ISLE OF MAN
Home      About      Terms      Faqs      Contact
This is my page
FATF 40 RECOMMENDATIONS

1

Assessing risks & applying a risk based approach

LC

The IOMFSA, the FIU and law enforcement authorities should focus their activities in line with the risk profile of the country.

The NRA has been completed relatively recently and the AML/CFT regime has not yet been tailored entirely to fit the risks identified.

The exemptions from the full scale of CDD provided under Art. 21 of the AML/CFT Code are not based on a holistic consideration of the risk factors and variables mentioned in the Interpretative Note to R.10, most importantly when it comes to the risk profile of the underlying client. The scope of the exemption is not clearly limited.

There is no specific requirement for risk assessments in the online gambling sector to be kept up-to-date and to provide risk assessments information to the GSC

There is no clear requirement to document and update risk assessments taking into consideration all necessary factors and that the policies, controls and procedures must be approved by senior management.

2

National cooperation and coordination

C

 

3

Money laundering offence

C

 

4

Confiscation and provisional measures

LC

Absence of general provisions explicitly covering the confiscation of the property that is the proceeds of, used in, or intended or allocated for use in the financing of terrorism, terrorist acts or terrorist organisations.

5

Terrorist financing offence

LC

The TF offence does not criminalise the financing of unproscribed terrorist organisations in the absence of a link to a specific terrorist act.

There are no specific TF offence provisions which would include financing the travel of individuals who travel to a State other than their States of residence or nationality for the purpose of the perpetration, planning, or preparation of, or participation in, terrorist acts or the providing or receiving of terrorist training.

6

Targeted financial sanctions related to terrorism & TF

LC

For UNSCR 1373, the freezing obligation does not cover a sufficiently broad range of assets under the EU framework.

There are no publicly available procedures to deal with “false positives”.

No guidance is available to financial sector and DNFBPs on obligations to respect de-listing or unfreezing action.

7

Targeted financial sanctions related to proliferation

LC

The deficiencies identified under the supervisory regime apply under c.7.3.

Absence of clear provisions in the law with respect to requirements set out under c.7.5(b).

There are no publicly available procedures to deal with “false positives”.

8

Nonprofit organizations

LC

The domestic analyses of the NPO sector did not take into account the non-charitable NPO sector. A reassessment of the NPO sector in the future should also encompass registered SNPOs.

The information from the Central Registry does not cover the data on the identity of the persons who own, control or direct the activities or on the assets at the disposal of the SNPOs.

There is no requirement for non-charitable SNPOs to make available information on their administration and management. It is not clear if the authorities have access to this information nor what would be the source of such information.

9

Financial institution secrecy laws

C

 

10

Customer due diligence

LC

There is no requirement to undertake CDD measures where there is suspicion of ML/TF.

Not all FIs are required to verify that any person purporting to act on behalf of an individual is so authorised or to identity and verify the identity of that person.

There is not a proven low risk of ML/FT for some CDD exemptions.

Not all FIs are required to obtain and hold information on classes of beneficiaries of a trust.

There is no requirement to obtain information that will enable identification of a beneficiary of a life policy designated by characteristics, class or other means at time of pay-out.

CDD requirements are not applied to beneficiaries of all investment related insurance policies.

There is no requirement for information about the beneficiary of a life policy to be taken into account when considering whether to apply enhanced CDD measures. Nor is there a requirement to identify or verify the identity of the beneficial owner of a beneficiary that is not an individual.

There is a requirement to freeze rather than terminate an existing business relationship where CDD measures cannot be applied.

CDD measures must be applied even if this can lead to tipping-off.

11

Record keeping

LC

Accounts files, business correspondence, and results of analysis undertaken will not always be kept for at least 5 years following termination of a business relationship or after the date of an occasional transaction.

12

Politically exposed persons

LC

There is no requirement to determine whether the beneficial owner of a beneficiary of a life policy that is not an individual is a PEP.

13

Correspondent banking

C

 

14

Money or value transfer services

LC

MVTS operators are not clearly required to include agents in their AML/CFT programmes.

15

New technologies

C

 

16

Wire transfers

PC

There is no requirement to ensure that transfers are accompanied by required beneficiary information.

There is no requirement to verify payer information in case of transactions less than EUR 1,000 or where there is suspicion of ML/TF.

The ordering institution is not prohibited from executing wire transfers that do not comply with requirements.

There is no requirement for intermediary institutions to take reasonable measures to identify cross-border transfers that lack information or to have risk-based policies and procedures for determining what to do with such transfers.

17

Reliance on third parties

LC

Reliance may be placed on a group third party that is not regulated, supervised or monitored.

18

Internal controls and foreign branches and subsidiaries

LC

Not all FIs are required to appoint a compliance officer at management level or to have an independent audit function.

There is no specific requirement for groups to have group-wide programmes against ML/TF.

There is no requirement to apply additional measures to mitigate ML/TF risks where a branch or subsidiary is prevented by law from applying necessary CDD measures.

19

Higher risk countries

C

 

20

Reporting of suspicious transaction

C

 

21

Tipping off and confidentiality

LC

Tipping off offences are too narrowly set.

22

DNFBPs: Customer due diligence

LC

All DNFBPs except online gambling operators

Factors underlying R.10, 11, 12 and 17 apply.

Online gambling operators

There is no mandated threshold for evidence of identity to be obtained on the placing of a deposit. (R.10)

There is no requirement to apply CDD measures in all cases where there is doubt about previously obtained data or suspicion of ML/TF. (R.10)

In case of a customer that is not an individual, there is a requirement only to take reasonable steps to verify the identity of a person purporting to act on its behalf. (R.10)

The definition of beneficial ownership in the Online Gambling Code does not include the natural person on whose behalf a transaction is being conducted. (R.10)

There is no requirement to ensure that reviews of existing records take account of higher risk categories of customer. (R.10)

There is no requirement to understand the nature of a customer’s business. (R.10)

Whilst guidance is published on the application of CDD measures to legal persons and legal arrangements, there are no specific requirements in the Online Gambling Code. (R.10)

There is no clear requirement to apply CDD measures to existing customers. (R.10)

Enhanced CDD measures may be limited to taking reasonable measures to establish source of funds and source of wealth (even if other measures are more appropriate). (R.10)

CDD measures must be applied even if this can lead to tipping-off. (R.10)

There are some gaps in requirements to apply CDD to PEPs and to assess the risk of new technology. (R.12 and R.15)

23

DNFBPs: Other measures

PC

All DNFBPs except online gambling operators.

Factors underlying R.18 and R21 apply.

Online gambling operators

There is no requirement to appoint a compliance officer or to have an independent audit function to test the system. (R.18)

There is no requirement for policies and procedures covering employee screening or on-going training to have regard to ML/TF risks or size of operator. (R.18)

There is no specific requirement for groups to have group-wide programmes against ML/TF nor specific requirements to deal with branches or majority-owned subsidiaries. (R.18)

There are no measures in placed to actively advise licence holders of any concerns in the AML/CFT weakness of other countries.

Tipping off offences are too narrowly set.

24

Transparency and beneficial ownership of legal persons

PC

Guides and practice notes do not explain the process followed for obtaining and recording beneficial ownership information.

There has been no formal assessment of the threats presented specifically by legal persons established under Manx legislation.

Information held at the Central Registry on directors of 2006 companies may be up to one year out of date.

Limited partnerships are not required to register partnership deeds nor foundations required to register rules.

There is no register of general partnerships, nor is there a statutory requirement to record the partners of a general partnership.

Not all basic information must be maintained by legal persons within the IoM.

It is not clear when a change in a partner of a partnership becomes legally binding and enforceable and how such changes are reported to the partnership.

The Central Registry does not check the accuracy of basic information.

It cannot be determined that accurate, complete and current beneficial ownership information will be available for 1931 companies, limited partnerships or general partnerships.

There are gaps in the application of requirements to companies and partnerships that are dissolved or otherwise cease to exist.

The nominee status of shareholders that are licenced nominees is not recorded in the Central Registry. The identity of non-licenced nominators is not recorded in registers of shareholders or in the Central Registry.

The range of sanctions that can be applied by the FIU and law enforcement for failing to grant competent authorities timely access to information is not proportionate.

25

Transparency and beneficial ownership of legal arrangements

PC

There is no explicit requirement placed on the trustee of an express trust that is governed by Manx law where the trustee is resident outside the IoM, or resident in the IoM but non-professional to obtain and hold information in line with c25.1.

There is no explicit requirement placed on TCSPs subject to the AML/CFT Code to obtain information on classes of beneficiaries.

There is no explicit requirement in the Trustee Act requiring trustees to hold basic information on regulated agents of, and service providers to, a trust.

Record-keeping requirements do not apply to professional trustees that are resident outside the IoM.

Not all trustees are required to disclose their status when entering into a business relationship or carrying out a one-off transaction.

The common law duty of confidentiality may prevent a trustee providing information to a FI or DNFBP.

The range of sanctions that can be applied by the FIU and law enforcement for failing to grant competent authorities timely access to information is not proportionate.

26

Regulation and supervision of financial institutions

LC

Not all of the activities or operations listed in the FATF’s definition of FI are regulated or supervised.

The IOMFSA cannot supervise compliance with AML/CFT requirements by the manager of a single exempt scheme (a private collective investment scheme).

The authorities have not provided evaluators with an explanation for the basis of a number licensing exemptions.

At the time of the onsite visit, the IOMFSA’s basis for assessing sector and cross-sector risk had not been formalised.

The IOMFSA has not clearly articulated how the frequency and intensity of supervision takes into account the degree of discretion given to FIs in the application of the AML/CFT Code.

27

Powers of supervisors

LC

Not all of the activities or operations listed in the FATF’s definition of FI are regulated or supervised.

The IOMFSA is unable to compel every person who it has reason to believe holds relevant information to provide that information under the FSA 2008.

28

Regulation and supervision of DNFBPs

LC

The GSC relies on licensing conditions to supervise online gambling operators and the IoM’s casino for AML/CFT compliance.

Acting as a partner of a partnership is not regulated or supervised by the IOMFSA.

At the time of the onsite visit, the IOMFSA’s basis for assessing sector and cross-sector risk had not been formalised. The IOMFSA has not clearly articulated how the frequency and intensity of supervision takes into account the degree of discretion given to FIs in the application of the AML/CFT Code.

29

Financial intelligence units

LC

The strategic analysis conducted by the FIU is limited in nature.

30

Responsibilities of law enforcement/ investigative authorities

C

 

31

Powers of law enforcement and investigative authorities

C

 

32

Cash couriers

LC

Although the FIU established under the new FIU Act 2016 continues to receive cash declarations, as a separate organisation in its own right, it will require an order extending sec. 174B to it, and it is probable that an MOU will have to be agreed to formalise existing arrangements

There is no provision in the CEMA requiring Customs and Excise to maintain records on (a) declarations, (b) false declarations, and (c) ML/TF suspicions.

33

Statistics

LC

No comprehensive for the collection and maintenance of statistics.

34

Guidance and feedback

LC

The FIU does not routinely publish typologies drawn from its analysis of STRs.

Information has not been provided on feedback provided by all competent authorities.

35

Sanctions

PC

Not all of the activities or operations listed in the FATF’s definition of FI are regulated or supervised.

Limited administrative powers are available to the GSC.

Sanctions may not be applied to directors and senior management under the DBRO Act.

Civil penalties may not be applied to directors and senior management under the FSA 2008

36

International instruments

LC

CJA sets out the limited circumstances where mutual legal assistance cannot be given due to the fiscal nature of the relevant offences.

37

Mutual legal assistance

LC

CJA sets out the limited circumstances where mutual legal assistance cannot be given due to the fiscal nature of the relevant offences.

38

Mutual legal assistance: freezing and confiscation

LC

There are no formal arrangements for coordinating seizure and confiscation actions with other countries.

39

Extradition

C

 

40

Other forms of international cooperation

LC

In the case of the DBRO Act, the IOMFSA’s function is limited to assessing compliance with IoM AML/CFT legislation only and there are no separate provisions dealing with mutual assistance (as there are in other law) which consequently might limit providing international cooperation to overseas regulator.

 

A. AML/CFT POLICIES AND COORDINATION

 

1. Assessing risks and applying a risk-based approach

Countries should identify, assess, and understand the money laundering and terrorist financing risks for the country, and should take action, including designating an authority or mechanism to coordinate actions to assess risks, and apply resources, aimed at ensuring the risks are mitigated effectively. Based on that assessment, countries should apply a risk-based approach (RBA) to ensure that measures to prevent or mitigate money laundering and terrorist financing are commensurate with the risks identified. This approach should be an essential foundation to efficient allocation of resources across the anti-money laundering and countering the financing of terrorism (AML/CFT) regime and the implementation of risk- based measures throughout the FATF Recommendations. Where countries identify higher risks, they should ensure that their AML/CFT regime adequately addresses such risks. Where countries identify lower risks, they may decide to allow simplified measures for some of the FATF Recommendations under certain conditions.

Countries should require financial institutions and designated non-financial businesses and professions (DNFBPs) to identify, assess and take effective action to mitigate their money laundering and terrorist financing risks.

 

2. National cooperation and coordination

Countries should have national AML/CFT policies, informed by the risks identified, which should be regularly reviewed, and should designate an authority or have a coordination or other mechanism that is responsible for such policies.

Countries should ensure that policy-makers, the financial intelligence unit (FIU), law enforcement authorities, supervisors and other relevant competent authorities, at the policy- making and operational levels, have effective mechanisms in place which enable them to cooperate, and, where appropriate, coordinate domestically with each other concerning the development and implementation of policies and activities to combat money laundering, terrorist financing and the financing of proliferation of weapons of mass destruction.

 

B. MONEY LAUNDERING AND CONFISCATION

 

3. Money laundering offence

Countries should criminalise money laundering on the basis of the Vienna Convention and the Palermo Convention. Countries should apply the crime of money laundering to all serious offences, with a view to including the widest range of predicate offences.

 

4. Confiscation and provisional measures

Countries should adopt measures similar to those set forth in the Vienna Convention, the Palermo Convention, and the Terrorist Financing Convention, including legislative measures, to enable their competent authorities to freeze or seize and confiscate the following, without prejudicing the rights of bona fide third parties: (a) property laundered, (b) proceeds from, or instrumentalities used in or intended for use in money laundering or predicate offences, (c) property that is the proceeds of, or used in, or intended or allocated for use in, the financing of terrorism, terrorist acts or terrorist organisations, or (d) property of corresponding value.

Such measures should include the authority to: (a) identify, trace and evaluate property that is subject to confiscation; (b) carry out provisional measures, such as freezing and seizing, to prevent any dealing, transfer or disposal of such property; (c) take steps that will prevent or void actions that prejudice the country’s ability to freeze or seize or recover property that is subject to confiscation; and (d) take any appropriate investigative measures.

Countries should consider adopting measures that allow such proceeds or instrumentalities to be confiscated without requiring a criminal conviction (non-conviction based confiscation), or which require an offender to demonstrate the lawful origin of the property alleged to be liable to confiscation, to the extent that such a requirement is consistent with the principles of their domestic law.

 

 

C. TERRORIST FINANCING AND FINANCING OF PROLIFERATION

 

5. Terrorist financing offence

Countries should criminalise terrorist financing on the basis of the Terrorist Financing Convention, and should criminalise not only the financing of terrorist acts but also the financing of terrorist organisations and individual terrorists even in the absence of a link to a specific terrorist act or acts. Countries should ensure that such offences are designated as money laundering predicate offences.

 

6. Targeted financial sanctions related to terrorism and terrorist financing

Countries should implement targeted financial sanctions regimes to comply with United Nations Security Council resolutions relating to the prevention and suppression of terrorism and terrorist financing. The resolutions require countries to freeze without delay the funds or other assets of, and to ensure that no funds or other assets are made available, directly or indirectly, to or for the benefit of, any person or entity either (i) designated by, or under the authority of, the United Nations Security Council under Chapter VII of the Charter of the United Nations, including in accordance with resolution 1267 (1999) and its successor resolutions; or (ii) designated by that country pursuant to resolution 1373 (2001).

 

7. Targeted financial sanctions related to proliferation

Countries should implement targeted financial sanctions to comply with United Nations Security Council resolutions relating to the prevention, suppression and disruption of proliferation of weapons of mass destruction and its financing. These resolutions require countries to freeze without delay the funds or other assets of, and to ensure that no funds and other assets are made available, directly or indirectly, to or for the benefit of, any person or entity designated by, or under the authority of, the United Nations Security Council under Chapter VII of the Charter of the United Nations.

 

8. Non-profit organisations

Countries should review the adequacy of laws and regulations that relate to entities that can be abused for the financing of terrorism. Non-profit organisations are particularly vulnerable, and countries should ensure that they cannot be misused:

 

(a) by terrorist organisations posing as legitimate entities;

(b) to exploit legitimate entities as conduits for terrorist financing, including for the purpose of escaping asset-freezing measures; and

(c) to conceal or obscure the clandestine diversion of funds intended for legitimate purposes to terrorist organisations.

 

D. PREVENTIVE MEASURES

 

9. Financial institution secrecy laws

Countries should ensure that financial institution secrecy laws do not inhibit implementation of the FATF Recommendations.

 

 

CUSTOMER DUE DILIGENCE AND RECORD-KEEPING

 

10. Customer due diligence

Financial institutions should be prohibited from keeping anonymous accounts or accounts in obviously fictitious names.

Financial institutions should be required to undertake customer due diligence (CDD) measures when:

(i) establishing business relations;

(ii) carrying out occasional transactions: (i) above the applicable designated threshold (USD/EUR 15,000); or (ii) that are wire transfers in the circumstances covered by the Interpretive Note to Recommendation 16;

(iii) there is a suspicion of money laundering or terrorist financing; or

(iv) the financial institution has doubts about the veracity or adequacy of previously obtained customer identification data.

The principle that financial institutions should conduct CDD should be set out in law. Each country may determine how it imposes specific CDD obligations, either through law or enforceable means.

The CDD measures to be taken are as follows:

(a) Identifying the customer and verifying that customer’s identity using reliable, independent source documents, data or information.

(b) Identifying the beneficial owner, and taking reasonable measures to verify the identity of the beneficial owner, such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions understanding the ownership and control structure of the customer.

(c) Understanding and, as appropriate, obtaining information on the purpose and intended nature of the business relationship.

(d) Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution’s knowledge of the customer, their business and risk profile, including, where necessary, the source of funds.

Financial institutions should be required to apply each of the CDD measures under (a) to (d) above, but should determine the extent of such measures using a risk-based approach (RBA) in accordance with the Interpretive Notes to this Recommendation and to Recommendation 1.

Financial institutions should be required to verify the identity of the customer and beneficial owner before or during the course of establishing a business relationship or conducting transactions for occasional customers. Countries may permit financial institutions to complete the verification as soon as reasonably practicable following the establishment of the relationship, where the money laundering and terrorist financing risks are effectively managed and where this is essential not to interrupt the normal conduct of business.

Where the financial institution is unable to comply with the applicable requirements under paragraphs (a) to (d) above (subject to appropriate modification of the extent of the measures on a risk-based approach), it should be required not to open the account, commence business relations or perform the transaction; or should be required to terminate the business relationship; and should consider making a suspicious transactions report in relation to the customer.

These requirements should apply to all new customers, although financial institutions should also apply this Recommendation to existing customers on the basis of materiality and risk, and should conduct due diligence on such existing relationships at appropriate times.

 

11. Record-keeping

Financial institutions should be required to maintain, for at least five years, all necessary records on transactions, both domestic and international, to enable them to comply swiftly with information requests from the competent authorities. Such records must be sufficient to permit reconstruction of individual transactions (including the amounts and types of currency involved, if any) so as to provide, if necessary, evidence for prosecution of criminal activity.

Financial institutions should be required to keep all records obtained through CDD measures (e.g. copies or records of official identification documents like passports, identity cards, driving licences or similar documents), account files and business correspondence, including the results of any analysis undertaken (e.g. inquiries to establish the background and purpose of complex, unusual large transactions), for at least five years after the business relationship is ended, or after the date of the occasional transaction.

Financial institutions should be required by law to maintain records on transactions and information obtained through the CDD measures.

The CDD information and the transaction records should be available to domestic competent authorities upon appropriate authority.

 

ADDITIONAL MEASURES FOR SPECIFIC CUSTOMERS AND ACTIVITIES

 

12. Politically exposed persons

Financial institutions should be required, in relation to foreign politically exposed persons (PEPs) (whether as customer or beneficial owner), in addition to performing normal customer due diligence measures, to:

(a) have appropriate risk-management systems to determine whether the customer or the beneficial owner is a politically exposed person;

(b) obtain senior management approval for establishing (or continuing, for existing customers) such business relationships;

(c) take reasonable measures to establish the source of wealth and source of funds; and

(d) conduct enhanced ongoing monitoring of the business relationship.

Financial institutions should be required to take reasonable measures to determine whether a customer or beneficial owner is a domestic PEP or a person who is or has been entrusted with a prominent function by an international organisation. In cases of a higher risk business relationship with such persons, financial institutions should be required to apply the measures referred to in paragraphs (b), (c) and (d).

The requirements for all types of PEP should also apply to family members or close associates of such PEPs.

 

13. Correspondent banking

Financial institutions should be required, in relation to cross-border correspondent banking and other similar relationships, in addition to performing normal customer due diligence measures, to:

(a) gather sufficient information about a respondent institution to understand fully the nature of the respondent’s business and to determine from publicly available information the reputation of the institution and the quality of supervision, including whether it has been subject to a money laundering or terrorist financing investigation or regulatory action;

(b) assess the respondent institution’s AML/CFT controls;

(c) obtain approval from senior management before establishing new correspondent relationships;

(d) clearly understand the respective responsibilities of each institution; and

(e) with respect to “payable-through accounts”, be satisfied that the respondent bank has conducted CDD on the customers having direct access to accounts of the correspondent bank, and that it is able to provide relevant CDD information upon request to the correspondent bank.

Financial institutions should be prohibited from entering into, or continuing, a correspondent banking relationship with shell banks. Financial institutions should be required to satisfy themselves that respondent institutions do not permit their accounts to be used by shell banks.

 

14. Money or value transfer services

Countries should take measures to ensure that natural or legal persons that provide money or value transfer services (MVTS) are licensed or registered, and subject to effective systems for monitoring and ensuring compliance with the relevant measures called for in the FATF Recommendations. Countries should take action to identify natural or legal persons that carry out MVTS without a license or registration, and to apply appropriate sanctions.

Any natural or legal person working as an agent should also be licensed or registered by a competent authority, or the MVTS provider should maintain a current list of its agents accessible by competent authorities in the countries in which the MVTS provider and its agents operate. Countries should take measures to ensure that MVTS providers that use agents include them in their AML/CFT programmes and monitor them for compliance with these programmes.

 

15. New technologies

Countries and financial institutions should identify and assess the money laundering or terrorist financing risks that may arise in relation to (a) the development of new products and new business practices, including new delivery mechanisms, and (b) the use of new or developing technologies for both new and pre-existing products. In the case of financial institutions, such a risk assessment should take place prior to the launch of the new products, business practices or the use of new or developing technologies. They should take appropriate measures to manage and mitigate those risks.

 

16. Wire transfers

Countries should ensure that financial institutions include required and accurate originator information, and required beneficiary information, on wire transfers and related messages, and that the information remains with the wire transfer or related message throughout the payment chain.

Countries should ensure that financial institutions monitor wire transfers for the purpose of detecting those which lack required originator and/or beneficiary information, and take appropriate measures.

Countries should ensure that, in the context of processing wire transfers, financial institutions take freezing action and should prohibit conducting transactions with designated persons and entities, as per the obligations set out in the relevant United Nations Security Council resolutions, such as resolution 1267 (1999) and its successor resolutions, and resolution 1373(2001), relating to the prevention and suppression of terrorism and terrorist financing.

 

RELIANCE, CONTROLS AND FINANCIAL GROUPS

 

17. Reliance on third parties

Countries may permit financial institutions to rely on third parties to perform elements (a)-(c) of the CDD measures set out in Recommendation 10 or to introduce business, provided that the criteria set out below are met. Where such reliance is permitted, the ultimate responsibility for CDD measures remains with the financial institution relying on the third party.

The criteria that should be met are as follows:

(a) A financial institution relying upon a third party should immediately obtain the necessary information concerning elements (a)-(c) of the CDD measures set out in Recommendation 10.

(b) Financial institutions should take adequate steps to satisfy themselves that copies of identification data and other relevant documentation relating to the CDD requirements will be made available from the third party upon request without delay.

(c) The financial institution should satisfy itself that the third party is regulated, supervised or monitored for, and has measures in place for compliance with, CDD and record-keeping requirements in line with Recommendations 10 and 11.

(d) When determining in which countries the third party that meets the conditions can be based, countries should have regard to information available on the level of country risk.

When a financial institution relies on a third party that is part of the same financial group, and

(i) that group applies CDD and record-keeping requirements, in line with Recommendations 10, 11 and 12, and programmes against money laundering and terrorist financing, in accordance with Recommendation 18; and (ii) where the effective implementation of those CDD and record-keeping requirements and AML/CFT programmes is supervised at a group level by a competent authority, then relevant competent authorities may consider that the financial institution applies measures under (b) and (c) above through its group programme, and may decide that (d) is not a necessary precondition to reliance when higher country risk is adequately mitigated by the group AML/CFT policies.

 

18. Internal controls and foreign branches and subsidiaries

Financial institutions should be required to implement programmes against money laundering and terrorist financing. Financial groups should be required to implement group- wide programmes against money laundering and terrorist financing, including policies and procedures for sharing information within the group for AML/CFT purposes.

Financial institutions should be required to ensure that their foreign branches and majority- owned subsidiaries apply AML/CFT measures consistent with the home country requirements implementing the FATF Recommendations through the financial groups’ programmes against money laundering and terrorist financing.

19. Higher-risk countries

Financial institutions should be required to apply enhanced due diligence measures to business relationships and transactions with natural and legal persons, and financial institutions, from countries for which this is called for by the FATF. The type of enhanced due diligence measures applied should be effective and proportionate to the risks.

Countries should be able to apply appropriate countermeasures when called upon to do so by the FATF. Countries should also be able to apply countermeasures independently of any call by the FATF to do so. Such countermeasures should be effective and proportionate to the risks.

 

 

REPORTING OF SUSPICIOUS TRANSACTIONS

 

20. Reporting of suspicious transactions

If a financial institution suspects or has reasonable grounds to suspect that funds are the proceeds of a criminal activity, or are related to terrorist financing, it should be required, by law, to report promptly its suspicions to the financial intelligence unit (FIU).

 

21. Tipping-off and confidentiality

Financial institutions, their directors, officers and employees should be:

(a) protected by law from criminal and civil liability for breach of any restriction on disclosure of information imposed by contract or by any legislative, regulatory or administrative provision, if they report their suspicions in good faith to the FIU, even if they did not know precisely what the underlying criminal activity was, and regardless of whether illegal activity actually occurred; and

(b) prohibited by law from disclosing (“tipping-off”) the fact that a suspicious transaction report (STR) or related information is being filed with the FIU.

 

 

DESIGNATED NON-FINANCIAL BUSINESSES AND PROFESSIONS

 

22. DNFBPs: customer due diligence

The customer due diligence and record-keeping requirements set out in Recommendations 10, 11, 12, 15, and 17, apply to designated non-financial businesses and professions (DNFBPs) in the following situations:

(a) Casinos – when customers engage in financial transactions equal to or above the applicable designated threshold.

(b) Real estate agents – when they are involved in transactions for their client concerning the buying and selling of real estate.

(c) Dealers in precious metals and dealers in precious stones – when they engage in any cash transaction with a customer equal to or above the applicable designated threshold.

(d) Lawyers, notaries, other independent legal professionals and accountants – when they prepare for or carry out transactions for their client concerning the following activities:

buying and selling of real estate;

managing of client money, securities or other assets;

management of bank, savings or securities accounts;

organisation of contributions for the creation, operation or management of companies;

creation, operation or management of legal persons or arrangements, and buying and selling of business entities.

(e) Trust and company service providers – when they prepare for or carry out transactions for a client concerning the following activities:

acting as a formation agent of legal persons;

acting as (or arranging for another person to act as) a director or secretary of a company, a partner of a partnership, or a similar position in relation to other legal persons;

providing a registered office, business address or accommodation, correspondence or administrative address for a company, a partnership or any other legal person or arrangement;

acting as (or arranging for another person to act as) a trustee of an express trust or performing the equivalent function for another form of legal arrangement;

acting as (or arranging for another person to act as) a nominee shareholder for another person.

 

23. DNFBPs: Other measures

The requirements set out in Recommendations 18 to 21 apply to all designated non-financial businesses and professions, subject to the following qualifications:

(a) Lawyers, notaries, other independent legal professionals and accountants should be required to report suspicious transactions when, on behalf of or for a client, they engage in a financial transaction in relation to the activities described in paragraph (d) of Recommendation 22. Countries are strongly encouraged to extend the reporting requirement to the rest of the professional activities of accountants, including auditing.

(b) Dealers in precious metals and dealers in precious stones should be required to report suspicious transactions when they engage in any cash transaction with a customer equal to or above the applicable designated threshold.

(c) Trust and company service providers should be required to report suspicious transactions for a client when, on behalf of or for a client, they engage in a transaction in relation to the activities referred to in paragraph (e) of Recommendation 22.

 

E. TRANSPARENCY AND BENEFICIAL OWNERSHIP OF LEGAL PERSONS AND ARRANGEMENTS

 

24. Transparency and beneficial ownership of legal persons

Countries should take measures to prevent the misuse of legal persons for money laundering or terrorist financing. Countries should ensure that there is adequate, accurate and timely information on the beneficial ownership and control of legal persons that can be obtained or accessed in a timely fashion by competent authorities. In particular, countries that have legal persons that are able to issue bearer shares or bearer share warrants, or which allow nominee shareholders or nominee directors, should take effective measures to ensure that they are not misused for money laundering or terrorist financing. Countries should consider measures to facilitate access to beneficial ownership and control information by financial institutions and DNFBPs undertaking the requirements set out in Recommendations 10 and 22.

 

25. Transparency and beneficial ownership of legal arrangements

Countries should take measures to prevent the misuse of legal arrangements for money laundering or terrorist financing. In particular, countries should ensure that there is adequate, accurate and timely information on express trusts, including information on the settlor, trustee and beneficiaries, that can be obtained or accessed in a timely fashion by competent authorities. Countries should consider measures to facilitate access to beneficial ownership and control information by financial institutions and DNFBPs undertaking the requirements set out in Recommendations 10 and 22.

 

F. POWERS AND RESPONSIBILITIES OF COMPETENT AUTHORITIES, AND OTHER INSTITUTIONAL MEASURES

REGULATION AND SUPERVISION

 

26. Regulation and supervision of financial institutions

Countries should ensure that financial institutions are subject to adequate regulation and supervision and are effectively implementing the FATF Recommendations. Competent authorities or financial supervisors should take the necessary legal or regulatory measures to prevent criminals or their associates from holding, or being the beneficial owner of, a significant or controlling interest, or holding a management function in, a financial institution. Countries should not approve the establishment, or continued operation, of shell banks.

For financial institutions subject to the Core Principles, the regulatory and supervisory measures that apply for prudential purposes, and which are also relevant to money laundering and terrorist financing, should apply in a similar manner for AML/CFT purposes. This should include applying consolidated group supervision for AML/CFT purposes.

Other financial institutions should be licensed or registered and adequately regulated, and subject to supervision or monitoring for AML/CFT purposes, having regard to the risk of money laundering or terrorist financing in that sector. At a minimum, where financial institutions provide a service of money or value transfer, or of money or currency changing, they should be licensed or registered, and subject to effective systems for monitoring and ensuring compliance with national AML/CFT requirements.

 

27. Powers of supervisors

Supervisors should have adequate powers to supervise or monitor, and ensure compliance by, financial institutions with requirements to combat money laundering and terrorist financing, including the authority to conduct inspections. They should be authorised to compel production of any information from financial institutions that is relevant to monitoring such compliance, and to impose sanctions, in line with Recommendation 35, for failure to comply with such requirements. Supervisors should have powers to impose a range of disciplinary and financial sanctions, including the power to withdraw, restrict or suspend the financial institution’s license, where applicable.

 

28. Regulation and supervision of DNFBPs

Designated non-financial businesses and professions should be subject to regulatory and supervisory measures as set out below.

(a) Casinos should be subject to a comprehensive regulatory and supervisory regime that ensures that they have effectively implemented the necessary AML/CFT measures. At a minimum:

casinos should be licensed;

competent authorities should take the necessary legal or regulatory measures to prevent criminals or their associates from holding, or being the beneficial owner of, a significant or controlling interest, holding a management function in, or being an operator of, a casino; and

competent authorities should ensure that casinos are effectively supervised for compliance with AML/CFT requirements.

(b) Countries should ensure that the other categories of DNFBPs are subject to effective systems for monitoring and ensuring compliance with AML/CFT requirements. This should be performed on a risk-sensitive basis. This may be performed by (a) a supervisor or (b) by an appropriate self-regulatory body (SRB), provided that such a body can ensure that its members comply with their obligations to combat money laundering and terrorist financing.

The supervisor or SRB should also (a) take the necessary measures to prevent criminals or their associates from being professionally accredited, or holding or being the beneficial owner of a significant or controlling interest or holding a management function, e.g. through evaluating persons on the basis of a “fit and proper” test; and (b) have effective, proportionate, and dissuasive sanctions in line with Recommendation 35 available to deal with failure to comply with AML/CFT requirements.

 

 

OPERATIONAL AND LAW ENFORCEMENT

 

29. Financial intelligence units

Countries should establish a financial intelligence unit (FIU) that serves as a national centre for the receipt and analysis of: (a) suspicious transaction reports; and (b) other information relevant to money laundering, associated predicate offences and terrorist financing, and for the dissemination of the results of that analysis. The FIU should be able to obtain additional information from reporting entities, and should have access on a timely basis to the financial, administrative and law enforcement information that it requires to undertake its functions properly.

 

30. Responsibilities of law enforcement and investigative authorities

Countries should ensure that designated law enforcement authorities have responsibility for money laundering and terrorist financing investigations within the framework of national AML/CFT policies. At least in all cases related to major proceeds-generating offences, these designated law enforcement authorities should develop a pro-active parallel financial investigation when pursuing money laundering, associated predicate offences and terrorist financing. This should include cases where the associated predicate offence occurs outside their jurisdictions. Countries should ensure that competent authorities have responsibility for expeditiously identifying, tracing and initiating actions to freeze and seize property that is, or may become, subject to confiscation, or is suspected of being proceeds of crime. Countries should also make use, when necessary, of permanent or temporary multi-disciplinary groups specialised in financial or asset investigations. Countries should ensure that, when necessary, cooperative investigations with appropriate competent authorities in other countries take place.

 

31. Powers of law enforcement and investigative authorities

When conducting investigations of money laundering, associated predicate offences and terrorist financing, competent authorities should be able to obtain access to all necessary documents and information for use in those investigations, and in prosecutions and related actions. This should include powers to use compulsory measures for the production of records held by financial institutions, DNFBPs and other natural or legal persons, for the search of persons and premises, for taking witness statements, and for the seizure and obtaining of evidence.

Countries should ensure that competent authorities conducting investigations are able to use a wide range of investigative techniques suitable for the investigation of money laundering, associated predicate offences and terrorist financing. These investigative techniques include: undercover operations, intercepting communications, accessing computer systems and controlled delivery. In addition, countries should have effective mechanisms in place to identify, in a timely manner, whether natural or legal persons hold or control accounts. They should also have mechanisms to ensure that competent authorities have a process to identify assets without prior notification to the owner. When conducting investigations of money laundering, associated predicate offences and terrorist financing, competent authorities should be able to ask for all relevant information held by the FIU.

 

32. Cash couriers

Countries should have measures in place to detect the physical cross-border transportation of currency and bearer negotiable instruments, including through a declaration system and/or disclosure system.

Countries should ensure that their competent authorities have the legal authority to stop or restrain currency or bearer negotiable instruments that are suspected to be related to terrorist financing, money laundering or predicate offences, or that are falsely declared or disclosed.

Countries should ensure that effective, proportionate and dissuasive sanctions are available to deal with persons who make false declaration(s) or disclosure(s). In cases where the currency or bearer negotiable instruments are related to terrorist financing, money laundering or predicate offences, countries should also adopt measures, including legislative ones consistent with Recommendation 4, which would enable the confiscation of such currency or instruments.

 

 

GENERAL REQUIREMENTS

 

33. Statistics

Countries should maintain comprehensive statistics on matters relevant to the effectiveness and efficiency of their AML/CFT systems. This should include statistics on the STRs received and disseminated; on money laundering and terrorist financing investigations, prosecutions and convictions; on property frozen, seized and confiscated; and on mutual legal assistance or other international requests for cooperation.

 

34. Guidance and feedback

The competent authorities, supervisors and SRBs should establish guidelines, and provide feedback, which will assist financial institutions and designated non-financial businesses and professions in applying national measures to combat money laundering and terrorist financing, and, in particular, in detecting and reporting suspicious transactions.

 

 

SANCTIONS

 

35. Sanctions

Countries should ensure that there is a range of effective, proportionate and dissuasive sanctions, whether criminal, civil or administrative, available to deal with natural or legal persons covered by Recommendations 6, and 8 to 23, that fail to comply with AML/CFT requirements. Sanctions should be applicable not only to financial institutions and DNFBPs, but also to their directors and senior management.

 

G. INTERNATIONAL COOPERATION

 

36. International instruments

Countries should take immediate steps to become party to and implement fully the Vienna Convention, 1988; the Palermo Convention, 2000; the United Nations Convention against Corruption, 2003; and the Terrorist Financing Convention, 1999. Where applicable, countries are also encouraged to ratify and implement other relevant international conventions, such as the Council of Europe Convention on Cybercrime, 2001; the Inter-American Convention against Terrorism, 2002; and the Council of Europe Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism, 2005.

 

37. Mutual legal assistance

Countries should rapidly, constructively and effectively provide the widest possible range of mutual legal assistance in relation to money laundering, associated predicate offences and terrorist financing investigations, prosecutions, and related proceedings. Countries should have an adequate legal basis for providing assistance and, where appropriate, should have in place treaties, arrangements or other mechanisms to enhance cooperation. In particular, countries should:

(a) Not prohibit, or place unreasonable or unduly restrictive conditions on, the provision of mutual legal assistance.

(b) Ensure that they have clear and efficient processes for the timely prioritisation and execution of mutual legal assistance requests. Countries should use a central authority, or another established official mechanism, for effective transmission and execution of requests. To monitor progress on requests, a case management system should be maintained.

(c) Not refuse to execute a request for mutual legal assistance on the sole ground that the offence is also considered to involve fiscal matters.

(d) Not refuse to execute a request for mutual legal assistance on the grounds that laws require financial institutions or DNFBPs to maintain secrecy or confidentiality (except where the relevant information that is sought is held in circumstances where legal professional privilege or legal professional secrecy applies).

(e) Maintain the confidentiality of mutual legal assistance requests they receive and the information contained in them, subject to fundamental principles of domestic law, in order to protect the integrity of the investigation or inquiry. If the requested country cannot comply with the requirement of confidentiality, it should promptly inform the requesting country.

Countries should render mutual legal assistance, notwithstanding the absence of dual criminality, if the assistance does not involve coercive actions. Countries should consider adopting such measures as may be necessary to enable them to provide a wide scope of assistance in the absence of dual criminality.

Where dual criminality is required for mutual legal assistance, that requirement should be deemed to be satisfied regardless of whether both countries place the offence within the same category of offence, or denominate the offence by the same terminology, provided that both countries criminalise the conduct underlying the offence.

Countries should ensure that, of the powers and investigative techniques required under Recommendation 31, and any other powers and investigative techniques available to their competent authorities:

(a) all those relating to the production, search and seizure of information, documents or evidence (including financial records) from financial institutions or other persons, and the taking of witness statements; and

(b) a broad range of other powers and investigative techniques;

are also available for use in response to requests for mutual legal assistance, and, if consistent with their domestic framework, in response to direct requests from foreign judicial or law enforcement authorities to domestic counterparts.

To avoid conflicts of jurisdiction, consideration should be given to devising and applying mechanisms for determining the best venue for prosecution of defendants in the interests of justice in cases that are subject to prosecution in more than one country.

Countries should, when making mutual legal assistance requests, make best efforts to provide complete factual and legal information that will allow for timely and efficient execution of requests, including any need for urgency, and should send requests using expeditious means. Countries should, before sending requests, make best efforts to ascertain the legal requirements and formalities to obtain assistance.

The authorities responsible for mutual legal assistance (e.g. a Central Authority) should be provided with adequate financial, human and technical resources. Countries should have in place processes to ensure that the staff of such authorities maintain high professional standards, including standards concerning confidentiality, and should be of high integrity and be appropriately skilled.

 

38. Mutual legal assistance: freezing and confiscation

Countries should ensure that they have the authority to take expeditious action in response to requests by foreign countries to identify, freeze, seize and confiscate property laundered; proceeds from money laundering, predicate offences and terrorist financing; instrumentalities used in, or intended for use in, the commission of these offences; or property of corresponding value. This authority should include being able to respond to requests made on the basis of non-conviction-based confiscation proceedings and related provisional measures, unless this is inconsistent with fundamental principles of their domestic law. Countries should also have effective mechanisms for managing such property, instrumentalities or property of corresponding value, and arrangements for coordinating seizure and confiscation proceedings, which should include the sharing of confiscated assets.

 

39. Extradition

Countries should constructively and effectively execute extradition requests in relation to money laundering and terrorist financing, without undue delay. Countries should also take all possible measures to ensure that they do not provide safe havens for individuals charged with the financing of terrorism, terrorist acts or terrorist organisations. In particular, countries should:

(a) ensure money laundering and terrorist financing are extraditable offences;

(b) ensure that they have clear and efficient processes for the timely execution of extradition requests including prioritisation where appropriate. To monitor progress of requests a case management system should be maintained;

(c) not place unreasonable or unduly restrictive conditions on the execution of requests; and

(d) ensure they have an adequate legal framework for extradition.

Each country should either extradite its own nationals, or, where a country does not do so solely on the grounds of nationality, that country should, at the request of the country seeking extradition, submit the case, without undue delay, to its competent authorities for the purpose of prosecution of the offences set forth in the request. Those authorities should take their decision and conduct their proceedings in the same manner as in the case of any other offence of a serious nature under the domestic law of that country. The countries concerned should cooperate with each other, in particular on procedural and evidentiary aspects, to ensure the efficiency of such prosecutions.

Where dual criminality is required for extradition, that requirement should be deemed to be satisfied regardless of whether both countries place the offence within the same category of offence, or denominate the offence by the same terminology, provided that both countries criminalise the conduct underlying the offence.

Consistent with fundamental principles of domestic law, countries should have simplified extradition mechanisms, such as allowing direct transmission of requests for provisional arrests between appropriate authorities, extraditing persons based only on warrants of arrests or judgments, or introducing a simplified extradition of consenting persons who waive formal extradition proceedings. The authorities responsible for extradition should be provided with adequate financial, human and technical resources. Countries should have in place processes to ensure that the staff of such authorities maintain high professional standards, including standards concerning confidentiality, and should be of high integrity and be appropriately skilled.

 

40. Other forms of international cooperation

Countries should ensure that their competent authorities can rapidly, constructively and effectively provide the widest range of international cooperation in relation to money laundering, associated predicate offences and terrorist financing. Countries should do so both spontaneously and upon request, and there should be a lawful basis for providing cooperation. Countries should authorise their competent authorities to use the most efficient means to cooperate. Should a competent authority need bilateral or multilateral agreements or arrangements, such as a Memorandum of Understanding (MOU), these should be negotiated and signed in a timely way with the widest range of foreign counterparts.

Competent authorities should use clear channels or mechanisms for the effective transmission and execution of requests for information or other types of assistance. Competent authorities should have clear and efficient processes for the prioritisation and timely execution of requests, and for safeguarding the information received.

 

Mutual Evaluation Report: 2016
C
L
P
N
N/A
    C  -  Fully Compliant ,   
    L  -  Largely Compliant,    
    P  -  Partially Compliant    
    N  -  Non-Compliant
10
25
5
0
0