LogoRegulatory Alerts
2024-03-22

Notice No. 02/2024 on Rules for Preventing and Combating Money Laundering, Terrorist Financing and Proliferation

The National Bank of Angola issued Notice No. 02/2024 to establish comprehensive rules and procedures for financial institutions under its supervision regarding money laundering, terrorist financing, and proliferation of weapons of mass destruction. The regulation mandates periodic institutional risk assessments, strict customer identification and due diligence processes, and the implementation of proportional IT tools to monitor transactions and manage risks. It defines key compliance roles, information sources, and reporting obligations to ensure effective risk mitigation while allowing simplified procedures for smaller or lower-risk institutions.

Banco Nacional de Angola logo

Angola

Banco Nacional de Angola

Click to view thumbnail

PUBLISHED IN THE OFFICIAL GAZETTE, SERIES I, NO. 56, OF 22 MARCH 2024 NOTICE NO. 02/2024 SUBJECT: FINANCIAL SYSTEM

  • Rules for Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction Considering that there is a need to adjust the regulatory framework on rules and procedures for the Prevention and Combating of Money Laundering, Terrorist Financing and the Proliferation of Weapons of Mass Destruction that Financial Institutions must comply with, pursuant to the provisions of Law No. 05/20, of 27 January, Law on the Prevention and Combating of Money Laundering, on the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction; Under the combined provisions of paragraph 2 of article 57 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, article 23 of Law no. 14/21, of 19 May, Law on the General Regime of Financial Institutions, with Article 31(1)(f) and Article 98(1), both of Law No. 24/21, of 18 October, Law of the National Bank of Angola; I HEREBY DETERMINE: CHAPTER I General Provisions Article 1 (Object) This Notice establishes the rules and procedures for the effective implementation of the conditions for the exercise, instruments, mechanisms, formalities and provision of information, inherent to the Prevention and Combating of Money Laundering, the Financing of Terrorism and the Proliferation of Weapons of Destruction

under the terms of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction. Article 2 (Scope) This Notice applies to Financial Institutions under the supervision of the National Bank of Angola, provided for in paragraphs 2 and 3 of article 7 of Law no. 14/21, of 19 May, Law on the General Regime of Financial Institutions. Article 3 (Definitions) Without prejudice to the definitions set out in article 3 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, for the purposes of this Notice, the following definitions shall apply: a) Money Laundering - the process by which the perpetrators of criminal activities conceal the origin of illicitly obtained assets and income (advantages), transforming the liquidity from these activities into legally reusable capital by concealing the origin or the true owner of the funds; b) Customer - singular or collective person, national or foreign, public or private, affiliated or not, who enters into an account opening agreement with a Financial Institution to which the latter makes financial products and services available; c) Compliance Officer - responsible for coordinating and monitoring the implementation of the system for the prevention of money laundering, terrorist financing and proliferation of weapons of mass destruction, including the respective internal control procedures, as well as for the centralization of information and communication of operations susceptible to money laundering, terrorist financing and proliferation of weapons of mass destruction to the Financial Intelligence Unit (FIU) and other competent authorities; d) Collaborator - any natural person who, on behalf of or in the interest of

Financial Institution and under its authority or its dependence, participates in the execution of any operations, acts or procedures specific to the activity pursued by it, regardless of whether it has an employment relationship with it (internal collaborator) or not (external collaborator); e) Suspicious Transactions - any and all acts of a client that indicate or constitute an attempt to conceal or conceal the nature, origin, location, or ownership of goods, rights, or values arising directly or indirectly from the commission of a crime, with the intent to give them a lawful appearance; and, f) Representative - the one who legally represents the client, as well as any attorney-in-fact, agent, business manager, or any other person empowered, alone or jointly with other representatives, to act before the subject entities in the name and on behalf of the client. Article 4 (Account Opening) Financial Institutions must not open and maintain anonymous accounts or under fictitious names. CHAPTER II Obligations of Financial Institutions Section I Obligation of Risk Assessment Article 5 (Realization and Review of the Institutional Risk Assessment)

  1. Financial Institutions shall carry out risk assessments, at a frequency of not less than twelve (12) months, pursuant to the provisions of article 9 of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction.
  2. Without prejudice to the provisions of the previous paragraph, the periodicity of the evaluation may be increased up to 24 (twenty-four) months, whenever the nature, size, and

the complexity of the activity justifies it, as well as the specific operational reality or the business area or product in question presents a lower exposure to risks of money laundering, terrorist financing and the proliferation of weapons of mass destruction. 3. Institutional risk assessments should always consider the result of the National and Sectoral Risk Assessment. 4. Financial Institutions shall ensure that the results of the risk assessment referred to in the previous paragraphs are reflected and effectively implemented in their internal risk management and mitigation policies and procedures. 5. Financial Institutions shall establish mechanisms for information on the policies, procedures, and any other measures to manage and mitigate the identified risks for the relevant business units and/or employees. 6. Financial institutions shall, whenever necessary, carry out periodic, regular, or extraordinary tests on their risk management and mitigation measures, policies, and procedures, as well as being subject to the supervision of the internal control structure. 7. For the purposes of the provisions of the previous number, the deficiencies identified must be reported to the Compliance Officer so that the necessary adjustments can be made. Article 6 (Waiver or Simplification of Institutional Risk Assessments) The National Bank of Angola may dispense with or allow the simplification of institutional risk assessments and define alternative procedures when the nature, size, and complexity of the activity carried out by the Financial Institutions or the result of the national or sectoral risk assessment, carried out by the competent authorities, justify it. Article 7 (Sources of Information)

  1. For the identification, assessment, and mitigation of the concrete risks of money laundering, terrorist financing, and the proliferation of weapons of mass destruction, Financial Institutions must resort to

sources of information that are suitable, credible, and diversified in relation to their origin and nature. 2. Without prejudice to the provisions of the previous paragraph, Financial Institutions may use other sources of information, namely: a) Information, guidelines, and alerts issued or broadcasted by the National Bank of Angola, related to the typologies and methods of identifying specific or emerging risks or indicators of suspicion; b) Information, guidelines, and alerts from the Financial Intelligence Unit (FIU) or law enforcement authorities, related to the typologies and methods of identifying specific, emerging risks or indicators of suspicion; c) Information, guidance, and alerts issued by the Government, related to the prevention of money laundering, terrorist financing, and the proliferation of weapons of mass destruction; d) Information resulting from the national risk assessment; e) Lists issued by public bodies, particularly those with relevant political or public functions, or their respective holders, where they exist; f) Internal analyses and documents of Financial Institutions, including information collected during identification and due diligence procedures, as well as internally prepared and updated lists and databases; g) Independent and credible information from civil society or international organizations, such as: i. Corruption indices or specific assessment reports on jurisdictions where the Financial Institution operates; ii. Other publicly disclosed reports or documents on the levels of corruption and income associated with the performance of political or public functions in a particular country or jurisdiction; and iii. mutual evaluation reports of the Financial Action Task Force or its regional representations; and

iv. Any Other Lists Issued by internationally relevant organizations. h) Information from the internet and the media, provided that it is from an independent and credible source; i) Information contained in databases, lists, risk reports, and other analyses from commercially available sources on the market; j) Official statistical data of national or international origin; k) Relevant academic production; and l) Information made available by other Financial Institutions or Institutions of a similar nature, to the extent legally permissible. 3. Financial Institutions must adapt the use of the sources of information mentioned in the previous paragraph to their specific operational reality, taking into account, at least, the risks identified in article 9 (1) and article 10, both of Law no. 05/20, of 27 January, Law on the Prevention and Combating of Money Laundering, on the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction. Article 8 (Computer Tools and Applications)

  1. To assess, manage, and mitigate their risk, financial institutions must implement tools or IT applications that are instrumental or auxiliary to fulfilling the obligations and duties laid down in Law no. 05/20, of 27 January, the Law on Preventing and Combating Money Laundering, the Financing of Terrorism, and the Proliferation of Weapons of Mass Destruction.
  2. The IT tools and applications referred to in the preceding paragraph shall at least allow: a) The registration of identification data and other elements relating to customers, their representatives, and beneficial owners, as well as the respective updates; b) The subsequent parameterization through the identification of circumstances that may be able to update identification data and other elements; c) The definition and updating of the risk profile associated with customers, business relationships,

occasional transactions and operations in general; d) Monitoring of customers and transactions against identified risks, including the timely identification of: i. Relevant changes to the operating pattern of a given customer or group of related customers; and ii. Transactions or set of operations that denote elements characterizing suspicion. e) the identification of the status of a politically exposed person or holder of another political or public office, as well as any other specific capacity that should motivate the intervention of a member of senior management or other member of a higher hierarchical level; f) The identification of any persons or entities identified in restrictive measures, namely those resulting from the United Nations Security Council Resolution or others considered relevant; g) The blocking, suspension, or non-continuation of a business relationship, as well as the execution of an occasional transaction or operation in general, where they depend on the intervention of a member of senior management or another member of a higher hierarchical level; h) The timely extraction of reliable and comprehensible information that supports the analysis and decision-making by the relevant internal structures, as well as the exercise of the communication and collaboration obligations provided for by law; i) Generate alerts to update data and identifying elements, as well as inform the customer at least 15 (fifteen) days before the expiration date; j) The restriction of debit transactions in situations of accounts with outdated data and identification elements; and k) The immediate removal of the restriction on debit transactions, as soon as customers provide the information. 3. Without prejudice to the provisions of the previous paragraph, Financial Institutions must also adopt tools and applications that allow: a) Assess the status of "holder of another political or public office" before the

establishment of the business relationship or the completion of the occasional transaction, as well as the subsequent acquisition of that quality in the course of the business relationship; and b) To permanently identify the degree of risk associated with business relationships and occasional transactions, as well as changes in that degree of risk during the course of the business relationship. 4. For the purposes of paragraph 2(g) of this Article, the blocking or suspension of the performance of operations or set of operations occurs when: i. the institution detects a suspicious transaction or set of transactions; and ii. The Financial Institution shall comply with the freezing obligations arising from the financial sanctions referred to in paragraph 2(f) of this Article. 5. the information tools and systems referred to in paragraphs 2 and 3 of this article must be proportional to the nature, size, and complexity of the Financial Institution's activity and the risks associated with each of the respective business areas. 6. After the termination of any of the functionalities referred to in paragraphs 2 and 3 of this article, the Financial Institution shall adopt procedures with the aim of assessing whether its customers continue to represent an increased risk of money laundering, terrorist financing and proliferation of weapons of mass destruction, depending on their profile and the nature of the operations carried out before and after said termination. 7. Financial Institutions ensure that the adoption of computer tools and applications is done in order to guarantee full and immediate access whenever requested by the National Bank of Angola. 8. Whenever the financial capacity, turnover, risk of activity and mitigation capacity, proof of compliance with the obligations in terms of prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction justify it, the Non-Banking Financial Institution may request the National Bank of Angola to waive the implementation of computer applications, as provided for in paragraph 1 of this Article.

Section II Obligation of Identification and Due Diligence Article 9 (Obtaining and Verifying Customer Identification)

  1. Financial Institutions must obtain and store information on customers, their representatives, and beneficial owners before the start of the business relationship, and must request, at least, the following elements: a) Natural: i. Full name and signature; ii. Date of birth; iii. Nationality; iv. Full address of the residence or, if not possible, any other contacts considered valid by the Financial Institution; v. Profession and employer, if any; vi. Identification document used, identification number, expiration date of issuing entity; and vii. Nature and amount of income. b) Legal Persons or Entities without Legal Personality: i. Full company name of the legal person or entity without legal personality; ii. Corporate purpose and nature of the business; iii. Address of the head office, place where the management bodies carry out their activity, representative office or permanent establishment; iv. Tax Identification Number (NIF); v. Commercial Registry Registration Number; vi. Identity of the holders of shares in the capital of the corporate structure of the legal person; and vii. Identity of the members of the management body or equivalent body, as well as other relevant senior staff with management powers; viii. Identity of the legal person's attorneys and mandate.

c) In relation to sole traders, the elements necessary to start the business relationship include the Tax Identification Number (NIF), the company name, the registered office, and the corporate purpose, in addition to the identification elements referred to in paragraph a) of number 1 of this article; d) In relation to condominiums of real estate, under the horizontal property regime and autonomous assets, contracted under the terms of the legislation in general, the regime provided for in paragraph b) of paragraph 1 of this article shall apply, with the necessary adaptations; and e) For commercial companies in the process of incorporation, the opening and operation of accounts is regulated by the applicable legislation.

  1. Verification of the information must be proven by presenting the following valid documents, which include the identifying elements provided for in the previous number: a) Individuals: i. The identification elements mentioned in items i), ii), and iii) of paragraph a) of number 1 must be verified by presenting a valid identification document issued by the competent body, which includes a photograph, full name, date of birth, and nationality; ii. The complete address of the residence, the profession, and the respective employer, if any, must be proven by any document, means, or diligence considered valid, suitable, and sufficient to demonstrate the information provided; and iii. The identification element mentioned in subparagraph vii of paragraph a) of number 1 of this article must be verified by presenting a declaration/receipt of salary, contract, or suitable equivalent document. b) Collective Entities or Entities without Legal Personality: i. In the case of legal persons or entities without legal personality who are residents, the identification elements referred to in paragraphs i., ii., iii. and v. of paragraph 1 (b) of this article shall be verified by presenting the certificate of registration

issued by the Commercial Registry Office or other public supporting document, namely a copy of the Official Gazette containing the publication of the Statute or notarial certificate of deed of incorporation; ii. a non-resident legal persons or entities without legal personality, the identification details referred to in paragraph 1(b)(i) and (iii) of this article shall be verified by the production of proof of commercial registration or other valid public document duly certified by the competent authorities of the country of residence, and authenticated by the Angolan consular representation in the country of origin; iii. The identification information mentioned in item iv. of paragraph b) of number 1 of this article must be verified by presenting the Tax Identification Card or equivalent issued by the General Tax Administration of the Ministry of Finance; iv. Identification Documents mentioned in subparagraph vi of paragraph b) of number 1 of this article must be proven by presenting the minutes of the constituent general meeting as well as the minutes of the change in the shareholder or partners' structure; and, v. The identification mentioned in item vii. of paragraph b) of paragraph 1 of this article must be proven by presenting the identification elements of the attorneys-in-fact, as well as a power of attorney or other legally admissible document to confer a mandate. c) business relationship on behalf of minors who, due to their age, do not hold any of the documents referred to in paragraph a) of number 2 of this article, the proof of the respective identification elements of the minor must be made by showing a personal card, if he is a foreign exchange resident or in the case of a non-foreign exchange resident, by equivalent public document, to be presented by whom

demonstrates legitimacy as its legal representative for establishing the business relationship, and the respective identity of the same must be verified at the beginning of the business relationship. 2. Identification and verification obligations referred to in numbers 1 and 2 of this Article shall also apply to existing customers, depending on the relevance of the transaction and the risk of money laundering and terrorist financing. Article 10 (Moment of Identity Verification) For the purposes of article 12 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction, whenever the verification of the customer's identity and information is postponed to a time after the beginning of the business relationship, it must occur within fifteen (15) days from the beginning of the business relationship. Article 11 (Occasional Transactions)

  1. Financial Institutions must obtain and store the information whenever, in person or remotely, a customer intends to carry out occasional transactions, the amount of which is greater in national currency or other, than the equivalent of USD 15,000.00 (fifteen thousand United States dollars), regardless of whether the transaction is carried out through a single operation or several operations that appear to be related.
  2. Operations related to, among others, those that comply with one of the following conditions are considered: a) Several senders for the same beneficiary; and b) One sender for multiple beneficiaries.
  3. Financial Institutions shall, at the very least, require the identification elements and respective supporting documents, mentioned in article 9 (1) and (2) of this Notice, to the person or entity intending to carry out the transaction, and if applicable to their representatives and beneficial owners, namely:

a) Natural Persons: elements provided for in article 9 (2) of this Notice; b) Legal Persons: elements provided for in article 9 (2) (b) of this Notice; c) Sole traders: elements provided for in article 9 (1) (c) of this Notice; and d) Condominiums of Properties under the Horizontal Property Regime and Autonomous Heritage: elements provided for in article 9 (1) (d) of this Notice. 4. Whenever occasional transactions are requested on behalf of minors who, due to their age, do not hold any of the documents referred to in article 9 (2) (a) of this Notice, the proof of the respective identification elements of the minor must be made by showing a personal card if the minor is a foreign exchange resident, or equivalent public document if he/she is a non-exchange resident, to be presented by a person who demonstrates legitimacy as his/her legal representative, to carry out the occasional transaction, and his/her identity must be verified at the time of the occasional transaction. Article 12 (Qualification Criteria of the Beneficial Owner)

  1. Without prejudice to the provisions of Article 3(9)(a) of Law No. 5/20 of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, and whenever there are doubts about the identification of the Beneficial Owner, Financial Institutions, when carrying out diligences relating to legal persons, shall adopt, to measure that quality, a multifaceted approach that includes the following elements: a) Identify and verify the natural person or persons who have ultimate control of a legal person, through the use of other means of influence, other than shareholdings; b) Identify the natural person who occupies the relevant management function of the legal person; c) Where it is a question of centres of collective interests without legal personality

the Financial Institutions must identify and verify the natural person or persons who are founders, directors, or trustees; d) Identify the natural person on whose behalf a transaction is being carried out; and e) Without prejudice to the provisions of the preceding paragraphs, Financial Institutions shall carry out customer due diligence when identifying and verifying the Beneficial Owner, in particular at the integration stage, based on the risk assessment of the customer and its Beneficial Owner, and shall take all reasonable steps to verify the information on the Beneficial Owner. Article 13 (Mechanisms for Identifying the Beneficial Owner)

  1. Financial Institutions must collect identification information in accordance with Article 9 (1) (a) of this Notice.
  2. The verification of the identification elements of the customer's beneficial owners is carried out in accordance with the provisions of article 9 (2) of this Notice, whenever the customer, its beneficial owners, the business relationship, or operation represent an increased risk of money laundering or terrorist financing;
  3. In cases with a proven low risk of money laundering and terrorist financing, Financial Institutions may allow the verification of the identification elements of the beneficial owners based on a statement issued by the customer or by whoever legally represents him. Article 14 (Duty of Continuous Monitoring)
  4. For the purposes of continuous monitoring of the business relationship, and depending on the risk assessment of money laundering, terrorist financing and proliferation of weapons of mass destruction of each client, as well as the risk profiles, Financial Institutions must request the following information:

a) Nature and details of the business, position, or employment; b) Registration of changes of domicile; c) Origin and destination of funds to be used in the business relationship; d) Origin of initial and continuous income; and e) Proof of relations between signatories and their beneficial owners. 2. Whenever deemed necessary, financial institutions should request additional information from customers, namely proof of source of funds, annual reports and accounts, as well as other complementary documents, depending on the transactions made by customers and the result of the risk assessment. Article 15 (Third-Party Enforcement of Obligations)

  1. Financial Institutions may delegate to a third party or a third party within the same group the performance of identification and due diligence obligations in relation to customers, except for Exchange Houses and payment service providers, which are not based in countries that do not apply or apply insufficiently, the recommendations of international bodies on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction.
  2. This article does not apply to outsourcing or agency contracts. Section III Obligation to Update Article 16 (Update Procedures)
  3. For the purposes of Article 11 (2) (g) of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions carry out periodic diligences and procedures to ensure that they are up to date, as far as the accuracy and completeness of the information they already have, or should have, regarding: a) the identification elements of customers, representatives and beneficial owners, and all other documents, data and information obtained in the exercise of the duty of identification and diligence; b) Other information provided for in Law No. 05/20 of 27 January, Law on

Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction and in this Notice; and c) To the means of proof of the elements referred to in the previous paragraphs. 2. The periodicity of updating the information referred to in the previous paragraph is defined according to the degree of risk associated with each customer by the Financial Institution, varying the time intervals in the reverse order of the degree of risk identified, and the periodicity of updating the information regarding low￾risk customers should not exceed five years. 3. Without prejudice to the provisions of number 5 of this article and when the contrary does not result from the enhanced identification or diligence measures provided for in Law no. 05/20, of 27 January and in this Notice, Financial Institutions may also adapt the nature and extent of the obligations to update the means of proof previously obtained and the due diligence procedures, depending on the risks of money laundering or terrorist financing existing at the date of the update. 4. Financial Institutions shall immediately take the necessary steps to update the data whenever they have reason to doubt its veracity, accuracy, or timeliness or if they suspect practices related to money laundering or the financing of terrorism and the proliferation of weapons of mass destruction. 5. Documentary proof of the information to be updated may be made by a simple copy. However, Financial Institutions must request the presentation of original documents, in physical or electronic format, or certified copies thereof, whenever: a) The information in question has never been the subject of any previous evidence;

b) The elements provided by the customer for updating the data offer doubts; and c) The updating steps are triggered by suspicions of money laundering or terrorist financing of the proliferation of weapons of mass destruction. Section IV Simplified measures Article 17 (Simplified Due Diligence Procedures)

  1. Without prejudice to the provisions of article 13 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions may apply simplified due diligence procedures, provided that they have sufficient information for a consistent risk assessment, and the customer must also fall into one of the following categories: a) State or a legal person governed by public law, of any nature, integrated in the central or local administration; b) Authority or public entity subject to the transparent accountant practices and audited accounting; and c) Individuals holding a simplified bank account.
  2. Whenever necessary, Financial Institutions must demonstrate to the National Bank of Angola that they have verified the classification of customers in the categories mentioned above.
  3. Without prejudice to the provisions of the previous paragraph, Financial Institutions must define criteria to determine whether the public information collected is sufficient to verify and confirm that the customer falls into one of the categories or professions mentioned above.

Section V Enhanced Measures Article 18 (Enhanced Due Diligence Procedures)

  1. Without prejudice to the provisions article 14 (1) and (3) of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions adopt reinforced measures, as provided for in the following articles.
  2. The provisions of the previous paragraph shall not prejudice the adoption of other reinforced measures, which the Financial Institutions determine as necessary, in view of the specific risk identified. Article 19 (Application of Countermeasures)
  3. Without prejudice to the reinforced measures specifically provided for in Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must adopt, to the extent legally permissible, the necessary countermeasures to: a) To ensure compliance with the United Nations Security Council Resolution, as well as with other legal acts approving restrictive measures of national or international scope; b) Ensure compliance with public statements and other requests made by the GAFI; or c) Address the risks of money laundering, terrorist financing, and proliferation of weapons of mass destruction emerging from high-risk third countries and other risky jurisdictions.
  4. Countermeasures shall be proportionate to the risks identified and shall not conflict with other countermeasures arising from the legal acts referred to in paragraph (a) of the preceding number, where they are based on a different basis from such acts.
  5. Examples of countermeasures are, without prejudice to others that are more appropriate to the specific risks identified: a) Implement specific elements of the enhanced due diligence measures;

b) Determine the strengthening of existing communication or information transmittal mechanisms, namely by requesting additional information; c) Introduce relevant reporting mechanisms or declarations of atypical financial transactions; d) Condition the establishment of branches, representative offices or other establishments to compliance with additional requirements; e) prohibit the establishment of branches or representative offices in countries subject to countermeasures or otherwise take into account the fact that the branch or representative office concerned is located in a country that does not have adequate APBC/FT/P mechanisms; f) Limit business relationships or operations with a given territory or with the persons in that territory; g) prohibit the use of third parties located in a given territory, even when that territory does not qualify as a high-risk third country; h) Oblige the institutions to analyze, amend or, if necessary, terminate correspondence with entities in a given territory; i) Determine the strengthening of the supervisory procedures for branches and subsidiaries of entities with head office in a given territory; j) Determine the strengthening of the group's supervision procedures, in relation to its branches and subsidiaries located in a given territory; and k) Determine the strengthening of risk management and audit procedures for entities operating in a given territory. Article 20 (Customers, Representatives, and Beneficial Owners)

  1. Without prejudice to the provisions of article 14 (1) and (2) of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must obtain additional information about customers, their representatives or beneficial owners, namely: a) The origin and legitimacy of heritage; b) The legitimacy of the funds involved in the business relationship or the

occasional transaction; c) the reputation of customers, their representatives, or beneficial owners; d) Close family members and people recognized as closely associated; e) The activities previously carried out; and f) The number, size, and frequency of transactions estimated to be carried out within the scope of the business relationship. 2. To verify the origin of the assets, Financial Institutions should consider the use of the following means of proof: a) Income statements, when applicable; b) Financial statement reports or certification of accounts prepared by independent auditors; c) Payslips; d) Certificates obtained from public records; and e) Document proving succession acquisition. 3. Financial Institutions must re-analyse the risk and other elements associated with the business relationships to which a higher degree of risk is attributed at least once a year. 4. For the purposes of this article, the definitions of "close family members" and "persons recognised as closely associated" provided for, respectively, in Article 3 (31) (b) of Law No. 05/20 of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, are applicable, as the case may be, by reference to any client, representative or beneficial owner, even if the quality of "politically exposed person" or "holder of other political or public offices" has not been identified in relation to them. Article 21 (Product, Service, Operation, or Distribution Channel)

  1. Whenever they identify a situation of increased risk associated with a product, service, operation or distribution channel, Financial Institutions must adopt the following measures:

a) Limitation of the number or amount of operations allowed; b) Limitation of use to certain jurisdictions; c) Limitation of use to certain types of customers; d) Limitation or restriction of the performance of cash transactions; e) Enforceability of deposit, loading, redemption or reimbursement operations, through the tracking of an account opened with a Financial Institution or other legally authorised institution which, not being located in a high-risk third country, proves to apply identification and diligence measures compatible with those provided for in the Law and in this Notice; and f) Parameterization of alerts in accordance with the risk attributed to the product, service or operation, defining and applying rules that allow adjusting the risk of the product, service or operation when associated with high-risk customers. 2. Financial Institutions should adopt enhanced measures whenever new products, services or distribution channels present increased risks of money laundering or terrorist financing and the proliferation of weapons of mass destruction, including the intervention of senior management in approving their marketing or use. Article 22 (Geographical Location) Where Financial Institutions identify jurisdictions associated with a higher risk of money laundering and terrorist financing and proliferation of weapons of mass destruction, relevant to certain business relationships or occasional transactions, they shall adopt the following measures: a) Obtaining additional information about the jurisdiction in question, namely, about the relevant regulatory framework and the existence of supervision compatible with the provisions of the Law and this Notice; and b) Intensification of the frequency of monitoring procedures, considering the origin and destination of transactions.

Article 23 (Private Banking)

  1. Whenever they provide Private Banking services, Financial Institutions adopt reinforced measures proportional to the existing risks.
  2. For the purposes of the preceding paragraph, Financial Institutions shall adopt at least the following measures: a) The intervention of the competent management body for the: i. Authorization of the establishment of the business relationship; and ii. Approval of the risk assessment associated with the business relationship and subsequent reviews. b) The monitoring of the business relationship by the Compliance Officer or by another Compliance collaborator who is not directly involved in the business relationship with the client; and, c) Re-analysis of risk and other elements associated with business relationships to which a higher degree of risk is attributed, on at least an annual basis.
  3. Without prejudice to the provisions of the previous paragraph, Financial Institutions may also adopt the following measures: a) Require that cash deposits and other amounts be made in person at the branch; and b) Intensification of the frequency of monitoring procedures of the business relationship or of certain operations or set of operations, with a view to identifying possible indicators of suspicion and subsequent compliance with the duty of communication provided for in article 17 of Law no. 05/20, of 27 January, Law on the Prevention and Combating of Money Laundering, on the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction. Article 24 (Politically Exposed Persons) Without prejudice to the provisions of the previous paragraphs, Financial Institutions must ensure that: a) Information regarding the identification and mitigation processes related to PEPs is communicated to its collaborators, for whom it is relevant; b) The processes referred to in the previous paragraph are part of its

training on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction; and c) The procedures used take into account a risk-based assessment of the services or products purchased, individual circumstances, origin and amount of the client's funds. Article 25 (Operations Performed Without the Physical Presence of the Client) For the purposes of paragraph 4 of article 14 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must, when establishing business relationships or operations without the physical presence of the customer, apply specific and appropriate measures in order to mitigate the risk inherent in this situation, namely: a) Require that the documents requested pursuant to article 9 (2) (a) of this notice be recognized or certified by a competent authority; and b) Request additional documents to complement those required by customers who are physically present, requested under the terms of article 9 (2) of this Notice. Article 26 (Non-Profit Organisations)

  1. In the case of non-profit organizations, Financial Institutions must ensure the intervention of a competent management body to approve the establishment of the business relationship.
  2. For the purposes of article 14 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must establish appropriate enhanced due diligence procedures in relation to operations with non-profit organizations, within the scope of the prevention of money laundering, financing of terrorism and proliferation of weapons of mass destruction, including the collection and recording of the following information:

a) Geographic location; b) Organizational structure; c) Nature of donations and volunteering; and d) Nature of funds and expenditures, including basic information on beneficiaries. 3. In the case of unincorporated charities, church bodies or places of worship, the Financial Institution must obtain at least the following information: a) Full name and address; b) Document proving its legalization by the state authorities; c) Nature and purpose of the organization's activities; d) Names of all managers or equivalent; and e) Names or classes of beneficiaries. Section VI Reporting Obligation Article 27 (Reporting Suspicious Transactions)

  1. Financial Institutions shall, on their own initiative, immediately inform the Financial Intelligence Unit whenever they know or have sufficient grounds to suspect that an attempted operation is underway or has taken place that may be associated with the crime of money laundering, terrorist financing and proliferation of weapons of mass destruction or any other crime.
  2. Financial Institutions must also report to the Financial Intelligence Unit, as a suspicious transaction, all transactions carried out or attempts to carry out operations, whenever these are not in accordance with their risk profile or transactional pattern.
  3. Reports of suspicious transactions must be sent to the Financial Intelligence Unit as soon as they become known.
  4. For the purposes of numbers 1 and 2 of this article, Financial Institutions must take into account the indicators of suspicion published by the National Bank of Angola and the Financial Intelligence Unit.

Article 28 (Reporting of Other Transactions) Financial Institutions must report to the Financial Intelligence Unit the information contained in article 17 (3) and (4) of Law no. 5/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction. Article 29 (Reporting Procedure) For the purposes of the preceding articles, the reporting of information must comply with the procedures, forms and forms issued by the Financial Intelligence Unit. Section VII Obligation to Cooperate Article 30 (Cooperation between Financial Institutions)

  1. Financial Institutions shall cooperate and exchange information with each other for the purpose of preventing money laundering and terrorist financing when: a) They belong to the same group; b) in the case of information relating to a customer or a joint transaction and provided that the institutions concerned are subject to equivalent obligations as regards professional secrecy and the protection of personal data; and c) The exchange of information aims to prevent the realization or consummation of fraud or other crime in the Financial System.
  2. The information must be shared with a copy to the Financial Intelligence Unit and the National Bank of Angola.

Section VIII Electronic Transfers and Bank Correspondence Article 31 (Wire Transfers)

  1. For the purposes of paragraph 1 of article 30 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must ensure that all cross-border electronic transfers are accompanied by complete information on the payer and the beneficiary, namely: a) Ordering Parties: i. Full name; ii. Account number or unique reference number of the operation; iii. Address; and iv. Name of the payer's Financial Institution, where applicable. b) Beneficiaries: i. Full name; and ii. Account number or unique reference number of the operation.
  2. Where several individual cross-border electronic transfers from a single payer are aggregated into a batch of transfers to the payees, the batch shall contain all the information referred to article (1).
  3. Financial Institutions must obtain and store complete information on the beneficiary and payer of any cross-border electronic transfers, regardless of their value.
  4. Financial Institutions must, in the processing of wire transfers, take blocking measures and comply with prohibitions arising from the United Nations Security Council Resolution, or others.
  5. For the purposes of article 30 (11) of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, Financial Institutions must have policies and risk based procedures in place to determine:

a) The execution, rejection or suspension of an electronic transfer; b) the lack of necessary information about the payer or the beneficiary; and c) Appropriate follow-up actions. Article 32 (Beneficiary Financial Institutions)

  1. Beneficiary Financial Institutions must adopt appropriate measures to identify cross-border electronic transfers, which present insufficient information necessary about the payer or beneficiary.
  2. For the purposes of the previous number, for cross-border electronic transfers, regardless of the amount, the beneficiary Financial Institutions must collect and verify the identity of the beneficiaries, requiring the documents referred to in article 9 (1) (b) of this Notice, whenever it has not been previously verified and keep the information in accordance with the provisions of article 16 of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction.
  3. Beneficiary Financial Institutions shall have risk-based policies and procedures in place to determine: a) The execution, rejection or suspension of an electronic transfer; b) the lack of information required about the payer or the beneficiary; and c) Appropriate follow-up actions.
  4. Whenever the beneficiary Financial Institution identifies the existence of incomplete information about the payer, as provided for in paragraph 1 of the previous article, it must reject the transfer or request from the payer's Financial Institution complete information about the payer, without prejudice to the identification, verification and diligence obligations set forth in this Notice.
  5. Where the payer's Financial Institution fails to provide the information provided for in this article (1), the payee's Financial Institution shall take appropriate action, which may include the issuance of notices and the setting of deadlines, before rejecting any future transfer, restricting or terminating the business relationship.

Article 33 (Correspondence Relationship)

  1. Financial Institutions shall define, implement and control specific and appropriate due diligence measures for the identification and mitigation of risks of money laundering, terrorist financing and proliferation of weapons of mass destruction that occur through corresponding accounts, namely: a) Assess the nature of the activity of the corresponding institution; b) Identify the country of origin of the corresponding Financial Institution and verify the country's risk, namely, embargoes or sanctions imposed by International Organizations, levels of crime and corruption, as well as legislation in the field of money laundering, terrorist financing and proliferation of weapons of mass destruction; c) Assess the internal policies of the correspondent Bank in relation to international standards on combating money laundering and terrorist financing, as well as the effective implementation of internal control processes and procedures in this area; d) Verification that the correspondent bank does not allow anonymous accounts or accounts under fictitious names to be maintained; e) Develop mechanisms that allow it to periodically review and update the information related to the correspondent bank; f) Assess the quality of the supervision to which the corresponding Financial Institution is subject; g) Evaluate the reputation of the correspondent bank in the market, through the analysis of information disseminated by the media; and h) Assess the responsibilities of the corresponding Financial Institution in terms of prevention of money laundering, terrorist financing and proliferation of weapons of mass destruction.

  2. Financial Institutions must develop mechanisms for identifying, documenting and monitoring their corresponding accounts and report suspicious activities to the competent authorities, upon presentation of documentation that supports them.

  3. For direct payments, Financial Institutions shall ensure that the corresponding financial institution: a) Complies with the duty of diligence on the customer who has direct access to the account; and b) It is available to provide the relevant information about the steps taken when requested.

  4. Financial Institutions, based on their risk assessment, must periodically review the steps taken to open corresponding accounts.

  5. Financial Institutions shall refrain from opening, maintaining, administering or managing a correspondent account of a shell bank or correspondent banks of shell banks. Section IX Control Obligations Article 34 (Responsibility of the Management Body)

  6. The management body of the Financial Institutions is responsible for the implementation of policies, procedures and controls on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction.

  7. For the purposes of the stated on the previous number, the management body shall be responsible for: a) Approve the policies, procedures and internal controls proportionate to the risk identified in accordance with Article 5 of this Notice; b) Have adequate knowledge of the risks of money laundering, terrorist financing and the proliferation of weapons of mass destruction, to which the Financial Institution is or may be exposed, as well as the processes used to identify, assess, monitor and control these risks; c) Ensure that the organizational structure of the Financial Institution allows, at all times, the proper execution of policies, procedures and internal controls, preventing conflicts of interest

and, where necessary, promoting the separation of functions within the organisation; d) Promote a culture of prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, which covers all collaborators whose functions are relevant in this area, supported by high standards of ethics and integrity and, whenever necessary, by the definition and approval of appropriate codes of conduct; e) Appoint the Compliance Officer, in compliance with the provisions of paragraph a) of Article 22 of Law No. 05/20, of 27 January, Law on the Prevention and Combating of Money Laundering, Terrorist Financing and the Proliferation of Weapons of Mass Destruction; f) Monitor the activity of the other members of the top management, to the extent that they supervise business areas that are or may be exposed to risks of money laundering, terrorist financing and the proliferation of weapons of mass destruction; and g) Periodically monitor and evaluate the effectiveness of the policies, procedures and internal controls referred to in number 1 of this Article, ensuring that appropriate measures are in place to address the deficiencies identified therein. 3. The management body shall ensure that the designated person: a) Performs its functions independently, permanently, effectively and with the decision-making autonomy necessary for the exercise; b) Has good repute, professional qualification and availability appropriate to the exercise of the function, and the results of this evaluation are made available to the National Bank of Angola, whenever requested; c) Has adequate technical, material and human means and resources, including the collaborators necessary for the proper performance of the function; d) Has unrestricted and timely access to all internal information relevant to the exercise of the function, in particular information regarding the execution of the duty of identification and diligence and records of the operations carried out; and e) It is not subject to potential conflicts of interest, in particular

when there is no segregation of their functions. 4. The management body refrains from any interference in the exercise of the duty of communication, provided for in article 17 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, whenever the existence of potential suspicions is concluded. Article 35 (Responsibility of the Compliance Officer)

  1. Financial Institutions must appoint, according to the nature, size and complexity of their activity, a Compliance Officer.
  2. The Compliance Officer's primary responsibilities should include, as follows: a) Coordinate and monitor the effective application of the appropriate policies, procedures and controls for the effective management of the risks of money laundering, terrorist financing and proliferation of weapons of mass destruction to which the Financial Institution is or may be exposed; b) Participate in the definition and issuance of opinions on policies, procedures and controls aimed at preventing money laundering, terrorist financing and the proliferation of weapons of mass destruction; c) To continuously monitor the adequacy, sufficiency and timeliness of policies, procedures and controls on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, proposing the necessary updates; d) Participate in the definition, monitoring and evaluation of the Financial Institution's internal training policy; e) Ensure the centralization of all relevant information from the various business areas of the Financial Institution; f) To communicate, without internal or external interference, the operations mentioned in article 17 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, to the Financial Intelligence Unit; g) To play the role of interlocutor of the law enforcement and supervision and inspection authorities, complying with the reporting obligation, provided for in article 17 of Law no. 05/20, of 27 January, Law on Preventing and

Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, ensuring the exercise of other communication and collaboration obligations; h) Assist in the preparation and execution of the assessments provided for in article 9 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction; and i) Coordinate the preparation of reports, reports and other information to be sent to the National Bank of Angola on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction. 3. Financial Institutions ensure that all their collaborators, regardless of the nature of their relationship, are aware of: a) The identity and contact details of the Compliance Officer in accordance with paragraph e) of paragraph 2 of this article; and b) The procedures for reporting to that person the suspicious conducts, activities or operations that they detect. 4. The Non-Banking Financial Institution may, depending on its financial capacity, turnover and identified risk, request the National Bank of Angola to waive the appointment of an exclusive Compliance Officer, but must appoint a collaborator to ensure the exercise of the functions provided for in paragraph 2 of this article. 5. The Financial Institution also ensures that the selection of the staff assigned to the compliance area or function is made based on high ethical standards and demanding technical requirements. 6. The Financial Institution must inform the National Bank of Angola of the identity and other identifying elements of the Compliance Officer, as well as any changes to these elements, as soon as they occur.

Article 36 (Evaluation of the Effectiveness of the Internal Control System)

  1. The Financial Institution shall monitor, through periodic and independent assessments, the quality, adequacy and effectiveness of policies, procedures and controls on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction.
  2. For the purposes of the previous number, the Financial Institution shall ensure the existence or subcontracting of an internal audit function or a reputable and duly qualified third-party entity that ensures the independence of such assessment.
  3. Without prejudice to the provisions of the previous paragraph, whenever the nature, size and complexity of the activity does not justify the existence or subcontracting of an internal or external audit function or a duly qualified third party, Financial Institutions shall only apply the additional monitoring procedures.
  4. The valuations referred to in paragraph 1 of this article shall be proportional to the nature, size and complexity of the Financial Institution, as well as the risks associated with each of the respective business areas, and shall: a) Carry out with unrestricted and timely access to all internal information relevant to the performance of the assessments, including any documents prepared in compliance with the Law or this Notice; b) Be carried out with a periodicity appropriate to the risk associated with each of the Financial Institution's business areas; c) to enable the detection of any deficiencies affecting the quality, adequacy and effectiveness of the policies, procedures and controls adopted; and d) To focus at least on: i. The risk management model of the Financial Institution and other policies, procedures and controls aimed at complying with the provisions of this chapter; ii. The quality of communications and other information provided to the National Bank of Angola;

iii. the state of implementation of the corrective measures previously adopted; iv. The identification, diligence and conservation procedures adopted, including those carried out by third parties, credit intermediaries, promoters and other intermediation relationships; v. The integrity, timeliness and comprehensibility of the reports and reports generated by the information tools or systems, provided for in paragraph 2 of article 9 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and the Proliferation of Weapons of Mass Destruction; vi. The adequacy of customer and operations monitoring procedures and controls, whether automated, manual or mixed; vii. The adequacy, comprehensiveness and timeliness of the processes for examining and reporting suspicious transactions; viii. The internal training policy of the Financial Institution, including the adequacy and scope of the training courses provided; and ix. The speed and sufficiency of the corrective procedures for deficiencies previously detected in audit or supervisory actions, related to the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction. 5. Whenever Financial Institutions detect any deficiencies under the provisions of paragraph c) of the previous number, they must strengthen the policies, procedures and controls adopted in relation to the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, by adopting the necessary corrective measures to remove the deficiencies. 6. The evaluations provided for in this article are carried out at intervals not exceeding 12 (twelve) months, and may be increased up to 24 (twenty-four) months, whenever the circumstances provided for in number 2 of article 5 of this Notice are met.

  1. The results of the evaluations referred to in numbers 1 and 4 of this article shall be reduced to writing, and shall be kept in accordance with article 16 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction and placed, on a permanent basis, at the disposal of the National Bank of Angola. Article 37 (Reporting of Irregularities)
  2. Financial Institutions must create specific, independent and confidential channels that internally ensure, in an appropriate manner, the reception, processing and archiving of reports of irregularities related to possible violations of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and the Proliferation of Weapons of Mass Destruction and this Notice, as well as irregularities related to the integrity of the organization.
  3. The channels referred to in the previous paragraph must: a) Be proportionate to the nature, size and complexity of the Institution's activity; and b) Ensure the confidentiality of the communications received and the protection of the personal data of the whistle-blower and the suspect of the offence and other related persons.
  4. Persons who, by virtue of the functions they perform or have exercised, provide or have provided services to the Financial Institution, become aware of any serious fact that includes the irregularities referred to in the number 1 of this article, have the duty to report them to the supervisory body, under the terms and with the safeguards established in this article.
  5. When the appointment of a supervisory body does not take place, the communications referred to in the previous paragraph are addressed to the head of the compliance function.
  6. Communications made under this Article, as well as the reports to which they give rise, shall be kept in accordance with the provisions of Article 16 of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation

of Weapons of Mass Destruction and made permanently available to the National Bank of Angola. 6. Financial Institutions shall refrain from any threats or hostile acts and, in particular, from any unfavourable or discriminatory labour practices against those who make communications under this article, and such communications may not, by themselves, serve as a basis for the promotion by the obliged Financial Institution of any disciplinary, civil or criminal proceedings against the author of the communication, unless they are deliberate and manifestly unfounded. 7. The Financial Institution shall prepare annual reports containing a description of the channels referred to in paragraph 1 of this article and a brief indication of the communications received and their processing, which shall be made available to the National Bank of Angola, whenever requested. Article 38 (Selection of Collaborators)

  1. Financial Institutions must make a reasoned assessment of the reliability and credibility of collaborators they intend to appoint to functions of greater sensitivity and risk in the full performance of their activity, as well as their integrity.
  2. Financial Institutions must also assess the reliability and credibility of the service providers they hire to carry out services sensitive to their activity and integrity. Article 39 (Obligation to Identify Collaborators) The collaborators of the Financial Institution who carry out the identification and diligence obligations, namely the collection, registration and verification of the evidence presented, must be included in the internal records supporting those acts, clearly mentioning their identification and the date on which they were carried out.

Article 40 (Implementation of Restrictive Measures)

  1. Without prejudice to the provisions of article 24 of Law no. 05/20, of 27 January, Law on the Prevention and Combating of Money Laundering, the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction, Financial Institutions shall adopt the necessary means and mechanisms to ensure compliance with the obligations provided for in Law no. 19/17, of 25 August, on the Prevention and Combating of Terrorism and in Law No. 01/12, of 12 January, on the Designation and Execution of International Legal Acts.

  2. For the purposes of the preceding paragraph, Financial Institutions have permanent, fast and secure mechanisms in place to ensure the immediate, full and effective implementation of the restrictive measures and to allow at least: a) the identification of any persons or entities identified in restrictive measures; b) The blocking or suspension of operations or a set of operations, when the Financial Institution must comply with the freezing obligations arising from the financial sanctions referred to in article 24 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction; and c) Immediately report to the competent authority any frozen assets or other actions taken pursuant to the restrictive measures.

  3. Financial Institutions monitor, through periodic and independent assessments, the correct functioning of the means and mechanisms implemented, aimed at ensuring compliance with restrictive measures.

  4. It is incumbent upon the person in charge of the compliance area: a) Ensure immediate and full knowledge, as well as the permanent updating of the lists of persons and entities issued under the restrictive measures; and b) To monitor, on an ongoing basis, the adequacy, sufficiency and timeliness of the means and mechanisms intended to ensure compliance with restrictive measures.

  5. For the purposes of the preceding paragraph, whenever the Financial Institution decides not to proceed with the enforcement of restrictive measures, it shall include in a document or written record the following: a) the grounds for the non-enforcement decision; and b) a reference to any informal contacts that may have been established in the decision-making process with the competent national authorities, with an indication of the dates and means of communication used. Section X Training Obligation Article 41 (Training of Collaborators)

  6. Financial Institutions must define and implement an appropriate training policy for their managers, employees and other collaborators, whose functions are relevant for the purposes of preventing money laundering, terrorist financing and the proliferation of weapons of mass destruction, in order to ensure full, permanent and up-to-date knowledge of, among other aspects: a) the applicable legal framework on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction; b) The policies, procedures and controls on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction defined and implemented by the Financial Institution; c) Identification and communication of operations to the Compliance Officer; d) Reporting of irregularities in accordance with regulations; e) Guidelines, recommendations and information issued by law enforcement authorities, supervisory authorities or associations representing the sector; f) The risks, typologies and methods associated with funds or other property arising from or related to the commission of criminal activities or the financing of terrorism and the proliferation of weapons of

mass destruction; g) The vulnerabilities of the business areas developed, the products, services and operations made available by the Financial Institution, as well as the distribution channels of these products, services and the means of communication used with customers; h) reputational, legal and prudential risks and contravention consequences arising from non-compliance with the preventive obligations of money laundering, terrorist financing and the proliferation of weapons of mass destruction; and i) specific professional responsibilities for the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, and in particular the policies, procedures and controls associated with the fulfilment of preventive obligations. 2. In the case of newly hired collaborators, whose functions are directly relevant to the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, the Financial Institution, immediately upon their admission, provides them with appropriate training on the policies, procedures and controls defined internally in terms of the prevention of money laundering, financing of terrorism and the proliferation of weapons of mass destruction. 3. Financial Institutions must keep records of internal or external training actions, containing at least the following information: a) Name and purpose of training; b) Date the training took place; c) Training entity; d) Duration (in hours); e) Nature (internal or external training); f) Environment (face-to-face or distance training); g) Didactic support material; h) Name and function of the trainees (internal and external); and i) Final evaluation of the trainees, if any.

Section XI Obligation to Refuse Article 42 (Obligation to Refusal)

  1. For the purposes of article 15 of Law no. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Terrorist Financing and Proliferation of Weapons of Mass Destruction, after the decision to terminate the business relationship, Financial Institutions must: a) Inhibit any movement of funds or other assets associated with the business relationship, including any means of distance communication; b) Contact the customer, within a maximum period of 30 (thirty) days, so that he indicates the account to which the funds must be returned or appears in person, to make the refund defined by the Financial Institution; and c) To keep the funds or other assets, keeping them unavailable until their return is possible.
  2. Whenever the customer provides the information whose absence determined the decision to terminate the business relationship, and if there is no suspicion, the Financial Institution may proceed to re-establish that relationship, carrying out all the identification and diligence procedures legally due. Section XII Periodic Reports Article 43 (Report on the Prevention of Money Laundering, Terrorist Financing and the Proliferation of Weapons of Mass Destruction)
  3. The Financial Institution annually sends a specific report on its internal control system and other information elements to be defined in specific regulations, on the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction.
  4. The report referred to in the previous number must be sent to the National Bank of Angola, by January 31 of each year, referring to the period

between 1 st January and 31st December of the previous year, and must follow the model and terms of submission to be defined in specific regulations. 3. The report comprises: a) The institutional information and relevant contacts of the Financial Institution; b) policies, procedures, and controls on money laundering, terrorist financing, and the proliferation of weapons of mass destruction; c) The Financial Institution's Risk Management report; d) Use of new technologies, products, and services, with potential impact on the prevention of money laundering, terrorist financing, and the proliferation of weapons of mass destruction; e) Monitoring compliance with the regulatory framework; f) Monitoring compliance with the obligations related to the reporting of irregularities provided for in paragraph 1 of article 12 of this Notice; g) The Internal Audit report of the Financial Institution; h) The External Audit Report of the Financial Institution; i) Information tools and systems; j) Deficiencies detected by the Financial Institution in terms of the prevention of money laundering, terrorist financing, and the proliferation of weapons of mass destruction; k) Specific information on types of operations; l) The corrective measures adopted to remedy the deficiencies identified by the Financial Institution following supervisory actions carried out by the National Bank of Angola; m) Relevant quantitative information; n) Self-assessment questionnaire of the Financial Institution, with its perception as to the adequacy and degree of regulatory compliance of the procedures adopted in compliance with the Law and this Notice and other relevant regulations; and o) Other information relevant to the exercise of the supervisory powers of the National Bank of Angola, in the field of prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction.

  1. Without prejudice to the provisions of the previous number, Financial Institutions also communicate: a) The overall opinion of the management body on the adequacy and effectiveness of the respective internal control system, in the specific context of the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction, in accordance with the risk assessment of the activity of the Financial Institution; b) Information on the possible detection, by the Institution's supervisory body, of high-risk deficiencies in the internal control system for the prevention of money laundering, terrorist financing and proliferation of weapons of mass destruction of the Financial Institution, during the reference period; and c) Opinion of the supervisory body of the Financial Institution, where it expresses in a clear, detailed and reasoned manner, its opinion on the quality of its internal control system for the prevention of money laundering, terrorist financing and the proliferation of weapons of mass destruction. CHAPTER III Final Provisions Article 44 (Sanctions) Violations of the provisions of this Notice are punishable under the terms of Law No. 05/20, of 27 January, Law on Preventing and Combating Money Laundering, Financing of Terrorism and Proliferation of Weapons of Mass Destruction and, alternatively, by Law No. 14/21, of 19 May, Law on the General Regime of Financial Institutions. Article 45 (Revocation) Notice no. 14/2020, of 22 June, on the Rules for Preventing and Combating Money Laundering and Terrorist Financing, Directive no. 03/2012, of 24 July, on the Identification and Communication of Designated Persons, Groups and Entities and all regulations that contradict the provisions contained in this Notice are hereby revoked.

Article 46 (Doubts and Omissions) Any doubts and omissions arising from the interpretation and application of this Notice shall be settled by the National Bank of Angola. Article 47 (Entry into Force) This Notice shall enter into force immediately. BE IT BE PUBLISHED. Luanda, 11th March 11 2024. THE GOVERNOR MANUEL ANTÓNIO TIAGO DIAS

Share