AML/CFT Policies, Controls and Procedures (PCPs) are essential tools for a successful and effective AML/CFT program.

Policies are set of guidelines that outline the reporting person’s plan for combatting Money Laundering & Terrorist Financing (ML/TF). Procedures provide steps to be followed for carrying out the policies.

PCPs provide principles that guide actions, set roles and responsibilities and reflect values and beliefs of the reporting persons.

Reporting Persons are legally required to establish PCPs to mitigate and manage effectively the risks of ML/TF identified in any risk assessment undertaken by the reporting person under section 17 of FIAMLA.

They are required to monitor the implementation of the PCPs as well as regularly review, update and, where necessary, enhance the established PCPs.

The documented PCPs should provide a clear approach on how the reporting person shall fulfil its AML/CFT obligations under the relevant Acts, Regulations and Guidelines. These include, amongst others:

• Risk Assessment, Mitigation & Monitoring;
• Customer Due Diligence, including identification of Beneficial Owners;
• Dealing with High-Risk relationships (e.g. PEPs);
• Role of Key Officers such as Compliance Officer and Money Laundering Reporting Officer (MLRO);
• Suspicious Transaction Reporting;
• UN Sanctions List Screening & Reporting;
• Employee Screening & Training;
• Record Keeping; and
• Independent Audit & Review of PCP

The Compliance Officer (CO) and Money Laundering Reporting Officer (MLRO), who are senior officers within the organisation, play a key role in fulfilling the aforesaid obligation.

They need to continuously monitor the implementation of the PCPs, regularly review, conduct gap analysis, propose updates to the PCPs and report their recommendations to the senior management & the board of directors for approval.

In addition, Reporting Persons are ultimately responsible for their PCPs even if a third party assisted them in the drafting or reviewing. Reporting persons, their relevant officers and the Board of Directors have to be well across the PCPs and ensure adherence to same.

Yes, under Section 17A.(1)(c) of FIAMLA, the PCPs must be in writing, i.e. reporting persons should document:

• written PCPs;
• any changes to those PCPs made as result of a review or update including reports from CO and MLRO;
• the steps taken to communicate those policies, controls and procedures, or any changes to them, internally. (For e.g. staff training records); and
• record keeping must include all concreate actions taken by reporting persons to communicate those PCPs or any changes made within employees of the organization.

Pursuant to Regulation 22 (1)d of the FIAMLR 2018, a reporting person should carry out an AML/CFT independent audit review of its PCPs to ensure conformity with the FIAMLA 2002 and FIAMLR 2018.

The documented PCPs are usually named and known as ‘Compliance Manual’ or ‘      AML/CFT Policy’ or ‘AML/CFT Compliance Manual’, amongst others.

Yes, it is an offence for any reporting person not to comply with section 17A.(1)(c) of FIAMLA concerning written PCPs and as per section 19(1) of FIAMLA, on conviction, he/she shall be liable to a fine not exceeding 10 Million rupees and imprisonment for term not exceeding 5 years.

As per section 17A of FIAMLA, all reporting persons must implement PCPs. PCPs adopted shall be proportionate to the size and nature of the business of a reporting person, as the case may be and approved by its senior management.