Title
AMLC Guidelines for DNFBPs AML/CFT Compliance
Law
Amlc Regulatory Issuance (b) No. 1, S. 2018
Decision Date
Jun 13, 2018
The Anti-Money Laundering Council (AMLC) establishes comprehensive guidelines for Designated Non-Financial Businesses and Professions (DNFBPs) to combat money laundering and terrorism financing, mandating compliance with ethical standards, customer due diligence, and effective risk management systems.
anti
money laundering
counter
A

Legal basis, policy intent, and principles

  • Republic Act No. 9160 (Anti-Money Laundering Act of 2001), as amended, is the governing AML framework that regulates DNFBPs as covered persons.
  • Republic Act No. 10365 amended Republic Act No. 9160 to include additional DNFBP types as covered persons.
  • Republic Act No. 10168 (otherwise known as the Terrorism Financing Prevention and Suppression Act of 2012 (TFPSA)) is part of the compliance target for countering terrorism financing.
  • DNFBP regulation is required to be proportionate to the nature, scale, and complexity of operations to prevent exploitation by criminals (Section 1).
  • DNFBPs must apply AML/CFT principles including: high ethical standards and good corporate governance (Section 1); sufficient customer/client knowledge (Section 1); AML/CFT risk management that identifies, assesses, monitors, and controls ML/TF risks (Section 1); full compliance culture (Section 1); and full cooperation with AMLC and AMLC directives (Section 1).

Coverage and core definitions

  • The guidelines apply to the following DNFBPs (Section 2):
    • Jewelry dealers, dealers in precious metals, and dealers in precious stones.
    • Company service providers that, as a business, provide services to third parties involving: formation agency for juridical persons; acting as or arranging directors/corporate secretaries/partners or similar positions; providing registered office/business address/correspondence/administrative address; or acting as or arranging nominee shareholders.
    • Persons (including lawyers and accountants) that provide services involving: managing client money/securities/other assets; management of bank/savings/securities/accounts; organization of contributions for company creation/operation/management; and creation/operation/management of juridical persons or arrangements, and buying and selling business entities.
  • The guidelines define an Account as a business relationship between a DNFBP and a customer/client (Section 3(a)).
  • A Beneficial Owner is any natural person who ultimately owns or controls the customer and/or on whose behalf a transaction is being conducted, or has ultimate effective control over a legal person or arrangement (Section 3(d)).
  • A Covered Transaction includes transactions involving: Php500,000.00 or more (or equivalent) generally (Section 3(f)(1)); and Php1,000,000.00 or more (or equivalent) in the case of jewelry dealers and dealers in precious metals and precious stones (Section 3(f)(2)).
  • A Customer/Client is any person who transacts or attempts to transact with a DNFBP (Section 3(g)).
  • A Suspicious Transaction is defined by reference to paragraph (b-1), Section 3 of Republic Act No. 9160 (Section 3(r)).
  • Politically Exposed Person (PEP) shall be used as defined under Section 3.R of the 2016 RIRR and amendments thereto (Section 3(m)).
  • Terrorism Financing refers to acts defined and punished under Sections 4, 5, 6, 7 and 8 of Republic Act No. 10168 (Section 3(s)).
  • Unlawful activity refers to unlawful activities under Section 3(i) of the AMLA, as amended (Section 3(u)).
  • The guidelines adopt additional term definitions from the 2016 Revised Implementing Rules and Regulations (RIRR) when not otherwise mentioned (Section 3).

DNFBP compliance program obligations

  • DNFBPs must establish, implement, monitor, and maintain an effective AML/CFT Compliance Program consistent with these guidelines (Section 4(a)).
  • DNFBPs must devise and implement policies, procedures, processes, and controls designed to prevent and detect potential ML/TF, including at minimum: compliance regime; risk assessment; customer due diligence; record keeping; training and awareness; employee screening; detection of suspicious transactions; and reporting of covered and suspicious transactions (Section 4(b)).
  • DNFBPs must communicate relevant policies and controls to all relevant employees (Section 4(c)).
  • DNFBPs must conduct an ongoing employee training program on current ML/TF risks, techniques, methods, and trends (Section 4(d)).
  • DNFBPs must conduct regular independent reviews of their AML/CFT program (Section 4(e)).
  • DNFBPs must conduct Institutional Risk Assessment by identifying, assessing, and understanding AML/CFT risks relating to customers, business, products/services, geographical exposures, transactions, delivery channels, and size, and document a risk-based approach (Section 5(a)).
  • The institutional risk assessment must include both quantitative and qualitative factors (Section 5(a)) and must be documented with findings (Section 5(b)(1)).
  • DNFBPs must keep risk assessments up-to-date through periodic review and submit the assessment information to the AMLC when required (Section 5(b)(3) and Section 5(b)(4)).
  • Institutional risk assessment must be conducted at least once every two (2) years or as determined by the AMLC (Section 5(f)).
  • DNFBPs must develop risk management policies to mitigate identified ML/TF risks, monitor implementation, enhance measures when needed, and apply enhanced measures when higher risks are identified (Section 6).
  • DNFBPs’ Board or governing body, partners, or sole proprietor are ultimately responsible for ensuring AMLA compliance, AML rules/regulations, and AMLC directives (Section 7(a)).
  • DNFBPs must designate a compliance officer of senior management status for day-to-day AML/CFT compliance, with direct communication to the governing body and authority to report AML/CFT issues including failures to manage ML/TF risks and new AML/CFT obligations issued by AMLC (Section 8(a)).
  • DNFBPs must designate another officer responsible and accountable for record keeping requirements, and ensure records are made available to the AMLC upon request (Section 8(a)).

ML/TF Prevention Program (ML/TFPP) requirements

  • The Board/governing body/partners/sole proprietor must approve, and the compliance officer must implement, a comprehensive, risk-based ML/TFPP geared toward promoting high ethical/professional standards and preventing ML and TF (Section 9(a)).
  • The ML/TFPP must be: in writing, consistent with the AMLA, reflected in the DNFBP’s corporate structure and risk profile, readily available in hard or soft copy, well disseminated to implementing officers/staff, and supported by an audit trail evidencing dissemination (Section 9(a)).
  • DNFBPs with multiple Philippine locations must adopt an institution-wide ML/TFPP implemented in a consolidated manner (Section 9(a)).
  • The ML/TFPP must be updated at least once every two (2) years or whenever necessary to reflect changes in AML/CFT obligations, trends, detection techniques, and typologies (Section 9(a)).
  • The ML/TFPP must include, at minimum (Section 9(a)(1)-(8)):
    • Detailed procedures covering AMLA and guidelines requirements, including customer identification/acceptance and ongoing monitoring; record keeping/retention; covered transaction reporting; suspicious transaction reporting with a flagging/monitoring/reporting system regardless of amount; a suspicious transaction reporting chain; and designation of a Board-Level or approved Committee or a senior officer to decide filing to AMLC (Section 9(a)).
    • A continuous AML/CFT training program for directors and responsible officers/employees to ensure compliance with AMLA, guidelines, other issuances, internal policies, and AMLC obligations (Section 9(b)).
    • A risk-based screening and recruitment process to ensure only qualified personnel with no criminal record or integrity-related issues are employed or contracted (Section 9(c)).
    • An internal audit system and independent audit program ensuring completeness/accuracy of customer information, including written specification of independent audit scope covering accuracy of identification documents, CTR and STR submitted to the AMLC, and records retained, and adequacy/effectiveness of training programs (Section 9(d)).
    • A mechanism ensuring audit/inspection deficiencies are immediately corrected (Section 9(e)).
    • Cooperation with the AMLC (Section 9(f)).
    • Designation of a compliance officer as lead implementer (senior management level) (Section 9(g)).
    • Identification, assessment, and mitigation of ML/TF risks arising from new business practices, services, technologies, and products (Section 9(h)).
  • Within ninety (90) days from effectivity, all DNFBPs must prepare and have available for inspection an updated ML/TFPP embodying the guidelines’ principles and provisions (Section 9).
  • The compliance officer must submit to the AMLC a sworn certification that the updated ML/TFPP has been prepared, duly noted and approved by the Board/governing body (Section 9).

Internal controls, audits, and CDD system

  • DNFBPs must establish internal controls for day-to-day compliance considering size and complexity (Section 10(a)).
  • Internal audits must be conducted by qualified personnel independent of the unit being audited, with support and direct line of communication to the Board/governing body/partners/sole proprietor (Section 10(a)).
  • Internal audit must include periodic and independent evaluation of risk management and adherence to compliance measures (Section 10(a)).
  • Internal audit scope must cover accuracy of customer identification information, covered and suspicious transaction reports, and all other records/internal controls for AML/CFT compliance (Section 10(a)).
  • Internal audits must occur at least once every two (2) years or at a frequency consistent with DNFBP risk assessment (Section 10(a)).
  • Internal audit results must be timely and directly communicated to Board/senior management and the compliance officer (Section 10(a)).
  • DNFBPs must have written procedures for promptly remedying deficiencies identified through internal audit (Section 10(a)).
  • Audit results relative to AML/CFT compliance must be promptly made available to the AMLC upon request (Section 10(a)).
  • Findings of internal audit must be periodically assessed by an independent third-party auditor accredited by the AMLC (Section 10(a)).
  • DNFBPs must implement customer due diligence by adopting a policy to identif
...continue reading

Analyze Cases Smarter, Faster
Jur helps you analyze cases smarter to comprehend faster, building context before diving into full texts. AI-powered analysis, always verify critical details.

About Privacy Terms