7. A Malaysian Banking Perspective: Responsibilities and Obligations (2)
Last week, I highlighted one of the main obligations and responsibilities of a Reporting Institution (RI), in this case, banks under Bank Negara Malaysia's (BNM) AML/CFT guidelines, which was Customer Due Diligence (CDD).
Today, I will highlight the following areas which I personally feel are important areas in BNM's guidelines:
transaction monitoring;
record keeping;
suspicious transaction reporting
A. Transaction Monitoring
Section 25: Management Information Systems (MIS)
RIs must have in place an adequate MIS, either electronically or manually, to complement its CDD process.
The MIS:
is required to provide the reporting institution with timely information on a regular basis to enable the reporting institution to detect irregularity and/or any suspicious activity.
shall commensurate with the nature, scale and complexity of the reporting institution's activities and ML/TF risk profile.
shall include, at a minimum, information on multiple transactions over a certain period, large transactions, anomaly in transaction patterns, customer's risk profile and transactions exceeding any internally specified threshold.
shall be able to aggregate customer's transactions from multiple accounts and/or from different systems.
may be integrated with the reporting institution's information system that contains its customer's normal transactions or business profile, which is accurate, up-to-date and reliable.
B. Record Keeping
Section 27
RIs are required to keep the relevant records including any accounts, files, business correspondence and documents relating to transactions, in particular, those obtained during the CDD process.
This includes documents used to verify the identity of customers and beneficial owners, and results of any analysis undertaken. The records maintained must remain up-to-date and relevant.
RIs are required to keep the records for at least six (6) years following the completion of the transaction, the termination of the business relationship or after the date of the occasional transaction.
When the records are subjected to on-going investigation or prosecution in court, they shall be retained beyond the stipulated retention period until such time reporting institutions are informed by the relevant law enforcement agency that such records are no longer required.
C. Suspicious transaction reporting (STR)
Section 29
RIs are required to promptly submit a STR to the Financial Intelligence and Enforcement Department (FIED), Bank Negara Malaysia (BNM) whenever the RI suspects or have reasons to suspect that the transaction (including attempted or proposed), regardless of the amount:
(a) appears unusual;
(b) has no clear economic purpose;
(c) appears illegal;
(d) involves proceeds from an unlawful activity; or
(e) indicates that the customer is involved in ML/TF.
RIs must provide the required information, including the background and circumstances which led to the said transactions. RIs must also have a reporting system in place for the submission of STRs, which includes the Compliance Officer deciding on the grounds for suspicion followed by the actual submission.
Point to ponder: Does your institution have these policies, processes and procedures in place? If Yes, what can be enhanced? If not, what can be implemented first?
These are excerpts taken from:
