This Manual on Anti-Money Laundering and Combating the Financing of Terrorism (“Manual”) was designed to define the acts constitutive of money laundering and to create an effective compliance and reporting system for the Corporation.
Money Laundering is the processing of the proceeds of a crime to disguise their origin. It is a process intended to mask the benefits derived from serious offenses or criminal conduct as described under the AMLA, so that they appear to have originated from a legitimate source.
Money laundering is committed by:
Any person who, knowing that ay monetary instrument or property represents, involves or relates to the proceeds of any unlawful activity:
Transacts said monetary instrument or property;
Converts, transfers, disposes of, moves, acquires, possesses or uses said monetary instrument or property;
Conceals or disguises the true nature, source, location, disposition, movement or ownership of or rights with respect to said monetary instrument or property;
Attempts or conspires to commit money laundering offenses referred to in the preceding items (1), (2) or (3);
Aids, abets, assists in, or counsel the commission of the money laundering offenses referred to in (1), (2), or (3) above; and
Performs or fails to perform any act as a result of which he facilitates the offense of money laundering referred to in (1), (2) or (3) above.
Any covered person who, knowing that a covered or suspicious transaction is required under the AMLA to be reported to the Anti Money Laundering Council (AMLC), fails to do so.
Generally, the process of money laundering comprises three stages, during which there may be numerous transactions that could alert a Regulated Intermediary to the money laundering activity:
Placement – the physical disposal of cash proceeds derived from illegal activity.
Layering – separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide anonymity or to obscure the source of funds.
Integration – the provision of apparent legitimacy to criminally derived wealth. If the layering process has succeeded, the integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing to be normal business funds.
The Board of Directors of the Corporation adopts a comprehensive and risk-based Money Laundering and Terrorist Financing Prevention Program (MLPP) geared toward the promotion of high ethical and professional standards and the prevention of the Corporation from being used, intentionally or unintentionally, for money laundering and terrorism financing (ML/TF). As such, the following policies and guidelines are being adopted:
Conduct of Face-to-Face Contact: The Corporation shall conduct face-to-face contact at the commencement of its relationship with a customer, or as reasonably practicable so as not to interrupt the normal conduct of business, taking into account the nature of the product, type of business and the risks involved; Provided that ML/TF risks are effectively managed. The use of electronic means in the conduct of face-to-face contact may be allowed, provided that the Corporation is in possession and has verified the identification documents submitted by the prospective client prior to the interview and that the entire procedure is documented.
Customer Identification and Know the Customer: The Corporation shall develop clear written identification and graduated acceptance policies and procedures including a set of criteria for customers that are likely to pose low, normal or high risk to its operations. The policies and procedures must include procedures for providing customers with adequate notice that the Corporation is requesting information to verify their identities.
Continuing Due Diligence (CDD): The Corporation shall adopt continuing due diligence measures on its business relationships to ensure that the transactions being conducted are consistent with its knowledge of the customer and/or beneficial owner, their business profile, including, where necessary, the source of its funds.
The Corporation shall undertake CDD measures when:
establishing business or professional relationship;
carrying out occasional transactions above PhP100,000.00 or any other threshold as may be determined by the Corporation, with notice to the AMLC, including situations where the transaction is carried out in a single operation or in several operations that appear to be linked;
carrying out occasional wire transfers in the circumstances under Rule 19, Section 6 of the 2018 Implementing Rules and Regulations (IRR) of AMLA, as amended;
there is a suspicion of ML/TF, regardless of any exemptions or thresholds;
the Corporation has doubts about the veracity or adequacy of previously
obtained identification information and/ or data.
A documented risk-based approach shall be undertaken in conducting CDD.
Prohibited Accounts: The Corporation shall maintain accounts only in the name of the account holder. It shall not open or keep anonymous accounts, fictitious name accounts, incorrect name accounts and similar accounts.
Compliance with laws: The Corporation shall comply with all relevant laws against ML/TF. No service shall be provided to any client where there is good reason that ML/TF activities could be involved.
Applicability: The Corporation should ensure that the principles applicable to the same are also applied to branches, offices, affiliates and subsidiaries located abroad, especially in countries which do not or insufficiently apply the anti-money laundering measures implemented in the Philippines, to the extent that local applicable laws and regulations permit.
Cooperation with law enforcement agencies especially with the AMLC: Should there be reasonable grounds for suspecting ML/TF, the Corporation shall fully cooperate with proper law enforcement agencies within the legal constraints relating to customer confidentiality.
Dissemination of Policies and procedures: Policies and procedures to prevent and detect possible ML/TF activities are properly disseminated to the officers and staff of the Corporation.
Designation of an AML Compliance Officer: The Corporation shall appoint an AML Compliance Officer who shall at least have a rank of Senior Vice President or an equivalent position with adequate stature and authority as the lead implementor of the program within an adequately staffed Compliance Office. The AML Compliance Officer shall not be a member of the Board of Directors (Board) and should annually attend AML trainings.
Updating of MLPP: The Corporation’s MLPP shall be regularly updated at least once every two (2) years to incorporate changes in AML/CFT policies and procedures, latest trends in ML and TF typologies, and latest pertinent SEC issuances. Any revision or update in the MLPP shall likewise be approved by the Board.
Checking of Corporation’s MLPP: The Corporation shall make their MLPPs readily available for inspection during onsite examination.
The Corporation shall obtain and record competent evidence of the true and full identity, representative capacity, domicile, legal capacity, occupation or business purposes of clients, as well as other identifying information on those clients, whether they be occasional or usual, through the use of documents such as, but not limited to:
Identification documents should provide the following information:
complete name or name used
present residential address
permanent residential address
date and place of birth
nationality
contact details
nature of work, name of employer or nature of self-employment or business
Tax Identification Number, Social Security Number or Government Service and Insurance System Number;
Specimen signature
Sources of funds, whenever necessary;
Name of beneficial owner or beneficiaries, if applicable (including complete name, address and contact information of the same)
Identification documents for individual customers are as follows:
For Filipino Citizens:
Philippine Identification Card (“PhilID”);
Other identification documents issued by the Government of the Republic of the Philippines, including its political subdivisions, agencies and instrumentalities; and
Other identification documents that can be verified using reliable, independent sources documents, data or information.
For Foreign Nationals:
PhilID, for resident aliens;
Passport;
Alien Certificate of Registration; and
Other identification documents issued by the Government of the Republic of the Philippines, including its political subdivisions, agencies and instrumentalities.
For Filipino Students:
PhilID;
School ID signed by the school principal or head of the educational institution; and
Birth Certificate issued by the Philippine Statistics Authority
For Low Risk Customers: Any document or information reduced in writing which the Corporation deems sufficient to establish the client’s identity.
At least one (1) of the identifying documents shall bear the photograph and signature of the customer.
Incorporation and partnership papers, for corporate and partnership accounts; which documents should be certified as true copies from the issuing government agency.
The following identification documents shall be obtained from corporate customer:
Certificates of Registration issued by the Department of Trade and Industry (DTI) for sole proprietors, or Certificate of Incorporation or
Partnership issued by the Securities and Exchange Commission for corporations and partnerships, respectively, and by the Bangko Sentral ng Pilipinas (BSP) for money changers, foreign exchange dealers and remittance agents
Articles of Incorporation/Partnership;
By-laws;
Registration Data Sheet/ Latest General Information Sheet;
Secretary’s Certificate citing the pertinent portion of the Board or Partners’ Resolution authorizing the signatory to sign on behalf of the entity; and
For entities registered outside of the Philippines, similar documents and/or information duly authenticated by a senior officer of the covered person assigned in the country of registration; in the absence of said officer, the documents shall be authenticated by the Philippine Consulate, company register or notary public, where said entities are registered.
Special authorizations for representatives which must be duly notarized.
The Corporation shall take into consideration the following criteria for customer risk profiling and assessment:
the nature of the service or product to be availed of by the customers;
the purpose of the transaction;
the source of fund and source of wealth;
the nature of the business or employment;
country of origin and residence of operations, or the fact that the customer came from a high-risk jurisdiction or geographical area;
watchlist of individuals and entities engaged in illegal activities or terrorist related activities as circulated by the BSP, AMLC and other international entities or organizations;
the existence of suspicious transaction indicators; and
such other factors as the Corporation may deem reasonable or necessary to consider in assessing the risk of a customer, including the amount of funds to be transacted by a customer or the size of transactions undertaken, regularity of transaction, and/ or are included in the negative list.
In assessing the risk profile of juridical persons, the Corporation shall also consider the financial profile and other relevant information of the active authorized signatories.
The Corporation shall adopt and observe the policy of not conducting business transactions with customers who fail to provide competent evidence of identity. In this regard, where initial verification fails to identify the customer, or give rise to suspicion/s that the information provided is false, additional verification measure should be undertaken to determine whether to proceed with the business and/or make a suspicious transaction report if circumstances under Section 3(b-1) of the AMLA, as amended, would apply. Details of the additional verification are to be recorded in writing and be made available for inspection by the SEC or any appropriate authorities.
The Corporation shall take further measures to verify the identity of the customer or beneficial owner, as applicable, if during the business relationship, it has reason to doubt:
The accuracy of the information relating to the customer’s identity;
That the customer is the beneficial; or
The customer’s declaration of beneficial ownership.
The Corporation shall likewise keep current and accurate all material information with
respect to its customers by regularly conducting verification and an update thereof.
The Corporation shall formulate a risk-based and tiered customer acceptance, identification and retention policy that involves reduced CDD for potentially low risk clients an enhanced CDD for higher risk accounts.
The Corporation shall take into consideration the following criteria for customer risk profiling and assessment:
the nature of the service or product to be availed of by the customers;
the purpose of the transaction;
the source of fund and source of wealth;
the nature of the business or employment;
country of origin and residence of operations, or the fact that the customer came from a high-risk jurisdiction or geographical area;
watchlist of individuals and entities engaged in illegal activities or terrorist related activities as circulated by the BSP, AMLC and other international entities or organizations;
the existence of suspicious transaction indicators; and
such other factors as the Corporation may deem reasonable or necessary to consider in assessing the risk of a customer, including the amount of funds to be transacted by a customer or the size of transactions undertaken, regularity of transaction, and/ or are included in the negative list.
In assessing the risk profile of juridical persons, the Corporation shall also consider the financial profile and other relevant information of the active authorized signatories.
The Corporation shall document the risk profiling results and what standards of CDD was applied. Also, it shall regularly update its risk-assessment/ risk-profiling of customers.
Reduced Due Diligence
In general, the Corporation shall apply full range of customer due diligence measures. However, if the risk of ML/TF is lower based on the Corporation’s assessment, and if information on the identity of the customer and the beneficial owner is publicly available, or adequate checks and controls exist elsewhere in national systems, it could be reasonable for the Corporation to apply simplified or reduced CDD measures when identifying and verifying the identity of the customer, the beneficial owner and other parties to the business relationship.
Reduced due diligence shall not be applied if there is suspicion of ML/TF.
Enhanced Due Diligence
The Corporation shall examine, as far as reasonably possible, the background and purpose of all complex, unusual large transactions and/or unusual patterns which have no apparent economic or lawful purpose, and other transactions that may be considered suspicious. Where the risks of ML/TF are higher, the Corporation is required to conduct enhance CDD measures consistent with the risks identified.
Whenever Enhanced CDD is applied, or where the risk of ML/TF are higher, the Corporation shall do all of the following, in addition to profiling of customers and monitoring of their transactions:
Gather additional customer information and/or identification documents, other than the minimum information and/or documents required for the conduct of normal CDD
In case of individual customers –
Supporting information on the intended nature of the business relationship/ source of funds/ source of wealth;
Reasons for intended or performed transactions;
List of companies where he/she is a stockholder, beneficial owner, director, officer or authorized signatory;
Other relevant information available through public databases or internet; and
List of banks where the individual has maintained or is maintaining an account.
In case of entities –
Prior or existing bank references;
The name, present address, nationality, date of birth, nature of work, contact number and source of funds of each of the primary officers;
Volume of assets, other information available through public databases or internet and supporting information on the intended nature of the business relationship, source of funds or source of wealth of the customer; and
Reasons for intended or performed transactions.
Conduct validation procedure on any or all of the information provided;
The validation procedure for individual customers shall include, but are not limited to, the following:
Confirming the date of birth from a duly authenticated official document;
Verifying the address through evaluation of utility bills, bank or credit card statement, sending thank you letters, or other documents showing address or through on-site visitation;
Contacting the customer by phone or electronic mail;
Determining the authenticity of the identification documents through the validation of its issuance by requesting a certification form the issuing authority or by any other effective and reliable means; or
Determining the veracity of the declared source of funds.
For corporate or juridical entities, verification procedure shall include, but are not limited to, the following:
Validating source of funds or source of wealth from reliable documents such as audited financial statements, income tax returns, bank references, etc;
In the case of an entity that is subject to supervision, inquiring from the supervising authority the status of the entity;
Verifying the address through on-site visitation of the entity, sending than you letter or other documents showing address; or
Contacting the entity by phone or electronic mail.
Secure Senior Management approval to commence or continue business relationship/ transaction with the customer;
Conduct enhanced ongoing monitoring of the business relationship;
Require the first payment to be carried out through an account in the customer’s name with a bank subject to similar CDD standards, where applicable; and
Perform such other measures as the Corporation may deem reasonable or necessary.
Where additional information cannot be obtained, or any information or document provided is false or falsified, or result of the validation process in unsatisfactory, the Corporation shall decline to establish the relationship with the customer, or to execute the requested transaction, without prejudice to the reporting of a suspicious transaction ot the AMLC when circumstances warrant.
Where the Corporation fails to satisfactorily complete the Enhanced CDD and reasonably believes that conducting Enhanced CDD will tip off the customer, it shall file a suspicious transaction report and closely monitor the account and review the business relationship.
The Corporation shall give special attention to business relationships and transactions with persons, including companies and financial institutions, from countries which:
Are subject to financial sanctions, embargoes or similar measures by the United Nations or other public international organizations;
Have been identified by credible sources as:
having deficient AML/CFT regimes;
having significant amounts of corruption or other criminal activity, including in particular illegal drug production, distribution or trafficking, money laundering, or human trafficking;
providing financing or supporting terrorism or terrorist activities, or having terrorist organizations operating within their territory;
being tax havens;
experiencing significant civil unrest.
Politically Exposed Persons (PEPs)
The Corporation shall establish and record the true and full identity of PEPs, as well as their immediate family members and entities related to them.
In case of domestic PEPs or persons who have been entrusted with a prominent function by an international organization, or their immediate family members or close associates, in addition to performing the applicable due diligence measures, the Corporation shall:
Take reasonable measures to determine whether a customer or the beneficial owner is a PEP; and
In cases when there is a higher risk business relationship, adopt measures under Section 5.C.3 and Section 5.C.4 hereof on Enhanced CDD relative to individual customers.
In relation to foreign PEPs or their immediate family members or close associates, in addition to performing the applicable customer due diligence measures, the Corporation shall:
Put in place risk management systems to determine whether a customer or the beneficial owner is a PEP;
Adopt measures under Section 5.C.3 and Section 5.C.4 hereof on Enhanced CDD relative to individual customers.
Shell Companies
Shell companies are legal entities which have no business substance in their own right but through which financial transactions may be conducted. The Corporation should note that shell companies may be abused by money launderers and therefore be cautious in their dealings with them.
Further, the Corporation should also obtain a Board of Directors' Certification as to the purposes of the owners/stockholders in acquiring the shell company. There must likewise be satisfactory evidence of the identities of the beneficial owners, bearing in mind the "Know-Your-Customer” principle.
Trust, Nominee and Fiduciary Accounts
The Corporation shall establish whether the applicant for business relationship is acting on behalf of another person as a trustee, nominee or agent. It should obtain competent evidence of the identity of such agents and authorized signatories, and the nature of their trustee or nominee capacity and duties.
Where the Corporation entertains doubts as to whether the trustee, nominee or agent is being used as a dummy in circumvention of existing laws, it shall immediately make further inquiries to verify the status of the business relationship between the parties. If satisfactory evidence of the beneficial owners cannot be obtained, the Corporation shall consider whether to proceed with the business, bearing in mind the "Know-Your-Customer" principle. If it decides to proceed, the Corporation is to record any misgivings and give extra attention to monitoring the account in question.
Where the account is opened by a firm of lawyers or accountants, the Corporation should make reasonable inquiries about transactions passing through the subject accounts that give cause for concern, or from reporting those transactions if any suspicion is aroused. If a money laundering Suspicious Transaction Report is made to the AMLC in respect of such client's accounts, the Council will seek information directly from the lawyers or accountants as to the identity of its client and the nature of the relevant transaction, in accordance with the powers granted to it under the AMLA, as amended, and other pertinent laws.
Transactions Undertaken on Behalf of Account Holders or Non-Account Holders
Where transactions are undertaken on behalf of account holders of the Corporation, particular care shall be taken to ensure that the person giving instructions is authorized to do so by the account holder.
Transactions undertaken for non-account holders demand special care and vigilance. Where the transaction involves significant amounts, the customer should be asked to produce competent evidence of identity including nationality, especially in cases where the client is not a Filipino, the purposes of the transaction, and the sources of the funds.
Wire Transfers
Because of the risk associated with dealing with fund/wire transfers, where the Corporation may unknowingly transmit proceeds of unlawful activities or funds intended to finance terrorist activities, it shall establish policies and procedures designed to prevent it from being utilized for that purpose which shall include, but not limited to, the following:
A beneficiary institution shall not accept instructions to pay-out fund transfers to non-customer beneficiary, unless it has conducted the necessary CDD to establish the true and full identity and existence of said beneficiary. Should the originator and beneficiary be the same person, the beneficiary institution may rely on the CDD
conducted by the originating institution provided the rules on third party reliance are met, treating the originating institution as third party as therein defined;
An originating institution shall not accept instructions to fund/wire transfer from a non-customer originator, unless it has conducted the necessary CDD to establish the true and full identity and existence of said originator;
In cross border transfers, if the originator is a high-risk customer as herein described, the beneficiary institution shall conduct enhanced CDD on the beneficiary and the originator. Where additional information cannot be obtained, or any information or document provided is false or falsified, or result of the validation process is unsatisfactory, the beneficiary institution shall refuse to affect the fund/wire transfer or the pay-out of funds without prejudice to the reporting of a suspicious transaction to the AMLC when circumstances warrant;
Whenever possible, manually initiated funds transfer (MIFT) instructions should not be the primary delivery method. Every effort shall be made to provide client with an electronic solution. Where MIFT is utilized, the following validation procedures shall apply:
Prior to the Corporation accepting from a customer a manually initiated funds transfer request, the customer must execute and sign an agreement which preferably is part of the account opening documentation, wherein are outlined the manual instruction procedures with related security procedures including customer agreement to accept responsibility for fraudulent or erroneous instructions provided it has complied with the stated security procedures.
It is mandatory that written MIFT instructions are signature verified. In addition, one of the following primary security procedures must be applied:
a recorded callback to the customer to confirm the transaction instructions, or
test word arrangement/verification, provided that this procedure may be substituted by any of the following validity checks:
use of a controlled PIN or other pre-established code;
sequential numbering control of messages;
pre-established verifiable forms;
same as prior transmissions;
standing/pre-defined instructions; or value for value transactions.
It is mandatory that MIFT instructions are signature verified and the device be located in a secured environment with limited and controlled staff access which permits visual monitoring. If monitoring is not possible, the device must be secured or programmed to receive messages into a password protected memory.
MIFT transactions below a certain threshold [approved by the [branch manager/country manager] (for branches of foreign covered institutions) or Business Risk Manager in accordance with policies and procedures approved by the Corporation's board of directors] may be processed with the mandatory procedure described above and an enhanced security procedure such as any or all of the following.
Telephone callback numbers and contacts must be securely controlled. The confirmation callback is to be recorded and made to the signatory/(ies) of the customer's individual account(s). For commercial and company accounts the callback will be made to the signatory/(ies) of the account or, if so authorized, another person designated by the customer in the MIFT agreement. The party called is to be documented on the instructions. The callback must be made by someone other than the person receiving the original instructions and effecting the signature verification.
Cross border and domestic fund/wire transfers and related message not exceeding P50,000.00 or its equivalent in foreign currency, shall include accurate and meaningful originator and beneficiary information. The following information shall remain with the transfer or related message through the payment chain:
Name of the originator;
Name of the beneficiary; and
Account number of the originator and beneficiary, or in its absence, a unique reference number.
For cross border and domestic fund/wire transfers and related message amounting to P50,000.00 or more, or its equivalent in foreign currency, the following information shall be obtained and accompany the wire transfer:
Name of the originator;
Originator account number where such an account is used to process the transaction or a unique transaction reference number which permits traceability of the transaction;
Originator's address, or national identity number, or customer identification number, or date and place of birth;
Name of the beneficiary; and
Beneficiary account number where such an account is used to process the transaction, or unique transaction reference number which permits traceability of the transaction.
For domestic wire transfers, the originating institution should ensure that the required information accompanies the wire transfers, unless this information can be made available to the beneficiary institution and relevant authorities by other effective means. In the latter case, the ordering institution shall include only the account number or a unique identifier within the message or payment form which will allow the transaction to be traced back to the originator or beneficiary. Originating institutions are required to provide the information within three (3) working days from receiving the request either from the beneficiary institution or from relevant authorities or agencies.
Should any wire/fund transfer amounting to P50,000.00 or more or its equivalent be unaccompanied by the required originator information, the beneficiary institution shall exert all efforts to establish the true and full identity and existence of the originator by requiring additional information from the originating institution or intermediary institution. It shall likewise apply enhanced due diligence to establish the true and full identity and existence of the beneficiary. Where additional information cannot be obtained, or any information or document provided is false or falsified, or result of the validation process is unsatisfactory, the beneficiary institution shall refuse to effect the fund/wire transfer or the pay-out of funds without prejudice to the reporting of an ST to the AMLC when circumstances warrant.
The Corporation’s policies and procedures must include procedures for making and maintaining a record of all customer relationships and transactions, including customer identification and verification, such that:
Requirements of the AMLA, as amended, are fully met;
Any transaction effected via the Corporation can be reconstructed and from which the AMLC, and/or the courts will be able to compile an audit trail for suspected money laundering, when such report is made to it;
The Corporation can satisfy within a reasonable time any inquiry or order from the AMLC as to disclosure of information, including without limitation, whether a particular person is the customer or beneficial owner of transactions conducted through the Corporation.
The following document retention periods shall be followed:
All records of all transactions of the Corporation, especially customer identification records, shall be maintained and safely stored in an easily accessible place for five
(5) years from the dates of transactions.
With respect to closed accounts, the records on customer identification, account files and business correspondence, shall be preserved and safely stored for at least five (5) years from the dates when they were closed.
SRC Rule 52.1.1 (Books and Records Keeping Rule) and Rule 52.1.2 (Records Retention Rule) of the 2015 Implementing Rules and Regulations of the SRC continue to be in full force and effect.
Notwithstanding the foregoing, if the records relate to on-going investigations or transactions that have been the subject of a disclosure, they shall be retained beyond the stipulated retention period until it is confirmed that the case has been closed and terminated.
The Corporation shall designate at least two (2) persons responsible in the safekeeping of all records and report to the SEC any change in the person/s responsible.
The Corporation shall institute a system for the mandatory reporting of covered transactions and suspicious transactions. In this regard, it shall register with the AMLC's electronic reporting system.
Covered Transaction Report (CTR)
The Corporation shall file a Covered Transaction Report ("CTR") with the AMLC involving any transaction in cash or other equivalent monetary instrument involving a total amount in excess of Five Hundred Thousand Pesos (Php500,000.00) within one (1) banking day;
Suspicious Transaction Report (STR)
The Corporation shall file Suspicious Transaction Reports ("STR") with the AMLC for transactions, regardless of the amount of the transaction, where any of the following circumstances exists:
There is no underlying legal or trade obligation, purpose or economic justification;
The client is not properly identified;
The amount involved is not commensurate with the business or financial capacity of the client;
Taking into account all known circumstances, it may be perceived that the client's transaction is structured in order to avoid being the subject of reporting requirements under the AMLA;
Any circumstance relating to the transaction which is observed to deviate from the file of the client and/or the client's past transactions with the Corporation;
The transaction is in any way related to an unlawful activity or offense under the AMLA that is about to be, is being, or has been committed; or
Any transaction that is similar or analogous to any of the foregoing.
In this regard, the Corporation should exercise due diligence by implementing adequate systems for identifying and detecting suspicious transactions.
Suspicious transactions are likely to involve a number of factors which together raise a suspicion in the mind of the Corporation that the transaction may be connected with any unlawful activity.
Transaction Reporting
The Corporation shall report to the AMLC all covered transactions and suspicious transactions within five (5) working days, unless the AMLC prescribes a different period not exceeding fifteen (15) working days, from the occurrence thereof.
For suspicious transactions, "occurrence" refers to the date of determination of the suspicious nature of the transaction, which determination should be made not exceeding ten
(10) calendar days from the date of transaction. However, if the transaction is in any way related to, or the person transacting is involved in or connected to, an unlawful activity or money laundering offense, the 10-day period for determination shall be reckoned from the date the Corporation knew or should have known the suspicious transaction indicator.
Should a transaction be determined to be both a covered and a suspicious transaction, the Corporation shall report the same as a suspicious transaction.
The Corporation shall likewise file STR for suspicious attempted transactions. An attempted transaction is one that a client intended to conduct and made overt acts to do so. Such overt acts include entering into negotiations or discussions to conduct the transaction and involves definite measures to be undertaken by the SEC, the Corporation or the customer. In order for an attempted transaction to be reported as an attempted suspicious transaction, there must be reasonable grounds to suspect that said attempted transaction is related to ML/TF.
The Corporation shall maintain a register of all suspicious transactions that have been brought to the attention of its Compliance Officer, including transactions that are not reported to the AMLC. It shall likewise maintain a register of all covered transactions which are not reported to the AMLC pursuant to AMLC Resolution No. 292, Series of 2003. The registers shall contain details of the date on which the report is made, the person who made the report to its Compliance Officer, and information sufficient to identify the relevant papers related to said reports.
Confidentiality of CTR and STR
The Corporation, its directors, officers and employees, shall not warn its customers that information relating to them has been reported or is in the process of being reported to the AMLC, or communicate, directly or indirectly, such information to any person other than the AMLC. Any violation of this confidentiality provision shall render them liable for criminal, civil and administrative sanctions under the AMLA.
When reporting CTs and STs to the AMLC, the Corporation, its directors, officers and employees, are prohibited from communicating, directly or indirectly, in any manner or by
any means, to any person or entity, or the media, the fact that a covered or suspicious transaction report was made, the contents thereof, or any other information in relation thereto. Any information about such reporting shall not be published or aired, in any manner or form, by the mass media, or through electronic mail, or other similar devices.
In case of violation thereof, the concerned officer and employee of the Corporation shall be criminally liable in accordance with the provision of the AMLA, as amended.
The Corporation is required to establish and implement internal control and procedures aimed at preventing and impeding ML/TF. Such procedures shall, among other things, ensure that the Corporation and its employees are aware of the provisions of the AMLA, its implementing rules and regulations, as well as all reportorial and compliance control and procedures that shall be established by the AMLC, the Supervising Authority and the Corporation.
The Corporation shall establish written internal reporting procedures which shall:
Enable all its directors, officers, employees, and all key staff to know to whom they should report any knowledge or suspicion of ML/TF activity;
Ensure that there is a clear reporting chain under which suspicions of ML/TF activity will be passed to the Compliance Officer, in accordance with its reporting procedures;
Require the Compliance Officer to consider any report in the light of all relevant information available for the purpose of determining whether or not it gives rise to a knowledge or suspicion of ML/TF;
Ensure that the Compliance Officer has reasonable access to any other information which may be of assistance in the determination as to whether or not a suspicious transaction report is to be filed;
Require that, upon determination of the suspicious nature of the report, the information contained therein is disclosed promptly to the AMLC;
Maintain a register of all reports filed to AMLC.
The internal audit function associated with ML/TF should be conducted by qualified personnel who are independent of the office being audited. It must have the support of the board of directors and senior management and have a direct reporting line to the board or a board-level audit committee.
It shall be responsible for the periodic (not less frequently than once every 2 years) and independent evaluation of the risk management, degree of adherence to internal control mechanisms related to the customer identification process, such as the determination of the existence of customers and the completeness of the minimum information and/or documents establishing the true and full identity of, and the extent and standard of due diligence applied to, customers, CT and ST reporting and record keeping and retention, as well as the adequacy and effectiveness of other existing internal controls associated with ML/TF.
The results of the internal audit shall be timely communicated to the board of directors and shall be open for scrutiny by SEC examiners in the course of the regular or special examination without prejudice to the conduct of its own evaluation whenever necessary. Results of the audit shall likewise be promptly communicated to the Compliance Office for appropriate monitoring of corrective actions taken by the different business units concerned.
The Compliance Office shall regularly submit reports to the board to inform them of management's action to address deficiencies noted in the audit.
The Corporation, may, due to the scale and nature of their operations, assign the internal audit function to another person (e.g., professional association, parent company or external auditors) under terms of reference approved by the institution's board of directors designed to ensure the effectiveness of the internal audit function. Where the Corporation delegates its responsibilities for internal audit, due diligence is to be exercised to ensure that the persons appointed are able to perform these functions effectively and the fact of such appointment must be relayed in writing to the SEC and to AMLC. Notwithstanding that the internal audit function may be outsourced, the Corporation's board of directors remains responsible for its effective operation.
The Corporation shall provide education and continuing training for all its staff and personnel, including directors and officers, to ensure that they are fully aware of their personal obligations and responsibilities in combating ML/TF and to be familiar with its system for reporting and investigating suspicious matters.
It may assign the training functions to another person (e.g., professional association, parent company or external training provider). Where the Corporation delegates its responsibilities for training, due diligence is to be exercised to ensure that the persons appointed are able to perform these functions effectively and the fact of such appointment must be relayed in writing to the SEC and to AMLC. Notwithstanding that the training function may be outsourced, the Corporation's board of directors remains responsible for the effective operation of the training program.
The following training programs are recommended:
New Staff: A general appreciation of the background to ML/TF, the need to be able to identify suspicious transactions and report such transactions to the appropriate designated point within the Corporation. This training shall be provided to all new employees, regardless of level of seniority.
Cashiers/Dealers' Representatives/Advisory Staff: Personnel who deal directly with the clients are the first point of contact with potential money launderers. Their efforts are therefore vital to its reporting system for such transactions. They should be trained to identify suspicious transactions and, on the procedure, to be adopted when a transaction is deemed to be suspicious. "Front Line" staff should be made aware of the Corporation's policy for dealing with non-regular customers particularly where large cash transactions are involved, and the need for extra vigilance in cases under suspicious circumstances.
Supervisors and Managers: A higher level of instruction covering all aspects of ML/TF procedures should be provided to supervisors and managers. This will include the offences and penalties arising from the AMLA, procedures relating to service of production and restraint orders, internal reporting procedures, and the requirements for verification of identity and the retention of records.
The Corporation shall, at least once a year, make arrangements for refresher training to remind key staff of their responsibilities and to make them aware of any changes in the laws and rules relating to ML/TF, as well as its internal procedures.
The Corporation's annual AML training program and records of all AML seminars and trainings it conducted and/or attended by its personnel (internal or external), including copies of AML seminar/training materials, shall be appropriately kept by the Compliance Officer/unit/department, and made available during periodic or special SEC examinations and to self-regulatory organizations (SROs) of covered institutions, if applicable.
Further, it shall ensure that all relevant personnel are informed in a timely manner of any new provisions, updates or changes in laws, as well as new, amended or updated SEC rules, regulations, guidelines and circulars relating to ML/TF, and its internal procedures based on any of the foregoing. Training on any such new provisions, amendments, updates or changes shall be provided as necessary.