ANTI-MONEY LAUNDERING AND COUNTERING TERRORISM FINANCING CORPORATE FRAMEWORK

Transcription

1 ANTI-MONEY LAUNDERING AND COUNTERING TERRORISM FINANCING CORPORATE FRAMEWORK FINAL VERSION: JULY 2017 Page 1 f 12

2 TABLE OF CONTENTS 1) Intrductin 2) Definitin and scpe 3) Scpe f applicatin and implementatin by subsidiaries 4) Principles 5) Rles and respnsibilities 6) Key prcesses 7) Gvernance 8) Ownership 9) Validity Date and Peridic Review Appendix: Definitin f terms Page 2 f 12

3 1) INTRODUCTION The purpse f this framewrk is (i) t establish the principles and standards that must be adhered by entities f Santander Grup (the "Grup") in relatin t the preventin and cntrl f mney laundering and terrrist financing ("AML/CTF"), and als fr the purpses f cmpliance with internatinal sanctin prgrammes, (ii) t define rles and respnsibilities in this area, (iii) t establish the plicies and prcedures that must be undertaken by Grup entities and (iv) t define the essential features f the gvernance. 2) DEFINITION AND SCOPE The fllwing definitins are established fr the purpses f this framewrk: Mney laundering: Participatin in any activity that has the aim f acquiring, pssessing, cntrlling, using, cnverting, transferring, cncealing r disguising the nature, surce, lcatin, dispsitin, mvement r rights with respect t, r wnership f, criminal prperty in the knwledge that that prperty is the prceeds f criminal activity r participatin in such activity. Terrrist financing: The prvisin, depsit, distributin r cllectin f any prperty, in any means, directly r indirectly, with the intentin that the prperty be used, r knwing that the prperty will be used, in whle r in part, t cmmit a terrrist act. Internatinal sanctin prgrammes: Instruments f a plitical, diplmatic and ecnmic nature used by internatinal institutins and cuntries t exert influence in areas such as the preventin and pursuit f terrrism, supprt and defence f human rights and civil liberties, deterrence f pssible armed cnflicts r the prhibitin f the develpment f weapns f mass destructin. Mney laundering and terrrist financing are universal glbalised phenmena that take advantage f the internatinal ecnmy and the gradual eliminatin f barriers t trade glbally, calling fr a crdinated glbal respnse by the internatinal cmmunity and the financial sectr t prevent the sectr being used fr illicit purpses. Santander recgnises the imprtance f the fight against mney laundering and terrrist financing as it affects essential aspects f scial life. The Grup will always fully cperate with the relevant authrities in this area. This framewrk shuld be read in cnjunctin with ther s and, in particular, the prvisins f the General Cmpliance & Cnduct Framewrk, the internal regulatin fr peratinal risks and thers related t utsurcing and agreements with third parties. 3) SCOPE OF APPLICATION AND APPLICATION TO SUBSIDIARIES This Framewrk: is applicable thrughut the whle Grup, is applied n a mandatry basis and cmpliance with it must be evidenced. Page 3 f 12

4 shall be adpted by the Bard f Directrs f entities subject t the Grup Subsidiary Gvernance Mdel (GSGM). shall be adhered t by all entities within the Grup with any adaptatins being strictly limited t thse required by lcal law and regulatin. Any adaptatin r waiver fr any part f this framewrk must be limited t thse required by lcal law and regulatin and submitted t the Crpratin fr cnsideratin and apprval. includes reference t specific elements fr lcal implementatin all f which shuld be submitted t the Crpratin fr validatin t ensure they are cnsistent with this Framewrk. These shuld als be subject t peridic review and updates. 4) PRINCIPLES The fllwing principles reflect the minimum Grup expectatins f the Grup as a whle. These principles are mandatry and must be applied at all times. Assessment and management f business risk: All Grup entities will be classified by levels f risk fr the purpses f designing and implementing measures and cntrls t mitigate such risks, and fr applying greater supervisin t high-risk areas f business, prducts and channels. This acknwledges that the risk f invlvement in mney laundering r terrrist financing is directly related t the type f business carried n by Grup entities, the prducts they distribute, and the channels used. It als cnsiders that this threat may be managed mre efficiently if there is prir knwledge f the ptential risk cncerning the varius types f business and prducts. Custmer risk segmentatin, Identificatin and Knw Yur Custmer: Custmers f subsidiaries f the Grup must be classified by risk level fr the purpses f designing and implementing measures and cntrls t mitigate these risks, and fr applying greater cntrl ver high-risk custmers and transactins. This acknwledges that the risks inherent t mney laundering may be managed mre efficiently if there is prir knwledge f the ptential risk cncerning the varius types f custmers and transactins. Custmers and transactins must be mnitred n a cntinuus basis nce such custmers have established a frmal relatinship with a particular Santander entity. Knw Yur Custmer bligatins t identify (and knw yur custmer and their activities) must be established by apprpriate due diligence. This bligatin will be met in accrdance with the prvisins made by the applicable legislatin and the risk level in areas f business, activities, prducts, services, distributin r sales channels, cuntries f peratin and transactins carried ut. Prhibited custmers r custmers with enhanced acceptance measures: Santander Grup will nt accept custmers where the necessary data is nt available, r which fall int ne f the Grup agreed categries f prhibited custmers. Prhibited custmers are as fllws: Page 4 f 12

5 Persns n fficial sanctined lists r persns that are related t 1 cuntries prhibited by the Grup in the terms determined. Persns where infrmatin is available t suggest that they may be invlved in criminal activities. Persns with businesses the nature f which makes it impssible t verify the legitimacy f the activities r the rigin f the funds. Persns wh refuse t prvide the infrmatin r dcumentatin required. Legal entities where the sharehlder structure r cntrl structure cannt be determined. Casins r gambling cmpanies that are nt fficially authrised. Financial institutins that are registered in cuntries r territries in which they d nt have a physical presence (als knwn as "shell banks"). Custmers n the list f prhibited custmers in the Santander Grup's crprate plicies. The fllwing categries f custmers will nly be accepted with prir authrisatin by the internal gvernance bdy respnsible fr anti- mney laundering and financing f terrrism 2 : Custmers invlved with the prductin r distributin f weapns and ther military prducts. Casins r gambling cmpanies fficially authrised. Freign exchange cmpanies, mney transmissin cmpanies r similar. Plitically expsed persns (PEPs 3 ) and their and their relatives and clse assciates 4. Transactin mnitring and analysis: Onging mnitring f a business relatinship with all types f custmers must be cnducted, cntrlling and analysing sensitive r high-risk transactins in cnnectin with mney laundering and terrrist financing, in rder t detect suspicius transactins. Prper IT systems must be available t this end, taking int cnsideratin the type f transactins, business sectr, gegraphic envirnment and transactinal vlume. Enhanced mnitring must be applied t material high-risk custmers and transactins, taking int accunt the key indicatrs fr these custmers and their accunts, cnsidering circumstances as cuntries f rigin, the rigin f funds, the type f transactins and ther risk factrs. 1 That have a link t the prhibited cuntry r t individuals r legal entities resident r incrprated in the prhibited cuntry, r are related t the gvernment r the fficial institutins f the state (even if they are resident utside the prhibited cuntry). 2 The mst senir management cmmittee in relatin t AML/CTF. 3 PEP is an individual wh is, r has at any pint in the preceding years, been entrusted with a prminent public functin. A prminent public functin may include but is nt limited t: Heads f State; Heads f Gvernment and Ministers (including deputy and assistant ministers); Members f Parliament (r f similar legislative bdies); and senir fficials f majr plitical parties; Senir Judicial Officials; Central bank bard members; Ambassadrs and high-ranking armed frces fficials; Members f ruling Ryal families with gvernance respnsibilities; Senir Executives f state-wned enterprises; and Directrs, deputy directrs and members f the bard r equivalent functin f an internatinal rganisatin 4 a) a spuse (including a persn wh is cnsidered by natinal law t be equivalent t a spuse; b) a partner; c) children and their spuses r partners; d) siblings and e) parents (including in-laws where this can be ascertained). Knwn clse assciates include: a) A persn wh is a jint beneficial wner f a legal entity (r ther arrangement) with a PEP; b) A persn wh is a clse business relatin f a PEP; and c) A persn wh is the sle beneficial wner f an arrangement set up fr the benefit f a PEP. Page 5 f 12

6 Suspicius transactin reprting and systematic reprting: Grup entities must fulfil the bligatin f reprting and cperate with the relevant authrities. Grup entities must ensure that all emplyees are aware f their bligatins t immediately reprt ptentially suspicius transactins t the internal AML/CTF unit, in rder t, in accrdance with the law, make the necessary review and reprt r ntificatin f suspicius transactins t the authrities. Grup entities must ensure that all emplyees are aware f their bligatins when reprting a ptentially suspicius transactin r activity t the internal AML/CTF unit, including nt t prvide any infrmatin, internally r externally, n cncerned custmers r transactins. Grup entities must ensure that the blcking f transactins and mvement f funds and/r the prhibitin f pening accunts is executed in line with lcal law and regulatin. Recrd-keeping: Grup entities must ensure that rbust recrd-keeping is maintained and that, as a minimum, dcuments listed are kept fr a perid f at least six years r any lnger perids that applicable lcal law r regulatin dictates: Dcumentatin regarding identifying and knwing yur custmers. Reprts submitted t the authrities cncerning the suspicius activities f a custmer in cnnectin with ptential mney laundering and/r terrrist financing, alng with any supprting dcumentatin. Registers f training n mney laundering and terrrist financing. Any ther dcuments r registers that must be kept by applicable legislatin f anti-mney laundering r terrrist financing. AML/CTF Training: All emplyees must receive nging training n the bligatins arising frm regulatins n the anti-mney laundering and terrrist financing. This must be facilitated thrugh: Annual training plans and targeted training t managers and emplyees and specifically staff perfrming thse jbs that, by nature, are suitable fr detecting any events r transactins that may be related t mney laundering r terrrist financing, enable the emplyees t carry ut detectin and knw hw t prceed in such cases. Ensuring that training plans and prgrammes determine the staff wh require targeted training fr the purpses f assessing the risk f mney laundering and terrrist financing inherent t their functins r rles. The registratin f all training, with a descriptin f the main characteristics and cntents. Cntinual sharing f infrmatin t all thse respnsible fr anti-mney laundering in all business entities f any regulatry changes in this area, as well as any new systems, techniques r prcedures detected that may be used fr mney laundering r terrrist financing. Sanctin prgrammes: Grup entities must have effective plicies and prcedures in place in rder t effectively cmply with the restrictins under sanctin prgrammes and internatinal financial cuntermeasures. Page 6 f 12

7 Grup entities must identify and fllw sanctin prgrammes and financial cuntermeasures, mnitr the internatinal sanctin prgrammes issued by UN, EU and OFAC that might affect the activities f the Santander Grup. Grup entities must risk assess and manage t determine the extent t which a business relatinship r activity may be affected by internatinal restrictins, and apprach must be taken int accunt in risk assessment methdlgy. Grup entities must refrain frm cnducting business relatinships with restricted persns and entities. N direct r indirect relatins shall be established with persns and entities subject t internatinal restrictins. T this end, apprpriate and up t date knwledge f custmers, their activity, and ther persns and entities carrying n relatinships with the Grup shuld be btained. Grup entities must maintain cmmercial peratins and payments in cmpliance with restrictins. Transactins carried ut by Grup entities must be cmpliant with the restrictins under internatinal sanctin prgrammes, and n transactins can be undertaken if they fail t meet the cnditins set ut in the prgrammes. Grup entities must blck assets when required. There must be means t detect relatins with persns r transactins which d nt cmply with sanctins prgrammes. There must als be prcesses in place t blck assets in the terms established in sanctins prgrammes and furnish prcedures t blck the funds f persns, entities r grups subject t these measures. Grup entities must implement internal cntrls and preventin mechanisms. Cntrls and specific measures must be implemented fr the preventin and detectin f deficiencies in systems and negligent r irregular actin taken by emplyees that may result in a failure r malfunctins in the applicatin f internatinal restrictins. Cnslidated management f knw-yur-custmer risks: Cnslidated management f knw-yur-custmer risk cnstitutes a principle fr crdinating and sharing infrmatin thrughut the Grup that helps identify, mnitr and reduce risks, and cmply with applicable legislatin and regulatins. Grup entities must immediately prvide the parent cmpany with apprpriate data cncerning high-risk custmers and activities, and react prmptly t infrmatin requests by the parent cmpany t assist the Grup t manage regulatry and reputatinal risk relating t mney laundering and terrrist financing. This may include data prtectin laws and crss-brder utilisatin, depending n the jurisdictin. Grup entities must establish the same abve mentined discipline fr lcal units/subsidiaries r subsidiaries in third-party jurisdictins that are directly cntrlled by them in relatin t AML/CTF. Grup entities must, in all cases, establish safeguard mechanisms s that infrmatin cncerning custmers and their transactins are kept strictly cnfidential, subject t privacy laws in the cuntry f rigin. Page 7 f 12

8 5) ROLES AND RESPONSIBILITIES The fllwing is a descriptin f the rles and respnsibilities f functins invlved in the matters cvered by this framewrk. Such rles and respnsibilities must be exercised respecting the three lines f defence and the need t achieve cllabratin between the Crpratin and Subsidiaries. Grup entities shall have an apprpriate rganisatinal and gvernance structure t identify, prevent and detect mney laundering and terrrist financing, reprt in line with the requirements established in law, and blck r freeze funds r ecnmic resurces fllwing applicatin f cntrls f sanctins r internatinal financial cuntermeasures. Grup entities shall have at least ne persn appinted as a head the functin level, wh will take respnsibility fr applicatin f this framewrk, its implementatin, and enter int dialgue with lcal supervisrs if necessary. Grup entities may appint an individual respnsible fr AML/CTF in specific business areas, which perate under the crdinatin and dependency f the anti-mney laundering and terrrist financing functin. First line f defence: As a general rule and in the cntext f AML/CFT, the business and supprt units are the first line f defence in charge f identifying, assessing and cntrlling the risks f their business. They shuld knw and carry ut the plicies and prcedures and be alltted sufficient resurces t d this effectively. As part f the first line f defence, plicies and prcedures shuld be clearly specified in writing, and cmmunicated t all persnnel. They shuld cntain a clear descriptin fr emplyees f their bligatins and instructins as well as guidance n hw t keep the activity f the bank in cmpliance with regulatins. There shuld be internal prcedures fr detecting and reprting suspicius transactins. Secnd line f defence: Risk and Cmpliance & Cnduct, as the secnd line f defence, will prvide independent challenge and versight f the risk management activities perfrmed by the first line f defence. This secnd line f defence shuld ensure that risks are managed in accrdance with the risk appetite defined by senir management and prmte a strng risk culture thrughut the rganizatin. As an independent secnd line f defence, the Cmpliance & Cnduct functin is respnsible fr mnitring and verseeing risks arising frm AML/TF and sanctin prgrammes, assessing the impact n risk appetite and the risk prfile f the entity and taking accunt f the prvisins f this framewrk. They will develp and implement the necessary plicies and prcedures t prperly manage and cntrl the preventin f mney laundering and terrrist financing and sanctin prgrammes. The Risk functin shall be respnsible fr integrating and cnslidating the risks arising frm cnduct and reputatinal risks, assessing the impact n risk appetite and the risk prfile f the entity, and taking accunt f the prvisins f this framewrk. They als add cnclusins t specific risk infrmatin in Page 8 f 12

9 such a way as t present a cmplete picture f the full range f risks t which the entity r the Grup is expsed. Third line f defence: As part f the third line f defence, the Internal Audit Functin regularly assesses that plicies, methds and prcedures are adequate and effectively implemented fr the management and cntrl f the system fr the preventin f mney laundering and terrrist financing fr cmpliance with sanctin prgrammes in the Grup, prviding an independent assessment. 6) KEY PROCESSES Grup entities must have effective internal regulatin in place enabling them t demnstrate that the AML/CTF activities and related prcesses are prperly executed and in line with all applicable laws and regulatins including sanctin prgrammes and internatinal financial cuntermeasures. The Crpratin will draw up reference dcuments infrming Grup entities f the best practices identified at crprate level that may be used t develp their wn lcal internal regulatins, making any necessary lcal adaptatins necessary. The Grup may als issue additinal dcuments t act as guidelines fr the prper interpretatin and cnsistent applicatin f internal plicies within the Grup. Lcal internal regulatins drawn up by Grup entities must be validated by the crprate functin fr the preventin f mney laundering and terrrist financing befre they are apprved by the mst senir lcal management cmmittee in relatin t AML/CTF. Internal regulatins in this area must als be reviewed n a regular basis t ensure they are cmplete and up t date, with any mdificatins r updates necessary. Specifically, Grup entities must have the plicies in place that cver the fllwing mandatry areas: preventin f mney laundering and terrrist financing, and specifically cvering certain activities f crrespndent banks and private banking. supervisin and assessment f the risks arising frm management and preventin f mney laundering and terrrist financing and cmpliance with internatinal sanctin prgrammes. Any ther plicies and prcedures that must be drawn up fr the purpses f cmpliance with any regulatins at any time r, n the initiative f the Grup r the entities, t enhance management, cntrl and supervisin f the issues t which this framewrk refers. The Grup may als issue its subsidiaries with additinal dcuments, t act as guidelines fr the prper interpretatin and cnsistent applicatin f internal plicies within the Grup. 7) GOVERNANCE The Gvernance applied in the Grup shuld prmte efficient gvernance structures that ensure adequate participatin by all relevant functins. Gvernance must als be cmpatible with the functins at a lcal level, with crdinated management and versight at the Grup level. Page 9 f 12

10 The gvernance bdies fr the Grup's subsidiaries must be structured taking int accunt lcal regulatry and legal requirements, as well as the size and cmplexity f each subsidiary, whilst ensuring that they are cnsistent with thse f the parent cmpany. Any such gvernance bdies must prmte clear and effective decisin-making and clarity f accuntability. Carrying ut the AML/CTF functin prperly in terms f decisin-making, supervisin and cntrl requires a gvernance structure, which can prvide a respnse in an efficient and agile manner at bth a crprate and subsidiary level. In its applicatin f this framewrk, Grup entities shall identify the gvernance bdies r cmmittees respnsible fr defining, mnitring, cntrlling and verseeing the AML/CTF regulatry risks. The Bard f Banc Santander, S.A. and its cmmittees, in accrdance with the prvisins f its bylaws and Bard regulatins, are the mst senir decisin-making and mnitring bdies in cnnectin with the management and cntrl f mney laundering and terrrist financing and cmpliance with the sanctin prgramme, except in the case f issues reserved fr the general meeting. The Bards f subsidiaries are als the mst senir bdies at their level. The Bards f each entity and f the Grup are respnsible fr the: adptin f s Supervisin f cmpliance with AML/CTF regulatins and legislatin, including any actins and measures as a result f inspectins by supervisry and cntrl authrities, in additin t internal cntrl and assurance functins. Apprval f AML/CTF risk appetite as part f the brader risk appetite. The risk supervisin bdy (Bard Risk Cmmittee) is respnsible fr: Assisting and advising the Bard in the definitin and assessment f the plicies stipulated in this Framewrk. Assisting the Bard with supervisin f the applicatin and analysis f the place in the risk prfile. Mnitring and assessing any regulatry prpsals and new applicable regulatins, and the ptential cnsequences fr the Grup. The audit bdy (Bard Audit Cmmittee) is respnsible fr: Oversight f the effectiveness f the internal cntrl systems, by reviewing them peridically, in rder t identity, manage and release the main risks prperly. In additin t the abve, the Grup and Grup entities shall establish apprpriate gvernance required t ensure the prper management and cntrl f AML, CTF, sanctin prgrammes and assciated risks. Grup Cmpliance & Cnduct shall validate the apprpriateness f such Cmmittees in rder t ensure that rbust gvernance is in place. Page 10 f 12

11 8) OWNERSHIP This dcument must be apprved by the Bard f Banc Santander S.A. The Grup Anti-Mney laundering and Terrrist Financing Cmmittee is respnsible fr the interpretatin f this Framewrk. 9) VALIDITY DATE AND PERIODIC REVIEW This framewrk will be effective n a Grup-wide basis frm the date f its publicatin. Its cntents will be reviewed peridically, and any changes r mdificatins will be made as apprpriate. Page 11 f 12

12 APPENDIX: DEFINITION OF TERMS Santander Grup r the Grup: grup f cmpanies cmprising Banc Santander, S.A. as the parent cmpany, and the dependent cmpanies ver which it has direct r indirect cntrl. Fr clarificatin, it cmprises the Banc Santander, S.A. parent cmpany, including the Santander Spain rganisatinal units, which are part f said cmpany, and any ther unit/subsidiaries f Banc Santander S.A. Crpratin: all the gverning bdies, rganisatinal structures and emplyees entrusted by Banc Santander, S.A. t exercise versight and cntrl acrss the entire Grup, including thse functins typically assciated with the relatinship between a parent cmpany and its subsidiaries. Subsidiary: a dependent cmpany that frms part f the Santander Grup r ne directly r indirectly cntrlled by Banc Santander, S.A. Gverning Bdy: Gvernance Bdy r grup f bdies f a cmpany that are respnsible fr the supervisin and management f the business at the highest level. Senir management: individuals wh exercise executive functins in the entity and wh are respnsible fr the daily management f the entity, and wh are accuntable t the Gverning Bdy. C&C: Cmpliance and Cnduct Cmpliance functin: the grup cnsisting f the Grup C&C functin and all subsidiary C&C functins. Rules: legal and regulatry requirements (including internal cdes). Standards: guidelines and minimum requirements which may be frmulated by the Grup, industry bdies r ther entities and which Santander has a cmmitment t. Page 12 f 12