anti-money laundering policy 2014 - bank muscat...the bank muscat agm compliance will hold the...
TRANSCRIPT
Anti-Money Laundering Policy 2014
FOR INTERNAL USE ONLY Policy owner: AGM Compliance.
Approving Authority Sign Off/ Approval date Board of Directors Earlier policy approved by the Board of Directors in
their meeting dated 25th January, 2010. Board of Directors Approved by the Board of Directors in their meeting
dated 15th October, 2012. Board of Directors Approved by the Board of Directors in their meeting
dated 28th January, 2015.
Table of contents 1. Introduction 3 2. Definitions 5 2.1 Definition of Money Laundering 5 2.2 The Money Laundering Process 5 2.3 Terrorist Financing 5 3. The Money Laundering Reporting Officer 6 4. Contact Details – Advice and Assistance 8 5. Key Guidelines (Articles) as per the Law 9 6. AML Penalties as per the Law 14 7. Principles of Anti Money Laundering 17 7.1 Risk Based Approach 17 7.2 Customer Due Diligence 18 7.3 Persons and Entities subject to sanctions 20 7.4 Politically Exposed Person’s 20 7.5 Transaction Monitoring 22 7.6 Suspicious Transaction Reporting (STR’s) 23 7.7 Anti-Money Laundering Training 24 7.8 Record Retention 24 7.9 Monitoring Compliance with AML Policy and
Divisional Procedures 25
7.10 Updating KYC information 25 8. Quarterly Board Reporting 25 9. Policy ownership and review 26 10. Assurance 26
2
1. Introduction The Anti-Money Laundering (AML) Policy is an expression of bank muscat’s’s commitment to the fight against financial crime and the financing of terrorism. bank muscat will never knowingly allow itself to be used for the purposes of money laundering or terrorist financing. The Board of Directors, Executive Management and the employees of bank muscat, affirm that they shall not in any manner associate themselves with the offences of Money Laundering and Terrorism Financing. This policy sets outs the Banks principles and minimum standards for fighting financial crime and the financing of terrorism, which must be complied with across all divisions. This Policy sets out these principles and minimum standards to ensure we refer to and follow all applicable laws, rules and industry guidance that are applicable to bank muscat. The Laws of the Sultanate of Oman that are applicable in this instant are as follows:
• The Law of Money Laundering, Royal Decree No. 34/2002 dated 27 March 22;
• Promulgating the Executive Regulation of the Law of Money Laundering, Royal Decree No. 72/2004 dated 28 June 2004;
• Law of Combating Money Laundering and Terrorism Financing dated 8th July 2010.
In order to achieve this and to protect the business, it is essential that Divisions adhere to the AML principles and minimum standards contained herein to ensure effective systems and controls are in place to combat Money Laundering and Terrorist Finance within their areas. The Compliance Division will work closely with each division to ensure the divisional procedures are consistent, up to date and fairly reflect the requirements of this policy. Abbreviations: 'AML' means Anti-Money Laundering; 'CDD' means Customer Due Diligence;
3
'CTF' means Combating Terrorist Financing. For the purposes of this Policy, where reference to AML is made, this also refers to CTF; 'MLRO' means Money Laundering Reporting Officer; 'DMLRO' means Deputy Money Laundering Reporting Officer; 'EDD' means Enhanced Due Diligence. 'PEPS' are customers/clients who are Politically Exposed Persons. 'STR' means Suspicious Transaction Report. 'SDD' means Simplified Due Diligence. ‘CBO’ means Central Bank of Oman ‘ROP’ means Royal Oman Police
4
2. Definitions 2.1 Definition of Money Laundering Money laundering occurs every time any transaction takes place or any relationship is formed that involves any form of property that has come from any crime. The Criminal offence of money laundering only takes place when both the act of money laundering takes place and the person or business that handles the property has reasonable grounds to suspect that the property derives from crime. As the term Money Laundering itself indicates, it is a means to wash dirty money and make it clean (legal). It is essentially the process of creating the appearance that large amounts of money obtained from serious crimes, such as drug trafficking, originated from a legitimate source. 2.2 The Money Laundering Process Money Laundering normally goes through a three stage process consisting of: Placement: cash form of funds obtained illegally and introduced to the financial systems; Layering: Putting the deposited cash thorough a complex series of financial transactions in order to disguise the trace of the original source; Integration: the illegal cash is re-introduced to the economy as proceeds from legitimate sources and washed of all traces of its illegal origins. 2.3 Terrorist Financing Terrorist financing refers to the processing of funds to sponsor or facilitate terrorist activity. A terrorist group, like any other criminal organization, builds and maintains an infrastructure to facilitate the development of sources of funding, to channel those funds to the providers of materials and or services to the organization, and, possibly, to launder the funds used in financing the terrorist activity or resulting from that same activity.
5
3. The Money Laundering Reporting Officer The MLRO is the owner of this Policy and he / she has overall responsibility for providing functional leadership to all Divisions in respect of compliance with the Policy and Minimum Standards.
The bank muscat AGM Compliance will hold the position of MLRO within the organization and he / she will be suitably qualified in terms of experience and qualifications to fulfill that role. The MLRO will report directly to the Board and will advise the Board of any material breaches to this policy. In the absence of the MLRO, the Deputy MLRO will ensure the responsibilities of the MLRO are fully executed. The Deputy MLRO will also be suitably qualified in terms of qualifications and AML experience. Responsibilities of the MLRO are as follows:
• Acts as the contact point in the Bank for the oversight of all activity relating to the prevention of money laundering and terrorist financing;
• Responsible for the communication of the AML Policy to all parts of the
business;
• Has a sufficient level of seniority and independence, and is free to act on his/her own authority;
• Has an appropriate compliance framework in place to enable him/her to
monitor the day to day operations of the policy and to respond promptly to any reasonable request for information made by the FIU;
• Has sufficient resources to perform all aspects of the role delegated to
him;
• Has unfettered access to all relevant information within the organization that will allow him / her to perform his/her role effectively.
• Receiving and considering suspicious transaction reports in relation to
knowledge or suspicion of money laundering or terrorist financing activity and making timely external suspicious transaction reports to the Financial Intelligent Unit , or relevant law enforcement agencies where appropriate,
• Ensuring adequate arrangements for AML awareness and training are
implemented across the bank;
6
• Managing the relationship with the regulators in respect of AML matters;
• Providing support to Divisions in relation to drafting procedures to support
this policy;
• Providing oversight of compliance with this policy through compliance reviews and reporting the findings to the Board and Executive Management;
• Ensuring the Bank is fully aware of obligations in respect of AML
Document Retention obligations;
• Ensuring there are adequate electronic monitoring tools in place to assist with the detection of money laundering and terrorist financing;
• Ensuring all relevant AML regulatory returns are submitted on a timely and
accurate basis;
• Ensuring the policy is reviewed on an ongoing basis to ensure it remains fit for purpose and then presenting it to the board for approval at least once every two years.
7
4. Contact details – Advice and Assistance If you have any questions regarding any aspect of this Policy please contact the Anti-Money laundering team. Damian O’Riordan, AGM - Compliance, MLRO; [email protected], Ext. 8526 Abdullah Al Mamari, Head AML & DMLRO [email protected], Ext 8575 K J Roy, Head Regulatory Affairs – Capital Market Authority; [email protected], Ext. 8946
8
5. Key guidelines (Articles) as per the Law Key guidelines (Articles) issued via the Royal Decree 79/2010 dated 28th June 2010 are as follows: Article (2): Any person shall be guilty of the crime of money laundering if he on purpose carries out any of the following acts;
1. Exchange, transfer, or move funds, carry out any transactions by the proceeds of the crime while being consciously aware they are obtained directly or indirectly from a crime or any other act that constitutes a participation in a crime in order to disguise or conceal the nature and source of such proceeds, help any person(s) involved in a crime, hinder the exposure of a person who has committed the crime from which the proceeds have been obtained, or help a person escape the legal penalty fixed for his acts.
2. Disguise or conceal the nature, source, location, movement and ownership of the proceeds of the crime and the related or resulting rights while being consciously aware that they are obtained directly or indirectly from a crime, or any other act that constitutes a participation in a crime.
3. Acquiring, owning, receiving, managing, investing, guaranteeing, or using the proceeds of the crime, holding or keeping the same while being consciously aware that they are obtained directly or indirectly from a crime, or any other act that constitutes it participation in a crime.
Article (3): Any person who collects or provides funds directly or indirectly and by any means while being consciously aware that they will be used wholly or in part in financing any of the following shall be considered as a perpetrator of terrorism financing crime.
1. Terrorism, terroristic crime or terroristic organisation.
2. Perpetration of an act that constitutes a crime under the conventions or treaties related to combating terrorism and to which the Sultanate is a party and whether this crime takes place inside or outside the Sultanate.
9
The crimes covered in this Article shall not include the instances that involve struggle, by whatever means, against foreign occupation, aggression for liberation and self-determination in accordance with the principles of international law. Article (4): Any person shall be guilty of a crime related to money laundering or terrorism financing if he has information or suspicious owing to his profession, activity, employment, business or any other means relating to:
1. Any money laundering or terrorism financing crime but has not informed the competent authorities thereof.
2. Taking any measure of inquiry or investigation in one of money laundering or terrorism financing crimes but has disclosed it in a way that would prejudice the interests of that inquiry or investigation.
Article (5):
Any person, who has initiated, participated instigated, assisted or agreed to commit money laundering or terrorism financing crime shall be considered to have committed predicate offence. The financial institutions, the non-financial businesses and professions, non-profit associations and bodies shall be liable for that crime if committed in their name or on their behalf. Article (7): The Financial Intelligence Unit (FIU) shall receive the reports and information from financial institution, non-financial businesses and professions, non-profit associations and bodies and other competent entities regarding the transactions suspected to involve the proceeds of any crime or to be related to terrorism, terroristic crime, or terroristic crime, or terroristic organisation or money laundering terrorism financing and the attempts to conduct these transactions. The Unit shall establish a database of all available reports and information and develop enough means to make them available to the judicial authorities as well as the exchange of such information and coordination with the competent entities in the Sultanate, foreign countries and international organisation in accordance with the provisions of International or bilateral conventions and agreements to which the Sultanate is a party, or in application of reciprocity principle provided that the information is used for the purposes of combating
10
money laundering and terrorism financing. The Unit shall develop an annual report of its activities in the fields of combating money laundering and terrorism financing crimes. This report shall include its work on the reports received, and its proposals regarding the activation of combating systems and mechanisms. The Minister shall submit that report to the Council of Ministers upon the recommendation of the Committee. Article (12): Financial Institutions, non-financial businesses and professions and non-profit associations and bodies are committed to:
1. Verify that they are dealing with counterparties that have a physical presence in the countries in which they are registered and that are subject to regulation in these countries.
2. Observe due diligence to identify, verify, and update the identity of real
clients and beneficiaries in accordance with the conditions and guidelines specified in the Regulation.
3. Avoid opening of anonymous accounts or accounts in pseudonyms, fake names, or secret numbers or codes or providing services to them.
4. Monitor client’s transactions on an ongoing basis and verify the sources of their funds to ensure they match the information available on their funds to ensure they match the information available on their identity, nature of their activities and the degree of risk.
5. Classify the clients and services according to the degree of risk of money laundering and terrorism financing. They shall observe enhanced diligence in dealing with persons who are exposed to risk owing to their positions and other instances that represent high degree of risk in accordance with the instances and controls specified in the Regulation.
6. Retain records, documents, information and data relating to the identity of real clients and beneficiaries and their activities and transaction records in a way which facilitates the retrieval thereof upon request in accordance with the provisions of this Law and for a period of (10) years commencing from the date of conducting or initiating the transaction or closing the account or end of relationship, whichever is later. Upon request, they shall provide these records and documents to the judicial authorities that may
11
keep authenticated copies of these records and documents for the said period. These copies shall have the same legal evidence effect as the originals. The Regulation shall specify the records, documents, information and data that must be retained.
7. Verify the compliance of their branches abroad with the procedures of combating money laundering and terrorism financing.
8. Provide the Unit directly with the information, data and documents it may require to conduct its functions.
9. Develop sufficient systems for the application of the provisions of this law provided that these systems include internal policies, procedures, control systems, compliance, training and appointment of compliance officers at these institutions in accordance with regulations, standards and rules established by concerned regulatory entities.
Article (13): Financial institutions engaged in wire transfers shall ensure the clients identity verification records as specified in the Regulation. The financial institutions receiving the wire transfer shall refuse to receive it unless it contains a statement of identity verification. The provision of this Article shall not apply to the following:
1. Transfers conducted as a result of credit card and ATM card transactions provided that the number of credit card or ATM card is attached to the transfer resulting from the transaction.
2. Transfers conducted among financial institutions when the source and beneficiary are financial institutions working for their own interests.
Article (14): Notwithstanding the provisions relating to the confidentiality of banking transactions and professional confidentiality , the financial institutions, non-financial businesses and professions, and non-profit associations and bodies are committed to notify the Unit regarding the transactions as soon as they are suspected of being related to the proceeds of crime proceeds, terrorism, terroristic crime or terroristic organisation or involving money laundering or terrorism financing crimes, whether such transaction have or have not been conducted or at the time it is attempted to be conducted in accordance with
12
guidelines and procedures specified in the Regulation. Article (15): It is prohibited to disclose, directly or indirectly or by any means whatsoever, to the client, the beneficiary or anybody other than competent authorities and bodies to apply the provisions of this Law any of the procedures for reporting, analysis, or inquiry undertaken with respect to financial and non-financial transactions suspected of money laundering or terrorism financing.
13
6. AML penalties as per the Law (Royal Decree No.79/2010 dated 10th June 2010) Penalties: Article (26): Without prejudice to any severer penalty stipulated in the Penal Code or any other law, the crimes set forth in the following Articles shall be punished by the penalties provided therein; Article (27): The penalty of imprisonment for a term of not less than (3) three years and not more than (10) ten years and a fine of not less than (5000) five thousand Rials and not more than the equivalent amount of money subject to money laundering crime shall be applied to any person who commits or attempts to commit money laundering crime. Article (28): The penalty of imprisonment for a term of not more than (3) three years and a fine of not more than (3,000) three thousand Rials or either of them shall be applied to any person who commits the crime stipulated in Article (4) of this Law. Article (29): The penalty of imprisonment for a term of not less than one year and a fine not exceeding (10,000) ten thousand Rials or either of them shall be applied to any person who violates the provisions of Article (15) of this Law. Article (30): The penalties stipulated in Articles 27, 28 and 29 of the Law shall be doubled in the following cases.
1. If the crime has been committed in conjunction with one or more persons;
2. If the offender commits the crime through an organized criminal gang;
3. If the crime has been committed as a part of /combined with other
14
criminal activities;
4. If the offender has committed the crime taking advantage of his powers or influence through a financial institution or the like, or taking advantage of the facilities vested in him by his office or his professional or social activity;
5. If the offender is an accomplice in the original crime from which the money subject to money laundering crime has been obtained, whether being a perpetrator or an accomplice.
Article (31): The penalty of imprisonment for a term of not less than (10) ten years and a fine of not less than (10,000) ten thousand Rials and not more than the equivalent amount of money subject to terrorism financing crime shall be applied to any person who commits the crime of terrorism financing or initiates or participates in its perpetration. Article (32): The penalty of imprisonment for a term of not less than (3) three months and not more than (2) two years and a fine of not less than (1,000) One Thousand Rials and not more than (10,000) Ten thousand Rials, or either of them shall be applied to any of the Chairman and Directors of the boards of financial institutions. Article (33): A fine of not less than (10,000) Ten thousand Rials and not more than the equivalent amount of money subject to money laundering or terrorism financing crime shall be applied to the financial institutions, non-financial businesses and professions, and non-profit associations and bodies whose liability is established in accordance and bodies whose liability is established in accordance with the provisions of the Article (5) of this law. Article (36): In case of conviction with money laundering or terrorism financing crime or attempted perpetration thereof, the Court shall issue a ruling for the confiscation of:
15
1. Funds and properties subject to money laundering or terrorism-financing crime and the means employed, income and other revenues derived from it that accrue to any person unless he proves that he has obtained the same legitimately and that he has been unaware it was the source of money laundering or terrorism financing crime.
2. Proceeds of the crime belonging to a person convicted with money laundering or terrorism financing crime or to his spouse, children, or any other person, unless the parties concerned establish they have acquired them form a legitimate source.
3. Funds and properties that have become a part of the assets of the perpetrator of money laundering or terrorism financing crime, wherever found, unless the parties concerned establish they have acquired them from a legitimate source.
When the funds subject to money laundering or terrorism financing crime are mixed with the funds that have been obtained from legitimate sources, the ruling of forfeiture shall apply only to the funds subject to money laundering or terrorism financing crime.
Tipping Off
Special mention is given to Article 15 of the Royal Decree No.79/2010, which is commonly referred to as “Tipping Off.” A customer/non-customer must never be tipped off that they are being investigated or have been reported to the authorities. The offence of tipping off is committed by a person who discloses information that is likely to prejudice an actual or a proposed investigation. This can be either before or after a suspicious transaction report is made to the authorities, and includes circumstances where the person knows or suspects that there is either an investigation, or a proposed investigation, or that a disclosure has been made to authorities. Tipping off does become a very real threat once a STR is made to authorities, and all communications between a financial service business, its employees and suspected clients must be handled with care. If staff members have a concern about how to deal with such a client, they should look for guidance from the Compliance Division and MLRO. Failure by any staff member to report a suspicious transaction will subject that individual to full disciplinary procedures per bank policy / and possible criminal sanctions if they fail, without reasonable excuse to make a report.
16
7. Principles of Anti-Money Laundering
The senior management of each Division are accountable for managing the AML risks within their Division. They are free to delegate the day-to-day responsibility as they see fit. They are responsible for ensuring effective implementation of, and compliance with, this Policy and supporting procedures i.e. Know Your Customer (KYC) procedure documented by the Bank.
The Policy highlights colleagues' individual obligations / responsibilities and is designed to be directly implemented by each Division.
Each division in bank muscat including International divisions will be responsible for ensuring the following principles and minimum standards have been implemented. The Compliance Division will provide assistance in developing and documenting appropriate procedures that ensure these principles are supported and implemented in a structured fashion. The following principles are covered in this policy;
• Risk Based approach to AML compliance, • Customer Due Diligence H, M, L, • Persons and Entities subject to Sanctions, • Politically Exposed Person’s, • Transaction Monitoring, • Suspicious Transaction Reporting, • AML Training, • Record Keeping, • Monitoring Compliance with policy and procedure.
7.1 Risk Based Approach
bank muscat will adopt a risk based approach to Anti-Money Laundering across a number of specific areas. These areas will be as follows;
• Considering using various levels of identification procedures and collection and/or verification of Customer Due Diligence (CDD) information (e.g. source of funds or wealth); the rationale behind any decision to use SDD or EDD will be fully documented as part of the banks KYC procedures. All customers will be categorized as High, Medium and Low (H, M, L) risk from an AML perspective,
17
• Amount of customer account activity monitoring that is employed,
• Providing AML training that is consistent with the colleague’s role (base level training for all staff),
• Amount of compliance monitoring to be performed in the various
business areas. It is acknowledged that in some jurisdictions local regulations may restrict the ability to apply a risk based approach, but all the principles of the AML policy should be adopted nonetheless. 7.2 Customer Due Diligence
bank muscat will ensure the following principles of customer due diligence are followed;
• Verifying the identity of the customer by obtaining documents, data, or information obtained from a reliable and independent source;
• Identifying, where applicable, beneficial owners and taking adequate
steps to verify their identity, including in the case of trusts or similar arrangements, to understand the ownership and control structure of the customer;
• Applying a process to establish where simplified due diligence
procedures can be applied where appropriate;
• Applying enhanced customer due diligence requirements where the risk of money laundering or terrorist financing is higher, taking into account such considerations as non face-to-face business, non-resident business, PEPs and correspondent banking relationships;
• Ensuring arrangements are in place for those persons/entities that may
(under certain circumstances) not be dealt with (see Persons and Entities subject to Sanctions section);
• Ensuring that no correspondent banking relationships are entered into,
or continue with, a shell bank. A shell bank is defined as a bank incorporated in a jurisdiction in which it has no physical presence and which is unaffiliated with a regulated group;
18
• Ensuring for the purposes of these minimum standards, the definition
of the term 'customer' includes relationships with correspondent banks;
• Ensuring no anonymous accounts are set up for any new or existing
customer;
• Ensuring that, if satisfactory evidence of identity cannot be obtained prior to the business relationship commencing, or within a reasonable timescale, the transaction or business relationship must not proceed further;
• Consideration must also be given to whether the failure to produce the
standard verification documents merits a report being made to the ROP / CBO or other equivalent agency;
• Ensuring that there is a process of ensuring customers information and
supporting documentation is up to date;
• When an existing customer has an account with bank muscat and applies to a separate division to open another account, introductory certificates can be used. Please note that it is the responsibility of both divisions in this instant to ensure that the correct CDD requirements are in place. In addition, divisions should note that these procedures will be subject to additional monitoring from the Compliance team;
• The Bank has a detailed Know Your Customer (KYC) procedure in place that covers due diligence requirements for on-boarding various types of customers. The KYC procedure document, spells out enhanced due-diligence requirements for accounts related to Non-Residents, Charities / Sports Clubs, offshore, Correspondent Banks etc., and all such accounts are required to be pre-approved by Compliance. Further all Asset Management, Private Banking clients are subject to enhanced due diligence and undergo a more exhaustive account opening / profiling process than the standard account opening process. Business Accounts (for any currency) where shareholders are of Iranian, Syrian, Sudanese, Cuban, Russian, Ukrainian, Yemen, Somalia nationality or of a nationality deemed high risk by Compliance need to be pre-approved by Compliance;
19
All above accounts are classified as ‘High Risk - H’ and are subject to enhanced monitoring;
7.3 Persons and Entities that are subject to Sanctions and
supporting Terrorist Activities
bank muscat recognize the threat posed by sanctioned entities and individuals to the international banking system. As such, the bank will take appropriate precautions to ensure there are measures in place to prevent such relationships and to ensure those identified are fully investigated with appropriate action taken. These measures will include the following;
• The Bank will adopt measures to regularly sweep customer
transactions against international sanction listings;;
• Screening of all outward / inward swift transfers against relevant sanction listings;
• pre-screening at the account opening stage against international
sanction listings;
• appropriate procedures to determine whether or not a customer identified by the sweep / screening is on a sanctioned listing.
Full details on the sanction listing and steps to be taken once identified are included in the divisional procedures. 7.4 Politically Exposed Persons
The term "politically exposed persons" ("PEP") applies to persons who perform important public functions for a state. According to the Wolsberg Principles, (The Wolfsberg Group is an association of eleven global banks, which aims to develop financial services industry standards, and related products, for Know Your Customer, Anti-Money Laundering and Counter Terrorist Financing policies), the term should be understood to include persons whose current or former position can attract publicity beyond the borders of the country concerned and whose financial circumstances may be the subject of additional public interest. In specific cases, local factors in the country concerned, such as the political and social environment, should be considered when deciding whether a person falls within the definition.
20
The following examples are intended to serve as aids to interpretation:
• Heads of state, government and cabinet ministers; • Influential functionaries in nationalized industries and government
administration; • Senior judges; • Senior party functionaries; • Senior and/or influential officials, functionaries and military leaders and
people with similar functions in international organizations; • Members of ruling royal families; • Senior and/or influential representatives of religious organizations (if these
functions are connected with political, judicial, military or administrative responsibilities)
bank muscat recognizes that there is an added risk associated with certain PEP’s, and will take appropriate steps that will assist in appropriately managing this business. These measures will include the following;
• Pre- screening of clients to establish if they are Politically Exposed
Persons;
• Categorize those that are PEP’s on the system;
• The bank will adopt measures to regularly sweep customer transactions to identify any possible PEP matches;
• Appropriate procedures to determine whether or not a customer identified
by the sweep is a PEP;
• Procedures to ensure Senior Management approval for establishing a business relationship with such a person. The level of approval will depend on the risk involved. PEP’s in those countries deemed to be lower risk will be approved by the Compliance function, with countries deemed to be higher risk approved by a member of the Executive Management team. The categorization of countries is provided in the departmental procedures.
• Appropriate procedures to ensure ongoing monitoring is performed on
such sanctioned identified relationships through the electronic monitoring system.
21
7.5 Transaction Monitoring
We will ensure that there are procedures in place to monitor customer transactions and activities in order to highlight unusual transactions that may warrant further investigation. We will ensure that scrutiny of transactions is undertaken throughout the course of the relationship to ensure that transactions are consistent with the customer's expected pattern of business.
bank muscat (Head Office) will perform regular AML assessment to
identify those areas of Anti-Money Laundering risk that it is most exposed to. On the back of this it will employ a rules based electronic monitoring tool to ensure customer transactions are monitored, investigated and reported where necessary to the competent authorities,
bank muscat, including its overseas branches must use appropriate
transaction monitoring processes. These could take the form of an individual review of a business relationship; manual intervention by colleagues as a result of training and awareness; or the use of automated systems,
Procedures must ensure that up to date customer information is available
to those required to consider unusual activity so that pertinent questions can be asked and an informed decision made on whether something is suspicious or not,
Each Division needs to consider the following characteristics when
applying a risk based approach as part of their transaction monitoring programme: a threshold amount that could be deemed "unusual"; an abnormal event (e.g. sudden debits or credits out with the
normal operation of the account); Geographic destinations or origins of payments.
All training and awareness programmes or procedures should include an
understanding of the colleague responsibilities in relation to transaction monitoring and situations that could give rise to suspicion.
22
7.6 Suspicious Transaction Reporting (STR’s)
bank muscat fully acknowledges the importance of reporting Suspicious Transactions to the competent authorities. The bank places great emphasis on creating awareness in this area and in ensuring that actual reports are of the required quality before they are furnished to the competent authorities. The measures the Bank takes to ensure this are as follows:
• The Compliance department will regularly communicate colleague responsibilities in respect of reporting suspicious transactions. It should be noted that all Directors, Management and Employees have a legal duty to report suspicious transactions to the MLRO;
• Colleagues will be allowed to report suspicious transactions to the
MLRO directly or via the Anti-Money Laundering department without informing or indeed receiving approval from their line management;
• The compliance department will evaluate all suspicious transactions
reported to it and then decide on whether a suspicious transaction report must be furnished to the competent authorities;
• The compliance division will maintain all suspicious transaction reports
furnished to it in a safe and secure location and will not discuss the matter with any colleagues or management outside of the compliance Anti-Money Laundering team;
• The Compliance department will furnish STR’s to the competent
authority in the prescribed format and ensure this is performed in a clear, concise and speedy fashion. All STR’s will be stored in a secure and safe location with access only granted to Compliance staff that require access through the course of their duties;
• International branches will ensure suspicious reporting complies with
local regulatory requirements and the local person assigned with MLRO responsibilities will ensure the branch complies with all regulatory obligations;
• The Compliance Division will make all colleagues aware of the
penalties / discipline that can be enforced in the event that they do not report suspicious transactions / activity.
23
7.7 Anti-Money Laundering Training
The MLRO will raise awareness on money laundering and terrorist financing prevention and will train and test relevant colleagues’ understanding on what money laundering and terrorist financing is, the requirements of legislation and regulation, relevant KYC procedures, how to recognize and deal with suspicious activity, and the personal obligations of staff. These measures will be as follows; • All colleagues who have responsibility for a customer relationship, or for
handling transactions which may involve money laundering or terrorist financing, will receive training within a reasonable period following commencement of employment,
• These colleagues will also receive annual refresher training and testing
where deemed appropriate,
• Training and awareness material regarding AML Policies and Procedures will be available to all staff, including staff in overseas offices and branches. The content of the material must include:
o the laws and associated penalties relating to money laundering and terrorist finance;
o account opening/new customer controls; o measures to monitor client activity, including, where appropriate,
transaction monitoring; o the recognition and reporting of suspicious activity including, where
applicable; o procedures in relation to sanction awareness, etc.
• In addition, key staff in the business, control functions and compliance
department will be required to sit internationally recognized Certificates in Compliance to ensure there is specialist expertise available in the bank at all times.
7.8 Record Retention
We will retain adequate records relating to AML, e.g. STR’s for at least 10 years and store them in a manner which is secure and easily retrievable. For identification and new customer/account opening records, and all appropriate supporting documentation collated throughout the relationship, these must
24
be retained for at least 10 years after a business relationship has ended. We will respond fully and in a timely manner, to any lawful request for information made by appropriate authorities (e.g. the ROP) during their investigations into financial crime. 7.9 Monitoring Compliance with AML Policy and Divisional
Procedures
The Bank will have risk based monitoring plans in place, including monitoring of the account opening process to ensure that all our operations are complying with this Policy and AML Procedures. These monitoring plans will include reviews and audits performed respectively by the Compliance and Internal Audit Departments. The outcome of these reviews will be reported to Executive Management and the Board of Directors / Board Audit Committee.
7.10 Updating KYC Information
Customer profiles are captured in the Account Opening Forms (AOF) based on details about the customer like Address, Residential Status, Identity documents, Nature of business activity, Income details etc. On expiry of the identity documents, the Bank may request for any additional details / documents from the customer. This exercise will be performed on an ongoing basis.
This is to ensure that the customer accounts are updated with the latest information.
8. Quarterly Board Reporting AGM Compliance will meet with the Board of Directors at least four times a year, where he / she will present a Quarterly Board Compliance Report. This Report will contain a section on all AML matters including an update of the number of Suspicious Transaction Reporting (STR) submitted to the competent authority during the period.
25
9. Policy ownership and review The Policy is owned by AGM Compliance who will ensure that the policy is reviewed on an on-going basis. It will receive Board approval at least once every two years. If there are any material changes to the policy during this time, they will be presented before the Board in the normal course. 10. Assurance Best practice guidance suggests that the Board of Directors should consider the effectiveness of all policies and procedures on a regular basis. This provides input to the Board’s review of the system of internal control. At bank muscat, the internal audit function is mandated to provide assurance in relation to this subject matter.
26