NNPC Limited Due Diligence Processes & Procedures PDF
Document Details
Uploaded by ReplaceableSalmon
null
Tags
Summary
This document outlines NNPC Limited's due diligence processes. The document covers an array of topics including general integrity review, beneficial ownership, sanctions, and identifying politically exposed persons. It also delves into contingency measures for business relationships.
Full Transcript
3.0 Due Diligence Focus 3.1 General Integrity Due Diligence Every due diligence conducted by NNPC Limited shall include a Level A general integrity review (as explained in Section 2.2) of any counterparty or customer in accordance with recognized KYC principles. Such general integrity review shall...
3.0 Due Diligence Focus 3.1 General Integrity Due Diligence Every due diligence conducted by NNPC Limited shall include a Level A general integrity review (as explained in Section 2.2) of any counterparty or customer in accordance with recognized KYC principles. Such general integrity review shall comprise the following non-exhaustive areas: i. Beneficial Ownership and Business Rationale: Any counterparty or beneficial owner(s) shall be identified, and the identity verified through reliable and independent sources. In addition, reasonable measures shall be taken to assess the purpose and economic rationale of the counterparty’s dealings with NNPC Limited. This will be done to determine that NNPC Limited is conducting business with a credible counterparty to prevent involvement with structures or networks set up for the money laundering, financing terrorism, tax evasion, or any other illegal activity. ii. Sanctions: Sanctions imposed against individuals and entities involved in fraud, corruption, terrorism, human rights violations, money laundering, terrorist financing, tax evasion amongst other things, shall be reviewed. The purpose of the review is to identify whether a counterparty, beneficial owner, or any member of the board of directors or senior management of the counterparty, are included on a sanctions list. iii. Criminal charges: All reasonable measures shall be taken to identify any criminal charges or convictions as well as ongoing investigations for serious wrongdoings, including but not limited to prohibited practices, offences related to labour laws, taxation or social security contributions, professional misconduct, human rights violations or conduct related to Page 123 of 347 NNPC Limited Due Diligence Processes and Procedures a criminal organization by the counterparty, a beneficial owner, or any member of the board of directors or senior management of the counterparty or a beneficial owner. iv. Politically Exposed Persons (PEPs): All reasonable measures shall be taken to identify any Politically Exposed Persons linked to the counterparty or the relevant NNPC Limited activity. v. Contingency Measures: NNPC Limited shall, from the outset of any business relationship, forecast how long the relationship may possibly last, and map out contingency plans on exit therefrom. This review will consist of identifying exit risk indicators and assessing possible contingency measures. The purpose is to determine that the risks that may have a negative operational, legal and financial impact on NNPC Limited, are identified on time. The above assessment shall identify red flags, if any, and may then prompt the need for enhanced due diligence measures. Refer to sections 2.2, 2.3 and 2.4 below, for the details of the procedures for performing employee due diligence, customer due diligence and thirdparty due diligence. 3.1.1 Regulations Depending on the type and nature of the specific NNPC Limited activity being considered, relevant regulatory compliance areas shall be assessed, as well as the internal policies and controls of any counterparty. Regulations S/N 1. Description AML/CFT Page 124 of 347 NNPC Limited Due Diligence Processes and Procedures Regulations Any counterparty’s regulatory and/or compliance history shall be assessed, including any incidents of weak controls or poor implementation of AML/CFT systems, and the counterparty’s response to questions related to AML/CFT. Recommendations from FATF shall be taken into consideration in the assessment. 2. Policies and safeguards Depending on the nature and type of NNPC Limited activity with the counterparty, the safeguards, policies, and procedures of the counterparty should be reviewed and assessed to ensure compatibility with relevant policies. 3.1.2 Risk Classifications Following the general integrity review described above, the Business Units, as the first line of defense, shall assess the risk arising from any identified risk indicator or gap in information in accordance with section 2.1 above. The Business Units are responsible for keeping record of the identified risk indicators, any mitigating measures undertaken, and the conclusions reached. The Business Units shall keep these records for a period between 5 to, and in the designated formats and systems, as established internally in coordination with GRC. Mitigating Measures In the event of an identified risk, the following non-exhaustive mitigating measures could be applied: Page 125 of 347 NNPC Limited Due Diligence Processes and Procedures Inclusion of relevant contractual obligations or representations and warranties in the agreement with the Counterparty. Revision of relevant internal policies of the Counterparty. Reporting or audit requirements. Additional AML/CFT controls to be put in place by the Counterparty. Possible removal of individual(s) from decision-making process related to the NNPC Limited activity. 3.1.3 Engaging multiple counterparties. Enhanced Due Diligence If the integrity review in accordance with Section 2.1.2 indicates a Medium Risk, an EDD review shall be carried out by the GRC team or an external provider. The same applies if there are weighty justifications for proceeding with a counterparty, despite an indication of High Risk in the initial IDD review. The scope of EDD shall be determined on a case-by-case basis and consists of gathering additional information regarding the identified risk indicators. Additional information regarding the relevant risk indicator(s) shall be collected amongst others, by requesting information directly from the counterparty, requesting information from independent sources and/or through an external service provider with relevant expertise, or by reviewing the counterparty’s anti-corruption or KYC-related policies. Once the EDD is completed, the risk shall be re-assessed, and a final risk rating shall be established. The final Risk Rating may be Low, Medium, or High (as described in Section 2.1). If the final risk rating is determined as High/Medium after EDD, the Counterparty may be required to introduce measures to avoid, minimize or manage the risks and/or NNPC Limited shall Page 126 of 347 NNPC Limited Due Diligence Processes and Procedures ensure inclusion of relevant clauses to minimize its exposure to the counterparty. 3.2 General Integrity Due Diligence Pre-employment screening and post-employment screening are to be carried out on potential or current employees of NNPC Limited. 3.2.1 Pre-employment Screening For recruitment into NNPC Limited, pre-employment screening is to be performed. To perform this screening for potential or new employees, the following must be provided: i. Proof of the identity through a valid identification document such as international passport, national identity number, driver’s license. ii. Proof of academic qualification by requesting to sight original copies certificates or other academic records. iii. Proof of work experience, evidenced by a well-documented Resume/CV or other references or referee reports. Prior to hire or confirmation, potential, new or current employees as the case may be, are to be subject to satisfactory reference, background, integrity and criminal records checks by the Company’s HR function (Level A). These checks may be outsourced to an external provider. For employment into high-risk positions within NNPC Limited, more stringent checks or full background checks (Level B or C) to confirm whether such persons have been subjects of regulatory, court or legal actions, has criminal records, or lived in high-risk countries, shall be conducted to prevent future public scrutiny or damage to the Company’s reputation. Page 127 of 347 NNPC Limited Due Diligence Processes and Procedures 3.2.2 Promotions For existing employees being considered for promotion to high-risk positions, promotion into management cadre within the Company, NNPC Limited shall also apply similar stringent checks (due diligence recertification). Employees are to immediately notify the HR function of any changes to the details submitted in the course of their employment. 3.3 Customer Due Diligence (CDD) Based on information provided by the customer as well as the information obtained from other available sources during compliance checks (general integrity review), existing or prospective customers of NNPC Limited are classified into one of three categories, depending on the assessed level of risks possibly associated with business relationship with such customer – Low Risk, Medium Risk and High Risk. The basis of risk-classification is as set out at section 2.1 above. Enhanced due diligence must be conducted on all customers identified as medium to high risk prior to any business transaction. This will include, but is not limited to, verification of the nature and purpose of the business, riskbased identity checks and watchlist screening of owners and directors, amongst others. Due diligence should be conducted for customers in existing contracts throughout the relationship with the customer once in two years. Higherrisk customers may be recertified more frequently and on a need basis. Where a relevant person notices any suspicious conduct or has reasonable cause to believe that a potential client is engaging in money laundering or Page 128 of 347 NNPC Limited Due Diligence Processes and Procedures terrorist financing and the business connection has not yet developed, an internal disclosure must be made. The rule applies regardless of the kind of potential customer. For new business relationships or frequent transactions, the relevant unit should establish, record, maintain and operate procedures and controls in respect of new customers or occasional transactions which cover the following: identifying the customer. verifying the identity of the customer using reliable, independent source documents, data or information. verifying the legal status of the customer using reliable, independent source. obtaining information on the nature and intended purpose of the business relationship; and take reasonable measures to establish the source of funds. 3.4 Third Party Due Diligence NNPC Limited may be held liable for the acts of their counterparties, other third parties or entities that has some form of business relationship with the Company. Therefore, before commencing business relationships with third parties, NNPC Limited shall conduct due diligence on that potential third and shall take active steps to ensure that potential corruption risks associated with the business relationship are responsibly evaluated and subsequently managed. This policy sets out the minimum required due diligence procedure for doing business with certain third-party service providers and suppliers. Page 129 of 347