Anti Money Laundering and Countering the Financing of Terrorism Regulations in Singapore
According to MAS “Financial institutions operating in Singapore are required to put in place robust controls to detect and deter the flow of illicit funds through Singapore’s financial system”.
In order to provide guidance and compliance requirements on Anti Money Laundering and Countering the Financing of Terrorism (AML/CFT), MAS issues AML/CFT Notices and Guidance papers.
Each business model has a corresponding AML/CFT Notice i.e. the notice for insurance companies provides different compliance details than the notice provided for commercial banking. There is no fintech specific notice, therefore fintech companies should refer to the AML/CFT notice that aligns with their specific business model.
Although the details provided in the notices are different, the general requirements are the same across all business models. The overview below provides the general AML/CFT requirements for the financial services industry in Singapor
To comply with AML/CFT guidelines financial services firms are expected to:
Access and mitigate money laundering and terrorist financing risks;
Identify and know their customers;
Conduct regular account reviews, and
Monitor and report any suspicious transaction.
Assessing and Mitigating the risks of Money Laundering (ML) and Terrorist Financing (TF)
Assessing risk specific guidelines
Identify ML and TF risks in your company. The guidelines suggest financial services companies look for common ML and TF threats that can be found in their:
Customer base and their overseeing jurisdiction
Products (including products still under development)
Delivery channels
Services offered
Third party data providers
Integrated IT systems
Reaccess ML and TF Risks before launching new products, practices or technologies
Mitigating risk specific guidelines:
Ensure executive and the board of directors understand ML and TF risks
Appoint a qualified chief officer in charge of AML/CFT compliance
Create policies and procedures for screening new and existing staff
Implement ongoing employee training programs so that staff up-to-date on AML/CFT policies and procedures.
Implement policies and procedures for document and data retention
Conduct Customer Due Diligence (CDD) and Know Your Customer (KYC) Procedures
CDD Specific guidelines:
Create a clear customer acceptance policy as well as procedures that identify the types of customers that are likely to pose a higher risk of ML and TF risk. When creating acceptance policy and procedures fintech companies should consider a customer’s:
Background
Occupation (including public or high-profile positions)
Source of income and wealth
Country of origin and residence
Products they use
Nature and purpose of their accounts,
Nature and purpose of any linked accounts
Business activities
Obtain information that can uniquely identify the customer. Examples of uniquely identifying information include:
Residential address
Registered or business address
Date of birth
Date of incorporation
Nationality
Place of incorporation
Determine if the customer is from a jurisdiction with inadequate AML/CFT measures. The full list of high-risk jurisdictions can be found here.
Determine if the customer is a Politically Exposed Person (PEP). Examples of PEPs include:
Heads of state
Heads of government
Senior politicians
Senior government official,
Judicial or military officials
Senior executives of state owned corporations
Important political party officials
Family members or close associates of a PEP
KYC specific guidelines:
Verify the identity of any customers, beneficial owners, as well as any persons acting on their behalf. Fintech companies should use reliable, independent source documents, data or information. Examples of identity verification include:
Confirming the identity of the customer or the beneficial owner from an unexpired official document that bears a photograph.
Confirming the date and place of birth from an official document such as a passport or birth certificate
Confirming the validity of official documentation through an embassy official or notary
Confirming the residential address on documents such as a utility bill or tax statement
Create a customer profile. The MAS guidelines suggest creating customer profiles in order to understand if a customer’s transaction behavior poses a risk for ML and TF. A customer profile can include:
The nature of their business and business relationships
Expected level of activity
Types of transactions
Sources of funds
Income
Overall wealth
Conduct Customer Due Diligence (CDD) and Know Your Customer (KYC) Procedures
CDD Specific guidelines:
Create a clear customer acceptance policy as well as procedures that identify the types of customers that are likely to pose a higher risk of ML and TF risk. When creating acceptance policy and procedures fintech companies should consider a customer’s:
Background
Occupation (including public or high-profile positions)
Source of income and wealth
Country of origin and residence
Products they use
Nature and purpose of their accounts,
Nature and purpose of any linked accounts
Business activities
Obtain information that can uniquely identify the customer. Examples of uniquely identifying information include:
Residential address
Registered or business address
Date of birth
Date of incorporation
Nationality
Place of incorporation
Determine if the customer is from a jurisdiction with inadequate AML/CFT measures. The full list of high-risk jurisdictions can be found here.
Determine if the customer is a Politically Exposed Person (PEP). Examples of PEPs include:
Heads of state
Heads of government
Senior politicians
Senior government official,
Judicial or military officials
Senior executives of state owned corporations
Important political party officials
Family members or close associates of a PEP
KYC specific guidelines:
Verify the identity of any customers, beneficial owners, as well as any persons acting on their behalf. Fintech companies should use reliable, independent source documents, data or information. Examples of identity verification include:
Confirming the identity of the customer or the beneficial owner from an unexpired official document that bears a photograph.
Confirming the date and place of birth from an official document such as a passport or birth certificate
Confirming the validity of official documentation through an embassy official or notary
Confirming the residential address on documents such as a utility bill or tax statement
Create a customer profile. The MAS guidelines suggest creating customer profiles in order to understand if a customer’s transaction behavior poses a risk for ML and TF. A customer profile can include:
The nature of their business and business relationships
Expected level of activity
Types of transactions
Sources of funds
Income
Overall wealth
Conduct Enhanced Customer Due Diligence (EDD) When Necessary
Conduct required enhanced due diligence for customers who have been identified as higher-risk for ML and FT. Example of scenarios that require EDD include:
Politically Exposed Persons
Customers from jurisdictions with inadequate AML/CFT standards
Examples of Enhanced Due Diligence. Although not an exhaustive of EDD examples, the MAS guidelines suggest:
Requiring Senior management approval
Requiring a credit reference agency search
Requiring a reference from a prior bank (including banking group reference) and contact with the bank regarding the customer;
Requiring verification of the customer’s income sources
Identifying the customer’s source of funds and wealth
Requiring a personal reference
Conduct regular account reviews
Develop and implement clear rules on the records that must be kept for CDD and EDD on customers
Keep customer information up-to-date
Review customer deemed as a higher risk for ML and TF on a more frequent basis
Ensure all CDD information is compliant with the PDPA
Monitor and report any suspicious transactions
Put in place and implement adequate systems and processes that scrutinise suspicious, complex, unusually large or unusual pattern of transactions.
Report any suspicious activity via a Suspicious Transaction Report to the Commercial Affairs Department of Singapore.
Further Resources for AML/CFT Compliance
As money laundering and terrorist financing threats continue to evolve, MAS periodically issues new AML/CFT guidance papers that you can access here.
Finally as noted earlier in the article, MAS has created business model specific notices for AML/CFT compliance. For an exhaustive guide to AML/CFT compliance see your business model specific notices here.