Presentation is loading. Please wait.

Presentation is loading. Please wait.

OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010

Published byLillian Bradford Modified over 10 years ago

Similar presentations

Presentation on theme: "OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010"— Presentation transcript:

1 OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010
By: Shaun Swan, Associate Director Joy Smallwood (IMF resident advisor) Christiane Chidiac, Manager AML/CFT

2 AGENDA Introduction and objectives An overview of the AML / CFT Law (Joy Smallwood, IMF) Key obligations under the AML/ CFT Rules for QFC Firms Supervisory approach / regulatory expectations Consultation feedback – revisions and updates Working draft guidance discussion and questions

3 Introduction and objectives
AML briefing sessions: have open and transparent communication with firms operating in the QFC; brief firms on the requirements and obligations of the AML/CFT Law and the AML/CFT Rules; and provide firms with clear information on our expectations when implementing your obligations under the Law and the Rules.

4 An overview of the AML / CFT Law
Joy K Smallwood IMF Resident Advisor June 2010

5 Overview of the AML/CFT Law
Background: Law passed to protect Qatar from money laundering (ML) and the financing of terrorism (FT) 2007 IMF AML/CFT Evaluation showed deficiencies in Qatar’s previous AML/CFT legal framework New framework in line with Financial Action Task Force (FATF) international standards

6 Overview of the AML/CFT Law
10 Sections Definitions ML and FT Offences Disclosure system at customs National Anti-Money Laundering Committee (NAMLC) Qatar Financial Information Unit (QFIU) and Suspicious Transaction Reporting (STR) System 6. Preventive Measures 7. Supervisory Authorities 8. Investigative Procedures and Provisional Measures 9. International Cooperation 10. Sanctions

7 Overview of the AML/CFT Law
Key Definitions include: Proceeds of Crime - Any funds derived or obtained, directly or indirectly, from one of the predicate crimes listed in Article 2 (all felonies, international conventions, list of proceeds generating crimes e.g. fraud, theft, smuggling ) Funds - Assets or properties of every kind Money Laundering – see below Financing of terrorism - see below Financial Institution (FI)– 14 categories Designated Non Financial Businesses & Professions (DNFBPs) – real estate agents, jewelers, lawyers, accountants, trust and company service providers

8 Overview of the AML/CFT Law
Money Laundering: Defined as any of the following acts: The conversion or transfer of funds, by any person who knows, should have known or suspects that such funds are the proceeds of crime, for the purpose of concealing or disguising the illicit origin of such funds or of assisting any person who is involved in the commission of the predicate offence to evade the legal consequences of his actions. The concealment or disguise of the true nature, source, location, disposition, movement or ownership of or rights with respect to funds by any person who knows, should have known or suspects that such funds are the proceeds of crime. 3) The possession, acquisition, or use of funds by any person who knows, should have known or suspects that such funds are the proceeds of crime.

9 Overview of the AML/CFT Law
Terrorism Financing : An act committed by any person who, in any manner, directly or indirectly, and willfully provides or collects funds, or attempts to do so, with the intention to use them or knowing that these funds will be used in whole or in part for the execution of a terrorist act, or by a terrorist or terrorist organization.

10 Overview of the AML/CFT Law
Money Laundering Offence – Article 2: Definition (above) plus Expanded list of predicate offences - All felonies - Crimes covered under int’l conventions to which Qatar is a party - A list of other specific proceeds generating offences Associated ML offences – including for FIs and DNFBPs - Article 3

11 Overview of the AML/CFT Law
Financing of Terrorism Offence – Article 4 Definition (above) plus Offence considered committed irrespective of: - any occurrence of a terrorist act, - the place where it was committed or - whether funds actually used to commit an act

12 Overview of the AML/CFT Law
Filing Suspicious Transaction Reports (STRs) – Article 18: Financial institutions, DNFBPs and non profit organizations to promptly report suspicious transactions or attempted transactions to the QFIU when: - They suspect, or - They have reasonable grounds to suspect - Transactions could include funds that are proceeds of crime, or - Funds linked, related to or to be used for terrorist acts, terrorist organisations or terrorist financiers

13 Overview of the AML/CFT Law
Important protections when Filing STRs - No Tipping off to customer/third parties permitted (art 39) - Disclosure to competent authorities permitted - Protection for liability for STR reporting in good faith (art 82) - Protection from breach of criminal, civil and breach of professional secrecy provisions

14 Overview of the AML/CFT Law
Customer Due Diligence (CDD) – Section 6: - Identify and verify customer identities using reliable independent source documents, date or information - In a minimum of 5 situations: 1. when establishing business relationships, 2. during a domestic or international transfer of funds; 3. when doubts exist about the veracity or adequacy of previously obtained customer identification documents, data or information; 4. when there is a suspicion of money laundering or terrorist financing; 5. when carrying out occasional transactions, with a value equal to or above 55,000 Rials

15 Overview of the AML/CFT Law
Financial institutions and DNFBPs have responsibility to: enquire about the anticipated purpose and the nature of the business relationship and collect all relevant information. identify the beneficial owner of the customer and take all reasonable measures to verify his identity using reliable, independent source documents, data or information such that they are satisfied that they know who the beneficial owner is. For legal persons and arrangements, these measures must include taking reasonable additional measures to understand and monitor the beneficial owner thereof as well as the ownership and organizational structure thereof.

16 Overview of the AML/CFT Law
If financial institutions, and DNFBPs cannot fulfill their obligation of due diligence: they shall not establish or maintain the business relationship Where appropriate, they shall make a report to the FIU in accordance with this law. Transitional provisions for 6 months (to October 31) for implementation of CDD and correspondent banking provisions.

17 Overview of the AML/CFT Law
Financial Institutions and DNFBPs to put in place the following measures: Exercise ongoing due diligence Ensure CDD documents, data kept up to date Take specific and adequate measures to address the risks of ML and FT Put in place risk management systems for PEPs Keep records for 5 years, or longer if required by their supervisor (6 years for QFC)

18 Overview of the AML/CFT Law
Financial institutions and DNFBPs to develop and implement AML/CFT programs including the following internal policies, procedures, systems and controls: program management arrangements, and appropriate employee screening procedures to ensure that they are appointed pursuant to the highest standards. ongoing training for officers and employees to assist them in recognizing transactions and activities that may be linked to money laundering and terrorist financing and instruct them in the procedures to be followed in such cases. audit arrangements to check compliance with and effectiveness of the measures taken to apply the law. compliance officer at department leadership level.

19 Overview of the AML/CFT Law
For cross-border correspondent banking relationships, financial institutions shall: identify and verify the identification of respondent institutions. collect information on the nature of the respondent institution’s business. evaluate the respondent institution’s reputation and the nature of supervision to which it is subject. obtain approval from senior management before establishing a correspondent banking relationship. assess the controls implemented by the respondent institution re AML/CFT, and ensure that they are appropriate and effective. Payable through account requirements –customer CDD, monitoring and CDD information requests

20 Overview of the AML/CFT Law
For financial institutions who conduct domestic (including QFC) and external wire transfer business (exceeding 4000 Rials, or an equivalent value in other currencies), they must obtain and verify the following information about the originators of the transfers: (1) full name. (2) account number or, if there is no account number, a unique reference number. (3) address, national identity number, customer identification number, or date and place of birth.

21 Overview of the AML/CFT Law
4. The information is to be included in the wire message or payment form accompanying the transfer 5. Upon receipt of wire transfers that do not contain the complete originator information, FIs should take measures to obtain and verify the missing information from the ordering institution or the beneficiary 6. Should they not obtain the missing information they shall refuse acceptance of the transfer and report it to the Unit

22 Overview of the AML/CFT Law
Supervisors have the authority to: (Article 42) (1) adopt the necessary measures to establish fit and proper criteria for owning, controlling, or participating, in the directorship, management or operation of financial institutions. (2) regulate and supervise financial institutions, NPOs and DNFBPs for compliance with the obligations set out in this law, including through on-site examinations, and the request of documents, information, or records. (3) cooperate and share information with competent authorities, and provide assistance in evidence collection, prosecutions or proceedings relating to predicate offences, money laundering, and terrorist financing.

23 Overview of the AML/CFT Law
A supervisory authority may sanction its licensees (financial institution, NPO, or DNFBP ) for a violation under the law, made intentionally or by gross negligence, by imposing one of the following measures and sanctions: (Article 44) (1) ordering regular reports on the measures it is taking. (2) order to comply with specific instructions. (3) written warnings. (4) replacing or restricting the powers of managers, board members, or controlling owners, including the appointing of ad hoc administrator.

24 Overview of the AML/CFT Law
(5) barring individuals from employment within a business, profession or activity , either permanently or for a provisional period. (6) imposing supervision, suspending license, restricting or withdrawing any other form of permission and prohibiting the continuation of a business, profession or activity. (7) financial penalty in an amount no greater than 10 million Rials. (8) any other measures.

25 Overview of the AML/CFT Law
Governor of the Central Bank (Article 48), without prejudice to the authority of the Public Prosecutor, - in cases where there is a concern about the disposal of money laundering proceeds held at Financial Institutions - or where there is suspicion that funds, balances or accounts are being used in terrorist financing - may order the freezing of the suspected funds, balances or accounts for a period not exceeding ten business days, - The public prosecutor shall be notified of such an order within three business days of its issuance, otherwise it shall be treated as void ab initio - The public prosecutor may cancel the freezing order or renew it for a period not exceeding three months

26 Overview of the AML/CFT Law
Criminal Sanctions (Articles ): Terrorist financing: 10 years in jail and up to a 2 million Rial fine Money Laundering: 7 years in jail and up to a 2 million Rial fine Associated money laundering offences or tipping off: three years in jail and a fine not exceeding 500,000 Rials Failure to freeze terrorist assets by a financial institution or DNFBP, a fine not exceeding 1,000,000 Rials Breach of confidentiality by the FIU or by customs: three years in jail and a fine not exceeding 500,000 Rials

27 Key obligations under the AML / CFT Rules for QFC Firms

28 Key legislation and background to the new AML/CFT Rules
Law No. 4 of 2010 on Anti- Money Laundering and Combating the Financing of Terrorism QFC Regulatory Authority AML / CFT Rules 2010 Aligned to Law No. 4 of 2010 on Anti- Money Laundering and Combating the Financing of Terrorism Ensure optimum compliance with FATF Recommendations and standards

29 Background to the new AML/CFT Rules
close alignment with the FATF Recommendations and standards through the use of key FATF terms and terminology; the rules set out a clear senior management responsibility for AML/CFT responsibilities and the development of an AML/CFT programme; more sophisticated risk-based approach to addressing firms AML/CFT risks; and a single set of rules designed and structured to closely align with how a firm would undertake the development and implementation of an AML/CFT program and the ongoing compliance with AML/CFT regulatory requirements.

30 Key AML/CFT principles
The 6 key AML/CFT principles cover the following areas: Principle 1 – senior management responsibility; Principle 2 – risk-based approach; Principle 3 – know your customer; Principle 4 – effective reporting; Principle 5 – high standard screening and appropriate training; and Principle 6 – evidence of compliance.

31 Principle 1 - senior management responsibility
Senior Management responsible for effectiveness of the firm’s policies, procedures, systems and controls in preventing ML/TF (Rule 2.2.1) Senior Management must ensure that it: develops, establish and maintain effective AML/CFT policies, procedures, systems and controls; has adequate screening standards; identifies, designs, delivers and maintains AML/CFT training programme; has an adequately resourced and independent audit function; has regular and timely information to Senior Management of ML/TF risks; has ML/TF risk management policies and methodology that are appropriately documented; has in place an MLRO for the firm; and promotes an AML/CFT compliance culture Principle 1 (see r 1.2.1) requires the senior management of a Firm to ensure that the party’s policies, procedures, systems and controls appropriately and adequately address the requirements of the AML/CFT Law and these rules. Overall senior management responsibility The senior management of a Firm is responsible for the effectiveness of the party’s policies, procedures, systems and controls in preventing money laundering and terrorist financing. Particular responsibilities of senior management The senior management of a Firm must ensure the following: - that the Firm develops, establishes and maintains effective AML/CFT policies, procedures, systems and controls in accordance with these rules; - that the Firm has adequate screening procedures to ensure high standards when appointing or employing officers or employees; - that the Firm identifies, designs, delivers and maintains an appropriate ongoing AML/CFT training programme for its officers and employees; Note See pt 6.2 (AML/CFT training programme) for details of the Firm’s training requirements. - that the Firm has an adequately resourced and independent audit function to test (including by sample testing) compliance with, and the effectiveness of, the party’s AML/CFT policies, procedures, systems and controls; - that regular and timely information is made available to senior management about the management of the Firm’s money laundering and terrorist financing risks; - that the Firm’s money laundering and terrorist financing risk management policies and methodology are appropriately documented, including the party’s application of them; - that there is at all times an MLRO for the Firm who— -has sufficient seniority, experience and authority; and -has an appropriate knowledge and understanding of the legal and regulatory responsibilities of the role, the AML/CFT Law and these rules; -has sufficient resources, including appropriate staff and technology to carry out the role in an effective, objective and independent way; and -has timely, unrestricted access to all information of the Firm relevant to AML and CFT, including, for example— all customer identification documents and all source documents, data and information; and all other documents, data and information obtained from, or used for, CDD and ongoing monitoring; and all transaction records; and has appropriate back-up arrangements to cover absences, including a deputy MLRO to act as MLRO; - that a firm AML/CFT compliance culture is promoted within the party; - that appropriate measures are taken to ensure that money laundering and terrorist financing risks are taken into account in the day-to-day operation of the Firm, including in relation to— the development of new products; and the taking on of new customers; and changes in the Firm’s business profile.

32 Principle 1 - senior management responsibility
Senior Management must ensure that there is at all times an MLRO for the firm who: has sufficient seniority, experience and authority; has appropriate knowledge and understanding of their legal and regulatory responsibilities under the AML/CFT framework; has sufficient resources to carry out the role; has timely and unrestricted access to all firm AML/CFT information, including; all customer ID documents all other documents, data and info for CDD and ongoing monitoring purposes; and all transaction records appropriate back-up arrangements including a deputy MLRO Appointment—MLRO and deputy MLRO A Firm must ensure that there is at all times an MLRO and a deputy MLRO for the party. The MLRO and deputy MLRO for a Firm must— Eligibility to be MLRO or deputy MLRO Accordingly, the Firm must, from time to time, appoint an individual as its MLRO and another individual as its deputy MLRO. have sufficient seniority, experience and authority for the role, and in particular— be employed at the management level by the Firm, or by a legal person in the same group, whether as part of its governing body, management or staff; and Note Legal person, group, governing body and senior management are defined in the glossary. to report directly to the Firm’s senior management. to act independently; and Roles of MLRO and deputy MLRO The MLRO must also be ordinarily resident in Qatar. - oversighting the implementation of the Firm’s AML/CFT policies, procedures, systems and controls in relation to this jurisdiction, including the operation of the party’s risk-based approach; The MLRO for a Firm is responsible for the following: General responsibilities of MLRO Note Compare r (Overall senior management responsibility) and r (1) (a) (Particular responsibilities of senior management). - ensuring that appropriate policies, procedures, systems and controls are developed, established and maintained across the Firm to monitor the party’s day-to-day operations— - being the Firm’s key person in implementing the party’s AML/CFT strategies in relation to this jurisdiction; - to assess, and regularly review, the effectiveness of the policies, procedures, systems and controls in preventing money laundering and terrorist financing; - for compliance with the AML/CFT Law, these rules, and the Firm’s AML/CFT policies, procedures, systems and controls; and - helping ensure that the Firm’s wider responsibility for preventing money laundering and terrorist financing is addressed centrally; - supporting and coordinating senior management focus on managing the Firm’s money laundering and terrorist financing risks in individual business areas; Particular responsibilities of MLRO - promoting a Firm-wide view to be taken of the need for AML/CFT monitoring and accountability. Note For the obligation of the Firm to report to the FIU and tell the Regulator about the report, see rule 5.1.7. - making suspicious transaction reports to the FIU and telling the Regulator about them; - receiving, investigating and assessing internal suspicious transaction reports for the Firm; - receiving and acting on government, regulatory and international findings about AML and CFT issues; - responding promptly to any request for information by the FIU, the Regulator and other State authorities in relation to AML and CFT issues; acting as central point of contact between the Firm, and the FIU, the Regulator and other State authorities, in relation to AML and CFT issues; - reporting to the Firm’s senior management on AML and CFT issues; - monitoring the appropriateness and effectiveness of the Firm’s AML/CFT training programme; Role of deputy MLRO - exercising any other functions given to the MLRO, whether under the AML/CFT Law, these rules or otherwise. - keeping the deputy MLRO informed of significant AML/CFT developments (whether internal or external); - When the deputy MLRO acts as MLRO, these rules apply in relation to the deputy MLRO as if the deputy MLRO were the MLRO. - The deputy MLRO for a Firm acts as the party’s MLRO during absences of the MLRO and whenever there is a vacancy in the MLRO’s position. - The MLRO for a Firm must act honestly, reasonably and independently, particularly in— How MLRO must carry out role - However, to remove any doubt, rule (2) (Eligibility to be MLRO) does not apply in relation to the deputy MLRO when the deputy MLRO acts as MLRO. deciding whether to make, and making, suspicious transaction reports to the FIU. receiving, investigating and assessing internal suspicious transaction reports; and - The senior management of a Firm must, on a regular basis, decide what reports should be given to it by the MLRO, and when the reports should be given to it, to enable it to discharge its responsibilities under the AML/CFT Law and these rules. MLRO reports Reporting by MLRO to senior management - However, a report that complies with rule (Minimum annual report by MLRO) must be given to the - senior management by the MLRO for each financial year of the Firm and with sufficient promptness to enable the senior management to comply with rule (2). Note Senior management is defined in the glossary - that the MLRO may give to the senior management on the MLRO’s own initiative to discharge the MLRO’s responsibilities under the AML/CFT Law and these rules. - that the senior management may require to be given to it; or To remove any doubt, subrule (2) does not limit the reports— - This rule sets out the minimum requirements that must be complied with in relation to the report that must be given to the senior management by the MLRO for each financial year of the Firm (see rule (2)). Minimum annual report by MLRO - the numbers and types of internal suspicious transaction reports made to the MLRO; - The report must include the following for the period to which it relates: - The report must assess the adequacy and effectiveness of the Firm’s AML/CFT policies, procedures, systems and controls in preventing money laundering and terrorist financing. - the reasons why reports have or have not been passed on to the FIU; - the number of these reports that have, and the number of these reports that have not, been passed on to the FIU; - a summary of the AML/CFT training delivered to the Firm’s officers and employees; - areas where the Firm’s AML/CFT policies, procedures, systems and controls should be improved, and proposals for making appropriate improvements; - the numbers and types of breaches by the Firm of the AML/CFT Law, these rules, or the party’s AML/CFT policies, procedures, systems and controls; areas where the Firm’s AML/CFT training programme should be improved, and proposals for making appropriate improvements; Note See pt 6.2 (AML/CFT training programme). Note The following provisions require action plans: progress in implementing any AML/CFT action plans; - the number and types of customers of the Firm that are categorised as high risk; r (3) and (4) (When CDD may not be required—acquired businesses) r (b) (Consideration of MLRO reports) the outcome of any review of the Firm’s risk assessment policies, procedures, systems and controls. the outcome of any relevant quality assurance or audit reviews in relation to the Firm’s AML/CFT policies, procedures, systems and controls; r (3) (b) (Training must be maintained and reviewed). - The senior management of a Firm must, in a timely way— Consideration of MLRO reports Note See r (2) (b) (Records about compliance). - if the report identifies deficiencies in the Firm’s compliance with the AML/CFT Law or these rules— approve an action plan to remedy the deficiencies in a timely way. - consider each report made to it by the MLRO; and Example - For the report that must be given to the senior management for a financial year of the Firm (see rule (2)), the senior management must deal with the report in accordance with subrule (1) not later than 4 months after the day the party’s financial year ends. For a report for a financial year of the Firm that ends on 31 December, the senior management must deal with the report in accordance with subrule (1) before 1 May in the next year.

33 Principle 2 – risk-based approach
Principle 2 (Rule 1.2.2) requires firms to adopt a risk-based approach to the Rules Firms must Conduct business risk assessment and decide risk mitigation Approach risk mitigation based on threat assessment methodology Develop methodology by assessing the risk profiling and scoring of a business relationship with a customer and must consider at least the following 4 risk elements: Customer risk Product risk Interface risk Jurisdiction risk

34 Principle 2 – risk-based approach
Customer risk Measures for PEP risks Persons associated with Terrorism Product risk Correspondent banking Shell banks Wire transfers Interface risk Reliance on others Introducers, Group introductions and Intermediaries Jurisdiction risk ineffective AML/CFT regimes impaired international cooperation international sanctions high propensity for corruption

35 Principle 3– know your customer
Principle 3 (Rule 1.2.3) requires a firm to know each of its customers to the extent appropriate for the customer’s risk profile Key Term – Customer Due Diligence Measures (Rule 4.2.1) Customer identification Verifying the customers ID, reliable, independent source documents, data and information Establishing whether customer acting on behalf of another person Measures if customer acting on behalf of another person Measures if customer is a legal person or legal arrangement Establishing beneficial ownership Obtaining the source of customer’s wealth and funds Obtaining information about the purpose and intended nature of the business relationship When CDD required—basic requirement A licensed party must conduct customer due diligence measures for a customer when— it establishes a business relationship with the customer; or it conducts a one-off transaction for the customer with a value (or, for transactions that are or appear (whether at the time or later) to be linked, with a total value) of at least the threshold amount; or it suspects the customer of money laundering or terrorist financing; or it has doubts about the veracity or adequacy of documents, data or information previously obtained in relation to the customer for the purposes of identification or verification. Note CDD must also be conducted under r 3.3.8 (Powers of attorney) and (Wire transfers). In this rule: threshold amount means 55,000 Riyals (or its equivalent in any other currency at the relevant time). This rule is subject to the following provisions: rule (Introducers) rule (Group introductions) rule (Intermediaries) rule (When CDD may not be required—acquired businesses) rule (2) (Licensed party must ensure no tipping off occurs).

36 Principle 3– know your customer
Part 4.3 of the Rules deals with CDD measures and ongoing measures When CDD is required Timing of CDD – establishing business relationships and one-off transactions Extent of CDD Ongoing monitoring and procedures for monitoring Part 4.4 and Part 4.5 of the Rules deals with enhanced and reduced / simplified CDD measures Sets out circumstances in which enhanced CDD must be performed Sets out circumstances in which reduced / simplified CDD may be performed Enhanced CDD and ongoing monitoring Enhanced CDD and ongoing monitoring—general A Firm must, on a risk-sensitive basis, conduct enhanced customer due diligence measures and enhanced ongoing monitoring— in cases where it is required to do so under the AML/CFT Law or other provisions of these rules; or in any other situation that by its nature can present a higher risk of money laundering or terrorist financing. Note Enhanced customer due diligence measures or enhanced ongoing monitoring is required under the following provisions of these rules: r (2) (b) (Matters to be covered by policies etc) r (Persons associated with terrorist acts etc—enhanced CDD and ongoing monitoring) r (c) and (f) (Measures for politically exposed persons) r (3) (a) (Correspondent securities relationships generally) r (3) (Bearer shares and share warrants to bearer) r (2) examples (Risk assessment for jurisdiction risk) r (Jurisdictions with impaired international cooperation) r (Non-cooperative, high risk and sanctioned jurisdictions) r (1) (b) (Jurisdictions with high propensity for corruption) r (2) (Extent of CDD—general requirement) r (5) (Customer identification documentation—trusts). Reduced or simplified CDD—general A Firm may conduct reduced or simplified customer due diligence measures for a customer in cases where it is permitted to do so under a provision of this part when— it establishes a business relationship with the customer; or it conducts a one-off transaction for the customer to which rule (1) (b) applies (When CDD required—basic requirement). Note Reduced or simplified customer due diligence measures are permitted only under the following provisions of this part. However, reduced or simplified customer due diligence measures must not be conducted under this part if there is a suspicion of money laundering or terrorist financing. Reduced or simplified CDD—financial institution customer A Firm may conduct reduced or simplified customer due diligence measures for a customer if the customer is— a financial institution that is based, or incorporated or otherwise established, in Qatar and is acting on its own behalf; or a financial institution that— is based, or incorporated or otherwise established, in a foreign jurisdiction that imposes requirements similar to those of the AML/CFT Law and these rules; and is supervised for compliance with those requirements; and is acting on its own behalf. Note Foreign jurisdiction is defined in the glossary. Reduced or simplified CDD—listed, regulated public companies A Firm may conduct reduced or simplified customer due diligence measures for a customer if the customer is a public company whose securities are listed on a regulated financial market that subjects public companies to disclosure obligations consistent with international standards of disclosure.

37 Principle 3– know your customer
Part 4.6 of the Rules deals with 2 elements of Customer identification documentation: Customer Nature of customer’s economic activity Firms must make and keep records of all ID documentation it obtains when conducting CDD measures and ongoing monitoring Firms must make and keep records of how and when the steps of the CDD measures were taken and completed Customer’s economic activity Firms must obtain and document information on the source of the applicant’s wealth and funds Firms must obtain and document information about the purpose and intended nature of the of the business relationship Enhanced CDD and ongoing monitoring Enhanced CDD and ongoing monitoring—general A Firm must, on a risk-sensitive basis, conduct enhanced customer due diligence measures and enhanced ongoing monitoring— in cases where it is required to do so under the AML/CFT Law or other provisions of these rules; or in any other situation that by its nature can present a higher risk of money laundering or terrorist financing. Note Enhanced customer due diligence measures or enhanced ongoing monitoring is required under the following provisions of these rules: r (2) (b) (Matters to be covered by policies etc) r (Persons associated with terrorist acts etc—enhanced CDD and ongoing monitoring) r (c) and (f) (Measures for politically exposed persons) r (3) (a) (Correspondent securities relationships generally) r (3) (Bearer shares and share warrants to bearer) r (2) examples (Risk assessment for jurisdiction risk) r (Jurisdictions with impaired international cooperation) r (Non-cooperative, high risk and sanctioned jurisdictions) r (1) (b) (Jurisdictions with high propensity for corruption) r (2) (Extent of CDD—general requirement) r (5) (Customer identification documentation—trusts). Reduced or simplified CDD—general A Firm may conduct reduced or simplified customer due diligence measures for a customer in cases where it is permitted to do so under a provision of this part when— it establishes a business relationship with the customer; or it conducts a one-off transaction for the customer to which rule (1) (b) applies (When CDD required—basic requirement). Note Reduced or simplified customer due diligence measures are permitted only under the following provisions of this part. However, reduced or simplified customer due diligence measures must not be conducted under this part if there is a suspicion of money laundering or terrorist financing. Reduced or simplified CDD—financial institution customer A Firm may conduct reduced or simplified customer due diligence measures for a customer if the customer is— a financial institution that is based, or incorporated or otherwise established, in Qatar and is acting on its own behalf; or a financial institution that— is based, or incorporated or otherwise established, in a foreign jurisdiction that imposes requirements similar to those of the AML/CFT Law and these rules; and is supervised for compliance with those requirements; and is acting on its own behalf. Note Foreign jurisdiction is defined in the glossary. Reduced or simplified CDD—listed, regulated public companies A Firm may conduct reduced or simplified customer due diligence measures for a customer if the customer is a public company whose securities are listed on a regulated financial market that subjects public companies to disclosure obligations consistent with international standards of disclosure.

38 Principle 4– effective reporting
Principle 4 (Rule 1.2.4) requires a firm to have effective measures in place to ensure there is internal and external reporting whenever ML/TF is known or suspected Internal Reporting Clear effective policies, procedures, systems and controls for internal reporting of all known or suspected ML/TF instances Direct access to MLRO Obligation to report (STR) to MLRO (knows, suspects, grounds to know or suspect) MLRO to document, acknowledge, consider, investigate, decide, notify reporter External Reporting Clear effective policies, procedures, systems and controls for reporting to the FIU of all known or suspected ML/TF instances Prompt reporting to FIU, consult with FIU before proceeding with transaction Facts and circumstances of the knowledge or suspicion Regulator notified in writing but NOT the STR Internal reporting Internal reporting policies etc A licensed party must have clear and effective policies, procedures, systems and controls for the internal reporting of all known or suspected instances of money laundering or terrorist financing. The policies, procedures, systems and controls must enable the licensed party to comply with the AML/CFT Law and these rules in relation to the prompt making of internal suspicious transaction reports to the party’s MLRO. Access to MLRO A licensed party must ensure that all its officers and employees have direct access to the party’s MLRO and that the reporting lines between them and the MLRO are as short as possible. Note The MLRO is responsible for receiving, investigating and assessing internal suspicious transaction reports for the licensed party (see r (a)) Obligation of officer or employee to report to MLRO etc This rule applies to an officer or employee of a licensed party if, in the course of his or her office or employment, the officer or employee knows, suspects, or has reasonable grounds to know or suspect, that funds are— the proceeds of criminal conduct; or related to terrorist financing; or linked or related to, or are to be used for, terrorism, terrorist acts or by terrorist organisations. Note Funds, proceeds of criminal conduct, terrorist financing, terrorist act and terrorist organisation are defined in the glossary. The officer or employee must promptly make a suspicious transaction report to the licensed party’s MLRO. Note See r (2) for relevant matters to be included in the licensed party’s AML/CFT policies, procedures, systems and controls. The officer or employee must make the report— irrespective of the amount of any transaction relating to the funds; and whether or not any transaction relating to the funds involves tax matters; and even though— no transaction has been, or will be, conducted by the licensed party in relation to the funds; and for an applicant for business—no business relationship has been, or will be, entered into by the licensed party with the applicant; and for a customer—the licensed party has terminated any relationship with the customer; and any attempted money laundering or terrorist financing activity in relation to the funds has failed for any other reason. If the officer or employee makes a suspicious transaction report to the MLRO (the internal report) in relation to the applicant for business or customer, the officer or employee must promptly give the MLRO details of every subsequent transaction of the applicant or customer (whether or not of the same nature as the transaction that gave rise to the internal report) until the MLRO tells the officer or employee not to do so. Note An officer or employee who fails to make a report under this rule may commit an offence against the AML/CFT Law. Obligations of MLRO on receipt of internal report If the MLRO of a licensed party receives a suspicious transaction report (whether under this division or otherwise), the MLRO must promptly— if the licensed party’s policies, procedures, systems and controls allow an initial report to be made orally and the initial report is made orally—properly document the report; and give the individual making the report a written acknowledgment for the report, together with a reminder about the provisions of part 5.2 (Tipping off); and consider the report in light of all other relevant information held by the licensed party about the applicant for business, customer or transaction to which the report relates; and decide whether the transaction is suspicious; and Note See r (Obligation of licensed party to report to FIU etc). give written notice of the decision to the individual who made the report. A reference in this rule to the MLRO includes a reference to a person acting under rule (3) (b) (Obligation of licensed party to report to FIU etc) in relation to the making of a report on the party’s behalf. Note Under r the deputy MLRO acts as the MLRO during absences of the MLRO and whenever there is a vacancy in the MLRO’s position.

39 Principle 4– effective reporting
Tipping off under Part 5.2 of the Rules unauthorised act of disclosing information to the customer which results in the customer knowing or suspecting the following: that they are the subject of an STR ; or that they are the subject of an investigation relating to ML/TF unauthorised act of disclosing information that may prejudice action in relation to offences, apprehension and prosecutions, recovery of proceeds of crime and the prevention of ML/TF Firms must ensure no tipping off occurs Firms must ensure staff are aware of and sensitive to issues surrounding and consequences of tipping off What is tipping off? Tipping off, in relation to an applicant for business or a customer of a licensed party, is the unauthorised act of disclosing information that— may result in the applicant or customer, or a third party (other than the FIU or the Regulator), knowing or suspecting that the applicant or customer is or may be the subject of— a suspicious transaction report; or an investigation relating to money laundering or terrorist financing; and may prejudice the prevention or detection of offences, the apprehension or prosecution of offenders, the recovery of proceeds of crime, or the prevention of money laundering or terrorist financing. Licensed party must ensure no tipping off occurs A licensed party must ensure that— its officers and employees are aware of, and sensitive to— the issues surrounding tipping off; and the consequences of tipping off; and it has policies, procedures, systems and controls to prevent tipping off. If a licensed party believes, on reasonable grounds, that an applicant for business or a customer may be tipped off by conducting customer due diligence measures or ongoing monitoring, the party may make a suspicious transaction report to the FIU instead of conducting the measures or monitoring. If the licensed party acts under subrule (2), the MLRO must make and keep records to demonstrate the grounds for the belief that conducting customer due diligence measures or ongoing monitoring would have tipped off an applicant for business or a customer. Information relating to suspicious transaction reports to be safeguarded A licensed party must take all reasonable measures to ensure that information relating to suspicious transaction reports is safeguarded and, in particular, that information relating to a suspicious transaction report is not disclosed to any person (other than a member of the party’s senior management) without the consent of the party’s MLRO. The MLRO must not consent to information relating to a suspicious transaction report being disclosed to a person unless the MLRO is satisfied that disclosing the information to the person would not constitute tipping off. If the MLRO gives consent, the MLRO must make and keep records to demonstrate how the MLRO was satisfied that disclosing the information to the person would not constitute tipping off.

40 Principle 5– high standard screening and appropriate training
Principle 5 (Rule 1.2.5) requires a firm to have adequate screening procedures to ensure high standards when appointing or employing officers and employees Screening procedures focus on ‘higher-impact’ individual – role in preventing ML/TF Employment based on appropriate character, knowledge, skills and abilities to act honestly, reasonably and independently Procedures for higher-impact individual before employment must include provision for: Obtaining references Employment history and qualifications Regulatory actions Criminal convictions Accuracy and completeness of information

41 Principle 5– high standard screening and appropriate training
Principle 5 (Rule (b)) requires a firm to have an appropriate ongoing AML/CFT training programme for its officers and employees Firms must Identify, design, deliver and maintain an appropriate ongoing AML/CFT training programme for staff, including: Awareness and understanding of legal and regulatory responsibilities and obligations Role in preventing ML/TF Liabilities incurred under the AML/CFT framework Role of risk management, MLRO, ML/TF techniques and trends and vulnerabilities STR obligations Training must be maintained and reviewed and improved if appropriate

42 Principle 6– evidence of compliance
Principle 6 (Rule 1.2.6) requires a firm to be able to provide documentary evidence of its compliance with the requirements of the AML/CFT Law and the Rules. Records for customers and transactions A licensed party must make and keep records in relation to— its business relationship with each customer; and each transaction that it conducts with or for a customer. The records must— comply with the requirements of the AML/CFT Law and these rules; and enable an assessment to be made of the licensed party’s compliance with— the AML/CFT Law and these rules; and its AML/CFT policies, procedures, systems and controls; and enable any transaction effected by or through the licensed party to be reconstructed; and enable the licensed party to comply with any request, direction or order by a competent authority, judicial officer or court for the production of documents, or the provision of information, within a reasonable time; and indicate the nature of any evidence that it obtained in relation to an applicant for business, customer or transaction; and for any such evidence—include a copy of the evidence itself or, if this is not practicable, information that would enable a copy of the evidence to be obtained. This rule is additional to any provision of the AML/CFT Law or any other provision of these rules. Note The following provisions of these rules also relate to the making or keeping of records: r (2) (d) (Matters to be covered by policies etc) r (2) (Electronic verification of identification documentation) r (Ongoing monitoring required) r (Records of customer identification documentation etc) r (4) (Risks associated with the economic activity—source of wealth and funds) r (1) (Risks associated with the economic activity—purpose and intended nature of business relationship) r (Obligation not to destroy records relating to customer under investigation etc) r (Reporting records to be made by MLRO etc) r (3) (Licensed party must ensure no tipping off occurs) r (3) (Information relating to suspicious transaction reports to be safeguarded). Training records A licensed party must make and keep records of the AML/CFT training provided for the party’s officers and employees, including, as a minimum— the dates the training was provided; and the nature of the training; and the names of the individuals to whom the training was provided.

43 Supervisory approach / regulatory expectations

44 “Dear CEO” letters Compliance confirmation letters from Firms on or before September 15th stating that the Firm has undertaken the following: Review of Policies, Procedures, Systems and Controls Development & implementation of the risk-based approach Review customers files Enhancement of AML/CFT compliance culture Training to relevant staff Independent Review of the AML framework The letter should confirm whether or not the Firm is in compliance with the new AML/CTF Rules 2010 of the QFC Regulatory Authority. Areas of non-compliance + related remediation plan  to be shared with the Regulatory Authority The RA will send out “Dear CEO” letters requesting Firms to send confirmation letters to the RA on or before September 15th 2010 stating that the Firm has undertaken the following: reviewed the Firm’s Policies, Procedures, Systems and Controls & align it with the new AML/CFT Rules Developed and implemented, in line with the new AML/CFTR: an AML business risk assessment an AML threat assessment methodology an AML Risk profiling and risk scoring of business relationships methodology reviewed the Firm’s customers files and aligned it with the new AML Rules requirements enhanced the Firm’s AML/CFT compliance culture; (senior management must ensure that a firm-wide AML/CFT compliance culture is promoted within the firm and is held responsible for the lack of it) provided training to relevant staff in relation with the new AML rules undertaken an independent review of the AML framework in light of the new AML Rules enactment (we expect the audit to be undertaken by a knowledgeable independent party i.e. Internal/External auditor, Compliance where compliance function is not held by the MLRO… ) The Letter should come from the CEO and should confirm whether or not the Firm is in compliance with the new AML/CFT Rules 2010 of the QFC Regulatory Authority. Where areas of deficiency are identified; the Firm needs to identify it within the letter and share with the RA the related remediation plan. 44

45 AML/CFT Assessments Risk Assessment & AML reviews will be conducted in light of the new AML/CTF Rules – no interruption to normal assessment / review timetable. AML Focused reviews – Supervisor reviews will focus, among other items, on: The Risk-Based Approach Senior management buy-in / AML/CFT compliance culture Know Your Employees / Employees Screening Review of client files Reviews of policies, procedures, systems and controls particularly: KYC/CDD/Customer identification documentation Screening against sanction/suspect lists Transaction monitoring Suspicious Transaction Reporting Deputy MLRO arrangements Risk Assessment & AML reviews (onsite/offsite) will be conducted in light of the new AML/CFT Rules since the latter commenced on 30 April There will be no interruption of the normal course of the reviews. AML Focused reviews In their reviews Supervisors will focus, among other items, on: The Risk-based approach, primarily: AML business risk assessment AML threat assessment methodology AML Risk profiling and risk scoring of business relationships Senior management buy-in as well as their role/involvement in the promotion of a Firm wide AML/CFT compliance culture Know Your Employees / Employees Screening Review of client files in light of the new rulebook enactment & other evidence of compliance Reviews of policies, procedures, systems and controls particularly in relation with: KYC/CDD/Customer identification documentation Screening against sanction/suspect lists Transaction monitoring Suspicious Transaction Reporting Deputy MLRO arrangements (The latter is not an AI, nor has to be resident, however he/she must be employed at the management level and has sufficient seniority, experience and authority for the role) 45

46 Firms not compliant with the new requirements
Firms will have until 15 September (after EID) to demonstrate full compliance with the new AML/CFT Rules. Firms not compliant with the new requirements of the 2010 Rules will be dealt with by Risk Mitigation Programs (RMPs), letters… at this stage the Regulatory Authority will educate Firms and assist them in complying with the new requirements. Non compliance with rules that also existed under the old AML Rulebook will be dealt with via Breaches, RMP & enforcement action depending on the gravity of the matter. Firms will have until after EID (15 September) to demonstrate compliance with the new AML/CFT Rules. Deficiencies in relation to nuances or new requirements under the 2010 Rules will be dealt with Risk Mitigation Programs (RMPs), letters… at this stage the Regulatory Authority will educate Firms and assist them in complying with the new requirements. Non compliance with rules that also existed under the old AML Rulebook will be dealt with Breaches, RMP & enforcement action depending on the gravity of the matter. 46

47 What do we expect firms to do?
ASAP, and in line with confirmation letter to send, we expect Firms to: Review of Policies, Procedures, Systems and Controls Develop: an AML business risk assessment an AML threat assessment methodology an AML Risk profiling and risk scoring of business relationships methodology Review customers files Enhance the AML/CFT compliance culture Train relevant staff Undertake an Independent Review of the AML framework ASAP, and in line with confirmation letter to send, we expect Firms to: review their Policies, Procedures, Systems and Controls and align it with the new AML/CFTR 2010 develop an AML business risk assessment an AML threat assessment methodology an AML Risk profiling and risk scoring of business relationships methodology review the Firm’s customers files and aligned it with the new AML Rules requirements enhanced the Firm’s AML/CFT compliance culture training to relevant staff in relation with the new AML rules undertaken an independent Review of the AML framework in light of the new AML Rules enactment 47

48 What happens next? Firms need to be able to demonstrate full compliance with the new AML/CTF Rules On or before Sept 15th, the Firm needs to file with the Regulatory Authority the compliance confirmation letters stated previously The AML team will be conducting reviews (onsite/offsite) to verify compliance with the new AML/CTF Rules The Regulatory Authority will be filing breaches and enforcing action in relation to non-compliance with the new AML/ CTF rules After September 15th 2010 Firms need to be able to demonstrate full compliance with the new AML/CFT Rules The Firm needs to file with the Regulatory Authority the compliance confirmation letters stated previously The AML team will be conducting reviews (onsite/offsite) to verify compliance with the new AML/CFT Rules After Sept 15th, the Regulatory Authority will be filing breaches and enforcing action in relation to non-compliance with the new AML rules (including those that were not required in the previous AML Rulebook) depending on the gravity of the matter. 48

49 Consultation feedback revisions and updates

50 Feedback and revisions
CP submissions covered the following areas Correspondent Banking – exceptions Outcome – no change as Rules in line with FATF recommendations Relaxation of payable through accounts provisions Relaxation of ‘originator information’ requirements on wire transfers Clarification sought on the ordinarily resident requirement for the Deputy MLRO Outcome – Rules clarified under (3) that the Deputy MLRO is not required to be ordinarily resident when acting as MLRO Clarification sought on provisions relating to ‘Group Introductions’ (Rule ) and the extent of information to be provided by the introducer to the Firm Outcome – No change to the Rule – Information on obtained CDD needs to be provided by the Introducer to the Firm, not the totality of the documentation collected. Clarification sought on the status of the AML Regulations Outcome – the AML Regulations have been superseded by the Law and the AML Regulations are with the Minister for formal repeal

51 Feedback and revisions
CP submissions covered the following areas Clarification sought on the need to notify the Regulator when an STR is submitted Outcome – the Rules require Firms to notify the Regulator of an STR submission but does not include the STR itself Clarification sought on the extent to which screening requirements applied to all prospective employees of a firm Outcome – the Rules have been modified to focus on ‘higher-impact’ AML/CFT officers and employees Clarification sought on the extent to which screening requirements should be applied across jurisdictions Outcome – No change to the Rules, firms will need to satisfy themselves and be able to demonstrate that they have taken appropriate measures in accordance with the rules Reliance on others provision – Introducers (Rule (3) (a)) requires firms to receive an introducers certificate from the introducer Outcome – Introducers Certificate – Approved Form Q20 on the website

52 Working draft guidance discussion and questions

Download ppt "OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010"

Similar presentations

The Compliance & Risk Functions In Credit Unions What Supervisors need to know? Michael Mullen ILCU Learning Advisor.

The Compliance & Risk Functions In Credit Unions What Supervisors need to know? Michael Mullen ILCU Learning Advisor.
Prevention of money laundering / combating terrorist financing

Prevention of money laundering / combating terrorist financing
Thanasis Korfiotis Cyprus Bar Association Board Member

Thanasis Korfiotis Cyprus Bar Association Board Member
Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 Conor Kennedy Law Library, Four Courts, Dublin 7.

Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 Conor Kennedy Law Library, Four Courts, Dublin 7.
Criminalization of Money Laundering

Criminalization of Money Laundering
The New Anti-Money Laundering Regulations

The New Anti-Money Laundering Regulations
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
At Hyderabad December 29, 2010 Kunnel Prem. ICP 27 on Insurance Frauds and ICP 28 on AML/CFT.

At Hyderabad December 29, 2010 Kunnel Prem. ICP 27 on Insurance Frauds and ICP 28 on AML/CFT.
Anti Money Laundering (AML) An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Anti Money Laundering (AML) An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
ACCOUNTING ETHICS Lect. Victor-Octavian Müller, Ph.D.

ACCOUNTING ETHICS Lect. Victor-Octavian Müller, Ph.D.
Trends © Copyright NCA At least 1 in 4 organised crime groups retain a corrupt individual in the legitimate financial sector Illicit profits are often.

Trends © Copyright NCA At least 1 in 4 organised crime groups retain a corrupt individual in the legitimate financial sector Illicit profits are often.
Building A Financial Intelligence Unit In a Bank Secrecy Environment Lebanon’s Experience Presented by A. Mansour Secretary Special Investigation Commission.

Building A Financial Intelligence Unit In a Bank Secrecy Environment Lebanon’s Experience Presented by A. Mansour Secretary Special Investigation Commission.
Anti-Money Laundering (AML)

Anti-Money Laundering (AML)
KYC Norms & AML Standards Guidelines

KYC Norms & AML Standards Guidelines
1 Supplement to the Guideline on Prevention of Money Laundering Hong Kong Monetary Authority 8 June 2004.

1 Supplement to the Guideline on Prevention of Money Laundering Hong Kong Monetary Authority 8 June 2004.
THE CFATF MUTUAL EVALUATION PROCESS (IN A (SMALL) NUTSHELL) Robin Sykes Financial Investigations Division.

THE CFATF MUTUAL EVALUATION PROCESS (IN A (SMALL) NUTSHELL) Robin Sykes Financial Investigations Division.
Anti-Money Laundering

Anti-Money Laundering
FICA Financial Intelligence Centre Act. Agenda Functions of FICA Objectives of FICA What is a suspicious transaction ? How to report a suspicious transaction?

FICA Financial Intelligence Centre Act. Agenda Functions of FICA Objectives of FICA What is a suspicious transaction ? How to report a suspicious transaction?
Money Laundering 23 September 2014. Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.

Money Laundering 23 September Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.
ZHRC/HTI Financial Management Training

ZHRC/HTI Financial Management Training

Similar presentations

Ads by Google