Understanding MAS 626 in the Financial Services Industry … - Global view of New 626 - 10...

Understanding MAS 626 in the

Financial Services Industry

A Global View of our Local

Rules

Radish Singh, Thng Teck Soon

6 November 2014

1

2 © 2014 Deloitte Southeast Asia Ltd

AML/CFT – Trends &

Developments

• FATF set up in 1989, to identify emerging ML risks and provide guidance and

international standards

• FATF’s Forty Recommendations, developed in 1990 and revised in 1996, set

the framework for AML efforts

• After 9/11, FATF’s mission broadened to include anti-terrorist financing, which

coincided with the US Patriot Act to combat international terrorism

• As international standards are being enacted, ML and TF risks have evolved

with the aid of technology advancement

• However, financial institutions were found lacking in controls …

Evolution of AML / CFT Regime over the years


Money laundering…

United States fine clouds quarterly balance of BNP Paribas -A +A By Staff Writers 31

July 2014 - 1:27pm BNP Paribas, the first French and second Bank in the euro zone, has been

reported on Thursday a net loss of 5 750 million dollars (about 4 300 million euros) in the second

quarter of 2014, under the weight of the fine imposed by the Government of United States in late

June because they have treated with countries on its blacklist. BNP Paribas, in a situation of loss

for the first time since the end of 2008 (as a result of the international financial crisis), was

accused by U.S. authorities of conducting transactions in dollars with Nations under sanctions

from Washington, including Cuba, and to avoid a trial had to pay a fine record of 8 970

million dollars (6 billion euros), the largest penalty imposed a foreign bank in The United

States. - See more at: http://www.cubacontemporanea.com/en/news/united-states-fine-clouds-

quarterly-balance-bnp-paribas#sthash.MH3HYEKP.dpuf


Sanctions…

$536 million



Europe

EU focusing on ML/TF risk since Feb

2013, and is updating the AML Directive

FSA (now FCA) – has fined individuals

(AMLOs) for AML weaknesses

The AML regime globally and in

Asia continues to be under much

regulatory scrutiny.

US

Huge fines being imposed by US

regulators for sanctions

framework failures

New CDD requirements issued by

FinCEN

Asia

HKMA stated plans to double the size

of existing AML team.

MAS has been actively enforcing the

new requirement of tax evasion as a

predicate offence for AML

In other jurisdictions, regulators either

place greater focus on AML and KYC

(India) or to remediate their AML

regimes to meet with FATF standards

.

AML / CFT - Tops the agenda of regulators globally

• Assessment and understanding of risk

• Board responsibility and governance

• Effectiveness of three lines of defense

• Transactions / ongoing monitoring

• Due diligence and customer acceptance policy

• Verification of beneficial owners and risk profiling

• MIS – record keeping, updating and reporting to

supervisors

• Reporting suspicious activity and freezing of assets

• Group wide / cross border management of customer

risk, management of risk, consistent policies and

procedures and information sharing


Risk management guidelines related to anti-money laundering and terrorist financing issued by the Basel Committee (15 January 2014)


AML risk tolerance and

effectiveness of AML risk

management framework

are critical to enhance

compliance standards.

The need for systematic

customer risk

assessment framework

and bank wide risk

tolerance is good

practice.

In 2012, FATF revised the set of international standards to

combat ML/TF risks. Since then, it has commenced a new

round of mutual evaluations to ensure that countries put in

place the necessary controls.


Risk-based approach

Countries should identify, assess,

and understand the money

laundering and terrorist financing

risks they face and take appropriate

measures to mitigate those risks.

Tax crimes

The list of designated predicate

offenses has been expanded to

include tax crimes.

Anti-corruption

Following calls from the G20, the

revised recommendations place a

greater emphasis on action

against corruption – particularly in

the context of PEPs.

Financing of proliferation

Countries should apply UN targeted

financial sanctions to persons and

entities that finance the proliferation of

weapons of mass destruction.

Countries should also ensure national

cooperation and coordination among

their competent authorities.


Key changes by FATF explained

AML / CFT – Singapore Initiatives

National Risk Assessment, inspections, & consultation on the

new AML/CFT Notices


Amendments to various notices – to be discussed later

Tax evasion as a predicate offence

Banks asked to undertake remediation or independent assessment

MAS has focussed on effectiveness of the overall framework…

21 October 2013: Singapore launched a comprehensive assessment of

money laundering and terrorist financing risks in the country

Key changes to

Notice 626 and

implications for banks


• The proposed changes include new

requirements, as well as codification of existing

supervisory expectations

• Key changes are ML/TF risk assessment, new

products, screening of customers, CDD

measures including on PEPs and BO, reliance

on third party, correspondence banking and

group policy

• Banks need to understand the requirements,

know the inter-linkages between the rules, and

implement change programs to effect new

policies and procedures

Key changes to Notice 626

11

Clarity of regulatory

expectations is a welcome

move – for robustness of

AML compliance framework

as well as greater degree of

certainty.

However, note that AML

compliance is dynamic and

often depends on the bank’s

business (products and

geographies) and customer

profile and risks to name a

few. There is never a “one

size fits all” approach.

© 2014 Deloitte Southeast Asia Ltd

What is new?


12

Assessment of overall ML/TF risks and Risk Mitigation

FIs to identify and assess overall ML/TF risks they face as

an institution, and to take commensurate steps to mitigate

these risks effectively.

CDD for wire transfers which exceeds S$1,500

FIs to perform CDD when effecting or receiving funds by domestic

or cross-border wire transfer that exceeds S$1,500 for any

customer who has not otherwise established business relations

with the bank, i.e. walk-in customers.

1

2



Clarification of existing expectations


1 2 3

5 4 7 8

6

9 10

Definition of ”relationship

management”

Steps to take when there are

reasonable grounds for suspicion

Customer screening

requirements

Performance of CDD measures by

third parties

Further obligations for parties

involved in wire transfer

Record

keeping

obligations

Other high risk

categories

Cascading measures

for identifying and

verifying beneficial

owners

Risk assessment and

mitigation requirements in

relation to new products,

practices and technologies

Scope of PEPs and risk-based

approach for certain categories

of PEPs

.

11 Group policies and procedures within the

financial group to share information

required for the purposes of CDD, and for

ML/TF risk management

Key issues:

Need for

NBFI specific

guidance

Risk assessment,

new products &

technologies


Risk assessment

Assessing risks and applying a risk-based

approach

15

Entry level risk assessment

Identify, assess and understand

money laundering and terrorism

financing risks in relation to:

• its customers

• the countries or jurisdictions its

customers are from or in

• the countries or jurisdictions the

bank has operations in

• the products, services,

transactions and delivery channels

of the bank

Take into account the results of NRA

in assessment

Risk mitigation

• Include policies, controls and

procedures (approved) to enable it

to manage and mitigate effectively

the risks

• Monitor the implementation of those

policies, controls and procedures

• Take enhanced measures where

higher risks are identified, to

manage and mitigate those higher

risks

• Ensure that measures or enhanced

measures taken to manage and

mitigate the identified risks address

the risk assessment

New products & technologies

New products, practices and technologies

16

Pay special

attention to

products, practices

and technologies

that favour

anonymity

Emerging practices

seem to be that AML

risk assessment is

being done at product

level. Product approvals

should take into

account relevant

considerations and risk

mitigation from AML

perspective Key issues: Scope of

Assessment, Risk Identification,

New Market

Screening of customer


• Customer

• Natural persons appointed to act on

behalf of a customer

• Connected parties of a customer

• Beneficial owners of a customer

• Wire transfer originators

• Wire transfer beneficiaries

Customer screening

Who, What and When?

18

Who should FI screen?

• Relevant money laundering and

terrorism financing information

sources

• Lists and information provided by the

Authority and any relevant authorities

in Singapore for the purposes of

determining if there are any money

laundering or terrorism financing

risks in relation to the customer

What should FIs screen against?


• when, or as soon as reasonably practicable after, the bank establishes business

relations with the customer

• when the bank undertakes any transaction of a value exceeding S$20,000 for any

customer who has not otherwise established business relations with the bank

• when the bank effects or receives any funds by domestic wire transfer, or by cross-

border wire transfer that exceeds S$1,500, for a customer who has not otherwise

established business relations with the bank

• on a periodic basis after the bank establishes business relations with the customer

• when there are any changes or updates to:

- the lists and information provided by the Authority and any relevant authorities in

Singapore to the bank

- natural persons appointed to act on behalf of a customer, connected parties or

beneficial owners of a customer.

Customer screening

Who, What and When?

19

When should such screening take place?


Key issues: When

to Screen

Customer Due Diligence


Measures for cross-border

accounts, beneficial owners,

and PEPs

Customer Due Diligence (CDD)


What is a “customer”?

“Customer” in relation to a bank,

means a person (whether a natural

person, legal person or a legal

arrangement):

(a) with whom the bank establishes

or intends to establish business

relations; or

(b) for whom the bank undertakes or

intends to undertake any

transaction without an account

being opened.

What is meant by “business relations”?

Business relations is furthered defined as

(a) the opening or maintenance of an account

by the bank in the name of;

(b) the provision of financial advice by the

bank to; or

(c) the undertaking of relationship

management by the bank for a person

(whether a natural person, legal person or

legal arrangement); where relationship

management refers to managing or servicing

by an employee of a bank of an account with

a customer that is opened with the

overseas subsidiary, branch, parent or

related corporation of the bank.

Customer Due Diligence (CDD) Identification and verification of identify of Beneficial Owners (BO)


Legal Persons

• Identify natural persons who ultimately own

the legal person

• Where there is doubt if ultimate owner is

BO, or where no natural persons own the

legal person, identify natural person with

ultimate / effective control of the legal

person

• If still no natural persons identified, identify

natural persons with executive authority in

the legal person

Not a natural person

• Where the customer is a not natural

person, understand the nature of the

customer's business and its ownership

and control structure

Legal Arrangements

• Trusts

• Settlors,

• Trustees,

• Protector

• Beneficiaries or class of beneficiaries

• Natural persons with ultimate

ownership, control, effective control

over the trust

• For other types of legal arrangements,

persons with equivalent or similar positions

as described above.

Inquire and Identify

• Inquire if there is any BO (besides the

account holder)

• Where there is more than 1 BO, identify

the BOs and take reasonable measures to

verify the identifies of the beneficial

owners, using the relevant information

or data obtained from reliable,

independent sources.

Identification

of Beneficial

Owners

Enhanced Customer Due Diligence (ECDD)

What to do with PEPs and high risk accounts?


Enhanced CDD measures include

• Internal policies, procedures and controls

to identify PEPs / High Risk customers

• Approval from FI’s senior management to

establish business relations with PEPs /

High Risk customers

• Conduct enhanced monitoring of business

relations with the customer. The bank shall

ensure that the enhanced CDD

requirements for a PEP shall also apply to

family members and close associates of

the PEP

• A bank may adopt a risk-based approach

in determining whether to perform

enhanced CDD

Key issues:

Relationship

Management,

Different

Standards

Performance of CDD

measures by third party


• the bank is satisfied that the third party it intends

to rely upon is subject to and supervised for

compliance with AML/CFT requirements

consistent with standards set by the FATF

• the third party is not one on which banks have

been specifically precluded by the Authority from

relying

• the third party is able and willing to provide,

without delay, upon the bank’s request, any

document obtained by the intermediary

• However, no bank shall rely on third party to

conduct ongoing monitoring of customers

Performance of CDD Measures by Third Party


Under what conditions

can financial

institutions rely on

third party for CDD?

Key Issues: Regional Monitoring Hub, Provision of CDD

Documents

Group AML/CFT policy


• A bank that is incorporated in Singapore shall develop a group policy on

AML/CFT to meet all requirements of this Notice and extend this to all of its

branches and subsidiaries in its financial group, including those outside

Singapore

• Subject to the bank putting in place adequate safeguards to protect the

confidentiality and use of any information that is shared, as may be required by

the law of the country or jurisdiction, the bank shall develop and implement

group policies and procedures for its branches and subsidiaries within the

financial group to share information required for the purposes of CDD, and for

money laundering and terrorism financing risk management

• Such policies and procedures shall include the provision, at the bank’s group-

level compliance, audit, and AML/CFT functions, of customer, account, and

transaction information from its branches and subsidiaries within the financial

group, when necessary for money laundering and terrorism financing risk

management purposes





Scope

For bank incorporated in Singapore

To meet all requirements

To extend to all branches and

subsidiaries, including those outside

Singapore

Key Issues: Information Barrier

across jurisdictions? How to

link up with other compliance

functions in HO and

elsewhere?

Confidentiality

To put in place adequate

safeguards to protect the

confidentiality and use of any

information that is shared, as may

be required by the law of the

country or jurisdiction

Information to Share

For the purposes of CDD, and for

ML/TF risk management

Customer, account, and transaction

information from its branches and

subsidiaries within the financial group

What’s next?


30 © 2014 Deloitte Southeast Asia Ltd 30

“The challenge before us – as is often noted – is

that the fight against money laundering and

financing of terrorism is never done ...”

Mr Ong Chong Tee,

Deputy Managing Director

(Financial Supervision), MAS


Giam Ei Leen

Thng Teck Soon

Radish Singh

Ho Kok Yong

Partner

Financial Services Industry

Risk and Regulatory Advisory Services

Email: [email protected]

Executive Director

Financial Advisory Services

Forensic / AML


Ho Kok Yong

Lead Client Service Partner


Director

Risk and Regulatory Advisory Services


mailto:[email protected]





Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities.

DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see

www.deloitte.com/about for a more detailed description of DTTL and its member firms.

Deloitte provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries. With a globally connected network of member

firms in more than 150 countries and territories, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most

complex business challenges. Deloitte’s more than 200,000 professionals are committed to becoming the standard of excellence.

About Deloitte Southeast Asia

Deloitte Southeast Asia Ltd – a member firm of Deloitte Tohmatsu Limited comprising Deloitte practices operating in Brunei, Cambodia, Guam, Indonesia, Laos, Malaysia,

Myanmar, Philippines, Singapore, Thailand and Vietnam – was established to deliver measurable value to the particular demands of increasingly intra-regional and fast growing

companies and enterprises.

Comprising over 270 partners and 6,300 professionals in 24 office locations, the subsidiaries and affiliates of Deloitte Southeast Asia Ltd combine their technical expertise and

deep industry knowledge to deliver consistent high quality services to companies in the region.

All services are provided through the individual country practices, their subsidiaries and affiliates which are separate and independent legal entities.

This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities

(collectively, the “Deloitte network”) is, by means of this communication, rendering professional advice or services. No entity in the Deloitte

network shall be responsible for any loss whatsoever sustained by any person who relies on this communication.

© 2014 Deloitte Southeast Asia Ltd 32

Date post:	20-Sep-2018
Category:	Documents
Upload:	phamdat
View:	213 times
Download:	0 times