Title: Regulations Concerning Anti-Money Laundering and Counter Terrorist Financing No. (C .M .A. /S .S. /I.C/4/2013)

---

Introduction:

Based on Law No. 7 of the year 2010 concerning the Establishment of Capital Markets Authority and Regulating Securities Activities, and articles from its Executive Bylaws related to money laundering and terrorist financing, and the Law No . (106) of the year 2013 concerning anti-money laundering and counter terrorist financing, and the international legislations issued in this concern,

 

The objectives of these regulations are that all licensed and registered persons must comply fully with the controls and procedures stated in this regulation, to ensure the following:

 

• The credibility, integrity and reputation of the capital markets are maintained.

 

• Licensed Persons and their clients are protected from illegal transactions involving money laundering, terrorist financing or other criminal activity.

 

First: Definitions:

With consideration of the definitions mentioned in the Capital Markets Authority Law No. 7 of 2010 and its Executive Bylaws, and the definitions mentioned in Law No. 106 of the year 2013, the following expressions and terms shall have the meaning they bear as follows unless the contrary intention appears:

 

Authority	Capital Markets Authority
The law of Anti-Money Laundering and Counter Terrorist Financing	The Law No. 106 of the year 2013 concerning anti-money laundering and counter terrorist financing and its Executive Bylaw.
Unit	Kuwaiti Financial Investigations Unit
Supervisory Entities	Entities responsible for ensuring that financial institutions, and non-financial businesses comply with the provisions of this Law, including the Central Bank of Kuwait, the Capital Markets Authority, the Ministry of Commerce and Industry, and any other entity mentioned in the Executive Bylaw of the anti-money laundering and counter terrorist financing law.
Competent Entities	All the public authorities in Kuwait responsible for anti-money laundering and counter terrorist financing including the Unit and the supervisory entities, as well as the Public Authority for Customs and the Ministry of Interiors.
Account	Any facilities or arrangement pursuant to which a financial institution shall accept deposits or cash , or tradable financial instruments , or allow for transactions as withdrawal , or transfer , or payment of checks, or payment orders drafted to a financial institution or another person or the collection of checks and payment orders or bank wire transfer or traveler's checks or electronic monies on behalf of a certain person , or providing facilities or arrangements for renting safe boxes , or any other sort of secure deposit .
Funds	Any type of assets or properties ,  either cash money , financial securities or commercial papers  , or fixed properties or movable ones , whether material or non-material , and all relevant rights thereto - regardless of the method of obtaining them - in addition to the legal evidence papers and instruments regardless of their form , including the electronic and digital form , bank facilities , checks , payment orders , securities , bonds and bills , and letters of guarantee , whether inside the State of Kuwait or abroad .
The Person	The natural and legal person.
Actual Beneficial Owner	Any natural person owning, or having – direct or indirect – final control over the client or the person on behalf of whom the transaction is being processed, and who has final and actual control over a legal person or legal arrangement.
Business Relationship	Any business, professional or commercial relationship related to other business activities of one financial institution and the specified non-financial businesses and professions, which is expected to be on ongoing bases.
Client	Any person performing any of the following transactions with one of the financial institutions or one of the specified businesses and professions : The person, for whom a transaction is arranged, implemented or a business relationship is started or an account is opened. The person – or the person participating in - signing a transaction, a business relationship or an account. Any person for whom an account is assigned or transferred, or for whom any rights or obligations are assigned or transferred pursuant to a certain transaction. Any person allowed to perform a transaction or to have control on any business relationship or an account. Any person who commenced to take any of the actions mentioned above.
Other Licensed Person	A non-Kuwaiti licensed person, or investment company or financial services company.
Non-Profit Entities or Organizations:	Any legal person (entity or organization) who primarily engages in raising/collecting donation and/or distributing funds for non-profit purposes.
Politically Exposed Persons (PEPs)	Any person who – after having a business relationship – occupied or is actively seeking   or is nominated to  senior public position in a foreign country such as senior politicians , senior executives in government , judicial and military personnel , senior executives in state owned companies,  and political parties members, and members of royal/ruling families . This definition includes the family members of the concerned person and close associates, collectively known as Related Individuals. Immediate family is typically defined as any known individual who is a member of the PEP's immediate family (  the spouse , the parents , the children , sisters and brothers  ) , Close associate is defined as any individual who is a partner or a senior advisor or an agent of the PEP
Terrorist Act	Any action or attempted action in the State of Kuwait or any other place , which is committed in any of the following cases: If the action is aiming at killing a civilian person, or severely injuring him, or any other person not participating in hostile violence acts, in case of military/armed conflict, when the purpose of such act, by nature or context, directed to terrifying people/residents or forcing any government or an international organization to perform any action, or refrain from performing any action. If the action forms a crime  mentioned in the definitions  mentioned in the following international agreements or protocols : Convention for the Suppression of Unlawful highjacks of Aircrafts (1970) agreed upon via the decree bylaw No. (19) of 1979. Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation (1975) agreed upon via the decree bylaw No. (62) of 1979 . Convention on the Prevention of Crimes against Internationally Protected Persons and Punishment thereof (1973) agreed upon via the decree bylaw No. (72) of 1988 . The international convention against taking hostages (1971) agreed upon via the decree bylaw No. (73) of 1988 . Protocol for the Suppression of Unlawful Acts of Violence at Airports Serving International Civil Aviation, agreed upon via the decree bylaw No. (71) of 1988 following the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation (1988) agreed upon via the decree bylaw No . (6) of 1994 . Convention of the suppression of the unlawful acts directed against the safety of maritime navigation (1988) agreed upon via the decree by law No. (15) of 2003 . Protocol for the Suppression of Unlawful Acts against the Safety of Fixed Platforms Located on the Continental Shelf (1988) agreed upon via the law No. (16) of 2003 . International Convention on the Physical Protection of Nuclear Material (1980) agreed upon via the law No. (12) of 2004 . International Convention for the Suppression of Terrorist Bombings (1977) agreed upon via the law No. (27) of 2004 . Any other international agreement or protocol relevant to terrorism or terrorist financing, as endorsed by the State of Kuwait, and published in the Official Gazette.
The Terrorist	Any natural person – whether in Kuwait or abroad – who does any of the following : Commits a terrorist act pursuant to the provisions of the law of anti-money laundering and counter terrorist financing, either directly or indirectly. Participated in a terrorist act. Plan for committing a terrorist act, or directing other people to commit the same. Participating deliberately in committing a terrorist act by a person or a group of persons working for a mutual purpose, for the expansion of the circle of the terrorist act, knowing of the intention of that person or group of person to commit such terrorist act.
Terrorist Organization	Any group of terrorists – whether in the State of Kuwait or abroad – who perform any of the acts mentioned in the above mentioned definition.
Money laundering	It is considered to be a money laundering  if the money is a proceed from a crime and the following actions deliberately done  : Transferring or moving or replacing such funds with the intention of hiding or disguising the illegal source of such funds, or helping any person participating in the original crime from which the fund was obtained to escape from the legal consequences of his action. Hiding or disguising the real nature of the fund or its source or place or the method of  using it or its movement or ownership or the rights related to it Gaining the funds, or possessing or using them. The legal person shall be considered as responsible for the said crime if it was committed under his name or on behalf of his account. The punishment of a person for the original crime shall not prevent the punishment for committing any of money laundering crimes. When funds are proved to have been a proceed from a crime, it is not necessary that the person was condemned of committing the original crime.
Terrorist Financing	It is considered as terrorist financing when a person committed, or initiated, directly or indirectly, with his free will, and illegally provided or collected fund with the intention of using such funds in committing a terrorist act or knowing that it will be partially or totally used for such action or for the interest of a terrorist organization or for the interest of a terrorist person. Any of the actions mentioned in the previous paragraph shall be considered as a crime of terrorist financing, even if the terrorist act did not take place, or even if the funds were not really used for implementing or attempting to implement such a terrorist act, or are connected to a particular terrorist act, regardless of the country in which the attempt to implement the terrorist act took place.
Electronic Transfer	A financial transaction performed by a financial institution on behalf of the transfer order , during which an amount of money is delivered to a beneficiary person in another financial institution , regardless if the transfer order and the beneficiary are the same person .
Compliance Officer	An employee to be appointed  from the senior management as a controller to be in charge for applying the requirements of the anti-money laundering and counter terrorist financing law , and the regulations issued from Capital Markets Authority in this regard , as well as other relevant legal and regulatory requirements .
Reporting	A notification from the licensed person to the Kuwaiti Financial Investigation Unit and the Capital Markets Authority of any suspicious transaction, including submitting a report on this kind of transactions.
Financial Action Task Force (  FATF  )	Financial Action Task Force concerned with anti-money laundering and terrorist financing  (  FATF  )
Provisional Ban	Provisional ban on transferring, exchanging, disposing with or moving funds and proceeds or attaching the same pursuant to an order by a court or a competent authority

 

Second: General Principles:

1. The licensed person must, in establishing policies and procedures to prevent money laundering and terrorist financing, consider carefully the specific nature of its business, organizational structure, type of client and transaction, and shall ensure that the measures taken by it are adequate and appropriate to meet the requirements and general objectives set out in these Regulations

 

1. International legislations related to combating money laundering and terrorist financing require to establish procedures and rules to combat money laundering and terrorist, therefore the licensed Person is required to establish systems, controls and procedures aimed at preventing money laundering and terrorist financing, including procedures for reporting suspected money laundering or terrorist financing transactions. Senior management of licensed Person is responsible for effectively managing the risks facing the business, including the risks of money laundering and terrorist financing. Senior management must therefore be fully committed to establishing appropriate and effective policies and procedures for the prevention of money laundering and terrorist financing and to ensuring compliance with those policies and with all relevant legal and regulatory requirements. To ensure this, a compliance officer from senior management must be appointed with direct responsibility for over-sighting compliance with the AML/CFT policies and procedures and relevant legal and regulatory requirements, and to be responsible of reporting to the Unit and CMA about any suspected money laundering or terrorist financing, based on these regulations.

 

1. The licensed person has to abide by the following :
   1. Issue an effective  statement of policies and procedures aimed at preventing money laundering and terrorist financing and  ensuring compliance with current legal and regulatory requirements , including  maintenance of records , and co-operation with the  supervisory entities in charge of implementing law of anti-money laundering and  counter terrorist financing and its Executive Bylaw , and submit these polices to Capital Markets Authority  through the anti-money laundering  department in the Capital Markets Authority, including the timely disclosure of information .

 

2. Ensure that the content of these Regulations is understood by all officers and employees – and who work for him (as Advisors) - and that they are aware of the requirements and vigilant in guarding against money laundering and terrorist financing.

 

3. Regularly review the policies and procedures on prevention of money laundering and terrorist financing to ensure their effectiveness.  For example, reviews performed by the internal audit or compliance officer to ensure compliance with policies, procedures and controls relating to prevention of money laundering and terrorist financing. Areas of review shall include:

 

1. An assessment of the system for detecting suspected money laundering and terrorist financing transactions.
2. Evaluation and checking of the adequacy of reports generated on large and/or irregular transactions.
3. .Review of the quality of reporting of suspicious transactions/
4. An assessment of the level of the awareness of front line staff regarding their responsibilities.

 

5.  Adopt a client acceptance policies and procedures, and undertake required Customer Due Diligence (CDD) measures as set out in Parts "fifthly", "Sixthly ", " Seventhly ", "Eighthly" in these regulations, including taking into account the risk of money laundering and terrorist financing depending on the type of client, business relationship or transaction.

 

6. Evaluate the risks of money laundering and terrorist financing including those related to the development of new products and technologies.  It should also maintain the study of risk management and their relevant information in a written form, update them regularly, and make them available for Capital Markets Authority upon request.

 

7. Developing techniques for exchanging available information, and maintaining their secrecy, with financial institutions, their local and overseas branches, and their subsidiaries companies.

 

Third: Application of Policies and Procedures to Overseas Branches and Subsidiaries of the Licensed Person outside State of Kuwait:

1. The licensed person must ensure that its overseas branches and majority-owned subsidiaries (“subsidiaries”) comply with the laws and regulations of Kuwait concerning money laundering and terrorist financing, and the FATF Recommendations, to the extent that the laws and regulations applicable in the host country permit.

 

2. The licensed person shall pay particular attention to the application of paragraph (1) of this part (Third) in its branches and subsidiaries which are located in countries that do not or insufficiently implement the FATF’s Recommendations including jurisdictions designated as such by the FATF.

 

3.  Where the minimum AML/CFT requirements of the state of Kuwait and host countries differ, branches and subsidiaries in host countries shall apply the higher standard, to the extent that host country laws and regulations permit. Where the law of the host country conflicts with Kuwaiti law or regulations such that the overseas branch or subsidiary is unable to fully observe the higher standard, the Authorized Person’s head office shall report this to the Authority and comply with such further directions as may be given by it.

 

4. If an overseas branch or subsidiary is unable to observe group standards because this is prohibited by host country laws, regulations or other measures, the licensed person shall inform the Capital Markets Authority immediately.

 

 

Fourth: Cash Payments:

At no time shall the licensed person accept dealings in liquid cash from a client whether for investment purposes or as payment for services provided to the client, whether at the commencement of or during a business relationship.

 

Fifth: Client Acceptance:

For the purpose of applying these regulations, and before accepting any client, the licensed person must prepare a “know your customer” form, including as a minimum the information mentioned in parts “sixth” and “seventh” of these regulations.

 

Sixth:  Conditions Related to Client Acceptance:

1. The licensed person must develop client acceptance policies and procedures that aim at identifying the types of clients that are likely to pose a higher risk of money laundering and terrorist financing.  A more extensive customer due diligence process must be adopted for high risk clients, and this must include clear internal policies on the approval of a business relationship with such clients. Also this is applied for Politically Exposed Person.

 

2. In determining whether a particular client or type of clients may be of a high risk, Authorized Person must take into account factors such as the following:
   1. Risk factors related to clients :
      1.  The background or profile of the client.
      2. The nature of the client's business and the degree of money laundering or terrorist financing risks.
      3. Business relations taking place in extraordinary conditions.
      4.  Nonresident clients in the country.
      5. Legal person or legal form managing assets of others.
      6. Companies that has nominal shareholders or bearer shares.
      7. Activities dealing in cash or those subject to the risks of money laundering and terrorist financing.
      8. Extraordinary or complex ownership structure of the company with no clear or specific economic or legal purposes compared to the nature of its activity.
      9. Business relationships and transactions that are not taking place in the attendance of the client personally.
      10. Business relationships with the countries specified in item (B) below.
      11. Politically exposed persons, and related persons.
      12. Clients who own immense assets or those whose income source or assets are not clear.
      13. Means of payment as well as type of payment (third party checks the drawer of which has no apparent connection with the prospective client may be a cause for increased scrutiny)

 

2. Geographic Risk Factor , or those Related to Countries :

1. Countries classified by reliable sources: like mutual evaluation reports or published follow up reports, for countries in which there are no sufficient regulations for anti-money laundering and counter terrorist financing.

 

2. Countries classified by the Unit as high risk countries.

 

3. Countries under sanctions, or banning or similar actions, issued, for example, by the United Nations.

 

4. Countries classified by reliable sources as countries of high levels of corruption or other criminal activities.

 

5. Countries or geographical areas classified by reliable sources as countries offering finance or support to terrorist activities or where there are specific terrorist organizations operating.

 

6. Place of establishment of the client’s business and location of the counterparties with which the client does business, such as countries designated by the FATF or those known to the authorized person to lack proper standards in the prevention of money laundering or terrorist financing.

 

3. Risk Factors Relevant to Products, Services, Transactions , or Serving Channels :

 

1. Unknown transactions (that may include cash payments).
2. Business relationships or transactions that are performed with a client who is not attending in person for the purpose of verification of identity.
3. Payments received from other unknown party or has no relation with the receiving party.

 

3. The licensed person must reconsider the risk categorization of a client if, following acceptance of the client, the pattern of account activity of the client does not fit in with the authorized person’s knowledge of the client. Authorized Person must also consider reporting any suspicious transactions.

 

4. With the exception of the cases of item “thirteen” and “fifteen” of these Regulations, the licensed person must not accept any client or opening an account for any client without meeting the client directly face to face.

 

Seventh: General Provisions for Client Due Diligence (CDD):

1. The licensed person must take all the necessary procedures to establish the true and full identity of each client, and of each client's financial position, and investment objectives.  In all cases, licensed person is not permitted to open anonymous accounts, accounts using false or fictitious names, or accounts for prohibited persons notified by the Capital Markets Authority.

 

1. The licensed person must apply customer due diligence procedures upon all clients. This requires the licensed person to take the following steps :

 

1.  Identify the client, and verify their identity using the original documents, prescribed in the paragraph “4” of this article. This also applies to all the persons with signatory authority over the account.
2. Identify and verify client's ownership and control structure.
3. Identify and verify beneficial ownership and control using the original documents.
4. Obtain information on the purpose and intended nature of the business relationship, depending on the type of client, business relationship and the transaction, such that ongoing due diligence on the client can be appropriately conducted.

 

5.   Ensure applying ongoing due diligence and scrutiny, i.e. perform ongoing scrutiny of the transactions and account throughout the course of the business relationship to ensure that the transactions being conducted are consistent with the licensed person’s knowledge of the client, the client’s profile, taking into account, where necessary, the client’s source of funds.

 

1. The licensed person must apply the specific requirements of due diligence toward the client, as specified in article "twelfth" of these regulations concerning investment funds.

 

1. The licensed person must , upon verification of the client identity  and any  beneficial owners , check the valid original documents as follows :

 

1.  Natural Persons :

• Kuwaiti Citizens

- Civil ID.

- The client’s residential address & place of work and work address.

 

• GCC Citizens , Resident Expats , Non-Resident Expats :
  • National ID of the GCC citizens, Civil ID of the Expats and residents, and official documents for the non-residents. As for diplomats, civil ID or diplomatic ID.

 

• Proof of the person’s address, residence address, and work address.

 

2. Legal Persons :

For all clients that are legal persons, licensed person must obtain sufficient information about the nature of the business and its ownership and control structure that it can identify the individual(s) that ultimately own(s) or control(s) the client. Specimen signatures shall be obtained for all account signatories

 

• Companies :

• A Copy of the commercial register as issued from the competent authorities.
• A Copy of the Articles of Association of the company, its exhibits, or the Memorandum of Association and its exhibits and any amendments.
• A Copy of the civil ID, and the official work ID of the manager in charge.
• A Copy of the resolution issued of appointing the Board of Directors.
• A Copy of the resolution of the Board of Directors concerning the approval of opening the account, and conferring authorization on the signatories.
• A list of the persons who are  qualified to deal with the accounts ,  pursuant to what is provided for in the commercial register , and copies of their IDs .
• A list of all company's owners whose names are included in the Memorandum of Association. However, listed companies in Kuwait Stock Exchange market are exempted from this provision, but in this case a list of major shareholders – as defined in disclosure requirements – should be submitted to the CMA.
• If the company has activities that require license from another governmental authority, a copy of that license is required.

 

• Non-Profit Organizations and Entities:

• A Copy of the license issued by the relevant government authority.
• A Copy of the resolution of the Board of Directors  evidencing the approval of the  open of the account , in addition to a copy of the Articles of Association .
• The Authorization issued from the Board of Directors to the persons who will open the account, deal on it and operate it, in addition to a copy of the ID of each of them.
•  

 

• Government Entities:

• A Copy of all the required documents in accordance with its system and organization regulatory.

 

If the client is a legal person different from the types set out in the sub paragraph (  b  ) of paragraph (  4  ) of this item , the licensed person should apply all the requirements stipulated in the due diligence procedures for the clients mentioned above as a minimum limit .

 

1. For all clients, the identity of a prospective client shall be verified face to face at an authorized person before an account is opened or a business relationship is commenced. In case the client did not come  personally, the licensed person should take the following procedures :

 

1. Authentication of the documents in accordance with relevant laws and procedures.
2. Request any additional documents and establish independent procedures to verify the identity of the client, and/or contact the client.

 

1. In case there is doubt or difficulty in determining whether the document obtained to verify identity is genuine, licensed person must not open the account, and take into consideration the need to notify of any suspected transaction.

 

1. The licensed person must retain copies of all the documents used for verifying the identity of the client pursuant to the provisions of item "eighteen" of these regulations.

 

1. For the purpose of assisting the licensed person in identifying the  beneficial owner of an account , the licensed person  must when establishing a business relationship with the client , ask whether the client is acting for himself or for the interest of another party or other parties , by obtaining a certificate signed by the client (  upon establishing the business relationship  ) stating that the client is the actual beneficiary of the account or from any other sources the licensed person deems necessary .
2. The licensed person must identify the purpose, and intended nature of the business relationship, or transaction with the client. It may be necessary to obtain additional information about the client that include all or some of the following information :

• Register of changing the address.
• Copies of financial statements.
• Any relation between the actual beneficial owners and the signatory authorized person on the account
• The anticipated level and the nature of the commercial activity that is to be undertaken through the relationship.

 

1. The licensed person must, in case of performing transactions with a company which is registered outside Kuwait via an aggregate account, or for the interest of clients through a specific account, to oblige the registered company to provide a written undertaking stating that the identities of included clients were verified in accordance with its local procedures, which should be consistent with those applied in Kuwait, and in cases where such undertaking is difficult to be obtained , the transaction should not be performed .

 

Moreover, the licensed person should perform the due diligence procedures mentioned above pursuant to the following:

 

• Before, and during opening the account or establishing the business relationship with the client.
• Before performing any transaction that exceed the specified limit in the Executive Bylaw of  the anti-money laundering  and  counter terrorist financing , for a client that does not have a previous relationship , whether such transaction is single or a serious of continuous transactions .
• Before performing any electronic transaction for the interest of the client, whether such transaction is local or international.
• Upon suspecting any money laundry or terrorist financing operations.
• Upon suspecting the validity or sufficiency of the client identification details previously obtained.

 

Eighth:  Risk Based Approach – Reduced and Enhanced Client Due Diligence:

1. All clients are subject to the full range of due diligence, measures on the basis of materiality and risk. The only exception to this rule is, that on the basis of the lower risk, and the fact that information on the identity of the client and beneficial owners is publicly available, authorized person may perform reduced CDD measures on a client that is a company listed on the securities exchange of a country sufficiently implement the FATF’s Recommendations, or is a subsidiary of such a listed company. In such a case, only the requirements of part "Seventh" paragraphs (2), (a), (e) and (f) need be carried out. However, where such a listed company is closely held i.e. subject to the beneficial ownership/control of an individual or a small group of individuals, an authorized person shall carefully review the AML/CFT risks and consider whether it is necessary to verify the identity of such individual(s).
2. The licensed person must adopt an enhanced client due diligence process referred to in these regulations for high risk type of clients, business relationships or transactions. The relevant enhanced CDD process may vary from case to case depending on clients’ background, transaction types and specific circumstances. Authorized person must exercise its own judgment and adopt a flexible approach when applying the specific enhanced CDD measures to clients of particular high risk types.
3. The licensed person must establish clearly in  its  client acceptance policies the risk factors for determining what types of clients and activities  are to be considered as high  while recognizing that no policy can be exhaustive in setting out all risk factors that must be considered in every possible situation, such risk factors must include client risk, country, geographic risk and product/service risk.
4. In assessing whether or not a country sufficiently applies the FATF standards in combating money laundering and terrorist financing, licensed person must do the following :
   1. Carry an assessment of the standards of prevention of money laundering and terrorist financing.  This could be based on authorized person’s knowledge and experience of the country concerned or be acquired from relevant authority. The higher the risk, the greater the due diligence measures that must be applied when undertaking business with a client from the country concerned.
   2. Taking into consideration the reports evaluating the level of compliance of that country with the recommendations of the Financial Action Task Force (FATF), that have been undertaken by the FATF, FATF-style regional bodies or international organizations like the International Monetary Fund, or the World Bank .
   3.  Maintain an appropriate degree of ongoing vigilance concerning money laundering and terrorist financing risks and taking into considerations the information available for the licensed person about the level of anti-money laundering and terrorist financing in the concerned country in which any of its clients operate his/her business.

 

1. Taking into considerations the risk factors  set out in  paragraph (  3  ) of this part (  eighth  ) , any of the following shall be considered as part of the high-risk types of clients:

 

1.  Complex legal arrangements that have no apparent legal or economic purpose.
2. Any person (including other financial companies and organizations) from or in any country that does not insufficiently apply the FATF's recommendations, for example the countries specified by FATF as not applying such recommendations.
3.  Politically exposed persons.

 

1. The licensed person must perform the highest level of due diligence toward any client of high-risk. Among these procedures the licensed person should consider are the following as minimum:
   1. Obtaining declarations in writing from the beneficial owners about the identity of, and the relationship with the directors and substantial shareholders owners about the identity of, and the relationship with the directors and substantial shareholders
   2. Obtaining comprehensive client profile information, e.g. extra information on the purpose and reasons for opening the account, business or employment background, source of funds and anticipated account activity
   3. . Assigning designated staff to serve the client and those staff must conduct CDD and more frequent ongoing monitoring, in order to ensure that any unusual or suspicious transactions are identified on a timely basis.
   4. Conducting face to face meetings with senior management of the client on regular basis throughout the business relationship.
   5. Obtaining the approval of the senior management of the licensed person upon opening the account.

 

 

Ninth:  Politically Exposed Persons (PEP):

1. The licensed person shall have a risk management system in place to identify whether the client or the potential client or the actual beneficial owner is politically exposed persons (PEP). The licensed person should consider such accounts as high risk ones and licensed person shall conduct enhanced ongoing monitoring of such accounts.
2. The opening or continued operation of an account for a PEP must be approved by senior management of the authorized person pursuant to this part.
3. If the licensed person accepted a client, and that such client or the actual beneficial owner is subsequently found to be, or subsequently becomes a Politically Exposed Person, the approval of the senior management of the licensed person should be obtained to continue such business relationship.
4. The licensed person should take measures for identifying the source of the wealth and source of fund of PEPs, or any person who has relation with them, who might be a client or actual beneficial owners. 

 

Tenth: Non-Profit Entities and Organizations:

The licensed person  shall have in place policies , procedures , and controls to  comply with  requirements of opening and handling of accounts and  transactions  for non-profit organizations and entities, the following requirements shall be observed when dealing with accounts of such entities and organizations , :

1.  Non-profit entities and organizations must have an official license issued from the relevant governmental authorities, specifying their purposes and activities.
2. Apply enhanced due diligence procedures upon dealing with them.

 

Eleventh: Cases Where the Licensed Person Should Apply Client Due Diligence:

1. The licensed person should apply the necessary due diligence procedures in any of the following cases :

 

1. Opening an account or establishing a business relationship.
2. Suspecting any money laundering or terrorist financing operation.
3.  Doubting the veracity of any data, information, or documents obtained from the client for verifying his/her identity.

 

1. The licensed person should verify the identity of the client, or potential client, and the actual beneficial owner before and during the course of establishing the business relationship. If the licensed person is unable to perform the necessary due diligence process toward the client, to the satisfactory level, during the phase of opening the account, he should terminate the business relationship and not perform any transaction for that client, and should report any suspicious transaction.

 

Twelfth: Investment Funds:

1. If the licensed person is act for a client who is investing in an investment fund, licensed person must carry out CDD on the client and shall comply with the other requirements of these Regulations unless the client was another licensed person, in such case it is not necessary to identify and verify the identity of the actual beneficial owners that are investing through the other licensed person, provided the requirements of paragraph (2) of this part are satisfied.

 

1. The licensed person must ensure that the another licensed person is :

 

1. Licensed and supervised by a competent and supervisory entity.
2. Is based in a jurisdiction that applies the FATF recommendations.
3. IS applying, as a minimum, requirements for AML/CFT (including measures for CDD and identification of beneficial owners) that are consistent with the requirements of these Regulations and of the FATF Recommendations.

 

4.  Has entered into an agreement with the licensed person agreeing that upon the request of the authorized person or the Authority, the counterparty will provide any information requested regarding the beneficial owners.

 

Thirteenth:  Reliance on other Third parties for CDD:

1. This part refers to any third party that introduces clients to the licensed person and performs the client identification and verification. For the purposes of applying this part, the third party has to be either a bank or a financial organization that engages in securities activities that is approved from the Capital Markets Authority.
2. The licensed person may rely on a third party to apply the requirements of the sub paragraphs (  a ,b , and c  ) of the client due diligence measures  stated in paragraph (  2  ) of the part "seventh" of these regulations , provided that the measures set out in this part "thirteen"  are met . In all cases, the ultimate responsibility of client identification and verification always remains with the authorized person and not with the third party with application of the requirements set out in paragraph (5) of part "seventh".
3. The licensed person can only rely on third parties to perform client due diligence if the client is located in a country other than State of Kuwait.
4.  Prior to reliance on a third party , the licensed person must satisfy itself that it is reasonable to rely on a third party to apply the CDD and that the CDD measures are as rigorous as those which the authorized person would have conducted itself for the client. Authorized Persons must establish clear policies in order to determine whether the third party in question possesses an acceptable level of reliability.
5. Upon relying on a third party , the licensed person has to perform the following :

 

1. Obtaining copies of the client due diligence documentation and information as required by the sub paragraphs (a, b and c) of paragraph (2) of part "seventh" of these regulations, including the information referred to in part "fifth" thereof.
2. Taking the adequate steps to verify that the third party provided copies of the relevant documentation and information relating to client due diligence requirements  upon request immediately, such as establishing their respective responsibilities in writing, including reaching an agreement with the third party that copies of other relevant documentation relating to the CDD requirements will be made available from the third party upon request immediately and the authorized person will be permitted to verify the CDD undertaken by the third party at any stage.
3. Ensure that the third party is licensed, and subject to supervision and control by a competent and supervisory entity, and has measures in place to comply with CDD and record keeping requirements in line with these regulations and the FATF recommendations.

 

1. The licensed person should conduct quarterly reviews to verify that a third party upon which it relies, continues to conform to the criteria set out in this part "thirteen", which may include revising the relevant policies and procedures, and sample checks of the due diligence conducted.
2. The licensed person must not rely on a third party in a high-risk country like the countries that have no or adequate systems of anti-money laundering and terrorist financing.

 

 

Fourteenth: Acquisition:

Upon practicing full or partial acquisition of a financial institution in a foreign country, the licensed person should ensure that the acquired financial institution has or will apply client due diligence measures consistent with the requirements in these Regulations at the time of acquisition, according to the following:

 

1. Verifying that the acquired institutions apply the client due diligence measures for all clients, including the information related to the client’s data , to  guarantee that the licensed person  has no doubt or concerns about  the  veracity or adequacy of the procedures and information available to him .

 

1. The licensed person has conducted due diligence enquiries to ensure the adequacy of AML/CFT procedures and controls previously adopted by the other financial institution.

 

 

Fifteenth: Non Face to Face Business Relationship:

1. The licensed person must take into consideration the risks and threats of money-laundering and terrorist financing that might result from the misuse of new or developing technologies, and should set internal policies and procedures to prevent such risks.

 

1. The licensed person should set internal policies and procedures in a way that addresses the specific risks associated with non-face to face business relationships and transactions. The licensed person should deal with any risks related to the application of specific and effective measures during the period of business relationship and as a part of ongoing client due diligence.

 

 

Sixteenth:  Ongoing Client Due Diligence and Unusual Transactions:

1. The licensed person must monitor the business relationship with his clients on  an ongoing basis , and licensed person must during the course of such relationships, ensure that the transactions are consistent with the authorized person’s knowledge of the client, its business and risk profile and the source of funds.
2. The licensed person should pay attention and verify all complex, large transactions and all unusual patterns of transactions which have no apparent economic or visible lawful purpose.
3. The licensed person shall pay attention and should verify all business relationship with clients or with financial institutions from countries that do not or insufficiently apply the FATF's recommendations. where the Capital Markets Authority advises the licensed person that  such countries continue to not or insufficiently apply the FATF’s Recommendations, authorized person shall treat all business relationships and transactions as high risk ones and shall apply the measures set out in paragraph (6) of part (eighth) of these Regulations.
4. The licensed person should obtain enough information about all transactions and their nature, including reviewing transactions that have no economic or visible legal purpose, the findings established in writing and those findings must be retained for at least 10 years and be made available to the Authority, and internal and external auditors if requested.

 

Seventeenth: Reviewing and Updating Records:

 Identification data collected under the CDD process must be kept up-to-date, accurate and relevant. Authorized Person must undertake annual or ad hoc reviews of existing records, particularly for high risk categories of clients or business relationships, when appropriate trigger events occur. Examples of trigger events that might prompt an authorized person to seek appropriate updated information include:

 

• A request from a current client to open a new account, or to establish a new business relationship, or significantly alter the nature of current relationship with him.
• The existence of , transaction that is unusual or not in line with the client’s normal trading pattern based on the authorized person’s knowledge of the client..
• The licensed person is not satisfied that the available information about the client is sufficient, or has doubts about the veracity or adequacy of previously obtained information.

 

 

Eighteenth: Record Keeping Requirements:

1. The licensed person shall ensure to comply with the record keeping requirements set out in these regulations and any other relevant rules or regulations issued by the Capital Markets Authority. The licensed person should also keep a record of all client identification data, and other information and documents obtained, as well as accounts files, the client correspondences, in addition to all transactions record.
2. The licensed person should keep enough registers/records to permit reconstructions of individual transactions, including the amounts paid, and the types of currencies used, so as to provide if necessary, evidences for prosecution of the criminal activity.
3. The licensed person should keep the information related to the accounts of the clients , particularly the following :

 

1. Details of the client, and the actual beneficial owner(s), or actual beneficiaries of the account (if any) and any other client due diligence information required.
2. Details of the account, including the volume of the funds flowing through it.
3. Specifying the source of money , and the form in which funds are provided or withdrawn , such as checks, transfers, the identity of the person performing such transaction , the destination of the funds, and the form of instructions  and authorization.

 

1. The licensed person shall ensure that all client and transactions records and information are available on a timely basis to the Capital Markets Authority.
2. The licensed person should maintain a record of all the local and international transactions , whether they were actually executed or were attempted to be executed, for at least ten years as of the date of the transaction, provided that such records are detailed enough to allow for restoring the steps of each transaction separately.
3. The licensed person should keep all the registers/records of the client due diligence, and business correspondence, for at least ten years after the account is closed.
4. The licensed person should keep the risk assessment and any relevant information for at least ten years of the date of the assessment or its updates.
5. In situations where the records relate to on-going investigations or where records relate to transactions which have been the subject of a suspicious transaction report, they shall be retained until it is confirmed that the case has been closed even if this is still ongoing after 10 years.
6. The licensed person may keep the original or copies of the documents in an electronic form, provided such form is admissible as evidence in a court of law.

 

Nineteenth:  Suspicious Transaction Report:

1. The licensed person should immediately inform the UNIT of any complex, huge or unusual transaction, or raises doubt and suspicions concerning its nature and purpose, or is related to money laundering or terrorist financing, terrorist's acts or terrorist organizations, and to provide a copy of the suspicious transactions report to the AML department at the Capital Markets Authority.
2. The licensed person should submit a detailed report with the notification submitted to the UNIT, including all the data and information about the suspicious transactions, and relevant parties. Such report should include the following as a minimum :

 

1.  Account statements for a period of six months.
2. Copies of all documents of opening the account.
3. Any data related to the nature of the reported transactions.
4. Indications and justifications of the suspicious, accompanied by all supporting documents.

 

1.  Suspicious transactions must be reported, regardless of their relation to previously reported transactions performed by the same client, to the UNIIT.

 

1. The licensed person should appoint compliance officer from the senior management, to be responsible for applying all the requirements of anti-money laundering and terrorist financing law and any other relevant laws, as well as comply with all the requirements stated in these regulations. The licensed person should issue instructions to its entire staff to promptly refer to the compliance officer of any complex, huge, or unusual transaction or raises doubt and suspicion concerning its nature and purpose, or is related to money laundering, financing of terrorism, terrorist acts, or terrorist organizations, for possible referral to the UNIT. The compliance officer must be a licensed person, and have sufficient academic, scientific and practical experience in AML/CFT.
2. The executive management, from which the compliance officer, shall act as a central reference point within the licensed person to facilitate onward reporting to the UNIT, and should regularly play an active role in the identification and reporting of suspicious transactions, and shall review reports of large or unusual transactions generated by the licensed person’s internal systems on a regular basis as well as of ad hoc reports made by any employee of the licensed person.
3. In case any of the staff of the licensed person informed the compliance officer of any suspicious transaction, the circumstances of that particular case shall be reviewed at that level to determine whether the suspicion is justified. If the executive management decided, based on the recommendation of the compliance officer, not to inform the UNIT, it should document the reasons of not informing the UNIT, in detail, and inform Capital Markets Authority.
4. The licensed person should keep records of all transactions referred to the compliance officer, together with any of the internal findings and analysis done in relation to them, and to maintain a record/register of all suspicious transaction reports submitted to the UNIT as well as all the reports prepared by the employees, to the executive, including those where a decision is made by the compliance officer, not to refer to the UNIT.
5. The licensed person should verify that the UNIT received any notification he sends to it concerning any suspicious transactions.
6. The licensed person should continue to monitor the account and the client, and to consider sending another suspicious transaction report in case no reply is received from the UNIT concerning a suspicious transactions report.
7. . A list of indicators of types of potentially unusual or suspicious transactions or activities that could be a cause for further scrutiny is set out in the Annex of these Regulations. The list is not exhaustive and authorized person must remain vigilant to their obligation to report any unusual or suspicious transactions or activity, whether these are of a type set out in the Annex of these Regulations or not. The existence of one or more of the factors described in the list warrants some form of increased scrutiny of the transaction, but by itself does not necessarily mean that a transaction is suspicious.
8.  If the UNIT required any additional information from a licensed person for the purpose of following up a suspicious transactions report, it is required to provide information requested as soon as possible.

 

Twentieth: Tipping off:

1. The licensed person, its Directors, officers and employees, must ensure that clients or related parties are not alerted to the fact that they have made or are considering making a suspicious transactions or providing documents or information linked to a Suspicious Transactions Report to the UNIT. The licensed person shall at all times keep its reporting of suspicious transactions highly confidential, and reports of suspicious transactions or reports that are to be reviewed by the compliance officer for possible reporting shall be accessible only by specifically authorized staff of the licensed person.
2. If a report about suspicious transactions is submitted to the UNIT, and it becomes necessary to make further enquiries of the client, great care must be taken to ensure that the client does not become aware that the Suspicious Transactions Report has been made. The licensed person shall continue its business dealing with the reported clients as usual, it must not warn its clients or other relevant parties of the suspicious transactions, and it shall await further actions related to the report.
3. The internal procedures of the licensed person should include the penalties that will be applied in case of any violation of what is mentioned above in paragraph (1) & (2)

 

Twenty First: Persons Designated Persons – UNSCR Resolutions:

1. The licensed person should apply effective procedures for identifying the identity of the client or any potential client(s) immediately, including actual beneficial owners that have been designated (“designated persons”) by the United Nations Committee.
2. If the licensed person identified that a client or potential client is enlisted designated person in the UN terrorists list, or a transaction where one of its parties is a designated persons, it should immediately inform the department of anti-money laundering. The licensed person should not perform any other transaction till further instruction from the Capital Markets Authority.
3. Prior to opening any new account, the licensed person should check the name of the potential client and compare it to the terrorist list issued from the Security Council of designated persons, and has to daily update terrorist list of the designated persons via reviewing the website of the United Nations Security Council, and check the names of all existing clients against the list of designated persons.
4. If the competent authorities of the State of Kuwait decided to  freeze funds of any person based on the UNSCR resolutions, the Capital Markets Authority shall inform all the licensed persons, who have to immediately  freeze the properties and funds of such persons.
5. The Capital Markets Authority shall inform the licensed person in case of unfreezing the fund of a particular client in case he has been delisted from the list of designated persons, or because the person whose assets were frozen was incorrectly thought to be a designated person, or because authorization was made by the competent authority to release funds for legal or humanitarian considerations.

 

Twenty Second: Internal Policies and Compliance:

1. The licensed person should set and implement internal policies and procedures and controls that assist in anti-money laundering and counter terrorist financing, and must transfer this knowledge to its employees.
2. The policies, procedures and controls set by the licensed person should include amongst other things, client due diligence, record retention, tracking and detecting of unusual and/or suspicious transactions, and reporting of any suspicious transactions.
3. The licensed person should ensure that the compliance officer and any of its staff have timely access to all client and transaction records, and any other relevant information they might need to perform their functions.
4. The compliance officer shall undertake the following tasks:
   1. Develop, update, and implement the licensed person's systems, procedures and controls of anti-money laundering and counter terrorist financing.
   2.  Keep pace with developments in AML/CFT laws and regulations, trends, techniques, and update indicators of money laundering or terrorist financing.
   3. Ensure the compliance of the licensed person with the policies and procedures of anti-money laundering and counter terrorist financing.
   4. Directly receiving reports of the employees of any suspicious transactions or activities, analyzing them, and estimate whether there is need to inform the UNIT of such activities or not.
   5. Preparing an annual report and submitting it to the Board of Directors of the licensed person. The annual report mentioned above should include all actions that have been taken to implement the internal policies, procedures and controls and proposals for increasing the effectiveness and efficiency of the procedures. Thereafter, the report shall be submitted to the Capital Markets Authority.
   6. Ensure that the employees of the licensed person maintain all the necessary records, documents, and reports.
   7. Establish ongoing training plans and courses for all the staff of the licensed person.

 

Twenty Third: Internal Auditing:

The licensed person should establish independent internal audit roles to ensure compliance with the internal policies, procedures, controls and regulations, and guarantee their efficiency and their consistency with the provisions of the anti-money laundering and counter terrorist financing law and these regulations. The internal audit department in the licensed person should perform a regular evaluation of the efficiency of internal policies, procedures and controls of anti-money laundering and counter terrorist financing. 

 

Twenty Fourth: Training:

1. The licensed person should take all the appropriate procedures to ensure that  their employees receive regular training on the following subjects :

 

1. Systems and regulations of anti-money laundering and counter terrorist financing, particularly the client due diligence, detecting and reporting suspicious transactions.
2. Prevailing Techniques, methods and common practices of money laundering and terrorist financing.
3. Internal policies , procedures and controls of the licensed person concerning anti-money laundering and counter terrorist financing  and the roles and responsibilities of employees in  combating money laundering and terrorist financing.

 

1. The licensed person should have educational programmes in place for training all new and current employees, and to provide them with continuous training to update their information and develop their skills, and to ensure that they are familiar with their responsibilities, particularly those dealing directly with the public, and those in charge of opening new accounts for clients.
2. The licensed person should, upon selecting employees, ensure that they fulfill the requirements stated in the Capital Markets Authority Regulations concerning the rules of competency and integrity, and that they are appropriate, qualified and possess high level of capabilities appropriate for performing their tasks.

 

Twenty Fifth: sanctions:

Without prejudice to sanctions imposed under the law of anti-money laundering and counter terrorist financing or any relevant laws, any licensed person or any of its members of the Board of Directors or managers, or employees shall be subject to the sanctions set out in Law No. 7 of 2010 concerning the establishment of Capital Markets Authority and Regulating Securities Activities its Executive Bylaws, in case of violating these regulations.

 

Twenty Sixth:  Publication and entry into force:

These regulations shall be considered as the minimum requirements of anti-money laundering and counter terrorist financing for the licensed person, and shall be applicable as of the date of their issuance, and shall replace the regulations of Capital Markets Authority No. (CMA/A.R./A.I/3/2012) concerning anti-money laundering and counter terrorist financing.

 

 

(Appendix)

 

(Indications of Money Laundering and Terrorist Financing)

 

Examples of possible indicators that a transaction or activity may be linked to money laundering or terrorist financing are as follows:

1. The client exhibits unusual concern regarding the firm's compliance with AML/CFT requirements particularly those related to his identity and the type of his business.
2. Rejection of the client to provide details about himself, or to indicate legitimate sources for his funds and other assets.
3. The desire of the client to participate in transactions with no apparent legal or economic purposes, or inconsistent with the declared investment strategy.
4. Attempt of the client to provide the licensed person with incorrect or misleading information regarding his identity and/or the source of his funds.
5. The licensed person knows that the client is involved in activities of money laundry or terrorist financing or any criminal offences or regulatory violations.
6. The client exhibits a lack of concern regarding risks, commissions or any other expenses.
7.  The licensed person suspects that the client appears to be acting as an agent on behalf of an undisclosed principal, but declines or is reluctant, without legitimate commercial reasons, to provide information about that person or entity.
8. The client finds difficulty in providing a description of the nature of his business, or lacks general knowledge of his activities.
9. The client holds multiple accounts under a single name or multiple names, and performing several transfers between accounts or transferring to another person without a justifying reason.
10. The client performs several wire transfers to his investment account, followed by a direct request to transfer the amount to a third party without explaining the purpose of this action.
11. The client makes a long term investment, followed shortly thereafter by a request to liquidate the position and transfers the proceeds out of the account.
12. The client’s activities vary substantially from regular practices.
13. The client refuses to provide the licensed person with the basic information of an investment/mutual fund to verify his identity.
14. The client requires the licensed person to wire transfer funds, and trying not to provide the licensed person with any information about the transferring entity and the beneficiary.
15. The client tries to change or cancel a deal after informing him of the requirements of verifying information or record keeping requirements by the licensed person.
16. The client requires processing the transactions in  such a manner to avoid more documentation
17. The client performs a great number of wire transfers that cannot be explained, with very low levels of securities transactions.
18. The licensed person knows that the funds or properties are proceeds that come from illegal sources.
19. Constantly change in the income source of the client.
20. None matching between the value or repetition of transactions with the information available about the suspect, his activity, income source and life style.
21. The actual beneficial owner belongs to an organization known for criminal activity.
22.  The appearance of signs of luxury on the suspect and his family particularly in a manner that does not match his economic status (particularly if this is sudden).

 

---