AML/CFT Awareness
Preserving the Integrity of the Financial System:
Prevention of Money Laundering &
Terrorism Financing
Role of Company Secretaries / Lawyers as
Effective Gatekeepers
AML/CFT Awareness2
Learning Objectives
Co Secretaries / Lawyers’ roles as a Reporting Institution within Malaysia’s
AML/CFT Framework
AML/CFT requirements on Co Secretaries / Lawyers
How to comply with AML/CFT requirements
AML/CFT Awareness3
Presentation Outline
AML/CFT Requirements: International Standards and
Malaysia’s AML/CFT Regime
ML/TF Vulnerabilities of Company Secretaries / Lawyers
Recent AML/CFT Development
AML/CFT Requirements on Co Secretaries / Lawyers
Compliance to AML/CFT Requirements
AML/CFT Awareness4
“A process of converting cash
or property derived from criminal activities to give it a legitimate appearance. It is the process of cleaning and disguising the criminal origin
of ‘dirty’ money”
“Process of
financing terrorist
activity either
through legitimate
or illegitimate
sources.”
Critical for a country to have an effective AML/CFT regime…
1. Reduces rewards associated with crime and hence, overall crime rates;
2. Increases government revenue, reduces leakages within the economy;
3. Preserves the integrity and reputation of the market place; and
4. Creates conducive environment for businesses and investors to flourish.
Money Laundering (ML) & Terrorism Financing (TF) defined
AML/CFT Awareness5
All countries are required to comply with the FATF international standards
UN Conventions and Resolutions
Financial Action Task Force (FATF), Headquartered in Paris [Malaysia is a ‘Member’]
All countries are members of a FRSB (except Iran and DPRK)
Principles under the Resolutions have been embedded into the FATF standards
The Vienna Convention
The Palermo Convention Security Council Resolution 1267 and its Successors
Security Council Resolution 1373
International Convention for the Suppression of the Financing of Terrorism
Issues & ensures compliance by jurisdictions to FATF 40 Recommendations (2012) & Methodology (2013)
APG -Malaysia is a ‘Member’ MENAFATF GIABA CFATF MONEYVAL GAFISUD EAG
Principles under the Resolutions have been embedded into the FATF standards
Implementation by FATF-Styled Regional Bodies (FSRBs)
Principles under these Resolutions have been embedded into the FATF standards
AML/CFT Awareness6
Since AMLA was effected in 2001, Malaysia has established a
comprehensive AML/CFT framework for prevention of ML/TF activities
FATF
Standards
• BNM the competent authority for AMLA
• Criminalisation of ML/TF i.e. 362
offences from 44 legislations
• Freezing, seizure & forfeiture of
properties
• Identify & respond to emerging
risks through National Risk
Assessment process
• Adequate investigation &
enforcement powers
• Fully-functional FIU in BNM
• AML/CFT Units set-up in key law
enforcement agencies (LEAs)
• Structured training programs for
financial investigators
• National Coordination
Committee for integrated
approach across 16
Ministries/Agencies
• MoUs and Strategic
Partnerships with Foreign FIUs
& Counterparts
• Strong networks with
International/regional bodies FATF, APG, Egmont Group
Responsibilities of Reporting
Institutions (RIs)
More than 43,000 RIs
Implement effective AML/CFT
compliance programme to detect
and deter ML/TF
Submit CTRs and STRs to
FIED, BNM
AML/CFT Awareness7
Presentation Outline
AML/CFT Requirements: International Standards and
Malaysia’s AML/CFT Regime
ML/TF Vulnerabilities of Co Secretaries / Lawyers
Recent AML/CFT Development
AML/CFT Requirements on Co Secretaries / Lawyers
Compliance to AML/CFT Requirements
AML/CFT Awareness
Reporting institutions (RIs) are the first line of defence
Criminals and
Criminal Activities
Financial Institutions
Law enforcement
Agencies (LEAs)
Non-bank FIs
DNFBPs
• Formation of complex company structures
• Placement of proceeds from unlawful activities
Supervisory authorities
BNM, SC, LFSA
Financial Intelligence Unit
FIED, BNMSubmit Cash Threshold & Suspicious Transaction
Reports
Collect, analyse,
disseminate financial
intelligence
Feedback on effectiveness of financial intelligence
Identify illicit activities and investigate crimes
Monitor & enforceAML/CTF
requirements
AML/CFT PREVENTIVE MEASURES• ML/TF Risk Assessment & Client Risk Profiling• CDD and Enhanced CDD on Clients• Record Keeping • On-going Monitoring of Clients’ Transactions• Promptly Detect & Report Suspicious Transactions
Supervisory authorities
BNM in collab. with licensing bodies & SROs
1
2 3
45
8
AML/CFT Awareness9
Example: ML Case involving a lawyer’s trust A/C
• 2 offenders involved in importation of ecstasy laundered large amounts of cash
through a lawyer’s trust account
Brief facts of case:
1. A total of $400,000 cash was given to a lawyer who banked it into his firm’s trust a/c on
behalf of the 2 offenders;
2. The lawyer conducted no due diligence on the offenders and did not report STR;
3. It was the bank that (the lawyer’s trust a/c was maintained) submitted STR when the
lawyers deposited $100,000 on four (4) occasions;
4. The offenders had instructed the lawyer that the cash was being held on behalf of their
company registered in Gibraltar; and this alleged co was a shell company that ‘lent’ one of
the offenders the $400,000 in order to purchase a property in Auckland;
5. Another lawyer was engaged by the offender to facilitate the ‘loan’ and the purchase of the
property in offender’s name;
6. The funds for the purchase of the property therefore looked legitimate (a loan from a
company).
7. Effectively, 2 lawyers from different law firms were involved in the ML process.
Source: APG Typology Report 2015
AML/CFT Awareness
Example: ML Case involving a Company Secretary
• Syndicates use of 3rd parties to open and operate bank accounts to cloak identities
of ultimate beneficial owners, for cleansing of criminal proceeds
Brief facts of case:
1. Director of Company Secretarial Firm X (CFSX), served as a Nominee Director of 2
companies, established by CFSX as part of services provided;
2. A bank a/c was opened with the Nominee Director‘s father acting as the sole bank a/c
signatory;
3. A/C received > 120 inward remittances within 6 months from various jurisdictions and funds
were quickly remitted out to a neighbouring jurisdiction;
4. During investigation, the Director and her father denied any offence, stating that a 3rd party
had hired her to set up the 2 companies, and to open a bank a/c to receive funds from
allegedly legitimate overseas business clients. She argued that services provided by her
firm was legitimate company secretarial services;
5. The Director’s father admitted signing for all remittance transactions but denied actual
dealing with the funds;
6. Both denied knowledge of either the source or ultimate beneficiary of funds remitted out
from the bank a/c.
7. Both the director and her father were convicted of Money Laundering.
AML/CFT Awareness11
Presentation Outline
AML/CFT Requirements: International Standards and
Malaysia’s AML/CFT Regime
ML/TF Vulnerabilities of Co Secretaries / Lawyers
Recent AML/CFT Development
AML/CFT Requirements on Co Secretaries / Lawyers
Compliance to AML/CFT Requirements
AML/CFT Awareness12
Key Findings from Mutual Evaluation Exercise 2014
• On-site visit by APG & FATF Assessors from 13/11 to 25/11/2014;
• Assessment made based on Technical Compliance and Effectiveness of Malaysia’s AML/CFT regime in line with FATF Recommendations & Methodology;
• Outcome – Malaysia has achieved high levels of technical compliance. But, significant improvements needed in: a. Implementation of AML/CFT preventive measures on risk-basis
by all RIs, especially DNFBP sector, b. Effectiveness of international cooperation for cross-border crime
prevention and investigations, c. Conduct of parallel investigations and prosecution of ML/TF
• Key Findings on DNFBPs (apart from casino): o All DNFBPs’ have low level of understanding on key ML/TF risks
and AML/CFT obligationso AML/CFT internal controls of DNFBPs are weak or inadequate, not
implemented on risk-sensitive basis
• Key Recommendation: Malaysia to strengthen oversight of DNFBPs, enhance outreach/guidance and enforcement on non-compliance, to improve implementation of effective preventive measures by DNFBPs
AML/CFT Awareness13
Likelihood
POSSIBLE LIKELY VERY LIKELY
Exte
nt
of
Vu
lnera
bil
ity HIGH
MEDIUM
LOW
• Casino
• Gaming Companies
• Jewellers (DPMS)
• Accountants
• Offshore Trust
• Company Secretaries
• Real Estate
• Trust Companies • Lawyers
• Pawn Brokers
• Notaries
LP – onshore /
offshore
NPOs
National ML/TF Risk Assessment 2013 – Sectoral Risk Assessment
AML/CFT Awareness14
Monitoring AML/CFT
Compliance by Lawyers
• On-going on-site AML/CFT Examination by BNM; and
• AML/CFT e-Compliance Survey since 2010.
AML/CFT Awareness15
Presentation Outline
AML/CFT Requirements: International Standards and
Malaysia’s AML/CFT Regime
ML/TF Vulnerabilities of Co Secretaries / Lawyers
Recent AML/CFT Development
AML/CFT Requirements on Co Secretaries / Lawyers
Compliance to AML/CFT Requirements
AML/CFT Awareness16
Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act
2001 (Act 613) – AMLA
Anti-Money Laundering & Anti-Terrorism Financing (Reporting Obligations) Order 2007
AML/CFT – Designated Non-Financial Businesses and Professions (DNFBPs) & Other Non-
Financial Sectors (Sector 5) Guidelines - Revised & reissued on 1 Nov 2013
Applicable to ‘advocates and solicitors’ as defined in the Legal Profession Act 1976 and
person admitted as advocates pursuant to the Advocate Ordinance Sabah 1953 and
Advocate Ordinance Sarawak 1953 (collectively referred to as lawyers in Sector 5 Policy
Document), when they prepare or carry out the following activities for their clients:
Relevant AML/CFT Law, Rules & Regulations - Lawyers
No. GA Example of Services Provided by Lawyers
1 Buy and sell immovable property Prepare Sale & Purchase Agreement, Equipment Sale Agreement, Assignment of Tenancy/Lease
Agreement, and incidental services including holding of client’s money (e.g.: earnest deposit, RPGT
amount), and fixed deposit placement of funds pending payment to LHDN and completion of property
acquisition transaction
2 Manage client’s money, securities
or other property
Holding and managing client’s funds in separate account (e.g.: client / trust accounts) and use it in
accordance with client’s instructions and in relation to the provision of legal services; e.g.: appointment
of lawyer as executor/trustee for deceased’s estate
3 Manage accounts including
savings and securities accounts
Actual managing of client’s accounts (where instructed), in addition to providing legal advice to clients
on managing accounts
4 Organise contributions for the
creation, operation or
management of the companies; or
Prepare for or carry out transaction where investors contribute capital to a legal entity. Type of
services include offering of advices on establishing operations, setting up funds, initial public offerings
(IPOs); capital and/or corporate restructuring and other fund raising exercises
5 Create, operate or manage legal
entities or arrangements and buy
and sell business entities
Prepare Share Sale Agreement, acting for vendor or purchaser in S & P of company pursuant to
share sale agreement, conduct legal due diligence on target company prior to execution or completion
of transaction (if instructed), and managing actual S & P arrangement
AML/CFT Awareness17
Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful
Activities Act 2001 (Act 613) – AMLA
Anti-Money Laundering & Anti-Terrorism Financing (Reporting Obligations) Order
2007
AML/CFT – Designated Non-Financial Businesses and Professions (DNFBPs) &
Other Non-Financial Sectors (Sector 5) Guidelines - Revised & reissued on 1 Nov
2013
Applicable to all ‘secretary of a company who is a member of a professional body
prescribed by the Minister OR licensed by the Registrar of Companies (s139 CA 1965)’,
when they, whether in person or through a firm or company, prepare or carry out the following
activities for their clients:
‒ Act as a formation agent of legal entities;
‒ Act as (or arrange for another person to act as) a director or secretary of a company, a
partner of a partnership, or a similar position in relation to other legal entities;
‒ Provide a registered office, business address or accommodation, correspondence of
administrative address for a company, a partnership, or any other legal entities or
arrangement;
‒ Act as (or arrange for another person to act as) a trustee of an express trust OR a
nominee shareholder for another person.
Relevant AML/CFT Law, Rules & Regulations – Company Secretaries
AML/CFT Awareness18
Key AML/CFT Reporting Obligations from Sector 5 Policy Document
1. Risk Profiling of Clients and
Services Provided
2. CDD and Other Requirements
3. AML/CFT Compliance Programme
4. Suspicious Transaction Report
(STR)
5. Combating Financing of
Terrorism
6. Consequences of Non-Compliance
AML/CFT Awareness19
Practical Guide on Key AML/CFT Requirements
No. What’s required Ref. as per
Sector 5 (Para)
1. Appoint a Compliance officer • 22
• 23
2. Develop and implement internal programme, policies, procedures
and controls to guard against and detect any offence under
AMLA, including
• 22
a. P & P on overall ML/TF risk assessment, client risk
profiling, managing and mitigating risk identified, periodic
update of risk assessment, and documentation of risk
assessment and findings
• 12
b. P & P on customer due diligence (CDD), enhance DD and
on-going DD
• 13
c. Establish internal criteria (‘red flags’) to detect suspicious
transactions; and a reporting system for submission of
suspicious transaction report (STR)
• 23
S24
S25 -26
S27 - 32
S33 - 34
AML/CFT Awareness20
No. What’s required Ref. as per
Sector 5 (Para)
3. When in ‘doubt’, submit STR • 23
4. Check new and existing client database against the UNSCR
Consolidated List and gazette orders issued by MOHA on
domestic list of sanctioned individuals and entities
• 25
5. Conduct AML/CFT awareness and training programmes for
employees
• 22
6. Put in place adequate management information system (MIS) to
complement CDD process
• 20
7. Keep all CDD information and records for at least 6 years • 21
8. Keeping ML/TF risk assessment up-to-date through periodic
review, and having appropriate mechanisms to provide risk
assessment information to the supervisory authority, when
required
• 12
S35
S36
S37
Practical Guide on Key AML/CFT Requirements (2)
AML/CFT Awareness21
Consequence of Non-Compliance
1. Enforcement action can be taken against a reporting institution,
including directors, officers and employees for any non-compliance
with AML/CFT requirements;
2. Penalties upon breach include:
• General Offence (section 86) – Fine not exceeding RM1.0 million
e.g. for failure to conduct CDD and failure to adopt, develop and
implement AML/CFT compliance programme;
• Retention of Records – Fine not exceeding RM3.0 million or
imprisonment for a term not exceeding five (5) year or both
• Opening Account in False Name – Fine not exceeding RM3.0
million or imprisonment for a term not exceeding five (5) year
or both
AML/CFT Awareness22
Presentation Outline
AML/CFT Requirements: International Standards and
Malaysia’s AML/CFT Regime
ML/TF Vulnerabilities of Co Secretaries / Lawyers
Recent AML/CFT Development
AML/CFT Requirements on Co Secretaries / Lawyers
Compliance to AML/CFT Requirements
AML/CFT Awareness
Thank You
Link to AML/CFT Microsite in BNM Website:
http://amlcft.bnm.gov.my
AML/CFT Awareness24
Roles and Responsibilities of Compliance Officer
WHO
High expectation on role and duty of AML/CFT Compliance Officer
RI’s compliance with AML/CFT requirements
Proper implementation of AML/CFT Procedures
Appropriate AML/CFT procedures and effective implementation
Communication channel between RIs/ staff/ department is secured and kept confidential
AML/CFT Compliance Programme awareness to all staff.
Internally generated STR are evaluated before submission to FIED
Identification of ML/TF risks associated with new products and services
DUTY – to ensure:
For individual RIs who operate within a group (e.g.: partnership):
responsible for own obligation under AMLA;
may appoint particular person (with management responsibilities) within such group to perform the role of compliance officer
1. Individual with management
responsibilities
2. Fit and proper
3. Necessary knowledge and
expertise
Back to S19
AML/CFT Awareness25
Customer risk Geography
Products, services,
transactions/ delivery channels
Other information
1 2 3
• Resident or non-resident
• Company or individual
• Company structure
• PEPs
Business location
Country of origin
Country on sanctions list
Etc.
Cash-based
Non face-to-face
Simple/ complex transactions
Etc.
4
• Suggesting higher risk, if any
RISK ASSESSMENT
RISK PROFILING
RISK CONTROL AND MITIGATION
AML/CFT Awareness26
Risk profile customer based on CDD info collected- Examples of CDD info that can be used as risk profiling factors
i. Customer risk
ii. Geographical risk
iii. Risk associated with Transaction / Delivery Channel
Document Client’s risk
profile
To freeze account if existing client,
to reject if at point of on-boarding a
new client.
Back to S19
AML/CFT Awareness27
Customer Due Diligence (CDD)
1. Three elements:
Identification VerificationOn-Going Due
Diligence
i ii iii
• Identify• Sight ID document
• Take copy of ID document
• Review and update profile
• Transaction monitoring
AML/CFT Awareness28
Meeting AML/CFT Requirements - CDD– In practice, a quick guide
i ii iii
3. When is CDD required (Identification)?
Establishing business relations, where
applicable
If there is suspicion of ML/TF
Doubts on veracity & adequacy of previously
obtained CDD information
2. Info to obtain when conducting CDD
AML/CFT Awareness29
Identify and verify customer
Identify and take reasonable measures to verify beneficial owner (BO)
(a) Name, legal form and proof of existence(b) Powers that regulate and bind customers(c) Address of registered office
(a) Identity of the natural person who ultimately has a controlling ownership interest in a legal person
i. Identification of directors/shareholders with equity interest of 25% or more;ii. Authorisation for any person to represent the company (letter of authority/ directors’
resolution); andiii. NRIC / Passport to identify the authorised person
(b) If there is a doubt on the controlling interest - the identity of the natural person exercising control through other means
(c) Where there is no natural person identified- the identity of the natural person who holds the senior management position
Identification & verification of the BOs up to the level of natural persons who have control
Customer Due Diligence (CDD): On Legal Persons
AML/CFT Awareness30
When is Enhanced CDD Required?
Conditions
Requirements
Foreign PEPs
Customers from high risk jurisdictions (black
and grey list)
Domestic PEPs assessed as higher risk
1. Obtain CDD information
3. Inquire on source of wealth
and/or funds
4. Obtain approval from Senior Management
2. Obtain additional
informationClients assessed as
higher risk
Customer Due Diligence (CDD): Enhanced CDD
AML/CFT Awareness31
…are individuals who are or have been entrusted with prominent public
functions by their respective governments or organisations
Heads of State or of government, senior politicians, senior
government, judicial or military officials, senior executives
of state owned corporations, important political party officials
FOREIGN DOMESTICINTERNATIONAL ORGANISATION
Members of senior
management , i.e. directors,
deputy directors and members
of the board or equivalent functions.
Customer Due Diligence (CDD): On PEPs
PEPs do not include middle ranking or junior level individuals
AML/CFT Awareness32
Potential Customers Do not open the account or commence business relationship or
perform transaction
Existing Customer Terminate the business relationship
• Also, consider submitting a STR. Remember to document your rationale for submitting or
not submitting the STR
1. If the customer does not want to cooperate or refuses to provide information -What should a RI do?
2. If a RI finds a potential client to be suspicious, but believes that insistence oncompleting the CDD would tip-off the customer – What should a RI do?
• Proceed with the transaction, then immediately submit a STR to FIED, BNM
Failure to Satisfactorily Complete CDD
Back to S19
AML/CFT Awareness
Firm / RIs to establish red-flags or indicators of ML/TF
Transaction Risk:
1. Unusual or unnecessarily complicated business structures or transaction
paths
2. Use of large amount of cash
3. Unusual source of funding
4. Speed of transaction (without reasonable explanation)
5. Unexplained changes in instructions or business entities
6. Transactions where there are doubts about the validity of the documents
submitted
Customer Risk:
1. Transaction inconsistent with the individual’s known occupation or income
2. Unusual involvement of third parties / intermediaries
3. Use of legal entities that hide the identity of ultimate beneficial owner
4. Instruction outside normal geographical area, area of expertise, or client
market
5. Involvement of higher risk clients such as Political Exposed Persons
(PEP), individuals from high risk jurisdictions
6. Formation of shell companies that can then be used by money launderers
7. Avoiding personal contact without good reason
AML/CFT Awareness34
Suspicious Transaction Report: Reporting Mechanism
Internal reporting mechanism:
• RI to have in place policies on
duration taken by Compliance
Officer to review internal STR and
circumstances the timeframe can be
exceeded
TIPPING OFF:
• If RI has formed a suspicion of ML/TF but
believes that performing CDD process would
tip-off the customer, RI is permitted not to
pursue CDD, to proceed with the transaction
and immediately file a STR
Back to S15
Establish clear P&P to guide all staff, which should include:
Guidance on the type of client behavior or transactions that could be considered as
suspicious i.e. internal criteria/red-flags
What to do when doubt arises e.g. types of further scrutiny to conduct, consider
submitting STR if suspicion remains
Who to submit STR to within the firm and where to get STR forms i.e. sample/template
Method for submitting STRs - by staff to CO, by CO to FIED,BNM - to preserve
confidentiality
Timeframe for initial assessment by staff upon formation of doubt before raising STR to
CO, assessment by CO before submitting STR to FIED, BNM
Method for recording of assessment and decision not to submit STR received from staff
and secure filing of these documents for at least 6 years.
Back to S19
AML/CFT Awareness35
Suspicious Transaction Report: Info Required – When in doubt, submit STR
Useful
information for
investigation
by LEAs
• Name of Subject
• Identification No.
• Address• Contact No.• Employment details i.e. occupation,
name of employer
Details of Subject Reported
• Mode of transaction• Transaction Amount• Transaction Date
Transaction Details
• Reasons given by the reporting institutions on why they feel the conduct of account is suspicious
Description of Suspicious Transaction
Back to S20
AML/CFT Awareness36
Combating Financing of Terrorism
Updated and maintain list
Check on names Freeze/ Reject Report
1 2 3
• List under Section 66B (Domestic) and Section 66C (UNSC) (Part VIA)
• Other List (Optional)
on new customers, beneficial owners and beneficiary
existing customers
potential customers
take measures to ascertain identity –not ‘false positive’
freeze/ block fund for existing customers
reject transactions for new/ potential customers
4
• to FIED (including attempted transactions)
• inform relevant supervisory authority
Obligations under Part VIA of the AMLA applicable to any person
Back to S20
AML/CFT Awareness37
AML/CFT Training
• Tailored to staff level & nature of works;
• Frequency – correlate with level of risk
Record-keeping
• All records relating to transactions, CDD etcmust be properly maintained, for at least 6 years from the point of termination of the business relationship with the client
Management Information System
• Not necessarily automated
• To commensurate with nature, scale and complexity of operations
Other Requirements
Back to S20