20/03/17 ������ ��������������������� Compliance Workshop 1 - 2017 “Identification of clients, Complicate structures, Risk assessment & monitoring of transactions” www.cfa.org.cy www.cfa.org.cy 1 1 Nassos Paltayian - Current Projects & Activities � Father of 2 super babies � Head of Compliance (Abacus) � Information Security Officer (Abacus) � Leading the DNFBPs module for the National Risk Assessment � Founding member and currently Vice Chairing the ACAMS Cyprus Chapter � Vice Chair of CFA AML committee � Vice Chair of ICPAC Compliance committee � Performing trainings & presentations on relevant matters raising awareness – Approved by HRDA � Cycling, Running, Reading, Liverpool & APOEL www.cfa.org.cy 2 1
20/03/17 What is Money laundering? Identification of clients, entities and other corporate vehicles www.cfa.org.cy 3 The Compliance Professional www.cfa.org.cy 4 2
20/03/17 Identification of clients, entities and other corporate vehicles www.cfa.org.cy 5 Identification & Verification • Identification – Who is the shareholder of ABC Limited? • Verification – Is Ms Smith the shareholder of ABC Limited? www.cfa.org.cy 6 3
20/03/17 Reasons to identify • Fiduciary industry is based on trust • One ingredient of trust is the fact that the ASP knows its customers • So we want to trust our clients having clarified that they are not criminals • We want them to trust us and we want to trust them • Pablo, Jose and the rest MUST be avoided! • Legal requirements www.cfa.org.cy 7 Cyprus Legislation • The Prevention and Suppression of Money Laundering and Terrorist Financing Laws of 2007, 2010, 2012 and 2013 • The Law regulating companies providing Administrative Services and Related Matters of 2012, 2013, 2014 and 2015 www.cfa.org.cy 8 4
20/03/17 Cyprus Legislation – AML Law • Sections : � 60 - Application of CDD and identification procedures. � 61 - Ways of application of CDD and identification procedures � 62 - When to apply CDD and identification procedures � 63 - Simplified CDD and identification procedures � 64 - Enhanced due diligence measures � 65 - Transactions on behalf of another person � 66 - Prohibitions from cooperating with a shell bank or keeping anonymous accounts � 68a - Due diligence and customer identification procedures and record keeping for countries outside the European Economic Area www.cfa.org.cy 9 Cyprus Legislation – ASP Law • ASP Law linked to AML Law • Article 3 (7) “Scope of Application” ASP must have identity of: (1) All trustees, (2) The settler - settlor (3) All beneficiaries or information on the class of beneficiaries, (4) The protector (if applicable) (5) The fund manager, accountant, tax official (if applicable), And of course (6) the activities of the Trust. www.cfa.org.cy 10 5
20/03/17 CySEC Directive • Paragraphs 7 and 18 to 26 - Along the lines of the legislation • 21 (4) - No one document can be used for the proof of identification and proof of address • 23 (3) - Article 63 (1) (d) of the Law and setting 4 criteria to accept simplified DD • Appendix 4 – Examples of High Risk Clients • Appendix 5 – Examples of Client Identification www.cfa.org.cy 11 ICPAC Directive • Section 5 - Along the lines of the legislation • 5.07 – In cases of change of ASP (ICPAC to ICPAC regulation) this is evidence of identity and integrity • 5.22 – Applicant for business relationship • 5.35&6 – Highlights risks of individuals from high risk countries (FATF & Moneyval) • 5.38 – Address verification examples • 5.58 – Clubs, societies and charitable institutions • 5.59 – Local authorities and other public bodies • 5.67 – Non-execution or delay in executing a transaction www.cfa.org.cy 12 6
20/03/17 CBA Directive • Section 5 - Along the lines of the legislation • 5.04 – In cases of change of ASP (CBA to CBA regulation) this is evidence of identity and integrity • 5.05 – When introduced by trustworthy source, should not overlook CDD • 5.34 – If no natural persons can be identified then identify senior managers • 5.37 – Principal Directors or partners must be identified • 5.41 – Trusts and other types of legal arrangements www.cfa.org.cy 13 Reliance on 3rd parties If 3 rd party consents for carrying out all or part of client identification and due diligence procedures as per the requirements of the EU Directive (or better), we reviewed processes and obtained evidence that this indeed happens BUT Liability for compliance failure remains with us! www.cfa.org.cy 14 7
20/03/17 Financial Action Task Force - FATF www.cfa.org.cy 15 FATF Recommendations • Preventive Measures category (R9 – R23) • R10 CDD : Identifying and verifying the Customer, the UBO, the control structure, the purpose and perform monitoring of transactions – Interpretation specifically covers Trusts • R11 Record keeping : At least 5 years • R12 PEPs : Senior Management approval, Source of wealth, Source of funds & Enhanced ongoing monitoring • R15 New Tech : Assess risks in advance of launching new tech products • R17 Reliance on 3 rd parties : Must ensure 3 rd party is regulated, its CDD meets local requirements and info can be made readily available www.cfa.org.cy 16 8
20/03/17 FATF Recommendations Recommendation 22 DESIGNATED NON-FINANCIAL BUSINESSES AND PROFESSIONS (DNFBPs) CDD & Record-keeping requirements set out in Recommendations 10, 11, 12, 15, and 17, apply to Trust and company service providers – when they prepare for or carry out transactions for a client concerning the following activities: a) Formation of legal person b) Directorships or similar position in relation to legal persons c) Registered office, correspondence or administrative address for a legal person or arrangement d) Trustee or equivalent function for a legal arrangement e) Nominee shareholder for another person. www.cfa.org.cy 17 Basel Committee on banking supervision Established by the G-10’s central bank of governors in 1974 to promote sound supervisory standards worldwide. Today 38 members and 3 observers. www.cfa.org.cy 18 9
20/03/17 Basel Committee on banking supervision In their “Customer Due Diligence for Banks” paper in 2001, they identified, amongst others, 4 key elements of KYC : 1. Customer identification 2. Risk Management 3. Customer Acceptance 4. Monitoring www.cfa.org.cy 19 4th EU AML Directive – 2015/849 of 20 May 15 • (12) “ There is a need to identify any natural person who exercises ownership or control over a legal entity. In order to ensure effective transparency… ” • (13) “Identification and verification of beneficial owners should, where relevant, extend to legal entities that own other legal entities , and obliged entities should look for the natural person(s) who ultimately exercises control through ownership or through other means of the legal entity that is the customer.” • Provisions for a centralized UBO directory • Fully aligned with substance and spirit of FATF Recommendations • PEPs are high risk BUT should NOT be avoided – Preventive nature provisions not criminal! • Article 3 – Definitions including Beneficial Owner (25%), PEPs, Family members and others • Article 11 – Outlines when we obtain Due Diligence • Article 13 – Identification Article 14 – Verification • • Articles 15-17 – Simplified Due diligence Articles 18-24 – Enhanced Due Diligence • www.cfa.org.cy 20 10
20/03/17 4th EU AML Directive – 2015/849 of 20 May 15 Annex 1 - Risk variables considered to determine extent of customer due • diligence: Purpose of relationship – – Level of Assets or Size of transactions – Regularity or duration of business relationship • Annex 2 – Potential low risk factors: – Customer (Publicly listed Cos, Public admins or Cos, Clients living in low risk areas) – Service (Services posing low ML risk) Geographical (EU, 3 rd countries with effective AML/CTF systems, low corruption and FATF – ratings) • Annex 3 – Potential high risk factors: – Customer (Unusual circumstances, Living in high risk countries, Asset holding vehicles, Nominees or Bearer shares, Cash transactions, Complex structure) – Service (Services that favour anonymity, Non face to face clients, Unknown source of receipt of funds, New services, Use of new tech) – Geographical (Countries identified by credible sources (e.g FATF) as not having effective AML/CTF systems, having corruption, Sanctions, embargos by EU and UN, Terrorist activity support) www.cfa.org.cy 21 KYC & KYE Know Your Client (KYC) AML policies and procedures used to determine the true identity of a customer and the type of activity that is “normal and expected,” and to detect activity that is “unusual” for a particular customer. Many experts believe that a sound KYC program is one of the best tools in an effective anti-money laundering program. Know Your Employee (KYE) AML policies and procedures for acquiring a better knowledge and understanding of the employees of an institution for the purpose of detecting conflicts of interests, money laundering, past criminal activity and suspicious activity. KYE is a key tool in detecting suspicious activity because employees can be accomplices of money launderers. ACAMS www.cfa.org.cy 22 11
Recommend
More recommend