A Licensed Person is required to: 1. Issue an effective statement of policies and procedures aimed at preventing money laundering and financing of terrorism and, ensuring full compliance with all regulatory legal requirements, such as the maintenance of records and cooperation with the Regulatory Bodies responsible for compliance with the Anti-Money Laundering and Combating Financing of Terrorism Law and relevant resolutions, and submit those policies to the Authority through the Anti-Money Laundering Unit at the Authority, including the timely disclosure of information. 2. Ensure that all officers, employees – and those who work for it (as consultants) – fully understand the content of these Bylaws, are aware of the requirements and take all precautions to prevent money laundering and terrorism financing. 3. Regularly review the policies and procedures on preventing money laundering and financing of terrorism to ensure their effectiveness, such as reviewing policies and procedures issued by the internal audit unit or Compliance Officer to ensure compliance with them. This review covers the following areas: a. Assessment of the system for detecting any transactions of money laundering and financing of terrorism. b. Evaluation and checking of reports on large or unusual transactions and verify their adequacy. c. Review of the quality of reporting of suspicious transactions. d. Assessment of the level of awareness of client service employees regarding their responsibilities. 4. Apply client acceptance policies and procedures and undertake client due diligence measures as set out in the Articles from (3-1) to (3-21) of Chapter Three, including taking into consideration risk of money laundering and financing of terrorism depending on the type of client, transactions and business relationship, geographic locations and products and delivery channels. 5. Assess their risk of money laundering and financing of terrorism, including risks of new products and technologies. The risk assessment and any underlying information shall be documented in writing, kept up-to-date and readily available for the Authority upon request. 6. Put in place processes to identify, monitor, manage and mitigate money laundering and terrorism financing risks, giving consideration to: a. Risk client. b. Risks related to countries and geographical areas in which clients operate or the place of origination or destinations of transactions. c. Risks related to the nature of products and services offered. d. Risks related to the delivery channels for products and services. In case there are factors indicating that there are high risks, the Licensed Person should apply enhanced client due diligence measures must be identified and include for instance the following: 1. Client risk factors: a. The client’s profile and background. b. The nature of the client’s business and degree of money laundering and terrorism financing risk. c. A business relationship conducted in unusual circumstances. d. Non-resident clients. e. Legal person or arrangements that manage the assets of third parties. f. Companies that have nominee shareholders or Shares in bearer form. g. Activities which are cash-intensive or susceptible to money laundering or terrorism financing. h. The ownership structure of the company that appears unusual or excessively complex with no visible economic or lawful purpose given the nature of the company’s business. i. Business relationships and transactions conducted other than “face to face”. j. Business relationships conducted in or with countries as identified in item (2) below. k. High-risk Politically Exposed Persons (“PEPs”) or clients linked to a PEP. l. High net worth clients, or clients whose source of income or assets is unclear. m. Means and type of payment. In this case, the Licensed Person must strictly verify whether the amount given by the client to be deposited in his account is drawn on another person with no apparent connection with the client. 2. Country or geographic risk factors: a. Countries classified by credible sources, such as mutual evaluation reports or published follow-up reports, as not having adequate anti-money laundering and combating terrorism financing systems. b. Countries identified by the Kuwait Financial Intelligence Unit as high risk. c. Countries subject to sanctions, embargos or similar measures issued by the United Nations for example. d. Countries classified by credible sources as having significant levels of corruption or other criminal activity. e. Countries or geographic areas classified by credible sources as providing funding or support for terrorist activities, or that have designated terrorist organizations operating within their territories. f. Place of establishment of the client’s business and location of the counterparties (correspondent party) which the client does business with, especially if the place of establishment or the location is in a country designated by the FATF or a country known to the Licensed Person as not applying adequate and sufficient anti-money laundering and combating financing of terrorism standards. 3. Product, service, transaction or delivery channel risk factors: a. Anonymous transactions (which may include cash). b. Business relationships or transactions conducted with clients that are not physically present for the purpose of identification. c. Payment received from unknown or un-associated third parties. 7. Licensed Persons shall adopt the following measures to mitigate the money laundering and financing of terrorism risks: a. Assessing the various risk factors; b. Obtaining additional information on the client, beneficial owner, beneficiary and transaction; c. Establishing a risk profile on clients and transactions d. Applying enhanced client due diligence to high risk clients; e. Updating more regularly the information on all clients; f. Adopting other measures as may be prescribed by the Authority or the Kuwait Financial Intelligence Unit. 8. Develop mechanisms to exchange available information and protect confidentiality of information with financial institutions, domestic and foreign branches and Subsidiaries.