Central Bank of Kenya Circular No. 13 of 2023 - Highlights of the AML CFT (Amendment) Act 2023

BANKI KUU YA KENYA November 6, 2023 Haile Selassie Avenue P.O. Box 60000 - 00200 Nairobi, Kenya Telephone: 2860000, Fax: 3340192 CENTRAL BANK OF KENYA CIRCULAR NO. 13 OF 2023 TO ALL CHIEF EXECUTIVE OFFICERS OR PRINCIPAL OFFICERS OF FOREIGN EXCHANGE BUREAUS, MONEY REMITTANCE PROVIDERS AND DIGITAL CREDIT PROVIDERS HIGHLIGHTS OF THE AML/CFT (AMENDMENT) ACT, 2023

1.0 Background

Kenya went through a mutual evaluation of its anti-money laundering and combating of terrorism financing and countering proliferation financing (AML/CFT/CPF) regime by the Eastern and Southern African Anti-Money Laundering Group (ESAAMLG) from October 2021 to July 2022. The mutual evaluation report (MER) for Kenya was adopted by the ESAAMLG at its plenary meeting in Livingstone, Zambia and published in September 2022. Post mutual evaluation, Kenya was referred to the Financial Action Taskforce's (FATF) International Cooperative Review Group (ICRG) process due to poor results in its mutual evaluation. The country is currently under a period of observation for one year from October 2022 to October 2023 during which Kenya is required to take action to address deficiencies and Recommended Actions noted in the MER.

The MER noted a number of deficiencies in the AML/CFT/CPF legal and regulatory frameworks. These included:

• Financial sector regulators (CBK included) did not have the power to undertake CFT/CPF supervision.

· POCAMLA did not provide for preventive measures on CPF.

• Risk-based AML/CFT/CPF supervision was relatively underdeveloped, with a low number of on-site AML/CFT/CPF inspections.

· Weak legal framework on identification and verification of beneficial owners.

· Deficiencies in Kenya's AML/CFT/CPF legislation significantly hampered financial institutions' ability to implement preventive measures on terrorism financing, proliferation financing, beneficial ownership (BO), customer due diligence (CDD), politically exposed persons (PEPs) and innovative technologies.

Fit and proper requirements for the financial sector did not include the establishment of .

beneficial ownership (BO) of significant shareholders and verification of the fitness and probity of applicants with law enforcement agencies.

In an effort to address the deficiencies that required legal reforms, the Government has enacted into law, AML/CFT (Amendment) Act, 2023. The Act was assented to by His Excellency the President on September 1, 2023. The Act has amended various legislations relating to AML/CFT/CPF including the CBK Act, Banking Act, Microfinance Act, National Payment System Act and Proceeds of Crime and Anti-Money Laundering Act, 2009. The amendments are intended to address some of the deficiencies noted in the MER.

CBK has analysed key amendments to statutes that relate and/or apply to CBK and its licensees.

Here below are the highlights of the Analysis.

2.0 Highlights Of The Aml/Cft (Amendment) Act, 2023

Expansion of the definition of "significant shareholder" to include beneficial owner - The CBK Act, Banking Act, Microfinance Act and the National Payment System (NPS) Act have been amended to provide for a definition of "significant shareholder" to include a beneficial owner. The import of this amendment is that financial institutions have to identify natural persons who ultimately own or control a legal person or arrangement (un-incorporated entities), Beneficial owners who seek to become significant shareholders in financial institutions have to be vetted by the CBK.

Obligation to identify and verify the "beneficial owner": The CBK Act, Banking Act, Microfinance Act and NPS Act have been amended to introduce a new definition of "beneficial owner" as follows: "the natural person who ultimately owns or controls a legal person or arrangements or the natural person on whose behalf a transaction is conducted, and includes those persons who exercise ultimate effective control over a legal person or arrangement".

Financial institutions should take keen note of the different elements of a beneficial owner.

These are: a) b) c) the natural person who ultimately owns a legal person or arrangements.

the natural person who ultimately controls a legal person or arrangements.

the natural person on whose behalf a transaction is conducted.

Customer due diligence should henceforth involve identifying and verifying the beneficial owner, based on the criteria set out in the definition afore-mentioned.

Reporting institutions to verify the identity of a person acting on behalf of another person and that he is duly authorised to act in that behalf: Section 45(3) of POCAMLA has been amended to require reporting institutions to verify that any person purporting to act on behalf of the customer is so authorised and identify and verify the identity of that person. Financial institutions should therefore adequately train and sensitize their relevant staff on this new requirement to always ensure full compliance.

Power of the CBK to compel the production of any document or information: POCAMLA (Section 36C) has been amended to give CBK and other supervisory bodies express powers to compel production of any information or document relevant to monitoring compliance with the AML/CFT/CPF requirements of reporting institutions. The power to compel production of documents and information has also been entrenched in the CBK Act, Banking Act, Microfinance Act and NPS Act. This will enable the CBK to access any document or information it requires (whether for onsite inspection or offsite surveillance) to enable him discharge its AML/CFT/CPF supervisory obligations. Monetary penalties - power of the CBK to impose monetary penalties provided for in sectoral laws for violation of POCAMLA, POCAML Regulations and any guideline, rule, direction or instruction issued under POCAMLA: CBK Act, Banking Act, Microfinance Act and NPS have been amended to provide for monetary penalties which CBK can impose for violation of POCAMLA, POCAML Regulations and any guideline, rule, direction or instruction issued under POCAMLA. (c) Under the Banking Act - Section 33E(2), the penalties are as follows Ksh. 20,000,000 for legal persons.

(a) Ksh. 1,000,000 for natural persons.

(b) Ksh. 100,000 additional penalties for each day during which the violation continues.

Under the CBK Act (money remittance providers, forex bureaus and digital credit providers) and under Microfinance Act (microfinance banks), the penalties are as follows: (a) (b) (c) Ksh. 5,000,000 for legal persons. Ksh. 1,000,000 for natural persons.

Ksh. 100,000 additional penalties for each day during which the violation continues.

To avoid these punitive penalties being imposed by CBK, financial institutions are advised to ensure full and continuous compliance with AML/CFT/CPF legal and regulatory requirements.

Monetary penalties equally apply to violation of any AML/CFT/CPF guideline, rule, direction or instruction issued by the CBK under sectoral laws: The monetary penalties outlined above also apply to violation of or non-compliance with CBK guidelines, rules, directions and instructions. This is pursuant to amendments effected in the CBK Act, Banking Act and NPS Act to that effect. Financial institutions are therefore advised to comply with AML/CFT/CPF guidelines, rules, directions and instructions issued by the CBK.

Monetary penalties also apply to directors, officers, employees, agents or any other person: Financial institutions should note that monetary penalties may be imposed directly against directors, officers, employees and agents. Personal liability may be applied in appropriate cases where a director, officer, employee or agent has violated or failed to comply with AML/CFT/CPF laws and guidelines, rules, directions and instructions issued by the CBK.

Making lawyers reporting entities and inclusion of Law Society of Kenya (LSK) as a supervisory body for AML/CFT/CPF purposes: POCAMLA has been amended to make lawyers reporting entities, just like financial institutions. LSK has been made a self-regulatory body with powers to supervise lawyers for AML/CFT/CPF purposes. Lawyers are now required to submit suspicious transaction reports (STRs) through the LSK. The LSK and the FRC will in turn develop a mechanism through which the STRs will reach the FRC. The net effect of these amendments is that lawyers and their clients are now fully subject to AML/CFT/CPF requirements. Given the risk context of lawyers, financial institutions should conduct continuous monitoring (on risk-sensitive basis) of transactions conducted by lawyers on behalf of their clients.

Various amendments to POCAMLA to expressly provide for countering financing of terrorism (CFT) and countering proliferation financing (CPF): POCAMLA has been amended to cover AML/CFT/CPF. All preventive measures relating to AML will now apply in the same measure and force to CFT and CPF. In effect, all preventive measures set out in POCAML Regulations, 2013 apply to CFT and CPF. Financial institutions should revise their policies and procedures to clearly and independently provide for CFT and CPF. Financial institutions are further advised to desist from treating "AML/CFT" as one and the same thing.

AML, CFT and CPF each deals with different issues, even though a few of them may be cross cutting. The fine distinctions should be taken into account during risk assessments and when allocating resources.

Reporting institutions to submit suspicious transaction reports (STRs) to FRC within two days after suspicion having arisen. Section 44 of POCAMLA has been amended to require reporting institutions to submit STRs to FRC within two days after suspicion arises. Financial institutions should take necessary steps to ensure that transactions are effectively and continuously monitor and all suspicious transactions are reported to the FRC on time. Late submission of STRs will attract a penalty.

Cash transaction reporting threshold has been increased to USD 15,000: Section 44(6): POCAMLA has now increased cash transaction reporting threshold from USD 10,000 to USD 15,000. This follows a similar enhancement in FATF Recommendations. Financial institutions should take note of this adjustment and ensure that cash transactions equivalent to or more than USD 15,000 are reported to the FRC.

Requirement to maintain all records of domestic and international transactions: POCAMLA now clarifies that transaction records to be established and maintained by reporting institutions are both domestic and international transactions. All records, whether relating to domestic or international transactions should be kept for seven years or for such longer period as is necessary.

Introduction of definition of "proliferation acts": Prevention of Terrorism (POTA) Act now defines "proliferation acts" as: " manufacturing, acquiring, possessing, developing, exporting, trans-shipping, brokering, transporting, transferring, stockpiling, supplying, selling or using nuclear, ballistic, chemical, radiological or biological weapons or any other weapon capable of causing mass destruction, and their means of delivery and related materials including technology, goods, software, services or expertise in contravention of this Act or any international obligations derived from relevant United Nations Security Council Resolutions".

Proliferation financing (PF) relates to the financing of the acts described above. Financial institutions should be familiar with the relevant United Nations Security Resolutions (UNSCRs) relating to Democratic Republic of North Korea and Iran, against which countering proliferation financing measures apply.

Financing of proliferation act has been criminalised. Section 4B of POTA now makes it an offence for any person to "directly or indirectly, provide financial support or solicit or collect funds intending, knowing or having reasonable grounds to believe that such funds are to be used in whole or part, to carry out a proliferation act regardless of whether such funds or part thereof were actually used to commit the act ". The punishment is either imprisonment for twenty years or a fine of Ksh. 20,000,000 or both.

Financial institutions should establish appropriate mechanisms for monitoring transactions that may relate to any of the elements of "proliferation act".

3.0 Instructions To Financial Institutions

For better and full understanding of the scope and extent of the AML/CFT (Amendment) Act, 2023, financial institutions are hereby advised to obtain a copy of the AML/CFT (Amendment) Act, 2023 from Government Printer for their reference.

Given these amendments were occasioned by the deficiencies noted in the Mutual Evaluation Report for Kenya, financial institutions are further advised to implement these amendments immediately and to keep complete records of actions taken pursuant to the new laws.

Yours faithfully,

GERALD A. NYAOMA DIRECTOR, BANK SUPERVISION Cc: Mr. Mohamed Nur Ali Chief Executive Officer Kenya Forex and Remittance Association Pioneer Building Kimathi Street, 7th Floor, Room 3 P.O Box 106217-00101 NAIROBI Mr. Saitoti Maika Director General Financial Reporting Centre UAP-Old Mutual Towers NAIROBI i and on the