Westpac NZ Customer Due Diligence Exception Guidelines PDF
Document Details
Uploaded by AdmirableConnemara
Tags
Related
Summary
This document provides guidelines for handling Customer Due Diligence (CDD) exceptions at Westpac NZ. It details the process for requesting and approving exceptions for various circumstances where standard CDD procedures may not be applicable.
Full Transcript
Page 1 of 16 Classification: PROTECTED Customer Due Diligence – Exception Guidelines 1. Overview 1.1 Background The Positively Identify Customer Policy (PIC Policy) sets out policies adopted by Westpac NZ entities regarding their approach to conducting Customer Due Diligence (CDD)....
Page 1 of 16 Classification: PROTECTED Customer Due Diligence – Exception Guidelines 1. Overview 1.1 Background The Positively Identify Customer Policy (PIC Policy) sets out policies adopted by Westpac NZ entities regarding their approach to conducting Customer Due Diligence (CDD). It is the primary reference for staff in understanding their obligations in conducting CDD on Customers and Occasional Transactors (OT). Westpac NZ is required to have an appropriate CDD exception procedure in place in line with the Identity and Verification Code of Practice. The CDD Exception Guidelines (the Guidelines) apply where a Customer, Beneficial Owner or Person Acting on Behalf (together, Customers) is not able to provide verification documentation which aligns with the requirements of the PIC Policy including: Identity verification documentation (IDV); and Address verification documentation (ADV); and Source of Funds or Wealth documentation (SFW) Copy documentation not appropriately certified. The Guidelines cannot be applied to IDV for an individual who is considered high risk and requires Enhanced CDD or for an Occasional Transactor. 1.2 Escalation to Delegated, Level One and Level Two Approvers Once determined that an exception approval is required, the appropriate content must be included in the request that outlines specifically what the request is for and why. All exception requests must include at a minimum: Full Name and CRS Number Document(s) that require the exception approval, clearly labelled Supporting rationale as to why an exception is being sought Background information including history of steps or interactions to date Where a Delegated Approver is unable to approve under their delegation, the request should be escalated to a Level One Approver. If the Level One Approver is unable to approve the exception, then they will escalate to a Level Two Approver. All approvals must be done within the scope and remit outlined in the Guidelines. 1.3 Criteria for Delegated and Level One Approver responsibility Level One Approver status is earned after completing training and assessment period provided by the Financial Crime Policy & Advisory (FCM P&A) team and is tracked in the Register of CDD Exception Approvers. A list of current Level One Approvers is available here. Delegated Approver Status currently only applies to IBB roles approved by the Senior Manager Client Services, Senior Manager, Compliance Risk, IBB, or the Senior Manager, Operational Excellence, IBB, with oversight from Financial Crime. Page 2 of 16 Classification: PROTECTED For CB&W & BT Funds, Delegated Approver authority transfers to the Level One Approvers. For the avoidance of doubt, Branch Managers, Assistant Branch Managers, Know Your Customer (KYC) Support team members and other Managers (including equivalent roles in other Business Units) are not considered Level One Approvers by default. Refer to the published register of names above for the current list of Approvers. 1.4 Register of CDD Exception Requests All Level One and Level Two Approvers will maintain their own register in their Business Unit to record all CDD exception requests. The register must, at a minimum, contain the: date; full name of customer the exception relates to; CRS number; staff member requesting the exception; Approver name; decision made; and detailed rationale for the decision. Business units with Delegated Approvers will maintain their own list of Approvers and registers to record all exception requests, in line with the minimum criteria above. 1.5 Customer risk It is important to take a holistic approach when considering whether to grant an exception or not. CDD is a core component in Westpac meeting its Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) requirements. While all Customers are risk rated (requiring either Simplified, Standard or Enhanced CDD), there are other factors to take into account when considering AML/CFT risk. Knowing who a customer is and what type of transactional activity may be expected is key to understanding Financial Crime risks associated with a customer including AML/CFT and Fraud. It is at the Approver’s discretion whether to provide an exception or not, after considering the level of risk associated. Where the level of risk is considered high, escalation to a Level Two Approver is required, unless the scenario is specifically covered in this document. Examples of additional factors that may impact the level of risk are listed below. The level of risk associated with the transaction the customer is seeking to undertake: Does the transaction favour anonymity (e.g. cash)? Does it involve the international movement of funds (e.g. Telegraphic transfer)? Is there any sign of rapid movement of funds either between accounts or banks (including where third parties are involved)? The customer’s banking history and any previously collected CDD information: Duration of the Customer’s relationship with Westpac? Is there any photo ID on file to match the new document against? Does the customer have a history of requesting exceptions? Are there any warning codes on their profile? Refer to NZLO, Your Story, Nature & Purpose, and other relevant notes or systems to understand if the transaction is in line with our knowledge of the customer, their occupation or industry and how they will use the account. The reasonableness of the customer’s request: Why can the customer not provide documentation in line with PIC Policy? Have all avenues been exhausted prior to the exception request? For Source of Funds or Wealth, is there anything more that Westpac could reasonably request to verify the information provided by the customer? Page 3 of 16 Classification: PROTECTED Is the information provided from an independent and reliable source? The above factors should be considered at a minimum prior to providing any exception. Additional considerations should be taken into account, for example: Any supporting documentation provided with the proposed Non-Standard Documentation The reliability and independence of the Non-Standard Documentation’s source Whether the request includes a Sanctioned or Higher Risk country such as a country where there is insufficient AML/CFT legislation and controls Consider if input from Financial Crime Management team is required 1.6 Documentation requirements Prior to sending a request for a CDD exception, some checks should be undertaken on the document provided. The Non-Standard Documentation must: Appear to be genuine, applying the usual standards of professional judgement Be whole, with all text and images present, and in good physical condition i.e. it must be legible and not damaged or defaced Align with the individual who is presenting it, matching their likeness to the photograph on the document. Signature match should also be used where the ID document has a signature on it Be consistent and correct in terms of all the Customer’s personal details – name (including spelling and with appropriate verification of any changes), date of birth, place of birth and signature where available Be original documents or copies certified in accordance with the PIC Policy (refer to PIC Policy for document certification criteria) Be in English or accompanied by an English translation prepared in accordance with approved translation rules (refer to PIC Policy for translation criteria). Note: If a customer has no CDD documentation or Westpac is unable to verify shareholder/beneficial ownership, the Delegated and Level One approval option does not apply and an escalation to Level Two approval is required. 1.7 Financial Inclusion Westpac takes financial inclusion seriously. Where a customer is unable to meet the requirements in PIC Policy and/or the guidelines, an escalation to Level Two should be considered, particularly where the customer qualifies as requiring extra care or a lack of exception is likely to unduly limit their access to the banking system. Level Two will consider all such exceptions on a case-by-case basis, unless expressly prohibited by these guidelines. Please refer above for the escalation flow. Page 4 of 16 Classification: PROTECTED 2. Identity Verification Level One or Level Two approval may be provided as outlined in the table below for Individual Customers who are Low or Medium risk customers. Any ID exceptions for an individual who is high risk (requires Enhanced CDD) are prohibited. When deciding whether to accept any specific documents or combination of documents in the table below, the Level One and Level Two Approvers will also give consideration to any supporting documents accompanying the identity verification documents e.g. a supporting letter from an independent and reliable source. Rationale must be clearly documented and outlined in the relevant exception register. Questions that help determine customer risk, and whether ID is reliable and accurate, include: Can the photograph still be relied upon to be a valid likeness of the individual presenting when considering the time elapsed since it was taken? What is the impact upon not accepting the expired ID in terms of financial inclusion? Does a diary note record why an individual presenting expired ID does not have access to another form of valid ID? (i.e. a Driver’s Licence, KiwiAccess/18+ card, physical impairment) Has the individual with expired ID have other supporting forms of identification? Is the individual a long-term customer, or are they seeking a new business relationship? What is the customer’s risk level? For the avoidance of doubt, the definition of an Extra Care Customer can be located by searching on KnowHow. If you are unsure and require further guidance, please contact [email protected]. Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Expired New Zealand or Overseas Passport (includes National Identity Cards, or equivalent.) An identity document issued by the New Zealand Government, a Foreign Government or the United Nations for the purpose of international travel. This can include a previously sighted passport that has since expired (where the customer is unable to provide a physical copy). NB: Expired Emergency Travel documents are excluded for an exception approval due to their temporary nature. Passports with an extended expiry date granted by a Passport Officer do not need Level One Approval. Picture on document must match the person presenting the document. Can approve up to 5 years expired. Picture on document must match the person presenting the document. Can approve up to 10 years expired. NB: If customer is extra care and unable to sign, L1 can apply discretion to accept unsigned. This must also be documented in the approval. In all other circumstances, passport must be signed. Discretion to accept above L1 authority in extenuating circumstances Page 5 of 16 Classification: PROTECTED Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Expired New Zealand or Overseas Refugee Travel Documents (Includes Certificates of Identity, Refugee Travel Documents & overseas equivalents.) An identity document issued by the New Zealand Government, a Foreign Government or the United Nations for the purpose of international travel where an individual has refugee status or is unable to obtain a passport issued by their country of citizenship. This can include a previously sighted passport that has since expired (where the customer is unable to provide a physical copy) NB: Emergency Travel documents are excluded due to their temporary nature. Picture on document must match the person presenting the document. Can approve up to 5 years expired. Picture on document must match the person presenting the document. Can approve up to 10 years expired. NB: If customer is extra care and unable to sign, L1 can apply discretion to accept unsigned. This must also be documented in the approval. In all other circumstances, passport must be signed. Discretion to accept above L1 authority in extenuating circumstances Expired NZ Drivers Licence Due to Covid related issues, the New Zealand Transport Authority (NZTA) has issued extensions to licenses in some limited situations. Please refer to their website for further information as these may not require an exception. This can include a previously sighted New Zealand Driver Licence that has since expired (where the customer is unable to provide a physical copy. The following will be accepted with the expired NZ Driver Licence: a credit, debit or EFTPOS card, with name on it, not expired and signed. a bank statement issued in the preceding 12 months a document issued by a government agency to the customer in the preceding 12 months e.g.IRD Statement Please note that the above options (credit, debit or EFTPOS card, bank statement or document issued by Government agency) can all be used in conjunction with a valid NZDL that cannot be verified through Motorweb. No exception approval is required in this instance. NB: A NZDL cannot be used as both identity and address verification. Picture on document must match the person presenting the document. Can approve up to 5 years expired. Picture on document must match the person presenting the document. Can approve up to 10 years expired. Discretion to accept if more than 10 years expired or the customer is not able to present a supporting document. Page 6 of 16 Classification: PROTECTED Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Overseas Drivers Licences (Includes international driving permits) A photo-identity Driver Licence issued by countries other than New Zealand and used to show that the owner has permission to drive on the roads of that country. Either current or expired. Must be accompanied with another form of primary non- photographic ID or a Supporting Document as per PIC Policy. NB: An Overseas Drivers Licence cannot be used as both identity and address verification. N/A Can approve up to 5 years expired. Discretion to accept if more than 5 years expired, or if the customer is unable to provide another form of non- photographic ID. NZ Signed Court Orders (Includes Enduring Power of Attorney (EPOA)) Any NZ signed Court Order or EPOA For use where Customer’s identity documents are not available. Otherwise, will be used with another form of identity verification – photographic or non-photographic from the PIC Policy or the Guidelines. NB: The document can be provided either by the customer, their attorney or their solicitor. N/A Discretion to approve for Extra Care Customers only. NB: A Te Whatu Ora - Health NZ (formerly DHB) letter will also be accepted, if the customer has not yet been granted an NZ Court Order. Discretion to accept as both identity and address verification. Credit, Debit or EFTPOS Card A card issued under a recognised card scheme (e.g. VISA, Mastercard) for the purchase of goods or services. Examples include: Westpac card – a Low Interest MasterCard, a hotpoints Credit Card, or Debitplus Visa. Another bank’s card – a Scheme debit card, Visa, MasterCard, American Express, or Diners Club International. Must have customer’s name, a matching signature and must be current (i.e. not expired). May be used as a supporting document only. N/A Yes – together with another form of photographic identity verification (as listed in the PIC Policy, can be expired). N/A Document issued by a Government Agency (Includes SuperGold Card, Community Services Card and/or other form of NZ Govt issued heath or welfare card) NB: Refer to Document issued by the Department of Corrections below for exceptions relatin g to prisoners. The document must, at a minimum, contain the person’s name and signature. Use with another form of identity verification – photographic or non-photographic from the PIC Policy or the Guidelines. May be used as a supporting document only. Can approve up to two years expired with supporting documentation. Discretion to accept if more than two years expired with supporting documentation. Discretion to approve where only a SuperGold card/CSC and no other documentation or where unsigned. Page 7 of 16 Classification: PROTECTED Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Name Change Documents (Includes NZ Marriage Certificate, NZ Name Change certificate and NZ Civil Union Certificate) An official document issued by the Department of Internal Affairs containing registered information about a person's name change, marriage, or civil union. Can be used as Primary non – photographic identification to update a customer’s name where they have no ID in their new name or to link their previous name/profile to their new ID. NB: Name Change refers to where there is a difference in either first or last name across multiple documents. No exception is required for nicknames, initials or preference to use one name over another as long as all names are present on the customer’s ID document and their profile is set up in their full legal name. In these cases, a diary note outlining the situation should suffice. A statutory declaration or solicitor’s confirmation can also be requested where required for non-CDD purposes e.g. lending/securitisation. N/A Yes – together with another form of identity verification (as listed in the Positively Identify Customer Policy or the Guidelines). N/A NZ Firearms Licence A NZ Firearms Licence is an official document issued by the NZ Police to people who are permitted to possess, deal or use firearms. Can be used as primary photographic identification. NB: Where a Firearms Licence was issued after 31 March 2021, the licence is not required to be signed and can be accepted without a signature match. Can approve up to two years expired with signature match, if applicable. Can approve up to five years expired with signature match, if applicable. Discretion to accept if more than five years expired and signature match if applicable. Armed Forces ID Card Issued to non-civilian NZ Defence Force staff. May be used as a supporting document only. Must be accompanied by a Primary Non-Photographic ID document. N/A Yes, as supporting document – if current or expired within the last two years, with signature match. Discretion to accept if more than two years expired. Blind Foundation ID Card A card issued by the Royal New Zealand Foundation for the Blind to members who are blind or have low vision. May be used as a supporting document only. Must be accompanied by a Primary Non-Photographic ID document. N/A Yes, as supporting document – if current or expired within the last two years with signature match. Discretion to accept if more than two years expired. Page 8 of 16 Classification: PROTECTED Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines NZ Police Force ID Card A photo-identity card issued by NZ Police to its staff. The card confirms the owner’s employee ID and status as a member of NZ Police. May be used as a supporting document only. Must be accompanied by a Primary Non-Photographic ID document. N/A Yes, as supporting document – if current or expired within the last two years with signature match. Discretion to accept if more than two years expired. Documents issued by the Department of Corrections An ID document issued to a customer who is serving a prison sentence by the NZ Department of Corrections. The customer may be preparing for release from prison or be requiring access to funds while still in custody. Common examples of these documents are: Personal Identity Profile Personal Identification Record Steps to Freedom Letter Prisoner Identification Report N/A The Personal Identity Profile & Personal Identification Record documents can be approved by Level One if received in conjunction with another form of Primary Non-Photographic Identification such as a Birth Certificate. NB: Refer to Level Two to discuss if you have questions about the risk profile of the prospective customer. Discretion to approve Steps to Freedom Letter or Prisoner Identification Report based on a review of accompanying identification documents and the prisoner risk profile. Letter from Oranga Tamariki Where a young person (generally between the ages of 0 – 17) is in the care of Oranga Tamariki, they may not be able to provide ID verification in line with PIC policy requirements. In these instances, a letter from Oranga Tamariki stating the customer’s name and that they are in the care of Oranga Tamariki, may be accepted as a form of ID. NB: Any such instances should be escalated to Level Two immediately, with Level One support. N/A N/A Discretion to approve where normal ID requirements cannot be met e.g., the customer can only provide a birth certificate and letter from Oranga Tamariki. Page 9 of 16 Classification: PROTECTED Non-Standard ID Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Letter from Domestic Violence Service Provider Where a customer is escaping domestic violence, they will often need to open a new bank account and may not have been able to take any forms of ID with them. In these situations, a letter from a domestic violence service provider (such as Women’s Refuge or Shine etc.) may be accepted as a form of ID. The letter must state: the customer’s full name; Date of Birth; and that the customer is in the care of the provider. NB: Any such instances should be escalated to Level Two immediately, with Level One support. N/A N/A Discretion to approve where normal ID requirements cannot be met e.g., the customer can only provide a birth certificate and letter from Women’s Refuge. 3. Address Verification Documentation If a customer cannot provide address verification that meets the requirements of Appendix Two of PIC Policy, an exception can be sought to use non-standard address verification (non-standard ADV). Non-Standard ADV exceptions can be provided for customers requiring both standard and enhanced CDD as outlined in the table below. When considering whether to grant an exception, consider: What supporting documentation has been provided to accompany the non-standard ADV? Is the document from an independent and reliable source? Does the document include the customer’s name, address, date and unique reference number (where applicable)? Level One Approvers should seek guidance from Level Two where address verification from an independent or reliable source is not available, or if additional guidance is required. Rationale must be clearly documented and outlined in the relevant exception register. For Minors, their parent or legal guardian’s address verification can be used where the physical address for both the minor and the parent or legal guardian is the same. Page 10 of 16 Classification: PROTECTED If the parent or legal guardian is an existing Westpac NZ customer who has valid ADV on file, it is acceptable to use a current dated Westpac printout scanned to the minor’s profile. If you are unsure and require further guidance, please contact [email protected]. NB: Document Date - If a document is required to be dated “within the last 12 months” this may be calculated as follows: If today is 1 May 2022, the document may be dated from 1 May 2021, onwards. Non‐Standard Address Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Correspondence from a foreign government agency Correspondence provided by an overseas government agency that includes: Customer name Address Date An online search to confirm the sender is a government agency must also be conducted. If the document is in another language, this must be translated to English, in line with PIC Policy requirements. Can approve when dated within 12 months. Can approve when dated within 2 years. N/A White Pages A printout or screenshot of the White Pages webpage, showing the customer’s current personal address information. N/A Can approve. L1 Approver must conduct search of White Pages themselves and ensure evidence (including date of search) is scanned to the customer’s profile. N/A Document outside the PIC Policy validity period Any of the address verification documents listed in PIC Policy (Appendix Two) that are dated outside the stated validity period. The document provided must meet all other requirements outlined in the PIC Policy, aside from the date. This exception must only be used where there is no up to date documentation that is in line with PIC Policy. N/A N/A Discretion to accept based on the circumstances and consideration of all other information provided by the customer. Letter from an Employer Includes an offer of placement, contract or other letter from the customer’s employer. PIC Policy requires such documents to be signed and dated by both the employee and the employer and on company letterhead. In certain instances, this may not have occurred. The document must still contain the customer’s name and residential address. N/A Discretion to accept if the document is either unsigned or not on letterhead. NB: A letter does not qualify for an exception where it is both unsigned and not on letterhead. N/A Page 11 of 16 Classification: PROTECTED Non‐Standard Address Verification Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Other Any other documentation that does not fall within PIC Policy or any of the above categories. The document must still contain the customer’s name, address, date of issue, and issuer details. This section should also be used where the customer is unable to provide any address verification due to their current situation. N/A N/A Will consider based on other CDD verification provided as well as details surrounding specific circumstance of the customer and the level of ML/TF associated. 4. Source of Funds or Wealth Documentation If a customer cannot provide Source of Funds or Wealth (SFW) verification that meets the requirements of Appendix Three of PIC Policy, an exception can be sought to use non-standard address verification (non-standard SFW). Non-Standard SFW exceptions are only required for customers who require Enhanced CDD to be completed. NB: Individual customers who require SFW are not eligible for exceptions relating to their ID verification. When considering whether to grant an exception, consider: What supporting documentation has been provided to accompany the non-standard SFW? Is the document from an independent and reliable source? Does the document support the information the customer has provided around how they generate their funds/wealth? Is there any other documentation we could reasonably expect the customer to provide? Are there any indications of attempts to obscure the source of funds or wealth? Rationale must be clearly documented and outlined in the relevant exception register. If you are unsure and require further guidance, please contact [email protected]. Page 12 of 16 Classification: PROTECTED Non‐Standard SFW Document Requirements Delegated Approver Guidelines Level One Guidelines Level Two Guidelines Source of Funds or Wealth ‘other’ category Based on the customer conversation regarding SFW, the ‘other’ category may be used if the SFW document does not meet any of the categories outlined in Appendix Three of PIC Policy. The SFW documents presented must be independent, reliable, and must take reasonable steps to verify the accuracy of the information provided. If there are doubts about the veracity of the documentation provided, further information must be sought prior to an approval being provided. N/A Use of this category requires Level One approval. If there are any doubts whether the document meets the ‘other’ category requirements, seek guidance from Level 2. N/A Source of Funds or Wealth where the requirements are not met in PIC Policy. To be used when the SFW documents presented are not in line with the category requirements in PIC Policy N/A Level One can only approve SFW where it meets the requirements set out in the ‘other’ category. Discretion to accept all other exceptions to SFW where the requirements are not met as stipulated in PIC Policy. Page 13 of 16 Classification: PROTECTED 5. Agreed exceptions (BU Specific) The below exceptions have been agreed between the Financial Crime Management P&A team and specific business units to address particular situations as outlined below. Any deviation from the information documented below must not occur without seeking approval from the FCM P&A team. Agreed exception Requirements Who can approve? Additional information COL User ID Exception This exception allows Australian and Pacific Corporate Online (COL) users who have no other relationship with Westpac NZ (i.e., they are not a customer themselves, a beneficial owner or person acting on behalf of any other customer) to be onboarded using a current Australian Driver’s Licence as ID verification. All other PIC Policy requirements (e.g., original document sighted by staff or certified as per PIC Policy) must still be met. NB: If the COL user already has a relationship with Westpac NZ directly or holds any other ID outside PIC Policy (excluding an Australian Driver’s Licence), this must be escalated to a Level One approver for consideration. IBB staff only (including those that are not Delegated/Level One Approvers. Ensure all requirements as outlined are met before approval is provided. Anything that falls outside the requirements listed must be referred to a Level One Approver for consideration. Use of formal proof of death documents In certain circumstances, the Estate Management team will need to sight ID against a deceased customer’s profile. The document must come from an official source (e.g., a document issued by the Department of Internal Affairs or a letter from a law firm or trust company managing an estate). This exception is limited to the processes undertaken by the Estate Management team and does not change CDD requirements for the executor(s) of an estate. Level One Approvers within the Estate Management team only. Original document must be provided. If not, a certified copy, in line with PIC Policy requirements, must be obtained. Extra Care team – delayed verification Where a customer is referred to Westpac from a Family & Domestic Violence advocacy group (e.g., Shine, Women’s refuge etc.), accounts can be opened using delayed verification, without obtaining CDD upfront if it is not available. Delayed verification can be used for a maximum 120 calendar days with a T warning placed at customer level Level One Approvers within the Extra Care team only. If longer than 120 days is required, or no L1 approver is available in the Extra Care team, an escalation to Level 2 Approvals must occur. Page 14 of 16 Classification: PROTECTED Agreed exception Requirements Who can approve? Additional information WNZL Treasury Onboarding When onboarding a WNZL Treasury counterparty bank, entities are eligible for Simplified CDD. Due to system constraints, we are still required to load (and verify) beneficial ownership details (including name, address, date of birth) despite this not being a requirement under the Act. In these instances, the use of publicly available information to confirm a beneficial owners date of birth and address can be considered. NB: This is separate to onboarding another bank as part of a correspondent banking relationship. In these instances, simplified due diligence does not apply. All requests for approval must be sent to Level 2 Approvals for consideration. Requests should come via the RSS team in IBB only. All sources used to confirm information should be provided as part of the Level 2 approval request. Any open-source information or other information provided by the customer for CDD purposes that contain information such as name, date of birth and address of the beneficial owner(s) can support the request. 6. Document Certification As outlined in PIC Policy where the original document is not provided to Westpac (whether for ID, Address or Source of Wealth or Funds), it must be a certified copy. The certification must be done by someone listed as a trusted referee and received within 90 days of certification. For Photo ID only, the certification wording must make reference to the document being both a true copy and representing the likeness of the individual presenting it. This is to ensure that: o The copy is true and correct and; o The person getting the document certified is the owner of the ID. If a certified Photo ID is received without reference to the document representing the likeness of the individual presenting it, this must be escalated to a Level One Approver, who has discretion to approve. Similarly, each business unit can, with the support of their Line One Risk team, implement practical steps to verify that a certifier has physically sighted both the ID document and the presenter e.g. if the reference to true likeness is missing but the certifier has also witnessed a statutory declaration for the same person (as part of a KiwiSaver application), this may be acceptable. Any such approaches must be documented as part of the owning business unit’s procedures. Where the document originates electronically e.g. an online utility bill, certification is not required if the bill, along with email trail (from the issuer) is provided. The document and associated email trail should be obtained and scanned to the customer’s profile. If a document is certified and received by Westpac (either via post or email from the customer/certifier) within 90 days of the date of certification but not uploaded to the customer profile e.g. due to staff oversight/error, no exception is required. If a document is certified and not received by Westpac within 90 days of certification, this must be escalated (via a Level One Approver) to a Level Two Approver. Page 15 of 16 Classification: PROTECTED 7. Governance Latest Version: V12.0 Date finalised: 5 October 2022 Next review: 5 October 2024 Prepared by: Kipp Franklin Financial Crime Compliance & Governance Specialis t Luke Daly Financial Crime Compliance & Advisor y Mana ger Approvers: Monica Christensen Senior Manager, Financial Crime Policy & Advisory 5 October 2022 Version Control: Version Date Author Designation/Role Description of changes V1.0 19 May 2013 Jenny Davis AML/CFT Compliance & Awareness Mana ger Published version. V2.0 20 February 2014 Jenny Davis AML/CFT Compliance & Awareness Mana ger Published version. V3.0 30 June 2014 Jenny Davis AML/CFT Compliance & Awareness Manager Review following Wire Transfer solution go-live and to reflect changes to Positively Identify Customer Polic y. V4.0 12 January 2015 Jenny Davis AML/CFT Compliance & Awareness Manager Review following revision of Positively Identify Customer Polic y. V5.0 25 February 2016 Jenny Davis AML/CFT Compliance & Awareness Manager Review following revision of Positively Identify Customer Polic y. V6.0 26 August 2016 Jenny Davis AML/CFT Compliance & Awareness Manager Review following revision of Positively Identify Customer Polic y. V7.0 30 January 2018 Amanda Miller AML/CFT Compliance & Awareness Manager Review following revision of Positively Identify Customer Polic y. V8.0 15 April 2019 Amanda Miller AML/CFT Compliance & Awareness Manager Review following revision of Positively Identify Customer Policy and incorporate the revised EDD guideline 2019, and clarify: ‘Steps to Freedom’ letters used as proof of address. Customers who are using a common name. Transgender customers Address verification for minors and Au pairs. V9.0 20 March 2020 Amanda Miller AML/CFT Compliance & Awareness Manager expired passports authentication of extra care customers, minors, customers with a Court Order or DHB letter SFW exception requirements clarified for Māori entities and Kohan ga Reo V10.0 5 August 2020 Amanda Miller AML/CFT Compliance & Awareness Manager Passports with an extended expir y date Page 16 of 16 Classification: PROTECTED Prisoners on release Extra care customers V11.0 8 December 2021 Kipp Franklin Financial Crime Compliance & Governance Specialist Review following revision of Positively Identified Customer Policy. Updates to Prisoners on Release V12.0 4 October 2022 Kipp Franklin Financial Crime Compliance & Governance Specialist Creation of Delegated Approver authority level; Removal of Specific Scenario Section; Expanded Level One Approver authority; and Included Business Unit specific scenarios. Luke Daly Financial Crime Compliance & Advisory Manager