550 likes | 656 Views
OVERVIEW OF THE QFC / CFT AML REGIME. Date: 9 June 2010 By: Shaun Swan, Associate Director Joy Smallwood (IMF resident advisor) Christiane Chidiac, Manager AML/CFT. AGENDA. Introduction and objectives An overview of the AML / CFT Law (Joy Smallwood, IMF)
E N D
OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010 By: Shaun Swan, Associate Director Joy Smallwood (IMF resident advisor) Christiane Chidiac, Manager AML/CFT
AGENDA • Introduction and objectives • An overview of the AML / CFT Law (Joy Smallwood, IMF) • Key obligations under the AML/ CFT Rules for QFC Firms • Supervisory approach / regulatory expectations • Consultation feedback – revisions and updates • Working draft guidance discussion and questions
Introduction and objectives • AML briefing sessions: • have open and transparent communication with firms operating in the QFC; • brief firms on the requirements and obligations of the AML/CFT Law and the AML/CFT Rules; and • provide firms with clear information on our expectations when implementing your obligations under the Law and the Rules.
An overview of the AML / CFT Law Joy K Smallwood IMF Resident Advisor June 2010
Overview of the AML/CFT Law Background: • Law passed to protect Qatar from money laundering (ML) and the financing of terrorism (FT) • 2007 IMF AML/CFT Evaluation showed deficiencies in Qatar’s previous AML/CFT legal framework • New framework in line with Financial Action Task Force (FATF) international standards
Overview of the AML/CFT Law 10 Sections • Definitions • ML and FT Offences • Disclosure system at customs • National Anti-Money Laundering Committee (NAMLC) • Qatar Financial Information Unit (QFIU) and Suspicious Transaction Reporting (STR) System 6. Preventive Measures 7. Supervisory Authorities 8. Investigative Procedures and Provisional Measures 9. International Cooperation 10. Sanctions
Overview of the AML/CFT Law Key Definitions include: • Proceeds of Crime - Any funds derived or obtained, directly or indirectly, from one of the predicate crimes listed in Article 2 (all felonies, international conventions, list of proceeds generating crimes e.g. fraud, theft, smuggling ) • Funds - Assets or properties of every kind • Money Laundering – see below • Financing of terrorism - see below • Financial Institution (FI)– 14 categories • Designated Non Financial Businesses & Professions (DNFBPs) – real estate agents, jewelers, lawyers, accountants, trust and company service providers
Overview of the AML/CFT Law Money Laundering: Defined as any of the following acts: • The conversion or transfer of funds, by any person who knows, should have known or suspects that such funds are the proceeds of crime, for the purpose of concealing or disguising the illicit origin of such funds or of assisting any person who is involved in the commission of the predicate offence to evade the legal consequences of his actions. • The concealment or disguise of the true nature, source, location, disposition, movement or ownership of or rights with respect to funds by any person who knows, should have known or suspects that such funds are the proceeds of crime. 3) The possession, acquisition, or use of funds by any person who knows, should have known or suspects that such funds are the proceeds of crime.
Overview of the AML/CFT Law Terrorism Financing : An act committed by any person who, • in any manner, directly or indirectly, and • willfully • provides or collects funds, or attempts to do so, • with the intention to use them or knowing that these funds will be used in whole or in part • for the execution of a terrorist act, or by a terrorist or terrorist organization.
Overview of the AML/CFT Law Money Laundering Offence – Article 2: • Definition (above) plus • Expanded list of predicate offences - All felonies - Crimes covered under int’l conventions to which Qatar is a party - A list of other specific proceeds generating offences • Associated ML offences – including for FIs and DNFBPs - Article 3
Overview of the AML/CFT Law Financing of Terrorism Offence – Article 4 • Definition (above) plus • Offence considered committed irrespective of: - any occurrence of a terrorist act, - the place where it was committed or - whether funds actually used to commit an act
Overview of the AML/CFT Law Filing Suspicious Transaction Reports (STRs) – Article 18: Financial institutions, DNFBPs and non profit organizations to promptly report suspicious transactions or attempted transactions to the QFIU when: - They suspect, or - They have reasonable grounds to suspect - Transactions could include funds that are proceeds of crime, or - Funds linked, related to or to be used for terrorist acts, terrorist organisations or terrorist financiers
Overview of the AML/CFT Law Important protections when Filing STRs - No Tipping off to customer/third parties permitted (art 39) - Disclosure to competent authorities permitted - Protection for liability for STR reporting in good faith (art 82) - Protection from breach of criminal, civil and breach of professional secrecy provisions
Overview of the AML/CFT Law Customer Due Diligence (CDD) – Section 6: - Identify and verify customer identities using reliable independent source documents, date or information - In a minimum of 5 situations: 1. when establishing business relationships, 2. during a domestic or international transfer of funds; 3. when doubts exist about the veracity or adequacy of previously obtained customer identification documents, data or information; 4. when there is a suspicion of money laundering or terrorist financing; 5. when carrying out occasional transactions, with a value equal to or above 55,000 Rials
Overview of the AML/CFT Law Financial institutions and DNFBPs have responsibility to: • enquire about the anticipated purpose and the nature of the business relationship and collect all relevant information. • identify the beneficial owner of the customer and take all reasonable measures to verify his identity using reliable, independent source documents, data or information such that they are satisfied that they know who the beneficial owner is. • For legal persons and arrangements, these measures must include taking reasonable additional measures to understand and monitor the beneficial owner thereof as well as the ownership and organizational structure thereof.
Overview of the AML/CFT Law If financial institutions, and DNFBPs cannot fulfill their obligation of due diligence: • they shall not establish or maintain the business relationship • Where appropriate, they shall make a report to the FIU in accordance with this law. • Transitional provisions for 6 months (to October 31) for implementation of CDD and correspondent banking provisions.
Overview of the AML/CFT Law Financial Institutions and DNFBPs to put in place the following measures: • Exercise ongoing due diligence • Ensure CDD documents, data kept up to date • Take specific and adequate measures to address the risks of ML and FT • Put in place risk management systems for PEPs • Keep records for 5 years, or longer if required by their supervisor (6 years for QFC)
Overview of the AML/CFT Law Financial institutions and DNFBPs to develop and implement AML/CFT programs including the following internal policies, procedures, systems and controls: • program management arrangements, and appropriate employee screening procedures to ensure that they are appointed pursuant to the highest standards. • ongoing training for officers and employees to assist them in recognizing transactions and activities that may be linked to money laundering and terrorist financing and instruct them in the procedures to be followed in such cases. • audit arrangements to check compliance with and effectiveness of the measures taken to apply the law. • compliance officer at department leadership level.
Overview of the AML/CFT Law For cross-border correspondent banking relationships, financial institutions shall: • identify and verify the identification of respondent institutions. • collect information on the nature of the respondent institution’s business. • evaluate the respondent institution’s reputation and the nature of supervision to which it is subject. • obtain approval from senior management before establishing a correspondent banking relationship. • assess the controls implemented by the respondent institution re AML/CFT, and ensure that they are appropriate and effective. • Payable through account requirements –customer CDD, monitoring and CDD information requests
Overview of the AML/CFT Law For financial institutions who conduct domestic (including QFC) and external wire transfer business (exceeding 4000 Rials, or an equivalent value in other currencies), they must obtain and verify the following information about the originators of the transfers: (1) full name. (2) account number or, if there is no account number, a unique reference number. (3) address, national identity number, customer identification number, or date and place of birth.
Overview of the AML/CFT Law 4. The information is to be included in the wire message or payment form accompanying the transfer 5. Upon receipt of wire transfers that do not contain the complete originator information, FIs should take measures to obtain and verify the missing information from the ordering institution or the beneficiary 6. Should they not obtain the missing information they shall refuse acceptance of the transfer and report it to the Unit
Overview of the AML/CFT Law Supervisors have the authority to: (Article 42) (1) adopt the necessary measures to establish fit and proper criteria for owning, controlling, or participating, in the directorship, management or operation of financial institutions. (2) regulate and supervise financial institutions, NPOs and DNFBPs for compliance with the obligations set out in this law, including through on-site examinations, and the request of documents, information, or records. (3) cooperate and share information with competent authorities, and provide assistance in evidence collection, prosecutions or proceedings relating to predicate offences, money laundering, and terrorist financing.
Overview of the AML/CFT Law A supervisory authority may sanction its licensees (financial institution, NPO, or DNFBP ) for a violation under the law, made intentionally or by gross negligence, by imposing one of the following measures and sanctions: (Article 44) (1) ordering regular reports on the measures it is taking. (2) order to comply with specific instructions. (3) written warnings. (4) replacing or restricting the powers of managers, board members, or controlling owners, including the appointing of ad hoc administrator.
Overview of the AML/CFT Law (5) barring individuals from employment within a business, profession or activity , either permanently or for a provisional period. (6) imposing supervision, suspending license, restricting or withdrawing any other form of permission and prohibiting the continuation of a business, profession or activity. (7) financial penalty in an amount no greater than 10 million Rials. (8) any other measures.
Overview of the AML/CFT Law Governor of the Central Bank (Article 48), without prejudice to the authority of the Public Prosecutor, - in cases where there is a concern about the disposal of money laundering proceeds held at Financial Institutions - or where there is suspicion that funds, balances or accounts are being used in terrorist financing - may order the freezing of the suspected funds, balances or accounts for a period not exceeding ten business days, - The public prosecutor shall be notified of such an order within three business days of its issuance, otherwise it shall be treated as void ab initio - The public prosecutor may cancel the freezing order or renew it for a period not exceeding three months
Overview of the AML/CFT Law Criminal Sanctions (Articles 72 - 76): • Terrorist financing: 10 years in jail and up to a 2 million Rial fine • Money Laundering: 7 years in jail and up to a 2 million Rial fine • Associated money laundering offences or tipping off: three years in jail and a fine not exceeding 500,000 Rials • Failure to freeze terrorist assets by a financial institution or DNFBP, a fine not exceeding 1,000,000 Rials • Breach of confidentiality by the FIU or by customs: three years in jail and a fine not exceeding 500,000 Rials
Law No. 4 of 2010 on Anti- Money Laundering and Combating the Financing of Terrorism Key legislation and background to the new AML/CFT Rules QFC Regulatory Authority AML / CFT Rules 2010 • Aligned to Law No. 4 of 2010 on Anti- Money Laundering and Combating the Financing of Terrorism • Ensure optimum compliance with FATF Recommendations and standards
Background to the new AML/CFT Rules • close alignment with the FATF Recommendations and standards through the use of key FATF terms and terminology; • the rules set out a clear senior management responsibility for AML/CFT responsibilities and the development of an AML/CFT programme; • more sophisticated risk-based approach to addressing firms AML/CFT risks; and • a single set of rules designed and structured to closely align with how a firm would undertake the development and implementation of an AML/CFT program and the ongoing compliance with AML/CFT regulatory requirements.
Key AML/CFT principles The 6 key AML/CFT principles cover the following areas: Principle 1 – senior management responsibility; Principle 2 – risk-based approach; Principle 3 – know your customer; Principle 4 – effective reporting; Principle 5 – high standard screening and appropriate training; and Principle 6 – evidence of compliance.
Principle 1 - senior management responsibility • Senior Management responsible for effectiveness of the firm’s policies, procedures, systems and controls in preventing ML/TF (Rule 2.2.1) • Senior Management must ensure that it: • develops, establish and maintain effective AML/CFT policies, procedures, systems and controls; • has adequate screening standards; • identifies, designs, delivers and maintains AML/CFT training programme; • has an adequately resourced and independent audit function; • has regular and timely information to Senior Management of ML/TF risks; • has ML/TF risk management policies and methodology that are appropriately documented; • has in place an MLRO for the firm; and • promotes an AML/CFT compliance culture
Principle 1 - senior management responsibility • Senior Management must ensure that there is at all times an MLRO for the firm who: • has sufficient seniority, experience and authority; • has appropriate knowledge and understanding of their legal and regulatory responsibilities under the AML/CFT framework; • has sufficient resources to carry out the role; • has timely and unrestricted access to all firm AML/CFT information, including; • all customer ID documents • all other documents, data and info for CDD and ongoing monitoring purposes; and • all transaction records • appropriate back-up arrangements including a deputy MLRO
Principle 2 – risk-based approach • Principle 2 (Rule 1.2.2) requires firms to adopt a risk-based approach to the Rules • Firms must • Conduct business risk assessment and decide risk mitigation • Approach risk mitigation based on threat assessment methodology • Develop methodology by assessing the risk profiling and scoring of a business relationship with a customer and must consider at least the following 4 risk elements: • Customer risk • Product risk • Interface risk • Jurisdiction risk
Principle 2 – risk-based approach • Customer risk • Measures for PEP risks • Persons associated with Terrorism • Product risk • Correspondent banking • Shell banks • Wire transfers • Interface risk • Reliance on others • Introducers, Group introductions and Intermediaries • Jurisdiction risk • ineffective AML/CFT regimes • impaired international cooperation • international sanctions • high propensity for corruption
Principle 3– know your customer • Principle 3 (Rule 1.2.3) requires a firm to know each of its customers to the extent appropriate for the customer’s risk profile • Key Term – Customer Due Diligence Measures (Rule 4.2.1) • Customer identification • Verifying the customers ID, reliable, independent source documents, data and information • Establishing whether customer acting on behalf of another person • Measures if customer acting on behalf of another person • Measures if customer is a legal person or legal arrangement • Establishing beneficial ownership • Obtaining the source of customer’s wealth and funds • Obtaining information about the purpose and intended nature of the business relationship
Principle 3– know your customer • Part 4.3 of the Rules deals with CDD measures and ongoing measures • When CDD is required • Timing of CDD – establishing business relationships and one-off transactions • Extent of CDD • Ongoing monitoring and procedures for monitoring • Part 4.4 and Part 4.5 of the Rules deals with enhanced and reduced / simplified CDD measures • Sets out circumstances in which enhanced CDD must be performed • Sets out circumstances in which reduced / simplified CDD may be performed
Principle 3– know your customer • Part 4.6 of the Rules deals with 2 elements of Customer identification documentation: • Customer • Nature of customer’s economic activity Customer • Firms must make and keep records of all ID documentation it obtains when conducting CDD measures and ongoing monitoring • Firms must make and keep records of how and when the steps of the CDD measures were taken and completed Customer’s economic activity • Firms must obtain and document information on the source of the applicant’s wealth and funds • Firms must obtain and document information about the purpose and intended nature of the of the business relationship
Principle 4– effective reporting • Principle 4 (Rule 1.2.4) requires a firm to have effective measures in place to ensure there is internal and external reporting whenever ML/TF is known or suspected Internal Reporting • Clear effective policies, procedures, systems and controls for internal reporting of all known or suspected ML/TF instances • Direct access to MLRO • Obligation to report (STR) to MLRO (knows, suspects, grounds to know or suspect) • MLRO to document, acknowledge, consider, investigate, decide, notify reporter External Reporting • Clear effective policies, procedures, systems and controls for reporting to the FIU of all known or suspected ML/TF instances • Prompt reporting to FIU, consult with FIU before proceeding with transaction • Facts and circumstances of the knowledge or suspicion • Regulator notified in writing but NOT the STR
Principle 4– effective reporting • Tipping off under Part 5.2 of the Rules • unauthorised act of disclosing information to the customer which results in the customer knowing or suspecting the following: • that they are the subject of an STR ; or • that they are the subject of an investigation relating to ML/TF • unauthorised act of disclosing information that may prejudice action in relation to offences, apprehension and prosecutions, recovery of proceeds of crime and the prevention of ML/TF • Firms must ensure no tipping off occurs • Firms must ensure staff are aware of and sensitive to issues surrounding and consequences of tipping off
Principle 5– high standard screening and appropriate training • Principle 5 (Rule 1.2.5) requires a firm to have adequate screening procedures to ensure high standards when appointing or employing officers and employees • Screening procedures focus on ‘higher-impact’ individual – role in preventing ML/TF • Employment based on appropriate character, knowledge, skills and abilities to act honestly, reasonably and independently • Procedures for higher-impact individual before employment must include provision for: • Obtaining references • Employment history and qualifications • Regulatory actions • Criminal convictions • Accuracy and completeness of information
Principle 5– high standard screening and appropriate training • Principle 5 (Rule 1.2.5 (b)) requires a firm to have an appropriate ongoing AML/CFT training programme for its officers and employees Firms must • Identify, design, deliver and maintain an appropriate ongoing AML/CFT training programme for staff, including: • Awareness and understanding of legal and regulatory responsibilities and obligations • Role in preventing ML/TF • Liabilities incurred under the AML/CFT framework • Role of risk management, MLRO, • ML/TF techniques and trends and vulnerabilities • STR obligations • Training must be maintained and reviewed and improved if appropriate
Principle 6– evidence of compliance • Principle 6 (Rule 1.2.6) requires a firm to be able to provide documentary evidence of its compliance with the requirements of the AML/CFT Law and the Rules.
“Dear CEO” letters • Compliance confirmation letters from Firms on or before September 15th stating that the Firm has undertaken the following: • Review of Policies, Procedures, Systems and Controls • Development & implementation of the risk-based approach • Review customers files • Enhancement of AML/CFT compliance culture • Training to relevant staff • Independent Review of the AML framework • The letter should confirm whether or not the Firm is in compliance with the new AML/CTF Rules 2010 of the QFC Regulatory Authority. • Areas of non-compliance + related remediation plan to be shared with the Regulatory Authority 44
AML/CFT Assessments • Risk Assessment & AML reviews will be conducted in light of the new AML/CTF Rules – no interruption to normal assessment / review timetable. • AML Focused reviews – Supervisor reviews will focus, among other items, on: • The Risk-Based Approach • Senior management buy-in / AML/CFT compliance culture • Know Your Employees / Employees Screening • Review of client files • Reviews of policies, procedures, systems and controls particularly: • KYC/CDD/Customer identification documentation • Screening against sanction/suspect lists • Transaction monitoring • Suspicious Transaction Reporting • Deputy MLRO arrangements 45
Firms not compliant with the new requirements • Firms will have until 15 September (after EID) to demonstrate full compliance with the new AML/CFT Rules. • Firms not compliant with the new requirements of the 2010 Rules will be dealt with by Risk Mitigation Programs (RMPs), letters… at this stage the Regulatory Authority will educate Firms and assist them in complying with the new requirements. • Non compliance with rules that also existed under the old AML Rulebook will be dealt with via Breaches, RMP & enforcement action depending on the gravity of the matter. 46
What do we expect firms to do? • ASAP, and in line with confirmation letter to send, we expect Firms to: • Review of Policies, Procedures, Systems and Controls • Develop: • an AML business risk assessment • an AML threat assessment methodology • an AML Risk profiling and risk scoring of business relationships methodology • Review customers files • Enhance the AML/CFT compliance culture • Train relevant staff • Undertake an Independent Review of the AML framework 47
What happens next? • Firms need to be able to demonstrate full compliance with the new AML/CTF Rules • On or before Sept 15th, the Firm needs to file with the Regulatory Authority the compliance confirmation letters stated previously • The AML team will be conducting reviews (onsite/offsite) to verify compliance with the new AML/CTF Rules • The Regulatory Authority will be filing breaches and enforcing action in relation to non-compliance with the new AML/ CTF rules 48
Feedback and revisions • CP submissions covered the following areas • Correspondent Banking – exceptions • Outcome – no change as Rules in line with FATF recommendations • Relaxation of payable through accounts provisions • Outcome – no change as Rules in line with FATF recommendations • Relaxation of ‘originator information’ requirements on wire transfers • Outcome – no change as Rules in line with FATF recommendations • Clarification sought on the ordinarily resident requirement for the Deputy MLRO • Outcome – Rules clarified under 2.3.5 (3) that the Deputy MLRO is not required to be ordinarily resident when acting as MLRO • Clarification sought on provisions relating to ‘Group Introductions’ (Rule 3.4.10) and the extent of information to be provided by the introducer to the Firm • Outcome – No change to the Rule – Information on obtained CDD needs to be provided by the Introducer to the Firm, not the totality of the documentation collected. • Clarification sought on the status of the AML Regulations • Outcome – the AML Regulations have been superseded by the Law and the AML Regulations are with the Minister for formal repeal