Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences...

36
Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance Manager

Transcript of Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences...

Page 1: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Customer Due Diligence & Corporate Governance ForumOctober 2014

Customer Due DiligenceExperiences from the Eurozone

Antonio GhirlandoLegal & Compliance Manager

Page 2: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

The Scenario

Global

Regional

National

Obliged Entities

CustomerDue Diligence

Risk-Based Approach

SimplifiedDue Diligence

EnhancedDue Diligence

Page 3: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Global Standards

APG

CFATF

MONEYVAL

EAG

ESAAMLG

GIABA

GAFISUD

MENAFATF

Page 4: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Global Standards

1990 1996 2001 2003 2012

The revised FATF Recommendations issued on the 16th February 2012 include a number of significant and important changes that have strengthened the standards in a number of key areas.

Page 5: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Global Standards

“Although the financial services industry is increasingly moving towards a globally standardised approach, there is still notable inconsistency with regard to implementation of AML controls at regional and local levels. This is not too dissimilar from the fragmented approach regulators continue to display in their global efforts to manage financial crime.

Despite some positive steps and evident strides in coming to grips with the 21st century challenges posed by money laundering threats, regulators and the financial services industry continue to lag behind today’s globally connected money launderers.

Inconsistent regulations have left gaps in which money launderers thrive, and as such, it will become essential that regulators implement a consistent regulatory approach, but also foster a closer working relationship with industry professionals in order to leverage each other’s resources, align mutual interests, and effectively tackle financial crime”.

KPMG Global Anti-Money Laundering Survey 2014

Page 6: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Regional Measures

The 3rd Anti-Money Laundering Directive has been adopted by all 28 EU Members States, as well as a number of other European countries.

There are a total of 18 EU Member States that have, to date, adopted the €uro. Most others are obliged to do so.

The use of the currency extends beyond the Eurozone, either through monetary agreements or through unilateral adoption of the €uro.

Page 7: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Regional Measures

Page 8: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Regional Measures

The 3rd Anti-Money Laundering Directive (Directive 2005/60) is part of a broader set of legislative measures aimed at the prevention of money laundering and terrorist financing. These include: Directive 2006/70; Regulation 1781/2006; Regulation 1889/2005; EU Council Decision 2000/642; and A number of EU legal instruments imposing sanctions and restrictive measures on

governments of third countries, or non-state entities and individuals.

Page 9: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

National Measures

Prevention of Money Laundering Act

Criminal Code (Articles 328A to 328M)

Prevention of Money Laundering & Funding of Terrorism Regulations

Implementing Procedures

Guidance Notes

Page 10: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Obliged Entities

Customer Due Diligence

Risk Assessment & Risk Management

Record Keeping Procedures

Reporting Procedures & Obligations

Awareness, Training & Vetting of Employees

Internal Controls

Page 11: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

CDD Measures

Customer Due Diligence

Ongoing Monitoring

Purpose & Intended Nature

Identification & Verification

Page 12: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Applicant for Business

A legal or natural person

Whether acting as principal or agent

Who seeks to form a business relationship, or carry out an occasional transaction

With a person who is acting in the course of either relevant financial business or relevant activity.

Page 13: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner (BO)

General Definition: A natural person who ultimately owns or controls the customer. A natural person on whose behalf or for the benefit of whom a transaction is

being conducted.

Specific Instances: Body corporate or body of persons. Legal entity or legal arrangement which administers and distributes funds. Long term insurance business.

Page 14: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner (BO)

• A natural person who owns or controls, whether directly or indirectly, more than 25% of the shares or voting rights (including through bearer shares).

• A natural person who otherwise exercises control over the management.

Body corporate or

body of persons

• A natural person who is the beneficiary of at least 25% of the property.• In the case of non-determined beneficiaries, the class of persons.• A natural person who controls at least 25% of the property.

Legal entity or legal

arrangement

• The beneficiary under the policy.Long term insurance business

Page 15: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Identification & Verification

IdentifyOfficial full nameDate & place of birthPermanent residential addressIdentity reference numberNationality

VerifyGovernment-issued document with photographic evidence to verify identityDocument to verify address

Applicant for businessBeneficial owners

Page 16: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Principal

Identification and verification procedures depend on whether:

Obliged entities must ensure that the applicant is duly authorised in writingto act on behalf of the principal.

Applicant is actingon behalf of anatural person

Applicant is actingon behalf of a

company or partnership

Applicant is actingon behalf of a

foundation or association

Applicant is atrustee

of a trust

Page 17: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

CFT Obligation

Obliged entities should have a system in place which detects whether an applicant for business is subject to any financial sanctions:

o UN Security Council Resolution 1267/1999o UN Security Council Resolution 1373/2001o Related EU Regulations

Obliged entities need to remain updated with all sanctions that might have an impact on their business operations:

o Independent researcho ‘International Sanctions’ section on the MFSA website (= prudential regulator)o Commercial databases, etc.

Page 18: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Purpose & Intended Nature

Establish Business & Risk Profile

Business/ occupation/ employment

Source(s) of wealth

Expected source & origin of

funds

Anticipated level of activity

Anticipated nature of activity

Page 19: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Ongoing Monitoring

Scrutiny of transactions: On the basis of the business and risk profile of the customer. In response to activities of a similar peer group. In response to specific types of transactions.

Complex or large transactions.Transactions from a non-reputable jurisdiction.

Updating CDD documentation: Updating expired documentation. Collecting new documentation as necessary.

Page 20: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Source of Wealth & Funds

The economic activity generating the total net worth

of the customer

Source of Wealth Source of Funds

The activity, event, business, occupation or employment from which funds used in a

transaction originate

At the beginning of the business relationship

As part of the ongoing monitoring process

Page 21: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Application of CDD

SDD

EDD

Customer Due Diligence

Page 22: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Enhanced Due Diligence

Customer Due Diligence

General Circumstances

Customer Risk

Product/ Service Risk

Interface Risk

Geographic Risk

Specific Circumstances

Non Face-to-Face

Correspondent Banking

Politically Exposed Persons

New/ Developing Technologies

Page 23: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Simplified Due Diligence

Customer Due Diligence

Applicants

Relevant financial business

Listed entities

BOs of pooled accounts

Public authorities/ bodies

Certain low-risk entities

Products

Certain insurance policies

Certain pensions or similar schemes

Electronic money

Certain low-risk products

Specific criteria/ limits apply in most instances

Page 24: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Implementation of 3rd AML Directive

There are significant differences in the way the 3rd Anti-Money Laundering Directive has been implemented within the Eurozone and the EU as a whole. Differences relating to CDD (including BOs) include: Calculation of the 25% threshold for corporates; Categories of persons considered to otherwise exercise control over corporate

entities; Calculation of the 25% threshold for legal entities; Control and ownership structure; Verification of identity; High-risk indicators and enhanced due diligence; Requirement to keep BO information up-to-date; and Use of BO information obtained for CDD purposes.

Page 25: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Towards the 4th AML Directive

Scopeo Align EU legislation with the revised FATF Recommendations.o Address issues that have arisen within a European context.

Timelineo Official proposal published by the Commission – 5th February 2013.o 1st compromise text issued by the Presidency – 30th August 2013.o 2nd compromise text issued by the Presidency – 22nd November 2013.o 3rd compromise text issued by the Presidency – 28th January 2014.o 3rd compromise text (revised) issued by the Presidency – 21st February 2014.o European Parliament amendments – 11th March 2014.o 4th compromise text issued by the Presidency – 8th May 2014.o 4th compromise text (revised) issued by the Presidency – 22nd May 2014.o 5th compromise text issued by the Presidency – 10th June 2014.

Page 26: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner

In the case of corporate entities the definition is clarified, and further guidance on how to identify beneficial ownership is outlined in the text.

In case of trusts and similar arrangements the settlor, trustee, protector, beneficiaries or class of beneficiaries (or similar positions) or any other person exercising control shall be regarded as a beneficial owner.

Page 27: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner

Company A

Company B 10%

Person 2 100%

Company C 60%

Person 3 20%

Person 4 50%

Person 5 30%

Person 1 30%

Legal persons

Natural persons not required to be identified as a beneficial owner

Natural persons required to be identified as a beneficial owner

Page 28: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner

Company V

Company W 18%

Company Y 100%

Person 4 100%

Company X 52%

Person 2 20%

Person 3 50%

Company Z 30%

Person 1 30%

Legal persons

Natural persons not required to be identified as a beneficial owner

Natural persons required to be identified as a beneficial owner

Page 29: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Owner

Company A

Person 1 Shares 20% Voting 10%

Person 2 Shares 30% Voting 20%

Person 3 Shares 20% Voting 30%

Person 4 Shares 30% Voting 40%

Legal persons

Natural persons not required to be identified as a beneficial owner

Natural persons required to be identified as a beneficial owner

Natural persons required to be identified as a beneficial owner

Page 30: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Ownership Information

5th Presidency Compromise Text (Articles 29 – 30)

What information should be retained?o Corporate entities – essential information, including beneficial ownership

information.o Trusts or similar arrangements – identity of settlor, trustee, protector,

beneficiaries or class of beneficiaries (or similar positions) and any other person exercising effective control.

How should information be made available?o To obliged entities – on request when these would be conducting CDD.o To competent authorities and FIUs – information should be stored in a

specified location through central registries or by virtue of data retrieval systems. (Obliged entities may be granted access as well).

Page 31: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Beneficial Ownership Information

European Parliament Amendments (Articles 29 – 30)

What information should be retained?o Corporate entities – essential information, including beneficial ownership

information.o Trusts or similar arrangements – identity of settlor, trustee, protector,

beneficiaries or class of beneficiaries (or similar positions) and any other person exercising effective control.

How should information be made available?o Through public registers, commercial or company registers.o Accessible by competent authorities, FIUs, obliged entities and the public at

large (subject to identification).

Page 32: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Politically Exposed Persons (PEPs)

Members of governing bodies of political parties will also be regarded as PEPs.

EDD will not be limited to PEPs residing in other Member States or foreign jurisdictions, but will also be applicable to domestic PEPs.

Page 33: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Customer Due Diligence

Simplified Due Diligenceo No longer considered to mean “no CDD”.o Entirely risk-based.

Enhanced Due Diligence o Still mandatory in specific circumstances.o Inclusion of further specific circumstances where the application of EDD is

mandatory (for example, domestic PEPs and certain complex transactions).

Reliance on third partieso No longer strictly rules-based.o Introduction of group-wide reliance.

Page 34: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Risk-Based Approach

Shall have policies, controls and procedures to mitigate and manage effectively the money laundering and terrorist financing risks identified at Union level, Member State level, and at the level of obliged entities.

May determine the extent of customer due diligence (CDD) measures on a risk-sensitive basis depending on the type of customer, business relationship, product or transaction.

CurrentProposed

Page 35: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Risk Assessments – Overview

Supra-NationalEU Commission

NationalNational Authority

Obliged EntitiesSubject Persons

EU Member States, ESAs, FIUs & others

Public & private entities

Recommendations

Direction & Guidance

----------

----------

Page 36: Customer Due Diligence & Corporate Governance Forum October 2014 Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance.

Antonio [email protected]