table of contents -...

Standard Commerce Bank, Ltd.1

Money Laundering & Terrorist Financing Risk Assessment

25 Victoria Street (Corner of Bath Road)Roseau, Commonwealth of Dominica

Implementation Date: May 2016

Version Number: 1.0

Last Updated: May 2016

Approved By: Alex Silver, Compliance Officer

1 Standard Commerce Bank, Ltd. is referred to as “SCB” or the “Bank” within this document.

Table of ContentsTable of Contents..................................................................................................................... 2

1 Risk Assessment............................................................................................................... 4

2 Money Laundering Risk.................................................................................................. 4

3 Terrorist Financing Risk................................................................................................ 4

4 What is an Inherently Risk for Money Laundering or Terrorist Financing...4

5 How Does SCB Assess Risk?........................................................................................... 5

6 Executive Summary......................................................................................................... 66.1 SCB’s Business...................................................................................................................... 66.2 SCB’s Risk............................................................................................................................... 6

7 SCB’s Products, Services and Delivery Channels....................................................77.1 Products & Services............................................................................................................ 7

7.1.1 Letters of Credit (LCs)....................................................................................................................77.2 Delivery Channels............................................................................................................... 8

7.2.1 Payment Methods (Incoming)....................................................................................................87.2.2 Payment Methods (Outgoing)....................................................................................................87.2.3 Non-Face-to-Face Transactions.................................................................................................97.2.4 Marketing, Advertising & Customer Service........................................................................9

8 Geography........................................................................................................................ 108.1 Destination/Origin of Client’s Funds..........................................................................108.2 Location of SCB’s Customers.........................................................................................108.3 SCB Location: Dominica..................................................................................................11

9 Customers and Business Relationships..................................................................119.1 Low to Medium Customers & Business Relationships.........................................119.2 High-Risk Customers & Business Relationships....................................................11

10 New Developments........................................................................................................ 12

11 Affiliates............................................................................................................................ 12

12 Operational Processes.................................................................................................. 12

13 Other Operational Factors..........................................................................................1213.1 Employees........................................................................................................................... 1313.2 Suppliers: Financial Services & Correspondent Banking...................................1313.3 Suppliers: Non-Financial................................................................................................13

14 SCB’s Controls.................................................................................................................. 1314.1 Geographic Controls........................................................................................................ 1414.2 Physical Controls.............................................................................................................. 1414.3 Electronic Controls...........................................................................................................1414.4 Transaction Based Controls..........................................................................................1514.5 Customer Identification, Review and Recordkeeping Controls........................1514.6 Staffing and Hiring Controls..........................................................................................16

2

14.7 Affiliate Controls............................................................................................................... 1614.8 Supplier Controls (Financial & Non-Financial Suppliers)...................................1714.9 Suppliers: Non-Financial Services Controls.............................................................1714.10 Other Operational Process Controls......................................................................18

15 Client and Business Relationship Risk Ranking..................................................1815.1 Business Relationships...................................................................................................1815.2 Low Risk Customers.........................................................................................................1915.3 Medium Risk Clients........................................................................................................1915.4 High Risk Customers........................................................................................................19

16 Transaction Monitoring............................................................................................... 2016.1 Enhanced Transaction Monitoring.............................................................................21

17 Enhanced Due Diligence.............................................................................................. 21

18 Updates to Client Information and Identification...............................................22

Appendix 1: Compliance Officer References...............................................................23

Appendix 2: Sample High-Risk Client Log....................................................................24

Appendix 3: Sample Enhanced Transaction Monitoring Log................................25

Appendix 4: Country Risk Rating Methodology..........................................................26

Appendix 5: Country Risk Table......................................................................................30

3

1 Risk AssessmentStandard Commerce Bank, Ltd. (“SCB” or the “Bank”) is committed to preventing, detecting and deterring money laundering and terrorist financing. This document, in conjunction with SCB’s training programme, policy and procedural documentation, forms part of the Bank’s anti-money laundering (AML) and counter terrorist financing (CTF) compliance programme.

The aim of this Risk Assessment is to diagnose and document, the risk that SCB’s business may be used to launder money or finance terrorism. In addition, SCB considers the controls that the Bank has in place to prevent money laundering and terrorist financing, and assess the effectiveness of the Bank’s controls (how well SCB believes the Bank is doing). Finally, SCB describes the mechanism that the Bank uses to rate the risk related to each of the Bank’s customers and business relationships2, as well as the controls that the Bank has put in place for the Bank’s higher risk customers.

Any questions or concerns about this document should be directed to the Compliance Officer.

2 Money Laundering RiskMoney Laundering is any act intended to hide the fact that the funds were obtained through criminal activity. Money laundering risk is the risk that a business could be used to disguise or move criminal proceeds.

3 Terrorist Financing RiskTerrorist Financing is funding any act of terrorism or committing any act, or omission, that facilitates the funding of terrorism. Terrorist financing risk is the risk that a business could be used to facilitate or disguise terrorist financing.

4 What is an Inherently Risk for Money Laundering or Terrorist Financing

In order for an activity or asset to be attractive for money laundering or terrorist financing, certain things are generally true:

1) The item or asset’s value is retained over time;2) The item or asset’s value can be transferred easily from one person to

another (e.g., across international borders); and3) The item or asset is difficult to trace as it passes from person to person.

2 For the remainder of this document, any reference to “customer”, includes SCB’s business relationships, unless otherwise specified.

4

This is because both money laundering and terrorist financing depend on being able to separate the source of the funds from the eventual purpose. Transferring commercial value between individuals and/or organisations often takes place, in order to make tracing the assets more difficult.

The ideal instrument for moving the assets retains its value over time and can be transferred anonymously to any location, which may occur locally, as well as across geographical borders.

5 How Does SCB Assess Risk?As part of this assessment, SCB must consider several distinct factors, specifically the Bank’s:

1) Products, Services and Delivery Channels: the specific goods or services that the Bank buys and sells, as well as the ways in which the Bank serves customers;

2) Geography: the areas in which SCB operates, including the Bank’s suppliers, the Bank’s physical locations and the areas in which the Bank’s customers are located;

3) Customers and Business Relationships: the individuals or organisations that engage in transactional activity with the Bank;

4) New Developments: any changes to technology or other aspects of the Bank’s business model that can have a significant impact on SCB’s risk;

5) Affiliates: any affiliated companies, including other companies that SCB owns and companies that share a Beneficial Owner with SCB, and companies that hold an ownership stake in SCB;

6) Operational Processes: work flow of the Bank, including anti-money laundering, counter terrorist financing and risk mitigation related processes;

7) Other Factors: any element of the Bank’s business that is not considered in the first three categories. The Bank considers SCB’s employees, investors and suppliers, as additional risk factors.

SCB assesses the risk in each of these categories as High, Medium or Low. An overall score for the entire business, is obtained by taking the average risk rating across each of the four categories. To do this, SCB assigns a numeric score to each rating:

High = 5 Medium = 3 Low = 1

SCB will consider the risk that money laundering or terrorist financing could occur, both before SCB’s controls have been applied, and after. While a rating of High, before controls have been applied is acceptable (the risk that would exist if there were no controls in place), it is expected that SCB’s controls will reduce the managed risk to Low levels in all categories. Where the risk after controls have

5

been applied is Medium or High, the Compliance Officer will revise the controls accordingly.

6 Executive Summary

6.1 SCB’s BusinessEstablished in 2016, SCB3 is a privately owned and fully independent bank servicing industrial and commercial entities as well as private individuals. Its international trade specialists ensure clients leverage SCB’s financial resources, technology and global banking network to manage and build their international businesses.

To that end, SCB offers a comprehensive range of trade and export finance products designed to mitigate credit risks, yet preserve the necessary flexibility to navigate complex cross-border transactions. The Bank, for instance, offers letter of credit services including export and import letters of credit as well as standby letters of credit. It will also discount deferred payment terms on export letters of credit. As an alternative to traditional letters of credit, the Bank implemented a programme to provide documentary collection to help facilitate payment when the buyer pays or agrees to pay for goods.

SCB holds a banking license issued by the Ministry of Finance of the Commonwealth of Dominica and is regulated by the Commonwealth’s Financial Supervision Unit.

6.2 SCB’s RiskBased on the Risk Assessment that follows, SCB’s overall money laundering and terrorist financing risk, before controls are applied (inherent), is Medium (3).

SCB’s controls effectively mitigate the risks to SCB; the risk that remains, once SCB’s controls have been applied (residual/managed), is Low (1).

In the sections that follow, SCB outlines the specific risks that apply to the Bank’s business, the controls that SCB has in place to combat money laundering and terrorist financing, SCB’s mechanisms for risk ranking SCB’s customers and the enhanced measures that are applied to SCB’s high-risk customers.

3 Standard Commerce Bank, Ltd. was incorporated pursuant to the Companies Act of Dominica, No. 21 of 1994 on 23 October 2015 and received a banking license pursuant to Section 5 of Dominica’s Offshore Banking Act No. 8 of 1996 on 18 January 2016.

6

CategoryInherent Risk

(High/Medium/Low)Rating

(1/3/5)Managed Risk

(High/Medium/Low)Rating

(1/3/5)

Products, Services and Delivery Channels

High 5 Low 1

Geography Medium 3 Low 1

Customers and Business Relationships

Medium 3 Low 1

New Developments

Low 1 Low 1

Affiliates Low 1 Low 1

Operational Processes

Medium 3 Low 1

Other Factors High 5 Low 1

Total / Overall Medium 3 Low 1

7 SCB’s Products, Services and Delivery ChannelsIn this section SCB considers the products and services that the Bank offers to SCB’s customers, as well as the delivery channels used to render the products and services. SCB also considers the methods of payment that may be used (both by SCB’s business and by SCB’s customers). Each of these has an effect on SCB’s money laundering and terrorist financing risk.

The average inherent money laundering and terrorist financing risk related to SCB’s products, services and delivery channels is High (5).

7.1 Products & ServicesSCB’s products and services are offered online, via SCB’s traditional website. The risk associated with each product and service is described below. As an aggregate, the inherent risk related to SCB’s products and services is High (5).

7.1.1 Letters of Credit (LCs)A letter of credit is a promise of payment from the issuer (issuing bank) to the beneficiary that the issuer will pay the beneficiary certain funds when the beneficiary submits certain documents to the issuer or a party designated by them in a specified manner, at a specified place, and within a specified time frame.

7

Authoritative sources including the Financial Action Task Force (FATF)4 and the Wolfsberg Group5 have identified LCs as potential components of trade based money laundering. While LCs are not anonymous, they can be used as a mechanism to transfer value rapidly from one company and/or jurisdiction to another. LCs may be used to create a complex and difficult to follow financial trail and/or to create the semblance of legitimate business transactions. In instances of trade based money laundering, schemes are generally reliant on collusion between a “buyer” and a “seller.”

The risk of money laundering or terrorist financing through LC transactions, before controls are applied, is Medium (3).

7.2 Delivery Channels

7.2.1 Payment Methods (Incoming)SCB accepts the following methods of payment from SCB’s clients:

Electronic Funds Transfer/Wire Payments.

An assessment of the risk related to the method of payment that SCB accepts appears below. Based on the average risk of the payment method accepted, the risk of money laundering or terrorist financing, before controls are applied, is High (5).

7.2.1.1 Electronic Fund TransfersSending funds via electronic funds transfer (including email money transfers) or wire, generally, requires an accountholder relationship with a financial institution. The exception being, a transaction conducted through a non-bank financial institution, in cash or via monetary instrument, where the funds being transferred are not drawn directly for the client’s bank account. Typically, when establishing an account with a financial institution, the client is identified and all transactions are tracked and monitored. Although these transactions cannot be completed anonymously, fund transfers, in particular international fund transfers, can potentially be used to move funds from person to person, or country to country, relatively quickly. The risk of money laundering or terrorist financing related to electronic fund transfers and wire payments, before controls are applied, is High (5).

7.2.2 Payment Methods (Outgoing)SCB uses the following methods when making payments to SCB’s clients:

Electronic Funds Transfer/Wire Payments.

4 http://www.fatf-gafi.org/media/fatf/documents/reports/Trade_Based_ML_APGReport.pdf5 http://www.wolfsberg-principles.com/pdf/standards/Wolfsberg_Trade_Principles_Paper_II_(2011).pdf

8

An assessment of the risks related to each method of payment that SCB uses appears below. Based on the average risk of the payment methods that the Bank uses for SCB’s clients, the risk of money laundering or terrorist financing, before controls are applied, is High (5).

7.2.2.1 Electronic Fund TransfersTransmitting client funds via electronic funds transfer (including email money transfers) or wire, requires an accountholder relationship with a financial institution. The exception being, a transaction conducted through a non-bank financial institution, in cash or via monetary instrument, where the funds being transferred are not drawn directly for the client’s bank account. In establishing an account, the client is identified and all transactions are tracked and monitored. Although these transactions cannot be completed anonymously, fund transfers, in particular international fund transfers, can be used to move funds from person to person or country to country relatively quickly. The risk of money laundering or terrorist financing through the payments that SCB makes to SCB’s clients or suppliers by electronic funds transfer or wire before controls is High (5).

7.2.3 Non-Face-to-Face TransactionsSCB does not meet with clients face to face. All transactions are conducted in a non-face-to-face environment. By nature, non-face-to-face transactions provide less, and less rich, opportunity for SCB’s staff members to interact with clients and observe client behaviour. As such, non-face-to-face transactions can be considered higher risk than transactions conducted face-to-face.

The risk of money laundering or terrorist financing related to non-face to face transactions, before controls are applied, is High (5).

7.2.4 Marketing, Advertising & Customer ServiceSCB’s products and services are marketed to clients via:

Word of mouth (from existing clients); Affiliates and suppliers; Web advertisement and website; Social media; Conferences and industry events; and Press releases and newswires.

SCB serves and interacts with clients: Over the phone; Via SCB’s website and client portal; and Via email.

SCB’s delivery channel mix is generally comprised of “low-touch” options, which do not involve face-to-face contact with SCB’s customers. While these provide little opportunity to observe customer behaviour and demeanor, the electronic nature of all customer contact ensures that all activity is tracked and logged.

9

Taken together, the risk of money laundering or terrorist financing via SCB’s delivery channels, before controls are applied, is High (5).

8 GeographyIn this section SCB considers the Bank’s geographic location as well as the locations of SCB’s client base and suppliers. In order to do this, the Bank uses materials published by KnowYourCountry.com. Country risk is rated numerically and divided into three categories6:

Lower Med - Low Med Med-High Higher

80 – 100 70 - 80 60 - 70 50 - 60 <50

SCB provides payout services through Electronic Funds Transfers, via SCB’s banking service providers, which is taken into consideration when determining a client’s risk rating.

In addition, SCB’s customers access products and services remotely (via electronic communication). As such, the location of SCB’s customers, including the countries which funds are sent to and received from, will be of greater importance to the assessment of SCB’s geographic risk.

The risk of money laundering or terrorist financing related to geography before controls are applied, is Medium (3).

8.1 Destination/Origin of Client’s FundsSCB facilitates transactions for all allowable regions (regions which are not blocked or sanctioned).

The mix of sender and destination countries is mostly static. Based on recent transaction data, countries are evaluated based on the know your customer risk model.

Based on the global nature of SCB’s business, and the possible shift in the country mix at any time, the risk of money laundering or terrorist financing related to SCB’s clients’ transaction locations, before controls, is Medium (3).

8.2 Location of SCB’s CustomersSCB facilitates transactions for customers in all allowable regions (regions which are not blocked or sanctioned).

The mix of sender and destination countries is mostly static. Based on recent transaction data, countries are evaluated based on the know your customer risk model.

6 A full description of the Know Your Country methodology is included as Appendix 4 of this document.

10

Based on the global nature of SCB’s business, and the possible shift in the country mix at any time, the risk of money laundering or terrorist financing related to SCB’s clients’ transaction locations, before controls, is Medium (3).

8.3 SCB Location: DominicaSCB operates from a single office location in Dominica. While the Caribbean Financial Action Task Force (CFATF) has cited Dominica as having strategic deficiencies, an action plan was put in place. Since this time, the CFATF has noted Dominica’s progress, in particular, the enactment of legislation and issuance of relevant guidelines addressing AML and CFT deficiencies. The US Department of State 2015 International Narcotics Control Strategy Report (INCSR) deemed Dominica a ‘Monitored’ Jurisdiction. There are no international sanctions currently in force against Dominica.

The risk of money laundering or terrorist financing related to THE SCB’s location, before controls are applied, is Medium (3).

9 Customers and Business RelationshipsSCB targets industrial and commercial entities as well as private individuals. Its international trade specialists ensure clients leverage SCB’s financial resources, technology and global banking network to manage and build their international businesses. The overall risk of money laundering or terrorist financing risk related to SCB’s customers and business relationships before controls are applied, is Medium (3).

9.1 Low to Medium Customers & Business Relationships All existing clients are associated with a Director of the Bank. All new clients will be referrals from the existing client base. SCB will have a written agreement in place with all clients.

The risk of money laundering or terrorist financing risk related to SCB’s regular customers and business relationships, before controls are applied, is Medium (3).

9.2 High-Risk Customers & Business Relationships Customers in this category have generally formed business relationships with SCB, however, some customers may be considered high risk without the formation of a business relationship. This includes instances where SCB has filed an STR, and instances in which the Bank has not filed either an STR, but the Compliance Officer wishes to monitor the customer’s activities more closely.

The risk of money laundering or terrorist financing risk related to SCB’s high-risk customers and business relationships, before controls are applied, is High (5).

11

10 New DevelopmentsSCB is a new bank, commencing operations in 2016. As such, there have not been any significant changes to SCB’s technology, SCB’s business model, SCB’s geographic location, SCB’s customers and business relationships or any other significant developments that would affect SCB’s inherent money laundering and terrorist financing risk.

The average inherent money laundering and terrorist financing risk related to new developments is Low (1).

11 Affiliates SCB has no affiliates or related entities, for the purpose of this risk assessment.

While all regulated entities are obligated to help detect, deter and prevent money laundering and terrorist financing, related entities are also a source of risk. Businesses and staff members may, knowingly or inadvertently, be co-opted by criminal groups to assist in activities related to money laundering or terrorist financing.

As SCB does not currently have any affiliates of related entities, the average money laundering or terrorist financing risk related to SCB’s other factors, before controls, is Low (1).

12 Operational ProcessesAlthough addressed under specific functional reviews, SCB’s AML and CTF Compliance Programme must also consider the overall risk of SCB’s business’ conduct, with regard to record keeping, decision making responsibilities for timely and accurate regulatory reporting/supporting documentation, as well as key manual and automated controls.

The money laundering or terrorist financing risk related to the relevant operational processes, before controls are applied, is Medium (3).

13 Other Operational FactorsThe additional operational factors that may affect SCB’s money laundering or terrorist financing risk which include:

Employees; Introducers; Suppliers: financial services & correspondent banking; and Suppliers: non-financial.

The average money laundering or terrorist financing risk related to SCB’s other factors, before controls, is Medium (3).

12

13.1 EmployeesEmployees, for the purpose of this risk assessment, include all full and part-time staff, as well as any contract and seasonal staff. While all employees are expected to help the Bank detect, deter and prevent money laundering or terrorist financing, employees are also a source of risk. Employees may, knowingly or inadvertently, be co-opted by criminal groups to assist in activities related to money laundering or terrorist financing.

The money laundering or terrorist financing risk related to employees, before controls are applied, is Medium (3).

13.2 Suppliers: Financial Services & Correspondent BankingSCB’s suppliers of financial services refer to SCB’s financial institution partners, as well as correspondent banking relationships in foreign jurisdictions. Like employees, suppliers may, knowingly or inadvertently, be co-opted by criminal groups to assist in activities related to money laundering or terrorist financing. Suppliers of financial services are desirable by criminals. Since they provide a potential avenue to place illicit funds into the legitimate economy, as well as disguise relatively large sums of money moving on an international scale.

The money laundering or terrorist financing risk related to financial service providers and correspondent banking relationships, before controls are applied, is High (5).

13.3 Suppliers: Non-FinancialSCB’s suppliers of non-financial services include, IT service providers, consultants, accountants and external sales contractors (entities or individuals contracted to connect SCB with potential clients). Like employees, SCB’s suppliers of non-financial services may, knowingly or inadvertently, be co-opted by criminal groups to assist in activities related to money laundering or terrorist financing. While these types of relationship do not directly relate to dealing with client funds, there is risk related to the access to a client’s private information, such as banking and identification details.

The money laundering or terrorist financing risk related to SCB’s suppliers of non-financial services, before controls are applied, is Medium (3).

14 SCB’s ControlsSCB takes the duty to prevent, detect and deter money laundering and terrorist financing seriously, and because of this, SCB has developed controls to reasonably ensure that the Bank is not used to launder money or finance terrorism. The controls listed below include primary controls (designed specifically for this purposes) and secondary controls (controls designed for other purposes that also help us prevent, detect and deter money laundering and terrorist financing). The controls described in this section are general and apply to SCB’s business, as a whole. Specific regional processes are described in the Compliance Procedure

13

documents, aligned to the regulatory requirements for each jurisdiction in which the Bank operates.

14.1 Geographic ControlsGeographic controls relate to SCB’s locations, customers’ locations and the locations with which SCB’s transactions have a nexus, and include:

SCB does not conduct business in jurisdictions deemed to be non-cooperative by the FATF (or similar regional bodies such as the CFATF);

SCB does not conduct business in jurisdictions that are subject to sanctions, which would make such business illegal, or inadvisable.

SCB is aware of the locations of its customers and the nexus locations for all transactions conducted.

Additional controls are applied on at the transaction level where the transaction is assessed as being higher risk (geography is considered as part of this assessment).

Additional controls are applied at the customer level where the customer is assessed as being higher risk (geography is considered as part of this assessment).

Additional controls are applied at the supplier level where the supplier is assessed as being higher risk (geography is considered as part of this assessment).

14.2 Physical ControlsPhysical controls relate to the security of SCB’s facilities and paper documents, and include:

The SCB office has video surveillance (outside) a guard daily from 1800 to 0600.

The SCB office is locked, both from the outside of the building and inside the building. All filing cabinets have additional locks on them.

Access to any AML or CTF related reports, investigations and regulatory correspondence, that are stored on paper, is restricted to the Compliance Officer and designate.

14.3 Electronic Controls Electronic controls include any measures that involve information stored

electronically, and includes the following elements: Access to any AML and CTF related reports or regulatory correspondence,

that is stored electronically, is restricted to the Compliance Officer and delegates,

Access to SCB’s electronic records systems (for both client and transaction information) is restricted to staff members that have a legitimate reason to access those systems,

14

With regard to SCB’s IT systems, the Bank has in place firewalls, encryption and other security measures to ensure that SCB’s information is not accessed without proper authorization,

Records of all client transactions are maintained electronically. All transactions that we process are entered into SCB’s record keeping system. SCB does not conduct “off the record” transactions under any circumstances,

Access to SCB’s electronic records and transaction processing systems is tracked via login and password, and

Any changes to client records is tracked within the IT systems. The tracking mechanism records information including the staff member login, the exact time and the information that was changed.

14.4 Transaction Based Controls SCB does not conduct transactions that involve countries listed as non-

cooperative by the FATF. If the Bank conducts any transactions with countries included in OFAC’s

Trade and Economic Sanction Lists or OSFI’s UN Security Council Sanctions Lists, additional processes and approvals are required.

If the Bank conducts any transactions that involve jurisdictions listed as high-risk by the FATF, that are subject to additional controls, which may include verification related controls and specific transaction thresholds.

Staff are trained to ask additional questions if the transaction that a client is requesting seems unusual, given their transaction history, or where the transaction doesn’t have an apparent purpose.

All client accounts, as well as transactions that have a future value date, are facilitated through an application and/or agreement process, both of which contain the terms and conditions related the client’s obligations and responsibilities.

Future dated transactions have a limitation to how far in the future the transaction can be requested (one year), as well as upfront information in order to ensure the transaction is allowable. For example, not related to non-cooperative/sanctioned countries or “listed” beneficiaries.

Alterations to future dated transactions have specific limitations to what can be changed, as well as approval requirements when certain information is requested for change, such as the beneficiary, the bank account of the recipient or the location of where the funds are destined.

14.5 Customer Identification, Review and Recordkeeping Controls Clients are required to be identified at account opening and all identification

records are maintained for at least seven (7) years. Clients are identified, where possible, when there is any suspicion of money

laundering or terrorist financing and all related identification records are maintained for all statutory retention periods.

If there is any doubt about the authenticity of identification or verification documents that a client provides, additional documents will be requested. Where additional information/documentation is provided but the concern

15

related to its authenticity still remains, all instances will be referred to the Compliance Officer regardless of the dollar value of the transaction being requested.

14.6 Staffing and Hiring ControlsThese controls ensure that the staff that SCB hires (including part-time and seasonal staff) are aware of the red flags that may indicate money laundering or terrorist financing.

All staff receive the required AML and CTF compliance training within 30 days of beginning employment, and at least annually, while they are part of SCB’s staff.

All staff have easy access to SCB’s AML and CTF Compliance Programme, including internal reporting forms and appropriate staff procedures, as well as access to compliance staff members for support.

All staff are encouraged to submit reports to the Compliance Officer when there is any suspicion of money laundering or terrorist financing.

SCB screens all new staff using a process that includes interviews and reference checks. Criminal background checks may also be conducted depending on the position and jurisdiction of the individual.

14.7 Affiliate ControlsThese controls ensure that any parent or subsidiary entities related to SCB, are aware of the red flags that may indicate money laundering or terrorist financing.

All staff have easy access to AML compliance programme documentation, including internal reporting forms and appropriate staff procedures, as well as access to compliance staff members for support.

All staff are encouraged to submit reports to the Compliance Officer when there is any suspicion of money laundering or terrorist financing.

All staff are screened using a process that includes interviews and reference checks. Criminal background checks may also be conducted depending on the position and jurisdiction of the individual, ensuring any of the related entities within the group are hiring trustworthy employees.

Any discrepancies, issues or concerns between related entities, specific to a client’s information or transactions, will be escalated to senior management for determination, as well as the Compliance Officer, as required.

14.8 Supplier Controls (Financial & Non-Financial Suppliers)These controls help the Bank to be certain that SCB’s suppliers of financial services, such as other MSBs and financial institutions (which include correspondent banks), are not individuals or entities with activities related to money laundering or terrorist financing. The controls placed on SCB’s financial service providers, financial institution partners and correspondent banking relationships, include the following:

16

SCB only deals with reputable suppliers that the Bank knows either by association within the industry or through due diligence processes for verifying (for example, by searching online) the supplier’s reputation.

SCB does not deal with suppliers that are located in countries listed as non-cooperative by the FATF or listed under relevant economic sanctions.

If the Bank deals with a supplier in a country that is listed as high-risk, enhanced due diligence measures must be applied and the Compliance Officer is consulted on the decision before any agreements are signed.

SCB will not enter into agreements with suppliers that are known to have been convicted of offences related to money laundering, terrorist financing, or other financial crime (such as Fraud).

SCB only deals with suppliers that the Bank believes have effective AML and CTF compliance controls in place, as evidenced during SCB’s due diligence processes.

All relationships with financial service providers, financial institutions or correspondent banks will be subject to SCB’s normal transaction monitoring process. Where the potential relationship is deemed to be high-risk, which triggers the requirements to complete enhanced due diligence measures, these relationships will also be subject to enhanced transaction monitoring.

Where the information or documentation requested from the potential service provider, during the due diligence or enhanced due diligence processes, is not provided, deemed inadequate or believed to be fictitious, the Compliance Officer must be consulted and SCB may refuse to enter into the relationship.

14.9 Suppliers: Non-Financial Services ControlsThese controls help us to be certain that SCB’s suppliers of non-financial services, such as IT service providers, consultants and accountants, are not individuals or entities with activities related to money laundering or terrorist financing.

SCB only deals with reputable suppliers that the Bank knows either by association within the industry or verifying (for example, by searching online) the supplier’s reputation.

SCB does not deal with suppliers that are located in countries listed as non-cooperative by the FATF or listed under relevant economic sanctions.

If the Bank deals with a supplier in a country that is listed as high-risk, the Compliance Officer is consulted on the decision before any agreements are signed.

SCB will not enter into agreements with suppliers that are known to have been convicted of offences related to money laundering, terrorist financing, or other financial crime.

SCB only deals with suppliers that the Bank believes have effective AML and CTF compliance controls in place, where the supplier is legally obligated to do so.

17

14.10 Other Operational Process Controls SCB’s AML and CTF Compliance Programme is subject to external review,

which must occur, at least once, every two years. An external review may also be required more frequently, which would be triggered by changes to local regulation, banking service providers or SCB’s business model.

All client transactions are subject to a quality assurance process conducted by the Bank’s staff and may be subject to additional quality assurance measures, where applicable.

SCB’s compliance team operates independently of any sales or audit functions.

SCB’s Compliance Officer has direct access to Senior Management and reports regularly (quarterly) to the Board of Directors.

15 Client and Business Relationship Risk RankingSCB divides clients into High, Medium and Low risk categories based on their activities.

Where the Bank conducts enhanced due diligence, including enhanced transaction monitoring, for high-risk clients, the Bank will compare the client’s activities to the stated nature and purpose of the relationship.

15.1 Business RelationshipsSCB will have a business relationship with any customer that has completed two or more transactions that require the customer to be identified.

In these cases, the Bank must collect and record information about the “nature and purpose” of that business relationship.

When conducting enhanced due diligence for higher risk business relationships, including enhanced transaction monitoring, the Bank will compare the activities conducted, to the original stated nature and purpose of the business relationship and record the results.

When a new customer sets up an account, the nature and purpose of the customer’s business relationship with SCB recorded. This information is collected regardless of the number of transactions conducted by the customer, and used in monitoring customers’ transactions on an ongoing basis.

For the remainder of this section, and for simplicity, SCB uses the term customer to refer to both customers and business relationships.

15.2 Low Risk Customers Most of SCB’s clients are Low risk. These are clients that are conducting transactions that appear to be within their means (the transaction makes sense for the client) and do not appear to have any involvement with money laundering or

18

terrorist financing. They do not request transactions that involve FATF non-cooperative countries or high-risk jurisdictions.

15.3 Medium Risk ClientsSome of SCB’s clients may pose a slightly higher level of risk, which the Bank will consider to be Medium. These clients are not so high risk that they require enhanced transaction monitoring or enhanced due diligence. These may include clients that have been previously delegated as high-risk, but have been downgraded out of the high-risk category over time. These include:

Clients that have inquired about (but not completed) transactions involving FATF non-cooperative jurisdictions within the past two years;

Clients that are located in or appear to have ongoing ties to high-risk jurisdictions;

Clients that have triggered an internal report (an unusual transaction report) within the past two years;

Clients that initially refused to be identified, but subsequently provided identification; and

Clients that perform transactions on behalf of third parties and are able to provide complete details about the third parties.

15.4 High Risk CustomersWhen the Bank defines clients as high-risk, it does not imply that the bank believes that SCB’s clients are criminals or involved in money laundering or terrorist financing activities. The Bank is merely acknowledging that, based on what is known about the client and their transactions, they pose a greater risk. These include clients for whom:

SCB is aware that the client is under investigation by a regulator; A positive match has been indicated for the client under the listing screening

procedures; SCB is aware that an individual client is a Politically Exposed Person (PEP); A client’s occupation that is classified as a “gatekeeper”, meaning they

possess the ability to transact on behalf of, or have access to personal and/or financial, of their clients. These occupations include:

o Accountants; o Financial Advisors; o Financial Planners; o Investment Analysts; o Investment Bankers; o Lawyers; o Immigration Consultants; or o Real Estate Brokers/Agents.

Non-individual clients whose line of business is considered vulnerable to money laundering or terrorist financing, as a result of being a cash intensive business, include the following categories:

19

o Money Services Businesses (MSBs); o Pawn Shops; o Dealers in precious metals, stones, or jewels; o Restaurants; o Convenience Stores; o Privately owned Automated Teller Machines (ATMs); o Vending machine operators; and o Privately owned parking garages.

Clients that have triggered an STR Suspicious , whether or not the transaction was completed, within the past year;

Clients that have triggered three or more STRs, whether or not the transaction was completed, within the span of SCB’s relationship with the client;

Clients that appear to have ongoing financial ties with a FATF non-cooperative jurisdiction;

Clients that, where identification was required and requested, have consistently refused to be identified, including clients that have altered a transaction request in order to avoid client identification requirements;

Clients that perform transactions on behalf of third parties but are unwilling or unable to provide complete details about the third parties; and

Clients that are organisations that seem to be deliberately structured in a way that makes it difficult to determine who owns or controls the organisation.

The Compliance Officer maintains a record of SCB’s high-risk clients. A sample high-risk client log can be found in Appendix 2 of this document. This appendix is included as a sample only; Client Risk Rankings and notes on compliance related activities for actual clients are housed in SCB’s IT systems, for privacy reasons.

SCB considers some clients to be too high-risk. In these instances, the Bank may know, rather than suspect, that the client is involved in criminal activity. In these instances, additional IT-based controls will be applied to prevent the client from accessing SCB’s products and services.

16 Transaction MonitoringThe Compliance Officer, or delegate, monitors all SCB’s transactions for potentially suspicious activity. Operational, Sales and Client Service staff escalate any unusual activity to the Compliance Officer using the internal Unusual Transaction Form (UTF).

In relation to SCB’s high-risk clients, enhanced transaction monitoring is conducted. The Compliance Officer, or delegate, reviews the information that is on file about the client, as well as records of the client’s activity for the past two years. If there is activity that appears to be related to money laundering or terrorist financing, STRs are filed.

20

High-risk client accounts are reviewed according to a schedule developed for the Commonwealth of Dominica, and more frequently when triggered by client activity (for example, where there is an internal report submitted to the Compliance Officer). The Compliance Officer will maintain complete records of the reviews and maintain these records for at least seven (7) years. A sample transaction monitoring log can be found in Appendix 3 of this document. This appendix is included as a sample only; notes about compliance related activities for actual clients are housed in the Bank’s IT systems, for privacy reasons.

16.1 Enhanced Transaction MonitoringFor high-risk customers and business relationships, enhanced transaction monitoring is conducted.

The Compliance Officer reviews the information that is on file about the customer, as well as records of the customer’s activity, for the past two (2) years. If there is activity that appears to be related to money laundering or terrorist financing, appropriate reports are filed. In addition, IT system parameters consider the risk ratings for all customers, and incorporates a lower threshold for alerts related to high-risk customers.

High-risk customer accounts are reviewed at least annually, and more frequently where triggered by certain customer activity (for example, where there is an internal report submitted to the Compliance Officer). The Compliance Officer will document complete records of these reviews and maintain them for at least seven (7) years in the Bank’s IT platform.

Where potentially suspicious activity is detected, the Compliance Officer conducts investigations, which can involve communication with the customer, or searches online, in order to understand the nature of the transaction. Where there are reasonable grounds to believe that a transaction is related to money laundering or terrorist financing, the transaction is reported. Whether or not the transaction is reported, the Compliance Officer maintains a record of the investigation process, rationale for reporting, or not, as well as any applicable follow-up activity.

17 Enhanced Due DiligenceHigh-risk clients require a level of due diligence above and beyond what the Bank does for regular clients. For this reason, when the Compliance Officer, or delegate, performs enhanced transaction monitoring for high-risk clients, they will also conduct a search through the IT system, for additional information and negative media alerts.

Any results that are related to criminal activity or indicate that the client has provided false or misleading information will be noted in the log. A report to may also be required at the Compliance Officer’s discretion.

Additional enhanced due diligence activities may apply according to the client’s risk characteristics (the reason that the client is considered to be high-risk). For

21

example, if there was doubt regarding the veracity of any KYC information provided by the client, documentation substantiating the client’s claim would be requested.

18 Updates to Client Information and IdentificationFor all active7 clients subject to SCB’s Client Due Diligence (CDD)/Know Your Client (KYC) processes, are reviewed on a periodic basis. The review may trigger updates to their information on file. These periodic reviews include analysis of the client’s identification documentation, previous 12 months of transaction history and, where possible, any results from the searches conducted by the IT system (negative media searches). These reviews are conducted on the following schedule, based on the client’s risk rating:

High Risk – annually; Medium Risk – every two years; and Low Risk – every three years.

Reviews of client files may also be triggered by expired identification documents, or, where the Compliance Officer has become aware of factors that would affect the client’s risk rating, both positively and negatively.

Any requests for change, related to a client’s risk rating, must be approved by the Compliance Officer, or a delegate, regardless of the adjustment being requested.

It is at the sole discretion of the Compliance Officer, whether or not additional information is required in order to make the update. All instances related to changing the risk rating of a client will be recorded and maintained by the Compliance Officer. These records will include the rationale for the change.

7 “Active customer” means any customer that has conducted a transaction within the past year.

22

Appendix 1: Compliance Officer ReferencesIn order to keep SCB’s Risk Assessment up to date, the Compliance Officer will use these references:

Financial Action Task Force (FATF)

www.fatf-gafi.org/

The FATF publishes lists of countries that are non-cooperative and high risk. There are also detailed evaluations of member countries.

Most AML and CTF legislation is based on the FATF’s recommendations (also published on their website).

Caribbean Financial Action Task Force (CFATF)

The Caribbean Financial Action Task Force (CFATF) is an organisation of states and territories of the Caribbean basin, which have agreed to implement common counter-measures against money laundering.

http://www.fatf-gafi.org/pages/caribbeanfinancialactiontaskforcecfatf.html

Know Your Country

http://knowyourcountry.com/

This site is a resource that combines various country risk metrics into a single numerical rating with a consistent methodology. The site is privately maintained.

Financial Services Unit of the Commonwealth of Dominica

The authority of the Financial Services Unit (FSU), which is a department within the Ministry of Finance, covers the financial sector in Dominica with the exception of Commercial Banks and Securities Business. The Financial Services Unit aims to ensure that every financial institution conducts a risk assessment, whereby policies, procedures and controls can be developed as to prevent/ mitigate the ML/TF risks identified.

http://fsu.gov.dm/

23

http://knowyourcountry.com/

http://www.fatf-gafi.org/

Appendix 2: Sample High-Risk Client LogThe Compliance Officer or delegate will use this log to maintain a list of SCB’s high-risk clients. All logs (including clients that are no longer delegated as high-risk) will be maintained for at least seven (7) years.

Client Name (if known)

Client Reference Number Jurisdiction

High Risk Reason Date

Jane Doe 12345 Dominica

Suspicious Transaction Report filed with on January 1, 2016. See report number 1122334455

01-Jan-16

24

Appendix 3: Sample Enhanced Transaction Monitoring LogThe Compliance Officer, or a delegate, will use this log to maintain a list of the transaction monitoring that has taken place for high-risk clients. All logs (including clients that are no longer delegated as high risk) will be maintained for at least seven (7) years.

Client Name (if known)

Client Reference Number Jurisdiction

Date ActivityReviewed By

Next Review Due By

Jane Doe 12345 Dominica01-Jan-16

Reviewed client activity for the last two years (no unusual findings) and Google search of client's name (no findings related to criminal activity).

Compliance Officer

01-Jan-17

25

Appendix 4: Country Risk Rating MethodologyThe KnowYourCountry.com risk-ranking tool has been designed to provide a measure of the money laundering and terrorist financing risk of countries that the Bank might have client relationships with and/or doing business with.

Based upon data collected from many international and government agencies, KnowYourCountry.com has subjectively weighted the findings to provide a free rating tool that is predominantly focused on money laundering and sanctions issues. Please see below SCB’s weightings and a list of all data subject sources.

Indicator / sub-indicator Weighting

1 Money laundering/terrorist financing risks 55

1.1. FATF Uncooperative / AML Deficient 25

1.2. FATF Compliance with 40+9 Rec 8

1.3. US DoS Jurisdictions of ML Primary Concern 15

1.5. US Secretary of State Report on International terrorism 5

1.6. EU Whitelist 2

2 International sanctions 15

3 Corruption risks 18

3.1. Transparency International – CPI /World Governance Indicators – Control of corruption - Average

18

4 Governance related risks 4

26

4.1. World Governance Indicators 4

5 Narcotics Major List 3

5.1 Narcotics Major List 3

6 Financial transparency risks 5

6.1. Offshore Finance Centre 5

27

Appendix 5: Country Risk Table8

Lower Med - Low Med Med-High Higher

80 - 100 70 - 80 60 - 70 50 - 60 <50

Last updated on: Last Updated: 4 April 2016

0 Denmark 90.332 Finland 90.313 Sweden 90.054 New Zealand 88.515 Estonia 86.976 Norway 85.487 Malta 84.988 Slovenia 84.609 Iceland 84.16

10 Ireland 81.8811 San Marino 81.7012 Belgium 81.6713 Lithuania 79.7314 Netherlands 79.1915 Germany 78.4216 Andorra 78.0917 United Kingdom 78.0918 Austria 77.6919 Anguilla 77.6420 Bermuda 77.5421 Aruba 77.0222 Canada 76.8523 France 76.4324 Botswana 76.2225 Hungary 76.0726 South Korea 75.70

8 http://knowyourcountry.com/1ratingtable.html

30

27 Croatia 75.5028 United States 75.3629 Oman 75.2230 Portugal 74.9231 Georgia 74.7832 Brunei Darussalam 74.6033 Chile 74.6034 Luxembourg 74.5035 Poland 73.7436 Namibia 73.7237 Spain 73.4938 Solomon Islands 73.4739 Switzerland 73.4140 Guernsey 73.4041 Jersey 73.4042 Vatican City State (Holy See) 72.9343 Latvia 72.8944 Fiji 72.8445 Czech Republic 72.8346 Mauritius 72.8347 American Samoa 72.7748 Singapore 72.7549 Montserrat 72.6650 Maldives 72.5951 Macedonia 72.2452 Australia 72.0353 Lesotho 71.9254 Tonga 71.7755 Slovakia 71.7356 Hong Kong 71.5357 Cape Verde 71.2758 Liechtenstein 71.2259 Dominica 71.2160 Qatar 71.1161 Gibraltar 71.11

31

62 Micronesia 71.0863 Marshall Islands 70.9664 Isle Of Man 70.8065 Cyprus 70.7666 Uruguay 70.7267 Italy 70.6668 Cayman Islands 70.6269 Malaysia 70.4370 Greece 70.2471 Sri Lanka 70.1572 Swaziland 70.0773 Romania 70.0174 Barbados 70.0075 Mongolia 69.8976 United States Virgin Islands 69.8977 Malawi 69.7578 Zambia 69.7079 Bulgaria 69.0780 Burkina Faso 68.9081 Argentina 68.7482 Rwanda 68.6783 Saudi Arabia 68.6684 Niue 68.6085 Ethiopia 68.4086 Montenegro 68.3087 Benin 68.1688 South Africa 68.1589 St Vincent & Gren 68.0590 Senegal 67.9191 Guam 67.8392 Turkey 67.7293 Niger 67.7194 Nepal 67.5295 Mozambique 67.4096 Serbia 67.33

32

97 Bhutan 67.2498 Timor-Leste 67.0599 Jordan 66.80100 Curacao 66.66101 Monaco 66.48102 Uzbekistan 66.47103 Cook Islands 66.41104 Nauru 66.41105 Tuvalu 66.23106 Mauritania 66.19107 Togo 66.18108 Armenia 66.18109 Macau 65.59110 Kuwait 65.41111 Kyrgyzstan 65.38112 St Lucia 65.27113 Tajikistan 65.16114 Costa Rica 65.11115 Palau 65.07116 U.A.E. 64.97117 Bahrain 64.92118 Kiribati 64.90119 Jamaica 64.60120 Mali 64.45121 St Maarten 64.40122 St Kitts & Nevis 64.40123 Gabon 64.39124 Grenada 64.29125 Cuba 64.22126 Taiwan 64.20127 El Salvador 64.13128 Puerto Rico 64.08129 British Virgin Islands 63.96130 Turkmenistan 63.85131 Samoa 63.78

33

132 India 63.65133 Seychelles 63.58134 Trinidad & Tobago 63.51135 Gambia 63.43136 Albania 63.19137 Peru 62.74138 Madagascar 62.72139 Suriname 62.61140 Mexico 62.46141 Djibouti 62.27142 Vietnam 62.23143 Brazil 62.08144 Antigua and Barbuda 61.97145 Belize 61.81146 Algeria 61.50147 Ghana 61.24148 Japan 61.23149 Kazakhstan 61.02150 Colombia 60.96151 Sao Tome & Prin. 60.79152 Tanzania 60.74153 Morocco 59.85154 Bangladesh 59.46155 Thailand 59.35156 Turks & Caicos 59.35157 Cameroon 59.11158 Tunisia 58.96159 Congo (Brazzaville) 58.60160 Indonesia 58.50161 Honduras 58.50162 Chad 58.08163 Nicaragua 57.99164 Israel 57.70165 Bahamas 57.22166 Angola 56.98

34

167 Kosovo 56.87168 Comoros 56.81169 China 56.23170 Kenya 55.46171 Paraguay 55.40172 Equatorial Guinea 55.39173 Dominican Republic 55.19174 Guinea 54.81175 Moldova 54.54176 Bolivia 54.53177 Cambodia 54.50178 Ecuador 54.21179 Panama 54.04180 Nigeria 53.99181 Egypt 53.78182 Russian Federation 52.75183 Belarus 52.71184 Guinea Bissau 52.63185 Guatemala 52.50186 Azerbaijan 52.30187 Papua New Guinea 51.70188 Philippines 51.70189 Uganda 51.32190 Vanuatu 51.16191 Liberia 51.05192 Pakistan 50.73193 Sierra Leone 49.65194 Gaza Strip 48.87195 West Bank (Palestinian Territory, Occupi 48.87196 Burundi 48.51197 Cote D'Ivoire 47.24198 Guyana 47.07199 Ukraine 45.28200 Lao People's Democratic Republic 44.04201 Eritrea 43.67

35

202 Central African Rep 43.25203 Sudan 43.25204 Zimbabwe 43.06205 Congo, the Democratic Republic 42.85206 Bosnia-Herzegovina 42.31207 Haiti 41.05208 Venezuela 39.28209 Libya 38.78210 South Sudan 38.29211 Lebanon 35.32212 Syria 28.16213 Somalia 27.29214 Yemen 24.60215 Myanmar 24.04216 Iraq 20.49217 North Korea 18.42218 Afghanistan 17.95219 Iran, Islamic Republic of 14.77

36

table of contents -...

Documents