Highlights Financial Sectors & Institutions Affected...1 Key Features Of The Notices And Guidelines...2 More Rigorous Customer Due Diligence (CDD) Measures...3 Risk-Based Approach To CDD...5 CDD In Cross-Border Correspondent Banking...6 CDD In Wire Transfers...7 Suspicious Transaction Reporting...8 Record Keeping...8 Internal Policies, Compliances, Audit And Training...8 Conclusion...9 MAS Issues Notices And Guidelines To Financial Institutions On Prevention Of Money Laundering And Countering The Financing Of Terrorism On 29 December 2006, the Monetary Authority of Singapore ( MAS ) issued various Notices ( Notices ) and companion Guidelines ( Guidelines ) on Anti-Money Laundering and Countering the Financing of Terrorism ( AML / CFT ). These Notices, which replace existing MAS notices, set out measures to be taken across the financial sector to help prevent Singapore from being used for money laundering or terrorist financing. All the Notices take effect from 1 March 2007, other than the Notice applicable for Trust Companies which takes effect from 1 April 2007. In addition, measures pertaining to wire transfers, which would affect Banks, Merchant Banks, Finance Companies and Money Changers and Remitters, would only take effect from 1 July 2007. The Notices incorporate comments received from earlier public consultations, and from developments in the implementation of the Financial Action Task Force ( FATF ) standards. To this regard, these new Notices aim to further refine Singapore s AML / CFT regime for the financial sector. The FATF, of which Singapore is a member, is an intergovernmental body established in 1989 to develop and promote policies to combat money laundering. The Guidelines, as with the Notices, have similar provisions that apply correspondingly to the respective institutions. This Update addresses not only certain key aspects that all institutions need to be aware of, but also certain sector-specific areas as well. Financial Sectors & Institutions Affected The Notices and Guidelines on AML / CFT have been prepared for the following financial sectors and institutions (collectively referred to as institutions ): Banks MAS 626 Please feel free also to contact the Knowledge & Risk Management Group at eoasis@rajahtann.com Money Changers and Remitters MAS 3001 Finance Companies MAS 824 Merchant Banks MAS 1014 1
Contacts Arnold Tan Partner Direct: (65) 6232 0701 Facsimile: (65) 6536 9453 E-mail: arnold.tan @rajahtann.com Hamidul Haq Partner Direct: (65) 6232 0398 Facsimile: (65) 6720 8660 E-mail: hamidul.haq @rajahtann.com Regina Liew Partner Direct: (65) 6232 0456 Facsimile: (65) 6438 0248 E-mail: regina.liew @rajahtann.com K. Muralidharan Pillai Partner Direct: (65) 6232 0768 Facsimile: (65) 6533 0827 E-mail: k.murali @rajahtann.com Life Insurers MAS 314 Capital Markets Intermediaries SFA04-N02 Financial Advisers FAA-N06 Approved Trustees SFA13-N01 Trust Companies TCA-N03 Structure Of The Notices And Guidelines The Notices set out the obligations of the institutions to take measures to help mitigate the risk of the banking system of Singapore being used for money-laundering or terrorist financing. In this regard, many of the proposed key requirements and measures within the Notices and Guidelines apply similarly across the board, for all the institutions. However, certain sector specific needs have also been accommodated for by the MAS. In particular, Capital Markets Intermediaries ( CMI ) should be aware that guidance for their sector was also drawn from two papers by the International Organisation of Securities Commissions ( IOSCO ); Principles on Identification and Beneficial Ownership for the Securities Industry (May 2004) and Anti-Money Laundering Guidance for Collective Investment Schemes (October 2005). Key Features Of The Notices And Guidelines The revised Notices incorporate a number of key requirements and measures, most of which apply similarly across all the financial sectors. These features can be categorised broadly under the following: More Rigorous Customer Due Diligence ( CDD ) Measures Risk Based Approach To CDD CDD in Correspondent Banking CDD in Wire-Transfers Suspicious Transaction Reporting Record Keeping Internal Policies, Compliance, Audit And Training 2
More Rigorous Customer Due Diligence (CDD) Measures Identification And Verification Of Customers The Notices have set out more clearly the CDD measures that institutions need to comply with, particularly with regards to the identification and verification of customers and beneficial owners. Institutions are currently obligated to establish and verify the identity of each customer who applies to establish business relations with them. The Notices explicitly require that, in addition to fulfilling the above requirement, where the customer is a company, partnership or other body corporate or unincorporate, the institutions must also go further by having to similarly establish the identity of directors, partners or persons having executive authority, as the case may be. Consequently, institutions would also have to verify the identity of the customers using reliable, independent sources. Further, apart from certain instances, the Notices also require institutions to inquire if there exist any beneficial owners in relation to a customer. Where beneficial owners are found, the institution is to take reasonable measures to sufficiently establish and verify their identities. In addition, Life Insurers intending to make payment to persons other than customers, such as upon surrender of a life insurance policy, must also similarly verify the identities of any persons to whom such payments are being made. The Notices also require all institutions to identify their customers. The Guidelines recommend that the institutions should take appropriate measures to address risks arising from establishing business relations or providing financial services without face-to-face contact. These measures include, amongst others, the following: contacting the customer at an independently verifiable residential or business telephone number; confirming the customer s address through an exchange of correspondence or other appropriate method; confirming the customer s salary details from recent bank statements from another bank; and requiring the customer to make a deposit using a cheque drawn on the customer s personal account with another Singapore bank Note, however, that the Notices do not permit MCR s to engage in non face-to-face transactions without the prior approval of MAS. Similarly, but to a lesser extent, the Notices also require Approved Trustee s to 3
have at least one face-to-face contact with their customers before signing the trust deed to act as trustee for a Collective Investment Scheme ( CIS ). Money-changer s and Remitters ( MCR ) would have to be alert to this particular requirement. MCR s are currently permitted to engage in aggregate transactions of up to $5,000 without needing to establish the identity of their customers. Thus, this proposed change would require MCR s to ensure identification of all their customers. The Notices also require the institutions to periodically review and keep up-to-date the adequacy of their identification information, particularly for higher risk categories of customers and beneficial owners. Notably, other than for the ongoing monitoring of customers, the Notices permit institutions to rely on qualified intermediaries to perform their CDD measures. Deferring The Completion Of CDD Measures Under the Notices, institutions are expressly required to complete their CDD measures before establishing business relations with a customer unless: it is essential not to interrupt the normal conduct of business operations; and provided the risks of money laundering and terrorist financing can be effectively managed by the institution (where adequate internal controls and procedures are already in place). Where business relations have been established in such circumstances, the Notices permit institutions, other than MCR s and Approved Trustees, to complete their CDD measures as soon as reasonably practicable. The Guidelines propose the following timeframes in this regard: to complete CDD measures no later than 30 working days upon establishing business relations; to suspend business relations and refrain from carrying out further transactions if CDD measures remain uncompleted 30 working days after establishing business relations; and to terminate business relations if CDD measures remain uncompleted 120 working days after establishing business relations. Where the above is not possible, the institutions are to terminate the business relationship, and where necessary to consider filing a Suspicious Transaction Report ( STR ). Notably, MCR s and Approved Trustees are only permitted to establish business relations with a 4
customer upon having completed all the requisite CDD measures. Performance Of CDD By Intermediaries The Notices allow for the institutions, apart from MCR s for whom this provision does not apply, to rely on an intermediary to perform elements of the CDD process, provided that the intermediary is AML / CFT compliant and certain requirements are met. In this case, for new customers introduced to the institution by such an intermediary, the institution can dispense with performing CDD on these customers, if the intermediary has already performed CDD on the customers and has satisfied the requirements. However, the Guidelines state that institutions which have outsourced the performing of CDD measures to a third party must still remain fully responsible and accountable for the conduct of CDD measures, as if the function had remained within the institution. CDD Measures For Non-Account Holders The Guidelines recognize that though a CMI may not directly open and maintain accounts for customers, it may provide other complementary services such as monitoring of asset holdings, sending statements of holdings or other related services. However, since these services relate, in substance, to the maintaining of accounts for customers, a CMI should not consider such customers as non-account holders. In addition, the Guidelines also deem that a CMI should not consider the direct subscription and redemption of CIS by retail customers as occasional transactions of non-account holders. Risk-Based Approach To CDD The Notices also set out the taking of a risk based approach to the application of CDD measures. This would permit institutions, apart from MCR s which need specific approval from MAS, to perform simplified CDD measures where they are satisfied that the risks of money laundering and terrorist financing are low. Notwithstanding, the Notices require enhanced CDD measures to be undertaken where higher risks of money laundering and terrorist financing are present. Particularly, the Notices set out the need for enhanced CDD measures when dealing with Politically Exposed Persons ( PEP ), who are defined as: natural persons entrusted with prominent public functions in a foreign country (such as heads of state, government ministers or senior military officials); and 5
immediate family members and close associates of such persons. In dealing with PEP s, the Notices require institutions to perform enhanced CDD measures that extend beyond mere identification and verification of identities. Such enhanced measures include: implementing appropriate internal policies, procedures and controls to determine a PEP; obtaining of senior management approval to establish or continue business relations with the PEP, or with a person who subsequently becomes a PEP; seeking to establish, by appropriate and reasonable means, the source of wealth or funds of the PEP; and conducting enhanced monitoring of business relations with the PEP. In addition, the Notices and Guidelines require institutions to give particular attention to such high risk categories of customers which may include: non-resident customers; private banking customers; body corporates set up as personal asset holding vehicles; companies that have nominee shareholders; companies that issue shares in bearer form; and persons from or in countries that have inadequate AML / CFT measures CDD In Cross-Border Correspondent Banking The Notices also specifically require certain CDD measures to be performed when institutions in Singapore provide correspondent banking services to financial institutions operating outside of Singapore (crossborder correspondent banking). These measures include: assessing the suitability of the foreign financial institution, such as by determining the nature of its business, its reputation, as well as the track-record and quality of its AML / CFT controls and supervision; documenting the foreign financial institution s respective AML / CFT responsibilities; and obtaining of approval from senior management to provide new correspondent banking services. 6
Further, Singapore institutions are not permitted to enter into, or continue correspondent banking relations with a shell bank. They must also ensure that the foreign financial institutions they deal with do not permit their accounts to be used by shell banks. CDD In Wire Transfers Certain Notices, especially in relation to Banks, Merchant Banks, Finance Companies and MCR s, also set out CDD measures to be performed in the case of wire transfer transactions. These particular CDD measures only come into effect from 1 July 2007. The Notices require that before effecting a wire transfer, institutions must establish and verify the identity of the wire transfer originator as well as record adequate details of the wire transfer. Such details would include, amongst others, the: date of the wire transfer; type and amount of currency involved; and details of the wire transfer beneficiary and the beneficiary institution. Further, to be in line with the FATF s Special Recommendation VII on Wire Transfers, where the amount to be transferred exceeds S$2,000 in a cross-border wire transfer, the Notices require that institutions also include in the payment instructions: The name of the wire transfer originator; The wire transfer originator s account number; and The wire transfer originator s address, unique identification number, or date and place of birth. In addition, for domestic wire transfers, the Notices require the institutions to either include all of the wire transfer originator s information, as would have been included in a cross-border wire transfer exceeding S$2,000, or to make available all such information within 3 working days. However, Institutions must be alert that the Notices do not set out CDD measures in instances where the cross-border transfer amount is less than S$2,000, although this was provided for in the earlier draft Notices issued for consultation. Though not expressly provided for, institutions would be best advised to adopt and follow at least the CDD requirements that have been set out for domestic wire transfers. Finally, in dealing with wire transfers, the Guidelines provide that 7
institutions should consider terminating business relations with, or not accepting in-coming wire transfers from, overseas ordering parties that, to their knowledge, are required to provide the wire transfer originator information but fail to do so. In this regard, the Guidelines propose for the institutions to also consider any legal or regulatory requirements that may be imposed on the overseas ordering party, in respect of cross-border wire transfers. Suspicious Transaction Reporting The Notices require the institutions to have effective and efficient processes and systems for identifying, detecting and reporting suspicious transactions. In this regard, the Guidelines have proposed that institutions complete their internal evaluations on whether a matter warrants referral to the Suspicious Transactions Reporting Office ( STRO ), via a Suspicious Transaction Report ( STR ), within 15 working days of receiving the matter, unless the circumstances are most extraordinary. However, if urgent disclosure is required, such as where a transaction is being investigated by the relevant authorities, the Guidelines state that institutions should initially notify STRO by telephone or email, and then to subsequently report by such means as STRO may direct. Record Keeping Institutions should also be aware, when setting their document retention policies, that the Notices impose the following document retention periods: a period of at least 6 years upon termination of business relations for customer identification information, and other documents relating to the establishment of business relations; and a period of at least 6 years upon completion of the transaction for records relating to a transaction, including any information needed to explain and reconstruct the transaction. However, Institutions shall retain records pertaining to a matter which is under investigation or which has been the subject of an STR for such longer period as may be deemed or required necessary. Internal Policies, Compliance, Audit And Training The Notices require institutions to ensure that their staff are regularly trained on AML / CFT measures. In this respect, the Guidelines have set 8
out that, apart from their initial training, institutions should also provide refresher AML / CFT training for staff at regular intervals, and at least once every two years. Conclusion This is a brief update on some of the key features of the Notices and Guidelines on anti-money laundering and countering the financing of terrorism. These Notices and Guidelines are a part of MAS continuous mandate to ensure that Singapore s financial sector is guarded by a rigorous AML / CFT regulatory framework that incorporates prevailing international standards. For your convenient reference, to view the various Notices and accompanying Guidelines, as well as our Client Updates on the earlier Public Consultations, please click on the respective links below: MAS Legislation, Notices and Guidelines on AML / CFT; Client Update - Public Consultation On Draft Guidelines To Notices On Prevention Of Money Laundering And Countering Terrorism Financing; and Client Update - Public Consultation On Draft Notices To Financial Institutions On Prevention Of Money Laundering And Countering The Financing Of Terrorism. If you would like more information on the above, please contact the partners whose numbers appear on the left of page 2, or contact the Knowledge & Risk Management Group at eoasis@rajahtann.com, and we would be happy to assist you. Rajah & Tann is one of the largest law firms in Singapore, with a representative office in Shanghai. It is a full service firm and given its alliances, is able to tap into resources in a number of countries. Rajah & Tann is firmly committed to the provision of high quality legal services. It places strong emphasis on promptness, accessibility and reliability in dealings with clients. At the same time, the firm strives towards a practical yet creative approach in dealing with business and commercial problems. The information contained in this Update is correct to the best of our knowledge and belief at the time of writing. The contents of the above are intended to provide a general guide to the subject matter and should not be treated as a substitute for specific professional advice for any particular course of action as the information above may not necessarily suit your specific business and operational requirements. It is to your advantage to seek legal advice for your specific situation. In this regard, you may call the lawyer you normally deal with in Rajah & Tann or e-mail the Knowledge & Risk Management Group at eoasis@rajahtann.com. 9