As you are aware, the National Risk Assessment (NRA) of Pakistan has been undertaken in collaboration with relevant stakeholders including ministries, law enforcement agencies, regulatory bodies and Financial Monitoring Unit (FMU). The main objective of the assessment was to identify and understand the money laundering and terrorist financing risks in the country, and follow risk based approach to mitigate the risks.
2. State Bank of Pakistan (SBP) completed risk assessment of banking sector and other financial institutions regulated by it in consultation with focal persons of nominated financial institutions. Based on the findings of NRA, it is necessary to enhance risk based approach in AML/CFT obligations. To this end, the following amendments are made in the AML/CFT Regulations issued vide BPRD Circular No. 2 dated September 13, 2012 as amended from time to time.
- REGULATION-1: CUSTOMER DUE DILIGENCE (CDD)
The following new paragraph 35 shall be added under the above Regulation:
Asset Side Customers
35. Banks/DFIs shall make comprehensive assessment of controls on asset products and related customers to ensure effective implementation of due diligence requirements as per their own assessment of materiality and risk without compromising on identity and verification requirements. This shall include monitoring of the customers and related risks on ongoing basis as per standard norms and best practices to mitigate the risks related to such products/ customers.
REGULATION-4: REPORTING OF TRANSACTIONS (STRs/CTRs)
The following new paragraph 6 shall be added under the above Regulation and subsequent paragraphs shall be renumbered accordingly:
Adequate Number of Analysts for AML/CFT:
6. The adequacy of staff posted for effective monitoring and reporting of suspicious transactions is a critical factor of Customer Due Diligence. Banks/DFIs shall place adequate number of analysts for monitoring and reporting purpose. Moreover, steps should be taken by banks/DFIs to develop knowledge and skills of their staff and utilize technology solutions required for effective monitoring and reporting of suspicious transactions.
- REGULATION-6: INTERNAL CONTROLS, POLICIES, COMPLIANCE, AUDIT AND TRAINING
The following new paragraphs 9 and 10 shall be added under the above Regulation and subsequent paragraphs shall be renumbered accordingly:
9. Banks/DFIs shall incorporate procedures to record and maintain data of account opening cases rejected by compliance or central account opening units, the cases where customers’ risk ratings recommended by business units were challenged or revised, and the cases where accounts were closed based on ML/TF risks.
10. Banks/DFIs shall:
||in addition to oversight by Board, assign monitoring of compliance and AML/CFT function as term of reference to one of the Management Committees responsible for risk and control;
|| include compliance and AML/CFT related responsibilities in Key Performance Indicators (KPIs) of responsible staff down the line, in order to strengthen the compliance/ AML/CFT function. Moreover, ML/TF risks should be included in KPIs of officer(s) responsible for Enterprise Risk Management and Operational Risk Management functions;
|| not assign unrealistic business targets and conflicting roles to their employees. Appropriate strategies may be devised to ensure provision of safe and smooth banking services; and
||regularly assess working strength of the compliance function and all its sub-divisions and deficiency if any, observed should be addressed on priority basis.
3. All banks/DFIs are also advised to complete their internal risk review of remaining legacy portfolio of customers who opened their bank accounts prior to introduction of revised AML/CFT framework in 2012 at the earliest but not later than December 31, 2017.
4. Besides, related policies and procedures shall also be brought in line with the above amendments in AML/CFT regulations at the earliest but not later than December 31, 2017.
5. In addition to the above, SBP has developed ‘Frequently Asked Questions (FAQs) on Use of Biometric Technology’ which are attached herewith for guidance purpose.
All other instructions on the subject shall remain unchanged.
Encl: Updated AML/CFT Regulations
Frequently Asked Questions (FAQs) on Use of Biometric Technology