Sec Amlcftcpf Regulations 12 May 2022

SECURITIES AND EXCHANGE COMMISSION (CAPITAL MARKET OPERATORS ANTI-MONEY LAUNDERING, COMBATING TERRORISM FINANCING AND PROLIFERATION FINANCING) REGULATIONS, 2022

SECURITIES AND EXCHANGE COMMISSION (CAPITAL MARKET OPERATORS ANTI-MONEY LAUNDERING AND COMBATING THE FINANCING OF TERRORISM) REGULATIONS, 2022

ARRANGEMENT OF REGULATIONS

Regulation:

PART I - OBJECTIVES, APPLICATION AND SCOPE

1. Objectives
2. Application

PART II - AML AND CFT/CPF INSTITUTIONAL POLICY FRAMEWORK 3. General Guidelines on Institutional Policy. 4. Duties of an AML/CFT/CPF Compliance Officer. 5. Co-operation with relevant authorities 6. Identification of proceeds of crime 7. Secrecy and confidentiality laws 8. Anonymous and numbered accounts

PART III - CUSTOMER DUE DILIGENCE MEASURES 9. Customer Due Diligence measures 10. Correspondent relationships with high risk foreign banks 11. On-going Due Diligence 12. Application of Enhanced Customer Due Diligence (ECDD) for Higher Risk Clients 13. Lower Risk Categories of Clients 14. Timing of Verification 15. Travel Rule Requirements 16. Verification of Beneficial Ownership 17. Application of CDD to existing clients 18. Determination of a Politically Exposed Person 19. Measures to prevent the misuse of new technologies and non- face-to-face transactions 20. Reliance on intermediaries and third parties on CDD measures 21. Keeping and maintenance of records of transactions 22. Complex and unusual large transactions

PART IV - INTERNAL CONTROLS, COMPLIANCE AND AUDIT 23. Internal Procedures, Policies and Controls

PART V - MONITORING AND REPORTING OF SUSPICIOUS TRANSACTION REPORTS 24. Suspicious Transactions “Red Flags" 25. Business relationships with persons from countries which do not apply the FATF recommendations 1

PART VI - EMPLOYEE EDUCATION AND TRAINING PROGRAMME 26. Comprehensive employee education and training programmes 27. Monitoring of employee conduct 28. Protection of staff who report violations 29. Additional Areas of AML/CFT/CPF Risks 30. Additional Procedures and Mitigants 31. Testing for the Adequacy of the AML/CFT/CPF Compliance Programme 32. Board approval of the AML/CFT/CPF Compliance Manual

PART VII - KNOW YOUR CUSTOMER AND IDENTIFICATION PROCEDURE 33. Guidance on Know Your Customer 34. Duty to obtain identification evidence 35. Identification Procedure 36. Verification of identity 37. Timing of Identification Requirements 38. Cancellation and Cooling - Off Rights, Redemptions and Surrenders 39. New business transaction by an existing Client. 40. Certification of Identification Documents 41. Recording identification evidence 42. Concession in respect of payment made by post 43. Investment funds

PART VIII - ESTABLISHING IDENTITY 44. Establishment of identity under these Regulations 45. General Information 46. Private Individuals resident in Nigeria 47. Physical Checks on Private Individuals resident in Nigeria 48. Electronic checks 49. Private Individuals not resident in Nigeria 50. Information to establish identity 51. Identification guidance for Institutions 52. Other Types of Operators 53. Retirement benefit programmes 54. Mutual or friendly, cooperative and provident societies 55. Charities, clubs and associations 56. Trusts and foundations 57. Professional intermediaries 58. False identities and impersonations 59. Refugee and asylum seeker 60. Identification procedures for opening accounts for students or young persons 61. Establishing the Identity of Trust, Nominees and Fiduciaries 62. Offshore Trusts 63. Conventional family and absolute Nigerian trusts 64. Receipt and Payment of Funds on behalf of a Trust. 65. Powers of Attorney and Third Party Mandates 66. Executorship accounts 67. Unincorporated Business or Partnerships 68. Verification of legal existence of a corporate client 2

69. Non Face - to - Face Business
70. Low Risk Corporate Business.
71. Private and Public unquoted Companies
72. Higher Risk Business Relating to Private or Public unquoted Companies
73. Foreign Capital Market Operator
74. Charities in Nigeria
75. Registered Charities
76. Clubs and Societies
77. Occupational Pension Schemes
78. Religious Organizations (ROs)
79. Three -Tiers of Government and Parastatals
80. Foreign Consulates

PART IX - INTERMEDIARIES OR OTHER THIRD PARTIES TO VERIFY IDENTITY OR TO INTRODUCE BUSINESS 81. Introductions from authorized financial intermediaries 82. Written applications 83. Non-written application 84. Introductions from foreign intermediaries 85. Corporate group introductions 86. Business conducted by agents 87. Correspondent relationship 88. Acquisition of a capital market business by another

PART X - RECEIVING CAPITAL MARKET OPERATORS AND AGENTS Vulnerability of receiving bankers and agents to money laundering, terrorism financing and proliferation financing Who to identify 89. 90. 91. Applications received via brokers 92. Multiple family applications 93. Linked transactions 94. Exemption from Identification Procedures

PART XI - MISCELLANEOUS Sanctions for Non- Compliance with the provisions of these Regulations Revocation Interpretation Citation 95. 96. 97. 98. 3

SECURITIES AND EXCHANGE COMMISSION (CAPITAL MARKET OPERATORS ANTI-MONEY LAUNDERING AND COMBATING THE FINANCING OF TERRORISM AND PROLIFERATION) REGULATIONS, 2022

In exercise of the powers conferred on me by Section 23 of the Money Laundering (Prevention and Prohibition) Act of 2022, and Section 39 of the Terrorism (Prevention and Prohibition Act 2022, I hereby make the following Regulations:

[......11...day of May, 2022] [ ] Commencement PART I OBJECTIVES, APPLICATION AND SCOPE

1. Objectives

These Regulations are made to –

(a) Combat Money Laundering, Terrorism and Proliferation Financing activities in the capital market.

(b) minimize the risk faced by the capital market from the proceeds of crime;

(c) guide capital market operators in the implementation of Know Your Customer (KYC) and Customer Due

(d)

Diligence (CDD) requirements for the capital market; and

comply with the requirements of the Money Laundering (Prevention and Prohibition) Act of 2022, Terrorism (Prevention and Prohibition) Act, 2022 and Terrorism Prevention (Freezing of International Terrorists Funds and other Related Measures) Regulations 2013, including other related Laws and Regulations.

2. Application

These Regulations apply to the activities of money laundering, terrorism and proliferation financing in the Nigeria capital market operations and related matters.

PART II AML/CFT/CPF INSTITUTIONAL POLICY FRAMEWORK General Guidelines on Institutional Policy.

A Capital Market Operator shall –

(a)

(b)

adopt policies stating its commitment to comply with Anti - Money Laundering and Countering the Financing of Terrorism and Countering the Proliferation Financing (AML/CFT/CPF) obligations under the law and regulatory directives to actively prevent any transaction that facilitates criminal activities;

formulate and implement internal controls and other procedures that will deter criminals from using its 4

facilities for money laundering, terrorist and proliferation financing and to ensure that its obligations under subsisting Laws and Regulations are met;

(c) designate AML/CFT/CPF Chief Compliance Officer at the management level with the relevant

(d)

competence, authority and independence to implement the institution's AML/CFT/CPF compliance programme; and

to ensure a measure of authority and independence for the function, the Chief Compliance Officer shall report to the board of directors and on dotted lines to the Chief Executive Officer, and the role shall be distinct from the functions of financial reporting, risk management and internal audit.

(e) a Compliance Officer shall satisfy the fit and proper persons' requirement as set out by the Commission.

(f) comply with the requirements of the Money Laundering (Prevention and Prohibition) Act of 2022 and

(g) Terrorism (Prevention and Prohibition) Act, 2022.

shall ensure that their foreign branches and majority-owned subsidiaries implement consistent AML/CFT/CPF measures and take related actions.

4. Duties of an AML/CFT/CPF Compliance Officer.

The duties of a Compliance Officer include –

(a) developing an AML/CFT/CPF Compliance Programme;

(b) rendering weekly mandatory disclosure/cash transactions returns (CTRs);

(c) rendering reports on suspicious transactions to the Nigerian Financial Intelligence Unit (NFIU);

(d) Rendering daily returns on Foreign Exchange Transactions to the Securities and Exchange Commission (SEC) and the NFIU;

(e) receiving and vetting suspicious transaction reports from staff;

(f) ensuring that the Capital Market Operator's compliance programme is duly implemented;

(g)

(h)

(i) coordinating the training of staff in AML/CFT/CPF awareness, detection methods and reporting requirements;

serving as liaison officer to both the SEC and NFIU; and

serving as a point of contact for all employees on issues relating to money laundering, terrorist financing and proliferation financing.

5. Co-operation with relevant authorities (1) A Capital Market Operator shall comply promptly with all the requests made pursuant to subsisting

laws and Regulations and shall provide information to the SEC, NFIU and other relevant law enforcement agencies on AML/CFT/CPF matters. 5

(2) Where there is a request for information on money laundering, terrorist financing or proliferation

financing, a Capital Market Operator shall –

(a) search immediately without delay the institution's records and electronic data-base to determine

(b)

(c)

whether it maintains or has maintained any account for or has engaged in any transaction any individual, entity or organization named in the request;

report promptly to the requesting authority the outcome of the search; and

protect the security and confidentiality of such requests.

6. Identification of proceeds of crime

A Capital Market Operator shall in the course of its business identify and report to the NFIU,any suspicious transactions derived from the following criminal activities-

(a) participation in an organized crime groups and racketeering;

(b) terrorism and terrorist financing; (c) trafficking in human beings and migrant smuggling; (d) sexual exploitation, including sexual exploitation of children; (e) illicit trafficking in narcotic drugs and psychotropic substances; (f) illicit arms trafficking; (g) illicit trafficking in stolen and other goods; (h) corruption and bribery; (i) fraud; (j) counterfeiting currency; (k) counterfeiting and piracy of products; (l) environmental crime; (m) murder, grievous bodily injury; (n) kidnapping illegal restraint and hostage taking; (o) robbery or theft; (p) smuggling; (q) extortion; (r) forgery; (s) piracy; (t) insider trading and market manipulation; and (u) Tax evasion

(v) Proliferation Financing (Weapons of Mass destruction);

(w) any other criminal act specified in the Money Laundering (Prevention & Prohibition) Act, 2022, Terrorism

(Prevention and Prohibition) Act, 2022 or any other law.

7. Secrecy and confidentiality laws

A Capital Market Operator secrecy and confidentiality laws shall not inhibit the implementation of the requirements of these Regulations in view of the provisions in the Economic and Financial Crimes Commission Act; Money Laundering (Prevention and Prohibition) Act, 2022,Terrorism (Prevention and Prohibition) Act, 2022 and other relevant subsisting laws and regulations and in giving the relevant authorities, either domestically or internationally, power to access information to properly perform their functions in combating money laundering, terrorism and proliferation financing. 6

8. Anonymous and numbered accounts

A Capital Market Operator shall not keep anonymous accounts or accounts in fictitious names; and where nominee accounts are maintained, details of the beneficial owners shall be provided on request.

PART III CUSTOMER DUE DILIGENCE MEASURES 9. Customer Due Diligence measures

(1) A Capital Market Operator shall undertake Customer Due Diligence (CDD) measures when –

(a) business relationship is established;

(b) carrying out occasional transactions above the sum of $1,000,000 or its equivalent or such other

(c)

(d)

(e)

(f)

thresholds as may be determined by SEC from time to time subject to the Money Laundering (Prevention and Prohibition) Act, 2022, Terrorism (Prevention and Prohibition) Act,2022.

the transaction is carried out in a single operation or several operations that appear to be linked;

carrying out occasional transactions that are wire transfers, including those applicable to cross- border and domestic transfers between Capital Market Operators and when credit or debit cards are used as a payment system to effect money transfer;

conducting a VA transfer subject to the travel rule requirements as set out in Section 15.

there is a suspicion of money laundering, terrorist financing or proliferation financing regardless of any exemptions or any other sum referred to in these Regulations; or

(g) there are doubts about the veracity or adequacy of previously obtained clients identification data;

(2) A Capital Market Operator shall not be required to repeatedly perform identification and verification exercise every time a client conducts a transaction, unless the Capital Market Operator suspects that there is a change in the documents earlier provided.

(3) A Capital Market Operator shall -

(a) carry out the full range of the CDD measures in these Regulations; and

(b) identify all their clients and verify their identities using reliable, independently sourced documents,

data or information.

(4) The type of clients' information to be obtained and identification data to be used to verify the information shall include the following -

(a) for a clients who is a legal persons, a Capital Market Operator shall -

(i) verify the identity of any person purporting to have been authorized to act on behalf of such a client by obtaining evidence of his identity and verifying the identity of such a person, and

(ii) verify the status of the legal person by obtaining proof of incorporation from the Corporate Affairs Commission (CAC) or similar evidence of establishment or existence and any other relevant information; and 7

(b)

for other clients;

(i) a Capital Market Operator shall identify a beneficial-owner and take reasonable measures to verify his identity using relevant information or data obtained from a reliable source to satisfy itself that it knows who the beneficial-owner is; and

(ii) a Capital Market Operator shall in respect of all clients, determine whether a client is

(5)

(6)

(7)

(8)

(9)

acting on behalf of another person; and where the client is acting on behalf of another person, a Capital Market Operator is required to take reasonable steps to obtain sufficient identification-data and to verify the identity of that other person.

A Capital Market Operator shall take reasonable measures in respect of clients that are legal persons to

(a) understand the ownership and control structure of such a client; and

(b) determine the natural persons that ultimately own or control the client.

Where the client or owner of the controlling interest is a public company listed on a recognized securities exchange and the risk assessment indicates the clients to be low risk it is not necessary to identify and verify the identity of the shareholders of such a public company.

A Capital Market Operator shall obtain information on the purpose and intended nature of the business relationship of its potential client.

A Capital Market Operator shall adopt CDD measures on a risk sensitive-basis as provided for in these Regulations.

A Capital Market Operator shall determine in each case if the risks are lower or not, depending on the type of client, product, transaction or location of the client.

10. Correspondent relationships with high risk foreign banks (1) A Capital Market Operator shall:

(i) comply with all the requirements of the United Nation Security Council resolutions (UNSCRs).

(ii) screen their records to identify assets of all clients associated with UN-sanctioned lists and reports findings to the

SEC and NFIU.

(iii) CMOs shall screen their records to identify assets of all clients proscribed for TF/PF domestically and reports

findings to the SEC, NFIU and other relevant competent authorities within 24 hours.

(3) A Capital Market Operator shall:

i. identify and assess the money laundering and terrorist financing risks emerging from virtual asset activities and the activities or operations of VASPs;

ii. based on the understanding of their risk apply a risk based approach to ensure that measures to prevent or mitigate ML/TF/PF are commensurate with the risks identified.

iii. take appropriate steps to identify, assess and understand their ML/TF/PF risks for customers, delivery channels,

countries or geographic areas and products and services.

iv. apply mitigating measures that are commensurate to their inherent ML/TF/PF risks

v. strengthen their ML/TF/PF risk assessment models by developing an appropriate proxy. 8

vi. develop the appropriate risk assessment models to risk profile their customers, products and services, delivery

channels and geographical areas into high, medium and low-risk bucket to deepen their understanding of ML/TF/PF risk and their AML/CFT/PF risk obligation and ensure ongoing monitoring of customers on a risk-sensitive basis.

vii. develop appropriate tools and implement rigorous oversight and controls concerning PEPs, more effective Beneficial

Ownerships (BOs) and maintain accurate and up-to-date records on BOs information.

viii. keep their risk assessments up to date; and have appropriate mechanisms to provide risk assessment reports to the

SEC.

ix. consider all the relevant risk factors before determining the level of overall risk and the appropriate level and type of mitigation to be applied.

x. have policies, controls and procedures approved by their boards of directors to enable them to manage and mitigate

the risks that have been identified either by Nigeria or by the CMOs.

xi. consider NRA reports in applying AML/CFT/CPF mitigating measures and incorporate findings in the annual return on mitigants / contingency plan filed with the Commission.

(4) Shell banks are prohibited from operating in Nigeria and Capital Market Operators are not allowed to establish correspondent relationships with high risk foreign banks (such as shell banks) or with correspondent banks that permit their accounts to be used by such banks.

(5) The type of payment referred to in regulation 9 (1) (d) of these Regulations shall not apply to –

(a) any transfer flowing from a transaction carried out using a credit or debit card so long as the credit

or debit card number accompanying such transfers does not flow from the transactions such as withdrawals from a bank account through an Automated Teller Machine (ATM), cash advances from a credit card or payment for goods; and

(b) any transfer and settlements between Capital Market Operators where both the originator and the beneficiary are Capital Market Operators, and are acting for themselves.

(6) A Capital Market Operator shall take all necessary measures to satisfy itself that a correspondent Capital Market Operator in a foreign country does not permit its accounts to be used by shell banks.

On-going Due Diligence

(1) A Capital Market Operator shall conduct ongoing due diligence on the business relationship as stated by the client.

(2) The ongoing due diligence measures shall include scrutinizing the transactions undertaken by the client

throughout the course of the Capital Market Operator and client relationship to ensure that the transactions conducted are consistent with the Capital Market Operator's knowledge of the client, its business and risk profiles and the source of funds.

(3) A Capital Market Operator shall ensure that documents, data or information collected under the CDD

process are kept up-to-date by reviewing existing records, particularly the records in respect of higher-risk business-relationships or clients' categories.

(4) For clients that may require additional caution to be exercised when transacting with them, activities in

such client's accounts shall be monitored on a regular basis for suspicious transactions.

(5) A Capital Market Operator shall refuse to do business with the client referred to in sub-regulation (4) of

this regulation or automatically classify them as high risk and subject them to an enhanced customer due 9

diligence and shall weigh all the circumstances of a particular situation and assess if there is a higher than normal risk of money laundering, terrorism and proliferation financing.

(6) A Capital Market Operator shall consider reclassifying a client as higher risk and file a suspicious transaction report to the NFIU if following its initial acceptance of the clients, the pattern of account activity of the clients does not fit in with the Capital Market Operator's knowledge of the client.

(7) A Capital Market Operator shall not commence business relation or perform any transaction where the client fails to comply with the due diligence requirements; and shall terminate an existing business relationship and report to the NFIU, where the client fails to comply with due diligence requirements.

12. Application of Enhanced Customer Due Diligence (ECDD) for Higher Risk Clients

(1) A Capital Market Operator shall adopt an enhanced CDD process for higher risk categories of clients, business relationships or transactions.

(2) A Capital Market Operator shall exercise greater caution when approving the opening of account or conducting transactions for the following categories of high risk clients –

(a) non-resident clients;

(b) clients from locations known for its high crime rate such as drug production, trafficking or

smuggling;

(c) clients and transactions from a jurisdiction designated by the FATF as high – risk jurisdictions or those known to the Capital Market Operator to have inadequate AML/CFT/CPF laws and regulations;

(d) Politically Exposed Persons (PEPs) and persons or companies related to them;

(e) complex legal arrangements such as unregulated investment vehicles or special purpose vehicles (SPV);

(f) companies that have nominee-shareholders;

(g) cross – border business relationship;

(h) wire transfers or non - face to face transactions

(3) A Capital Market Operator shall apply enhanced due diligence proportionate to the risks, to the business relationships and transactions with natural and legal persons (including financial institutions) from countries for which this is called for by the FATF.

(4) Counter-measures for high risk countries –

(a) Pursuant to section 13 (dd) of the Investment and Securities Act 2007, the Commission shall,

proportionate to the risks, call for specific counter measures to be applied by the reporting entities against high-risk countries, including the mandatory application of enhanced due diligence measures as provided by regulation 12 of this Regulation.

(b) Countermeasures may include, inter alia:-

(i). limiting business relationships or financial transactions with the high-risk countries or with persons

located in the country concerned; 10

(ii). reviewing and amending or, if necessary, terminating the agreement or arrangement governing the

correspondent banking or business relationships with financial institutions or other counterpart institutions in the country concerned;

(iii). conducting enhanced external audit, by increasing the intensity and frequency, for branches and subsidiaries of the reporting entity located in the country concerned;

(iv). prohibiting reporting entities from relying on third parties located in the country concerned to conduct elements of the due diligence process; and

(v). conducting any other measures as may be specified by the Commission.

(c) For the purposes of this section, “high-risk countries” means –

(i) countries which are subject to a call for application of countermeasures by the FATF.

(ii) countries identified by the Commission or other competent authorities as having strategic deficiencies in their AML/CFT/CPF regimes and/or posing a risk to the AML/CFT/CPF regime of Nigeria.

(d) (i) The Commission shall publish the list of high-risk countries on its official website. The Commission

shall also promptly publish any subsequent updates to the list on its official website.

(ii) The list of high-risk countries shall be promptly updated by the Commission as and when there are:

(a) any amendments to the FATF's list of countries subject to a call for counter-measures; or

(b) any revisions to the list identified by the Commission as per clause (ii) of subsection 3.

(5) Upon classifying a client, or transactions as “high-risk”, the Capital Market Operator shall undertake enhanced CDD process on the client which shall include enquiries on the-

(a) purpose for opening an account or carrying out the transaction;

(b) level and nature of trading activities intended;

(c) ultimate beneficial owners;

(d) source of funds; and

(e) senior management's approval for opening the account.

(6) (1) A CMO shall implement counter measures proportionate to the risks to business relationships and transactions with natural or legal persons (including CMOs) from countries for which this is called for by the FATF.

(2) A CMO shall implement counter-measures proportionate to the risks when called for by the Commission pursuant to regulation 12 (4) (ii) of this regulation:

13. Lower Risk Categories of Clients

(1) Simplified CDD process shall be adopted for lower risk categories of clients, business relationships

or transactions. 11

(2) A Capital Market Operator shall consider the following as categories of low risk clients -

(a) a Capital Market Operator, provided they are subject to requirements for the combat of money

laundering, terrorist financing and proliferation financing which are consistent with the provisions of these Regulations and are supervised for compliance;

(b) public companies listed on securities exchange or similar situation that are subject to regulatory

disclosure requirements;

(c) Government ministries, departments, parastatals and agencies;

(d) insurance policies for pension schemes where there is no surrender-value clause and the policy

cannot be used as collateral;

(e) a pension, superannuation or similar scheme that provides retirement benefits to employees,

where contributions are made by way of deduction from wages and the scheme rules do not permit the assignment of a member's interest under the scheme.

(3) The lower risks categories shall be considered in the circumstances where –

(a) the risk of money laundering, terrorist financing and proliferation financing is lower;

(b) information on the identity of the clients and the beneficial owner of a client is publicly available; or

(c) adequate checks and control exist elsewhere in the national system.

(4) Where there are low risks, a Capital Market Operator shall apply reduced or simplified CDD measures when identifying or verifying the identity of the client and the beneficial-owners.

(4) A Capital Market Operator that applies simplified or reduced CDD measures to clients' resident abroad are required to limit such to clients in countries that have been certified as having implemented the FATF Recommendations.

14. Verification of Beneficial Ownership

(1) A Capital Market Operator shall identify and take reasonable steps to verify the identity of a beneficial-owner, using relevant information or data obtained from a reliable source to satisfy itself that it knows who the beneficial owner is through methods including-

(a) for legal persons:

i. identifying and verifying the natural persons, where they exist, that have ultimate controlling ownership interest in

a legal person, taking into cognizance the fact that ownership interests can be so diversified that there may be no natural persons (whether acting alone or with others) exercising control of the legal person or arrangement through ownership;

ii. to the extent that there is doubt under sub-paragraph (i) of this paragraph that the persons with the controlling

ownership interest are the beneficial owners or where no natural person exerts control through ownership interests, identify and verify the natural persons, where they exist, exercising control of the legal person or arrangement through other means; and

iii. where a natural person is not identified under sub-paragraph (i) or (ii) of this paragraph. CMOs shall identify and take reasonable measures to verify the identity of the relevant natural person who holds senior management position in the legal person. 12

(b) For Legal arrangement (trust and other types of legal arrangements), CMOs shall identify and verify the identity

of the settlor, the trustee. the protector where they exist, the beneficiaries or class of beneficiaries, and any other natural person exercising ultimate or effective control over the trust or other legal arrangement including through a chain of control or ownership; and any person in equivalent or similar positions.

(2) CMOs shall in respect of all customers determine whether a customer is acting on behalf of another person or not and where the customer is acting on behalf of another person take reasonable steps to obtain sufficient identification data and verify the identity of the other person.

(3) A CMO shall take reasonable Measures in respect of customers that are legal persons or legal arrangements to–

(a) understand the ownership and control structure of such a customer; and

(b) determine the natural persons that ultimately own or control the customer

(4) In the exercise of its responsibility under this regulation, a CMO shall take into account that natural persons including those persons who exercise ultimate or effective control over the legal person or arrangement and factors to be taken into consideration to satisfactorily perform this function include: -

(a) for companies- the natural person shall own the controlling interest and comprise the mind and management of the

company and

(b) for trusts- the natural persons shall be the settlor. the trustee or person exercising effective control over the trust and the beneficiaries.

(5) Where a customer or an owner of the controlling interest is a company listed on a stock exchange and subject to disclosure requirements (either by stock exchange rules or by law or other enforceable means) which impose requirements to ensure adequate transparency or beneficial ownership, or is a majority owned subsidiary of such a company, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of the company.

(6) The relevant identification data referred to in the foregoing regulation may be obtained from a public register, the customer and other reliable sources, and for this purpose, ownership of 5% interest or more in a company is applicable.

(15) Travel Rule Requirements

(1) VASPs must comply with the requirements applicable to all CMOs under the MLPPA and these Regulations, subject to the qualifications set forth in subsections (2) and (3) of this regulation 15.

(2) For VASPs, an occasional transaction for purposes of regulation 9(b) of these Regulations is one or more occasional transactions when the total value of the transactions exceeds the equivalent of $1,000.

(3) All virtual asset transfers must be treated as cross-border transfers and subject to the requirements for cross-border wire transfers under regulation 12 of these Regulations as follows:

(a) Originating VASPs must:

(i) obtain and hold full originator information as specified in sub-regulation 5 below and verify that the

originator information is accurate; 13

(ii) obtain and hold full beneficiary information as specified in sub-regulation 5 below;

(iii) submit the information obtained and held under (i) and (ii) to the beneficiary VASP or financial

institution (if any) immediately and securely; and

(iv) make the information obtained and held under (i) and (ii) available on request to appropriate authorities.

(b) Beneficiary VASPs must:

(i) obtain and hold full originator information as specified in sub-regulation 4 below;

(ii) obtain and hold full beneficiary information as specified in sub-regulation 6 below and verify that the beneficiary information is accurate, and

(iii) make the information obtained and held under (i) and (ii) available on request to competent authorities.

(c) The same obligations as set out in this subsection (3) apply to non-VASP CMOs when sending or receiving virtual asset transfers on behalf of a customer.

(4) A CMO shall ensure that all cross-border transfers always include full originator information and must verify that the originator information is accurate. Full originator information includes:

(a) the full name of the originator;

(b) the originator's wallet address; and

(c) physical address or national identity number or, where the originator is not a natural person, the incorporation number or business registration number.

(5) A CMO shall ensure that all cross-border transfers always include full beneficiary information. Full beneficiary information includes:

(a) name of the beneficiary; and

(b) the originator's wallet address.

(6) Cross-border transfers below $1,000 are exempt from the requirements of regulation 4 and 5. For all cross-border transfers below $1,000, a CMO shall:

(a) ensure that all such transfers include the name of the originator, the name of the beneficiary, and the wallet

address for each