NNPC Limited Due Diligence Processes and Procedures PDF
Document Details
Uploaded by ReplaceableSalmon
null
Tags
Related
Summary
This document is a policy outlining NNPC Limited's due diligence processes and procedures. It covers various aspects, including terms, scope, compliance, and risk categorization. The document intends to help in assessing, managing, and reducing potential risks in business dealings with employees, suppliers, customers, and third-party stakeholders.
Full Transcript
NNPC Limited Due Diligence Processes and Procedures Glossary of Terms Term/ Abbreviation Meaning AML Anti-Money Laundering CBN Sanction List Central Bank of Nigeria Sanction List CDD Customer Due Diligence CFT Combating the Financing of Terrorism CHD Card Holder Data CV Curriculum Vita...
NNPC Limited Due Diligence Processes and Procedures Glossary of Terms Term/ Abbreviation Meaning AML Anti-Money Laundering CBN Sanction List Central Bank of Nigeria Sanction List CDD Customer Due Diligence CFT Combating the Financing of Terrorism CHD Card Holder Data CV Curriculum Vitae CPF Countering Proliferation Financing of Weapons of Mass Destruction EDD Enhanced Due Diligence FATF Financial Action Task Force FIRS Federal Inland Revenue Service CCO Chief Compliance Officer GRC Governance, Risk and Compliance HR Human Resource IDD Integrity Due Diligence KYC Know Your Customer LOD Line of defense MLPPA 2022 Money Laundering (Prevention and Prohibition) Act, 2022 NNPC Nigerian National Petroleum Corporation Limited OFAC Office of Foreign Asset Control of the US Department of Treasury PEPs Politically Exposed Persons PIA Petroleum Industry Act, 2021 TPPA 2022 Terrorism (Prevention and Prohibition) Act, 2022 Page 108 of 347 NNPC Limited Due Diligence Processes and Procedures 1.0 Due Diligence Policy 1.1 Introduction This Policy sets out NNPC Limited’s (“the Company”) due diligence processes and provides guidance to the process of assessing, managing, and reducing potential risks involved in the Company’s association with employees (pre-employment, and prior to occupying high-risk roles postemployment), suppliers, service providers, contractors, distributors, customers, clients, third-party agents, counterparties, and other relevant stakeholders. The Policy details the preventive processes put in place by NNPC Limited, to confirm every relevant fact and information about prospects. 1.2 Scope and Compliance This Policy applies to all due diligence activities undertaken by, or on behalf of NNPC Limited, particularly: Employees, directors, officers, consultants, contractors, and agents of NNPC Limited (“Employees”). Customers and clients of NNPC Limited (“Customers”). Third-party service providers, vendors, suppliers, distributors, counterparties, business partners, investors, and other relevant third parties, with whom NNPC Limited intends to assume a business relationship (“Third parties”). Strict compliance with the provisions of this policy is obligatory for each officer, employee, director, and other relevant personnel of the Company. The manual is notified to all the Company’s personnel. Page 109 of 347 NNPC Limited Due Diligence Processes and Procedures Failure to comply with the provisions of this policy may result in civil, disciplinary, or criminal sanctions against the Company and/or its employees, as well as damage to the Company’s reputation. a 1.3 Purpose The objective of this Due Diligence Policy is to establish the mechanisms and procedures for conducting due diligence reviews, in compliance with the MLPPA 2022, TPPA 2022 and other applicable laws and regulations governing the Company. Such mechanisms and procedures are performed to assess, analyse, and mitigate the risks involved, if at all, in any business decision to be undertaken by NNPC Limited. 1.4 Definitions “Beneficial Owner” is defined as the natural person(s) who ultimately owns or controls the customer and/or the natural person on whose behalf a transaction or activity is being conducted and includes at least the following: The natural person(s) who ultimately owns or controls a legal entity through direct or indirect ownership or control over a sufficient percentage of the shares or voting rights in that legal entity, a percentage of 5% is sufficient to meet this criterion. The natural person(s) who otherwise exercises control over the management of a legal entity. The natural person who holds the position of senior managing official if, after having exhausted. Page 110 of 347 NNPC Limited Due Diligence Processes and Procedures “Counterparty” means any natural person or legal entity (when there is no natural person) with whom NNPC Limited engages contractually and, in particular about NNPC Limited’s financing operations, that receives or seeks from, or transfers to NNPC Limited any form of financing or support. Depending on the type of NNPC Limited’s activity, “Counterparty” may be construed to also cover an entity that otherwise executes, implements, contributes, or substantially participates in an NNPC Limited business activity. Examples of Counterparties include Vendors, JV Partners, amongst others. “Customer” means individual, and businesses involved in a business of buying products, goods, or services from NNPC Limited “Employees” mean full time staff, contract staff, directors, officers, and agents of NNPC Limited. “High-risk countries” mean: a. Countries which are subject to a call for application of counter measures by the FATF, Transparency International, United Nations or any other internationally-recognised organization. b. Countries identified by CBN or other competent authorities as having strategic deficiencies in their AML, CFT and CPF regimes or posing a risk to the AML, CFT and CPF regime of Nigeria. c. Countries under the sanction of the Nigerian Government. “KYC – Know-Your-Customer” refers to the process of verifying the identity of your customers, either before or during the time that they start doing business with you. “Level 1 Committee” this includes the Board Audit committee and Senior Management Teams (SMT). Page 111 of 347 NNPC Limited Due Diligence Processes and Procedures “NNPC Limited Activity”, according to Section 54 of the PIA means to: carry out petroleum operations on a commercial basis, comparable to private companies in Nigeria carrying out similar activities including exemption to Public Procurement Act, Fiscal Responsibility Act and Treasury Single Account. lift and sell royalty oil and tax oil on behalf of the Nigerian Upstream Regulatory Commission (NUPRC) and the Federal Inland Revenue Service (FIRS) respectively for an agreed commercial fee and in the case of profit oil and profit gas payable to the concessionaire, NNPC Limited shall promptly remit the proceeds of the sales of the profit oil and profit gas to the Federation less its 30% for management fee and Frontier Exploration Fund. carry out test marketing to ascertain the value of crude oil and report to the Nigerian Upstream Regulatory Commission. carry out the management of production sharing contracts for a fee, based on the profit oil share or profit gas share. engage in the business of renewables and other energy investments. promote the domestic use of natural gas through development and operation of large-scale gas utilisation industries. carry out task requested by the Nigerian Upstream Regulatory Commission or Nigerian Midstream and Downstream Petroleum Regulatory Authority on a fee basis and generally engage in activities that ensure national energy security in an efficient manner, in the overall interest of the Federation. carry out such other tasks as may be determined by the Board of NNPC Limited. Page 112 of 347 NNPC Limited Due Diligence Processes and Procedures make NNPC Limited supplier of last resort for security reasons and all associated costs shall be for the account of the Federation. “Business Units” mean any other unit engaging with a counterparty through the procurement of goods, works and/or services for NNPC Limited’s internal use. “Politically Exposed Persons (PEPs)” mean individuals who are or have been entrusted with prominent public functions in Nigeria or in foreign countries, and people or entities associated with them, and they include: Heads of State or Government State Governors Legislators Local Government Chairmen Senior politicians Senior government, judicial or military officials Senior executives of State-owned corporations Important political party officials Family members or close associates of PEPs Members of royal families PEPs also include persons who are, or have been, entrusted with a prominent function by an international organization including members of senior management such as directors, deputy directors and members of the board or equivalent functions and their family members and close associates. “Sanctions Lists” means to include the sanctions lists maintained by OFAC, FATF and CBN Sanctions List etc. Page 113 of 347 NNPC Limited Due Diligence Processes and Procedures “High-risk position” means a role with duties that might subject the employee to be an easy target for collusion, fraud, coercion, thereby running foul of the MLPPA, TPPA or any other applicable law. “Third Parties” mean any non-NNPC Limited entity that undertakes regulated business on behalf of NNPC Limited. They can include third-party service providers, vendors, suppliers, distributors, counterparties, potential partners, investors, etc. 1.5 Responsibilities The responsibility of carrying out due diligence shall rest with the Business Units/Division, GRC, Senior Management and the Board of NNPC Limited. At the first line of review (LOD 1), Business Units are responsible for gathering the information, assessing, disclosing, mitigating and monitoring the risk. The GRC shall perform second line of review (LOD 2) and act as an advisory body to the Business Units, management and the Board of Directors. Specifically, Business Units shall consult with GRC when risks factors indicating Medium or High risks (“deal-breaker”) are identified. However, for low risk identified, GRC shall perform monthly spot checks on the risk categorization presented by the responsible units for propriety. GRC shall have responsibilities for implementing this policy and defining, subject to necessary approval by the Board, the processes, procedures, and other mechanisms by which this policy is implemented within the Company. Page 114 of 347 NNPC Limited Due Diligence Processes and Procedures The GRC Division shall enforce compliance issues with Regulatory Bodies, third-parties, laws, and policies within NNPC Limited including licensing/permits for successful operations within the business space. It is the responsibility of GRC, to ensure that all business relationships with NNPC Limited, are subjected to the appropriate risk-related due diligence process in accordance with this policy. Chief Compliance Officer: The Chief Compliance Officer or its equivalent shall be responsible for overseeing the due diligence review process. The Chief Compliance Officer or its equivalent shall consult with other stakeholders, as necessary, to ensure compliance with this Policy and to resolve any issues identified by the Chief Compliance Officer or his equivalent. GRC Manager: The GRC Manager or his equivalent administers the due diligence process and is responsible for reviewing and analyzing information provided by employees, customers, and third parties. The GRC Manager may adopt procedures needed to implement this policy, coordinate with other relevant units or functions to carry out those procedures, and where necessary, request additional information or documents from a prospective employee, customer or third Party. The GRC Manager shall identify the appropriate level of due diligence by assessing the risk level (Section 2.1.2) and the presence of any Red Flags, as defined therein. After the due diligence process, the GRC Manager shall make recommendations to the Board Audit Committee, Corporate service units and Senior Management Team (SMT) to approve or reject the business Page 115 of 347 NNPC Limited Due Diligence Processes and Procedures relationship, or where applicable, request for further information from the employee, customer, or third Party. Please refer to the Guide on Due Diligence Competencies on page 24. 2.0 Risk Categorisation and Scope of Evaluation All due diligence should be conducted based on the risk classifications. The subsequent level of research and due diligence to be conducted shall be proportionate to the risk presented by the business relationship. 2.1 Risk Classification The initial and final risk categorization based on the General IDD (Integrity Due Diligence) and EDD (Enhanced Due Diligence) shall be performed by LOD 1 and GRC respectively. The risk categories shall be rated as High, Medium, or Low. The rating of the risk is a careful judgement call based on research due diligence performed, type of risk identified, prospective business relationship, possible mitigation measures, context, amongst Page 116 of 347