LogoRegulatory Alerts
2023-11-16

Circular 100-4 on Measures Banks Must Take to Implement Their Anti-Money Laundering, Counter-Terrorist Financing, and Counter-Proliferation Programs

The Bank of the Republic of Haiti issued Circular 100-4 to mandate that banks implement comprehensive anti-money laundering, counter-terrorist financing, and counter-proliferation programs in accordance with the April 30, 2023 decree. The circular requires banks to establish written policies, risk assessments, compliance officer appointments, internal controls, independent testing, and employee training tailored to their specific risk profiles. It further stipulates that non-compliance may result in administrative sanctions ranging from warnings to license revocation, with the circular entering into force on August 14, 2023.

Banque de la Republique d'Haiti logo

Haiti

Banque de la Republique d'Haiti

Click to view thumbnail

Bank of the Republic of Haiti

CIRCULAR

No. 100-4

TO BANKS

This circular determines the measures that banks must take in the context of implementing their anti-money laundering, counter-terrorist financing, and counter-proliferation of weapons of mass destruction programs, in accordance with Articles 31, 32, and 34 of the Decree of April 30, 2023.

On the Anti-Money Laundering, Counter-Terrorist Financing, and Counter-Proliferation Program

The prevention program must reflect the nature, scale, and complexity of the activities of the institution concerned and must include the following elements:

  1. policies, procedures, and internal controls, including compliance monitoring mechanisms, and appropriate procedures during employee hiring, to ensure that hiring is conducted according to rigorous criteria;
  2. the centralization of information on the identity of clients, principals, beneficial owners, beneficiaries and proxy holders, agents, and on suspicious transactions;
  3. the designation of a compliance officer and the designation of compliance officers at the level of the head office, each branch, and each agency;
  4. the risk assessment of the institution;
  5. the development of a continuous training program for employees;
  6. an internal control mechanism to verify compliance, observance, and the effectiveness of adopted measures;
  7. the establishment of an independent testing mechanism for compliance with anti-money laundering measures;
  8. the handling of suspicious transactions.

The prevention program must be approved by the bank's board of directors.

1. Policies, Procedures, and Methods

Banks are required to develop a prevention program comprising written policies, procedures, and methods that allow for the identification of risk factors and the assessment of money laundering and terrorist financing risks presented by their activities.

Policies, procedures, and methods must be approved by the board of directors and kept up to date. They must be clearly communicated to all executives involved in dealing with clients.

Policies and procedures must cover all reporting, record-keeping, document retention, client identification, monitoring, risk assessment, and mitigation obligations applicable to the bank. They must be integrated into the bank's overall risk management strategy and include appropriate steps to prevent, detect, assess, monitor, manage, and continuously mitigate money laundering and terrorist financing risks related to clients, countries or geographic areas, or products, services, new technologies, operations, and distribution channels.

Policies and procedures must also cover the handling of international sanctions (United Nations list or others), the modalities for freezing assets in the context of combating terrorist financing and proliferation.

Policies, procedures, and methods must apply to all branches and subsidiaries, if it is a group as defined in Article 13 of the Law of May 14, 2012, on banks and other financial institutions. In this case, banks must include policies and procedures for information sharing within the group for the purpose of customer due diligence and the management of money laundering, terrorist financing, and proliferation risks. Adequate guarantees regarding confidentiality and the use of exchanged information must be put in place. They must ensure the availability of information related to clients, accounts, and operations from their branches and subsidiaries to compliance, audit, and/or anti-money laundering, counter-terrorist financing, and counter-proliferation functions at the group level. Furthermore, banks must ensure that their foreign subsidiaries, where applicable, and which carry out the same activities as themselves, implement the group's anti-money laundering, counter-terrorist financing, and counter-proliferation prevention program, including policies and procedures for information sharing within the group.

Policies and procedures must take into account relationships with correspondent banks and cover issues related to the collection of information on their correspondent banks (nature of their activities, their clientele, control exercised by competent authorities, etc.) as well as the suspension and non-establishment of correspondent relationships with:

a) foreign banks that do not have sufficient control procedures regarding criminal activities, or b) foreign banks that are not subject to effective supervision by competent authorities, or c) shell banks.

Banks are also required to develop appropriate selection procedures ensuring the recruitment of employees according to rigorous criteria.

2. Centralization of Information

Banks must have an IT system allowing for the centralization of data. Branches and agencies must be connected to the head office, so that all operations carried out in any of these branches or agencies can be observed in real time by all entities of the institution.

3. Appointment of a Compliance Officer

Every bank must proceed with the appointment of a compliance officer. This officer must be a senior executive of the institution, selected based on competence, experience, integrity, and professional ethics. He must know the functions and structure of the institution, and be aware of the risks and vulnerabilities related to money laundering and terrorist financing in the banking sector as well as trends and typologies that characterize these threats. He must report directly to the board of directors for all matters related to anti-money laundering, counter-terrorist financing, and counter-proliferation.

The compliance officer has in particular the following duties:

a) ensure the application of legislation and regulations; b) enforce internal procedures and methods for combating money laundering, terrorist financing, and proliferation; c) identify deficiencies and make appropriate recommendations; d) propose training programs on a periodic basis; e) serve as the liaison with the Financial Intelligence Unit (FIU); f) prepare and transmit suspicious transaction reports to the FIU; g) ensure that transaction reports are completed and transmitted to the FIU within the required deadlines; h) receive and follow up on information requests from the FIU and any other authority acting in the context of combating money laundering, terrorist financing, and proliferation.

Banks must designate, in each branch or agency, an executive responsible for enforcing anti-money laundering laws and regulations and ensuring coordination with the compliance officer. In no case does the designation of this executive relieve the compliance officer of his responsibilities under the law.

4. Risk Assessment

The prevention and compliance program must include a component related to the assessment of money laundering and terrorist financing risks.

Risk assessment is an analysis of threats and weaknesses in terms of money laundering or terrorist financing presented by the bank's activities. This

evaluation varies notably according to the size of the bank, its geographic location, and the activities carried out.

Risk assessment implies that employees are well-versed in the institution's activities and exercise judgment to assess risks. This assessment must not be static and must be modified at least every twelve (12) months.

5. Continuous Training

The prevention program must include a training component. All employees who are in contact with clients, who are aware of operations carried out by clients, or who handle cash or funds in any way, or who are responsible for implementing or monitoring the compliance regime, must understand in particular reporting obligations, client identification, and record-keeping.

The training program must be documented in writing and kept up to date. The modalities regarding the frequency and method of training must be established. It must indicate in particular the categories of participants, the subjects to be covered, and the frequency of training sessions. Each new employee must be trained before starting to work with clients.

Updates to the program should take place periodically to keep all interested parties informed of legislative and regulatory changes. The training method will depend on the size of the bank and the complexity of its activities.

6. Internal Control Mechanism

Banks must exercise constant vigilance and have an organization and internal procedures designed to ensure respect for the provisions provided by law and to enable operations managers to prevent and identify any attempt at money laundering or terrorist financing. One of the roles of this control is to avoid the use of the financial system for money laundering or terrorist financing or proliferation purposes and to minimize the risks faced by institutions.

This internal control system must contain, among other things:

a) a control mechanism for internal policies, procedures, and methods for combating money laundering, terrorist financing, and proliferation; b) a structure guaranteeing the confidentiality of information processing; c) measures for identifying elements at risk related to money laundering, terrorist financing, and proliferation, and systems for assessing these risks; d) a monitoring system that can guarantee control over risks related to money laundering, terrorist financing, and proliferation; e) a centralized documentation and information system; f) a system for information on compliance initiatives, deficiencies in this area, and corrective measures taken.

The control system in place must extend to all components of the institution. Banks are therefore required to take the necessary measures to guarantee the strict application of existing policies, procedures, and methods, especially those related to money laundering, terrorist financing, and proliferation.

7. Independent Testing Mechanism

During periodic independent tests regarding compliance with internal procedures or good risk monitoring, a specific check on the money laundering, counter-terrorist financing, and counter-proliferation component must be carried out by the institution's internal audit.

Checks may in particular apply to the following points:

a) the assessment of the quality of risk management and control for all operations and in all branches; b) interviews with employees in charge of operations and their supervisors to assess their level of knowledge and respect for the anti-money laundering, counter-terrorist financing, and counter-proliferation procedures adopted by the institution; c) compliance with account opening and closing procedures; d) the examination of a sample of document filing forms and forms for reporting suspicious financial transactions; e) a verification of the document retention system; f) the existence of supporting documents attached or referenced to accounting records; g) the knowledge of the clientele by branches and operations managers, taking into account the following elements: professional activity, account functioning, financial situation, and accounting and financial documentation consistent with credits granted and volumes of business processed. Particular attention must be paid to the economic justification of operations and their adequacy with the known situation of the clientele; h) periodic reviews of all correspondent banking relationships established with foreign banks to detect high-risk partners; i) the knowledge by collaborators of internal anti-money laundering rules.

The results of any verification must be submitted to the board of directors. Depending on the institution's hierarchical structure, questions related to measures taken or to be taken and the schedules provided for this purpose must be known and disclosed to executing personnel.

8. Handling of Suspicious Transactions

Banks must develop and implement policies regarding the identification and follow-up of unusual or suspicious transactions. These policies must define what is considered suspicious or unusual, and provide examples in this regard.

The identification of unusual or suspicious transactions can be done through transaction monitoring, contact with the client (meetings, visits, discussions, etc.), information from

third parties (newspapers, internet, etc.), and the bank's knowledge of the client's environment.

9. Sanctions

As a result of a deficiency found in the organization of internal procedures for preventing money laundering, terrorist financing, and proliferation, in accordance with Article 116 of the Decree of April 30, 2023, and Article 109 of the Law of May 14, 2012, the BRH reserves the right to take all administrative sanctions ranging from a warning to the withdrawal of authorization in the most serious cases, without prejudice to those provided by law.

10. Repeal and Entry into Force

This circular repeals Circular 100-3 and enters into force on August 14, 2023.

Port-au-Prince, July 27, 2023.

Jean Baden Dubois Governor

Share