Why is it mandatory to collect Customers data/ information?
- To enable a reporting entity to meet its legal and compliance obligations under AML/ CFT Law/ Ministerial orders.
- To manage and mitigate risks of potential Money laundering & Terrorism financing cases.
- To be able to detect source of funds
- Verify ownership, record keeping and verify the Ultimate beneficiary from the transaction.
- Increase the level of security and to avoid any suspicious cases.
How will it Benefit CR Holders?
- It will enable sufficient and effective controls and procedures to detect any suspicious transactions.
- Develop and apply procedures based on risk-based approach
- To maintain internal control systems to perform customer due diligence and obtain information from reliable and up to date sources.
- Avoid risks of dealing with restricted / sanctioned individual's organizations.
Natural Person(s) information
- Full information of Identity card
- Permanent place of residence
- Full information of passport
- Contact number(s)
Registered Person Duties
- Obtain further information to establish client's identity and ultimate beneficiary.
-Pay Attention to the purpose of the transaction
- Continuously monitor client's transactions and has full responsibility on ending any business relationship if found suspicious or extraordinary (report immediately).
Compliance Officer Duties:
- ensure effectiveness of internal control, policy, procedures to identity customers.
If procedures are not applied:
- Ministry of Industry, Commerce and Tourism reserves all the right to impose a violation to any CR that does not comply with the law requirements.
- Administrative & Financial penalties.
According to Ministerial Order no 173 of 2017 as amended 108 of 2018 :
Obligations of Registered Persons
The Registered Person shall be committed to the following:
- Implement all policies and procedures as outlined in legislative Decree (4) of 2001 concerning the Prohibition of and Combating Money Laundering, and rules set out by the committee or the ministry to prevent the abuse of registered person operations for purpose of money laundering or terrorism financing.
- Not establishing a Business Relationship with money laundering and terrorism finance purpose
- Warning anyone associated with that Registered Person to not breach the provisions of the above two paragraph.
- Paying special attention in all kinds of processes and deals. The background and purposes of such processes and deals shall be inspected, and the findings of such inspection shall be recorded in writing and reported in the approved electronic template to the Competent Body
- Obliging that Registered Person's branches working abroad to adopt measures of preventing money laundering and terrorism financing in accordance with the FATF recommendations, and apply the provisions of this Order to the extent allowed by the laws and regulations applicable in the countries where such branches work, especially if such branches are in countries that do not or inadequately abide by the provisions of the Order. The Registered Person shall also be committed to informing the Competent Bodies in case the laws of the countries where such branches work hinders the application of the provisions of this Order.
- Implement all FATF recommendations.
- To establish sufficient and enough controls and procedures to implement the decisions of the United Nations and the local lists and to report any suspicions related thereto.
- Develop and apply procedures based on a risk-based approach.
- Apply the results of the national risk report and reflect its results on processes and risk-based internal procedures and update those procedures whenever the national risk assessment report is updated.
- Develop internal control systems that can obtain due diligence information towards the client from reliable and up-to-date sources.
- Not receiving cash exceeding BD 3000 or equivalent in other currencies for gold and jewelry activities dealers.
First: Procedures of Identity Identification:
- Registered Persons shall, before conducting any Business Relationship or Separate Process (es), be committed to verifying the identity of the client and the ultimate beneficiary of any Business Relationship or Separate Process (es), the registered person is also obliged to follow reasonable and sufficient procedures to verify the source of the money thereof by all forms of authentication, and to not dealing with persons whose identity is unknown or do not provide proof of identity or identity of the ultimate beneficiary.
- The Registered Person shall develop the appropriate procedures that oblige each client, who wishes to establish a Business Relationship or Separate Process(es) with that Registered Person, to identify his identity and identity of the ultimate beneficiary and present sufficient proofs.
- When one of the institutions gets merged with another institution, the institution merged with shall not be required to identify the identity of the merged institution's clients as per the provisions of this Order if:
- The merged institution has already applied the procedures of maintenance stipulated in Paragraphs (a), (b) and (c) of Article (6) of this Order.
- The detailed investigations did not result in any doubts on the conformity of the merged institution's procedures of the prohibition of and combating money laundering and terrorism finance with the requirements provided in Legislative Decree no. (4) of 2001 concerning the Prohibition of and Combating Money Laundering and Terrorism Finance amended by Law no. (54) of 2006.
Second: Identity Information:
- A copy of the identity information that shall be verified and maintained in clients' records in relation to natural persons is as follows:
- The full information of the passport.
- ID card.
- Permanent place of residence.
- Name and address of employer.
- The business relationship's commencement date, type, amount, currency and details.
- The identity information that shall be verified and maintained in clients' records in relation to corporate as follows:
- Name of corporate or company.
- Legal form.
- Number and place of registration.
- Type of the activity undertaken.
- Address of the head office and branches (if any).
- Names of the members of the Board of Directors.
- The corporate's legal representative and the ID information thereof.
- The business relationship's commencement date, type, amount, currency and details.
In addition to the aforementioned, the legal person incorporation documents shall be verified, including but not limited to the Memorandum of Association, Articles of Association and the Legal Person's representation document.
C- the registered person must adopt enhanced due diligence in case of high possibility that the transaction would involve a money laundering or terrorism financing crime in accordance with the following factors:
- The procedures outlined in preceding (A) and (B) paragraphs identified a higher risk.
- Another person deal on behalf of the client when the client isn't physically present when you carry out identification process.
- When entering into a business relationship with a Politically Exposed Person (PEP).
- Any other situation where might a higher risk of money laundering or terrorism financing exist.
- If it is found that the ultimate beneficiary of the business relationship or separate process(es) is a person who must apply the enhanced due diligence.
the level of risk by which clients are classified depends on the following
- client's background
- Country of origin / Nationality
- Linked accounts with Clients
- Nature Business activities
- Ultimate beneficiary
D- the enhance due diligence includes the following
- Obtaining further information to establish the client's identity and ultimate beneficial.
- Adopting extra measures to ensure the authenticity of documents submitted in terms of nature, And the relevance of the business relationship or separate process(es) of the nature of the client's activity, etc..
- If the payment is done by transfer, then the amount should be transferred from a recognized financial institution that adopt Anti- Money Laundering measures.
- Finding out the source of funds and the purpose of the transaction.
- Adopting special measures to ensure about the ultimate beneficial from legal structure.
- Any other procedures and measures more severe in proportion to the nature of the transaction or business relationship
E- in case the client was government or semi- government or related to government of Bahrain or any GCC countries, and in case the client is well- known to the registered person from the previous business history, a continuous review of such transactions shall be made in accordance with the provisions of paragraph (F) of this article, then the registered person may adopt the measures outlined in paragraph (A) and (B) of this order.
F- the registered person shall improve and update his procedures related to client's identification by adopting a risk-based approach, in addition, the registered person shall continuously monitor the client's transaction and end any business relationship if found suspicious or extraordinary and report that immediately to competent body.
Procedures of Maintenance of Documents and Records
- Registered persons shall maintain the information and documents related to the identity of the clients and the representatives thereof and the beneficiaries from the deal, and shall also maintain accounting records and other records related to the details of transactions. Such records shall include the deal's type, date and value, the information related to the method of payment and the identity information. Any changes made to the status of the clients shall be regularly included in these records. Registered persons shall have a system and procedures which ensure that these records are updated. The information and documents shall be adequate to identify the deal, whether a single deal or a group of deals, starting from the initial documents up to the completion of the deal.
The registered person shall retain the results of suspicious and/ or extraordinary deals along with customer Due Diligence information and results of investigations, all of those must be made available to the competent authorities in accordance with the law.
- The aforementioned documents and records, as well as all the correspondence related to the deals, shall be maintained for a term of five years from the expiry date of the deal. The maintained records and the supporting documentation thereof shall be easily retrievable.
- Should the deal be associated with account transfers, from the clients or on behalf thereof, registered persons shall ascertain that such transfers include the name of the party giving the order and the beneficiary and the amount and source of the transfer - and the account number and address thereof, and that the transfer is done through the banking system. The non-fulfillment of the aforementioned information immediately after it is required to be provided shall result in considering the deal suspicious or extraordinary and shall be reported to the Competent Unit at the Ministry, immediately.
- Registered persons shall fulfill all the information, documents and records referred to in this Article within no more than, in all cases, six months from the effective date of this Order.
- Each Registered Person must file an electronic annual report to the Competent Unit at the Ministry throw the Ministry website, which shall be including all the cash transactions exceeding BD 6,000 or its equivalent, whether in one or several transactions made during the year, also report shall include all information stipulated in Clause (2) of the Article (5) from this Order, within no more than, in all cases, three months from the financial year end, or three months from the fiscal year end.
Internal Reporting Procedures
- Each Registered Person shall appoint whom he feels appropriate person from his employees, to act as a compliance officer to control that person's compliance with the requirements of this Order. Such employee shall have the independence and power to review all the information of the clients and other relative data.
- The commitments of the compliance officer annually :
- Ascertaining the suitability of the internal controls, regulations and procedures applicable at the Registered Person for the fulfillment of the requirements and provisions of this Order.
- Ascertaining that the employees of the Registered Person have received the appropriate training to perform the tasks assigned to them as per the provisions of this Order.
- Controlling the level of compliance of the aforementioned employees in relation to the application of the internal controls, regulations and procedures related to combating money laundering and terrorism finance.
- Controlling the level of commitment of the Registered Person in relation to the development of systems and procedures that ensure updating the records, and the extent to which such procedures are applied on a regular basis.
- Each Registered Person shall develop the disciplinary regulations and procedures that ensure the commitment of that Registered Person's employees to implementing the provisions of this Order.
- In case the registered person has a new product(s)/ technologies then the same rules of client's identity would be applicable as outlined in article (5) of this order, and study their risks in terms of money laundering and terrorist financing.
- Verify the adequacy of customer due diligence systems and procedures, and the reliability and reason-ability of client information collected to establish any business relationship or separate process(es).
- The compliance officer must report to the competent body and the auditor any breach found while examining compliance with clause (B) above.
The Competent Unit at the Ministry
Anti-Money Laundering Department in Companies Control Directorate is the Competent Unit at the Ministry that designated for receiving the reports of the compliance officer on suspicious or extraordinary deal and any other reports, statistics, information related to this order.
The competent unit is also responsible for supervision and inspection of registered persons in all matters related to anti- money laundering and terrorism financing
Reporting Extraordinary or Suspicious Deals
- The compliance officer shall be responsible for reporting the Competent Unit at the Ministry about suspicious or extraordinary deals, immediately within no later than the first working day from the time of becoming aware of such deals.
- The compliance officer shall prepare a report, as per the form acceptable by the ministry, regarding the suspicious or extraordinary deal(s) based on the clients' information, data and records. The report shall include a full description of the deal and the type, value, currency, date and parties thereof, as well as the reasons that led to considering the deal extraordinary or suspicious, and all the data and information that might be required by the Competent Unit at the Ministry, and delivered the report electronically.
- In case the compliance officer is informed of the existence of doubts in relation to a suspicious or extraordinary deal, they shall verify the same by referring to the client's data, records and information. If it turns out that the deal is ordinary and unsuspicious, the compliance officer shall record the reasons supporting this fact. In such case, it is not required to prepare the report referred to in the preceding Clause.
- The compliance officer shall, if it appears to them at a later stage that the identity-related investigations are inaccurate to report to the Competent Unit at the Ministry and take all necessary actions to abide by the requirements of identifying the identity.
- A record dedicated for extraordinary or suspicious deals shall be kept, such records shall include adequate details, including the type of the deal, the reporting date, the information of the client and the amount of the process, which enable the formation of a clear image and adequate details on such deals and the procedures taken in relation thereto.
- The reports referred to in Clause (b) of this Article shall be submitted electronically with identity information related, to the Competent Body and maintained for a term of not less than five years.
- Registered Persons shall be prohibited from informing the client of the submission of a suspicion report or any relative information to the Competent Unit at the Ministry.
- The Competent Unit at the Ministry has the right to reject the appointment of any person as a compliance officer, in addition it has the right to suspend compliance officer Name from the registry and ask for appointment another person, in case his failure to meet his obligations stipulated in this Order.
- No Registered Person or any of its employees shall be civilly or criminally held liable for the performance of their obligations stipulated in this Order.
- Any person breaches the provisions of this Order shall be subject to the penalties stipulated in Article (3/6) of Law no. (4) of 2001 concerning the Prohibition of and Combating Money Laundering and Terrorism Finance.
- Order no. (26) of 2011 Concerning the Obligations related to the Procedures of the Prohibition of and Combating Money Laundering and Terrorism Finance in the Business of the Persons Registered in the Commercial Register in the Kingdom of Bahrain shall be deemed null and void.
- This Order shall be implemented by the Undersecretary of Commerce Affairs, and shall be effective as of the date of its issue and shall be published in the Official Gazette