Download pdf - AML/CFT Engagement Session with Dealers in …amlcft.bnm.gov.my/publication/Training.03_AML Awareness...AML/CFT Awareness AML/CFT Engagement Session with Dealers in Precious Metals

AML/CFT Awareness

AML/CFT Engagement Session with Dealers in Precious Metals & Stones

(DPMS)

Orchard Room 2, Thistle Hotel JBSunday, 24 April 2016

AML/CFT Awareness2

Engagement Objectives

Understanding on the ML/TF risks faced by DPMS

DPMS’ obligations as a Reporting Institution within Malaysia’s AML/CFT

Framework

Understanding on the nature of business and operation of DPMS

AML/CFT Awareness3

Presentation Outline

Overview of ML/TF & the AML/CFT system

ML/TF Vulnerabilities of DPMS

Recent AML/CFT Developments

AML/CFT Requirements on DPMS

Compliance to AML/CFT Requirements

AML/CFT Awareness4

“A process of converting cash

or property derived from criminal activities to give it a legitimate appearance. It is the process of cleaning and disguising the criminal origin

of ‘dirty’ money”

“Process of

financing terrorist

activity either

through legitimate

or illegitimate

sources.”

Critical for a country to have an effective AML/CFT regime…

1. Reduces rewards associated with crime and hence, overall crime rates;

2. Increases government revenue, reduces leakages within the economy;

3. Preserves the integrity and reputation of the market place; and

4. Creates conducive environment for businesses and investors to flourish.

Money Laundering (ML) & Terrorism Financing (TF) defined

Why Launder?

5

Why Criminals Launder Their Money?

To remove or distance themselves from the criminal activity generating the illicit proceeds, thus making it more difficult to identify & prosecute key perpetrators

To distance proceeds gained from conduct of criminal activity to prevent confiscation if the perpetrators is

caught

To enjoy the benefits of the illicit proceeds without bringing undue attention to themselves

To reinvest the profits in future criminal activity or in legitimate businesses

Back to Slide 4

6

The Impact of ML/TF

Known costs

Unknown costs

• Amount lost• Amount involved

Weaken the national security and economic development

• Proliferation of criminal activities

• Existence of “underground businesses” competing with

legitimate businesses

• Weaken investors and business confidence

• Lower real sectors’ competitiveness affecting country’s

long term economic development

Increase integrity risk and cost for businesses and financial

transactions

• Lower integrity and reputation of financial system

• Risk of being blacklisted as jurisdiction with high risk of

ML/TF that will affect business and investment climate

• Increase the business and operation costs of various

economic sectors

AML/CFT Awareness7

Since AMLA was effected in 2001, Malaysia has established a

comprehensive AML/CFT framework for prevention of ML/TF activities

FATF

Standards

• BNM the competent authority for AMLA

• Criminalisation of ML/TF i.e. 362

offences from 44 legislations

• Freezing, seizure & forfeiture of

properties

• Identify & respond to emerging

risks through National Risk

Assessment process

• Adequate investigation &

enforcement powers

• Fully-functional Financial

Intelligence Unit (FIU) in BNM

• AML/CFT Units set-up in key law

enforcement agencies (LEAs)

• Structured training programs for

financial investigators

• National Coordination

Committee for integrated

approach across 16

Ministries/Agencies

• MoUs and Strategic

Partnerships with Foreign FIUs

& Counterparts

• Strong networks with

International/regional bodies FATF, APG, Egmont Group

Responsibilities of Reporting

Institutions (RIs)

More than 43,000 RIs

Implement effective AML/CFT

compliance programme to

detect and deter ML/TF

Submit Cash Transaction

Reports (CTR) and Suspicious

Transaction Reports (STR) to

FIED, BNM

AML/CFT Awareness8







AML/CFT Awareness9

Key Findings from Mutual Evaluation Exercise (MEE) 2014

• On-site visit by Asia/Pacific Group (APG) & FATF Assessors from 13/11 to 25/11/2014;

• Assessment made based on Technical Compliance and Effectiveness of Malaysia’s AML/CFT regime in line with FATF Recommendations & Methodology;

• Outcome – Malaysia has achieved high levels of technical compliance. But, significant improvements needed in: a. Implementation of AML/CFT preventive measures on risk-basis

by all RIs, especially Designated Non-Financial Businesses & Professions (DNFBPs) sector,

b. Effectiveness of international cooperation for cross-border crime prevention and investigations,

c. Conduct of parallel investigations and prosecution of ML/TF

• Key Findings on Financial Institutions and DNFBPs: o Several sectors are still transitioning from rules-based to risk –

based approach;o RIs have a mixed understanding of risk and application of

Customer Due Diligence (CDD) requirements, including CDD on Beneficial Owners (BOs), on a risk sensitive basis, but rather in a prescriptive formal manner.

• Key Recommendation: The authorities should enhance existing outreach so that there is a more detailed and systematic program of outreach to DNFBPs and to FIs generally.

AML/CFT Awareness10

National ML/TF Risk Assessment 2013 – Sectoral Risk Assessment

Likelihood

POSSIBLE LIKELY VERY LIKELY

Exte

nt

of

Vu

lne

rab

ilit

y

HIGH

MEDIUM

LOW

• Casino

• Gaming Companies

• Jewellers

• Accountants

• Offshore Trust

• Company Secretaries

• Real Estate

• Trust Companies

• Lawyers

• Pawn Brokers

• Notaries

Legal Entities* –

onshore / offshore

Non Profit Orgs.

* Companies and partnerships

AML/CFT Awareness11







AML/CFT Awareness

Reporting institutions (RIs) are the first line of defence

Criminals and

Criminal Activities

Financial Institutions

Law enforcement

Agencies (LEAs)

Non-bank FIs

DNFBPs

• Placement of proceeds from unlawful activities

• Apply loan and use illegal proceeds for repayment

Supervisory authorities

BNM, Securities Commission,

Labuan Financial Services

Authority

Financial Intelligence Unit

FIED, BNMSubmit

Suspicious Transaction

(STR) & Cash Threshold

Reports (CTR)

Collect, analyse,

disseminate financial

intelligence

Feedback on effectiveness of financial intelligence

Identify illicit activities and investigate crimes

Monitor & enforceAML/CTF

requirements

AML/CFT PREVENTIVE MEASURES• ML/TF Risk Assessment & Client Risk Profiling• CDD and Enhanced CDD on Clients• Record Keeping • On-going Monitoring of Clients’ Transactions• Promptly Detect & Report Suspicious Transactions

Supervisory authorities

BNM in collab. with licensing bodies & Self-

Regulated Organizations

1

2 3

45

12

AML/CFT Awareness13

ML/TF Risk Example of red flags indicators

• Purchase of product using proceeds of criminal activities

• Sale of gold which was purchased using illicit funds to gold brokers

• Online trading of physical gold using illegal proceeds

• Sale of robbed jewellery to scrap or used jewellery dealers

• Trade in robbed jewellery for new products

• Supply of product received from unknown source

• Unusual payment methods such as the use of large amount of cash or payment from unknown third parties

• Purchases or sales that are unusual i.e. bulk/large quantity purchases inconsistent with customer’s profile

• Attempt by customer to maintain high and unusual degree of secrecy such as request for records to be destroyed or purchase made anonymously

• Payments seem to be structured into small amount to avoid detection

• Unwillingness by customer or supplier to provide identity information

Sale & Purchase

Specific ML/TF risks in DPMS sector

Customer

Geographical Location

Product

AML/CFT Awareness

Case Study 1 - ML Case involving DPMS

Source: FATF Report – Money Laundering / Terrorist Financing Risks and Vulnerabilities Associated with Gold (July 2015)

Illegal proceeds from drug trafficking

Purchase of gold from precious metals retailers

Gold then sold to a precious metals broker

Proceeds from sale wired to a third party with links to the

drug trafficking

Broker sold the gold to other businesses

14

AML/CFT Awareness

Case Study 2 - ML Case involving DPMS

Source: FATF Report – Money Laundering / Terrorist Financing Risks and Vulnerabilities Associated with Gold (July 2015)

Paid bribe in physical gold form worth RM120,000 to get

contract

Managing Director, Company A Chairman B, Head of Public Entity

Awarded contract in return for the bribe received

15

AML/CFT Awareness16







AML/CFT Awareness17

Prevailing Laws and Guidelines in Malaysia:

Anti-Money Laundering, Anti-Terrorism Financing

and Proceeds of Unlawful Activities Act 2001 (Act

613) – AMLA

Anti-Money Laundering & Anti-Terrorism

Financing (Reporting Obligations) Order 2007

AML/CFT – Designated Non-Financial Businesses

and Professions (DNFBPs) & Other Non-Financial

Sectors (Sector 5) Guidelines - Revised & reissued

on 1 Nov 2013

Relevant AML/CFT Law, Regulations & Guidelines - DPMS

As specified in First Schedule of AMLA and

Sector 5 Guidelines, AML/CFT reporting

requirements extend to “companies incorporated

under the Companies Act 1965 and businesses

defined and registered under the Registration of

Businesses Act 1956 which are carrying on

activities of dealing in precious metals or

precious stones”

FATF’s expectations on implementation of

AML/CFT preventive measures by

reporting institutions (RIs):

Immediate Outcome 4 from FATF Methodology

2013

FIs & DNFBPs adequately apply AML/CFT

preventive measures commensurate with their risks,

and report suspicious transactions

• Understand the nature and level of ML/TF risks;

• Develop and apply AML/CFT policies, internal

controls and programmes to adequately mitigate

identified risks;

• Apply appropriate CDD measures to identify and

verify customers and BOs and conduct ongoing

monitoring;

• Adequately detect and report suspicious

transactions; and

• Comply with other AML/CFT requirements.

AML/CFT Awareness18

Key AML/CFT Reporting Obligations from Sector 5 Policy Document

1. Risk Assessment and Client Risk

Profiling

2. CDD, ECDD & Other Requirements

3. AML/CFT Compliance Programme

4. Suspicious Transaction Report

(STR)

5. Combating Financing of

Terrorism

6. Consequences of Non-Compliance

AML/CFT Awareness19

Practical Guide on Key AML/CFT Requirements

No. What’s required Paragraph Reference in

Sector 5 Guidelines

1. Appoint a Compliance officer • 22

• 23

2. Develop and implement internal programme, policies,

procedures and controls to guard against and detect any

offence under AMLA, including

• 22

a. Policies and procedures (P&P) on overall ML/TF risk

assessment, client risk profiling, managing and

mitigating risk identified, periodic update of risk

assessment, and documentation of risk assessment and

findings

• 12

b. P&P on customer due diligence (CDD) on customer

and person conducting transaction, enhanced due

diligence (EDD) and on-going due diligence (ODD)

• 13

c. Establish internal criteria (‘red flags’) to detect

suspicious transactions; and establish a reporting

system for assessment and submission of suspicious

transaction reports (STR) in a secure manner

• 23

Slide 25

Slides 26-27

Slides 28-34

Slides 35-36

AML/CFT Awareness20

No. What’s required Paragraph Reference in

Sector 5 Guidelines

3. When in ‘doubt’, submit STR • 23

4. Check new and existing client database against the UNSCR

Consolidated List and gazette orders issued by MOHA on

domestic list of sanctioned individuals and entities

• 25

5. Conduct AML/CFT awareness and training programmes

for employees

• 22

6. Put in place adequate management information system (MIS)

to complement CDD process

• 20

7. Keep all CDD information and records for at least 6 years • 21

8. Keeping ML/TF risk assessment up-to-date through

periodic review, and having appropriate mechanisms to

provide risk assessment information to the supervisory

authority, when required

• 12

9. Roles and responsibilities of Board of Directors • 22

Slide 37

Slide 38

Slide 39

Practical Guide on Key AML/CFT Requirements (2)

Slide 40

AML/CFT Awareness21







AML/CFT Awareness22

BNM’s Supervisory Expectation & Approach

•Understand ML/TF risk which the business is exposed to

•Assess ML/TF risk profile of clients

• Implement comprehensive AML/CFT compliance programme

•Appointment of Compliance Officer to oversee AML/CFT compliance matters

Understand and mitigate risks

• Conduct robust CDD/ECDD, identify BOs & conduct on-going monitoring

• Maintain records for minimum of 6 years

• Detect & report suspicious transactions

• Regular AML/CFT training for employees & employee screening

• Regular audits on effectiveness of AML/CFT compliance programme

Preventing abuse by criminals

1. Continuous engagement in increasing awareness and enhancing compliance to AML/CFT requirements

2. Off-site surveillance / monitoring by reviewing and analysing internal audit report and periodic statistical report

3. On-site examination to ensure compliance4. Periodic review of sectoral guidelines to address key and

emerging risks

Expectations

Approach

AML/CFT Awareness23

Consequence of Non-Compliance

1. Enforcement action can be taken against a reporting institution,

including directors, officers and employees for any non-compliance

with AML/CFT requirements;

2. Penalties upon breaches include:

• General Offence (section 86 of AMLA) – Fine not exceeding

RM1.0 million e.g. for failure to conduct CDD, failure to submit STR

and failure to adopt, develop and implement AML/CFT compliance

programme;

• Retention of Records (section 17 of AMLA) – Fine not exceeding

RM3.0 million or imprisonment for a term not exceeding five (5)

year or both

AML/CFT Awareness

Thank You and Questions?

23

AML/CFT Microsite in BNM Website:http://amlcft.bnm.gov.my

FIED’s E-mail : [email protected]

http://amlcft.bnm.gov.my/

mailto:[email protected]

AML/CFT Awareness25

Roles and Responsibilities of Compliance Officer

WHO

High expectation on role and duty of AML/CFT Compliance Officer

RI’s compliance with AML/CFT requirements

Proper implementation of AML/CFT Procedures

Appropriate AML/CFT procedures and effective implementation

Communication channel between RIs/ staff/ department is secured and kept confidential

AML/CFT Compliance Programme awareness to all staff.

Internally generated STR are evaluated before submission to FIED

Identification of ML/TF risks associated with new products and services

DUTY – to ensure:

For individual RIs who operate within a group (e.g.: partnership):

responsible for own obligation under AMLA;

may appoint particular person (with management responsibilities) within such group to perform the role of compliance officer

1. Individual with management

responsibilities

2. Fit and proper

3. Necessary knowledge and

expertise

Back to Slide 19

AML/CFT Awareness26

Customer risk Geography

Products, services,

transactions/ delivery channels

Other information

1 2 3

• Resident or non-resident

• Company or individual

• Company structure

• PEPs

Business location

Country of origin

Country on sanctions list

Etc.

Cash-based

Non face-to-face

Simple/ complex transactions

Etc.

4

• Suggesting higher risk, if any

RISK ASSESSMENT

RISK PROFILING

RISK CONTROL AND MITIGATION

AML/CFT Awareness27

Risk profile customer based on CDD info collected- Examples of CDD info that can be used as risk profiling factors

i. Customer risk

ii. Geographical risk

iii. Risk associated with Transaction / Delivery Channel

Document Client’s risk

profile

Automatically a high risk customer

when there is a positive name

match

Back to Slide 19

AML/CFT Awareness28

2. Three elements:

i ii iii

1. When is CDD required (Identification)?

Establishing business relations – when engages in cash transaction equivalent

to RM50,000 and above (single or multiple related

transactions)

If there is suspicion of ML/TF

Doubts on veracity & adequacy of previously

obtained CDD information

Customer Due Diligence (CDD)

i ii iii

• Identify• Sight ID document

• Make a copy of ID document

• Review and update profile• Transaction monitoring for

consistency with known profile

Back to Slide 19

Guide in Slide 30

AML/CFT Awareness29

3. Meeting AML/CFT Requirements - CDD– In practice, a quick guide

Info to obtain when conducting CDD

Customer Due Diligence (CDD) (2)

Back to Slide 19

CDD Guide for Legal Person – Slide 31

CDD Guide for PEPs –Slide 32

AML/CFT Awareness30

ACCEPTABLE DOCUMENTS FOR INDIVIDUAL CUSTOMERS AND BENEFICIAL OWNER

• NRIC/ Passport

If there is doubt – require the customer to produce other supporting official identification documents bearing his/ her photograph

• Any other official documents bearing the photograph of the customer, provided that the RI is satisfied with the authenticity of the document.

• If biometric ID is used, verification requirement deemed to have been fulfilled. No photocopy of ID is necessary

Customer Due Diligence (CDD): Verification of Documents

Back to Slide 28

AML/CFT Awareness31

Identify and verify customer

Identify and take reasonable measures to verify beneficial owner (BO)

(a) Name, legal form and proof of existence(b) Powers that regulate and bind customers(c) Address of registered office

(a) Identity of the natural person who ultimately has a controlling ownership interest in a legal person

i. Identification of directors/shareholders with equity interest of 25% or more;ii. Proper authorisation for persons authorised to represent the company (letter of authority/

directors’ resolution); andiii. NRIC / Passport to identify the authorised person(s)

(b) If there is a doubt on the controlling interest - the identity of the natural person exercising control through other means

(c) Where there is no natural person identified- the identity of the natural person who holds the senior management position

Identification & verification of the BOs up to the level of natural persons who have control

Customer Due Diligence (CDD): On Legal Persons

Back to Slide 29

AML/CFT Awareness32

…are individuals who are or have been entrusted with prominent public

functions by their respective governments or organisations

Heads of State or of government, senior politicians, senior

government, judicial or military officials, senior executives

of state owned corporations, important political party officials

FOREIGN DOMESTICINTERNATIONAL ORGANISATION

Members of senior

management , i.e. directors,

deputy directors and members

of the board or equivalent functions.

Customer Due Diligence (CDD): On PEPs

PEPs do not include middle ranking or junior level individuals

Para 14.2.2 – Foreign PEPs to be assessed as having high ML/TF

risks which require enhanced due diligence

Back to Slide 29

AML/CFT Awareness33

When is Enhanced CDD Required?

Conditions

Requirements

Foreign PEPs

Customers from high risk jurisdictions (black

and grey list)

Domestic PEPs assessed as higher risk

1. Obtain CDD information

3. Inquire on source of wealth

and/or funds

4. Obtain approval from Senior Management

2. Obtain additional

informationClients assessed as

higher risk

Customer Due Diligence (CDD): Enhanced CDD

Back to Slide 19

AML/CFT Awareness34

Potential Customers Do not open the account or commence business relationship or

perform transaction

Existing Customer Terminate the business relationship

• Also, consider submitting a STR. Remember to document your rationale for submitting or

not submitting the STR

1. If the customer does not want to cooperate or refuses to provide information -What should a RI do?

2. If a RI finds a potential client to be suspicious, but believes that insistence oncompleting the CDD would tip-off the customer – What should a RI do?

• Proceed with the transaction, then immediately submit a STR to FIED, BNM

Failure to Satisfactorily Complete CDD

Back to Slide 19

AML/CFT Awareness

Firm / RIs to establish red-flags or indicators of ML/TF

Transaction Risk:

1. Unusual or unnecessarily complicated business structures or transaction

paths

2. Purchases or sales that are unusual or out of norm

3. Use of large amount of cash

4. Unusual source of funding

5. Speed of transaction (without reasonable explanation)

6. Unexplained changes in instructions or business entities

7. Transactions where there are doubts about the validity of the documents

submitted

Customer Risk:

1. Transaction inconsistent with the individual’s known occupation or income

2. Unusual involvement of third parties / intermediaries

3. Use of legal entities that hide the identity of ultimate beneficial owner

4. Instruction outside normal geographical area, area of expertise, or client

market

5. Involvement of higher risk clients such as individuals from high risk

jurisdictions, foreign PEPs or domestic PEPs assessed as high risk etc.

6. Avoiding personal contact without good reason

7. Attempt by customer to maintain a high and unusual degree of secrecy

35

AML/CFT Awareness36

Suspicious Transaction Report: Reporting Mechanism

Internal reporting mechanism:

• RI to have in place policies on

duration taken by Compliance

Officer to review internal STR and

circumstances the timeframe can be

exceeded

TIPPING OFF:

• If RI has formed a suspicion of ML/TF but

believes that performing CDD process would

tip-off the customer, RI is permitted not to

pursue CDD, to proceed with the transaction

and immediately file a STR

Establish clear P&P to guide all staff, which should include:

Guidance on the type of client behavior or transactions that could be considered as

suspicious i.e. internal criteria/red-flags

What to do when doubt arises e.g. types of further scrutiny to conduct, consider

submitting STR if suspicion remains

Who to submit STR to within the firm and where to get STR forms i.e. sample/template

Method for submitting STRs - by staff to CO, by CO to FIED,BNM - to preserve

confidentiality

Timeframe for initial assessment by staff upon formation of doubt before raising STR to

CO, assessment by CO before submitting STR to FIED, BNM

Method for recording of assessment and decision not to submit STR received from staff

and secure filing of these documents for at least 6 years.

Back to Slide 19

AML/CFT Awareness37

Suspicious Transaction Report: Info Required – When in doubt, submit STR

Useful

information for

investigation

by LEAs

• Name of Subject

• Identification No.

• Address• Contact No.• Employment details i.e. occupation,

name of employer

Details of Subject Reported

• Mode of transaction• Transaction Amount• Transaction Date

Transaction Details

• Reasons given by the reporting institutions on why they feel the conduct of account is suspicious

Description of Suspicious Transaction

Back to Slide 20

AML/CFT Awareness38

Combating Financing of Terrorism

Updated and maintain list

Check on names Freeze/ Reject Report

1 2 3

• UNSCR 1267 Consolidated List

• List under Section 66B (Domestic) and Section 66C (UNSC) (Part VIA)

• Other List (Optional)

on new customers, beneficial owners and beneficiary

existing customers

potential customers

take measures to ascertain identity –not ‘false positive’

freeze/ block fund for existing customers

reject transactions for new/ potential customers

4

• to FIED (including attempted transactions)

• inform relevant supervisory authority

Obligations under Part VIA of the AMLA applicable to any person

Back to Slide 20

AML/CFT Awareness39

AML/CFT Training

• Tailored to staff level & nature of works;

• Frequency – correlate with level of risk

Record-keeping

• All records relating to transactions, CDD etcmust be properly maintained, for at least 6 years from the point of termination of the business relationship with the client

Management Information System

• Not necessarily automated

• To commensurate with nature, scale and complexity of operations

Other Requirements

Back to Slide 20

AML/CFT Awareness40

Roles & Responsibilities of Board of Directors

Adequate oversight is the key for good compliance culture…

Establish governance structure for

AML/CFT

Approve & periodically

review AML/CFT

framework/ policies

Establish internal

control to ensure

compliance to AML/CFT

Provide direction on

AML/CFT issues

Aware of ML/TF risk associated with the business

Ensure sufficient

resources for independent

control function

Receive timely &

comprehensive

AML/CFT report

Ensure adequate &

effective training /

awareness

Back to Slide 20