Title
AMLC Guidelines on Digitization of Records
Law
Amlc Regulatory Issuance (ari) A, B And C, No. 2, S. 2018
Decision Date
Sep 28, 2018
The Anti-Money Laundering Council (AMLC) mandates the digitization of customer records to enhance the confidentiality and efficiency of financial investigations, requiring covered entities to implement strict guidelines for data management and compliance within specified timelines.
anti
money laundering
customer records

Policy and core objectives

  • Any revelation by any person of an ongoing AMLC investigation is declared inimical to the public interest because it leads to immediate movement of funds from accounts under investigation, depriving the State of the opportunity to recover proceeds of unlawful activity.
  • Covered persons must ensure that their officers and employees understand their responsibilities to maintain confidentiality of financial investigations and to prevent tipping-off through improper disclosure.
  • Covered persons must ensure that customer records are submitted in the manner, quality and period that assist the AMLC in prompt financial investigations and institution of legal actions.
  • Swift retrieval of documents is declared essential to AMLC investigations, making timely and digitized submission a policy priority.

Key defined terms

  • Customer records” refers to records obtained by covered persons to establish the true and full identity of customers under Customer Due Diligence (CDD) policies and procedures, including:
    • Customer information files with minimum information provided by customers;
    • Copies or records of official identification documents or similar identity-establishing documents;
    • Account files and business correspondence, including analysis results from inquiries to establish the background and purpose of complex, unusually large transactions (collectively treated as CDD records or CDD documents).
  • Customer records” also refers to account transaction histories or statements of accounts, whether in Philippine pesos or other currency.
  • Other terms are defined by Republic Act No. 9160, its Implementing Rules and Regulations, and AMLC resolutions, directives, and other issuances.

Who must comply (covered persons)

  • The Guidelines impose duties on covered persons, which are those subject to the AMLC’s AMLA framework and AMLC requests for documents in the course of AMLC functions to investigate and conduct bank inquiry.
  • Covered persons must treat and handle AMLC information requests under confidentiality obligations tied to financial investigations.

Duties: confidentiality, digitization, and databases

  • Covered persons must act promptly and treat with utmost confidentiality:
    • Requests for information and/or documents; and
    • Orders to provide customer records pursuant to AMLC functions to investigate or conduct bank inquiry.
  • Covered persons must digitize all customer records in accordance with the timelines in Section 6, including customer records pertaining to accounts existing prior to the implementation period, subject to the specific exclusion below.
  • Digitization of customer records existing prior to the implementation period does not apply to covered persons engaged in money service business operations as defined by Bangko Sentral ng Pilipinas issuance, except when the business model allows the customer to open, keep and maintain an account as an electronic wallet or other similar electronic product or service.
  • Covered persons must develop a central database of customer records maintained in their respective head offices or main branches of foreign banks operating in the Philippines.
  • Covered persons must authorize the compliance officer, or any duly authorized officer, or representative, to have direct, immediate, and unimpeded access to the database.
  • Covered persons must ensure compliance with laws related to data privacy, data protection and security when developing their databases, including adopting retrieval procedures.
  • Covered persons must keep required customer records in their respective central databases in forms admissible in court or as the AMLC prescribes.
  • Covered persons must update their Money Laundering and Financing of Terrorism Prevention Program (MLPP) to ensure the duties are properly established, including controls to ensure database confidentiality and prevent tipping-off.
  • The updated MLPP must be approved by the Board of Directors, partners or owners, and dissemination and implementation must be ensured within the period stated in Section 6.

Submission obligations and format of submissions

  • When requested or directed to submit customer records, the compliance officer or any duly authorized officer or representative must submit digitized customer records extracted from the covered person’s central database to the AMLC’s File Transfer and Reporting Facility (FTRF).
  • Submission to the FTRF must use the covered person’s log-on credentials, or such other mode as the AMLC may prescribe.
  • Covered persons must ensure submissions are complete, accurate, timely and secure, consistent with the Implementing Rules and Regulations of the AMLA and other AMLC issuances.

AMLC and supervisory compliance checking

  • The AMLC ensures compliance by covered persons with these Guidelines through compliance checking or other modes it deems appropriate.
  • Supervising authorities and appropriate government agencies are enjoined to ensure covered persons under their supervision or regulation comply by issuing and/or updating their respective circulars or rules and regulations.

Implementation timelines and ongoing monitoring

  • Within six (6) months from effectivity, covered persons must update their MLPP to comply with duties under the Guidelines.
  • Immediately upon effectivity of the updated MLPP—provided it must in no case exceed six (6) months from effectivity of these Guidelines—covered persons must implement digitization of all customer records they will henceforth receive, create or open.
  • Within two (2) years from the expiration of the period in Section 6.a, covered persons must completely digitize all existing customer records and establish the central database accessible to the authorized officers and representatives described in Section 3.c.
  • Implementation runs parallel to updating customer records as part of ongoing monitoring of customers.

Record-keeping compliance preserved

  • Digitization of customer records is required without prejudice to covered persons’ compliance with AMLA record-keeping and retrieval requirements under the AMLA, its Implementing Rules and Regulations, and AMLC resolutions, directives, and other issuances.

Sanctions, penalties, and criminal exposure

  • Non-compliance with the Guidelines subjects the covered person to the administrative sanctions and penalties provided under the AMLC Rules on Imposition of Administrative Sanctions (RIAS).
  • Non-compliance is considered grave violations under the RIAS framework.
  • Breaches of confidentiality of financial investigations constitute criminal offenses under the AMLA and its Implementing Rules and Regulations.
  • The AMLA prohibits any person from disclosing information in relation to a covered or suspicious transaction report, including financial investigations initiated by the AMLC as a result of its analysis of such reports.

RIAS amendment and separability

  • The RIAS is amended to include violations of these Guidelines as grave offenses, subject to the administrative sanctions provided therein.
  • If any provision of the Guidelines or its application is held invalid, the other provisions remain effective.

Effectivity

  • The Guidelines become effective fifteen (15) days after publication in a newspaper of general circulation.

Analyze Cases Smarter, Faster
Jur helps you analyze cases smarter to comprehend faster, building context before diving into full texts. AI-powered analysis, always verify critical details.

About Privacy Terms