AIFC ANTI-MONEY LAUNDERING, COUNTER – TERRORIST FINANCING
Approval Date: 10 December 2017 2018
CONTENTS
1.4.Financial Action Task Force 1.5.Structure of the AML Rules 2.2.Responsibility for compliance with the AML Rules 2.3.AFSA supervision powers in respect of DNFBPs 3.GUIDANCE ON KAZAKHSTAN CRIMINAL LAW 4.1.Obligations of the Risk-Based Approach 4.2.Business Risk Assessment by Relevant Persons 4.3.Internal policies, procedures, systems and controls 5.1.Assessing customer money laundering risks 6.1.Conducting Customer Due Diligence 6.2.Timing of Customer Due Diligence 6.3.Conducting Customer Due Diligence 6.4.On-going Customer Due Diligence 6.6.Failure to conduct or complete Customer Due Diligence 7.1.Conducting Enhanced Due Diligence 8.1.Conduct of Simplified Due Diligence 10.3.Prohibition of Shell Banks 10.5.Payment processing using On-line services 11.2.Wire transfer requirements 12.1.Relevant United Nations Security Council resolutions and sanctions 12.2.Government, Regulatory and International Findings 13.MONEY LAUNDERING REPORTING OFFICER, SUSPICIOUS TRANSACTIONS AND TIPPING OFF 13.1.Money Laundering Reporting Officer 13.3.Dealing with the Regulator 13.4.Outsourcing the role of Money Laundering Reporting Officer 13.5.Qualities of Money Laundering Reporting Officer 13.6.Responsibilities of Money Laundering Reporting Officer 14.2.Groups, branches and subsidiaries 14.7.Communication with the Regulator 14.8.Protection for Disclosures FIGURE 1 – The Risk-Based Approach FIGURE 2 – Customer Risk Assessment
1.1. Overview of the AML Rules (a) The Anti-Money Laundering Rules (the «AML Rules») are made in recognition of the application of the Law of the Republic of Kazakhstan No 191-IV dated 28 August 2009 on counteracting legalisation (laundering) of proceeds obtained through criminal means and financing of terrorism (the «AML Law»), the Criminal Code of the Republic of Kazakhstan No 226-V dated 3 July 2014 (the «Criminal Code») and international conventions and treaties ratified by the Republic of Kazakhstan. (b) In these Rules, a reference to ‘money laundering’ also includes a reference to terrorist financing and financing the proliferation of weapons of mass destruction. (a) The AML Rules have been designed to provide a single reference point for all persons and entities (collectively called Relevant Persons) who are supervised by the AFSA for anti-money laundering («AML»), countering the financing of terrorism («CFT»), and sanctions compliance. This means that they apply to Authorised Firms, Authorised Market Institutions, Designated Non-Financial Businesses and Professions («DNFBPs»), and Registered Auditors. (b) The AML Rules must not be read in isolation. Relevant Persons must also be aware of the provisions of the Kazakhstan criminal law referred to in Chapter 3 and developments in international policy and best practice. This is particularly relevant when considering United Nations Security Council («UNSC») resolutions and unilateral sanctions imposed by other jurisdictions which may apply to a Relevant Person depending on the Relevant Person's jurisdiction of origin, its business and/or customer base. 1.4. Financial Action Task Force (a) The FATF means the Financial Action Task Force, the inter-governmental body that sets standards, develops and promotes policies, to combat money laundering, and includes any successor entity. (b) The AFSA has had regard to the FATF Recommendations in making these Rules. A Relevant Person is referred to the FATF Recommendations and interpretive notes to assist it in complying with these Rules. However, if a FATF Recommendation or interpretive note conflicts with a Rule, the relevant Rule takes precedence. (c) A Relevant Person may also wish to refer to the FATF typology reports which provide information on money laundering methods. These can be found on the FATF website at: www.fatf-gafi.org. Some international groupings, official or informal, publish material that may be useful as context and background in informing the approach adopted by Relevant Persons to AML and CFT. These groupings include Transparency International (www.transparency.org.uk) and the Wolfsberg Group (www.wolfsberg- principles.com). (d) The Republic of Kazakhstan, as a member of the United Nations, is required to comply with sanctions issued and passed by the UNSC. These Rules contain specific obligations requiring Relevant Persons to establish and maintain effective systems and controls to comply with UNSC resolutions and sanctions (see Chapter 12). (e) The FATF has issued guidance on a number of specific UNSC resolutions and sanctions regarding the countering of the proliferation of weapons of mass destruction. Such guidance has been issued to assist in implementing the targeted financial sanctions and activity based financial prohibitions. This guidance can be found on the FATF website at: www.fatf-gafi.org. (f) In relation to unilateral sanctions imposed in specific jurisdictions such as the European Union, the United Kingdom (HM Treasury) and the United States of America (Office of Foreign Assets Control of the Department of the Treasury), a Relevant Person must consider and take positive steps to ensure compliance where required or appropriate. 1.5. Structure of the AML Rules (a) Chapter 2 sets out the application of the AML Rules. (b) Chapter 3 sets out guidance on relevant Kazakhstan criminal law. (c) Chapter 4 explains the meaning of the risk-based approach («RBA»), which must be applied when complying with these Rules. (d) Chapter 5 explains the concept of customer risk assessments. (e) Chapter 6 establishes the Rules for Customer Due Diligence («CDD») and Chapters 7 and 8 set out the different measures that may be appropriate for higher and lower risk customers - Enhanced Due Diligence («EDD») and Simplified Due Diligence («SDD»). (f) Chapter 9 sets out when and how a Relevant Person may rely on a third party to undertake all or some of its CDD obligations. Reliance on a third-party CDD reduces the need to duplicate CDD already performed in respect of a customer. Alternatively, a Relevant Person may outsource some or all of its CDD obligations to a service provider. (g) Chapter 10 sets out certain obligations in relation to correspondent banking and Chapter 11 sets out obligations relating to wire transfers. (h) Chapter 12 sets out a Relevant Person's obligations in relation to UNSC resolutions and sanctions, and government, regulatory and international findings in relation to AML, CFT, and the financing of weapons of mass destruction. (i) Chapter 13 sets out the obligation for a Relevant Person to appoint a Money Laundering Reporting Officer («MLRO») and the responsibilities of this role. It also sets out requirements regarding Suspicious Transaction Reports («STRs») that are required to be made under the AML Law and explains the concept of «tipping off». (j) Chapter 14 sets out general obligations, including requirements for AML training, policies, and record keeping. Words and expressions used in these Rules that require defining are set out in the AIFC Glossary.
(a) The AML Rules apply to: (i) every Relevant Person in respect of all its AFSA regulated or supervised activities, except an Authorised Firm licenced to operate a Representative Office; and (ii) the persons specified in AML 2.2 as being responsible for a Relevant Person's compliance with these Rules. (b) For the purposes of these Rules, a Relevant Person means: (i) an Authorised Firm; (ii) an Authorised Market Institution; (iii) a DNFBP; or (iv) a Registered Auditor. Guidance Only a Centre Participant may be one of the Relevant Persons above. A natural person cannot be a Centre Participant. 2.2. Responsibility for compliance with the AML Rules (a) Responsibility for a Relevant Person's compliance with these Rules lies with every member of its senior management. Senior management must be fully engaged in the decision-making processes and must take ownership of the RBA set out in Chapter 4. (b) In carrying out their responsibilities under these Rules every member of a Relevant Person's senior management must exercise due skill, care and diligence. (c) Nothing in these Rules precludes the AFSA from imposing disciplinary sanctions, taking enforcement action and any other regulatory action deemed necessary against any person including any one or more of the following persons in respect of a contravention of any AML Rule: (i) a Relevant Person; (ii) members of a Relevant Person's senior management; or (iii) an employee of a Relevant Person. (d) In these Rules «senior management» means: In relation to a Relevant Person every member of the Relevant Person’s executive management and includes: (i) for a AIFC entity, every member of the Relevant Person’s Governing Body; (ii) for a branch, the person or persons who control the day-to-day operations of the Relevant Person in the AIFC and would include, at a minimum, the senior executive officer or equivalent officer, such as the managing director; and In relation to a customer that is a body corporate, every member of the body corporate’s Governing Body and the person or persons who control the day-to-day operations of the body corporate, including its senior executive officer, chief operating officer and chief financial officer. 2.3. AFSA supervision powers in respect of DNFBPs The AFSA may conduct reviews of DNFBPs to perform its AML and CFT responsibilities, including as part of its RBA to supervision. The AFSA may conduct inspections of DNFBPs as part of its RBA to supervising DNFBPs for AML and CFT. Guidance on AML and CFT supervision The AFSA receives an annual AML Return from a DNFBP (AML Rule 13.7) which will assist the AFSA in its supervision of DNFBPs. Additionally, the AFSA may decide to undertake periodic reviews of one or more DNFBPs as part of its RBA to supervision. The AFSA may also provide further guidance on its approach to AML and CFT supervision of DNFBPs. The AFSA’s reviews may cover matters such as reviewing the firm’s systems and controls for conducting a money laundering risk assessment, CDD and complying with applicable UNSC resolutions and sanctions. Reviews may involve interviews with senior management and a review of relevant records.
3. GUIDANCE ON KAZAKHSTAN CRIMINAL LAW
Kazakhstan criminal law applies to all Centre Participants and therefore Relevant Persons must be aware of their obligations in respect of the criminal law as well as these Rules. Relevant Kazakhstan criminal law includes the AML Law and the Criminal Code.
4. THE RISK-BASED APPROACH
4.1. Obligations of the Risk-Based Approach A Relevant Person must take appropriate steps to identify and assess the risks of money laundering to which its business is exposed, and must establish and maintain policies, procedures, systems and controls to mitigate and manage the risks identified. A Relevant Person must take appropriate steps to manage and mitigate country-wide risks, including those relevant for the Republic of Kazakhstan identified in the published reports and guidance given by the Financial Intelligence Unit of the Republic of Kazakhstan (the «FIU») regarding the FATF mutual evaluations and follow-up reports, and implement enhanced measures where higher risks are identified. 4.1.2. Nature and size of business In deciding what steps are appropriate under AML 4.1.1, a Relevant Person must consider the size (as measured by the number of its employees, revenue, or market capitalisation, as appropriate) and nature of its business and the complexity of its activities. 4.1.3. Obligation to assess, manage and mitigate business and customer risks In order to identify and assess the risks of money laundering a Relevant Person must conduct a business risk assessment and must also conduct customer risk assessments in accordance with Chapter 5 and keep these assessments up to date. The risks of money laundering that may arise in relation to the development of new products and new business practices, including new delivery mechanisms, and the use of new or developing technologies for both new and pre-existing products must be identified and assessed by a Relevant Person prior to the launch or use of such products, practices and technologies. A Relevant Person must take appropriate measures to manage and mitigate the risks identified in its risk assessments. 4.2. Business Risk Assessment by Relevant Persons 4.2.1. Risk factors to be considered for business risk assessment In carrying out a business risk assessment as required under AML 4.1.1 a Relevant Person must take into account risk factors including: (a) its customers; (b) the countries or geographic areas in which it operates; (c) its products or services; (d) its transactions; (e) its delivery mechanisms, channels and partners; (f) the development of new products and new business practices, including new delivery mechanisms, channels and partners; and (g) the use of new or developing technologies for both new and pre-existing products. 4.2.2. Use of the business risk assessment A Relevant Person must use the information obtained from its business risk assessment to: (a) develop and maintain the policies, procedures, systems and controls required by AML 4.1.1; (b) ensure that its policies, procedures, systems and controls adequately mitigate the risks identified; (c) assess the effectiveness of its policies, procedures, systems and controls; (d) assist in allocation and prioritisation of AML resources; and (e) assist in the carrying out of customer risk assessments under Chapter 5. 4.3. Internal policies, procedures, systems and controls 4.3.1. Requirements of policies, procedures, systems and controls The policies, procedures, systems and controls adopted by a Relevant Person under AML 4.1.1 must be: (a) proportionate to the nature, scale, complexity and money laundering risks of the activities of the Relevant Person’s business; (b) comprised of, at minimum, organisation of the development and maintenance of the policies, procedures, systems and controls required by AML 4.1.1: (i) risk management; (ii) customer identification; (iii) transaction monitoring and reviewing; (iv) employees training and awareness programme; (v) appropriate representation of compliance function in the management; (vi) adequate screening procedures to ensure high standards when hiring employees; and (vii) independent audit function to test the system. (c) approved by its senior management; and (d) monitored, reviewed and updated regularly. 4.3.2. Purpose of policies, procedures, systems and controls The policies, procedures, systems and controls must provide for the identification and scrutiny of: (a) complex or unusually large transactions, or an unusual pattern of transactions; (b) transactions which have no apparent economic or legal purpose; and (c) other activity which the Relevant Person regards as particularly likely by its nature to be related to money laundering. 4.3.3. Record of policies, procedures, systems and controls A Relevant Person must maintain a written record of the policies, procedures, systems and controls established under AML 4.1.1. The Rules regarding record-keeping for the purposes of these Rules are in AML 14.5. Guidance on the Risk-Based Approach (a) AML 4.1.1 requires a Relevant Person to adopt an approach to AML which is proportionate to the risks inherent in its business. This is illustrated in Figure 1 below. The AFSA expects the RBA to be a key part of the Relevant Person's AML compliance culture and to cascade down from the senior management to the rest of the organisation. It requires the full commitment and support of senior management, and the active co-operation of all employees. Embedding the RBA within its business allows a Relevant Person to make decisions and allocate AML resources in the most efficient and effective way. (b) No system of checks will detect and prevent all money laundering. The RBA will, however, balance the cost burden placed on Relevant Persons and their customers, against a realistic assessment of the threat of the Relevant Person’s business being used in connection with money laundering. It will focus the effort where it is needed and will have most impact. (c) In implementing the RBA, a Relevant Person is expected to have in place processes to identify and assess money laundering risks. After the risk assessment, the Relevant Person is expected to monitor, manage and mitigate the risks in a way that is proportionate to the Relevant Person's exposure to those money laundering risks. The general principle is that where there are higher risks of money laundering, a Relevant Person is required to take enhanced measures to manage and mitigate those risks, and that, correspondingly, when the risks are lower, simplified measures are permitted. (d) The RBA discourages a «tick-box» approach to AML. Instead, a Relevant Person is required to assess relevant money laundering risks and adopt a proportionate response to such risks. (e) Unless a Relevant Person understands the money laundering risks to which it is exposed, it cannot take appropriate steps to prevent its business being used for the purposes of money laundering. Money laundering risks vary from business to business depending on the nature of the business, the type of customers a business has, and the nature of the products and services sold. (f) Relevant Persons that do not offer complex products or services and that have limited international exposure may not need an overly complex or sophisticated business risk assessment. (g) Using the RBA, a Relevant Person assesses its own vulnerabilities to money laundering and takes all reasonable steps to eliminate or manage such risks. The results of this assessment will also feed into the Relevant Person’s risk assessment of its customers (see Chapter 6). (h) Risk management is a continuous process, carried out on a dynamic basis. A money laundering risk assessment is not a one-time exercise. The AFSA expects a Relevant Person’s risk management processes for managing money laundering risks are kept under regular review and that any changes made to policies, procedures, systems and controls are recorded.
5. CUSTOMER RISK ASSESSMENT
5.1. Assessing customer money laundering risks 5.1.1. Requirement to conduct a customer risk assessment A Relevant Person must: (a) undertake a risk-based assessment of every customer; and (b) assign the customer a risk rating proportionate to the customer's money laundering risks. 5.1.2. Timing of the customer risk assessment The customer risk assessment in AML 5.1.1 must be completed prior to conducting CDD for new customers, and where, for an existing customer, there is a material change in circumstances. 5.1.3. Conduct of the customer risk assessment When undertaking a risk-based assessment of a customer under AML 5.1.1 a Relevant Person must: (a) identify the customer, any beneficial owner(s) and any person acting on behalf of a customer; (b) obtain information on the purpose and intended nature of the business relationship; (c) consider the type of customer, its ownership and control structure, and its beneficial ownership (if any); (d) consider the nature of the customer's business relationship with the Relevant Person; (e) consider the customer's country of origin, residence, nationality, place of incorporation or place of business; (f) consider the relevant product, service or transaction; (g) consider the beneficiary of a life insurance policy, where applicable; and (h) consider the outputs of the business risk assessment under Chapter 4. 5.1.4. Identification of Politically Exposed Persons The policies, procedures, systems and controls adopted by the Relevant Person in accordance with AML 5.1.1 must enable it to determine whether a customer or a beneficial owner is a Politically Exposed Person («PEP»). 5.1.5. Identification of control structure A Relevant Person must understand the nature of the business and control structure of a customer that is a legal person or legal arrangement. A Relevant Person must not establish a business relationship with a customer which is a legal person if the ownership or control structure of the customer prevents the Relevant Person from identifying all of the customer's beneficial owners. 5.1.6. Prohibition on relationships with Shell Banks A Relevant Person must not establish or maintain a business relationship with a Shell Bank. Guidance on customer risk assessments (a) The findings of the customer risk assessment will assist the Relevant Person in determining the level of CDD that should be applied in respect of each customer and beneficial owner. (b) In assessing the nature of a customer, a Relevant Person should consider such factors as the legal structure of the customer, the customer's business or occupation, the location of the customer's business and the commercial rationale for the customer's business model. (c) In assessing the customer business relationship, a Relevant Person should consider how the customer is introduced to the Relevant Person and how the customer is serviced by the Relevant Person, including for example, whether the Person will be a private banking customer, will open a bank or trading account, or whether the business relationship will be purely advisory. (d) The risk assessment of a customer, which is illustrated in Figure 2 below, requires a Relevant Person to allocate an appropriate risk rating to every customer. Risk ratings are to be described as «low», «medium» or «high», on a sliding numeric scale with 1 to 3 as «low» risk, 4 to 7 as «medium» risk, and 8 to 10 as «high» risk. Depending on the outcome of a Relevant Person's assessment of its customer's money laundering risk, a Relevant Person should decide what degree of CDD will need to be conducted. (e) In AML 5.1.5, ownership arrangements which may prevent the Relevant Person from identifying one or more beneficial owners include bearer shares, nominee shareholder arrangements, and other negotiable instruments in which ownership is determined by possession. Guidance on the term «customer» (a) The point at which a person becomes a customer will vary from business to business. However, the AFSA considers that it would usually occur at or prior to the business relationship being formalised, for example, by the signing of a customer agreement or the acceptance of terms of business. (b) A person would not normally be a customer of a Relevant Person merely because such person receives marketing information from a Relevant Person or where a Relevant Person refers a person who is not a customer to a third party (including a Group member). (c) A counterparty would generally be a «customer» for the purposes of these Rules and would therefore require a Relevant Person to conduct CDD on such a person. However, this would not include a counterparty in a transaction undertaken on a Regulated Exchange. Nor would it include suppliers of ordinary business services, to the Relevant Person such as cleaning, catering, stationery, IT or other similar services. Guidance on high risk customers (a) In complying with AML 5.1.1, a Relevant Person should consider the following customer risk factors which may indicate that a customer poses a higher risk of money laundering: (i) the business relationship is conducted in unusual circumstances; (ii) the customer is resident in a geographical area considered by the FATF to be an area of high risk; (iii) the customer is a legal person or arrangement that is a vehicle for holding personal assets; (iv) the customer is a company that has nominee shareholders or shares in bearer form; (v) the customer is a cash-intensive business; (vi) the corporate structure of the customer is unusual or excessively complex given the nature of the company’s business; and (vii) the customer has been subject to adverse press or public information related to potential money laundering activities. (b) In complying with AML 5.1.1 a Relevant Person should also consider the following product, service, transaction or delivery channel risk factors: (i) the product involves private banking; (ii) the product or transaction is one which might favour anonymity; (iii) the situation involves non-face-to-face business relationships and/or transactions, without certain safeguards, such as electronic signatures; (iv) payments will be received from third parties who are unknown to the Relevant Person; (v) new products and new business practices are involved, including new delivery mechanisms, and the use of new or developing technologies for new and existing products; (vi) the service provides nominee directors, nominee shareholders or shadow directors for hire, or offers the formation of companies in third countries; and (vii) the service involves undocumented or verbal agreements with counterparties or customers. (c) In complying with AML 5.1.1 a Relevant Person should also consider the following geographical risk factors: (i) countries identified by credible sources, such as FATF mutual evaluations, detailed assessment reports or published follow-up reports, as not having effective systems to counter money laundering; and (ii) countries subject to sanctions, embargos or similar measures issued by, for example, the UNSC or identified by credible sources as having significant levels of corruption or other criminal activity and countries or geographic areas identified by credible sources as providing funding or support for terrorism. Guidance on low risk customers (a) In complying with AML 5.1.1 the following types of customers may pose a lower risk of money laundering: (i) a governmental entity, or a publicly-owned enterprise; (ii) an individual resident in a geographical area of lower risk which has AML regulations which are equivalent to the standards set out in the FATF Recommendations; (iii) Customers with a long-term and active business relationship with the Relevant Person; (iv) a regulated Financial Institution whose entire operations are subject to regulation and supervision, including AML regulation and supervision, in a jurisdiction with AML regulations which are equivalent to the standards set out in the FATF Recommendations; or (v) a company whose Securities are listed on a Regulated Market in a jurisdiction which has AML regulations which are equivalent to the standards set out in the FATF Recommendations; (b) In complying with AML 5.1.1 the following types of product, service, transaction or delivery channel risk factors may pose a lower risk of money laundering: (i) a contract of insurance which is non-life insurance; (ii) a contract of insurance which is a life insurance product which does not provide for an early surrender option, and cannot be used as collateral; (iii) a contract of insurance which is life insurance for which the annual premium is low by comparison with prevailing market standards; (iv) a contract of insurance for the purposes of a pension scheme where the contract contains no surrender clause and cannot be used as collateral; (v) a pension, superannuation or similar scheme which provides retirement benefits to employees, where contributions are made by an employer or by way of deduction from an employee's wages and the scheme rules do not permit the assignment of a member's interest under the scheme; or (vi) arbitration, litigation, or advice on litigation prospects. (c) The assignment of a low risk customer AML rating should not be automatic and should be applied only after an assessment of a customer's actual AML risk as required in AML 5.1.1. In conducting this assessment, however, Relevant Persons should make use of, and build upon, the business risk assessment(s) it has undertaken in accordance with Chapter 4. Guidance on Shell Banks (a) AML 5.1.6 prohibits a Relevant Person from establishing or maintaining a business relationship with a Shell Bank. (b) The presence of a local agent or administrative staff would not constitute a physical presence in the country in which the customer is incorporated or licensed.
6.1.1. Obligation to conduct Customer Due Diligence A Relevant Person must: (a) conduct CDD under AML 6.3.1 for each of its customers including when the customer is carrying out occasional transactions the value of which singularly or in several linked operations (whether at the time or later), equal or exceed USD 15,000; and (b) in addition to (a), conduct EDD under AML 7.1.1 in respect of: (i) each customer it has assigned as high risk; (ii) business relationships and transactions with persons from countries with high geographical risk factors. 6.1.2. Conducting Simplified Due Diligence (a) A Relevant Person may conduct SDD in accordance with AML 8.1.1 by modifying the CDD under AML 6.3.1 for any customer it has assigned as low risk. A Relevant Person must not conduct SDD measures in specific high-risk scenarios or when there is a suspicion of money laundering; (b) A Relevant Person must ensure that assignment of low risk is based on an adequate risk analysis and SDD is commensurate with the risk level identified. Guidance on Customer Due Diligence (a) A Relevant Person should conduct CDD in a manner proportionate to the customer's money laundering risks identified under Chapter 6. When the money laundering risks are identified as high, a Relevant Person must conduct EDD under Chapter 7. (b) This means that all customers are subject to CDD under AML 6.3.1. However, for high risk customers, additional EDD measures should also be conducted under AML 7.1.1. (c) The broad objective is that the Relevant Person should know at the outset of the relationship who its customers (and, where relevant, beneficial owners) are, where they operate, what they do and their expected level of activity. In addition to AML 6.1.1(a), a Relevant Person must obtain documents on the legal form and the powers that regulate and bind the legal person or arrangement. The Relevant Person must then consider how the profile of the customer’s financial behaviour builds up over time, allowing the Relevant Person to identify transactions or activity that may be suspicious. 6.2. Timing of Customer Due Diligence 6.2.1. Establishment of business relationship A Relevant Person must conduct CDD measures: (a) when it is establishing a business relationship with a customer; and (b) after establishing a business relationship with a customer. 6.2.2. After the establishment of a business relationship A Relevant Person must also conduct appropriate CDD if, at any time: (a) in relation to an existing customer, it doubts the veracity or adequacy of documents, data or information obtained for the purposes of CDD; (b) it suspects money laundering; or (c) there is a change in the risk rating applied by the Relevant Person to an existing customer, or it is otherwise warranted by a change in circumstances of the customer. 6.2.3. Establishing a business relationship before Customer Due Diligence is complete A Relevant Person may establish or retain a business relationship with a customer before completing the verification required by AML 6.3.1 if the following conditions are met: (a) deferral of the verification of the customer or beneficial owner is necessary in order not to interrupt the normal conduct of a business relationship; (b) risk management procedures concerning the conditions under which a customer may utilise the business relationship prior to verification have been adopted and are in place; and there is little risk of money laundering occurring and any such risks identified can be effectively managed by the Relevant Person; (c) in relation to a bank account opening, there are adequate safeguards in place to ensure that the account is not closed and transactions are not carried out by or on behalf of the account holder (including any payment from the account to the account holder) before verification has been completed; and (d) subject to (c), the relevant verification is completed as soon as reasonably practicable before or during the establishment of a business relationship and when transactions for occasional customers are being conducted; and in any event, no later than 30 days after the establishment of a business relationship. 6.2.4. Inability to complete Customer Due Diligence within 30 days Where a Relevant Person is not reasonably able to comply with the 30-day requirement in AML 6.2.3(d), it must, prior to the end of the 30-day period: (a) document the reason for its non-compliance; (b) complete the verification in AML 6.2.3 as soon as possible; and (c) record the non-compliance event. The AFSA may specify a period within which a Relevant Person must complete the verification required by AML 6.2.3 failing which the AFSA may direct the Relevant Person to cease any business relationship with the customer. Guidance on timing of Customer Due Diligence (a) For the purposes of AML 6.2.2(a), examples of situations which might lead a Relevant Person to have doubts about the veracity or adequacy of documents, data or information previously obtained could be where there is a suspicion of money laundering in relation to that customer, where there is a material change in the way that the customer's account is operated, which is not consistent with the customer's business profile, or where it appears to the Relevant Person that a person other than the customer is the real customer. (b) In AML 6.2.3, situations that the Relevant Person may take into account include, for example, accepting subscription monies during a short offer period; executing a time critical transaction, which if not executed immediately, would or may cause a customer to incur a financial loss due to price movement or loss of opportunity; and when a customer seeks immediate insurance cover. (c) When complying with AML 6.2.1, a Relevant Person should also, where appropriate, consider AML 6.6.1 regarding failure to conduct or complete CDD and Chapter 13 regarding STRs and tipping off.
Доступ к документам и консультации
от ведущих специалистов |
Содержание CONTENTS 21.INTRODUCTION1.1.Overview of the AML Rules1.2.Purpose of the AML Rules1.3.[Intentionally omitted]1.4.Financial Action Task Force1.5.Structure of the AML Rules1.6.Interpretation2.APPLICATION2.1.Application2.2.Responsibility for compliance with the AML Rules2.3.AFSA supervision powers in respect of DNFBPs3.GUIDANCE ON KAZAKHSTAN CRIMINAL LAW3.1.Kazakhstan criminal law4.THE RISK-BASED APPROACH4.1.Obligations of the Risk-Based Approach4.2.Business Risk Assessment by Relevant Persons4.3.Internal policies, procedures, systems and controls5.CUSTOMER RISK ASSESSMENT5.1.Assessing customer money laundering risks6.CUSTOMER DUE DILIGENCE6.1.Conducting Customer Due Diligence6.2.Timing of Customer Due Diligence6.3.Conducting Customer Due Diligence6.4.On-going Customer Due Diligence6.5.Checking sanctions lists6.6.Failure to conduct or complete Customer Due Diligence7.ENHANCED DUE DILIGENCE7.1.Conducting Enhanced Due Diligence8.SIMPLIFIED DUE DILIGENCE8.1.Conduct of Simplified Due Diligence9.RELIANCE AND OUTSOURCING9.1.Reliance on a third party9.2.Outsourcing10.CORRESPONDENT BANKING10.1.Application10.2.Correspondent Banking10.3.Prohibition of Shell Banks10.4.Pay Through Accounts10.5.Payment processing using On-line services11.WIRE TRANSFERS11.1.Definitions11.2.Wire transfer requirements12.SANCTIONS12.1.Relevant United Nations Security Council resolutions and sanctions12.2.Government, Regulatory and International Findings13.MONEY LAUNDERING REPORTING OFFICER, SUSPICIOUS TRANSACTIONS AND TIPPING OFF13.1.Money Laundering Reporting Officer13.2.[Intentionally omitted]13.3.Dealing with the Regulator13.4.Outsourcing the role of Money Laundering Reporting Officer13.5.Qualities of Money Laundering Reporting Officer13.6.Responsibilities of Money Laundering Reporting Officer13.7.Reporting13.8.Responsibilities of Money Laundering Reporting Officer on receipt of a Suspicious Transaction Report14.GENERAL OBLIGATIONS14.1.Training and Awareness14.2.Groups, branches and subsidiaries14.3.Group policies14.4.Notifications14.5.Record keeping14.6.Audit14.7.Communication with the Regulator14.8.Protection for DisclosuresFIGURE 1 – The Risk-Based ApproachFIGURE 2 – Customer Risk Assessment |