KYC Norms/AML Standards/Combating Financing of Terrorism/Obligation of Authorised Persons under PMLA, 2002, as amended by PMLA (Amendment) Act, 2009- Money Changing Activities - ಆರ್ಬಿಐ - Reserve Bank of India
KYC Norms/AML Standards/Combating Financing of Terrorism/Obligation of Authorised Persons under PMLA, 2002, as amended by PMLA (Amendment) Act, 2009- Money Changing Activities
RBI/2009-10/235 November 27, 2009 To, All Authorized Persons Madam/ Dear Sir, Know Your Customer (KYC) norms/Anti-Money Laundering (AML) standards/Combating the Financing of Terrorism (CFT)/Obligation of Authorised Persons under Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009- Money changing activities Attention of Authorized persons is invited to the Anti-Money Laundering Guidelines governing money changing transactions, issued vide A.P. (DIR Series) Circular No. 18 [A.P. (FL Series) Circular No. 01] dated December 02, 2005, A.P. (DIR Series) Circular No. 39 [A.P. (FL Series) Circular No. 2] dated June 26, 2006, A.P. (DIR Series) Circular No.14 [A.P. (FL Series) Circular No. 1] dated October 17, 2007 and A.P. (DIR Series) Circular No. 15 [A.P. (FL Series) Circular No. 2] dated November 19, 2009. 2. In terms of Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009, all Authorized Persons, authorized under Section 10(1) of FEMA, 1999 have been brought under the purview of PMLA, 2002. Therefore, the existing Know Your Customer (KYC) norms/ Anti-Money Launderings (AML) standards/ Combating the Financing of Terrorism (CFT) for money changing activities have been revisited in the context of the Financial Action Task Force (FATF) Recommendations on Anti Money Laundering (AML) standards and on Combating the Financing of Terrorism (CFT). Detailed instructions on Know Your Customer (KYC) norms/ Anti-Money Launderings (AML) standards/ Combating the Financing of Terrorism (CFT) for money changing activities have been revised. 3. Accordingly, revised guidelines on obligation of Authorised Persons under PMLA, 2002 as amended by Prevention of Money Laundering (Amendment) Act, 2009 in respect of money changing activities are given in (F-Part-I) annexed. All Authorised Persons should, therefore, have in place a revised policy framework on ‘Know Your Customer’ and Anti-Money Laundering and Combating the Financing of Terrorism measures with the approval of their Board. 4. These guidelines are also applicable mutatis mutandis to all agents / franchisees of Authorised Persons and it will be the sole responsibility of the franchisers to ensure that their agents / franchisees also adhere to these guidelines. 5. Authorised Persons should bring the contents of this Circular to the notice of their constituents concerned. 6. The contents of (F), viz. Anti-Money Laundering (AML) Guidelines, of Annex-I of the A.P.(DIR Series) Circular No. 57 [A.P. (FL/RL) Series Circular No. 04] dated March 9, 2009 on Memorandum of Instructions governing money changing activities are replaced with (F-Part-I), (F-Part-II) and (F-Part-III) annexed to this Circular. All the other instructions of A.P.(DIR Series) Circular No. 57 [A.P. (FL/RL) Series Circular No. 04] dated March 9, 2009 remain unchanged. 7. The directions contained in this Circular have been issued under Section 10(4) and Section 11(1) of the Foreign Exchange Management Act, 1999 (42 of 1999)and also under the, Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009 and Prevention of Money-Laundering (Maintenance of Records of the Nature and Value of Transactions, the Procedure and Manner of Maintaining and Time for Furnishing Information and Verification and Maintenance of Records of the Identity of the Clients of the Banking Companies, Financial Institutions and Intermediaries) Rules, 2005 as amended from time to time. Non-compliance with the guidelines would attract penal provisions of the Acts concerned or Rules made there under.
(Salim Gangadharan) [Annex to A.P. (DIR Series) Circular No.17 Know Your Customer (KYC) norms/Anti-Money Laundering (AML) standards/Combating the Financing of Terrorism (CFT)/Obligation of APs under Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009- Money Changing activities 1. Introduction The offence of Money Laundering has been defined in Section 3 of the Prevention of Money Laundering Act, 2002 (PMLA) as "whosoever directly or indirectly attempts to indulge or knowingly assists or knowingly is a party or is actually involved in any process or activity connected with the proceeds of crime and projecting it as untainted property shall be guilty of offence of money laundering". Money Laundering can be called a process by which money or other assets obtained as proceeds of crime are exchanged for "clean money" or other assets with no obvious link to their criminal origins. There are three stages of money laundering during which there may be numerous transactions made by launderers that could alert an institution to criminal activity –
2. The objective The objective of prescribing KYC/AML/CFT guidelines is to prevent the system of purchase and / or sale of foreign currency notes /Travellers' Cheques by Authorised Persons (referred as APs hereinafter) from being used, intentionally or unintentionally, by criminal elements for money laundering or terrorist financing activities. KYC procedures also enable APs to know / understand their customers and their financial dealings better which in turn help them manage their risks prudently. 3. Definition of Customer For the purpose of KYC policy, a ‘Customer’ is defined as :
4. Guidelines APs should keep in mind that the information collected from the customer while undertaking transactions is to be treated as confidential and details thereof are not to be divulged for cross selling or any other like purposes. APs should, therefore, ensure that information sought from the customer is relevant to the perceived risk, is not intrusive, and is in conformity with the guidelines issued in this regard. Any other information from the customer, wherever necessary, should be sought separately with his/her consent. 4.2 KYC Policy APs should frame their KYC policies incorporating the following four key elements: 4.3 Customer Acceptance Policy (CAP) a) Every AP should develop a clear Customer Acceptance Policy laying down explicit criteria for acceptance of customers. The Customer Acceptance Policy must ensure that explicit guidelines are in place on the following aspects of customer relationship in the AP: i) No transaction is conducted in anonymous or fictitious/benami name(s). ii) Parameters of risk perception are clearly defined in terms of the nature of business activity, location of customer and his clients, mode of payments, volume of turnover, social and financial status, etc. to enable categorisation of customers into low, medium and high risk (APs may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher. iii) Documentation requirements and other information to be collected in respect of different categories of customers depending on perceived risk and keeping in mind the requirements of Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009, Prevention of Money-Laundering (Maintenance of Records of the Nature and Value of Transactions, the Procedure and Manner of Maintaining and Time for Furnishing Information and Verification and Maintenance of Records of the Identity of the Clients of the Banking Companies, Financial Institutions and Intermediaries) Rules, 2005 as well as instructions/guidelines issued by the Reserve Bank, from time to time. iv) Not to undertake any transaction where the AP is unable to apply appropriate customer due diligence measures i.e. AP is unable to verify the identity and /or obtain documents required as per the risk categorisation due to non cooperation of the customer or non reliability of the data/information furnished to the AP. It is, however, necessary to have suitable built in safeguards to avoid harassment of the customer. v) Circumstances, in which a customer is permitted to act on behalf of another person/entity, should be clearly spelt out, the beneficial owner should be identified and all reasonable steps should be taken to verify his identity. b) APs should prepare a profile for each customer, where a business relationship is established, based on risk categorisation. The customer profile may contain information relating to customer’s identity, his sources of funds, social/financial status, nature of business activity, information about his clients’ business and their location, etc. The nature and extent of due diligence will depend on the risk perceived by the AP. However, while preparing customer profile, APs should take care to seek only such information from the customer, which is relevant to the risk category. The customer profile is a confidential document and details contained therein should not be divulged for cross selling or any other purposes. c) For the purpose of risk categorisation, individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions by whom by and large conform to the known profile, may be categorised as low risk. Customers that are likely to pose a higher than average risk should be categorised as medium or high risk depending on customer's background, nature and location of activity, country of origin, sources of funds and his client profile etc. APs should apply enhanced due diligence measures based on the risk assessment, thereby requiring intensive ‘due diligence’ for higher risk customers, especially those for whom the sources of funds are not clear. Examples of customers requiring enhanced due diligence include (a) nonresident customers; (b) customers from countries that do not or insufficiently apply the FATF standards; (c) high net worth individuals; (d) trusts, charities, NGOs and organizations receiving donations; (e) companies having close family shareholding or beneficial ownership; (f) firms with ' sleeping partners'; (g) politically exposed persons (PEPs); (h) non-face to face customers; and (i) those with dubious reputation as per public information available etc. However, only NPOs/NGOs promoted by United Nations or its agencies may be classified as low risk customer. d) It is importantto bear in mind thatthe adoption of customer acceptancepolicy and its implementation should not become too restrictive and must not result in denial of money changing services to general public. 4.4 Customer Identification Procedure (CIP) a) The policy approved by the Board of APs should clearly spell out the Customer Identification Procedure to be carried out at different stages i.e. while establishing a business relationship; carrying out a financial transaction or when the AP has a doubt about the authenticity/veracity or the adequacy of the previously obtained customer identification data. Customer identification means identifying the customer and verifying his/her identity by using reliable, independent source documents, data or information. APs need to obtain sufficient information necessary to establish, to their satisfaction, the identity of each new customer, whether occasional or business relationship, and the purpose of the intended nature of relationship. Being satisfied means that the AP must be able to satisfy the competent authorities that due diligence was observed based on the risk profile of the customer in compliance with the extant guidelines in place. Such risk based approach is considered necessary to avoid disproportionate cost to APs and a burdensome regime for the customers. Besides risk perception, the nature of information/documents required would also depend on the type of customer (individual, corporate, etc.). For customers that are natural persons, the APs should obtain sufficient identification document /s to verify the identity of the customer and his address/location. For customers that are legal persons or entities, the AP should (i) verify the legal status of the legal person / entity through proper and relevant documents; (ii) verify that any person purporting to act on behalf of the legal person/entity is so authorised and identify and verify the identity of that person; and (iii) understand the ownership and control structure of the customer and determine who are the natural persons who ultimately control the legal person. Customer identification requirements in respect of a few typical cases, especially, legal persons requiring an extra element of caution are given in paragraph 4.5 below for guidance of APs. APs may, however, frame their own internal guidelines based on their experience of dealing with such persons / entities, their normal prudence and the legal requirements as per established practices. If the AP decides to undertake such transactions in terms of the Customer Acceptance Policy, the AP should take reasonable measures to identify the beneficial owner(s) and take all reasonable steps to verify his identity. b) Some close relatives, e.g. wife, son, daughter and parents, etc. who live with their husband, father/mother and son, as the case may be, may find it difficult to undertake transactions with APs as the utility bills required for address verification are not in their name. It is clarified, that in such cases, APs can obtain an identity document and a utility bill of the relative with whom the prospective customer is living along with a declaration from the relative that the said person (prospective customer) wanting to undertake a transaction is a relative and is staying with him/her. APs can use any supplementary evidence such as a letter received through post for further verification of the address. While issuing operational instructions to the branches on the subject, APs should keep in mind the spirit of instructions issued by the Reserve Bank and avoid undue hardships to individuals who are, otherwise, classified as low risk customers. c) APs should introduce a system of periodic updation of customer identification data (including photograph/s) if there is a continuing business relationship. d) An indicative list of the nature and type of documents/information that may be relied upon for customer identification is given in (F-Part-II) annexed to this Circular. It is clarified that correct permanent address, as referred to in (F-Part-II) annexed, means the address at which a person usually resides and can be taken as the address as mentioned in a utility bill or any other document accepted by the AP for verification of the address of the customer. e) Purchase of foreign exchange from customers i) For purchase of foreign currency notes and/ or Travellers’ Cheques from customers for any amount less than US $ 200 or its equivalent, photocopies of the identification document need not be obtained. However, full details of the identification document should be maintained. ii) For purchase of foreign currency notes and/ or Travellers’ Cheques from customers for any amount in excess of US $ 200 or its equivalent, the identification documents, as mentioned at (F-Part-II) annexed to this Circular, should be verified and a copy retained. iii) (a) Requests for payment in cash in Indian Rupees to resident customers towards purchase of foreign currency notes and/ or Travellers’ Cheques from them may be acceded to the extent of only US $ 1000 or its equivalent per transaction. (b) Requests for payment in cash by foreign visitors / Non-Resident Indians may be acceded to the extent of only US $ 3000 or its equivalent. (c) All purchases within one month may be treated as single transaction for the above purpose and also for reporting purposes. (d) In all other cases, APs should make payment by way of 'Account Payee' cheque / demand draft only. v) Where the amount of forex tendered for encashment by a non-resident or a person returning from abroad exceeds the limits prescribed for Currency Declaration Form (CDF), the AP should invariably insist for production of the declaration in CDF. vi) In case of any suspicion of money laundering or terrorist financing, irrespective of the amount involved, enhanced Customer Due Diligence (CDD) should be applied. f) Sale of foreign exchange to customers (i) In all cases of sale of foreign exchange, irrespective of the amount involved, for identification purpose the passport of the customer should be insisted upon and sale of foreign exchange should be made only on personal application and after verification of the identification document. A copy of the identification document should be retained by the AP. (ii) Payment in excess of Rs. 50,000 towards sale of foreign exchange should be received only by crossed cheque drawn on the bank account of the applicant’s firm / company sponsoring the visit of the applicant / Banker’s cheque / Pay Order / Demand Draft. Such payment can also be received through debit cards / credit cards / prepaid cards provided (a) KYC/ AML guidelines are complied with, (b) sale of foreign currency / issue of Foreign Currency Travellers’ cheques is within the limits (credit / prepaid cards) prescribed by the bank, (c) the purchaser of foreign currency / Foreign Currency Travellers’ Cheque and the credit / debit / prepaid card holder is one and the same person. (iii) All purchases made by a person within one month may be treated as single transaction for the above purpose and also for reporting purposes. (iv) Encashment Certificate, wherever required, should also be insisted upon. g) Establishment of business relationship Relationship with a business entity like a company / firm/ trusts and foundations should be established only after conducting due diligence by obtaining and verifying suitable documents, as mentioned at (F-Part-II) annexed to this Circular. Copies of all documents called for verification should be kept on record. APs should obtain information on the purpose and intended nature of the business relationship. APs should exercise ongoing due diligence with respect to the business relationship with every client and closely examine the transactions in order to ensure that they are consistent with their knowledge of the customer, its business and risk profile. APs should ensure that documents, data or information collected under the Customer Due Diligence process is kept up-to-date and relevant by undertaking reviews of existing records, particularly for higher risk categories of customers or business relationships. When a business relationship is already in existence and it is not possible to perform customer due diligence on the customer in respect of business relationship, APs should terminate the business relationship and make a Suspicious Transaction Report to FIU-IND. 4.5 Customer Identification Requirements – Indicative Guidelines i) Transactions by Trust/Nominee or Fiduciary Customers There exists the possibility that trust/nominee or fiduciary relationship can be used to circumvent the customer identification procedures. APs should determine whether the customer is acting on behalf of another person as trustee/nominee or any other intermediary. If so, APs should insist on receipt of satisfactory document of identity of the intermediaries and of the persons on whose behalf they are acting, as also obtain details of the nature of the trust or other arrangements in place. While undertaking a transaction for a trust, APs should take reasonable precautions to verify the identity of the trustees and the settlers of trust (including any person settling assets into the trust), grantors, protectors, beneficiaries and signatories. In all cases beneficiaries should be identified with reference to necessary documents. In the case of a 'foundation', steps should be taken to verify the founder managers/ directors and the beneficiaries. ii) Transactions by companies and firms APs need to be vigilant against business entities being used by individuals as a ‘front’ for undertaking transactions with APs. APs should examine the control structure of the entity, determine the source of funds and identify the natural persons who have a controlling interest and who comprise the management. These requirements may be moderated according to the risk perception e.g. in the case of a company that is listed on a recognized stock exchange, it will not be necessary to identify all the shareholders. iii) Transactions by Politically Exposed Persons (PEPs) Politically exposed persons are individuals who are or have been entrusted with prominent public functions in a foreign country, e.g., Heads of States or of Governments, senior politicians, senior government/judicial/military officers, senior executives of state-owned corporations, important political party officials, etc. APs should gather sufficient information on any person/customer of this category intending to undertake a transaction or establish a business relationship and check all the information available on the person in the public domain. APs should verify the identity of the person and seek information about the source of wealth and source of funds before accepting the PEP as a customer. The decision to undertake a transaction with a PEP should be taken at a senior level which should be clearly spelt out in Customer Acceptance Policy. APs should also subject such transactions to enhanced monitoring on an ongoing basis. The above norms may also be applied to transactions with the family members or close relatives of PEPs. The above norms may also be applied to customers who become PEPs subsequent to establishment of the business relationship. Where a customer subsequently becomes a PEP after a business relationship has already been established, enhanced CDD should be performed on such customers and decision to continue business relationship with the PEP should be taken at a sufficiently senior level. 4.6 Monitoring of Transactions Ongoing monitoring is an essential element of effective KYC procedures. APs can effectively control and reduce their risk only if they have an understanding of the normal and reasonable activity of the customer so that they have the means of identifying transactions that fall outside the regular pattern of activity. However, the extent of monitoring will depend on the risk sensitivity of the transaction. APs should pay special attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose. APs may prescribe threshold limits for a particular category of transaction and pay particular attention to the transactions which exceed these limits. High-risk transactions have to be subjected to intensified monitoring. Every AP should set key indicators for such transactions, taking note of the background of the customer, such as the country of origin, sources of funds, the type of transactions involved and other risk factors. APs should put in place a system of periodical review of risk categorization of customers and the need for applying enhanced due diligence measures. Such review of risk categorisation of customers should be carried out periodically. 4.7 Attempted transactions Where the AP is unable to apply appropriate KYC measures due to non-furnishing of information and /or non-cooperation by the customer, the AP should not undertake the transaction. Under these circumstances, APs should make a suspicious transactions report to FIU-IND in relation to the customer, even if the transaction is not put through. 4.8 Risk Management a) The Board of Directors of the AP should ensure that an effective KYC programme is put in place by establishing appropriate procedures and ensuring effective implementation. It should cover proper management oversight, systems and controls, segregation of duties, training and other related matters. Responsibility should be explicitly allocated within the AP for ensuring that the APs’ policies and procedures are implemented effectively. APs should, in consultation with their boards, devise procedures for creating risk profiles of their existing and new customers and apply various anti money laundering measures keeping in view the risks involved in a transaction or business relationship. b) APs’ internal audit and compliance functions have an important role in evaluating and ensuring adherence to the KYC policies and procedures. As a general rule, the compliance function should provide an independent evaluation of the AP’s own policies and procedures, including legal and regulatory requirements. APs should ensure that their audit machinery is staffed adequately with individuals who are well-versed in such policies and procedures. The concurrent auditors should check all transactions to verify that they have been undertaken in compliance with the anti-money laundering guidelines and have been reported whenever required to the concerned authorities. Compliance on the lapses, if any, recorded by the concurrent auditors should be put up to the Board. A certificate from the Statutory Auditors on the compliance with KYC / AML / CFT guidelines should be obtained at the time of preparation of the Annual Report and kept on record. 4.9 Introduction of New Technologies- Pre-paid Cards APs should pay special attention to any money laundering threats that may arise from new or developing technologies, that might favour anonymity and take measures, to prevent their use for money laundering purposes. Certain AD Cat-I banks are engaged in issuance of Foreign currency denominated pre-paid cards to travelers going abroad. While issuing these pre-paid cards, it should be ensured that all the KYC / AML/ CFT Guidelines are fully complied with. It is also desirable that, certain APs, who are not eligible to issue such cards but are involved in marketing these cards on behalf of the card issuing banks, as well as their customers, are also subjected to KYC measures. 4.10 Combating Financing of Terrorism a) In terms of PML Rules, suspicious transaction should include, inter alia transactions which give rise to a reasonable ground of suspicion that it may involve the proceeds of an offence mentioned in the Schedule to the PMLA, regardless of the value involved. APs should, therefore, develop suitable mechanism through appropriate policy framework for enhanced monitoring of transactions suspected of having terrorist links and swift identification of the transactions and making suitable reports to the Financial Intelligence Unit – India (FIU-IND) on priority. b) APs are advised to take into account risks arising from the deficiencies in AML/CFT regime of certain jurisdictions viz. Iran, Uzbekistan, Pakistan, Turkmenistan, Sao Tome and Principe, as identified in FATF Statement (www.fatf-gafi.org), issued from time to time, while dealing with individuals or businesses from these jurisdications. 4.11 Applicability to branches and subsidiaries outside India The guidelines contained in this Circular shall apply to the branches and majority owned subsidiaries located abroad, especially, in countries which do not or insufficiently apply the FATF Recommendations, to the extent local laws permit. When local applicable laws and regulations prohibit implementation of these guidelines, the same should be brought to the notice of the Reserve Bank. In case there is a variance in KYC / AML / CFT standards prescribed by the Reserve Bank and the host country regulators, branches/overseas subsidiaries of APs are required to adopt the more stringent regulation of the two. 4.12 Principal Officer a) APs should appoint a senior management officer to be designated as Principal Officer. Principal Officer shall be located at the head/corporate office of the AP and shall be responsible for monitoring and reporting of all transactions and sharing of information as required under the law. The Principal Officer should also be responsible for developing appropriate compliance management arrangements across the full range of AML/CFT areas (e.g. CDD, record keeping, etc.). He will maintain close liaison with enforcement agencies, APs and any other institution which are involved in the fight against money laundering and combating financing of terrorism. With a view to enable the Principal Officer to discharge his responsibilities, it is advised that that the Principal Officer and other appropriate staff should have timely access to customer identification data and other CDD information, transaction records and other relevant information. Further, banks should ensure that the Principal Officer is able to act independently and report directly to the senior management or to the Board of Directors. b) The Principal Officer will be responsible for timely submission of CTR and STR to the FIU-IND. 4.13 Maintenance of records of transactions/Information to be preserved/ Maintenance and preservation of records/ Cash and Suspicious Transactions Reporting to Financial Intelligence Unit- India (FIU-IND) Section 12 of the Prevention of Money Laundering Act (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009, casts certain obligations on the APs in regard to preservation and reporting of transaction information. APs are, therefore, advised to go through the provisions of Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009 and the Rules notified there under and take all steps considered necessary to ensure compliance with the requirements of Section 12 of the Act ibid. (i) Maintenance of records of transactions APs should introduce a system of maintaining proper record of transactions prescribed under Rule 3, as mentioned below: a) all cash transactions of the value of more than Rupees Ten Lakh or its equivalent in foreign currency; b) all series of cash transactions integrally connected to each other which have been valued below Rupees Ten Lakh or its equivalent in foreign currency where such series of transactions have taken place within a month; and c) all suspicious transactions whether or not made in cash and by way of as mentioned in the Rules. (ii) Information to be preserved APs are required to maintain the following information in respect of transactions referred to in Rule 3:
(iii) Maintenance and Preservation of Record a) APs are required to maintain the records containing information in respect of transactions referred to in Rule 3 above. APs should take appropriate steps to evolve a system for proper maintenance and preservation of transaction information in a manner that allows data to be retrieved easily and quickly whenever required or when requested by the competent authorities. Further, APs should maintain for at least ten years from the date of transaction between the AP and the client, all necessary records of transactions, both with residents and non-residents, which will permit reconstruction of individual transactions (including the amounts and types of currency involved, if any) so as to provide, if necessary, evidence for prosecution of persons involved in criminal activity. b) APs should ensure that records pertaining to the identification of the customer and his address (e.g. copies of documents like passport, driving license, PAN card, voter identity card issued by the Election Commission, utility bills, etc.) obtained while undertaking the transaction and during the course of business relationship, are properly preserved for at least ten years from the date of cessation of the transaction / business relationship. The identification records and transaction data should be made available to the competent authorities upon request. c) In paragraph 4.6 of this Circular, APs have been advised to pay special attention to all complex, unusual large transactions and all unusual patterns of transactions, which have no apparent economic or visible lawful purpose. It is further clarified that the background including all documents/office records / memoranda pertaining to such transactions and purpose thereof should, as far as possible, be examined and the findings at branch as well as Principal Officer’s level should be properly recorded. Such records and related documents should be made available to help auditors in their day-to-day work relating to scrutiny of transactions and also to Reserve Bank/other relevant authorities. These records are required to be preserved for ten years as is required under PMLA, 2002Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009 and Prevention of Money-Laundering (Maintenance of Records of the Nature and Value of Transactions, the Procedure and Manner of Maintaining and Time for Furnishing Information and Verification and Maintenance of Records of the Identity of the Clients of the Banking Companies, Financial Institutions and Intermediaries) Rules, 2005 as amended from time to time. (iv) Reporting to Financial Intelligence Unit – India a) In terms of the PML rules, APs are required to report information relating to cash and suspicious transactions to the Director, Financial Intelligence Unit-India (FIU-IND) in respect of transactions referred to in Rule 3 at the following address: The Director, b) APs should carefully go through all the reporting formats. There are altogether four reporting formats, as detailed in (F-Part-III) annexed to this circular, viz. i) Cash Transactions Report (CTR); ii) Electronic File Structure-CTR; iii) Suspicious Transactions Report (STR); iv) Electronic File Structure-STR. The reporting formats contain detailed guidelines on the compilation and manner/procedure of submission of the reports to FIU-IND. It would be necessary for APs to initiate urgent steps to ensure electronic filing of all types of reports to FIU-IND. The related hardware and technical requirement for preparing reports in an electronic format, the related data files and data structures thereof are furnished in the instructions part of the formats concerned. c) In terms of instructions contained in paragraph 4.3(b) of this Circular, APs are required to prepare a profile for each customer based on risk categorisation. Further, vide paragraph 4.6, the need for periodical review of risk categorisation has been emphasized. It is, therefore, reiterated that APs, as a part of transaction monitoring mechanism, are required to put in place an appropriate software application to throw alerts when the transactions are inconsistent with risk categorization and updated profile of customers. It is needless to add that a robust software throwing alerts is essential for effective identification and reporting of suspicious transactions. 4.14 Cash and Suspicious Transaction Reports A) Cash Transaction Report (CTR) While detailed instructions for filing all types of reports are given in the instructions part of the related formats, APs should scrupulously adhere to the following: i) The Cash Transaction Report (CTR) for each month should be submitted to the FIU‑IND by 15th of the succeeding month. Cash transaction reporting by branches to their controlling offices should, therefore, invariably be submitted on a monthly basis and APs should ensure to submit CTR for every month to FIU-IND within the prescribed time schedule. iv) A cash transaction report for the AP as a whole should be compiled by the Principal Officer of the AP every month in physical form as per the format specified. The report should be signed by the Principal Officer and submitted to the FIU-India. v) In case of Cash Transaction Reports (CTR) compiled centrally by APs for the branches at their central data centre level, APs may generate centralised Cash Transaction Reports (CTR) in respect of branches under central computerized environment at one point for onward transmission to FIU-IND, provided: a) The CTR is generated in the format prescribed by Reserve Bank in Para 4.13(iv)(b) of this Circular. b) A copy of the monthly CTR submitted on its behalf to the FIU-India is available at the concerned branch for production to auditors/inspectors, when asked for. c) The instruction on ‘Maintenance of records of transactions’; ‘Information to be preserved’ and ‘Maintenance and Preservation of records’ as contained above in this Circular at Para 4.13 (i), (ii) and (iii) respectively are scrupulously followed by the branch. However, in respect of branches not under central computerized environment, the monthly CTR should continue to be compiled and forwarded by the branch to the Principal Officer for onward transmission to the FIU-IND. B) Suspicious Transaction Reports (STR) i) While determining suspicious transactions, APs should be guided by definition of suspicious transaction contained in PML Rules, as amended from time to time. ii) It is likely that in some cases transactions are abandoned/aborted by customers on being asked to give some details or to provide documents. It is clarified that APs should report all such attempted transactions in STRs, even if not completed by customers, irrespective of the amount of the transaction. iii) APs should make STRs if they have reasonable ground to believe that the transaction, including an attempted transaction, involves proceeds of crime irrespective of the amount of transaction and/or the threshold limit envisaged for predicate offences in part B of Schedule of Prevention of Money Laundering Act, (PMLA), 2002, as amended by Prevention of Money Laundering (Amendment) Act, 2009. iv) The Suspicious Transaction Report (STR) should be furnished within 7 days of arriving at a conclusion that any transaction, including an attempted transaction, whether cash or non-cash, or a series of transactions integrally connected are of suspicious nature. The Principal Officer should record his reasons for treating any transaction or a series of transactions as suspicious. It should be ensured that there is no undue delay in arriving at such a conclusion once a suspicious transaction report is received from a branch or any other office. Such report should be made available to the competent authorities on request. v) In the context of creating KYC/ AML awareness among the staff and for generating alerts for suspicious transactions, APs may consider the following indicative list of suspicious activities. Some possible suspicious activity indicators are given below:
The above list is only indicative and not exhaustive. vi) APs should not put any restrictions on transactions where an STR has been made. Moreover, it should be ensured that employees of APs shall keep the fact of furnishing such information as strictly confidential and there is no tipping off to the customer at any level. 4.15 Customer Education/Employees’ Training/Employees’ Hiring a) Customer Education Implementation of KYC procedures requires APs to demand certain information from customers which may be of personal nature or which has hitherto never been called for. This can sometimes lead to a lot of questioning by the customer as to the motive and purpose of collecting such information. There is, therefore, a need for APs to prepare specific literature / pamphlets, etc. so as to educate the customer of the objectives of the KYC programme. The front desk staff needs to be specially trained to handle such situations while dealing with customers. b) Employees’ Training APs must have an ongoing employee training programme so that the members of the staff are adequately trained to be aware of the policies and procedures relating to prevention of money laundering, provisions of the PMLA and the need to monitor all transactions to ensure that no suspicious activity is being undertaken under the guise of money changing. Training requirements should have different focuses for frontline staff, compliance staff and staff dealing with new customers. It is crucial that all those concerned fully understand the rationale behind the KYC policies and implement them consistently. The steps to be taken when the staff come across any suspicious transactions (such as asking questions about the source of funds, checking the identification documents carefully, reporting immediately to the Principal Officer, etc.) should be carefully formulated by the AP and suitable procedure laid down. The APs should have an ongoing training programme for consistent implementation of the AML measures. c) Hiring of Employees It may be appreciated that KYC norms/AML standards/CFT measures have been prescribed to ensure that criminals are not allowed to misuse the system of APs. It would, therefore, be necessary that adequate screening mechanism is put in place by APs as an integral part of their recruitment/hiring process of personnel to ensure high standards. [Annex to A.P. (DIR Series) Circular No.17 Customer Identification Procedure
[Annex to A.P. (DIR Series) Circular No.17 List of various reports and their formats |