Guidance Paper on Beneficial Ownership Due Diligence

OFFICE OF THE DEPUTY GOVERNOR I FINANCIAL SUPERVISION SECTOR MEMORANDUM NO. M-2024-___ To : All BSP Supervised Financial Institutions Subject : Guidance Paper on Beneficial Ownership Due Diligence Juridical entities play a crucial role in the economic growth of a country through the different commercial and business activities they undertake. Their financial transactions contribute to the breadth and depth of the country’s financial system. The unique separate legal personality of juridical entities, however, can be used for elaborate and complex schemes to conceal the true identity of beneficial owners and the real nature or purpose of the transactions. Criminals may hide behind seemingly legitimate businesses by concealing their beneficial ownership (BO) status with complex corporate ownership structures or arrangements. Consequently, BO due diligence is increasingly regarded as an essential element of money laundering (ML), terrorist financing (TF) and proliferation financing (PF) risk management framework. Section 921/921-Q of the Manual of Regulations for Banks/Manual of Regulations for Non-Bank Financial Institutions require BSP-supervised financial institutions (BSFIs), among others, to identify the beneficial owner and take reasonable measures to verify BO identity, and in case of juridical person or legal arrangement, to have a system to understand the nature of the customer’s business and its ownership and control structure. This Guidance Paper aims to provide BSFIs with a functional reference material in benchmarking best practices in the industry and calibrating their policies, system, process and controls for enhanced BO identification and verification process, tailored-fit to the institution’s risk and context. BSFIs should consider this Guidance Paper in enhancing their ML/TF/PF risk management system in line with their risk posture. CHUCHI G. FONACIER Deputy Governor

___ June 2024 20

i

Guidance Paper on Beneficial Ownership Due Diligence ____ June 2024

i

Table of Contents Introduction .................................................................................................................................................................................... 1 Executive Summary .................................................................................................................................................................. 3 Elements of Beneficial Ownership Due Diligence ................................................................................................. 4 Board of Directors (BOD) and Senior Management (SM) Oversight .................................................... 4 Beneficial Ownership Identification and Verification .................................................................................. 4 Ongoing Monitoring of Customers, Accounts and Transactions .......................................................... 6 Record-keeping and Information Sharing ....................................................................................................... 10 Role of Self-assessment Function ............................................................................................................................ 11 Conclusion and Way Forward ............................................................................................................................................ 11

Page 1 of 12 I. Introduction 1.1 Juridical entities, such as corporations, partnerships, foundations, as well as trusts and other types of legal persons and arrangements, play a crucial role in the economic growth of a country through the different commercial and business activities they undertake. Their financial transactions contribute to the breadth and depth of the financial system. Recognizing this critical role of juridical entities in the economy, their unique separate legal personality can also be exploited for elaborate and complex schemes to conceal the true identity of the beneficial owners and the real nature or purpose of the transactions coursed through these corporate vehicles. 1.2 In the context of legal persons, beneficial owner (BO) refers to the natural person(s) who ultimately owns or controls the entity and/or the natural person on whose behalf a transaction is being conducted1 . It also includes those natural persons who exercise ultimate effective control over a legal person. As such, only a natural person can be an ultimate BO and more than one (1) natural person can be the ultimate BOs of a given legal person. In the context of legal arrangements, the BSP￾supervised financial institution (BSFI) is expected to identify and verify the BO2 , as follows: (i) for trusts – identity of the settlor(s); (ii) the trustee(s); (iii) the protector(s), if any; (iv) the beneficiary, or where applicable, the class of beneficiaries and objects of a power; and (v) any other natural person exercising ultimate effective control over the trust. For other types of legal arrangements, the person(s) holding a position equivalent to those referred above will be considered BO. When the trustee and any other party to the legal arrangement is a legal person, the BO of that legal person should be identified.3 1.3 Beneficial ownership due diligence is increasingly regarded as an essential element in the fight against money laundering (ML), terrorist financing (TF) and proliferation financing (PF). Criminals may hide behind seemingly legitimate businesses by concealing their beneficial ownership status within complex corporate ownership structures or arrangements with nominee shareholders, partners or managers.4 Beneficial ownership information can be obscured through, for example, shell companies, complex ownership and control structures involving many layers of shares registered in the name of other legal persons, bearer shares and bearer share warrants, unrestricted use of legal persons as directors, formal nominee shareholders and directors where the identity of the nominator is undisclosed, informal nominee shareholders and directors, such as close associates and family members.5 1.4 The March 2023 Financial Action Task Force (FATF) document on Beneficial Ownership of Legal Persons, indicates, among others, the generally insufficient level of effectiveness in combating the misuse of legal persons for ML/TF globally. It further cited that, in many countries, BO information of a company is not available 1 Definition of BO under Section 904/904-Q of the Manual of Regulations for Banks (MORB)/Manual of Regulations for Non-Bank Financial Institutions (MORNBFI) 2 Customer Due Diligence under Section 921/921-Q of the MORB/MORNBFI 3 FATF (2012-2023), International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation, FATF, Paris, France, www.fatf-gafi.org/en/publications/Fatfrecommendations/Fatf￾recommendations.html 4 FATF (March 2023), Guidance on Beneficial Ownership for Legal Persons, FATF, Paris, France, www.fatf￾gafi.org/publications/FATFrecommendations/guidance-beneficial-ownership-legal-persons.html 5 Ibid.

Page 2 of 12 as it is not collected and/or sufficiently verified at the time the corporate vehicle is created, or at any stage throughout its existence. FATF requires countries to use a multi-pronged approach, i.e., to use a combination of different mechanisms, for collection of BO information to ensure that adequate, accurate and up-to-date information on the BO of legal persons is available and can be accessed by the competent authorities in a timely manner. 1.5 At the local front, in the Anti-Money Laundering Council (AMLC)’s 2020 Risk Assessment on Legal Persons and other Business Entities,6 the overall risk of legal persons and business entities to ML was assessed as Medium High, and the most common crimes involving them were corruption, illegal drugs, violations of the Electronic Commerce Act, and fraud. Criminals hide behind the faÁade of wholesale/retail trading, construction and petroleum businesses and non￾government organizations (NGOs). The study further revealed the use of dummies by foreign nationals to engage in businesses reserved for Filipinos, potential trend on the use of electronic money issuers (EMIs) and money service businesses (MSBs), and cash deposits and international remittances, as common financial services in cases involving abuse of legal persons and business entities. Meanwhile, in the BSP’s Third Sectoral Risk Assessment,7 the inherent risk and quality of general Anti-Money Laundering and Countering Terrorism and Proliferation Financing (AML/CTPF) controls of the trust sector were both assessed as Medium, resulting in overall net risk of “Medium”. Availability and access to BO information was likewise assessed as “Medium” on account of policies and controls implemented by BSFIs to gather and update BO information, and reliance on BO declarations in the General Information Sheet (GIS) to validate the information. Furthermore, in 2019 and 2020, the Securities and Exchange Commission (SEC) required the declaration of BO in the GIS of local and foreign corporations8 , respectively, and in 2021, the SEC prohibited the issuance/sale/public offering of bearer shares and bearer share warrants to curb the misuse of corporations for illicit activities through measures designed to promote transparency of BOs.9 1.6 Indeed, customer due diligence (CDD) on BO is a focal part of the ML/TF/PF risk mitigation process. This thematic review (TR) on beneficial ownership due diligence identifies the best practices, policies, systems, and processes on beneficial ownership due diligence, and catalogs typologies involving BOs. It also seeks to understand the challenges faced by BSFIs and explore pragmatic ways to address them. The TR was conducted on certain BSFIs across different types of financial institutions, supplemented by a customized survey on beneficial ownership policies and controls covering banks and trust entities. The TR hinges on the existing AML/CTPF rules and regulations on beneficial ownership due diligence, including (i) Rule 18, Chapter VI of the 2018 Implementing Rules and Regulations (2018 IRR) of Republic Act (R.A.) No. 9160 or the Anti-Money Laundering Act of 2001 (AMLA), as amended; (ii) Part Nine (9) of the Manuals of Regulations for Banks (MORB) and Non-Bank Financial Institutions (MORNBFI); and (iii) BSP Circular Letter No. CL-2019-002 dated 14 January 2019, disseminating the AMLC’s guidelines on beneficial ownership identification. 6 Anti-Money Laundering Council (AMLC) (2020). 2020 Risk Assessment on Legal Persons and Other Business Entities, www.amlc.gov.ph/images/PDFs/2020%20RISK%20ASSESSMENT%20ON%20LEGAL%20PERSONS%20- %20TYPOLOGIES.pdf. 7 Bangko Sentral ng Pilipinas (BSP) (March 2021), 3rd Sectoral Risk Assessment for Banks and Other BSP-Supervised Financial Institutions, www.bsp.gov.ph/SitePages/Regulations/RegulationDisp.aspx?ItemId=4485. 8 Securities Exchange Commission (SEC) (2019 and 2020), Memorandum Circular No. 15 series of 2019, 2019 Revision of the GIS, www.sec.gov.ph/mc-2019/mc-no-15-s-2019/#gsc.tab=0, and Memorandum Circular No. 30 series of 2020, Revision of GIS of Foreign Corporations, www.sec.gov.ph/mc-2020/mc-no-30-s-2020/#gsc.tab=0. 9 SEC (January 2021), Memorandum Circular No. 1 Series of 2021, BO Transparency Guidelines, www.sec.gov.ph/rcc￾mc/mc-no-01-s-2021/#gsc.tab=0

Page 3 of 12 II. Executive Summary 2.1 Based on the summary responses of banks and trust entities,10 the profile of their juridical customers predominantly consists of resident corporations. Most juridical customers are corporations (96 percent), while only four (4) percent are partnerships. These are mainly incorporated in the Philippines (99.6 percent) while less than one (1) percent are foreign entities, incorporated in the United Kingdom, United States of America, Hong Kong and Singapore. In terms of the nature of business of these corporations, 63 percent are into wholesale/retail trading, 24 percent in construction business, 11 percent are NGOs and two (2) percent are in the petroleum industry. 2.2 Given the increasing concern on the misuse and/or abuse of legal persons for ML/TF activities, BSFIs must remain vigilant in implementing beneficial ownership CDD and reinforce beneficial ownership transparency measures. The results of the TR indicate that BSFIs, in general, have established ML/TF/PF risk management policies and practices covering the identification, verification, sanctions screening, ongoing monitoring and updating of beneficial ownership information. Meanwhile, focus areas for improvement include (i) enhancing the BO identification process using “control lens” to complement identifying BO based on ownership; (ii) taking a multi-pronged approach in collecting BO information; and (iii) reinforcing a risk-based approach in verifying BO information. 2.3 As BSFIs deal with multitudes of customers, including legal persons and their financial transactions, a holistic process to identify BOs is crucial. In line with this, BO identification process should also consider the “control prong” or who exercises significant responsibility to control, manage or direct the legal entity, to complement BO identification using ownership threshold. Understanding the management and governance structure of a corporate client may help in identifying who has the ultimate effective control of the client.11 For instance, the power to appoint or dismiss a corporate officer and exercise management prerogatives are considered exercise of effective control by a BO. To reinforce the BO identification process, BSFIs should take a multi-pronged approach in obtaining BO information and implement risk-based verification process. Multi￾pronged approach considers several sources of BO information, such as the customer’s declaration and information held by registry or other alternative mechanisms. These sources supplement each other and will result in an improved quality of information. Risk-based verification requires enhancing the extent and/or frequency of verification measures on high-risk clients and reducing the same for low-risk clients. For instance, review of submitted documents may suffice to verify the BO information of low-risk clients, while cross checking with government records or other reliable databases may need to be performed to verify the BO information of high-risk clients. The effective and meaningful implementation of these approaches anchors on the strong support of the Board of Directors (BOD) and Senior Management (SM) to adopt the necessary policy, system or process enhancements, with the objective of protecting the BSFI from the ML/TF/PF risks posed by the misuse or abuse of legal persons. 2.4 BSFIs are urged to consider this Guidance Paper in benchmarking, refining and implementing bespoke policies and controls on beneficial ownership due diligence, as part of their overall ML/TF/PF risk mitigation strategy. 10 47 BSFIs across different types of financial institutions, representing at least 96 percent of the Philippine banking sector in terms of asset size. 11 AMLC (2018). AMLC Regulatory Issuance on Guidelines on Identifying Beneficial Ownership, www.amlc.gov.ph/images/PDFs/Guidelines%20on%20Identifying%20Beneficial%20Ownership.pdf

Page 4 of 12 III. Elements of Beneficial Ownership Due Diligence

1. BOD and SM Oversight. The BOD has the ultimate responsibility to comply with the AML/CTPF laws, rules and regulations, including the requirements on beneficial ownership due diligence. It shall ensure that ML/TF/PF risks are effectively managed, and the identified risks are appropriately mitigated by the BSFI’s enterprise risk management system.12 The BSFIs’ institutional risk assessment (IRA) should encompass ML/TF/PF risks arising from the respective operations, including the use of ambiguous ownership and corporate structure, as relevant. Anchored on the results of the IRA, BSFIs should take appropriate measures to manage and mitigate ML/TF/PF risks and take enhanced measures on identified high risks areas or customers, which should be articulated in its Money Laundering and Terrorist Financing Prevention Program (MTPP). The TR disclosed sound practices and areas for improvement on corporate governance and IRA, in relation to beneficial ownership due diligence requirements, as follows: Case Study 1. Institutional Risk Assessment In conducting its IRA, Bank A analyzed the threat posed by the BOs of its corporate customers. The IRA also considered the BO’s residence and the company’s place of incorporation as part of the geographical assessment.
2. Beneficial Ownership Identification and Verification. BSFIs are expected to identify the BO and take reasonable measures to verify his/her identity based on official documents or other relevant, reliable source of information or data. BSFIs should have a system to understand the nature of the customer’s business, including its ownership and control structure, particularly that of juridical persons or legal arrangements.13 Further, BSFIs are required to conduct sanctions screening 12 Section 911/911-Q of the MORB/MORNBFI. 13 Section 921/921-Q of the MORB/ MORNBFI Corporate Governance and IRA Process Good Practices Scope for Improvement • The BOD and SM have regular discussions, covering risk management policies and practices on BO, including: (i) due diligence requirements; (ii) instances of non-identification and non-verification of BOs; (iii) results of compliance testing and internal audits; (iv) suspicious transaction reports (STR) involving BOs; (v) compliance with freeze order/asset preservation order and bank inquiry order (FO/APO/BI); and (vi) record keeping. • The IRA covers key areas, such as (i) identification of threats associated with legal persons and legal arrangements, generally under the customer profile and geographic location; and (ii) assessment of BO-related internal controls in mitigating ML/TF/PF risks. • Enhance the reporting package to the BOD and SM to include, as applicable, root causes of non-identification and non￾validation of BOs, remediation strategies, as well as relationship management policies and procedures. • Expand the IRA to cover identification of the ML/TF/PF risks exposure and typologies associated with BOs, jurisdiction of incorporation, types of products and services availed, volume and value of customer transactions, and nature of abuse, as applicable.

Page 5 of 12 procedures for customers and their transactions, including BOs or any persons purporting to act on behalf of the customer, and their authorized signatories.14 Based on the TR, almost all BSFIs apply the 20 percent ownership threshold15 in determining BOs. Meanwhile, three (3) foreign banks adopt a more stringent threshold of 10 percent ownership for high-risk customers. The common sources of BO information are the GIS and client declaration using the BO declaration forms of the BSFI or similar documents. Under the Revised Corporation Code of the Philippines, corporations are mandated to declare their beneficial ownership information as part of the GIS, which are submitted annually to the SEC. The Philippine Stock Exchange (PSE), Cooperative Development Authority (CDA) and Department of Trade and Industry (DTI) may provide beneficial ownership information on publicly listed corporations, cooperatives, and sole proprietorships, respectively.16 Most domestic banks and trust entities have generally acceptable framework on beneficial ownership identification upon customer onboarding, requiring BO declaration from customers and validating BO information against the GIS. On the other hand, foreign banks have more robust framework in identifying and verifying BOs as they use other reliable sources (e.g., annual report and open searches and public registry abroad) to verify the declared BOs and delineate legal ownership or controlling interest. 14 Ibid, as amended by BSP Circular No. 1182, Series of 2023, dated 10 November 2023. 15 Based on Section 1, Rule 2 of the 2018 IRR of the AMLA, as amended, Section 904 and 904-Q of the MORB and MORNBFI, and Insurance Commission (IC) Circular IC No. 2019-65 16 2nd National Risk Assessment and 3rd Sectoral Risk Assessment, supra. 17 Section 904/904-Q of the MORB/MORNBFI Customer Onboarding Good Practices Scope for Improvement • Implements a framework to identify the BO of legal persons and business entities, which includes obtaining the required information and documents of BOs, and actions to be taken (e.g., denial of business relationship) if the BO was not properly identified or yields possible match during sanctions/targeted financial sanctions (TFS) screening. • Utilizes a BO form, either embedded in the account opening form or as a separate document, during onboarding, and requires submission of the GIS to validate the BO information. • Performs negative and watchlist screening on BOs and considers the beneficial ownership information in assessing the overall ML risk profile of the corporate customer. • Requires corporate customer to inform BSFIs of any changes in ownership or control structure throughout the life of the relationship. • On a risk-based approach, adopt a multi-pronged approach in collecting and verifying BO information from other independent, reliable sources, apart from client representation, such as annual report, third-party tools, and publicly available information using open source/internet searches. Additional validation procedures for identified high-risk customers and/or BOs may include conducting onsite visits, and interviews with competent company officers or personnel. • Obtain and verify the means and mechanisms through which the natural person(s) exercises control17 as BO, as applicable. • Identify juridical entities with common BOs, for better understanding of the profile and transactions of the customers. • Highlight policies and procedures in identifying and verifying BOs in the AML/CTPF training, including sample cases/schemes on use of

Page 6 of 12 Case Study 2. Declaration of BO Company A, incorporated in Hong Kong, is 100 percent owned by Company B, which was incorporated in Cayman Islands. Company B is owned by three (3) entities all incorporated in the British Virgin Islands, namely: Company C (13 percent), Company D (8 percent), Company E (4 percent) and other investors (75 percent), with the power of attorney granted to Mr. Z, a Filipino who owns 100 percent of Company C. Meanwhile, Companies D and E are both managed by Mr. Z. In the absence of a single person owning at least 20 percent of shares, Mr. Z was identified as the beneficial owner in terms of control. 3. Ongoing Monitoring of Customers, Accounts and Transactions. BSFIs shall, based on materiality and risk, ensure that pertinent identification information and documents collected during the CDD process, including beneficial ownership information, are kept up-to-date and relevant. This ensures that the customer’s risk profile is updated and the BSFI’s understanding of its customers are current. This informs the establishment and/or maintenance of a system that will enable the BSFI to understand the normal and reasonable account or business activities (e.g., commercial activities, risk profile, source of funds, expected transactions) of customers, and detect unusual or suspicious patterns of account activity.18 BSFIs are encouraged to disclose beneficial ownership information in filing suspicious transactions involving their corporate customers.19

18 Section 921/921-Q of the MORB/MORNBFI. 19 BSP Circular Letter No. CL-2021-069 disseminating AMLC Advisory on Disclosing BO Information in STRs Customer Onboarding Good Practices Scope for Improvement • Assigns a designated unit or point person responsible for ensuring that beneficial ownership information and documentation are adequate, complete and updated on a regular basis. dummy/front/shell companies and customers with complex or ambiguous corporate structure.

Page 7 of 12 BSFIs are expected to freeze, submit written returns, and file STRs on accounts subject of freeze orders as well as related accounts as directed therein.20 In case accounts in the name of BOs of corporate customers were verified as related accounts, BSFIs must likewise freeze and submit written returns, as directed in the FO, and file STRs thereon. If the BO of a juridical person is a designated person, the financial sanctions also apply to the said juridical person.21 Progress has been observed during the TR in terms of considering the BOs in the ongoing monitoring of customers, accounts and transactions. Some BSFIs have been conducting manual investigations and enhanced due diligence (EDD) on corporate customers whose BOs are subject of adverse news related to ML/TF/PF, STRs and FOs. 20 Section 4, Rule 10 Chapter III of the 2018 IRR of the AMLA, as amended. 21 AMLC (2021). 2021 Sanctions Guidelines. www.amlc.gov.ph/images/PDFs/2021%20SANCTIONS%20GUIDELINES.pdf; Section 921/921-Q of the MORB/ MORNBFI, as amended by BSP Circular No. 1182, Series of 2023. Ongoing Monitoring Good Practices Scope for Improvement • Updates BO information based on existing company policy. • Conducts periodic scrubbing of BOs, whether customer or non-customer, against sanctions and watchlist databases, and for this purpose, assigns a unique identification number to BOs or maintains a separate BO database. • Investigates and reports, as appropriate, suspicious accounts and/or transactions of juridical customers whose BOs were subject of adverse/negative news, STRs, and FO/APO, and vice versa. • In the presence of suspicious indicators on BOs, conducts EDD procedures on the BOs, files STR, and closely monitors their transactions. • Use a trigger-based approach to update beneficial ownership information, e.g., discovery of suspicious indicators and other risk factors on customers or their BO. Triggers for review may also include open-source investigative media reports (e.g., Panama and Pandora papers). • Update the BO’s current status in terms of ownership, control or company position periodically. • Adopt written policies, including red flag indicators on BOs for consistent implementation and proper guidance.

Page 8 of 12 Case Study 3. Impact of BO on the Company Account In August 20XX, Company H, engaged in recycling and treatment of waste products, opened a checking account. The GIS of Company H disclosed that Mr. W is the BO, owning 70 percent of the company. In November 20XX, a leading broadsheet identified Mr. W as one of the accused in a case involving rice smuggling. The accused allegedly used farmer organizations as dummies in the bidding of rice importations. The BSFI filed ZSTR on Company H, reclassified it as a high-risk client subject to closer monitoring. Case Study 4. Common BO of Corporate Customers In January 20XX, Mr. V opened a checking account under the name of Company I, which is engaged in the distribution of gaseous fuel and with gross annual income of Php120 million. Company I’s GIS showed that 78 percent of its shares are owned by Mr. V, who also owns Company J. In September 20XX, SEC issued an advisory against Company J for illegal investment scheme for enticing the public to invest by offering a co-franchising program. The BSFI filed an STR on Company I, reclassified the company as high-risk for closer monitoring.

Page 9 of 12 Case Study 5. Common BOs of Various Corporate Customers An STR was filed on a corporate customer whose BOs were subject of a complaint arising from an alleged investment selling activity without the necessary license. The BSFI conducted further investigation and identified five (5) other corporate customers which are also owned by the subject BOs, and reported these corporate customers in various STRs upon discovery. The customers were reclassified as high-risk for closer monitoring of their transactions. Case Study 6. Actions taken based on Public-Private Partnership Program (PPPP) and Negative News A BSFI, which subscribed to the AMLC’s information sharing protocol, received information on certain personalities/individuals allegedly involved in casino junket operations (CJOs). Based on the BSFI’s policy, CJOs are classified as high-risk clients for closer monitoring. The BSFI identified four (4) corporate accounts linked to two (2) personalities in the list. The declared businesses of these corporate customers were property leasing, diagnostic laboratory and holding company. Open-source research yielded little information on these companies. Further investigation revealed that two (2) other BOs of these corporations were identified in news articles as officers of an offshore gaming operator suspected by police authorities to be engaged in love scam, online games, and other online investment frauds, resulting in the arrest of more than 600 persons involved, both foreign nationals and Filipinos. STRs were filed on the four (4) corporate customers disclosing the BOs, and their accounts were immediately closed.

Page 10 of 12 Meanwhile, BSFIs have policies and procedures in place to investigate suspicious accounts and transactions including BOs of customers and comply with the requirements of TFS and FOs. 4. Record-keeping and Information Sharing. BSFIs are expected to adopt policies and procedures for the proper safekeeping of beneficial ownership information of customers22 and allow competent authorities to have access thereto as permitted by relevant laws and regulations.23 In general, BSFIs have existing record-keeping policies and practices, covering documentation of beneficial ownership information, as well as sharing to supervising authorities, the AMLC and law enforcement authorities (LEAs), to the extent allowed by existing relevant laws and regulations. In addition, the SEC and the AMLC promoted partnerships and implemented procedures for sharing beneficial ownership information with domestic and foreign competent authorities to strengthen the LEAs’ access to accurate and up-to-date BO information. BSFIs are encouraged to subscribe to the AMLC’s PPPP for ease of information exchange. 22 Section 924/924-Q of the MORB/MORNBFI 23 Section 11 of the AMLA, as amended, in relation to Section 3, Rule 11, Chapter III of the 2018 IRR of the AMLA, as amended. TFS and FO/APO Implementation Good Practices Scope for Improvement TFS • Adopts policies and procedures to freeze the BO account and/or report STR when a match is found. • Maintains BO database, either through assigning a separate customer information file (CIF) or manual build-up, and scrubs BOs of corporate customers, as part of the process to implement TFS requirements. Bank Inquiry/FO Handling • Conducts EDD, considers ST reporting, and includes BOs of corporate customers in the watchlist/blacklist database based on defined trigger events, such as being subject of bank inquiry or FO, negative news or previous STR; Performs similar procedures for corporate customers when their BOs are the subject of certain suspicious triggers. • Reports the BOs of juridical customers subject of FO/APO or corporations whose BOs are the subjects of FO/APO, as materially-linked accounts. • Scrubs the BO names included in the bank inquiry/FO against the customer database, including those not identified as accountholder of the BSFI. • Discloses BO information, e.g., business, address, citizenship, in the STR narratives. • Review the accounts of corporate customers subject of previous STRs to check BO information and file STR on the BO, as warranted. • Adopt proportionate policies and procedures to ensure that (1) BOs of corporate customers subject of STRs are included in the watchlist database; and (2) BO information is indicated in the STR narrative.

Page 11 of 12 5. Role of Self-assessment. The Compliance Office (CO) promotes the adoption and implementation of bespoke policies on beneficial ownership due diligence through the conduct compliance testing. The Internal Audit (IA), on the other hand, performs periodic and independent evaluation of the risk management system, degree of adherence to internal control mechanisms and adequacy and effectiveness of existing internal controls on beneficial ownership due diligence.24 IV. Conclusion and Way Forward The financial transactions of juridical entities, such as corporations, partnerships, foundations, as well as trusts and other types of legal persons and arrangements, coursed through banks and other financial institutions, contribute to the growth and development of the financial system. Recognizing this critical role of juridical entities, their unique separate legal personality can also be exploited for elaborate and complex schemes to conceal the true identity of the beneficial owners as well as the real nature or purpose of the transactions coursed through these corporate vehicles. As such, juridical entities can be misused or abused to facilitate various illegal activities, such as ML, TF or PF, and sanctions evasion. Criminals may hide behind the corporate veil to avoid detection, disguise their identity and/or conceal the real purpose, source or destination of financial transactions, to appear legitimate. Consequently, beneficial ownership due diligence plays an essential element of the ML/TF/PF risk management framework to effectively mitigate associated risks and prevent abuse or misuse of corporate vehicles for financial crime. It is imperative that BSFIs, through the proper conduct of IRA, continue to understand their respective risk exposures to crimes and criminal proceeds hidden through shell companies and complex corporate structures, and assess the suitability of corresponding measures and controls on beneficial ownership due diligence. The results of the IRA must inform their risk mitigation strategies. The TR disclosed the maturing understanding by BSFIs of the importance of beneficial ownership due diligence, as manifested in their clear-cut policies and processes for BO identification and verification, ongoing monitoring of transactions and accounts, and disclosure of relevant information in ST reporting. Moving forward, identifying BOs using 24 Section 911/911-Q of the MORB/MORNBFI. Compliance Testing and Internal Audit Good Practices Scope for Improvement Covers BO identification and verification procedures in the risk-based compliance testing and internal audit, encompassing the following, among others:

• Controls for gathering required information and documents to identify BO and documenting ownership structure;
• Process for watchlist screening and periodic scrubbing of BOs and implementing prescribed actions in case of matches; and
• Assessing the risk profile of juridical entities, taking into account the BO information and profile. • Consider the following in developing risk￾based audit and compliance testing for beneficial ownership due diligence:
• Risk-based verification procedures on BOs;
• Compliance with FO/APO on corporate customers and their BOs; and
• Transaction monitoring and ST reporting of corporate customers and BOs. • Improve root cause analysis of non￾identification and non-validation of BOs during onboarding and updating, for better remediation process.

Page 12 of 12 control lens, along with ownership threshold, taking a multi-pronged approach in collecting BO information and reinforcing a risk-based approach in verifying BO information, will further reinforce the risk management posture of the BSFIs to curb illegal activities coursed through corporate vehicles. Policies, processes, systems and procedures that will support the implementation of these approaches are anchored on the strong commitment and support of the BOD and SM. This should be coupled with continuous and bespoke training program for all concerned personnel. Meanwhile, challenges related to achieving accurate, updated, and timely BO information, as well as access of LEAs to beneficial ownership information, are being addressed through a whole-of-nation approach, particularly the promotion of corporate registration on SEC’s eFAST facility and submission of GIS with BO declaration, sustained outreach program, and proportionate enforcement action against delinquent corporations. These demonstrate the multi-dimensional approach towards improving the BO information and verification process in the country, with the goal of preventing the misuse of juridical entities, trusts, and the financial services for unlawful activity, and maintaining the integrity of the country’s financial system. This is anchored on the continuous collaboration and coordination of strategies and efforts of all concerned stakeholders, including the BSFIs, the supervisors and relevant government agencies.