Title
AMLC Guidelines on Digitization of Records
Law
Amlc Regulatory Issuance (ari) A, B And C, No. 2, S. 2018
Decision Date
Sep 28, 2018
The Anti-Money Laundering Council (AMLC) mandates the digitization of customer records to enhance the confidentiality and efficiency of financial investigations, requiring covered entities to implement strict guidelines for data management and compliance within specified timelines.
anti
money laundering
customer records

Questions (AMLC REGULATORY ISSUANCE A, B AND C, NO. 2, S. 2018)

It requires covered persons to digitize customer records and submit them to the AMLC to enable swift and accurate AMLC investigations, while emphasizing confidentiality and avoiding “tipping-off.”

Because it can lead to immediate movement of funds from accounts under investigation, depriving the State of the opportunity to recover proceeds of unlawful activity.

The Guidelines refer to covered persons under the AMLA (e.g., banks and other AMLC-supervised entities). They must keep confidentiality, digitize customer records within timelines, maintain a central database, ensure security and accessibility, and submit digitized records to the AMLC when requested.

Customer records include (1) identity-related records obtained for true and full identity (e.g., customer information files, identification document copies/records, and CDD records), and (2) account transaction histories/statements of accounts in pesos or other currency.

They must act promptly and treat with utmost confidentiality all requests/orders to provide customer records and ensure officers/employees do not communicate information related to AMLC document requests or investigations.

Covered persons must develop a central database maintained in their head offices or main branches of foreign banks operating in the Philippines. The compliance officer (or any duly authorized officer/representative) must have direct, immediate, unimpeded access.

Covered persons must comply with applicable data privacy/protection and security laws and adopt retrieval procedures to ensure secure access and handling of digitized records.

Covered persons must store digitized records in formats that are acceptable for evidentiary purposes in court and consistent with forms/prescriptions that the AMLC may require.

Within six (6) months from effectivity of the Guidelines, covered persons must update their MLPP; immediately upon effectivity of the updated MLPP (and in no case later than six (6) months from effectivity of the Guidelines), they must implement digitization of all customer records they will henceforth receive, create, or open.

Within two (2) years from the expiration of the period stated in Section 6.a, covered persons must completely digitize all existing customer records and establish the central database accessible to the authorized officers.

No. Section 7 states digitization is without prejudice to compliance with AMLA and its IRR record-keeping and retrieval requirements.

Yes. The requirement to digitize customer records existing prior to implementation does not apply to covered persons engaged in MSB operations as defined by BSP issuances, except when their business model allows customers to open/keep/maintain an account as an electronic wallet or similar electronic product/service.

Upon request or direction, the compliance officer/authorized representative must submit digitized customer records extracted from the central database to the AMLC’s File Transfer and Reporting Facility (FTRF) using their log-on credentials or other mode as AMLC may prescribe.

Covered persons must ensure submission is complete, accurate, timely, and secure, consistent with AMLA IRR and other AMLC issuances.

The AMLC ensures compliance through compliance checking or other modes it deems appropriate. Supervising authorities and appropriate government agencies are also enjoined to ensure compliance by issuing/updating their own circulars/rules.

Non-compliance subjects covered persons to administrative sanctions/penalties under the AMLC Rules on Imposition of Administrative Sanctions (RIAS) and is considered a grave violation. Breaches of confidentiality of financial investigations may constitute criminal offenses under the AMLA, which prohibits disclosure of information related to covered/suspicious transaction reports and AMLC investigations.

They stress that no officer or employee should communicate information about AMLC requests/investigations (tipping-off). The AMLA likewise prohibits disclosure related to covered or suspicious transaction reports and AMLC financial investigations initiated from such reports.

It amends the RIAS to include violations of these Guidelines as grave offenses and subjects them to the corresponding administrative sanctions.

They take effect fifteen (15) days after publication in a newspaper of general circulation, per the effectivity clause in Section 11.


Analyze Cases Smarter, Faster
Jur helps you analyze cases smarter to comprehend faster, building context before diving into full texts. AI-powered analysis, always verify critical details.

About Privacy Terms