Important Information on Money Laundering and Terrorism Financing PDF
Document Details
Uploaded by FieryStatueOfLiberty
Tags
Related
Summary
This document provides definitions and explanations of money laundering and terrorist financing, including the purpose of such activities and how sanctions are applied. It also explains the process of politically exposed person (PEP) screening and the concepts of CDD and EDD.
Full Transcript
IMPORTANT INFORMATION Definitions : Money Laundering: Money laundering is the term used to describe the process by which criminals disguise the original ownership and control of the proceeds of criminal conduct by making such proceeds appear to have derived...
IMPORTANT INFORMATION Definitions : Money Laundering: Money laundering is the term used to describe the process by which criminals disguise the original ownership and control of the proceeds of criminal conduct by making such proceeds appear to have derived from a legitimate source. Terrorist Financing: Terrorist financing refers to activities that provide financing or financial support to terrorists. Transactions associated with terrorist financing tend to be in smaller amounts than is the case with money laundering. It may involve funds raised from legitimate sources, such as personal donations, profits from businesses and charitable organizations. Purpose of FT: Purpose is to finance terrorist acts, whether legal or illegal, for their terrorist activities. suppress a population or state through violence and coercion and raise funds to finance criminal acts. Funds are raised, placed in the economic system, and eventually hidden and finally integrated into the financial system. This money is then used for terrorist purposes. Sanctions: Sanctions are political and economic decisions that are a part of diplomatic efforts by countries, multilateral or regional organizations against states or organizations, either to protect national security interests or to protect international law and defend against threats to international peace and security. Politically Exposed Person (PEP) Screening: PEP refers to Politically exposed person. Natural persons who are or have been entrusted with prominent public function in the state or any their foreign country such as Head of the Government, Senior Politicians, State Government officials, judicial or military officials, senior executive managers or state owned corporations, and senior officials of political parties and person who are, or have been entrusted with the management of an international Organization or any prominent function within such an Organization including Direct Family members of PEP or Associates known to be close to Associates. CDD / Customer Due Diligence: Act of collecting & identifying information in order to verify a customer’s identity and more accurately assess the level of criminal risk they present. CDD is a foundation of the Know Your Customer (KYC) process, which requires companies to understand who their customers are, their financial behaviour, and what kind of money laundering or terrorism financing risk they present. EDD / Enhance Due Diligence: EDD is a higher version of the standard customer due diligence process, requiring extra checks and verifications to establish the person’s identity or any related information. EDD is a part of the Know Your Customer (KYC) process, adopted as part of the AML framework while onboarding new customers/clients. it is a regulatory requirement in case of customers classified as “high-risk,” requiring increased scrutiny and higher verification standards. 1|Page Some red flag indicators suggest the need for EDD measures. Customers hailing from jurisdictions notified as “high-risk” or subject to increased monitoring (FATF grey list countries) The customer is a Politically Exposed Person (PEP) or associated with PEP. A person has a criminal history or charged for any financial crimes and proceedings are underway. The customer insists on settlement of the transaction in virtual assets. Doubt about the appropriateness of customer’s risk classification Customer is a non-profit organization (NPO) Red-flag indicators of potentially unusual or suspicious activity, such as – When intermediaries are involved in the transaction without any logical reasoning When the customer’s legal structure is unnecessarily complex Customer hesitant is sharing the details of the ultimate beneficial owner. High Risk Customers: PEPS Dealers in precious metals & Stones (DPMS) Real Estate Agents Beneficial owners Lawyers ,Accountants, Auditors with financial dealing for customers Shell Companies/Front Companies. STAGES OF MONEY LAUNDERING Placement: During placement, “dirty” money derived from criminal activities is place in the financial system whether such money arises from the purchase or sale of the precious metal or stone. Layering: To conceal the illegal origin of the placed funds and thereby make them more useful to criminals, the funds must be moved, dispersed, and disguised. Layering is the process of disguising the source of the funds through layers of financial transactions. Integration: Once the funds are layered and can no longer be traced back to their criminal origins, they are integrated into the financial system and now appear “clean” and available for use by criminals. If layering has been successful, integration places the laundered money back into the economy and financial system in such a way that they appear clean and legitimate. AML/CFT Business Risk Assessment. The AML risk profile is determined after identifying and documenting the risks inherent to the Al Aya Gold trading activity and its roles in the supply chain but not limited to: Customer risk, Geographic risk, Channel risk, Products risks and Transactions risks High Risk Geographies: Sanctioned Countries. Weak AML jurisdiction. Offshore destination. Countries known for Drug trafficking. Countries known for terrorism. Low ranking on Corruption Index. 2|Page High Risk Products: Use of Cash Purchases from High- Risk Countries Sales from High-Risk Countries High Volume Anonymous use Targeted Financial sanction: Where the customer is positive match to sanctions category for Proliferation of risk or Terrorism financing under UN Security Council or UAE National list of Individual and Entities, Al Aya Gold is expected to freeze the funds or do not honor the transaction and within 24hours of awareness of sanction individual/entity/beneficiary. It is prohibited to make any such funds/precious without the prior consent of the Executive Office of UAEIEC In implementing the TFS, we must do the following: Step-1 Subscribe: Subscribe to the Executive Office Notification System to receive automated email notifications on any updates to the Sanctions Lists (Local Terrorist List or UN Consolidated List) Step-2 Screen: Screen customers, potential customers, beneficial owners, and transactions to identify possible matches to the Local Terrorist List or UN Consolidated List. Screening must be undertaken in the following circumstances: 1) Upon any updates to the Local Terrorist List or UN Consolidated List. In such cases, screening must be conducted immediately and without delay to ensure compliance with implementing freezing measures without delay (within 24 hours). 2) Prior to onboarding new customers/business relationships 3) Upon KYC reviews or changes to a customer’s information. 4) Before processing any transaction. Step-3 Apply Targeted Financial Sanctions: 1. Freezing of all funds: Freeze, without delay (within 24 hours) and without prior notice, all the funds: A. Owned or controlled, wholly or jointly, directly, or indirectly, by an individual or legal entity designated by the UAE Cabinet or pursuant to a relevant UNSC Resolution. B. Derived or generated from funds under item (a); or C. Individuals or legal entities acting on behalf of or at the direction of an individual or legal entity designated by an individual or legal entity designated by the Local Terrorist or pursuant or the United Nations consolidated list. 2. Prohibition of making funds/supply of precious Metal or stones or equivalent: No individual or legal person in the UAE is permitted to provide services related to, whether in whole or in part, directly or indirectly, or for the benefit of any individual or legal entity listed in the Local Terrorist List or the UN Consolidated List pursuant to a relevant UNSC Resolution. Step-4 Report: Should report any freezing or suspension measures taken upon identifying confirmed or potential matches through the GoAML platform within five (5) days from taking such measures. 3|Page High-Risk Customers A high-risk customer for purpose of AML, CFT & Sanction policy could be either of the following: Is a foreign pep. Is a restricted or sanctioned person on an official authority watch-list. Where payment is made in form of precious metal and stones or equivalent form. Where business relationships and transactions involve high risk jurisdiction. resident or operates in a high-risk jurisdiction identified as having weak AML regimes. Person/country; located in a high-risk country; or is connected to the extraction industry, for instance, the extraction of natural resources such as gas, oil, diamonds, gold (and other precious metal), and wildlife (e.g., ivory trading). Has a complex ownership structure, making it difficult to identify the owners and controllers or know where funds are coming from or going to. a charity or ‘not-for profit’ organization–terrorists may exploit charities to move funds, provide logistical support, encourage terrorist recruitment, or support other terrorist groups. Any cases as recommended as High risk by the Compliance as supported by the risk assessment. Other Rating Category: Any other customers who are not rated as High-Risk Client should be treated as a Medium Risk or Low Risk. TFS ADDITIONAL OBLIGATIONS Implement the freezing cancellation decision : Without delay, pursuant to Related UN Security Council Resolutions or decisions of the Cabinet regarding issuance of Local Terrorist List and notify the Supervisory Authority and the Executive Office. Immediately notify : Notify within five business days, the relevant Supervisory Authority and the Executive Office in the following cases and include the following information: 1. Identification of targeted funds - the actions that have been taken as per requirements of related UNSC Resolutions or decisions of the Cabinet regarding issuance of Local Lists, including concerning attempted transactions. 2. Detection of any match with listed individuals or legal entities - details of its data and the actions that have been taken as per requirements of related UNSC Resolutions or decisions of the Cabinet regarding issuance of Local Terrorist Lists, including concerning attempted transactions. 3. If it was found that one of its previous customers or any occasional customer it dealt with, is listed on the Sanctions List or the Local Lists. 4. If there is any indication that one of its customers or former customers, or a person it has business dealings with, is a individual listed on the UN Sanctions List or the Local List or has a direct or indirect relationship with a Listed individual. 5. Similarity of names (notify even if no action has been taken / inability to remove such similarity through available or accessible information). Implement internal controls and procedures: Set and effectively implement internal controls and procedures to ensure compliance with the obligations arising from the Cabinet Resolution No. 74 of 2020. 4|Page Implement policies and procedures: Set and implement policies and procedures that prohibit staff from, directly or indirectly, informing the customer or any third party that freezing action shall be implemented as per provisions of the Cabinet Resolution No. 74 of 2020. Cooperate: Cooperate with the Supervisory Authority and the Executive Office in verifying accuracy of presented data. Partial Name Match: A partial name match is when there is a partial match between identifiers in the Sanctions Lists with any information in your databases, and you are unable to conclude a false positive or a confirmed match. For this , we submit PNMR (Partial name Match Report) within 5 business days with all documents. Confirmed Match: A confirmed match is when an individual, entity, or group matches all of the key identifiers published on the Sanctions Lists. For this , we submit FFR (Fund Freeze Report) within 5 business days with all documents. False Positive Result: A false positive is a partial name match to listed individuals, entities, or groups, either due to the common nature of the name or due to ambiguous identifying data, which on examination proves not to be a confirmed match. Negative Result : A negative result is when no match is identified upon conducting screening. Suspicious Activity Report (SAR) piece of information that alerts law enforcement of potential money laundering or terrorist financing. Different Types of Reporting GoAML. STR: Suspicious Transaction Report: If during the establishment or course of the customer relationship, or when conducting transactions on behalf of a customer or potential customer, DNFBP entity suspects transactions related to money laundering, fraud or terrorist financing , then the entity should submit an STR to the FIU at the earliest. SAR: Suspicious Activity Report : If during the establishment or course of the customer relationship, DNFBP suspects any activity or an attempt transaction (i.e. a non-executed transaction) that can be related to money laundering , fraud or terrorist financing, then the entity should submit a SAR to the FIU at the earliest. HRC: High-Risk country transaction report : If during the establishment or course of the customer relationship, or when conducting transaction on behalf of a customer or potential customer , DNFBP identifies transactions related to High-risk countries as defined by the national Anti-money laundering and combating the financing of terrorism and financing of Illegal organization Committee, then the DNFBP should submit an HRC to the FIU. HRCA: High risk country activity report: If during the establishment or course of the customer relationship, or when conducting an activity on behalf of a customer or potential customer, DNFBP identifies activities related to High-risk countries as defined by the National Anti-money laundering and combating the financing of terrorism and financing of illegal organization committee, then the entity should submit an HRCA to the FIU. 5|Page Suspicious Transaction Indicators: 1) Unnecessarily complex transactions or series of transactions. 2) Don’t appear to have an economic or commercial rationale for transactions. 3) Numbers, sizes, or types of transactions that appear to be inconsistent with the customer’s expected activity. 4) Transactions that appear to be enormous in relation to a customer’s declared income or turnover. 5) Large unexplained cash amounts , especially when they are inconsistent with the nature of the customer’s business. 6) Transactions involving high risk countries, including “own funds” transfers , wherein no clear purpose for transaction. 7) Frequent or unexplained changes in ownership of business relationships. 8) Illogical changes in business activities especially where high-risk activities are added. 9) Situations in which CDD measures cannot be performed such as refuse to provide CDD documentation, Provided documentation that is misleading, fraudulent or forged. AML/CFT Suspicious Transaction Indicators Unnecessarily complex transactions or series of transactions. Don’t appear to have an economic or commercial rationale for transactions. Numbers, sizes, or types of transactions that appear to be inconsistent with the customer’s expected activity. Transactions that appear to be exceptionally enormous in relation to a customer’s declared income or turnover. Large unexplained cash amounts , especially when they are inconsistent with the nature of the customer’s business. Transactions involving high risk countries, including “own funds” transfers , wherein no clear purpose for transaction. Frequent or unexplained changes in ownership of business relationships. Illogical changes in business activities especially where high-risk activities are added. Situations in which CDD measures cannot be performed such as refuse to provide CDD documentation, Provided documentation that is misleading, fraudulent or forged. Customer behavior red flags: 1. Customer avoids personal contacts or refuses to provide information , data, or necessary documents. 2. Use fake documents or an email address that can’t be verified. 3. Parties involved are from high-risk countries or from sanctioned countries. 4. No apparent commercial reason for the parties to be connected. 5. Doubt about the authenticity of connection between customer & supplier. 6. Multiple transactions between the same parties in a short time without genuine reasons. 7. Below the legal age and unusual transactions observed may also considered as red flags. Company Behavior Red Flags: 1. Frequent changes to business name of entities registered. 2. Registration of company in a tax haven though its business relates to another jurisdiction. 3. Numerous sole proprietorship business/private limited companies set up seemingly unrelated people (proxies) but controlled by the same group of people. 4. False addresses are used to register businesses. 5. Use of corporate structure of shell companies located across the jurisdictions. 6. A significant number of companies registered to one natural person. 7. Commercial activities are not easy to track as the companies are registered elsewhere. 8. No clarity of how the company transports the merchandise it has bought. 6|Page Trade based (TBML) behavior Red Flags: 1. Cash payments for high value orders are indication of trade-based money laundering (TBML) activity. 2. Misclassification of weight origin and value on customs declaration form. 3. Goods shipped to or from jurisdiction designates as high risk for money laundering activities or sensitive / non cooperative jurisdiction. 4. Goods is transhipped through one or more such high risk / sensitive jurisdiction for no apparent economic reason. 5. Consignment size or type of commodity being shipped appears inconsistent with the scale or capacity of the exporter or importers having regard to their regular business activities or the shipment doesn’t make economic sense. 6. The transaction involves the use of front or shell companies. Payment ( fund transfer ) behavior Red Flags: 1. High value/volume funds transfers (in/out) which appears to be no logical purpose and it involves higher risk countries. 2. Small amount fund transfers to avoid triggering alerts or reporting requirements. 3. Funds transfers received without originator information, or the person on whose behalf the transaction is conducted. 4. Transactions involving foreign currency are followed within a short period of time by funds transfers to higher risk locations. 5. Multiple companies are used to collect and funnel funds to a small number of foreign beneficiaries, both businesses and persons, particularly in higher-risk locations. 6. Funds are sent or received via international transfers from or higher-risk or sanctioned countries. How to improve quality of suspicious activity : 5Ws And 1H: Who: who is involved. What : what is criminal activity/ what is the value of criminal activity. Where: Where is the criminal activity. When: When did the circumstances arise / when are the circumstances planned to happen. Why: Why you are suspicious or have knowledge. How: how did the circumstances arise. Be clear & concise: Structure your report including all relevant information. Briefly summarize your suspicion. Keep the content clear, concise & simple. Avoid acronyms and jargon- they may not be understood by the recipient and are open to misinterpretation. FATF: The Financial Action Task Force: Established in 1989 – Head quarter in Paris. 40 Recommendations released in 2000. These recommendations serve as the international standard for countries to follow in creating their national legal and regulatory frameworks. FATF has 39 member countries. Indonesia Joined recently to become 40 The primary aim is combating money laundering, terrorist financing, and other threats to the integrity of the international financial system. 7|Page FATF plays a crucial role in promoting financial integrity and security at the international level by providing a framework for countries to combat illicit financial activities and by encouraging cooperation and coordination among nations in these efforts. FATF Grey List as of 27th October 2023: Barbados Burkina Faso Croatia Gibraltar Jamaica South Africa Bulgaria Cameroon Congo Haiti Mali South Sudan Mozambique Nigeria Philippines Senegal Uganda Tanzania Türkiye Syria UAE Vietnam Yemen Blacklist countries: 1- Iran 2- North Korea 3- Myanmar Executive Office of Anti-Money Laundering and Counter Terrorism Financing: (EOCN) Established pursuant to Cabinet resolution no. 10 of 2021, and among its tasks is to oversee the implementation of the National AML/CFT Strategy and the National Action Plan and monitor and assess any risks related to AML/TF, financing illegal organizations, and financing proliferation. DNFBP: Designated Non-Financial Businesses and Professions: include. 1. Lawyers and Notaries: Legal professionals often handle financial transactions, real estate transactions, and other activities that could be susceptible to money laundering. They are subject to AML and CTF regulations in many jurisdictions. 2. Accountants and Auditors: Accountants and auditors may be involved in financial transactions and record-keeping, making them potential conduits for illicit financial activities. They are often subject to AML and CTF requirements. 3. Real Estate Agents: Real estate transactions can involve large sums of money, making real estate agents a potential target for money laundering. Many countries impose AML regulations on this profession. 4. Trust and Company Service Providers: These entities assist in the creation and management of trusts, companies, and other legal entities. They can be used to hide the true ownership of assets, making them subject to AML and CTF rules. 5. Dealers in Precious Metals and Stones: Businesses that deal in precious metals and stones are at risk of being used for money laundering due to the intrinsic value of these commodities. They are often subject to AML regulations. 6. High-Value Goods Dealers: Sellers of high-value items, such as art dealers and dealers in luxury goods, can be targets for money laundering schemes. Dual Use Goods: Strategic goods are dual-use goods, technology and software that can be used for both civilian and military applications, and/or contribute to the proliferation of Weapons of Mass Destruction. Chemicals components which have dual-use applications for both civilian and military, and/or contribute to the proliferation of Weapons of Mass Destruction as enlisted by the Organization for the Prohibition of Chemical Weapons (OPCW). 8|Page The Executive Office for Control and Non-Proliferation issues permits for the import/export/re-export of such goods in certain cases that are related to national security; foreign policy; non-proliferation of nuclear weapons, missile technology, chemical or biological weapons; regional stability or terrorism. The main components of an effective AML/KYC program? 1. Customer Identification Program (CIP): Procedures to verify and document the identity of customers during onboarding. 2. Customer Due Diligence (CDD): Ongoing monitoring of customer activities and risk assessment based on their transactions, source of funds, and background. 3. Enhanced Due Diligence (EDD): Additional scrutiny and monitoring for higher-risk customers or transactions. 4. Transaction Monitoring: Real-time monitoring of customer transactions for detecting suspicious or unusual activities. 5. Reporting: Reporting suspicious transactions to the relevant authorities, such as the Financial Intelligence Unit (FIU). 6. Training and Awareness: Ongoing training programs to educate employees about AML regulations and emerging risks. How do you verify a customer's identity during the KYC process? 1) Document Verification: Collecting and verifying official documents like passports, driver's licenses, or national ID cards. 2) Address Verification: Confirming the customer's residential or business address through utility bills, bank statements, or government-issued documents. 3) Biometric Verification: Using biometric data such as fingerprints or facial recognition for identity verification. 4) Database Checks: Checking customer information against reliable databases, government registers, or watchlists to identify potential risks or suspicious individuals. How do you ensure compliance with AML and KYC regulations in your day-to-day activities? 1. Adhere to internal policies and procedures established by the institution. 2. Conduct thorough customer due diligence and maintain up-to-date customer records. 3. Continuously monitor customer transactions for suspicious activities. 4. Report any suspicious transactions promptly to the appropriate authorities. 5. Stay updated on regulatory changes and attend regular training sessions to enhance knowledge of AML/KYC practices. 6. Foster a culture of compliance and ethical behavior within the organization. Consequences of non-compliance with AML and KYC regulations? 1. Reputational damage 2. Monetary penalties 3. Legal actions 4. Loss of licenses 5. Restrictions on business operations. 6. Increased risk exposure to money laundering, terrorist financing, and other illicit activities. 9|Page How do you ensure that your AML/KYC processes are up to date with changing regulations? A. Review regulatory updates, guidelines, and industry best practices. B. Participate in training programs, attend conferences or seminars, and engage in knowledge-sharing with industry peers. C. Establishing strong communication channels with regulatory bodies and compliance professionals within the organization would also help in staying informed about regulatory changes. How do you assess the risk level of a customer during the KYC process? Evaluating factors such as : Geographic location Nature of business. Source of funds Expected transaction volume, Past financial behavior. This risk assessment allows financial institutions to categorize customers as low, medium, or high risk. It helps determine the extent of due diligence required and the frequency of monitoring for each customer. Steps would take if suspect a customer's involvement in money laundering activities. 1) Documenting and preserving all relevant information and evidence. 2) Reporting the suspicious activity to the institution's designated AML officer or compliance department. 3) Coordinating with the AML officer to file a suspicious activity report (SAR) with the appropriate regulatory authority or Financial Intelligence Unit (FIU). 4) Cooperating with law enforcement or regulatory agencies during investigations, if required. How to ensure the privacy and confidentiality of customer data while conducting AML/KYC processes? 1. Adhering to data protection laws and regulations. 2. Limiting access to customer information only to authorized personnel on a need-to-know basis. 3. Utilizing secure systems and technologies to store and transmit sensitive data. 4. Conducting regular audits to identify and address any vulnerabilities in data security. How do you identify the beneficial owner of a company? 1. Start with the top-level shareholders: These shareholders are more likely to be beneficial owners. 2. Look for individuals who control voting rights: Even if a shareholder does not own a majority of a company's shares, they may still be considered a beneficial owner if they control voting rights. 3. Collect company data (business name, location, type/ industry, registration number and incorporation documents) 4. Identify all individuals with significant ownership or control positions in the company. Monitor any subsequent changes. 5. Collect and verify data of beneficial owners (name and title, address, date of birth, social security number, passport/ any government-issued ID or the document numbers). 6. Access the risk they pose based on the data collected and verified and make an informed decision to establish a free, controlled or no relationship at all with the entity. 10 | P a g e Politically Exposed Person: Individual with a high-profile political role, or someone who has been entrusted with a prominent public function. Classifications of PEP 1- Foreign PEP: Individuals entrusted with prominent public functions by a foreign country like heads of state or of government, senior politicians, senior government, judicial or military officials, senior executives of state-owned corporations, important political party officials. 2- Domestic PEP: Individuals entrusted with prominent domestic public functions like heads of state or of government, senior politicians, senior government, judicial or military officials, senior executives of state-owned corporations, important political party officials’. 3- International PEP: an individual entrusted with a prominent position by an international organization like ‘members of senior management, i.e. directors, deputy directors and members of the board or equivalent functions. 4- Relatives and Close Associates: immediate family members or close social or professional contacts of a government or political official, or senior executive – meaning spouses, parents, siblings, children, and spouses’ parents and siblings. The 3 Quadrants of Risk: High Risk: 1- Ruling Royal Families. 2- Heads Of State and government 3- Members of government ( National & Federal level). 4- Members of Parliament ( National & Federal level). 5- Senior officials of other state agencies and bodies and high-ranking civil servants. 6- Head & senior officials of the military, judiciary, law enforcement and boards of central banks. 7- Top ranking officials of political parties. Medium Risk: 1- Members of regional government, Parliaments , Judiciary. 2- Senior officials and functionaries of international & supernational organizations. 3- Ambassadors , consuls and high commissioners. Low Risk: 1- Mayors & members of local, county, city & district assemblies. 2- Senior executives of local governmental bodies ( agencies , state-owned businesses. 3- Judges of local court. What is Sanctions? Restriction that’s imposed on a country, a specific person, a legal entity or an organization. They’re used by governments as a non-violent foreign policy tool to fight activities such as financial crime, human rights abuses, the sheltering of international criminals, nuclear weapons development and terrorism. 11 | P a g e Typical restrictions associated with sanctions include: Prohibiting the transfer of funds to and/or from a sanction country and/or Specifically Designated Nationals (SDN) Freezing the assets of a government, entity, individual or resident of a sanctioned country. Prohibiting types of activities. Imposing travel bans. Other financial and diplomatic restrictions. Penalties for failing to comply with a Sanction or Embargo: Seizure of goods, significant fines and even imprisonment Payments may be confiscated or your funds frozen, restricting your cash flow. Subject to increased due diligence by regulators, financial institutions and counter parties on your future transactions and activities, Financial institutions will refuse to handle transactions on behalf of your company. Reputation will be significantly damaged. The different types of sanctions: Multilateral: adopted by more than one country against another country. They’re usually issued by super national bodies such as the United Nations Security Council (UNSC), the European Union or the Arab League. Autonomous : adopted by just one country against another country. They’re usually issued by domestic government bodies such as the USA Office of Foreign Asset and Control (OFAC), USA Bureau of Industry and Security (BIS);or Her Majesty’s Treasury (HMT) in the UK. The different kinds of sanctions: 1. Economic Sanctions: Trade Embargoes: Complete or partial bans on trade with specific countries or entities. b. Export/Import Restrictions: Limitations on the export or import of specific goods or technologies. Export/Import Restrictions: Limitations on the export or import of specific goods or technologies. Financial Restrictions: Imposing limitations on financial transactions, such as blocking access to banking systems or restricting access to international financial markets. Sectoral Sanctions: Targeting specific sectors of an economy, such as the energy, defense, or technology sectors, by imposing restrictions on trade or investment. 2. Arms Embargoes: Arms embargoes involve restrictions on the export, import, or transfer of weapons, ammunition, military equipment, or related technologies to specific countries, groups, or individuals. They aim to prevent the proliferation of weapons and maintain regional or global security. 3. Travel Bans and Visa Restrictions: Travel bans, and visa restrictions are measures that prevent individuals from entering or exiting a country or restrict their ability to travel to specific destinations. These restrictions can be imposed on individuals associated with sanctioned countries, organizations, or activities. 12 | P a g e 4. Diplomatic Sanctions: Diplomatic sanctions involve the reduction or suspension of diplomatic relations with a particular country, including recalling ambassadors, closing diplomatic missions, or refusing to recognize a government. 5. Targeted Sanctions: Targeted sanctions focus on specific individuals, entities, or groups involved in illicit activities or human rights abuses. They may include asset freezes, travel bans, or restrictions on financial transactions directed at those targeted individuals or entities. 6. Multilateral Sanctions: Multilateral sanctions are imposed collectively by multiple countries or international organizations, such as the United Nations, European Union, or regional bodies. They involve coordinated efforts to apply pressure on a particular country or entity and ensure broad compliance. 7. Non-Financial Sanctions: Non-financial sanctions encompass a range of measures beyond economic or trade restrictions. These can include cultural, sporting, or academic boycotts, restrictions on technology transfers, or limitations on scientific cooperation. Specially Designated Nationals (SDNs): SDNs can be individuals or entities (such as financial institutions, companies, shipping vessels, ports or airlines) and they can be located anywhere in the world. Authorities designate SDNs for a number of reasons. They may be linked to human rights abuses, nuclear proliferation, terrorism, narcotics trafficking, transnational criminal organizations, or they may support sanctioned regimes. In most cases, entities that are beneficially owned by or significantly linked to an SDN will also be considered an SDN. Who implements Sanctions? 1) UAE :The Central Bank of the UAE is responsible for the implementation of UN, Arab League and other sanctions and embargoes from time to time within the Emirates. 2) European Union :The EU implements sanctions and embargoes (commonly referred to as ‘restrictive measures’ in the EU) under the Common Foreign and Security Policy (CFSP) framework. EU sanctions and embargoes apply to all EU member states. 3) United Kingdom: Her Majesty’s Treasury (HMT) is responsible for the implementation and administration of international financial sanctions and embargoes in the UK. 4) United Nations :The United Nations Security Council (UNSC) is responsible for implementing United Nations sanctions and embargoes. All member countries under the Charter of the United Nations are obliged to abide by UN sanctions. 5) United States :The United States Treasury Office of Foreign Assets Control (OFAC) is principally responsible for administering and enforcing autonomous US sanctions and embargoes however the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce also administer a number of sanctions in additional to control and licensing of exports form the United States. Sanctioned Country List: Cuba Syria Iran North Korea Myanmar Ukraine Venezuela Sudan Crimea 13 | P a g e Sanctions Risk Mitigation Process: 1- GREY CATEGORY: If the individual is from Sanctioned Country, however, is not listed as a SDN /not listed in any of Listing authority links and has been as resident in the UAE and has proof of residency in the UAE ,we could consider conducting Business with them after conducting EDD on them and Business activity. 2- RED CATEGORY: Regarding Red Category, we do not deal with these Entity And Individuals who are categorized in this categories Individuals or Entity based and residing in the following countries Cuba, Iran, North Korea, Syria, Ukraine, Venezuela, Myanmar, Sudan and Crimea. PROOF OF RESIDENCY IS CLASSIFIED AS BELOW: All Pages of Passport Copy (to ensure that they have not travelled to Sanctioned Country) Valid Visa Copy (Minimum Two Years in UAE) Emirates ID Copy. Tenancy Contract. Utility Bills (minimum 2 Years). IDENTIFICATION PROCESS FOR GREY LIST: Media Search (Adverse media Check) KYC Check to ensure Nationality. Name Screening on Sanction list from Respective Departments. (Already in World Check). UN Sanction regimes with Targeted Financial Sanctions: Somalia Iraq Congo Libya Yemen South Sudan Mali Central African Republic AL AYA GOLD LLC Sanction Procedure and Control According to Article 21 of UAE Cabinet issued Resolution (74) of 2020 For the purposes of implementing the present Decision, AL AYA GOLD LLC shall abide by the following: 1- Register on the Office’s website in order to receive notifications related to new listing, re- listing, updating, or de-listing decisions issued by the UN Security Council, the Sanctions Committee or the Cabinet. 2- Regularly screen their databases and transactions against names on lists issued by the UN Security Council, the Sanctions Committee or the Local Lists, and, immediately when notified of any changes to any of such lists, provided that such screening includes the following: Searching their customer databases. Search for the names of parties to any transactions. Search for the names of potential customers. Search for the names of beneficial owners. Search for names of persons and organizations with which they have a direct or indirect relationship. Continuously search their customer database before conducting any transaction or entering into a serious business relationship with any person, to ensure that their name is not listed on the Sanctions List or Local Lists. 3- Implement freezing measures, without delay, and without prior notice to the Listed Person, immediately when a match is found through the screening process referred to in paragraph (2) of this article. 14 | P a g e 4- Implement decisions to lift freezing measures without delay, pursuant to Relevant UNSCRs or decisions of the Cabinet regarding the issuance of Local Lists. 5- Immediately notify the Supervisory Authority in the following cases: Identification of funds and actions that have been taken as per requirements of Relevant UNSCRs or decisions of the Cabinet regarding the issuance of Local Lists, including attempted transactions. Detect any match with listed persons or entities, details of the match data and actions that have been taken as per the requirements of Relevant UNSCRs and Local Lists, including attempted transactions. If it was found that one of its previous customers or any occasional customer it dealt with, is listed on the Sanctions List or Local Lists. If it suspects that one of its current or former customers, or a person it has a business relationship with is listed or has a direct or indirect relationship with the Listed Person. No action has been taken due to a false positive, and the inability to dismiss such false positive through available or accessible information. Information relating to funds that have been unfrozen, including their status, nature, value and measures that were taken in respect thereof, and any other information relevant to such decisions. 6- Establish and effectively implement internal controls and procedures to ensure compliance with the obligations arising from this Decision. 7- Establish and implement policies and procedures that prohibit staff from, directly or indirectly, informing the customer or any third party that freezing or any Other Measures shall be implemented in accordance with the provisions of this Decision. 8- Cooperate with the Office and the Supervisory Authority in verifying the accuracy of submitted information. Concept of Anti-Bribery: measures and strategies put in place to prevent and combat bribery, which involves offering, giving, receiving, or soliciting something of value to influence the actions of an official or other person in a position of authority. The goal is to ensure fair, transparent, and ethical practices in various sectors. Concept of Anti-Corruption: Anti-corruption encompasses a broader scope, addressing all forms of corrupt behavior, including bribery, embezzlement, fraud, extortion, nepotism, and more. It aims to promote integrity, accountability, and transparency in both public and private sectors. Hawala system The Hawala system is a way of conducting remittances that is based on trust and reputation rather than formal contracts and paperwork. In this system, a person known as a hawaladar receives money from a customer in one location and then uses a network of trusted contacts to transfer the funds to the recipient in another location. Screening vs. Transaction Monitoring: Screening's mission is to uncover various risks, such as: 🔹 Sanctioned individuals or entities 🔹 Politically exposed persons (PEPs) 🔹 Links to terrorist organizations 🔹 High-risk countries or jurisdictions 🔹 Known criminals 🔹 Wanted individuals 15 | P a g e Transaction monitoring's radar is set to flag suspicious activities such as: 🔸 Large or unusual transactions 🔸 Transactions beyond a customer's typical behavior 🔸 Involvement with high-risk countries 🔸 Transactions designed to maintain anonymity Structure of Suspicious Activity Report : ( SAR) 1- Header Information: Begin with the official header, including the reporting institution's name, address, contact information, and the date of the report. 2- Identifying Information: Provide the complete name and any known aliases or alternative names of the subject(s) involved in the suspicious activity. 3- Background Info: Briefly explain the relationship between the institution and the subject, including how the institution came into contact with the subject. Describe the nature and purpose of the account or relationship (e.g., personal savings, business checking). 4- Activity Description: Briefly explain the relationship between the institution and the subject, including how the institution came into contact with the subject. Describe the nature and purpose of the account or relationship (e.g., personal savings, business checking). 5- Rationale for Suspicion: Explain why the activity raises concerns and what led you to believe it may be related to money laundering, fraud, or other illegal activities. - Reference any internal policies, procedures, or guidelines that were violated or triggered the suspicion. 6- Regulatory References: Cite relevant regulatory provisions, such as the Bank Secrecy Act (BSA) or Anti- Money Laundering (AML) laws, that require the reporting of suspicious activities. 7- Impact Assessment: Describe the potential impact of the suspicious activity on the institution, including reputational risk, financial risk, or legal consequences. 8- Supporting Docs: Attach any supporting documents, records, or evidence that substantiate the SAR. Ensure these are labelled clearly and confidentially. 9- Review & Approval: - Indicate that the report has been reviewed and approved by appropriate personnel within the institution. Include their names and titles. 10- Filing & Reporting: Specify the intended recipient of the SAR, such as the Financial Crimes Enforcement Network (FinCEN) in the United States, and the method of submission (e.g., electronically through the BSA E-Filing System). 11- Confidentiality & Protections: Include a statement regarding the confidentiality of SARs and the legal protections afforded to those who file them under applicable laws and regulations. 12- Contact Info: Provide contact information within the reporting institution for further inquiries or information related to the SAR. 13- Documentation & Retention: Maintain copies of the SAR and all related documents as required by regulatory authorities. A shell company: Can be used to launder money by concealing the true ownership of assets and making it difficult for authorities to trace the origin of funds. The process of Shell companies: 1. Incorporation: The money launderer creates a shell company in a jurisdiction with lax disclosure requirements, or by using nominee directors and shareholders to conceal the true ownership of the company. 2. Bank Account: The shell company opens a bank account in its name, and the money launderer deposits the proceeds of illegal activities into the account. 16 | P a g e 3. Layering: The money launderer uses the shell company to conduct a series of financial transactions, such as buying and selling assets, or making wire transfers, in order to create a complex trail of transactions that makes it difficult for authorities to trace the origin of the funds. This process is often referred to as "layering." 4. Integration: The money launderer uses the shell company to integrate the proceeds of illegal activities into the legitimate financial system by investing the funds in legitimate assets or businesses. What is KYC: The process of verifying and identifying customers to prevent financial crimes such as money laundering, fraud, and terrorist financing. The essential components of a KYC process: Customer identification Customer due diligence (CDD) Risk assessment Ongoing monitoring Reporting of suspicious activities. How do you verify the identity of a customer during the KYC process: Government-issued IDs, passports, proof of address, and other supporting documents. Additionally, digital solutions like biometric authentication and data matching against trusted sources can be used to enhance identity verification. What is the difference between KYC and CDD? Feature KYC CDD Purpose Identify and verify customer identity Assess money laundering and terrorist financing risks Timing Onboarding Ongoing Approach Risk-based Risk-based Scope Basic customer information Detailed customer profile, transaction history, and risk assessment How would you handle a request for a high-value transaction from a politically exposed person (PEP)? Identify the Politically Exposed Person (PEP): Determine if the individual falls under the definition of a PEP, which includes individuals who hold prominent public functions or positions in foreign or domestic countries, such as heads of state, senior politicians, senior government officials, or senior executives of state-owned corporations Assess the Risk: Evaluate the level of risk associated with the PEP and the proposed high-value transaction. Factors that may increase the risk include the country of origin, the nature of the transaction, and the source of funds involved , Consider whether the PEP is an immediate family member or a known close associate of a PEP, as they may also pose similar risks Enhanced Due Diligence (EDD): Conduct EDD measures, which involve a more thorough investigation and verification process compared to standard due diligence procedures. EDD may include additional verification of the PEP's identity, source of wealth, and the legitimacy of the transaction. It may also involve assessing the reputation and integrity of the PEP Source of Funds: Scrutinize the source of funds for the high-value transaction. Ensure that the funds are legitimate and not derived from illegal activities. Verify the origin and traceability of the funds to prevent money laundering and illicit financial activities 17 | P a g e Record Keeping: Maintain comprehensive records of all the information obtained during the due diligence process. Document the steps taken, the findings, and any red flags or concerns identified. This documentation will serve as evidence of compliance in case of regulatory inquiries Reporting Obligations: If any suspicious activities or transactions are identified during the due diligence process, follow the necessary reporting obligations as per the regulations. Report any suspicious transactions to the relevant financial intelligence unit or regulatory authority Ongoing Monitoring: Implement enhanced ongoing monitoring of the PEP's transactions and activities. Regularly review and update the PEP's profile and risk assessment to ensure continued compliance with regulatory requirements. How to identify the source of funds in AML: 1. Customer Due Diligence (CDD): Perform a thorough CDD process on the customer to gather relevant information about their identity, occupation, business activities, and expected transaction patterns. This helps establish a baseline understanding of the customer's financial activities. 2. Document Verification: Verify the authenticity and validity of documents provided by the customer, such as identification documents, bank statements, tax records, or business registration documents. This helps confirm the customer's identity and provides initial evidence regarding the source of funds. 3. Risk Assessment: Conduct a risk assessment based on the customer's profile, transaction history, and other available information. This helps identify any red flags or indicators of higher risk associated with the customer's financial activities. 4. Transaction Monitoring: Implement a robust system for monitoring customer transactions in real- time. Look for unusual or suspicious patterns, such as large cash deposits, frequent high-value transactions, or inconsistent transactional behavior. Unexplained or inconsistent sources of funds can be indicative of money laundering or other illicit activities. 5. Enhanced Due Diligence (EDD): If the risk assessment indicates a higher risk, conduct enhanced due diligence on the customer. This may involve gathering additional information, conducting more in- depth background checks, or seeking third-party verification of the customer's financial activities. 6. Source of Wealth (SOW) Verification: Request information about the customer's legitimate sources of wealth, such as employment, business operations, investments, or inheritance. Verify the authenticity of the claimed sources by reviewing supporting documents, financial statements, tax records, or legal agreements. 7. Know Your Customer (KYC) Interviews: Engage in face-to-face or remote interviews with the customer to gather more information about their financial activities, income sources, and reasons for specific transactions. This can help detect inconsistencies or discrepancies in the information provided. 8. Collaboration and Information Sharing: Collaborate with other financial institutions, regulatory bodies, and law enforcement agencies to share information and intelligence related to suspicious activities or individuals. This can help identify connections or patterns that may uncover the true source of funds. 9. Ongoing Monitoring: Continuously monitor customer accounts and transactions for any changes in behavior or risk factors. Regularly update customer information and conduct periodic reviews to ensure the source of funds remains legitimate over time. 18 | P a g e How do you ensure compliance with AML and KYC regulations in your day-to-day activities 1) Adhere to internal policies and procedures established by the institution. 2) Conduct thorough customer due diligence and maintain up-to-date customer records. 3) Continuously monitor customer transactions for suspicious activities. 4) Report any suspicious transactions promptly to the appropriate authorities. 5) Stay updated on regulatory changes and attend regular training sessions to enhance knowledge of AML/KYC practices. 6) Foster a culture of compliance and ethical behavior within the organization. How do you ensure that your AML/KYC processes are up to date with changing regulations? Review regulatory updates, guidelines, and industry best practices. Additionally, participate in training programs, attend conferences or seminars, and engage in knowledge-sharing with industry peers. How do you assess the risk level of a customer during the KYC process? Evaluating factors such as their geographic location, nature of business, source of funds, expected transaction volume, and past financial behavior. This risk assessment allows financial institutions to categorize customers as low, medium, or high risk. The steps you would take if you suspected a customer's involvement in money laundering activities. Follow the institution's established protocols, which typically include: 1) Documenting and preserving all relevant information and evidence. 2) Reporting the suspicious activity to the institution's designated AML officer or compliance department. 3) Coordinating with the AML officer to file a suspicious activity report (SAR) with the appropriate regulatory authority or Financial Intelligence Unit (FIU). 4) Cooperating with law enforcement or regulatory agencies during investigations, if required. How do you ensure the privacy and confidentiality of customer data while conducting AML/KYC processes? 1) Adhering to data protection laws and regulations. 2) Limiting access to customer information only to authorized personnel on a need-to-know basis. 3) Utilizing secure systems and technologies to store and transmit sensitive data. 4) Conducting regular audits to identify and address any vulnerabilities in data security. An example of how you have effectively identified and prevented a potential money laundering risk? In a previous role, I encountered a customer whose transactions showed sudden, significant increases in cash deposits. Upon further investigation and analysis of the customer's source of funds, it became apparent that the customer's declared income did not align with the deposited amounts. Recognizing this as a potential money laundering risk, I promptly escalated the case to the compliance department, providing all relevant evidence and documentation. As a result, the institution initiated enhanced due diligence procedures, which ultimately led to the identification and prevention of a money laundering scheme. 19 | P a g e The key differences between trust companies, holding companies, and foundation companies: Feature Trust Company Holding Company Foundation Company Manage and hold assets for a Manage and hold assets for the Own and control shares in other specific charitable or philanthropic Purpose benefit of beneficiaries companies purpose Can be owned by individuals, Can be owned by individuals, Ownership corporations, or other entities corporations, or other entities Cannot have shareholders Trustees have control over the Shareholders have control over the Council or board of directors has Control assets of the trust holding company control over the foundation Generally considered to be pass- Can be taxed as a corporation or as a Taxation through entities for tax purposes pass-through entity Generally exempt from income tax Regulation Regulated by trust law Regulated by corporate law Regulated by foundation law Here is a brief explanation of each type of entity: 1) Trust companies are financial institutions that manage and hold assets for the benefit of beneficiaries. Trusts can be used for a variety of purposes, including estate planning, asset protection, and charitable giving. Trust companies are regulated by trust law, which is a body of law that governs the creation, administration, and termination of trusts. 2) Holding companies are companies that own and control shares in other companies. Holding companies can be used for a variety of purposes, including consolidating ownership of multiple businesses, reducing tax liabilities, and raising capital. Holding companies are regulated by corporate law, which is a body of law that governs the formation, operation, and dissolution of corporations. 3) Foundation companies are non-profit organizations that manage and hold assets for a specific charitable or philanthropic purpose. Foundation companies are typically funded by donations from individuals, corporations, or other foundations. Foundation companies are regulated by foundation law, which is a body of law that governs the creation, operation, and dissolution of foundations. Free Zone KYC documents: Certificate of Incorporation: proves that the company is legally registered in the free zone. Memorandum of Association (MOA): This document outlines the company's purpose, objectives, and powers. Articles of Association (AOA): This document sets out the company's internal rules and regulations. Share Certificate: This document proves the ownership of shares in the company. Proof of Identity and Address: copies of passports, driver's licenses, utility bills, or bank statements. Bank Reference Letter: This letter from the company's bank confirms the company's good standing and financial stability. Business Plan: This document outlines the company's business model, target market, and financial projections. Source of Funds: This document explains the origin of the company's funds. Proof of Residency: This may include copies of residency visas, utility bills, or lease agreements. Utility Bills: This may include copies of electricity, water, or gas bills. Tax Registration Certificate: This document proves that the company is registered for taxes in the free zone. 20 | P a g e What is the meaning of Due Diligence? Due diligence refers to the process of thorough investigation and analysis conducted before making a decision or entering into a business arrangement. It involves gathering and evaluating relevant information to assess potential risks, liabilities, and potential benefits. The goal of due diligence is to make informed decisions that minimize risks and maximize opportunities. What are the main components of an effective AML/ KYC program for DPMS? 1) Risk Assessment: Conduct a thorough risk assessment to identify and prioritize money laundering risks associated with DPMS activities. 2) Customer Due Diligence (CDD): Implement robust CDD procedures to verify the identity and beneficial ownership of clients. 3) Enhanced Due Diligence (EDD): Apply EDD measures for higher-risk clients or transactions. 4) Suspicious Activity Reporting (SAR): Establish clear procedures for identifying and reporting suspicious activities to the relevant authorities. 5) Recordkeeping and Monitoring: Maintain accurate and up-to-date records of CDD and EDD documentation. 6) Sanctions Screening: identify and block transactions involving sanctioned individuals or entities 7) Training and Awareness: ongoing training to staff on AML/KYC policies, procedures, and red flags. 8) Management Oversight: regular reviews of the program's effectiveness and ongoing risk assessments. 9) Third-Party Relationships: Conduct due diligence on third-party partners and service providers to ensure they have adequate AML/KYC controls in place. 10) Independent Testing: independent auditors or consultants to conduct regular reviews of the AML/KYC program's effectiveness and compliance with regulatory requirements. 21 | P a g e Short Things About OFAC Mission : The Office of Foreign Assets Control (OFAC) of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States. OFAC acts under Presidential national emergency powers, as well as authority granted by specific legislation, to impose controls on transactions and freeze assets under US jurisdiction. Many of the sanctions are based on the United Nations and other international mandates, are multilateral in scope, and involve close cooperation with allied governments. OFAC sanctioned countries 📍Iran 📍Syria 📍Cuba 📍N. Korea 📍Sudan As per OFAC body, these countries are most vulnerable to money laundering & terrorist financing activities. Thus OFAC has imposed all kind of sanctions on them. It means no other country or entity/individuals should deal with OFAC sanctioned countries. If they deal, it will be an OFAC violations & OFAC body will take necessary actions. 22 | P a g e COMPLIANCE MANAGER- Al Aya Gold LLC. Designed & implemented compliance policies & procedures. Ensure that the company complies with all legal regulations and ethical standards. Conducts regular assessments to determine whether policies are compliant with the law. Coordinating and conducting internal investigations into compliance issues. Assess and identify potential risks within the company, develop proposals for dealing with and avoiding compliance risks. Trains and educates staff so that they are informed of any legal changes and updates to compliance guidelines. Review of GO AML Reporting and SAR/ STR Reporting Conducting Internal Audit Liaison with the regulators on matters concerning compliance with the regulatory requirements. Review and provide approval for onboarding customer and suppliers. Provision of approval on review of screening for Sanction Concerns and PEP Concerns Ensure proper Record keeping is maintained in the company for Onboarding, Due Diligence, Screening etc. Conduct Transaction Monitoring of customers and suppliers periodically Review and Risk Grade customer and suppliers based on the Risk categorization based on the over all review of the customer. Perform Duties of MLRO Conduct Review on responsible sourcing of precious metal for customers and abide by OECD Guidelines. 23 | P a g e 24 | P a g e 25 | P a g e 26 | P a g e