RESOLUTION OF BOARD OF NATIONAL BANK OF THE REPUBLIC OF KAZAKHSTAN

of February 28, 2022 No. 11

About approval of Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes

According to the paragraph third "About counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing" the Board of National Bank of the Republic of Kazakhstan DECIDES: parts one of Item 3-2 of article 11 of the Law of the Republic of Kazakhstan

1. Approve the enclosed Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes.

2. To the payment institutes which underwent accounting registration in National Bank of the Republic of Kazakhstan to bring internal documentation into accord with this resolution within three months from the date of enforcement of this resolution.

3. To department of payment systems (Ashykbekov E. T.) in the procedure established by the legislation of the Republic of Kazakhstan to provide:

1) together with Legal department (Kasenov A. S.) state registration of this resolution in the Ministry of Justice of the Republic of Kazakhstan;

2) placement of this resolution on official Internet resource of National Bank of the Republic of Kazakhstan after its official publication;

3) within ten working days after state registration of this resolution submission to Legal department of data on execution of the action provided by the subitem 2) of this Item.

4. To impose control of execution of this resolution on the vice-chairman of National Bank of the Republic of Kazakhstan Sholpankulov B. Sh.

5. This resolution becomes effective after ten calendar days after day of its first official publication.

It is approved Financial monitoring agency of the Republic of Kazakhstan

Approved by the Resolution of Board of National Bank of the Republic of Kazakhstan of February 28, 2022 No. 11

Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes

Chapter 1. General provisions

1. These Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes (further – Requirements) parts one of Item 3-2 of article 11 of the Law of the Republic of Kazakhstan "About counteraction of legalization (washing) of the income received in the criminal way and to terrorism financing" are developed according to the paragraph third (further – the Law on POD/FT) and extend to payment institutes (further – the organizations).

2. The concepts applied in Requirements:

1) the beneficial owner – physical person:

which directly or indirectly possesses more than twenty five percent of shares in the authorized capital or placed (less exclusive and redeemed by society) shares of the client - the legal entity;

exercising control over the client otherwise;

for the benefit of which the client makes transactions with money and (or) other property;

2) faultless goodwill – availability of the facts confirming professionalism, conscientiousness, lack of not removed or unspent conviction, including lack of the judgment which took legal effect about application of criminal penalty in the form of deprivation of the right to hold leading employee position of the financial organization, bank and (or) insurance holding and to be large member (large shareholder) of the financial organization for life.

3. Internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction (further – POD/FT/FROMU) is performed by the organization for the purpose of:

1) ensuring accomplishment by the organization of requirements of the Law on POD/FT;

2) maintenance of system effectiveness of internal control at the level sufficient for taking measures to monitoring, identification of risks of legalization (washing) of income gained in the criminal way, financings of terrorism and financing of distribution of weapons of mass destruction (further – OD/FT/FROMU) or other criminal activities (further – risk management of OD/FT/FROMU), and also the integrated risks connected with deliberate or inadvertent involvement of the organization in processes (further – risks of OD/FT/FROMU);

3) exceptions of involvement of the organization and workers in processes of OD/FT/FROMU.

4. Within the organization of internal control for the purpose of POD/FT/FROMU in the organization the including requirements to carrying out substantive audit in case of availability of the decision of governing body or executive body of the organization on carrying out substantive audit, service of internal audit of the organization or other body authorized on carrying out internal audit, efficiency evaluation of internal control for the purpose of POD/FT/FROMU are developed and accepted by governing body or executive body of the organization of the rule of internal control.

Rules of internal control include programs, the stipulated in Article 11 Laws on POD/FT which are developed by the organization independently according to Requirements and are the internal document of the organization or set of such documents.

The organizations which use payment agents (subagents) include them in the programs, the stipulated in Article 11 Laws on POD/FT and exercise control of accomplishment of these programs by them.

The organizations within thirty calendar days from the date of enforcement of the made changes and (or) additions in the legislation of the Republic of Kazakhstan on counteraction of legalization (washing) of income gained in the criminal way and to terrorism financing (further – POD/FT) bring rules of internal control into accord with the made changes and (or) additions in the legislation of the Republic of Kazakhstan on POD/FT.

Chapter 2. The organization of internal control for the purpose of POD/FT/FROMU, including the requirement about appointment of person responsible for realization and observance of rules of internal control, from among leading employees of the organization or other heads of the organization is not lower than the head of the relevant structural division, and also other requirements imposed to the employees of the organization responsible for realization and observance of rules of internal control, including availability of faultless goodwill

5. According to the procedure, established by internal documents of the organization, in the organization the official responsible for realization and observance of rules of internal control is designated, from among leading employees of the organization or other heads of the organization is not lower than the level of the head of the relevant structural division (further – the ranking officer), and also the workers responsible for realization and observance of rules of internal control, or division of the organization which competence questions POD/FT enter (further – division on POD/FT) are determined.

6. Requirements to the ranking officer, the workers responsible for realization and observance of rules of internal control or employees of division on PODFT, are:

1) availability of the higher education;

2) availability of length of service in financial and (or) payment institutes at least two years (except for work experience on positions of technical or support personnel);

3) availability of faultless goodwill.

7. The program of the organization of internal control for the purpose of POD/FT/FROMU includes:

1) the description of functions of division on POD/FT, including the procedure of interaction with other divisions and personnel of the organization, branches when implementing internal control for the purpose of POD/FT/FROMU, and also functions, powers of the ranking officer, the procedure of interaction of the ranking officer with authorized bodies and officials of the organization;

2) data on the automated information systems and the software used for implementation of internal control for the purpose of POD/FT/FROMU and transmission of messages in authorized body on financial monitoring including the information about their developers;

3) procedure for fixation of data, and also document storages and information received during realization of internal control for the purpose of POD/FT/FROMU taking into account possibility of their use as the proof in court that they could be timely available to authorized body, and also other state bodies according to their competence;

4) the procedure of informing the organization by workers, including the ranking officer, authorized bodies and officials of the organization about the facts of violation of the law which became to them known about POD/FT, and also the rules of internal control allowed by employees of the organization;

5) the requirement description on POD/FT/FROMU (in the presence), established by the legal entity who has control over the organization;

6) assessment procedure, determinations, documentary fixation and updating of results of risks assessment of OD/FT/FROMU;

7) procedure of development of control measure, procedure for management and decrease in risks of OD/FT/FROMU;

8) the procedure of classification of the clients taking into account OD/FT/FROMU risk degree;

9) classifications of the clients taking into account risk degree of risks assessment of legalization of OD/FT/FROMU (low, high);

10) additional measures (in the presence) on the organizations of internal control for the purpose of POD/FT/FROMU included in the program by the organization.

8. Functions of the ranking officer and employees of division on POD/FT according to the program of the organization of internal control for the purpose of POD/FT/FROMU include:

1) ensuring availability of the rules of internal control and (or) changes (amendments) to them developed and approved with executive body of the organization, and also monitoring of their observance in the organization;

2) the organization of representation and control of submission of messages to authorized body for financial monitoring according to the legislation of the Republic of Kazakhstan on POD/FT;

3) ensuring transfer to authorized body on financial monitoring of information, data and documents on clients and about the transactions made by them according to the Law on POD/FT without notice of clients and other persons;

4) decision making about recognition of transactions of clients as suspicious and need of the direction of messages in authorized body on financial monitoring according to the procedure, provided by internal documents of the organization;

5) acceptance or approval of authorized body or the official of the organization of decisions on the refusal of carrying out transactions of clients in the cases provided by the Law on POD/FT, and according to the procedure provided by internal documents of the organization;

6) the direction of requests to executive body of the organization for decision making about establishment, continuation or the termination of business relations with clients in the cases and procedure provided by the Law on POD/FT and (or) internal documents of the organization;

7) informing authorized bodies and officials of the organization on the revealed abuses of regulations of internal control according to the procedure, provided by internal documents of the organization;

8) preparation and approval of executive body of the organization of information on results of implementation of rules of internal control and recommended measures for improvement of risk management systems and internal control for the purpose of POD/FT/FROMU for report generation to authorized bodies of the organization;

9) the additional functions (in the presence) the ranking officer and employees of division on POD/FT determined by the organization in pursuance of the program of the organization of internal control for the purpose of POD/FT/FROMU.

9. For accomplishment of the assigned functions the ranking officer and employees of division on POD/FT are allocated with the following powers:

1) receipt of access to all premises of the organization, to information systems, means of telecommunications, documents and files, in the limits allowing to perform the functions in full, and according to the procedure, provided by internal documents of the organization;

2) ensuring confidentiality of information obtained when implementing the functions;

3) ensuring safety of all documents and files received from divisions of the organization;

4) the additional powers (in the presence) the ranking officer and employees of division on POD/FT allocated with the organization.

10. In the presence in branches of employee organization to whom the functions and powers provided by Items 8 and 9 of Requirements are fully or partially assigned coordination of activities of such workers is performed by the ranking officer.

11. Functions of the ranking officer, and also employees of the organization to whom functions, stipulated in Item 8 Requirements are assigned are not combined with functions of service of the internal audit or other body authorized on carrying out internal audit and also functions of the divisions performing operational (current) organization activity.

12. The organization for automation of processes for internal control for the purpose of POD/FT/FROMU uses the automated information systems conforming to the following requirements:

1) possibility of maintaining the file (questionnaires) of clients, including the changes (amendments) made to them;

2) identification of threshold transactions with money and (or) other property, subject to financial monitoring according to article 4 of the Law on POD/FT and equal or exceeding the threshold amount established by the Law on POD/FT (further – threshold transaction), and also suspicious transactions by in advance set criteria taking into account requirements of the legislation of the Republic of Kazakhstan about POD/FT, and also results of assessment of degree of exposure of services of the organization to risks of OD/FT/FROMU;

3) lack of possibility of exception of information of the database on the file (questionnaires) of clients, to the performed operations, the sent messages in authorized body on financial monitoring;

4) availability of system of backup and storage of information;

5) taking the minutes of work of each user protected from modification.

Chapter 3. The management program risks of OD/FT/FROMU considering risks of clients and risks of use of services in criminal objectives including risk of use of technological achievements

13. For the purpose of the organization of risk management of OD/FT/FROMU the organization develops the management program risks (risks assessment) of OD/FT/FROMU.

The management program risks of OD/FT/FROMU includes, but is not limited:

1) procedure for the organization of risk management of OD/FT/FROMU of the organization by its structural divisions;

2) OD/FT/risks assessment technique to FROMM taking into account the main categories of risks (as the client, to country risk and risk of services/products) concerning risk level of the client, and also degree of exposure of services (products) of the organization to risks of OD/FT/to FROMM;

3) the procedure of regular monitoring, the analysis and control of risks of clients and degree of exposure of products (services) of the organization to risks of OD/FT/FROMU providing the list of precautionary actions, procedure and terms of their carrying out, control of results according to the taken measures;

4) procedure for assignment, terms and bases for review of levels of risks of clients;

5) order of interaction with substantive audit, in case of availability of the decision of the organization on carrying out substantive audit for efficiency evaluation of internal control system of the organization for the purpose of POD/FT to FROMM;

6) procedure for taking measures to classification of clients taking into account categories and risk factors, and also other categories of the risks established by the organization;

7) procedure for determination and the risks assessment of OD/FT/FROMU arising before development (start) of new products and new business practice, including new mechanisms of transfer, and also use of the new or developing technologies both for new, and for already existing products.

14. The organization on annual basis performs assessment of degree of exposure of services (products) of the organization to risks of OD/FT/FROMU taking into account the report of risks assessment of OD/FT/FROMU and, at least, the following specific categories of risks: risk as clients, country (geographical) risk, risk of service (product) and (or) method of her (his) provision (further – Annual assessment).

Assessment of degree of exposure of services (products) of the organization to risks of OD/FT/FROMU is followed by the description of the possible actions directed to minimization of the revealed risks including change of procedures of identification and monitoring of transactions of clients, establishment of limits on carrying out transactions, change of conditions of provision of services (products), refusal of provision of services (products).

Results (results) of Annual assessment it is documented according to internal documents and procedures of payment institute on which the authorized body on financial monitoring and authorized body no later than the first quarter following after calendar year is notified.

15. Types of clients, whose status and (or) whose activities has high risk of OD/FT/FROMU, include:

1) foreigners;

2) public officials, their spouse (spouse) and close relatives and representatives;

3) foreign financial organizations;

4) legal entities and individual entrepreneurs whose activities are connected with intensive cash turnover, including:

organizers of gaming, and also persons providing services or the gaining income from activities of online casino outside the Republic of Kazakhstan;

persons providing tourist services, and also other services connected with intensive cash turnover;

5) the insurance (reinsurance) organizations, insurance brokers performing activities for industry "insurance on life";

6) persons performing activities as insurance agents;

7) persons performing intermediary activities for purchase and sale of the real estate;

8) non-profit organizations, in form of business of funds, religious associations;

9) persons located (registered) in the foreign states specified in Item 16 of Requirements and also the branches located in the Republic of Kazakhstan and representations of such persons;

10) the additional types determined by the organization (in the presence) clients whose status and (or) whose activities increase risk of OD/FT/FROMU.

16. The organization performs assessment of the country (geographical) risk connected with provision of services (products) to clients from the foreign states specified in this Item and implementation of transactions with money and (or) other property with participation of such foreign states.

Foreign states with which transactions increase risk of OD/FT/FROMU are:

1) foreign states (territories) included in the list of the states (territories) which are not implementing or not enough financial measures of anti-money laundering (FATF) implementing recommendations of Group of development, constituted by authorized body on financial monitoring;

2) foreign states (territories) to which the international sanctions (embargo) accepted by resolutions of the Security Council of the United Nations are applied;

3) foreign states and (or) parts of the territories of the foreign states which are characterized as offshore zones:

The United States of America (only regarding the territories of the American Virgin Islands, the State of Wyoming, the island of Guam, State of Delaware and Commonwealth of Puerto Rico);

Principality of Andorra;

State of Antigua and Barbuda;

Commonwealth of the Bahamas;

State of Barbados;

State of Belize;

State of Brunei Darussalam;

United Republic of Tanzania;

Republic of Vanuatu;

Republic of Guatemala;

State of Grenada;

Republic of Djibouti;

Commonwealth of Dominica;

Dominican Republic;

New Zealand (only regarding the territory of the Cook Islands and Niue);

Spain (only regarding the territory of the Canary Islands);

Federal Islamic Republic Comoro Islands;

Co-operative Republic of Guyana;

Republic of Costa Rica;

The People's Republic of China (only regarding the territories of the special administrative area Aomin (Macau);

Republic of Liberia;

Lebanese Republic;

Principality of Liechtenstein;

Islamic Republic of Mauritania;

Malaysia (only regarding the enclave territory Labuan);

Republic of Maldives;

Republic of Malta;

Mariana Islands;

Republic of the Marshall Islands;

The kingdom of Morocco (only regarding the territory of the city of Tangier);

Union Myanmar;

Republic of Nauru;

Federal Republic of Nigeria;

The Netherlands (only regarding the territory of the island of Aruba and the dependent territories of the Antilles);

Republic of Palau;

Republic of Panama;

Portugal (only regarding the territory of the islands of Madeira);

Independent State of Samoa;

Republic of Seychelles;

State of Saint Vincent and Grenadines;

Federation Saint Kitts and Nevis;

State of Saint Lucia;

Republic of Suriname;

Kingdom of Tonga;

Republic of Trinidad and Tobago;

The United Kingdom of Great Britain and Northern Ireland (only regarding the territories of the Island of Anguilla, Bermuda, the British Virgin Islands, Gibraltar, the Cayman Islands, the island of Montserrat, Turks and Caicos Islands);

Sovereign Democratic Republic of Fiji;

Republic of the Philippines;

The French Republic (only regarding the territories of French Guiana and French Polynesia);

Republic of Montenegro;

Democratic Republic of Sri Lanka;

Jamaica;

4) foreign states (territories) determined by the organization as representing high risk of OD/FT/FROMU on the basis of other factors (data on the level of corruption, illegal production, turnover and (or) transit of drugs, data on support of the international terrorism and another).

17. Services (products, transactions) of the organization, and also the methods of their provision subject to high risk of OD/FT/FROMU include, but are not limited:

1) remote customer service, including servicing by means of electronic terminals;

2) services in acceptance of cash for implementation of payment without opening of the bank account of the sender of money for the amount exceeding five hundred thousand tenges;

3) services in realization (distribution) of electronic money and payment cards;

4) services in acceptance and payment processing, made with use of electronic money the exceeding amount equal to the fiftyfold size of the monthly settlement indicator established for the corresponding financial year by the law on the republican budget;

5) services in payment processing, initiated by the client electronically, and transfer of necessary information to bank, the organization performing separate types of banking activities for implementation of payment and (or) transfer or acceptance of money on these payments.

18. In case of assessment of degree of exposure of services (products) of the organization to risks of OD/FT/FROMU according to the categories and factors of risks specified in Items 15, of 16 and 17 Requirements, the organization the additional data influencing final risk degree, including without limitation are considered:

1) the number of the messages on suspicious transactions of clients sent by the organization to authorized body for financial monitoring;

2) the number of the messages on threshold transactions of clients sent by the organization to authorized body for financial monitoring with cash.

19. Within program implementation of risk management (risks assessment) of OD/FT/FROMU by the organization measures for classification of clients taking into account categories and factors of the risks specified in Items 15, of 16 and 17 Requirements, and also other categories and factors of the risks established by the organization are taken.

Risk level of the client (customer group) is established by the organization for analysis results of information about the client (clients) received within the procedures for identification and monitoring of transactions of clients and estimated on risk level determination scale which cannot consist less than of two levels (low, high).

Review of risk level of the client (customer group) is performed by the organization for measure of updating of information about the client (customer group).

Chapter 4. Program of identification of clients

20. For the purpose of implementation of requirements of the Law on POD/FT for proper check of the client the organization develops the program of identification of clients (their representatives) and beneficial owners.

Identification of the client (his representative) and the beneficial owner consists in carrying out by organization of events on fixation and check of reliability of information about the client (his representative), identification of the beneficial owner and fixation of information about him, establishment and fixation of the expected purpose of business relations or one-time transaction (transaction), and also obtaining and fixation of other information about the client (his representative) and the beneficial owner provided by Requirements.

Depending on risk level of the client degree carried out by organization of events is expressed in application of the simplified or strengthened measures of proper check of clients (their representatives) and beneficial owners by carrying out the standard, simplified or strengthened identification of clients (their representatives), beneficial owners, according to Item 7 of article 5 of the Law on POD/FT.

Identification of the beneficial owner is performed by acceptance of proper (reasonable) measures for check of the identity of the beneficial owner of the client, including by request at the client of additional data and (or) documents about final by the beneficiary the client's owner.

21. Taking into account requirements of Items 2 and 3 of article 5 of the Law on POD/FT the organization carries out identification of the client (his representative) and the beneficial owner, and also establishes the expected purpose of business relations or one-time transaction (transaction) in cases:

1) establishments of business relations with the client, except for realization of electronic money on the amount which is not exceeding the hundredfold size of monthly settlement indicator, and also distribution of payment cards which amount does not exceed two hundred thousand tenges;

2) making by the client of one-time transaction (transaction) on the amount:

exceeding five hundred thousand tenges in case of acceptance of cash for transfer on the bank account of physical person by means of the equipment (device) intended for acceptance of cash including by making in one calendar day of several transactions (transactions);

exceeding and (or) equal to the fiftyfold size of monthly settlement indicator in case of acceptance of payments, the electronic money made with use;

exceeding five hundred thousand tenges in case of acceptance of cashless payments and (or) money transfers without use of the bank account;

exceeding two hundred thousand tenges when implementing transaction with use of the payment card which is not access facility to the bank account;

3) making by the client of threshold transaction (transaction);

4) identifications of suspicious transaction (transaction) of the client;

5) availability of reasons for doubt in reliability of earlier obtained data on physical persons and legal entities.

22. The data received according to Item 21 of Requirements are introduced (join) the organization in the file of the client which is stored in the organization throughout the entire period of business relations with the client and at least five years from the date of their termination or making of one-time transaction (transaction), taking into account possibility of their use as the proof in court that they could be timely available to authorized body, and also other state bodies according to their competence.

Documents and data on the transactions with money and (or) other property including which are subject to financial monitoring, suspicious transactions and also results of studying of difficult, unusually large and other unusual transactions are subject to storage by the organizations at least five years after transaction making.

23. The simplified identification is carried out by the organization taking into account requirements of Item 7 of article 5 of the Law on POD/FT in case of:

1) establishment of business relations with banks of the second level, the insurance (reinsurance) organizations, professional participants of the security market - residents of the Republic of Kazakhstan;

2) assignment to the client of the lowered risk level of OD/FT/FROMU.

24. The strengthened identification is carried out by the organization:

1) in case of assignment to the client of high risk level;

2) in case of identification in the course of monitoring and studying of transactions of the client of suspicious transaction (transaction) or attempt of its making, except for situations in case of which the strengthened identification will lead to its inadvertent informing on the direction of the message on such transaction in authorized body on financial monitoring;

3) when carrying out transactions on the amount exceeding threshold, stipulated in Item 1 article 4 of the Law on POD/FT;

4) in the presence of doubts in reliability of the data provided by the client;

5) in the cases established by internal documents of the organization, including for the decision of the ranking officer.

25. In the course of identification of the client (identification of the beneficial owner) by the organization it is performed on availability of such client (the beneficial owner) in the list of the organizations and faces tied with financing of terrorism and extremism, received according to article 12 of the Law on POD/FT (further – the List of FT), the list of the organizations and faces tied with financing of distribution of weapons of mass destruction, received according to article 12-1 of the Law on POD/FT (further – the List of FROMU).

Concerning foreigners, other persons concerning whom the organization has data on availability of nationality of foreign state for them and also stateless persons by the organization in the course of identification of the client (identification of the beneficial owner) it is performed on belonging of such client (the beneficial owner) to the public official, his spouse (spouse) and close relatives.

26. The documents submitted by the client (his representative) for the purpose of confirmation of information about the client (his representative) and the beneficial owner are checked for their reality.

27. The program of identification of the client (his representative) and the beneficial owner includes:

1) the procedure of acceptance of clients on servicing, including the procedure and the bases for refusal in establishment of business relations and (or) in carrying out transaction, and also the termination of business relations;

2) the procedure of identification of the client (his representative) and the beneficial owner, including feature of procedures of application of the simplified and strengthened measures of proper check of the client;

3) the description of the measures directed to identification among the physical persons which are on servicing or accepted on servicing of public officials, their spouses and close relatives and acceptance of such clients on servicing (with the written permission of officials of the organization);

4) the procedure of check of the client (his representative) and the beneficial owner on availability in the List of FT and the List of FROMU;

5) features of identification in case of remote establishment of business relations (without personal presence of the client or his representative);

6) features of exchange of the data received in the course of identification of the client (his representative) and the beneficial owner, within fulfillment of requirements on POD/FT/FROMU, established by the legal entity who has control over the organization (in the presence);

7) the description of the additional sources of information including provided by state bodies for the purpose of identification of the client (his representative) and the beneficial owner;

8) procedure of check of reliability of information about the client (his representative) and beneficial owner;

9) requirements to form, content and procedure for maintaining the file of the client, updating of the data containing in the file with indication of frequency of updating of data;

10) the procedure of ensuring access of employees of the organization to information received when carrying out identification;

11) assessment procedure of risk level of the client, basis of assessment of such risk;

12) the list of measures (procedures) directed to identification and identification of the beneficial owner of the clients by the organization, including the list requested from the client of documents and information, procedure for adoption by the organization of the decision on recognition of physical person by the beneficial owner;

13) additional measures (in the presence) on the identifications of the client (his representative) and the beneficial owner included in the program the organization.

If the organization according to the Law on POD/FT based on the agreement charged to the other person application concerning clients of the organization of the measures provided by subitems 1), 2), 2-1), 2-2) and 4) of Item 3 of article 5 of the Law on POD/FT, the organization develops rules of its interaction with such persons who include:

procedure of identification of possible (potential) risks of OD/FT/FROMU;

the procedure of the conclusion the organization of contracts with persons to whom carrying out identification is entrusted, and also the list of officials of the organization, representatives to sign such agreements;

the procedure of identification of the client physical person, his representative, beneficiary according to contracts between the organization and persons to whom carrying out identification is entrusted;

the procedure and terms of transfer of the organization of the data received when carrying out identification, persons to whom carrying out identification is entrusted;

the procedure of implementation by the organization of control of observance by persons to whom carrying out identification, requirements for identification, including the procedure, terms and completeness of transfer of the organization of the received data, and also the measures taken by the organization for elimination of the revealed violations is entrusted;

the bases, the procedure and terms of adoption by the organization of the decision on unilateral refusal of agreement performance with persons to whom carrying out identification is entrusted, in case of non-compliance with requirements for identification, including the procedure, terms and completeness of transfer of the organization of the received data by them, and also the list of officials of the organization, representatives to make such decision;

regulations on responsibility of persons to whom the organization charged carrying out identification, for non-compliance by them with requirements for identification, including procedure, terms and completeness of transfer of the organization of the received data;

the procedure of interaction of the organization with persons to whom carrying out identification, concerning rendering the methodological help to them for the purpose of fulfillment of requirements on identification is entrusted;

the additional terms (in the presence) included in rules of interaction by the organization.

The organizations do not make the actions provided by Items 6, of the 6-1 and 8 article 5 of the Law on POD/FT in case of registration, stay or findings of other subject of financial monitoring or the foreign financial organization in the state (territory) which does not carry out and (or) implements recommendations of Group of development of financial measures of anti-money laundering (FATF) insufficiently.

28. Taking into account requirements of article 6 of the Law on POD/FT the organization carries out identification of the client (his representative) and the beneficial owner to establishment of business relations.

Chapter 5. The program of monitoring and studying of transactions of clients, including studying of difficult, unusually large and other unusual transactions of clients

29. For the purpose of implementation of requirements of the Law on POD/FT for proper check of the client, and also on identification and the direction in authorized body on financial monitoring of messages on threshold and suspicious transactions, the organization develops the program of monitoring and studying of transactions of clients.

30. Within the program of monitoring and studying of transactions of clients by the organization events for updating and (or) receipt of additional information about clients (their representatives) and beneficial owners, and also on studying of transactions of clients and identification of threshold and suspicious transactions are held.

Frequency, depth and intensity of studying of transactions of the client is determined taking into account risk level of the client, on the basis of the analysis of data on the size, the importance, nature, scale and complexity of activities of the client, and also data on source of financing of the transactions made by the client and (or) degree of exposure of services which the client, to risks of OD/FT/FROMU, making (making attempt) by the client of the transactions (transaction) which are subject to financial monitoring and also taking into account the scenarios (schemes) of OD/FT/FROMU and (or) signs of unusual and suspicious transactions which are available for the organization uses.

Results of monitoring and studying of transactions of clients are used by the organization for annual assessment of degree of exposure of services of the organization to risks of OD/FT/FROMU, and also for review of levels of risks of clients.

Received within program implementation of monitoring and studying of transactions of the client, including studying of difficult, unusually large and other unusual transactions of clients, data are entered in the file of the client and also at least five years from the date of their termination or making of one-time transaction (transaction) are stored in the organization throughout the entire period of business relations with the client.

31. Frequency of updating and (or) need of receipt of additional information about the client (his representative) and the beneficial owner are established by the organization taking into account risk level of the client (customer group) and (or) degree of exposure of services of the organization which the client uses, OD/FT/FROMU is risk.

Updating of information about the client (his representative) and the beneficial owner with high risk level is performed at least once a year.

Verification of presence of the client (the beneficial owner) in the List of FT and the List of FROMU (inclusions in the List of FT and the List of FROMU) does not depend on risk level of the client and is performed in process of modification in Lists of FT and Lists of FROMU (updating of the List of FT and the List of FROMU).

32. The program of monitoring and studying of transactions of clients includes:

1) the list of signs of unusual and suspicious transactions constituted on the basis of Signs of determination suspicious the transactions approved by authorized body on financial monitoring according to Item 2 of article 10 of the Law on POD/FT, and also developed by the organization independently;

2) the procedure of identification of transaction of the client having the characteristics corresponding to the tipologiya, schemes and methods of legalization (washing) of the criminal income and financings of terrorism approved by authorized body on financial monitoring according to Item 5 of article 4 of the Law on POD/FT;

3) distribution of obligations between employees of the organization for updating earlier received and (or) to receipt of additional information about the client (his representative) and the beneficial owner in the cases provided by Requirements;

4) distribution of obligations between employees of the organization for identification and transfer between workers of data on threshold, unusual and suspicious transactions, and also the transactions having the characteristics corresponding to tipologiya, schemes and methods of legalization (washing) of the criminal income and financings of terrorism;

5) the description of the mechanism of interaction of divisions in case of identification of threshold, unusual and suspicious transactions, and also the transactions having the characteristics corresponding to tipologiya, schemes and methods of legalization (washing) of the criminal income and financings of terrorism;

6) procedure, bases and term of adoption by the ranking officer of the decision on qualification of transaction of the client;

7) procedure of interaction of workers for decision making about refusal in carrying out transaction of the client (except for refusal in connection with finding of the client, beneficial owner in the List of FT and the List of FROMU), and also about the termination of business relations with the client;

8) procedure of interaction of divisions (workers) of the organization for identification of the clients and beneficial owners who are in the List of FT and the List of FROMU and also for immediate freezing of transactions with money and (or) other property of such clients;

9) the procedure of fixation (including fixation methods) and storages of data on results of studying of unusual transactions, and also data on threshold and suspicious transactions (including transaction amounts, transaction currencies) and the transactions having the characteristics corresponding to tipologiya, schemes and methods of legalization (washing) of the criminal income and financings of terrorism;

10) procedure of submission to authorized body for financial monitoring of messages on threshold and suspicious transactions;

11) the procedure of informing (in need of) authorized bodies and officials of the organization on identification of threshold and suspicious transaction;

12) the procedure of acceptance and the description of the measures taken concerning the client and his transactions in case of implementation by the client systematically and (or) in considerable amounts of unusual and (or) suspicious transactions;

13) the additional measures (in the presence) for monitoring and studying of transactions of clients included in the program by the organization.

33. In case of doubts regarding legitimacy of qualification of transaction as threshold, and also in case of identification of the unusual or suspicious transaction and transaction having the characteristics corresponding to tipologiya, schemes and methods of legalization (washing) of the criminal income and financings of terrorism, the employee of the organization who revealed the specified transaction sends the message on such transaction to the ranking officer (to division on POD/FT) according to the procedure, in form and to the terms established by internal documents of the organization.

Information on several transactions goes as in one message or several messages.

The messages on transactions specified in parts one of this Item, and also results of their studying are stored by the organization at least five years from the date of the termination of business relations with the client or making of one-time transaction (transaction).

34. According to the subitem 2) of Item 2 of article 5 of the Law on POD/FT all transactions of the client are subject to studying:

on the bases specified in item 4 of article 4 of the Law on POD/FT;

if they have characteristics of signs of suspicious transaction.

Transactions of the client are recognized suspicious if by results of studying of the transactions specified in part one of this Item at the organization reasons to believe are had that transactions of the client are connected with legalization of laundering of the income and financings of terrorism.

The decision on recognition (non-recognition) of transaction of the client as suspicious transaction by the organization is made independently based on information which is available at its order and documents characterizing the status and activities of the client (his representative) and the beneficial owner performing transaction and also information on financial and economic activities, financial position and goodwill of the client.

The difference between time of making of transaction and time of recognition of such transaction suspicious, does not exceed the period determining the frequency of studying of transaction of the client according to rules of internal control of the organization.

The organization represents to authorized body on financial monitoring of the message on making of suspicious transaction with money and (or) other property, no later than the working day following behind day of adoption of the relevant decision by the organization (action making) by electronic method by means of electronic interaction of the organization with authorized body for financial monitoring on its platform.

Messages on committed transactions with money and (or) other property which were not acknowledged suspicious before their carrying out are represented by the organization to authorized body no later than twenty four hours after recognition of transaction suspicious.

Chapter 6. The program of preparation and training of subjects of financial monitoring in the field of POD/FT/FROMU

35. The purpose of the Program of preparation and training of workers in the field of POD/FT/FROMU (further – the Training program) is receipt of knowledge by employees of the organization and forming of the skills necessary for execution of requirements of the legislation by them in the field of POD/FT/FROMU, and also rules of internal control and other internal documents of the subject in the field of POD/FT/FROMU.

36. The program of preparation and training of workers in the field of POD/FT/FROMU includes, but is not limited:

1) the procedure for continuous training of workers including scope of training, methods, terms of carrying out and division (face) responsible for carrying out training;

2) the list of divisions (workers) of the organization whose workers are trained;

3) procedure and forms of storage of results of training;

4) procedure and forms of examination of workers concerning POD/FT/FROMU.

37. The training program is developed according to the requirements for preparation and training of workers of subjects approved by authorized body on financial monitoring according to Item 8 of article 11 of the Law on POD/FT.

Appendix 1

to Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes

See Appendix 1 (90Kb In original language)

Appendix 2

to Requirements to Rules of internal control for the purpose of counteraction of legalization (washing) of income gained in the criminal way, to financing of terrorism and financing of distribution of weapons of mass destruction for payment institutes

See Appendix 2 (0.10Mb In original language)

 

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info