Enhanced CDD

Enhanced CDD

This section explains the circumstances in which CDD measures must be enhanced under AML/CFT procedures and explains the exemptions from customer due diligence requirements under AML/CFT procedures. It also sets out circumstances where simplified measures can be applied in relation to low risk products or services.

It may be that CDD measures routinely applied under AML/CFT procedures already address some of the risk characteristics of these customers (for instance identification of beneficial owner(s) and understanding the nature and purpose of the relationship) and significantly reduce the risk that criminals may hide behind “shell” companies or that the basis for the relationship is not considered or understood. Therefore any additional measure may be quite limited.

Nevertheless, the enhanced measures required under AML/CFT procedures must be in addition to the measures to be taken in circumstances presenting a lower or standard risk and must address the particular risk presented. This section provides some (non-exhaustive) examples for each category of customer.

A customer may be an individual (or group of individuals) or legal person. Section 4.3 deals with a customer who is an individual (or group of individuals), Section 4.4 deals with a customer (an individual or legal person) who is acting for a legal arrangement, and Section 4.5 deals with a customer who is a legal person.

Throughout this section, references to “customer” include, where appropriate, a prospective customer (an applicant for business). A customer is a person with whom a business relationship has been formed or one-off transaction conducted.

AML/CFT procedures require a relevant person to maintain appropriate and consistent policies and procedures to determine whether: (i) a customer; (ii) a beneficial owner or controller of a customer; (iii) a third party for whom a customer is acting; (iv) a beneficial owner or controller of a third party described in (iii); or (v) a person acting, or purporting to act, on behalf of a customer is a PEP; (vi) a beneficiary under a life insurance policy.

AML/CFT procedures require a relevant person to maintain appropriate and consistent policies and procedures to determine whether a business relationship or one-off transaction is with a person connected with a country or territory that does not apply, or insufficiently applies, the FATF Recommendations.

AML/CFT procedures require a relevant person to apply enhanced CDD measures on a risk-sensitive basis in any situation which by its nature can present a higher risk of money laundering or the financing of terrorism and in any of the following circumstances:

  1. if a customer has, or proposes to have, a business relationship or proposes to carry out a one-off transaction with the relevant person and the relevant person is not resident in the customer’s country of residence or in the same country as the country from which, or from within which, the customer is carrying on business;

  2. if a customer has not been physically present for identification purposes;

  3. if the relevant person has or proposes to have a business relationship or proposes to carry out a one-off transaction with a customer having a relevant connection with a country or territory (an “enhanced risk state”) in relation to which the FATF has called for the application of enhanced customer due diligence measures;

  4. if the customer of the relevant person is a company with nominee shareholders or that issues shares in bearer form;

  5. if the customer of the relevant person is –

    1. a legal person established by an individual for the purpose of holding assets for investment purposes; or

    2. a person acting on behalf of a legal arrangement established for an individual for the purpose of holding assets for investment;

  6. if the relevant person provides or proposes to provide a customer with private banking services.

Higher risk customer

There is a risk based approach to identification measures. It explains that a relevant person must, on the basis of information collected, assess the risk that a business relationship or one-off transaction will involve money laundering or financing of terrorism.

Enhanced CDD measures must be applied where a relevant person’s assessment is that there is a higher risk of money laundering or financing of terrorism (i.e. a situation which by its nature can present a higher risk of money laundering or financing of terrorism).

There are a number of reasons why a business relationship or one-off transaction might be assessed as presenting a higher risk. For this reason, there are a number of possible measures listed in this section to address that risk.

Guidance

A relevant person may demonstrate that it has applied enhanced identification measures to an individual who is a higher risk customer under AML/CFT procedures where it obtains evidence that verifies a:

  • Former name (such as maiden name); or

  • Passport or national identity card number.

A relevant person may demonstrate that it has applied enhanced identification measures to a higher risk customer under AML/CFT procedures where it takes reasonable measures to find out the source of funds and source of wealth at the time that a relationship is established or one-off transaction carried out which are commensurate with risk and include one or more of the following:

  • Commissioning an independent and reliable report from a specialist security agency about the source of funds involved and/ or customer’s source of wealth.

  • Where a relevant person is part of a group, obtaining reliable information from the group’s internal security department or business intelligence unit (or equivalent) about the source of funds involved and /or customer’s source of wealth.

  • Where a relevant person is part of a group, obtaining reliable information from a part of the group which has an office in the country or territory with which the customer has a connection about the source of funds involved and/ or customer’s source of wealth.

  • Obtaining reliable information directly from the customer concerned, for instance during (or subsequent to) a face to face meeting inside or outside the country, or via a telephone “welcome call” on a home or business number which has been verified or by obtaining certified copies of corroborating documentation such as contracts of sale, property deeds, salary slips, etc.

  • Obtaining reliable information from an external party (for instance a solicitor, accountant or tax advisor) which has an office in the country or territory with which the customer has the relevant connection about the source of funds involved and/or customer’s source of wealth.

  • Obtaining reliable information from a person eligible to be an obliged person (for instance a solicitor, accountant or tax advisor) about the source of funds involved and/ or customer’s source of wealth.

  • Where information is publicly available or available through subscription databases, obtaining reliable information from a public or private source about the source of funds involved and/or customer’s source of wealth.

  • Obtaining reliable information through financial statements that have been prepared in accordance with generally accepted accounting principles and audited in accordance with generally accepted auditing standards.

Where a relevant connection is established during the course of an existing relationship, a relevant person may also demonstrate that it has taken reasonable measures to find out the source of funds and/or source of wealth where it reviews the relationship information that it already holds and concludes that it is reliable.

Where the measures set out in in these first three sections of guidance are not sufficient to mitigate the risk associated with the customer, a relevant person may demonstrate that it has applied enhanced identification measures where it does one or more of the following in a way that is commensurate with risk.

  • In a case where a document that has been used to obtain evidence of identity for a higher risk customer, e.g. a passport, subsequently expires, a relevant person may demonstrate that documents, data or information obtained under identification measures are kept up to date and relevant where a copy of the document that replaces that originally used to obtain evidence of identity is requested and obtained.

  • In a case where a relationship is to be established making use of a suitable certifier, it obtains confirmation that a photograph contained in the document certified bears a true likeness to the individual requesting certification (or words to that effect).

A relevant person may demonstrate that it has applied enhanced on-going monitoring to a higher risk customer where it:

  • Reviews the business relationship on at least an annual basis, including all documents, data and information obtained under identification measures in order to ensure that they are kept up to date and relevant.

  • Where monitoring thresholds are used, sets lower thresholds for transactions connected with the business relationship.

Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDDEnhanced CDDEnhanced CDDEnhanced CDDEnhanced CDDEnhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD Enhanced CDD