Compliance Function & Culture Presentation PDF

COMPLIANCE CULTURE AND FUNCTION Presented by: Group Conduct and Compliance 23 Feb 2024 10:32 Our Corporate Philosophy Our vision To be the world’s most respected African Bank Our mission Setting standards for sustainable business practices that; unleash the talents of our employees, deliver superior value to our customers and provide innovative solutions for the markets and communities we serve. Our core values – Leadership – Excellence – Empowered employees – Passion for customers – Professionalism – Innovation 1 Course Outline Module 1: Conduct and Compliance Group: Structure, Function and Culture Module 2: Anti-money Laundering and Countering Financing of Terrorism Module 3: Know Your Customer, CDD & Beneficial Owners Module 4: Ethics and Conduct Module 5: Whistleblowing 2 Course Objectives To equip the participants with the right knowledge of the compliance function. To understand the basic principles of fighting money laundering and terrorist financing To educate trainees on the need for proper KYC in line with the Bank’s vision To guide trainees on their duty in fighting bribery and corruption To instill the essence of right conduct for the business of banking 3 MODULE 1 CONDUCT AND COMPLIANCE GROUP: STRUCTURE, FUNCTION AND CULTURE What Is Compliance? The Compliance Function is responsible for ensuring observance with policies, all applicable laws, regulations and corporate ethical standards of a Business both locally and internationally Compliance is a middle office function which entails the process of observance and ensuring conformity with regulatory requirements. It takes care of such risks as reputation and regulatory risks and indirectly some aspect of operational risk. The Compliance risk is the risk of impairment to the bank's business model, reputation and financial condition from failure to meet the laws and regulations, internal control standard and policies. What does the term ‘Compliance' describe? – The term compliance describes the ability to act according to an order, set of rules or request. In the context of financial services, business compliance operates at two levels. – Level 1 - compliance with the external rules that are imposed upon an organization as a whole – Level 2 - compliance with internal systems of control that are imposed to achieve compliance with the externally imposed rules. 5 What Is Compliance Risk? “The risk of regulatory sanctions, material financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with laws, regulations, rules, related self-regulatory organization standards, and codes of conduct applicable to its banking activities “ Compliance Culture Statement At Access Bank, we personify the highest levels of professional conduct by complying with all applicable laws, guidelines and standards while delivering superior value to our customers. Sources of Compliance Risk External Internal –Laws & Regulations Failure to comply with the requirement of : –EFCC –Code of Conduct –NDLEA –Gifts Policy –TAX –Conflict of interest –CAMA –Insider dealing –BOFIA –KYC –CBN Policies –Advertising –SEC –Product approval process 6 Characteristics of a Good Compliance Officer  Competent Professional and  Discretionary Self-motivated.  Impartiality  Meticulous and adhering to details  Knowledgeable in good corporate  Critical mind governance/general control  Risk Focussed  Neutrality  Confidentiality and Independent  A proactive attitude  Good interpersonal relation with regulators and law enforcement agents  Independence of judgement  Good Knowledge of laws and regulations affecting the its environment/industry  Natural authority to convince and to robustly locally and internationally resist opinions or positions deemed inappropriate and relevant experience in the business activities conducted by the bank 7 Conduct and Compliance Objectives Support the first line of defence to ensure effective business operations Uphold compliance with applicable laws and regulations Maximize opportunities and Minimize risks Optimize efficiency and effectiveness by embedding compliance in the system Safeguard stakeholders interest and assets Ensure that employees are aware of their compliance responsibilities Mitigate the risk of compliance breaches Encourage a better workplace culture Remove legal liability from the bank in the event of wrongdoing Protect the organization’s reputation. 8 Summary of Key Functions & Activities Regulatory Surveillance Compliance Unit: Handle regulatory enquiry responses and act as liaison for the Bank on Legislative and Regulatory matters., international /Local AML regulations, Coordinate all management and staff invites to law enforcement, and regulatory authorities. Establish healthy partnership with Regulators and law enforcement, Environmental scanning for regulatory information & updates on Circulars/Acts/Manuals, etc. Financial Crimes Compliance Unit: AML/CFT risk assessment, High Risk (Sanctions, PEPs etc.) transaction monitoring, KYC & Due Diligence activities, stripping monitoring, EDD reports on high-risk accounts, monitoring of specialized products and review of activities on staff accounts, review of STRs, etc. Head Office Compliance Unit: Responsible for all Information System Security issues, I.T standards, UAT, Certification of applications and Archive function, Cloud and Cybersecurity checks, Data Center spot check, Data center management and environmental review, Review of Data and File system back up, Monitoring of EOD, Database Performance management review, staff exit review, Handles transaction & threshold monitoring function, Head Office monitoring, GL reconciliation, Monitoring payments of staff emoluments and other benefits, Monitoring process of Procurement and Disposal of assets and consumables, Monitoring of Risk Assets and collateral documents, unusual posting/transactions review, Monitoring of Contracts and Matured Obligations and NEFT/NIBSS transactions, Treasury Unit’s Voice logger monitoring, Embassy verification, auditors’ & registrars’ enquiries, Responsible for review of mobile services products, Review of Mobile Financial Services (MFS) & Digital Loans, review of Token Issuance and Linking to Customers and Reset, Review of Payment & Collection Platforms, Review of limits across our E-banking Channels, agency banking reviews, merchant onboarding reviews, etc. Retail Compliance Unit: Responsible for KYC review of new and existing accounts, monitoring of branches’ control log, review of closed accounts, spot checks, training of branch operations’ staff, vault and cash administration, etc. Compliance & Internal control Functions 9 Summary of Key Functions & Activities Global Compliance Advisory Unit: Responsible for issues on Compliance training & Awareness, information on Ethics, Anti-Bribery & corruption risk assessment, Policy review and sensitization, rule book monitoring, customer complaints’ resolution review, staff attestation and accounts declaration, Responsible for monitoring and resolution of bank wide audit exceptions, report on new exceptions captured in Bank wide Exception log, coordination of weekly Audit Exception Review meeting, co-ordination of Regulatory Examinations, etc. Subsidiaries Conduct & Compliance Unit: Acts as the liaison between the Group Office and the subsidiaries, performs oversight responsibility of compliance monitoring of subsidiaries, dissemination of policies/SOPs to the subsidiaries for adoption, Subsidiaries Daily Trial Balance Review, Review of the weekly cheque kiting report from countries, Review of country compliance to the group policies with respect to Principal Officer's expenses, Off Site Compliance Review of Countries, etc. 10 The Three Lines of Defence Model Businesses Internal Audit Compliance Monitoring and Testing Responsibilities: Own and manage their compliance Responsibilities: Develops risk-basedResponsibilities: Develops independent audit plans risks and implement and maintain internal control Compliance Monitoring and Testing plans toto test controls across the entire enterprise, frameworks and quality assurance mechanisms to assess businesses and other functions’providing independent assurance that the firm’s risk prevent and detect control or conduct breaks, with adherence to Access compliance risk appetite management and internal control processes are appropriate consideration of the business’s operating effectively characteristics, Access’s risk appetite, legal and regulatory requirements, and Access Bank’s obligations to its customers. Controls validation: Utilize in- business risk control Controls validation: Utilizes ongoingControls validation: Executes audits, which may functions, quality assurance processes, or both to verify Compliance Monitoring, periodic Complianceinclude assessments of controls in Access’s the effectiveness of controls including through the Testing, and other quality controls to providebusinesses and other functions and of Compliance’s Manager’s Control Assessment process reasonable assurance that Access Bank isoversight activities to mitigate compliance risk, to complying with applicable key laws,provide independent assurance on the design and regulations, and Standards operating effectiveness of controls Escalation Practices: Adopt and follow reporting and Escalation Practices: Escalates monitoringEscalation Practices: Issues Internal Audit reports escalation protocols that generate appropriate key risk exceptions, issues Compliance Testing reports,and tracks remedial actions, which are monitored and performance indicators for management’s review, and tracks remedial actions, which areand reported on through management report issues to management committees (e.g., the monitored and reported on through Business Risk Compliance and Control Committees), and management committees, boards, and design and implement corrective actions to remediate committees of boards issues and deficiencies in controls 11 The Compliance Function Mandate  Increasing regulatory intelligence watch to keep abreast with Focus on Regulatory regulatory environment and strengthen our relationship with Intelligence Watch regulatory bodies.  Strengthen relationship with regulatory bodies and perform more intelligence gathering activities  Improve the effectiveness of internal controls through an effective compliance culture by doing the “right thing at all times” “Set and promote Strengthen Internal Controls sound compliance  Establish the appropriate policies, standards and procedures culture aimed at for risks and controls documentation and evaluation across the first and second line of defence making the Bank a front runner in the  Ensure systematic migration of manual controls into system Compliance controls thereby moving from overly detective to preventive regulatory landscape controls through automation of our control processes  Holding first line of defence responsible for non-compliance  Transfer knowledge through the adoption of ‘train the trainer’ approach Empower First Line of Defense  Promote a strong compliance culture and management of risk exposure by improving the compliance responsibility as business advisory partners to the first line of defence  Commence the implementation of new compliance risk management framework anchored on ‘culture’ and enhanced behavioural change 12 Who Is A Chief Compliance Officer? Generally, the Chief Compliance Officer (CCO) is the individual responsible for the effective management of the compliance risk in the bank. It is an international standard that all institutions should appoint one as part of its business practice. In Nigeria, the Money Laundering Prohibition and Prevention Act 2011 as amended in 2022, under Section 9 makes it mandatory that all financial institution must have Chief Compliance Officers at the management level (CBN GM) at its headquarters and at every branch and local office. The function Of Compliance is not exclusive of the Compliance Group. It is important to note that failure to adhere to compliance issues may result in significant adverse / negative publicity and reputation damage even if no sanction is filed against the bank. The Chief Compliance Officer is therefore, any designated staff who is saddled with the responsibility of ensuring that the bank complies with all laws and regulations governing the line of business in which the bank operates. The CCO reports to the Executive Compliance Officer who is an Executive director. DMBs are required to appoint not only a CCO who must not be below the rank of a General Manager regardless of the category of institution but also an Executive Compliance Officer (ECO) who should not be below the rank of an Executive Director 13 The Chief Compliance Officer & The Bank’s AML Program The Chief Compliance Officer MUST:  Have full responsibility for overseeing, developing, updating and enforcing the AML Program  Have sufficient authority to oversee, develop, update and enforce anti-money laundering policies and procedures throughout the bank.  Be competent and knowledgeable regarding: –Money laundering issues and risks –The anti-money laundering legal framework The Chief Compliance Officer’s responsibilities include:  Developing policies and procedures designed to deter and detect money laundering and terrorist financing  Implementing the AML Program  Directing and enforcing the AML Program  Ensuring the training of employees on the AML Program  Ensuring independent audits of the AML Program 14 14 The Chief Compliance Officer & The Bank’s AML Program/2  Developing policies designed to deter and detect money laundering and terrorist financing includes having: A clear corporate policy against involvement in money laundering and terrorist financing. A clear corporate policy supporting deterrence and detection of money laundering and terrorist financing through the AML Program. A clear policy on enforcement of the AML Program A clear policy prohibiting retaliation against employees who report suspected violations.  Implementing the AML Program includes setting up written procedures in the AML Program that: Are based on the bank’s actual method of doing business. Are based on a risk assessment of the bank’s vulnerabilities to money laundering and terrorist financing. Are designed to detect activities related to money laundering and terrorist financing Identify “red flags” that may indicate potential money laundering. 15 15 The Chief Compliance Officer & The Bank’s AML Program/3  Directing and enforcing the AML Program includes: –Supervising compliance with the AML policies and procedures. –Updating AML procedures as:  The laws or regulations change  The business operation changes  New risks of money laundering and terrorist financing are identified –Engaging in consistent disciplinary action against employees who do not follow the AML procedures.  Training and education includes: –Training of “appropriate” employees and new employees on the Anti-Money Laundering Program policies and procedures. –Ensuring periodic retraining and updating –Keeping records of:  Employee attendance at training (attendance is mandatory)  Keep records of the training. 16 The Chief Compliance Officer & The Bank’s AML Program/4 Apart from the general provisions of the MLPA 2022 as amended, it is the duty of the Chief Compliance Officer to:  Advice senior management on issues relating to laws, rules, ethical standards that govern the line of business.  Act as resource person on matter of compliance within the organisation and address queries on compliance from staff member.  Act as interface between regulators and the company.  Ensure all statutory returns are sent to required regulatory body as at when due.  Identify deficiencies in policies /procedures and where necessary formulate proposals for amendments. 17 Components of an Effective Compliance Program Components of an Effective Compliance Program Tools for Effective Compliance Function  Knowledge  A Designated Chief Compliance Officer  Training  Authority  Internal Policies, Procedures, and Controls  Control  Culture  KYC/CDD/EDD/STR/SAR and Transactions Monitoring  Manuals/Handbook  Adequate Staffing  Employee Training Program  Software Solutions  Document Retention  Commitment  Independent Testing of the AML  Contacts/Networking/Building Bridges Compliance Program  Independent Testing  Communication  Expertise 18 Compliance Culture Compliance culture is the establishment and maintenance of a company culture that embraces compliance and builds compliance management into the everyday workflow. Good compliance culture includes: ► Established by top management ► Characterized by senior management example ► Inseparable from the organization structure, processes and management style ► Clearly communicated and embedded in activities such as trainings ► Reinforced by a penalty system for non-compliance. ► Integral to information system and their use and management ► Incorporated in enterprise risk management ► Establishes control points for the risk elements Building a culture of compliance-The Three C’s Of Compliance Communication 2 Confirmation This includes Monitoring, This includes creating 1 Testing adequacy of controls & processes awareness on policies, e.tc. procedures and regulations etc. Correction 3 Here we ensure that product & process owners close gaps identified Benefits of a good Compliance Culture Vs Lack of It Benefits Lack Avoidance of criminal charges Regulatory scrutiny Strong brand reputation and awareness Heavy fines from regulators Greater operational efficiency Loss of key personnel (jail term or retrenchment) Better compliance planning Remediation costs Improved bottom-line Employee loyalty, trust and retention Reputational loss Compliance and Co-operation with other Groups Legal –Developments in legislation and the consequences for Group and/or a specific Group entity. –Complaints handling/Special investigations Human Resources –Implementing internal regulations, codes of conduct –Measures in case of compliance incidents –Information and training of (sensitive) staff Internal Audit –Audit reviews –Special investigations –Risk assessments Financial Control & Strategy –Regulatory reporting –Account with CBN Business Units –Customer onboarding –Transaction monitoring –Special accounts regulatory requirements 22 MODULE 2 ANTI MONEY LAUNDERING / COUNTERING FINANCING OF TERRORISM / COUNTERING PROLIFERATION FINANCING (AML/CFT/CPF) Money Laundering – Facts The conversion or transfer of property ( i.e. money, goods, commodities, But why? etc.) knowing that such property is derived from a criminal offence, for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such crime to evade the legal consequences of such actions To avoid assets To divert attention forfeiture of LEAs Involves: Concealment, disguise, possession, transfer, receipt, conversion, disposal, removal, participation in, association with, conspiracy to commit, attempt to commit, aiding, abetting, facilitating and counselling. To offer economic To disguise origin justification for of wealth/Fund transaction Regarded as a ‘Catch-all’ offence. sources To get away with Criminal liability, Civil or Administrative liability apply to Natural and Legal To destroy crime and escape persons evidence of crime punishment Deception is the art of ML and ML is a derivative crime. To legitimize illegal funds Beware of Wilful blindness (deliberate avoidance of obvious facts.) Money Laundering Stages Placement Layering Illegal proceeds from illegal activities are Integration placed into financial Various layers of system multiple transactions, wire transfers, to Illegal funds and conceal the origin of assets are the illegal proceeds successfully and to complicate cleansed and now the tracing of funds appear legitimate Money Laundering Stages – Typical Scheme Money Laundering – Red Flags Money Laundering – Predicate Offences Participation in an organized criminal group and racketeering Illegal activities that give rise Terrorism, including terrorist financing to Money Laundering Trafficking in human beings and migrant smuggling Sexual exploitation, including sexual exploitation of children Illicit trafficking in narcotic drugs and psychotropic substances Illicit arms trafficking Illicit trafficking in stolen and other goods Corruption and bribery Fraud Counterfeiting currency Counterfeiting and piracy of products Environmental crime Murder, grievous bodily injury Kidnapping, illegal restraint and hostage-taking Robbery or theft Smuggling; (including in relation to customs and excise duties and taxes) Tax crimes (related to direct taxes and indirect taxes) Extortion Forgery Piracy Insider trading and market manipulation Terrorist Financing – Facts Terrorist Financing is the financing of terrorist acts, and of terrorists and terrorist organisations. (FATF definition). Use the formal Sources of funds banking system, Crime of Use techniques informal value- purpose, like those of ML transfer usually for to evade systems, ideology, authorities' Legitimate (Fund Raising and Collection Hawalas and of membership dues/subscription, Sale publicity and attention and to Hundis and, the of publications, cassettes and other political protect the oldest method items, Speaking tours, cultural and purpose. identity of their of asset- social events, Door-to-Door solicitation sponsors and transfer, the and Appeal to wealthy members of the of the ultimate physical community and Donations of a portion beneficiaries of of personal earnings); or transportation of the funds. cash, gold and other valuables through smuggling Illegitimate (Criminal Activities, Extortion routes. and Kidnapping, Smuggling and Fraud and Misuse of NGOs) ©2019 ACCESS BANK PLC 29 Terrorist Financing – Red Flags Occupation of the customer not in line with type of activity in the account. Persons involved in currency transactions share an address or phone number that does not correspond to the occupation Fund transfers are ordered in small amounts to avoid triggering identification or reporting requirements. Multiple cash deposits in small amounts followed by a large wire transfer to another country. Transactions involving FX are followed by immediate funds transfers to higher-risk locations. Parties to the transaction are from countries known to support terrorist activities and organizations. Periods of transaction dormancy could be the result of terrorist training or engagement in combat. Regarding non-profit or charitable organizations, financial transactions occur for which there appears to be no logical economic purpose or no link between the stated activity of the organization and the other parties in the transaction. Multiple personal and business accounts or the accounts of non-profit organizations or charities are used to collect and funnel funds to a small number of foreign beneficiaries. Client accesses accounts, and/or uses debit or credit cards in high-risk jurisdictions, specifically countries (and adjacent countries) under conflict and/or political instability or known to support terrorist activities and organizations. Sudden settlement of debt(s) or payments of debts by unrelated 3rd parties. Your Responsibility : File STR when any of the red flags is noticed Counter Proliferation (and Financing) of Weapons of Mass Destruction The FATF defines proliferation of weapons of mass destruction (WMD) as the transfer and export of nuclear, chemical or biological weapons, their means of delivery and related materials. Proliferation might be a means for supporting the undertaking of terrorist activities. Its disruption is therefore essential for the prevention of terrorist acts because it not only affects the financial system but also all citizens. Moreover, the process of proliferation financing often uses the same channels as terrorist financing. So, measures to be applied in order to disrupt proliferation financing would often be like the measures applied to counter terrorist financing. The FATF Recommendations 7 and 9 contain specific measures (especially on targeted financial sanctions to counter proliferations) that complement the United Nations Security Council Resolutions with respect to proliferation financing: The global approach aimed at preventing non-state actors from taking part in proliferation-related activities The country-specific approach against the Democratic People’s Republic of Korea (DPRK) and the Islamic Republic of Iran Essentially, jurisdictions must ensure that proliferation-related assets are frozen and have national mechanisms in place to do so effectively. Common Proliferation Financing Red Flags  “Many-to-one” transaction clusters, or an account receiving many low-value transactions from other accounts, which could indicate fundraising activity  The parties to the transaction (owner, beneficiary, etc.) are from countries known to support terrorist activities and organizations  Inclusion of an individual involved in the transaction on the United Nations 1267 Sanctions list and other sanctions lists  Media reports that the account holder is linked to known terrorist organizations or is engaged in terrorist activities  A change in currency usage such as a sudden shift to financial instruments that are less transparent  Transaction pattern displays inflows/cash deposits 24hrs to 168hrs prior to previously publicized terrorist attacks, displays zero transactions during the period of the previously publicized terrorist attack or up to 24hrs thereafter.  Transactions that concern dual-use, proliferation sensitive or military goods whether licensable or not, or that involve individuals or entities in a foreign country of proliferation concern  Inconsistencies in information contained in trade documents and financial flows e.g., names, addresses, destination. false end-use certificates and forged export or re-export certificates.  There are more; please refer to the Bank’s Framework on Combating Terrorism Financing and Proliferation  Your responsibility is to file STR when any of the red flags is noticed ©2019 ACCESS BANK PLC 32 What are we doing as a Bank? Management approved framework Compliance with Transactions AML/CFT/CPF (including CBN Monitoring risk assessment prohibited AML/CFT/CPF businesses, countries, etc.) Screening at Sensitization Regulatory Customer and awareness surveillance Onboarding ©2019 ACCESS BANK PLC 33 Demystifying Weapons Proliferation ©2019 ACCESS BANK PLC 34 ML vs TF vs PF MONEY LAUNDERING TERRORIST FINANCING PROLIFERATION FINANCING Motivation Profit Ideological Ideological Source of funds Illegitimate Legitimate and illegitimate Legitimate and illegitimate Favors cash couriers or informal Favors both formal financial system and financial systems such as Conduits Favors formal financial system. informal financial system; may also Hawala and currency exchange employ virtual assets (crypto, etc.) firms. Suspicious relationships and the Suspicious relationships and the Detection focus Suspicious transactions transactions thereof transactions thereof Transaction Large amounts often structured Small amounts usually below Both large and small amounts to avoid reporting requirements. reporting thresholds. Complex web of transactions No workable financial profile of Complex structuring – structured to hide often involving shell or front operational terrorists exists, Financial activity the origin of the funding as well as what companies, bearer shares, and according to U.S. 9/11 funds/assets are ultimately intended for. offshore secrecy haven. Commission Circular – money eventually Linear – money generated is Linear – funds tend to be used to Money trail ends up with person who used to propagate terrorist purchase materials and goods from generated it group and activities. manufacturers, traders, etc. Suspicious activities Often sophisticated – individuals, /transactions which appear Suspicious relationships such as entities, States, goods, materials, Reg flags uncharacteristic when wire transfers between activities. May involve false compared with prior knowledge seemingly unrelated parties accounting/invoicing or other falsified and expectations documentation. Redesigned STR Filling Process on Processmaker Regulation Key Modifications to the existing process Section 34 of AML/CFT/CPF Regulation 2022 requires i) Reduction in the level of approvals the Bank to forward to NFIU within 24 hours, the report ii) Decentralization of STR filing through GOAML of suspicious transactions relating to funds derived from iii) Updating the Bank’s section to accommodate illegal or legal sources are intended to be used for any correspondence banks and their swift codes. act of terrorism, proceeds of a crime related to terrorism iv) Enhancement of the account number field to accept financing or. Proceeds belonging to terrorist, terrorist alphanumeric and more than 10 digits entity, or organization. Mandatory Requirements (Upload) Previous STR filling process does not meet the 24hours i) Account Opening Package and source documents reporting timeline, which violates the CBN regulation. ii) Account Statements(at least one year or from the This led to the redesigned STR process that ensure inception of the account) STRs are filed within 24hours. iii) Customers’ information page( spooled from Infopool) Procedure iv) Investigation Report Log on to Processmaker and click on New Case (this Key Success Factor to STR Filling can be done on PC or Mobile Phones). i) Log quality STRs, identify why the transaction or Under No Category, click on Monitor Suspicious activity is suspicious Transaction (Log STR) as shown in the first picture ii) Do not engage in tipping off – Illegal way of notifying below. Customer on whose STR is being filed and Then fill the details and attach necessary documents as investigated. shown in the second picture below. iii) Timely reporting of STR. ©2019 ACCESS BANK PLC 36 How to File STR/SAR Cont.’ SAR Filling IMTO (Non- Account Holder) Follow through the STR filing steps from 1-5 Follow through the STR filing steps from 1-4 Download the XML , log into GOAML and upload the XML with other necessary Submit the STR and then go edit the XML documents manually on notepad. Get the NFIU ID and input it on the NFIU report ID field to enable you submit and close Log into GOAML and upload the XML with other up the case on process maker. necessary documents Local funds, foreign transfer, Cash deposit and withdrawal, IMTO (Account holder) Get the NFIU ID and input it on the NFIU report ID Claim the STR case on Download the XML field to enable you submit and close up the case file, Copy the NFIU on process maker. process maker from your report ID and update unassigned the log. Checks and Balances Download the Submit the STR and it Login into GOAML portal investigation Report and takes you to the last STR report by clicking page where you have https://goaml.nfiu.gov.ng/Home on the “OPEN” tab the NFIU Report ID Download the uploaded Review the inputs Click on submitted reports to made by the initiator check the status of the STR filed documents attached to to ensure it fits into the STR by the Initiator GOAML XML format ©2020 ACCESS BANK PLC 37 How to Log STR on Processmaker ©2019 ACCESS BANK PLC 38 Law Enforcement Agencies and Regulatory Authorities Law enforcement agencies and regulatory authorities in Nigeria are given priority due to the essential duty they perform in ensuring compliance with laws, regulations, directives and policies. Central Bank of Nigeria (CBN) Nigeria Deposit Insurance Corporation (NDIC) Securities & Exchange Commission (SEC) Economic and Financial Crimes Commission (EFCC) Nigeria Financial Intelligence Unit (NFIU) Special Control Unit Against Money Laundering (SCUML) National Drug Law Enforcement Agency (NDLEA) Nigeria Police Force (NPF) Nigeria Security and Civil Defence Corps (NSCDC) CBN AML/CFT/CPF Regulations 2022 AREA PROVISIONS KYC Section 20: A financial institution shall identify their customers, whether permanent or occasional, natural or legal persons, or legal arrangements, and verify the customers’ identities using reliable, independently sourced documents, data or information. CDD Section 19: A financial institution shall undertake CDD measures when: Business relationships are established Carrying out transactions above US$1,000 or its equivalence in other currencies Carrying out wire transfers (cross-border or domestic) or when debit/credit cards are used as payment means There is a suspicion of money laundering or terrorist financing There are doubts on veracity or adequacy of previously obtained customer identification data EDD for High- Section 28:…shall perform enhanced due diligence for higher risk customers, business relationships Risk Accounts or transactions including non-resident, private banking, personal asset-holding vehicles (trusts), companies with nominee shareholders or shareholders in bearer forms, PEPs, cross-border amongst others …give special attention to business relationships and transactions with persons, including legal persons or other financial institutions, from countries which do not or insufficiently apply the FATF recommendations …A financial institution that does a business with foreign institutions which do not apply the provisions of FATF recommendations shall take measures… ©2019 ACCESS BANK PLC 40 CBN AML/CFT/CPF Regulations 2022 AREA PROVISIONS BENEFICIAL Section 21: A financial institution shall verify and take reasonable steps to verify the identity of a beneficial owner, OWNERSHIP using relevant information or data obtained from reliable source to satisfy itself that it knows who the beneficial- owner is. …in respect with all customers, determine whether the customer is acting on behalf of another person or not…and take reasonable steps to obtain sufficient identification data and verify the identity of the other person. PEPs Section 29: …obtain senior management approval before they establish business relationships with a PEP… …take reasonable measures to establish the source of wealth and the source of funds of customers and beneficial-owners identified as PEPs. …shall conduct enhanced and ongoing monitoring of the relationship…in the event of any transaction that is abnormal...flag the account and report the transaction immediately to the NFIU as a suspicious transaction STRs Section 38: Where a transaction Involves a frequency which is unjustifiable or unreasonable Is surrounded by conditions of unusual or unjustified complexity Appears to have no economic justification or lawful objective In the opinion of the FI…involves terrorist financing or is inconsistent with the known transaction pattern of the account or business relationship The transaction shall be deemed suspicious Section 38 (2):..suspects that the funds mentioned above are intended to be used for terrorist financing (whether source be legal or illegal), proceeds of crime related to TF or belong to person, entity or organization considered as terrorists, it shall immediately report the matter to NFIU and will not be liable for violation of confidentiality rules and banking secrecy obligations Section 38 (3):…not later than 24 hours (shall) draw up a written report containing all relevant information on the ©2019 ACCESS BANK PLC transaction, together with identity of the principles and beneficial owners 41 CBN AML/CFT/CPF Regulations 2022 AREA PROVISIONS Wire Transfers Section 33: For every wire transfer of US$1,000, the ordering financial institution shall obtain and maintain the following information relating to the originator of the wire transfer: The name of the originator The originator’s account number (or reference number if the former does not exist) The originator’s address (or national identity number) Other Forms Section 40:..shall report in writing any single transaction, lodgment or transfer of funds in excess of of Reporting N5,000,000 and N10,000,000 or their equivalent made by an individual and corporate body respectively to the NFIU Record Section 35 (1): FIs shall maintain all necessary records of transactions, both domestic and Keeping international for at least five years after completion of the transaction or such longer period as may be required by the CBN and NFIU, provided that this requirement shall apply regardless of whether the account or business relationship is ongoing or has been terminated. ©2019 ACCESS BANK PLC 42 CBN Guidance on Tiered KYC: Three Tiered KYC Requirements Tier 1 requirements: Basic customer information (passport, name, date, place of birth, gender, address, telephone number, etc.); verification or evidence of information provided not required Account must be monitored closely by the Bank No amount required for account opening Maximum single deposit amount is limited to N50,000 and maximum cumulative balance of N300,000 No third-party withdrawals allowed International transfers strictly prohibited Strictly savings account Tier 2 requirements Evidence of customer information must be provided by customer and verified by the Bank against official databases of NIMC, INEC, FRSC, etc. No amount required for account opening International transfers strictly prohibited Maximum single deposit amount is limited to N100,000 and maximum cumulative balance of N500,000 Tier 3 requirements (requirements as stated in Tier 2 with additions and exceptions as follows) KYC requirements shall apply No amount required for account opening International transfers strictly prohibited There is no limit to cumulative balance, deposit and transactions MODULE 3 KNOW YOUR CUSTOMER (KYC) Know Your Customer – Definition and Components Know Your Customer (KYC) is the due diligence and bank regulation that financial institutions and other regulated companies must perform to identify their customers and ascertain relevant information pertinent to doing financial business with them. Know – What you should know? –Make reasonable effort to determine identity and beneficial ownership of the accounts –Permanent address, registered & administrative address –Know the sources of funds –Know the nature of customers’ business –What constitutes reasonable business/accounts activity? –Monitor the transactions carefully against documents and profiles and even peers –Other documents available for ML risk assessment –Who your customer’s customer are? Your – Who should know? –Account Officers and Relationship Managers (the Business). Customer – Who is he/she? –A real person or organization –Anybody the Bank would want to deal with whether they have an account with us or not –One who maintains an account, establishes business relationship, on who’s behalf account is maintained, beneficiary of accounts maintained by intermediaries, and one who carries potential risk through one off transaction. KYC: Business Advisory Tool for Customer Understanding Salary = N150K/ Month Uses 4G phone; communication through voice and text alone Transacts mainly in cash Rented apartment in the Attend public school suburb Wife + 4 kids Visits bank on pay day and 2-3 other days Supermarket Owner DSTV or Local Takes public Channels transport to work Requires balance Education - Technical confirmation regularly 46 Filling the KYC Form These customer’s details must be filled as accurately as possible The name of the staff/officer that introduced the customer Must be a specific occupation and not generic Name of company in full Details must be filled accurately ©2019 ACCESS BANK PLC 47 Filling the KYC Form This must be checked These must be filled accordingly depending on customer type These must be filled accordingly as well; none should be left blank Authorized signatories as indicated should sign ©2019 ACCESS BANK PLC 48 Filling the KYC Form These must be filled accordingly; none should be left blank. For more information on “high risk businesses”, please check the Bank’s Compliance Manual Authorized signatories as indicated should ©2019 ACCESS BANK PLC sign 49 Filling the KYC Form All parts of the visitation form must be filled and signed by the visiting staff. ©2019 ACCESS BANK PLC 50 High Risk Areas and Codes on FLEXCUBE S/N TAGGING CODE CUSTOMER CATEGORY 1 BANKS DEPOSIT MONEY BANKS 2 INSURANCE INSURANCE COMPANIES 3 REL RELIGIOUS BODIES 4 NGOs NON-GOVERNMENT ORGANIZATION 5 MORT MORTGAGE INSTITUTIONS 6 BDC BUREAU DE CHANGE (MSB) 7 IMTO INTERNATIONAL MONEY TRANSFER OPERATORS (MSB) 8 TRAVELAGEN TRAVEL AGENCIES (DNFI) 9 REALESTATE ESTATE DEVELOPERS, ESTATE AGENTS, BROKERS, ESTATE SURVEYORS AND VALUERS (DNFI) 10 UNKNOWN WHEREABOUT UNKNOWN 11 STOREOFVAL STORE OF VALUES (E.G. INTERSWITCH, VALUECARD, MASTER CARDS) 12 GAMING CASINOS, POOL BETTING & OTHER LOTTERY BUSINESSES (DNFI) 13 TRUST TRUST & COMPANY SERVICE PROVIDERS (DNFI) 14 HOSPITALIT HOTELS AND OTHER HOSPITALITY (DNFI) 15 AUTOMOBILE IMPORTERS AND DEALERS IN CARS OR ANY OTHER AUTOMOBILE (DNFI) 16 GOVT GOVT PARASTATAL/COMPANIES 17 SUPERMARKT SUPERMARKETS (DNFI) 18 PEP/FEPS POLITICALLY/FINANCIALLY EXPOSED PERSONS(PEPS/FEPS) 19 NONRES NIGERIANS IN DIASPORA 20 MINORS EARLY SAVERS 21 MINORS SOLO 22 OIL&GAS OIL & GAS SECTOR 23 CONSTRUCTN CONSTRUCTION COMPANIES (DNFI) 24 OFI OTHER FINANCIAL INSTITUTIONS 25 HNI HIGH NET WORTH INDIVIDUAL-PREMIUM 26 GATEKEEPER AUDIT FIRMS, TAX CONSULTANTS, NOTARIES, LAW & ACCOUNTING FIRMS (DNFI) 27 HIGHVALUE JEWELRY, LUXURY GOODS, PRECIOUS STONES & METALS (DNFI) 28 CONSULTANC CONSULTANTS, CONSULTING COMPANIES, CLEARING AND SETTLEMENTS COMPANIES (DNFI) 29 MECHFARMIN DEALERS IN MECHANIZED FARMING EQUIPMENT & MACHINERIES (DNFI) 30 IMPOTEXPOT IMPORTER & EXPORTER (NON-OIL & GAS) 31 TELECOMS TELECOMMUNICATION SECTOR 32 WATCH CUST WATCHLISTED CUSTOMERS 33 SBDC Specialized BDC 34 GLOBAL/VEN GLOBAL AND VENTURE 35 STJLGACC JAAC 36 LOCGOVT LOCAL GOVERNMENT 37 LAWENFORCE Law Enforcement Agencies and Their Top Level Officers 38 REGULATORS Regulatory Agencies and Their Top Level Officers Customer Due Diligence “A Financial Institution shall verify its customer’s identity and address before opening an account for, issuing a cheque book to, entering into a transaction with, renting a safe deposit box to or establishing any other business relationship with the customer”. Extends to: –Verifying customer’s identity from independent sources –More than simple customer identification and not just about document collection –Identifying and verifying beneficial ownership and control –Establishing intended purpose and nature of the business relationship –Conducting ongoing due diligence and scrutiny of the relationship and transactions. –key preventive measure and an essential component of identifying suspicious transactions –There is need to know what the customer needs the RM or AO for. New Customer Due Diligence Regulation – CBN 2023 The new Regulation made provision for personal liability (penalties) for other staff apart from ECO and CCO which was provided for in the CBN 2018 Administrative Sanctions. Customer identification The items below are now made mandatory for individual accountholder: Tax Identification Number (TIN) Date and place of birth. Telephone number Verification of customer identity The Regulation also made provision for verification of customer identity through: Telephone numbers, particularly for wallet providers, through independent process, including validation against the NCC database or geo-mapping Maintain a BO register that includes shareholding, voting rights, controlling interests, source of wealth, and PEP status. External and Non-resident Non-Nigerian accounts  In line with Memorandum 17 of the CBN Foreign Exchange Manual, Fl shall satisfy itself that a customer is permanently resident outside Nigeria when establishing a banking relationship for external and non-resident non-Nigerian customers. 53 New Customer Due Diligence Regulation – CBN 2023 contd. Tipping off Where a financial institution suspects that a transaction relates to ML/TF/PF and it believes that performing the CDD process may tip-off the customer, it shall - Not pursue the CDD process; and File an STR to the NFIU, immediately. Tiered Know-your customer Tiered KYC shall apply to individuals only and shall not apply to legal persons and legal arrangements Record keeping Ensure that documents, data, or information collected under the CDD process is kept up-to-date and relevant. For high-risk customers – Every 12 months For moderate risk customers – Every 18 months For low-risk customers – Every 3 years Trusts Where the arrangement for a Foreign Trust or Foundation is opaque or information on the parties to the legal arrangements cannot be provided because it is incorporated in a jurisdiction (such as tax havens and offshore financial centers) that makes it impractical to do so, the Fl shall decline to open an account for the legal arrangement.. Blind trust FIs shall obtain and understand the Trust Agreement in a Blind Trust such that the grantor, settlor or trustor and beneficiary are identified. 54 New Customer Due Diligence Regulation – CBN 2023 contd. Refugees’ Asylum seekers FIs shall use identification issued by the Nigerian immigration Services or other recognizable, government agency to render banking service to refugees or asylum seekers. Electronic KYC FIs shall adhere to e-KYC requirements as stipulated in the CBN Guidelines on e-KYC and the CDD measures stipulated in these Regulations (where applicable) as it relates to digital products, and customer onboarding Correspondent banking relationship Financial institution shall terminate an account with a correspondent bank that fails to provide satisfactory answers to questions including confirming the identity of customers involved in unusual or suspicious circumstances Non face to face customer conduct regular monitoring of internet-based business or customers and where a sign significant proportion of the business is operated electronically, computerized monitoring systems or solutions that are designed to recognize unusual transactions and related patterns of transactions shall he put in place to recognize suspicious transactions; and ensure that in all cases, evidence as to how identity has been verified shall be obtained and retained Wit tithe account opening records 55 CDD: PROHIBITED ENTITIES, PERSONS, COUNTRIES AND PRODUCTS Countries: Crimean Region of Ukraine, DPRK (North Korea), Syria, Cuba, Iran, South Sudan, Yemen, Russia and Belarus. (Crimean Region of Ukraine The Bank prohibits and does not and Russia are targeted Sanctions) do business with customers that trade on items / goods or Customers: Shell Companies consummate any transaction with narration (being purpose of Channels: Hawala transaction) that is linked to or connected to any of these Special Products: Arms, Illicit drugs, Weapons of Mass Destruction Risk areas: (WMDs)/Weapons Proliferation, Crypto, Narcotics and Human trafficking/smuggling, sniper rifle, short guns, helicopters, torpedo, explosives, vessels of war, spacecraft, bazooka, toxicological agents, nuclear weapons, traumatic weapons, rockets, drones, armoury, propellant, machine gun, etc. From time to time, FATF carries out due diligence and assessment for countries thereby adding to or removing from the list above. Note: Crypto transactions are now permitted subject to meeting the CBN requirements on the operation of Virtual Asset Service Providers(VASP) CDD: HIGH RISK ENTITIES, PERSONS, COUNTRIES AND PRODUCTS Customers: Non-Resident Customer, High Net worth individuals, Trusts, High Risk Products: Wire Charities, NGOs, Firms with sleeping Transfers, FX partners, PEPs, Celebrities, Non- face to Transactions followed by face customers, Those with dubious payment to high-risk reputation as per public information, jurisdiction and Export Casinos, Gambling and Nightclubs, Cattle LCs. Rearers, Fish Sellers, Textile Dealers DNFIs and Government Parastatals Countries: Crimean Important sources of Region of Ukraine, DPRK Information: Sanction lists, (North Korea), Syria, Public record data, Cuba, Iran, South Sudan, News/negative news Yemen, Russia and Risk Assessment information, PEP data Belarus and risk rating / classification by Account Officer and Relationship Manager Note that EDD is necessary for all high-risk customers before we on board them to reduce our risk of ML, TF & PF The Ultimate Beneficial Owners (UBO) – Basic CDD Requirement Beneficial ownership of a financial account, is conventionally understood to refer to the person who maintains ultimate control over funds in an account through ownership or other means. The specific definition of a beneficial owner of a legal entity includes an individual who owns or controls, directly or indirectly, greater than a certain percentage of the legal entity. In Access Bank, beneficial owners' control 5% or more of the company‘s shares, and any subsequent transaction in the shares. As part of the CDD measures, financial institutions are required to identify the beneficial owner, and take reasonable measures to verify the identity of the beneficial owner during the Onboarding. This process would also be applied when there is reasonable ground to conduct Enhanced due Diligence(EDD), on the Customer. The ability to determine if customers or beneficial owners are PEPs fully depends upon the effective implementation of CDD measures, including the identification, verification, and ongoing due diligence requirements set out by a financial institution Determination of Beneficial Owners (BO) The MLPA and the CBN AML/CFT/CPF Regulations,2022, defines Beneficial owner (BO) as the natural person(s) who :  Ultimately owns - holds at least 5% of the issued shares in the legal person either directly or indirectly;  Controls a customer and/or the natural person (but not limited to) who: a. Exercises at least 5% of the voting rights in the legal person either directly or indirectly; b. Holds a right directly or indirectly, to appoint or remove majority of the directors or similar positions of the legal person;  On whose behalf a transaction is being conducted; and/or  Who exercise ultimate effective control over a legal person or legal arrangement - exercise significant influence or control, directly or indirectly, over the legal person. Sources for determining of Beneficial Ownership (BO)  Certificate of incorporation  Particulars of shareholders  Memorandum and Articles of Association (MEMART)  Minutes of meetings and Resolutions  Partnership agreements and Bye-laws  Annual returns/financial statements/CAC Registrar Determination of Beneficial Owners (BO) Red Flags for Identifying BOs Our Obligation With Regards to UBOs  Any nominee agreement that shows who  Create, maintain and continually update the UBO exercises real control behind a shareholder register with records or information collected through arrangement; CDD or other sources.  A shareholders’ agreement that shows a natural  Flag and report inconsistency or discrepancies person is able to control the shares of more than between the BO information in the register and the one shareholder, effectively giving control; UBO information in the records to the Corporate  Documentary evidence that a natural person is Affairs Commission (CAC). able to exercise a dominant influence over a legal  Apply risk-based approach in the identification and person; verification of UBOs.  Documentary evidence that the natural person has  Conduct EDD on BOs that pose higher risk, and file the power to appoint senior management; suspicious transaction report with the NFIU, if there  Documentary evidence (for example, an are reasonable reasons to suspect money laundering employment contract) that a director or employee and Terrorist financing. is able to influence a legal person; and  Annual update of AML/CFT/CPF internal policies and  Documentary evidence of exercise of dominant procedures to mitigate identified risks relating to BO. influence over the transactions of the legal  Where a UBO is identified as PEP, the Onboarding entities/arrangements. and approval will be treated in line with the Bank policy on Onboarding of PEP Customers. E x a m p l e of Multi-layered B e n e f ic ia l O w n e r s h i p Hassan owns Ada owns Ada owns David owns Femi owns 60% 40% 331/3% 331/3% 331/3% Company A owns 50% Company B owns 50% Customer  For purposes of the case above, Hassan is a beneficial owner of Customer because he owns indirectly 30 percent of its equity interests through his direct ownership of Company A.  Ada is also a beneficial owner of the Customer because she owns indirectly 20 percent of its equity interests through her direct ownership of Company "A“, and 16⅔ percent through Company B for a total of indirect ownership interest of 36⅔ percent.  David and Femi are also beneficial owners because each owns indirectly 16⅔ percent of Customer’s equity interests through their direct ownership of Company B. Unveiling the Ultimate Beneficial Owners (UBO) Natural or Legal Person: Customer Due Diligence Legal Arrangement: required includes: A relationship established by contract between two or Identify and verify the natural persons that have more parties, eg trusts, special purpose vehicles, ultimate controlling ownership interest in a legal beneficiaries and other intermediaries etc. person Customer Due Diligence required includes: Determine if ownership interests is diversified with no natural persons, whether acting alone or with others, exercising control of the legal person or In trust relationship, identify and verify the identity arrangement through ownership. of the settlor, the trustee, the protector, the beneficiaries or class of beneficiaries, any other Where there is doubt in determining the natural natural person exercising ultimate or effective through controlling interest, identify and verify the control over the legal arrangement including natural persons exercising control of the legal through a chain of control or ownership. person or arrangement. In special Purpose vehicles, identify and verify Where a natural person is not identified, the identity of the originator, sponsors, investors or reasonable measures should be taken to verify collateral manager, and purpose of the SPV the identity of the natural person who holds senior through the prospectus or other transaction management position in the legal person. documents. Benefits of Unveiling the UBO Ensures Transparency Levels the playing field Helps detect crime Prevents money laundering & terrorist financing Helps the bank to know who they are doing business with Helps the bank and the customers protect themselves Prevent Credit failure Promotes operational efficiency Ensures Compliance with FATF and international best standards Role of Relationship Team Use a clear and documented checklist showing KYC requirements for a proposed customer especially for non-individual customers (multi-layered companies) to obtain the required KYC documentation and information for different types of customers, this will aid in verifying the UBO of a company with a multi- layered structure. The legal search conducted on the potential customer shall be expanded to include additional search for multi-layered companies until the true owner is identified. All customer accounts with multi-layered UBOs shall be risk rated as ‘High Risk” hence an EDD procedure shall be conducted in other to uncover the identity of the UBOs of at least 5 percent (5%) or more ownership. A due diligence shall be conducted to the entire chain of ownership until it gets to the true UBOs (individuals). The customer shall not be issued with self-service items such as cheque book(s), ATM cards, internet banking, phone banking etc.) Until the UBO declaration procedure is completed. The UBO form declaration should be signed by the directors. Politically Exposed Person (PEP) Who is a PEP? It is your responsibility to Identify A politically exposed person (PEP) is defined by the Financial Action Task Force (FATF) as an individual who is or has been entrusted with a prominent public function. FATF also requires that family members and close associates of PEPs should be determined to be PEPs because of the potential for abuse of the relationship for the purpose of moving the proceeds of crime, or facilitating their placement and disguise, as well as for terrorist financing purposes. Due to their position and influence, it is recognized that many PEPs are in positions that potentially can be abused for the purpose of committing money laundering (ML) offences and related predicate offences, including corruption and bribery, as well as conducting activity related to terrorist financing. Financial institutions who operate in domestic markets where there are known issues relating to corruption should consider whether their exposure to domestic PEPs may be higher. In Access Bank, all PEP accounts are classified as high risk. CDD: How to Identify PEP Associates Close associates - prominent members of the same political party, civil organization, labour or employee union as the PEP; business partners or associates, especially those that share (beneficial) ownership of legal entities with the PEP. Relatives and Close Associates (RCAs) sometimes referred to as ‘PEPs by Association’ are a type of politically exposed person who shares a family or friendship connection to a PEP. As outlined in FATF guidance, that connection may be a direct family relation or a connection through marriage (or civil partnership). Alternatively, it may be a social or professional association. The list of people who may qualify as RCAs includes: Spouses and partners Parents Children Siblings Uncles, aunts, cousins Spouses/parents of children Close friends Legal advisors Business associates It is imperative to deliberately tracks who a PEP is regularly transacting with, who are those on PEP Standing Order instruction list or regular beneficiary or sender of funds to a PEP for proper flagging as PEP Associates. A relationship officer or manager should make sure that the proper steps are taken to profile a customer accurately at onboarding and ongoing concerns when the customer transactions pattern or social network changes for necessary update on the customer classification status. Domesticated PEP List Elected politicians in the Legislative Arm of Government Political Chieftains, Godfathers and Traditional Rulers including Senators, House of Representatives, House of Board Members of all Political Parties Assembly and Councilors. Elected politicians at National, State and Local Government Prominent Leaders of ethic minorities i.e. OPC, levels. MASSOB etc. Senior Members of the Judiciary including all Judges, Justices All Ambassadors and Diplomats working in Foreign of Court of Appeal and Supreme Court and equivalents in the Missions representing the country Sharia Court Senior Officers of International Organizations i.e. UN, AU, Senior Civil Servants from the position of Deputy Director and ECOWAS, GIABA, WAIFEM working in Nigeria above working at National, State or Local Government levels in All foreign Ambassadors and Diplomats working in the Executive, Legislative or Judicial arm of Government Embassies in Nigeria. Appointed Public Officers including Ministers, Commissioners, Prominent Leaders of Religious Organizations – CAN, Advisers, Personal Assistants, and all those in their entourage. NASFAT etc. Senior Military, Security or Law Enforcement Officers from the Senior executive of a publicly quoted companies rank of Colonel and above and its equivalent in the Navy, Air Force, Police, customs, Immigration etc. Business Associates including all those who run businesses owned by those listed above, operate their Board and Management of all Government Agencies, bank accounts or sit on the same board or management Corporations, Organizations, Institutions and Parastatals at positions of companies in which they have shares or are National, State and Local Government Levels. directors. Chairmen and Executive Management and all those who run the Secretariats of all the Political Parties at National, State and All those who exercise political or official control at all Local Government Levels. levels of Government in Nigeria either directly or through proxies Domesticated PEP List & Control Reasons why PEPS are not Detected and Flagged Consequences of not disclosing or knowing a PEP Non availability of information on search engines and Corruption has significant effects on economic development, online resources about the status of some political stability and transnational crime individuals who are PEPs. Imposition of fine on the bank and relevant key officers, full PEP Associates (families, friends, domestic staff etc.) or partial restriction on the business of the bank. may be more difficult to discover since they may not Suspension or cancel registration/permission/license of the share family names with the primary PEP. bank. Some PEPs might have changed names, due to Reputation risk from adverse media, enquires from marriage, which could conceal their PEP status. correspondent banks and counter parties Unwillingness of customer to divulge information. Negative impact on the risk rating of the bank with direct Deliberate efforts by customer to mislead. impact on the bank relationship with counter parties. Negligence, Improper profiling of the customer, Severance of relationship by correspondent bank inadequate KYC by the Account Officer. Drop in profitability and adverse effect on the market of Concealment of information pertaining to customer’s shares. PEP status by Account Officer. Outright sanction to Conduct Portal for the concerned Knowledge gap on the part of DSAs & Account Relationship Officer/Manager customer account not Officers. appropriately flagged. Customer is not on the Global PEP list synchronized Invoke appropriate measures in the Bank’s Penalty with FCUBS. Management Framework for any PEP’s account not properly Customer became PEP long after on-boarding flagged an attract regulatory penalty Domesticated PEP List & Control What to do when a PEP is Identified What to do when a PEP is Identified Obtain senior management approval for establishing or All PEP relationship must have an approved continuing business relationships with such persons. EDD, and information may be obtained through any of the following: Obtain management approval for PEP transactions within or above the threshold. Self-declaration by customers Take adequate measures to establish the source of wealth Verbal or written declarations from customers and source of funds that are involved in business relationships Develop questionnaire with specific or transactions with such persons. references that identify PEPs including family members and persons of close associate, Conduct enhanced, ongoing monitoring of those business relationships which must be signed by Customer or beneficial owner. Ensure the account is flagged as appropriate on the core The Bank may categorize Board member, banking application. senior management or corporate officer of publicly quoted company, state-owned organizations, and Private or state-owned organizations as low PEP. PEP Approval and Controls SN PEP/FEP Suggested PEP / FP/ NGO Transaction Due Diligence Examples Risk Grade PEP Risk Description/Definition Limits Required EDD during Customer is a PEP by association onboarding Spouse, Child (Son or and has no significant transaction in Low Risk Daughter), Sibling, Parent, 1 5% -25% his/her account. He has not been N5m/$30,000 PEP To be approved by Friend, Other Relative and investigated neither has he/she been GH not lower than Associate/Partner PEPs indicted of any criminal activities General Manager Traditional Rulers, Commissioners, A Customer is a PEP that has been Permanent Secretaries/ EDD during entrusted with prominent Public Secretaries/ National Onboarding functions/ Positions. He/she has not Secretary/ Financial been investigated or indicted for any Secretary/ Executive Medium Risk 2 >25%=50% criminal activities and has not N5m/$30,000 PEP 1 To be approved by Secretary, Ministers, featured in any of the bank’s GH not lower than Special Adviser/ Assistant / Suspicious transaction report. General Manager Aide/ Chief of Staff, Judges, featured in any of the bank’s Senators/ House of Rep Suspicious transaction report. member/ Councilors/ Local Government Chairmen/ Religious leaders etc. A PEP or PEP1 Customer that has EDD during Based on the examples 50% and been investigated or indicted for any onboarding. of PEPs that fall into this 3 High PEP 2 N5m/$30,000 above criminal activities and has featured in To be approved category the Suspicious Transaction report. by an ED/DMD. KYC: Non-Governmental Organizations A non-government organization (NGO) is an organization that is formed independent of government. They are typically non- profit entities, used for humanitarianism or the social sciences but can also include clubs and associations that provide services to their members and others. NGOs have a high degree of public trust, which can make them a useful proxy for the concerns of society and stakeholders. However, NGOs can also be lobby groups for corporations, such as the World Economic Forum. Types of NGOs include Charitable Orientation, Service Orientation, Participatory Orientation, Empowering Orientation, Community-based Organizations (CBOs), Citywide Organizations, National NGOs and International NGOs. NGOs receive their funds from the sale of goods and services, membership dues, philanthropic foundations, private sector for- profit companies, Local, States and Federal Government, grant from local and private donations. Although NGOs are run by the Trustees or Board of Directors, the beneficial owners of an NGO are the individuals who have significant influence over the affairs of an NGO. As a financial institution, there is a need to understand the compliance risk of banking NGOs. NGOs may not significantly help to bring about Industrialization or serious economic growth, but the purpose of its set up can be abused towards funding terrorism, money laundering, proliferation financing and other financial crimes. To mitigate these risks, it is essential for the relationship team to obtain the UBO and an ED’s approval during onboarding. The customer should also be marked as NGO and HIGH RISK on FCUBs. Continuous monitoring is also required to ensure that the NGOs funds are used for their stated purpose during company registration. ©2019 ACCESS BANK PLC 71 KYC – FATCA Regulation Ensure you screen each new customer against the Seven (7) FATCA Indications at onboarding. The Indications are: US Nationality US Address US place of birth US telephone number Standing instructions to pay into accounts in the US Power of Attorney or signatory authority granted to a person with a US address US ‘in-care of’ or ‘hold-mail address’ Refusal by a Foreign Financial Institution to comply may result in application of 30% withholding tax. ©2013 ACCESS BANK PLC 72 KYC – Uploading U.S. Citizen/Residents Data For FATCA Purposes BM’s Role CCO’S Role Sight the customer and verify the Ensure that the customer’s fills the account customer’s signature (if it’s an existing opening form or customer update form, customer). Obtain identification validating the US Sight and confirm customer’s form of citizenship or residency (American Passport identification (U.S. Passport, U.S. or Residence permit) from the customer. Residence Permit and Nigerian Update the Customer’ MIS Info Passport) MIS CLASS: FATCA MIS Ensure the customer fills the Bank’s IMPLEMENTATION FATCA indemnity form. MIS CODE: FATCA CUSTOMER Confirm details on account opening or customer update form match details uploaded on FCR by CCO Confirm appropriate FATCA MIS classification. Authorize the maintenance. AFU @ACCESS BANK PLC 2014 73 KYC: SCUML Facts The Special Control Unit Against Money Laundering (SCUML) was established as a special unit of the Federal Ministry of Commerce and Industry by the Federal Executive Council of Nigeria in September 2005 to contribute to the development of Anti Money Laundering efforts in Nigeria. SCUML has the mandate to Monitor, Supervise and Regulate the activities of all Designated Non-Financial Institutions (DNFIs). All DNFIs are obligated to register with SCUML and ensure compliance with the relevant sections of the ML (P) Act 2022, in order to avoid sanctions for non-compliance. SCUML collaborates with the EFCC for the enforcement of the provisions of the act through enforcement actions including prosecution of non-compliance. REGISTRATION PROCESS Click ‘Register Fill the registration Attach supporting Visit SCUML website Click on Submit Online’ form documents SCUML Registration: What Not To Do! Never collect or aid collection of any form of gratification to register customer’s business on the SCUML platform. You are only allowed to guide the customer on the registration portal. Never use your email address to register for the customer as future correspondences are meant for the customer (not you). Never engage in or aid the forgery of SCUML certificates or submission of same. Always use the SCUML helpdesk ([email protected]) to verify all SCUML certificates submitted for account regularization. ©2019 ACCESS BANK PLC 74 Sample of SCUML Certificate KYC: List Of DNFIs/DNFBPs Obligated to Register with SCUML from ML (P) Act 2022 Automotive dealers, Businesses involved in the hospitality industry, Casinos, Clearing and settlement companies, Consultants and consulting companies, Dealers in jewelries, Dealers in mechanized farming equipment, farming equipment and machineries, Dealers in precious metals and precious stones, Dealers in real estate, estate developers, estate agents and brokers High value dealers, Hotels, Legal practitioners and notaries (Engaging in activities that require SCUML) Licensed professional accountants, Mortgage brokers, Practitioners of mechanized farming, Supermarkets, Tax consultants, Trust and company service providers, Pools betting, or Such other businesses and professions as may be designated by the minister responsible for trade and investment. Please refer to the SCUML guideline for details MODULE 4 ETHICS AND CONDUCT Ethics in the Workplace Code of ethics: is a written document that clearly states what acceptable and unacceptable behaviors are for all the employees in the organization. Represents the identification and explanation of what the firm considers acceptable behavior Employees working under the code of ethics have a standard by which they can judge their own behavior and that of others within the bank. Worldwide, Access Bank's employees follow a standard ethical code. What is Business Ethics? Business ethics: are rules that examine ethical principles or ethical problems that arise in a business environment. In summary, business ethics consist of the principles, values, & standards that guide behavior in the world of business. Business Ethics Presentation 78 Common Ethical Standards CONFIDENTIAL BANK PROPERTY COMPLIANCE WITH LAWS, RULES Officers shall not except as authorized by their duties reveal to AND REGULATIONS any person or company any confidential information, trade se

Compliance Function & Culture Presentation PDF

Document Details

Tags

Related

Summary

Full Transcript