CySEC Circular C647: New Website Section on Terrorism and Proliferation Financing

TO : Regulated Entities i. Cyprus Investment Firms (‘CIFs’) ii. Administrative Service Providers (‘ASPs’) iii. UCITS Management Companies (‘UCITS MC’) iv. Self-Managed UCITS (‘SM UCITS’) v. Alternative Investment Fund Managers (‘AIFMs’) vi. Self-Managed Alternative Investment Funds (‘SM AIFs’) vii. Self-Managed Alternative Investment Funds with Limited Number of Persons (‘SM AIFLNP’) viii. Companies with sole purpose the management of AIFLNPs ix. Crypto Asset Service Providers (‘CASPs’) x. Small AIFMs FROM : Cyprus Securities and Exchange Commission DATE : 20 June 2024 CIRCULAR NO. : C647 SUBJECT : New section on CySEC’s website regarding Terrorism Financing (TF) / Proliferation Financing (PF) Through this Circular, the Cyprus Securities and Exchange Commission (‘CySEC’), would like to inform the Regulated Entities that section «Terrorism Financing (TF)/Proliferation Financing (PF)» has been added to CySEC’s website. This includes useful information and publications on TF/PF, as well as relevant notifications. CySEC emphasizes that, according to Article 58(d) of the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007, as amended (the ‘Law 188(I)/2007’), the regulated entities should apply adequate and appropriate policies, controls and procedures which are proportionate to their nature and size, so as to effectively mitigate and manage the risks of money laundering and terrorist financing. Regulated entities should specifically apply measures in relation to internal control, risk assessment and risk management in order to prevent money laundering and terrorist financing. Specifically, Article 58A of the Law 188(Ι)/2007 provides that the regulated entities must take appropriate steps to identify and assess the risks of money laundering and terrorist financing which they face, taking into account risk factors, including among others, those which relate to their customers, countries and geographical areas, products, services, transactions or delivery channels for providing services, provided that such measures are proportionate to the nature and size of the regulated entity. Furthermore, Article 58(c) of the Law 188(Ι)/2007 provides for internal reporting and reporting to the Financial Intelligence Unit (MOKAS) in cases of suspicious transactions/activity on terrorism financing.

Additionally, the Combating of Terrorism and Victims’ Protection Law of 2019, as amended (the ‘Law 75(I)/2019’, only in Greek), deals with a number of issues, including the definition of terrorism felonies, the responsibilities of legal persons, responsibility of obliged entities under the Law 188(I)/2007 to confiscate property belonging to or controlled by persons engaged in terrorism and the responsibility of supervisory authorities for ensuring that obliged entities abide with the relevant provisions of the legislation. CySEC’s Directive for the Prevention and Suppression of Money Laundering and Terrorist Financing, as amended (the ‘Directive’), includes examples of suspicious transactions/activities related to terrorist financing, in Part B of the Third Appendix. Furthermore, according to paragraph 12(4) of the Directive, the regulated entities, when assessing the money laundering and terrorist financing risks and when applying risk-based measures and procedures, should take into account, among others, the Joint Guidelines, as defined in the Directive, and the Guidelines issued by the Financial Action Task Force (FATF). Additionally, further guidance on terrorist financing was provided through specific Circulars issued periodically by CySEC (refer to the relevant section on CySEC’s website). Furthermore, regarding Proliferation Financing (PF), the FATF defines1 PF as ‘The act of providing funds or financial services which are used, in whole or in part, for the manufacture, acquisition, possession, development, export, trans-shipment, brokering, transport, transfer, stockpiling or use of nuclear, chemical or biological weapons and their means of delivery and related materials (including both technologies and dual-use goods used for non-legitimate purposes), in contravention of national laws or, where applicable, international obligations’. The regulated entities should have in place effective processes to identify, assess, monitor, manage and mitigate PF risks. For this purpose, the regulated entities should identify and understand the PF risks they might face, as a result of their business operations and client relationships. They should have knowledge of the requirements to counter these PF risks and threats, as well as have the awareness of common evasive techniques used to circumvent the identification of these practices. Taking the above into consideration, CySEC urges the Regulated Entities to continuously monitor, inter alia, the section «Terrorism Financing (TF)/Proliferation Financing (PF)» on CySEC’s website, including the notifications to be sent for useful information and publications on TF/PF, through the RSS Service, ensuring their full compliance with their relevant legal obligations for preventing TF and PF. Sincerely, Dr. George Theocharides Chairman, Cyprus Securities and Exchange Commission 1 FATF, February 2010, “FATF Report: Combating Proliferation Financing: A Status Report on Policy Development and Consultation”, p.5