in MCB Head Office (Pakistan) to ensure adherence to Regulation-6 (sub-
section 4, 5, and 6) of AML/CFT regulations issued by State Bank of Pakistan.
Bank is prone to the risk of ML/FT thereby being misused by criminal elements for their
ulterior motives. To address the risks stemming from customers, this policy will be a guiding
document for concerned employees towards managing the customer’s risks in an effective
way by using the risk based approach. Thus the Customer Due Diligence process will involve
the application of Risk Based Approach (RBA), through the introduction of sophisticated and
quantified Risk Rating Sheet(s)/Customer Risk Profiling Forms. Under the Customer Due
Diligence process, various sets of documents will be developed and provided to the branches /
field offices from time to time to ensure execution of the process and identification of risks
attached with each customer for effective mitigation of ML / FT risk.
Tipping off
Employees are strictly prohibited to disclose to any person including customers that the said transaction is being scrutinized for possible involvement in suspicious money laundering operations and/or terrorist financing and ensure compliance of section 9 and 10 of Financial Transaction Reporting act no. 6 of 2006.
Penalty
Failure to comply with AML/CFT requirements may result in penal action such as fines and imprisonment in accordance with the applicable laws.
Internal Controls, Policies, Compliance, Audit and Training
Requirements relating to development of Controls, Policies, Procedures, Training and programs to ensure compliance with AML / CFT regulations.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 3 of 10
3. OBJECTIVE OF THE POLICY IS TO COVER:
1. Compliance of all Statutory, regulatory & legal obligations to prevent ML and FT.
2. Acceptance of only bona fide and legitimate customers.
3. Verify the identity of customers using reliable and independent sources.
4. Conduct ongoing monitoring of customer accounts and transactions to prevent or
detect potential ML / FT activities.
5. Implement Customer Due Diligence process using risk based approach.
6. Effectively manage customer-driven risks by using procedures laid down in CDD &
AML/CFT Procedural Handbook of MCB Sri Lanka.
7. Managing reputational, operational, legal and concentration risks, etc.
4. ROLE AND RESPONSIBILITY OF COMPLIANCE OFFICER
The Bank is required to appoint a Compliance Officer in terms of Section 14 of the FTRA
(Financial Transactions Reporting Act, No. 6 of 2006), who shall be responsible for ensuring the
Bank’s compliance with the requirements of the relevant laws. This Officer must be at the
senior management level.
The said Compliance Officer shall specifically be responsible for the following:
(a) Ensuring the Bank’s compliance with the requirements of FTRA;
(b) Establish and maintain procedures and systems to—
(i) implement the customer identification requirements under section 2 ;
(ii) Implement procedures for the record keeping and retention requirements under
section 4;
(iii) Implement the process of monitoring required under section 5;
(iv) Implement the reporting requirements under sections 6, 7, 8 and section 22 in
relation to auditors and report all information to FIU as required in Section 7 of
Financial Transaction Reporting Act No 06 of 2006;
(v) Make its officers and employees aware of the laws relating to money laundering
and financing of terrorism; and
(vi) Screen all persons before hiring them as employees;
(c) Establish an audit function to test its procedures and systems for the compliance with
the provisions of this Act;
(d) Train its officers, employees and agents to recognize a suspicious transaction.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 4 of 10
5. ORGANIZATIONAL CHART OF COMPLIANCE FUNCTION
President
Group Head
Wholesale
Banking (WBG)
Country General
Manager -
Srilanka
Group Head
Compliance &
Controls (CCG)
Unit Head
Compliance -
Srilanka
Officer
Compliance -
Srilanka
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 5 of 10
6. KEY ELEMENTS OF CUSTOMER DUE DILIGENCE Following are the basic components of CDD:
I. Customer Identification:
The Bank will serve only the genuine person(s) and all out efforts would be made to determine t h e true identity of every customer. Minimum set of documents shall be obtained from various types of customer(s), at the time of opening an account, as prescribed in Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) Regulations.
Customer relationship is only to be established on the strength of a valid Passport/NIC/DL number or where the customer is not a natural person, the registration/ incorporation number, business registration number or special resolution/authority, in case of Charity Accounts etc. (as applicable).
For walk-in-customers / Occasional customers, to establish and validate the true identity of the person(s) executing the transactions either for self or if the person is acting on behalf of some other person(s), complete originator information must be obtained and identities must be invariably verified.
For non-face-to-face customers, Business shall put in place suitable operational procedures to establish identity of the client from a third party (an independent source). Equally effective customer identification procedures for non-face-to-face customers shall be applied as for those available for interview.
II. Customer Verification
The Bank shall identify the beneficial ownership of accounts/ transactions by taking all reasonable measures. Identification of the customer and beneficial owner will be verified using reliable independent sources.
Extra care is essential where the customer is acting on behalf of another person, and reasonable steps must be taken to obtain sufficient identification data to verify the identity of that other person as well. For customers that are legal persons or for legal arrangements, branches are required to take reasonable measures to (i) understand the ownership and control structure of the customer (ii) determine and verify the natural persons who ultimately own or control the customer. This includes those persons who exercise ultimate effective control over a legal person or arrangement.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 6 of 10
Identity documents, wherever required as per relevant AML/CFT Regulations, are to be verified. Verification of the identity of the customers and beneficial owners shall be completed before business relationship is established or a transaction is processed.
III. Customer Acceptance
A customer will only be accepted once the aforementioned formalities have been completed in letter and spirit. Walk-in-customers shall only be entertained, once due diligence measures for transactions relating to such customers as prescribed in CDD & AML/CFT Procedural Handbook have been complied with. Following accounts will not be opened/maintained by MCB Bank where;
a. Identity, beneficial ownership, or information on purpose and intended
nature of business relationship is not clear.
b. Name of the individual customer/organization (including such individuals who
are authorized to operate account(s) and the members of governing
body/directors/trustees of an entity) appears in the Proscribed/Sanctioned
entities lists.
c. Proscribed entities and persons or to those who are known to be associated
with such entities and persons, whether under the proscribed name or with a
different name.
d. Anonymous / fictitious (Benami) or numbered accounts.
e. Shell Banks & Corporations.
f. Client or business segment black listed by the Bank or by the Regulators.
g. The Bank is not able to satisfactorily complete required CDD measures.
IV. Accounts and Transaction Monitoring
The Bank shall put in place a Transaction Monitoring System to identify suspicious
transactions while paying special attention to every complex, unusually large and
out-of- pattern transaction(s), which have no apparent economic or visible lawful
purpose. If the Bank suspects or has reasonable grounds to suspect that the funds are
the proceeds of criminal activities or have potential to be used for terrorist activities, it
shall report its suspicion to FIU as per the procedures laid down by Central Bank of Sri
Lanka (CBSL).
High Value Transactions (HVT) exceeding the prescribed limits as defined by FIU (of
CBSL) shall also be reported to FIU through the Compliance Unit.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 7 of 10
For Wire Transfers, the bank may act as Ordering Institution, Beneficiary Institution or
Intermediary Institution while processing wire transfers/fund transfers. However,
wh i le cond u ct in g su ch operat ion s , i t sh a l l b e en su red t hat all
requirements as described in CDD & AML/CFT Procedural Handbook are completed
and other instructions, issued from time-to-time, in this matter are also adhered to.
V. Risk Management
All relationships shall be categorized with respect to their risk levels i.e. High, Medium and
Low based on the quantified risk profiling of customer (through standard risk rating sheet,
and as guided in CDD & AML/CFT Procedural Handbook) for making effective decisions
whether to perform Simplified Due Diligence (SDD) or Enhanced Due Diligence (EDD) both at
the time of opening and ongoing monitoring of business relationships.
The approval for all High Risk Customers in compliance of Section 29(c ii) Financial Transaction Reporting Act No 06 of 2006 will be obtained from Senior Management (Country General Manager) after performing EDD (Enhanced Due Diligence). Customer KYC / CDD profile will be reviewed and/or updated on the basis of t h e f o l l o w i n g predefined frequency contained in the AML / CFT Procedural Handbook.
High Risk At least Once in a Year or One-off*
Medium Risk At Least Once in 2 Years or One-off*
Low Risk At least Once in 3 Years or One-off*
*In case of any material change in the relationship or deviation from customer profile, CDD will be conducted and customer profile will be updated immediately without lapse of above defined period.
The robustness of the Due Diligence process will be assessed independently through the Compliance function & Internal Audit function by adhering to the respective processes laid down in this regard.
7. CORRESPONDENT BANKING
The Bank will establish correspondent banking relationships with only those foreign banks
that have adequate and effective AML / CFT systems and policies in line with the AML / CFT
regulations relating to the country in which that Bank operates. Moreover, the Bank will pay
special attention when establishing or continuing correspondent relationship with banks/
financial institutions which are located in geographical locations or governed by jurisdictions
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 8 of 10
that have been identified by FATF for inadequate and poor AML/CFT standards in the fight
against money laundering and financing of terrorism.
Before establishing new correspondent banking relationship, approval from senior
management (Country General Manager) and Financial Institution Division (FID) MCB Head
Office shall be obtained and proper Due Diligence shall be conducted. Ongoing Due
Diligence o f respondent/correspondent b a n k s will b e c o n d u c t e d u s i n g risk-based
approach following the guidelines as contained in the CDD & AML/CFT Procedural Handbook.
Bank shall not enter into or continue correspondence banking relationship with a shell bank
and shall take appropriate measures when establishing correspondent banking relationship, to
satisfy themselves that their respondent banks do not permit their accounts to be used with by
shell banks.
8. RECORD KEEPING
The records of identification documents, account opening forms, KYC forms, verification
documents, etc. along with records of account files and business correspondence, shall be
maintained for a minimum period of ten years after the business relationship is ended.
The Bank shall also maintain for a minimum period of ten years or more if required by local
law, all necessary records on transactions for both domestic and cross-border from the date of
completion of transaction(s). The data relating to suspicious transactions and currency
transactions reported by the Bank to relevant Authority/ Central Bank of Sri Lanka (CBSL) will
be retained for a period of at least ten years or more if required by local law from the date of
such reporting.
However, records relating to customers, accounts or transactions will be retained for longer
period, which involve litigation or is required by court or other competent authority until
otherwise instructed by the relevant body. Furthermore, all signature cards and documents
indicating signing authorities, and other documents relating to the account/deposit or
instrument surrendered to the CBSL, shall be kept in the bank’s record till such time that the
CBSL informs in writing that same need no longer to be preserved.
Further, MCB - Srilanka shall also follow the record management policy of MCB Head Office.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 9 of 10
9. TRAINING
Suitable Employee Training Program will be put in place by the country general manager as per
appropriate HR policy on an annual basis to enhance staff capability, in order to effectively
implement the regulatory requirements, and also bank’s own policy & procedural
requirements relevant to AML/CFT including alerts, analysis, and possible reporting of
Suspicious transactions as well as to understand new developments in AML/CFT techniques,
methods, and trends.
10. AML/CFT PROCEDURAL HANDBOOK
All Policy guidelines related to CDD and AML/CFT shall be documented in the form of CDD and
AML/CFT Procedural Handbook. This document shall be prepared and reviewed by Compliance
Officer-MCB Sri Lanka, and shall carry the joint recommendation of Country General Manager-
MCB Sri Lanka, subject to review by Group Head WBG and Group Head Compliance & Controls.
The approving authority for this document shall be the President.
Furthermore, it shall be reviewed at least once in two years.
11. PERIODICITY FOR REVIEW OF POLICY
This policy shall be reviewed at least biennially or on need basis. This policy will be approved
by the Board of Directors and all subsequent reviews of the document shall continue to be
approved at the same level.
The primary responsibility for review and maintenance of this Policy rests with the Compliance
Officer- MCB Sri Lanka and Country General Manager-MCB Sri Lanka, subject to review by
Group Head WBG and Group Head Compliance & Controls.
Wholesale Banking Group & Compliance and Controls Group
MCB Sri Lanka CDD & AML/CFT Policy Version 1.0 Page 10 of 10
12. GLOSSARY
AML Anti-Money Laundering
CFT Combating the Financing of Terrorism
BCBS Basel Committee on Banking Supervision
CBSL Central Bank of Sri Lanka
CSTFA Convention on the Suppression of Terrorist Financing Act
EDD Enhanced Due Diligence
FATF Financial Action Task Force
FIs Financial Institutions
FIU Financial Intelligence Unit
FTRA Financial Transaction Reporting Act
KYC Know Your Customer
ML Money Laundering
FT Financing of Terrorism
NGOs Non-Governmental Organizations
NPOs Not-for-Profit Organizations
PEPs Political Exposed Persons
PMLA Prevention of Money Laundering Act
RBA Risk Based Approach
SDD Simplified Due Diligence
STRs Suspicious Transaction Reports
UN United Nations