National Committee for Combating Money Laundering and Terrorist Financing Instructions No. (4) of 2022 Regarding AML/CFT for Financial Institutions - Banks

Reference Number: 198-01-2023 76 Issue 198 2023/01/25

Instructions No. (4) of the Year 2022 Regarding Combating Money Laundering and Terrorist Financing for Financial Institutions

The National Committee for Combating Money Laundering and Terrorist Financing,

Based on the provisions of Law Decree No. (39) of the Year 2022 regarding Combating Money Laundering and Terrorist Financing and its amendments, specifically the provisions of Article (12/30) thereof,

And based on the powers delegated to us,

And in pursuit of the public interest,

We have issued the following Instructions:

Chapter One Definitions and General Provisions

Article (1) Definitions

The words and phrases appearing in these Instructions shall have the meanings assigned to them below, unless the context indicates otherwise:

The State: The State of Palestine.

The Law: Law Decree No. (39) of the Year 2022 regarding Combating Money Laundering and Terrorist Financing and its amendments.

The Committee: The National Committee for Combating Money Laundering and Terrorist Financing.

The Unit: The Financial Intelligence Unit.

The Supervisory Authority: The Palestinian Monetary Authority or the Capital Market Authority within the scope of financial institutions subject to their supervision, oversight, and regulation in accordance with prevailing legislation.

Legal Arrangement: Direct trusts or any similar legal arrangements.

Client: A natural or legal person, or a legal arrangement, that deals with a financial institution.

Occasional Client: A client who does not have a continuing business relationship with the financial institution.

Business Relationship: The relationship arising between the client and any of the financial institutions, relating to any of the activities or financial services stipulated in Article (2) of the Law.

Trust: The legal relationships arising between living persons or upon death, by a person or settlor, when funds are placed under the control of the trustee for the benefit of a beneficiary or for a specific purpose, such that those assets constitute independent funds and are not part of the trustee's property, and the right to the trust assets remains in the name of the trustee or in the name of another person on their behalf, and enjoys the authority to manage, use, and dispose of the assets in accordance with the trust's conditions and duties imposed on it and the powers granted to it.

Direct Trust: A trust established by a person or settlor clearly and explicitly, which is usually in the form of a document such as a written deed of trust. This trust differs from trusts arising through the implementation of the law and not resulting from the clear and explicit intention of the settlor or person to create a trust or similar legal arrangements such as trusts established by court orders.

Financial Group: A group consisting of a parent company or any other type of legal persons who hold controlling shares and coordinate functions with the rest of the group to apply or implement supervision over the group in accordance with the basic principles, along with branches and/or subsidiaries subject to group-wide anti-money laundering and counter-terrorist financing policies and procedures.

Correspondent Banking Relationships: Banking services provided by a correspondent bank to another respondent bank, including cash management services, multi-currency interest-bearing accounts, international telegraphic or electronic money transfers, and settlement of correspondent checks and payment accounts, and foreign exchange services.

Correspondent Payment Accounts: Correspondent accounts used directly by third parties to conduct business on their behalf.

Shell Bank: A bank that has no physical presence in the country where it was incorporated and licensed, and does not belong to any financial services group subject to effective unified supervision.

Quick Transfer: A financial transfer executed at any of the main or sub-agents of one of the quick transfer companies approved by the Palestinian Monetary Authority.

Numbered Account: An account at a financial institution where the account holder's name is hidden, either by using symbols, numbers, or alternative names instead of the real account holder's name.

Article (2) Scope of Application

The provisions of these Instructions shall apply to the financial institutions stipulated in Article (2) of the Law and licensed to operate in the State.

Chapter Two Due Diligence

Article (3) Prohibition of Dealing

A financial institution is prohibited from:

1. Opening or maintaining anonymous accounts or accounts with fictitious or nominal names.
2. Dealing with persons of unknown identity or persons holding fictitious or nominal names.
3. Opening or maintaining numbered accounts.
4. Dealing with shell banks.
5. Dealing with any natural or legal person who conducts any of the activities or transactions stipulated in Article (2) of the Law without a license or registration, whether for the benefit of its clients or on their behalf, except for dealing with financial institutions under establishment on a preliminary basis, subject to the prevailing legislation in the State.

Article (4) Timing of Due Diligence Measures

A financial institution must take the due diligence measures stipulated in this Chapter in the following cases:

1. Establishing business relationships.
2. Executing any occasional transaction reaching or exceeding (15,000) US dollars or its equivalent in legally circulating currencies, whether conducted as a single transaction or multiple transactions that appear to be linked.
3. Executing occasional financial transactions in the form of internal transfers or telegraphic or electronic transfers within or outside the State, regardless of their value.
4. Suspecting the validity, accuracy, or sufficiency of the data obtained regarding the identification of the client previously.
5. Suspecting money laundering or terrorist financing, regardless of any exemptions or limits mentioned in the Law, regulations, or these Instructions.

Article (5) Customer Identification Procedures

1. The financial institution must take customer identification procedures for both permanent and occasional clients, local and foreign, by obtaining and recording the following information on a dedicated and approved form:

   a. If the client is a natural person:

   1. Identity card or passport information for the foreign person, and at a minimum, the full name of the client, nationality, date and place of birth, permanent address, identity card number or passport number for the foreign person, place and date of issue, mother's name, marital status, and wife's name.
   2. Economic activity information of the client, consisting of the nature of the client's work or activity, sources of income, work address, job title, employer's name or employing entity, and monthly income value.
   3. Information regarding the actual residence address or current residence.
   4. Client contact information, consisting of the client's mobile and landline phone numbers, postal address (if available), and email.
   5. Any other information that financial institutions deem necessary to obtain according to the nature and degree of risk.

   b. If the client is a legal person or a legal arrangement:

   1. Client identity information consisting of at a minimum the client's name, legal form, type of establishment document, registered office address or headquarters address, registration date and number, place and date of issue of the establishment document, and types of documents governing the work of the legal person or legal arrangement.
   2. Information on the natural persons authorized to sign on behalf of the client as stipulated in paragraph (1/a) of this Article.
   3. Understanding the nature of the client's work, ownership and control structure, and determining whether the ownership or control structure is complex or multi-layered.

2. The financial institution must understand the purpose and nature of the business relationship and collect information about it as required.

Article (6) Customer Verification Procedures

The financial institution must take the necessary measures to verify the validity and accuracy of the information obtained from the client regarding identification in accordance with the provisions of Article (5) of these Instructions, through the following:

1. Reviewing the original documents and papers proving the validity and accuracy of the information, ensuring they are valid, up-to-date, free from any signs of forgery or tampering, and translated into Arabic, consisting of the following documents and papers:

   a. Regarding the natural person and authorized signatories for the client:

   1. Identity card or passport for the foreign person, to verify identity card or passport information.
   2. Documents or papers proving the client's economic activity information according to the nature of the activity, such as official stamped books issued by the employer or official institutions, or other documents and papers appropriate to the nature of the activity.
   3. Documents proving the actual residence address or current residence, and if it differs from the permanent address specified in the identity card, appropriate documents proving the address such as a lease contract, electricity, water, phone, or gas bills, or proof thereof by any other possible means.
   4. Any other documents that the financial institution deems necessary to obtain to verify due diligence data according to the nature and degree of risk.

   b. Regarding the legal person or legal arrangement, documents and papers proving the identity of the legal person or legal arrangement where applicable:

   1. Registration certificate issued in accordance with the laws in force in the State, including certificates issued by the Ministry of National Economy, Chambers of Commerce or Industry, municipalities, or any competent authority for registering the legal person or legal arrangement in accordance with prevailing standards.
   2. The contract or deed creating the asset management regarding legal arrangements.
   3. The establishment contract or articles of association.
   4. The internal regulations.

2. Matching the data obtained with the data available in the documents required in accordance with the provisions of paragraph (1) of this Article, and matching the client's or authorized signatory's photo with the personal photo in the identity card or passport.

3. Verifying the validity of the information obtained or the validity of documents and papers by using reliable and independent sources, including contacting the official authorities issuing or responsible for those documents and papers.

4. Contacting the client to verify contact data or confirm information or obtain additional information.

5. Investigating the client from the legal person or legal arrangement to ensure it is not being liquidated, dissolved, or terminated, including conducting a visit to its premises if possible.

6. Keeping a copy of all documents and papers and stamping them to indicate they are true copies.

Article (7) Acting on Behalf of the Client

1. The financial institution must take the following measures when dealing with any person claiming to act on behalf of the client:

   a. Verify that such person is actually authorized to act on behalf of the client, and verify those documents by reviewing the original official documents and papers proving their right to such action, ensuring they are valid, up-to-date, free from any signs of forgery or tampering, and obtaining a signed copy indicating it is a true copy, or by using independent and reliable sources, including contacting the official authorities issuing those documents and papers when required. b. Apply the identification and verification procedures for natural persons stipulated in Articles (5) and (6) of these Instructions to the person acting on behalf of the client.

2. The provisions of paragraph (1) of this Article shall apply to all forms of acting on behalf of the client, including when the authorized person is: a. An agent for the client under a general, special, or periodic power of attorney. b. A legal representative for an incapacitated client, such as a minor. c. A legal representative for a client lacking legal capacity. d. An authorized signatory for a legal person or legal arrangement. e. A trustee for a direct trust or the equivalent position in similar legal arrangements such as a Waqf. f. An agent for the founders (in case the legal person or legal arrangement is under establishment). g. A representative for the client in any other capacity.

Article (8) Beneficial Owner for Natural Persons

The financial institution must do the following:

1. Take reasonable measures according to the money laundering and terrorist financing risks arising from the client and the business relationship, to identify the beneficial owners for the natural person according to Form No. (1) attached to these Instructions, and verify their identities through the following information:

   a. Determine if the client is acting on their own behalf and for their own benefit; if so, they must sign a declaration stating they are the beneficial owner of the business relationship. b. If the client is not acting on their own behalf and for their own benefit or if the financial institution has doubts about the validity of the client's declaration, the natural person or persons benefiting or controlling the business relationship effectively and finally, or for whom the dealing is conducted on their behalf, or who control the client's accounts effectively and finally, must be identified, and the capacity in which the client acts on behalf of the beneficial owner must be determined.

2. Apply the identification and verification procedures for natural persons stipulated in Articles (5) and (6) of these Instructions to the beneficial owner or beneficial owners identified in accordance with the provisions of paragraph (1) of this Article, to the extent that satisfies the financial institution that it has identified the beneficial owner.

Article (9) Beneficial Owner for Legal Persons

The financial institution must do the following:

1. Take reasonable measures according to the money laundering and terrorist financing risks arising from the client and the business relationship, to identify the beneficial owners of legal persons according to Form No. (2) attached to these Instructions, and verify their identities through the following information:

   a. Identify the natural person or persons (if any) who have actual controlling ownership in the legal person, whether directly or indirectly, through the following:

   1. Determine who owns (25%) or more of the legal person as a beneficial owner, whether that ownership is direct or indirect.
   2. Determine the shareholder who exercises actual control over the legal person regardless of their share percentage, whether alone or with other shareholders indirectly, such as control through agreement between partners via contracts or understandings or other arrangements, or through exercising influence or dominant power to appoint or dismiss the majority of senior management, or through owning the right to dispose of the legal person's funds or assets practically allowing them directly or indirectly to control, manage, or direct the legal person, or exercising control through voting rights or economic rights or receiving economic benefits from the legal person's assets.

   b. When it becomes apparent to the financial institution that no natural person exercises control over the legal person through controlling ownership shares, such that ownership shares may be very diversified, or if there are any doubts about identifying the beneficial owner after applying the provisions of paragraph (1/a) of this Article, the identity of the natural person or persons exercising actual control over the legal person through other means must be identified, which can be determined, for example, by identifying the natural person who:

   1. Exercises control over the legal person through other means such as personal links with persons holding ownership, or with persons in the positions mentioned in paragraph (1/a) of this Article.
   2. Exercises control without ownership through participation in financing the legal person or due to close or intimate family relationships, historical or contractual links, or if the legal person defaults on some payments, and this control can be assumed even if not actually exercised, for example, when using assets owned by the legal person or enjoying or benefiting from them.

   c. In case no natural person is identified in applying the provisions of paragraph (1/a, b) of this Article, the identity of the natural person holding a senior management position must be identified, which can be done by identifying the natural person who:

   1. Is responsible for strategic decisions that fundamentally affect the business practices or general direction of the legal person.
   2. Exercises executive supervision over the daily or ordinary affairs of the legal person through a senior management position, such as president, chief executive officer, financial director, or administrative director.
   3. Exercises essential authority over the financial relationships of the legal person, including financial relationships with the financial institution holding accounts in the name of the legal person, and the ongoing financial affairs of the legal person.

2. Apply the identification and verification procedures for natural persons stipulated in Articles (5) and (6) of these Instructions to the beneficial owner or beneficial owners identified in accordance with the provisions of paragraph (1) of this Article, to the extent that satisfies the financial institution that it has identified the beneficial owner.

Article (10) Beneficial Owner for Legal Arrangements

1. The financial institution must take reasonable measures according to the money laundering and terrorist financing risks arising from the client and the business relationship, to identify the beneficial owners of legal arrangements according to Form No. (3) attached to these Instructions, and verify their identities through the following:

   a. Obtain the following information regarding direct trusts:

   1. Identity of the settlor or trust creator, who is the natural or legal person who transfers ownership of their assets to trustees via a trust deed or direct arrangement.
   2. Identity of the trustee, who is the natural or legal person who receives the assets and holds them separately from their own assets, and is responsible for managing those assets for the benefit of the beneficiary, and is the legal owner of these assets, but cannot benefit from those assets for their own benefit, taking into account the possibility that the trustee may be a professional such as a lawyer or trust company if paid to act as a trustee in the context of their business, or a non-professional such as a person acting without consideration on behalf of their family.
   3. Identity of the protector or guardian, if present, who is the person who directs the trustee and supervises their work, and may have the right to dismiss and appoint another trustee.
   4. Identity of the trust beneficiary, who is the person or persons, whether natural, legal, or legal arrangements, who are entitled to benefit from any trust arrangement according to what the trust deed specifies, and in case there are no specific current beneficiaries, such as if they are specific beneficiaries according to characteristics or categories, sufficient information regarding the beneficiary must be obtained to satisfy the financial institution that it will be able to identify the beneficiary's identity upon payment or when the beneficial owner intends to exercise their legally acquired rights.
   5. Identity of every other natural person exercising effective and actual control over the trust, whether through a chain of control or ownership or through any other means.

   b. Regarding other types of legal arrangements, information on the identity of persons holding equivalent or similar positions to those mentioned in paragraph (1/a) of this Article must be obtained, and regarding Waqf, information on the identity of the Waqif (founder), the Mutawalli (trustee/administrator) of the Waqf or its supervisor, the beneficiaries, and any other natural person exercising effective control over the Waqf must be obtained.

2. The financial institution must apply the provisions of Article (9) of these Instructions to the parties stipulated in paragraph (1) of this Article if any of those parties is a legal person.

3. The financial institution must apply the identification and verification procedures for natural persons stipulated in Articles (5) and (6) of these Instructions to the beneficial owner or beneficial owners identified in accordance with the provisions of paragraph (1) of this Article, to the extent that satisfies the financial institution that it has identified the beneficial owner.

Article (11) Exemptions from Identifying the Beneficial Owner

1. The financial institution may refrain from taking the measures stipulated in Article (9) of these Instructions to identify and verify the beneficial owner of a legal person if the client or controlling shareholder is a company listed on the stock exchange or a subsidiary majority-owned by the listed company, provided that it is subject to disclosure requirements, whether through stock exchange rules, law, or any other binding means, which impose conditions ensuring sufficient transparency for the beneficial owner.

2. It is required to obtain relevant beneficial owner data from official records, the client, or other reliable sources to apply the provisions of paragraph (1) of this Article.

Article (12) Ongoing Due Diligence

The financial institution must take ongoing due diligence measures regarding business relationships, including the following:

1. Studying the transactions executed throughout the duration of the business relationship and their purpose in detail, to ensure they are consistent with the information held by the institution regarding its clients, their commercial activity patterns, and their risk profile, and if necessary, the source of funds.

2. Ensuring that documents, papers, data, or information obtained in accordance with the due diligence measures referred to in Articles (5) and (6) of these Instructions are continuously updated and appropriate, by reviewing and examining existing records, particularly for high-risk client categories.

Article (13) Timing of Verification

1. The financial institution must take measures to verify the identity of the client and beneficial owner in accordance with the provisions of the Law and these Instructions, before or during the business relationship or execution of transactions for occasional clients, and the financial institution may complete verification procedures after establishing the business relationship provided that: a. This happens as soon as practically possible. b. It is necessary to avoid interrupting the normal flow of business. c. Money laundering and terrorist financing risks are managed effectively.

2. The financial institution must adopt appropriate risk management procedures regarding circumstances where the client may benefit from the business relationship before verification, and this process must include a set of measures, including the following: a. Determining limits, caps, or controls on the number, type, and/or quantity of transactions or operations that can be conducted. b. Monitoring large or complex transactions that exceed the expected limits for this type of relationship.

3. Delaying the completion of verification is prohibited in the following cases: a. Presence of indicators for high risks. b. When there is suspicion of money laundering or terrorist financing. c. When it concerns basic client identity information consisting of identity card or passport information, or identity documents and papers related to the legal person or legal arrangement.

Article (14) Special Provisions for Insurance

Financial institutions providing insurance services and products must take the following measures, in addition to the due diligence measures required for clients and beneficial owners in accordance with this Chapter:

1. Take the following due diligence measures on beneficiaries of life insurance policies and other investment insurance products, once these beneficiaries are identified or named: a. Obtain the name of the person for beneficiaries who are natural or legal persons or legal arrangements specifically named. b. Obtain sufficient information about beneficiaries named through characteristics or categories (such as spouse or children at the time of the insured event) or through other means such as a will, to satisfy the financial institution that it will be able to identify the beneficiary's identity upon payment of the claim. c. Verify the identity of the beneficiaries stipulated in paragraph (1) of this Article upon payment of the claim.

2. Consider the beneficiary of a life insurance policy as a risk factor when determining the applicability of enhanced due diligence measures. And when the financial institution determines that the insurance beneficiary is a legal person or legal arrangement, representing high risks, enhanced due diligence measures must be applied in accordance with the provisions of Article (26) of these Instructions, including taking reasonable measures to identify and verify the beneficial owner of the insurance policy beneficiary upon payment of the claim in accordance with the provisions of Articles (9) and (10) of these Instructions.

Article (15) Reliance on Previous Procedures

The financial institution may rely on the identification and verification procedures previously taken in accordance with the provisions of Articles (5) and (6) of these Instructions when executing or preparing financial transactions, without the need to repeat those procedures every time those transactions are executed or prepared, except in the following cases:

1. Existence of doubts about the validity of that information.
2. Existence of suspicion of money laundering or terrorist financing or any predicate crime related to the client.
3. Existence of a fundamental change in the nature of the business relationship and the financial transactions of the client that does not match the client's activity.

Article (16) Reliance on Third Parties

1. Financial institutions that rely on a third party bear the ultimate responsibility for due diligence measures towards clients if the Supervisory Authority permits reliance on third parties from financial institutions or specified non-financial businesses and professions, whether from within the State or outside it, to carry out the due diligence measures stipulated in Articles (5, 6, 7, 8, 9, 10, 11) of these Instructions or to provide the services, and in that case, they must do the following: a. Identify the third party and obtain approval from the Supervisory Authority to rely on them. b. Immediately obtain from the third party the necessary information related to the due diligence measures in these Instructions. c. Take sufficient and appropriate steps, including establishing arrangements such as signing bilateral agreements with third parties, to ensure and satisfy themselves that the third party will, without delay and upon request by the financial institutions, provide copies of all documents, papers, and data related to client and beneficial owner identification and other documents related to due diligence requirements in accordance with the provisions of the Law and these Instructions. d. Ensure and satisfy themselves that the third party is subject to regulation, supervision, or oversight, and has procedures applied to comply with due diligence requirements towards clients and maintain records in accordance with the provisions of the Law and these Instructions. e. In case the third party meeting the conditions specified in paragraph (1) of this Article is in another country, the financial institution must ensure that the third party is subject to regulation, supervision, or oversight, and has procedures applied to comply with due diligence requirements towards clients and maintain records in accordance with the provisions of the Law and these Instructions.

(Note: The provided text ends abruptly at Article 16, paragraph 1, item 'e'. The translation reflects the available content faithfully.)