Notice No. 02/2024 of 22 March

PUBLICADO NO DIÁRIO DA REPÚBLICA, I SÉRIE, N.º 56, DE 22 DE MARÇO DE 2024 AVISO N.º 02/2024 ASSUNTO: SISTEMA FINANCEIRO

• Rules for the Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction

Whereas it is necessary to adjust the regulatory framework regarding rules and procedures for the Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction that Financial Institutions must observe, in accordance with Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction; In accordance with the combined provisions of paragraph 2 of Article 57 of Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction, Article 23 of Law No. 14/21 of 19 May, the General Regime for Financial Institutions Law, with paragraph f) of paragraph 1 of Article 31 and paragraph 1 of Article 98, both of Law No. 24/21 of 18 October, the National Bank of Angola Law; HEREBY DETERMINE:

CHAPTER I General Provisions

Article 1. (Subject Matter) This Notice establishes the rules and procedures for the effective implementation of the conditions for exercise, instruments, mechanisms, formalities and information reporting inherent to the Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction, in accordance with Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction.

Article 2. (Scope) This Notice applies to Financial Institutions supervised by the Banco Nacional de Angola, as provided for in paragraphs 2 and 3 of Article 7 of Law No. 14/21 of 19 May, the General Regime for Financial Institutions Law.

Article 3. (Definitions) Without prejudice to the definitions established in Article 3 of Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction, for the purposes of this Notice, it is understood that: a) Money Laundering - is the process by which perpetrators of criminal activities conceal the origin of assets and income (benefits) obtained illicitly, transforming liquidity from these activities into legally reusable capital, through the concealment of the origin or true owner of funds; b) Client - an individual or legal person, national or foreign, public or private, affiliated or not, who enters into an account opening contract with a Financial Institution to which the latter makes financial products and services available; c) Compliance Officer - responsible for coordinating and monitoring the implementation of the money laundering, terrorism financing and proliferation of weapons of mass destruction prevention system, including respective internal control procedures, as well as for centralizing information and reporting operations susceptible to money laundering, terrorism financing and proliferation of weapons of mass destruction to the Financial Intelligence Unit (FIU) and other competent authorities; d) Employee - any individual who, in the name or on behalf of a Financial Institution and under its authority or dependency, participates in the execution of any operations, acts or procedures inherent to the activity pursued by that institution, regardless of whether they have a labor relationship (internal employee) or not (external employee); e) Suspicious Operations - any act by a client that indicates or constitutes an attempt to conceal or disguise the nature, origin, location or ownership of assets, rights or values derived directly or indirectly from a crime, with the aim of giving them a lawful appearance; and, f) Representative - one who legally represents the client, as well as any attorney-in-fact, agent, manager of affairs or any other qualified person, acting alone or together with other representatives before the obliged entities in the name and on behalf of the client.

Article 4. (Account Opening) Financial Institutions must not proceed with the opening and maintenance of anonymous or obviously fictitious name accounts.

CHAPTER II Obligations of Financial Institutions Section I Risk Assessment Obligation

Article 5. (Conduct and Review of Institutional Risk Assessment)

1. Financial Institutions must conduct risk assessments at intervals not exceeding 12 (twelve) months, in accordance with Article 9 of Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction.
2. Without prejudice to the preceding paragraph, the assessment interval may be extended up to 24 (twenty-four) months whenever the nature, size and complexity of the activity justify it, as well as when specific operational reality or business/product area presents lower exposure to money laundering, terrorism financing and proliferation of weapons of mass destruction risks.
3. Institutional risk assessments must always consider the results of the National and Sectoral Risk Assessment.
4. Financial Institutions must ensure that the risk assessment results referred to in the preceding paragraphs are reflected and effectively implemented in their internal risk management and mitigation policies and procedures.
5. Financial Institutions must create information mechanisms regarding the policies, procedures and any other risk management and mitigation measures for relevant business units and/or employees.
6. Financial Institutions must, whenever necessary, conduct periodic, regular or extraordinary tests on their risk management and mitigation measures, policies and procedures, as well as be subject to internal control structure audits.
7. For the purposes of the preceding paragraph, identified deficiencies must be known to the Compliance Officer for necessary adjustments.

Article 6. (Exemption or Simplification of Institutional Risk Assessments) The Banco Nacional de Angola may exempt or allow the simplification of institutional risk assessments and define alternative procedures when the nature, size and complexity of the activity developed by Financial Institutions or the result of national or sectoral risk assessments conducted by competent authorities justify it.

Article 7. (Information Sources)

1. For the identification, assessment and mitigation of concrete money laundering, terrorism financing and proliferation of weapons of mass destruction risks, Financial Institutions must rely on reputable, credible and diversified information sources regarding their origin and nature.
2. Without prejudice to the preceding paragraph, Financial Institutions may rely on other information sources, namely: a) Information, guidelines and alerts issued or disseminated by the Banco Nacional de Angola, related to specific or emerging risk typologies and methods of identification or indicators of suspicion; b) Information, guidelines and alerts from the Financial Intelligence Unit (FIU) or law enforcement authorities, related to specific, emerging risk typologies and methods of identification or indicators of suspicion; c) Information, guidelines and alerts issued by the Government, related to money laundering, terrorism financing and proliferation of weapons of mass destruction prevention; d) Information resulting from the national risk assessment; e) Lists issued by public bodies, notably those with relevant political or public functions or their holders, when they exist; f) Internal analyses and documents of Financial Institutions, including information collected during identification and due diligence procedures, as well as internally developed and updated lists and databases; g) Independent and credible information from civil society or international organizations, such as: i. Corruption indices or specific assessment reports on jurisdictions where the Financial Institution operates; ii. Other publicly disclosed reports or documents on corruption levels and income associated with political or public functions in a given country or jurisdiction; and, iii. Mutual Evaluation Reports of the Financial Action Task Force (FATF) or its regional bodies; and, iv. Any other lists issued by internationally relevant organizations. h) Information from the internet and media, provided they are of independent and credible source; i) Information contained in databases, lists, risk reports and other analyses from commercial sources available on the market; j) Official statistical data of national or international origin; k) Relevant academic output; and, l) Information provided by other Financial Institutions or institutions of a similar nature, to the extent legally admissible.
3. Financial Institutions must adapt their use of the information sources mentioned in the preceding paragraph to their specific operational reality, considering at least the risks identified in paragraph 1 of Article 9 and Article 10, both of Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction.

Article 8. (IT Tools and Applications)

1. For risk assessment, management and mitigation purposes, Financial Institutions must implement IT tools or applications that are instrumental or auxiliary for fulfilling the obligations and duties provided in Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction.
2. The IT tools and applications referred to in the preceding paragraph must, at least, allow: a) Registration of identifying data and other elements regarding clients, their representatives and beneficial owners, as well as respective updates; b) Subsequent parametrization upon identification of circumstances susceptible to updating identifying data and other elements; c) Definition and update of the risk profile associated with clients, business relationships, occasional transactions and operations in general; d) Monitoring of clients and transactions against identified risks, including timely identification of: i. Relevant changes to the operational pattern of a given client or related group of clients; and, ii. Transactions or set of operations that exhibit characteristics indicating suspicion. e) Identification of politically exposed persons (PEPs) or holders of other political or public offices, as well as any other specific quality that should motivate the intervention of a senior management member or another higher-level executive; f) Identification of any persons or entities subject to restrictive measures, notably those arising from United Nations Security Council Resolutions, or other considered relevant; g) Blocking, suspension or non-processing of a business relationship, as well as the execution of an occasional transaction or operation in general, whenever dependent on the intervention of a senior management member or another higher-level executive; h) Timely extraction of reliable and understandable information supporting analysis and decision-making by relevant internal structures, as well as the exercise of legally mandated reporting and collaboration obligations; i) Generation of alerts for updating identifying data and elements, as well as informing the client at least 15 (fifteen) days before the validity period expires; j) Restriction of debit movements in situations with outdated client data and identifying elements; and, k) Immediate removal of debit movement restrictions as soon as clients provide the required information.
3. Without prejudice to the preceding paragraph, Financial Institutions must also adopt tools and applications that allow: a) Assessing the quality of "holder of another political or public office" before establishing a business relationship or executing an occasional transaction, as well as subsequent acquisition of that quality during the business relationship; and, b) Permanently identifying the risk level associated with business relationships and occasional transactions, as well as changes in that risk level during the business relationship.
4. For the purposes of paragraph 2(g), blocking or suspension of operations occurs when: i. The Institution detects a suspicious operation or set of operations; and, ii. The Financial Institution must comply with freezing obligations arising from financial sanctions referred to in paragraph 2(f).
5. The IT tools and information systems referred to in paragraphs 2 and 3 must be proportional to the nature, size and complexity of the Financial Institution's activity, as well as to the risks associated with each business area.
6. Upon cessation of any functions referred to in paragraphs 2 and 3, the Financial Institution adopts procedures to assess whether its clients continue to represent an increased risk of money laundering, terrorism financing and proliferation of weapons of mass destruction, based on their profile and nature of operations before and after the said cessation.
7. Financial Institutions ensure that the adoption of IT tools and applications guarantees their integral and immediate access, whenever requested by the Banco Nacional de Angola.
8. Whenever financial capacity, business volume, activity risk and mitigation capacity prove compliance with money laundering, terrorism financing and proliferation of weapons of mass destruction prevention obligations justify it, a Non-Bank Financial Institution may request the Banco Nacional de Angola for exemption from implementing IT applications, as provided in paragraph 1 of this article.

Section II Identification and Due Diligence Obligation

Article 9. (Acquisition and Verification of Client Identification)

1. Financial Institutions must obtain and retain information regarding clients, their representatives and beneficial owners before the start of the business relationship, requesting at minimum the following elements: a) Individuals: i. Full name and signature; ii. Date of birth; iii. Nationality; iv. Full residential address or, if not possible, any other contacts considered valid by the Financial Institution; v. Profession and employer, where applicable; vi. Identification document used, identification number, validity date, issuing entity; and, vii. Nature and amount of income. b) Legal Persons or Entities without Legal Personality: i. Full corporate name of the legal person or entity without legal personality; ii. Corporate object and nature of business; iii. Registered office address, location where management bodies exercise their activity, representative office or permanent establishment; iv. Tax Identification Number (TIN); v. Commercial Registry Registration Number; vi. Identity of capital participation holders in the corporate structure of the legal person; and, vii. Identity of members of the administrative body or equivalent, as well as other relevant senior management with management powers; viii. Identity of the legal person's attorneys-in-fact and respective mandates. c) Regarding individual traders, elements necessary to initiate the business relationship include the Tax Identification Number (TIN), corporate name, registered office and corporate object, in addition to the identification elements referred to in paragraph 1(a); d) Regarding real estate condominiums under horizontal property regime and autonomous patrimony, contracted under general legislation, the regime provided for in paragraph 1(b) applies with necessary adaptations; and, e) In commercial companies in the process of incorporation, account opening and movement are regulated by applicable legislation.
2. Verification of information must be proven through presentation of the following valid documents, containing the identifying elements provided in the preceding paragraph: a) Individuals: i. The identification elements mentioned in sub-items i), ii) and iii) of paragraph 1(a) must be verified through presentation of a valid identification document issued by the competent authority, containing photograph, full name, date of birth and nationality; ii. Full residential address, profession, respective employer (where applicable) must be proven through any document, means or procedure considered valid, reputable and sufficient to demonstrate the provided information; and, iii. The identification element mentioned in sub-item vii) of paragraph 1(a) must be verified through presentation of a salary declaration/receipt, contract or equivalent reputable document. b) Legal Persons or Entities without Legal Personality: i. For resident legal persons or entities, the identification elements mentioned in sub-items i., ii., iii. and v) of paragraph 1(b) must be verified through presentation of a commercial registry certificate issued by the Commercial Registry Office or other public document proving it, namely the Official Gazette copy containing the Statutes publication or notarial deed of incorporation; ii. For non-resident legal persons or entities, the identification elements mentioned in sub-items i., ii. and iii) of paragraph 1(b) must be verified through presentation of a commercial registry certificate or other valid public document, duly certified by competent authorities of the country of residence, and authenticated by the Angolan consular representation in the country of origin; iii. The identification element mentioned in sub-item iv) of paragraph 1(b) must be verified through presentation of the Tax Identification Card or equivalent issued by the General Tax Administration of the Ministry of Finance; iv. The identification elements mentioned in sub-item vi) of paragraph 1(b) must be proven through presentation of the constituent general assembly minutes as well as amendment minutes to shareholder or partner structure; and, v. The identification element mentioned in sub-item vii) of paragraph 1(b) must be proven through presentation of identification elements of attorneys-in-fact, as well as power of attorney or other legally admissible document conferring mandate. c) In business relationships on behalf of minors who, due to age, do not hold any documents referred to in paragraph 2(a), verification of the minor's identification elements must be carried out by presenting a personal ID card, if resident foreign national or, if non-resident foreign national, by an equivalent public document presented by who demonstrates legitimacy as their legal representative for establishing the business relationship, with respective identity verified at the start of the business relationship.
3. The identification and verification obligations mentioned in paragraphs 1 and 2 of this article also apply to existing clients, according to the relevance of the operation and money laundering/terrorism financing risk.

Article 10. (Timing of Identity Verification) For the purposes of Article 12 of Law No. 05/20 of 27 January, the Law on Prevention and Combating of Money Laundering, Terrorism Financing and Proliferation of Weapons of Mass Destruction, whenever verification of client identity and information is postponed to a moment subsequent to the start of the business relationship, it must occur within 15 (fifteen) days from the start of said business relationship.

Article 11. (Occasional Transactions)

1. Financial Institutions must obtain and retain information whenever, in person or remotely, a client intends to perform occasional transactions whose amount exceeds USD 15,000.00 (fifteen thousand United States dollars), regardless of whether the transaction is carried out through a single operation or multiple operations that appear related.
2. Related operations are considered, among others, those observing one of the following conditions: a) Multiple senders to the same beneficiary; and, b) One sender to multiple beneficiaries.
3. Financial Institutions must, at minimum, require the identification elements and respective supporting documents mentioned in paragraphs 1 and 2 of Article 9 of this Notice, from the person or entity intending to perform the transaction, and where applicable, their representatives and beneficial owners, namely: