The obligations placed on DNFBPs are contained within:
These legislation are explained further in the Relevant Legislation section.
A summary of the main obligations is as follows:
- A DNFBP must register with the Agency - Section 5C of the FIA Act as amended by the Financial Investigation Agency (Amendment) Act 2021 (“FIAA Act 2021”) makes it clear that all DNFBPs operating within the Territory are required to register with the Agency. As part of the registration process, persons conducting such businesses are also required to provide the Agency with details of all persons holding significant interests within the business. These persons include directors, senior officers, sole proprietors, money laundering reporting officers, shareholders and beneficial owners. For more details on registration, please click here.
Alternatively, you can also contact the Agency at:
Supervision and Enforcement Unit
Email: [email protected]
- Establish internal systems, policies, processes, procedures, and controls - Regulation 3 of the AML Regulations and Section 11 of the AML Code stipulate that all entities including DNFBPs must establish an internal control system. This would normally take the form of a compliance manual. The DNFBP may be required to submit the manual to the Agency upon request, to ensure full compliance with the applicable legislation.
- Effecting customer due diligence (CDD) and verification measures- Section 19 of the Code requires that an entity must conduct due diligence procedures on clients and any applicants for business. This require applies for one-off transactions as well as ongoing business relationships. For different DNFBP businesses this threshold may vary and we would ask you to refer to the AML Code and the specific guidance notes issued by the Agency for information on the thresholds which may apply to you and your business.
- Appoint a Money Laundering Reporting Officer (MLRO)- Regulation 13 of the AML Regulations and sections 16 and 17 of the AML Code provide critical guidance on an organisation’s requirement to appointing an MLRO. The person appointed as MLRO must meet the requirements set out in the AML Regulations. The role of this individual within the organisation is important as this person would be responsible for ensuring that employees report any suspicious activities they may encounter. This person is also the sole liaison with the Agency as it relates to the filing of suspicious activity reports. All DNFBP’s are required to provide the Agency with the details of the person whom they have appointed to act as the MLRO within their organisation.
- Reporting of suspicious transaction/activity - Regulation 15 of the AML Regulations and section 18 of the Code makes reporting a suspicion mandatory for both employees as well as the MLRO. This is crucial as it aids in the fight against money laundering and terrorist financing. All entities must ensure that they have internal policies and procedures for both employees and the MLRO to carry out their reporting obligations.
- Institute record keeping procedures- Regulations 8 to 10 of the AML Regulations and sections 42 through to 46 of the AML Code speaks on an entities’ requirement to maintain records. It is required that all records be kept for a minimum of 5 years. An entity that fails to keep proper records commits an offence and would be liable to a fine being imposed.
- Provide appropriate and effective training to employees- Regulation 16 of the AML Regulations and section 47 – 49 of the AML Code offers clear guidance in relation to staff training. All employees are required to receive annual anti-money laundering and countering the financing of terrorism training. Such trainings should be proportionate to the responsibilities of the employee. Penalties are enforced if such requirements are not met.