Professional Documents
Culture Documents
SECP
Framework for AML/CFT-Before June 2018
• NBFCs: Circulars 12 of 2009; u/s 282B of the Companies Ordinance 1984
• Stockbrokers: Rule 4.17 of the PSX Rule book read with the PSX KYC & CDD Guidelines dated
Mar 16, 2012.
• Modarabas: Circular 29 of 2009 /s 11 of the Modaraba Companies and Modaraba (Floatation
and Control) Ordinance, 1980;
• Insurers/ Takaful Operators: Directive u/s 40B read with section 20 (4) (u) and section 20 (6)
(fa) and (g) of the SECP Act 1997.
Guidance on UNSCR 1267 Compliance: 2015 Guidance for Compliance of SROs issued under
UNSC Act, 1948 for implementation of UNSCR 1267
Framework obligated FI to undertake;
KYC/CDD and determining BO for all new and existing customers
Risk profiling of customers, EDD for high risk customers and PEPs
STR reporting
Appropriate internal controls
Record keeping and updating
Regular accession to the UNSC 1267 Consolidated List and immediate assets freeze of any
listed individuals/ entities
Compliance to the above made part of SECP's inspection manual enforced through
SECP’ inspection regime
Presentation Name/ Company
Name:
Overview of Regulations
The Securities and Exchange Commission of Pakistan
(SECP) notified Anti Money Laundering and Countering
Financing of Terrorism Regulations, 2018 in June 2018.
The Regulations are fully compliant with Financial Action
Task Force (FATF) Recommendations
The regulations supersede all earlier circular/notifications
which had separate anti money laundering (AML) and
countering financial of terrorism (CFT) requirements for
financial institutions regulated by the SECP
These Regulations provide a single set of Regulations for all
the aforementioned financial institutions with the aim to
harmonize the AML/CFT regime.
SECP AML Regulations
2.Definitions
3.Risk Assessment
4.Risk Mitigation and Applying Risk Based Approach
5.New Products, Practices and Technologies
6.Customer Due Diligence
7.Beneficial Ownership of Legal Persons and Legal Arrangements
8.Identification of Beneficiary for Life Insurance or Takaful Policies
9.Enhanced Due Diligence
10.Politically Exposed Persons (PEPs)
11.Simplified Due Diligence
12.Reliance on Third Parties
13.Ongoing Monitoring
14.Reporting of Transactions (STRs/CTRs)
SECP AML Regulations
MISCELLANEOUS:
15.Record Keeping
16.Foreign Branches and Subsidiaries
17.Correspondent Relationship
18.Appointment of Compliance Officer
19.Financial Groups
20.Screening and Training
21.Penalty
22.Repeal
3.Risk Assessment
1.A regulated person shall take appropriate steps to
identify, assess and understand, its money laundering
and terrorism financing risks.
a) its customers;
b) the jurisdictions or countries its customers are from or
in;
c) the jurisdictions or countries the regulated person has
operations or dealings in; and
d) the products, services, transactions and delivery
channels of the regulated person.
2.Appropriate steps referred to in sub-regulation
(1), shall include
(a) documenting the regulated person risk assessments;
(b) considering all the relevant risk factors before determining
the level of overall risk and the appropriate type and extent
of mitigation to be applied;
(c) keeping the risk assessments up-to-date;
(d) categorizing the overall entity level risk as high, medium
or low based on the result of risk assessment; and
(e) having appropriate mechanisms to provide its risk
assessment information to the Commission.
4. Risk Mitigation and Applying Risk
Based Approach.
Counter measures should include:
(a)develop and implement policies, procedures and controls,
which are approved by its board of directors, to enable the
regulated person to effectively manage and mitigate the risks
that are identified in the risk assessment of ML/TF or notified
to it by the Commission;
(b) monitor the implementation of those policies, procedures and
controls and enhance them if necessary;
(c) perform enhanced measures where higher risks are
identified, to effectively manage and mitigate those higher
risks; and
(d) have an independent audit function to test the system.
5.New Products, Practices and
Technologies
a) identify and assess the money laundering and
terrorism financing risks
the development of new products
the use of new or developing technologies
b) undertake the risk assessments, prior to the launch
or use of such products
c) pay special attention on those which favour
anonymity
6. Customer Due Diligence
1.Anonymous accounts or an accounts in fictitious name not to be opened or
maintained
2.CDD when establishing business relationship and when there is doubt about
previously obtained customer identification data
3.CDD may include:
identifying the customer or beneficial owner
understanding and, as appropriate, obtaining information on the purpose
and intended nature of the business relationship
monitoring of accounts/transactions on ongoing basis
8. Each customer shall be categorized as high or low risk, depending upon the
outcome of the CDD process.
9. regulated person will maintain a list of all such customers/accounts where the
business relationship was refused or needed to be closed on account of negative
verification;
10. where regulated person are not able to satisfactorily complete required CDD
measures, account shall not be opened or any service provided /filing of STR
10. Regulated person are required to apply CDD requirement to its existing
customers on the basis of materiality and risk and should conduct due
diligence on existing relations at appropriate times.
11. where regulated person are not able to satisfactorily complete required
CDD measures, account shall not be opened or existing business
relationship shall be terminated and consideration shall be given if the
circumstances are suspicious so as to warrant the filing of an STR in
relation to the customer.
12. where regulated person forms a suspicion of money laundering or terrorist
financing, and it reasonably believes that performing the CDD process will
tip-off the customer, it may not pursue the CDD process, and instead should
file an STR in accordance with regulation 14.
13.Government entities accounts shall not be opened in the personal names of
the government officials /Special Resolution.
7.Beneficial Ownership of Legal Persons
and Legal Arrangements
1.The regulated person shall acquire and use requisite information
and data obtained from a reliable source, for the following
purposes:
understand the nature of the customer’s business and its ownership
identify and verify the identity of the natural persons
where there is doubt , verification of the natural person who effectively
controls the legal person or who have executive authority should be
done
where no natural persons are identified under clause (b) or (c), identify
the natural persons having executive authority in the legal person
2. Verification in case of trusts
identify and verify the identity of the settlor, the trustee, the protector
(if any), the beneficiaries (
8. Identification of Beneficiary for Life
Insurance or Takaful Policies
1.An insurer/ takaful operator shall conduct the following CDD
measures for the beneficiary of life insurance or takaful a
Obtain the full name and identity of the beneficiary
Verifications should occur at the time of payout.
High-risk Jurisdictions
Shell Financial Institutions
MISCELLANEOUS (Cont.)
Appointment of Compliance Officer
Appoint a management level officer as compliance
officer
access to all customer records
Responsibilities as defined under the Recommendation
18
Financial Groups
implement group-wide programmes against ML/TF
20. Screening and Training
have screening procedures to ensure high standards when hiring
Employees
develop and implement a comprehensive employee due diligence policy
chalk out and implement suitable training program for relevant
employees on annual basis
21. Penalty
Any person who contravenes or fails to comply with any provision of these
regulation made shall be liable to pay such sum as provided in section 40
of the Securities and Exchange Commission of Pakistan Act, 1997 (XLII
of 1997), in addition to any penalty provided under AML Act.
Thankyou
Email:sumera.baloch@fmu.gov.p
k