BCEAO Instruction 001-03-2025 on Financial Institutions' AML, CFT and Proliferation Financing Compliance

BCEAO BANQUE CENTRALE DES ETATS DE L'AFRIQUE DE L'OUEST Le Gouverneur 001-G-2025 INSTRUCTION N° PORTANT MODALITES DE MISE EN OEUVRE PAR LES INSTITUTIONS FINANCIERES DE LEURS OBLIGATIONS EN MATIERE D'ORGANISATION, DE CONTROLE INTERNE ET DE CONFORMITE AUX EXIGENCES DE LUTTE CONTRE LE BLANCHIMENT DE CAPITAUX, LE FINANCEMENT DU TERRORISME ET DE LA PROLIFERATION DES ARMES DE DESTRUCTION MASSIVE

The Governor of the Central Bank of West African States (BCEAO), Having regard to the Treaty of the West African Monetary Union (UEMOA) of 20 January 2007, particularly Article 34; Having regard to the Statutes of the Central Bank of West African States (BCEAO), annexed to the UEMOA Treaty of 20 January 2007, particularly Articles 30 and 59; Having regard to the Convention governing the UEMOA Banking Commission; Having regard to Regulation No 06/2024/CM/UEMOA of 20 December 2024 on the external financial relations of the member states of the West African Economic and Monetary Union; Having regard to the Uniform Act on combating money laundering, terrorist financing and proliferation of weapons of mass destruction in UEMOA member states, particularly Articles 2, 6, 15, 31, 107 and 205; Having regard to the Uniform Act on banking regulation in UEMOA; Having regard to the Uniform Act on microfinance regulation in UEMOA, DECIDES

TITRE PRELIMINAIRE: DISPOSITIONS GENERALES Article 1: Object This Instruction specifies the implementation procedures by the financial institutions referred to in Article 3 below, of their obligations regarding organization, internal control and compliance with the requirements set out in the Uniform Act on combating money laundering, terrorist financing and proliferation of weapons of mass destruction (AML/CFT/PF) in UEMOA member states.

Article 2: Definitions For the purposes of this Instruction, the following terms shall apply:

1. Manual exchange dealer (Agrée de change manuel): any legal entity established in the territory of a UEMOA member state and having received approval from the Minister responsible for Finance of the establishment's state, to carry out manual exchange operations in that state;
2. Supervisory authorities: competent authorities empowered by a treaty, law or regulation to ensure that regulated persons comply with their AML/CFT/PF obligations set by the Uniform Act on AML/CFT/PF and its implementing texts. Supervisory authorities include, in particular, financial sector supervisory authorities and non-financial sector supervisory authorities, including self-regulatory bodies;
3. Bank: a legal entity authorized to carry out all banking activities, as provided by the Uniform Act on banking regulation in UEMOA;
4. AML/CFT/PF: money laundering, terrorist financing and proliferation of weapons of mass destruction;
5. CENTIF: the National Financial Intelligence Unit;
6. Financial company: a company whose main activity is to acquire and manage financial holdings, which directly or through companies with the same object controls one or more companies carrying out financial operations, at least one of which is a credit institution;
7. Distributor: any person offering customers an electronic money distribution service under the conditions defined by the regulation on electronic money activities in UEMOA;
8. Electronic money distribution: cash withdrawal, loading and reloading services against the handover of fiat or book money, payment and money transfer services linked to electronic money;
9. Financial technology company (FinTech): a legal entity that offers financial services or products designed or distributed according to an innovative technology-based process;
10. Credit institutions: the collective body comprising banks and credit financial establishments;
11. Electronic money establishment: a legal entity, other than a credit institution, payment institution, financial company or microfinance institution, that issues and distributes electronic money as a profession;
12. Payment institution: a legal entity, other than a credit institution, electronic money establishment, financial company or microfinance institution, that provides payment services as a profession;
13. Credit financial establishment: a legal entity other than a bank that carries out, as a profession, one or more banking operations in compliance with the conditions and limits defined by its approval;
14. FATF: Financial Action Task Force;
15. GIABA: Inter-Governmental Action Group against Money Laundering in West Africa;
16. Identification: the process by which a financial institution collects, on a declarative basis, identity elements of natural persons, legal entities, trusts, collective investment schemes or comparable legal structures;
17. Microfinance institution: an approved institution carrying out microfinance activities, as defined by the Uniform Act on microfinance regulation in UEMOA;
18. Mandated intermediary: any natural or legal person mandated by a financial institution to carry out activities for which the institution is approved or authorized, under the conditions and procedures fixed by the legal and regulatory provisions governing its activities;
19. AML/CFT/PF: combating money laundering, terrorist financing and proliferation of weapons of mass destruction in UEMOA member states;
20. Deliberative body: the board of directors in public limited companies or the collegiate body in companies constituted under another form. It is invested with all powers to act at all times on behalf of the establishment, within the limits of its corporate purpose and powers reserved to the General Meeting;
21. Executive body: all structures contributing to the day-to-day management of an establishment and ensuring effective implementation of the activity direction defined by the deliberative body. Members of the executive body include, in particular, the General Manager, Deputy General Managers, the Secretary General and Heads of control functions;
22. PEP: Politically Exposed Person, as defined by the Uniform Act on AML/CFT/PF;
23. Without delay: a maximum period of twenty-four hours;
24. Sub-delegatee: any legal entity carrying out foreign exchange repurchase operations with customers under the conditions defined by the regulation on external financial relations of UEMOA member states;
25. Sub-distributor of electronic money: the legal or natural person offering customers an electronic money distribution service under the conditions defined by the regulation on electronic money activities in UEMOA;
26. UEMOA: West African Economic and Monetary Union;
27. UMOA: West African Monetary Union.

Article 3: Scope of Application This Instruction applies to the following financial institutions:

1. credit institutions;
2. financial companies;
3. microfinance institutions;
4. electronic money establishments;
5. payment institutions;
6. financial technology companies (FinTech);
7. manual exchange dealers. The provisions to be implemented by the entities referred to in the first paragraph above relate to all operations carried out under their responsibility. They also include, where applicable, those performed by mandated intermediaries, sub-delegatees in the context of customer foreign exchange repurchase operations, sub-agents for rapid money transfers as well as distributors and sub-distributors of electronic money.

TITRE PREMIER: DISPOSITIONS APPLICABLES AUX INSTITUTIONS FINANCIERES AUTRES QUE LES AGREES DE CHANGE MANUEL Chapitre premier: Internal Organization regarding AML/CFT/PF Article 4: Roles and responsibilities of the deliberative body The deliberative body defines the AML/CFT/PF strategy of the financial institution and formulates directions for its deployment. It validates AML/CFT/PF framework documents, including:

1. the risk assessment;
2. the staff training and information program;
3. policies, procedures and control measures;
4. the report on the implementation of the internal AML/CFT/PF framework. The deliberative body appoints, on the proposal of the executive body, the head of the internal AML/CFT/PF structure. The latter must be able to access the deliberative body directly, if necessary.

Article 5: Roles and responsibilities of the executive body The executive body is responsible for the effective implementation of the strategy, directions, policies, procedures and control measures defined and validated by the deliberative body. It is particularly responsible for:

1. continuously ensuring compliance with AML/CFT/PF policies, procedures and control measures by the relevant staff;
2. authorizing the establishment of a business relationship or the execution of an operation with or on behalf of a PEP;
3. authorizing the payment of the capital of a life insurance policy to a PEP, where applicable;
4. validating the list of financial institution clients identified as PEPs;
5. authorizing cross-border banking correspondence and other similar relationships;
6. taking all other decisions and actions necessary to fulfill its mission. The executive body continuously ensures the proper functioning of the internal AML/CFT/PF structure. It equips it with adequate human and material resources and ensures its operational independence in exercising its responsibilities.

Article 6: Information system The financial institution establishes an information system enabling, in particular:

1. profiling of clients and accounts opened in its books;
2. real-time filtering of clients and transactions;
3. monitoring of account movements and generation of alerts;
4. determination of the global balance of all accounts held by the same client;
5. recording of operations carried out by the same client, whether occasional or habitual;
6. identification of transactions with a suspicious or unusual nature. The financial institution takes into account any information likely to modify the client's profile and integrates it into the information system within a maximum period of one month. The information system must also ensure that modifications related to the implementation of targeted financial sanctions are taken into account without delay, in accordance with Article 89 of the Uniform Act on AML/CFT/PF. The effectiveness of the information system must be subject to periodic review, at least once a year, to adapt said system to the nature and evolution of the financial institution's activity as well as its legal and regulatory environment.

Article 7: Establishment of an internal structure responsible for the AML/CFT/PF framework The financial institution establishes an internal structure responsible for the AML/CFT/PF framework in accordance with current regulations. This structure is adapted to the size, organization, nature and volume of the financial institution's activities. It does not participate in the execution of operational tasks. The risk management structure or the compliance department may take on the responsibilities mentioned in the preceding paragraph when the establishment's size does not justify that this function be entrusted to a separate structure. The head of the internal AML/CFT/PF structure is attached to the General Management or equivalent executive body within the concerned financial institution.

Article 8: Functions of the internal structure responsible for the AML/CFT/PF framework The internal structure responsible for the AML/CFT/PF framework has the following functions:

1. to centralize suspicion indicators identified by staff;
2. to process internal suspicious declaration files;
3. to draft suspicious declarations and transmit them to the CENTIF;
4. to respond to regular or ad hoc requests from supervisory authorities, the CENTIF or partner institutions;
5. to develop and implement the staff training and awareness program on AML/CFT/PF referred to in Article 9 of this Instruction;
6. to carry out AML/CFT/PF risk assessments referred to in Article 15 of the Uniform Act on AML/CFT/PF;
7. to carry out AML/CFT/PF risk classification provided by the Instruction on identification, verification of identity and customer due diligence by financial institutions;
8. to develop and update AML/CFT/PF policies, procedures, programs and control measures referred to in Articles 12 to 14 of the Uniform Act on AML/CFT/PF;
9. to develop the summary document of foreign exchange purchase and sales statements referred to in Article 19 of this Instruction;
10. to carry out periodic review of the information system referred to in Article 6 of this Instruction;
11. to carry out all other duties provided within the framework of implementing the internal AML/CFT/PF prevention framework.

Article 9: Staff training and awareness program The financial institution establishes a staff training and awareness program on AML/CFT/PF. This program must be adapted to current legal and regulatory requirements and the needs of stakeholders. To this end, it must in particular include:

1. modules covering: i. the legal framework for AML/CFT/PF of the Union, ii. detection of AML/CFT/PF indicators, iii. reporting obligations regarding AML/CFT/PF including the preparation of suspicious transaction declarations, iv. implementation of vigilance measures towards customers, v. identification and treatment of unusual or complex activities or operations, vi. document retention and archiving policy, vii. national, regional and international cooperation regarding AML/CFT/PF, viii. design and implementation of the AML/CFT/PF strategy of the concerned financial institution;
2. a post-evaluation tool for staff understanding of the program and its effectiveness;
3. regular information meetings for employees to keep them informed about developments in AML/CFT/PF techniques, methods and trends as well as preventive rules and procedures to be complied with. The financial institution deploys the program referred to in this article at least once a year and ensures that its implementation is documented.

Article 10: Participants in the training and awareness program The financial institution ensures that the following persons follow the training and awareness program referred to in Article 9 of this Instruction:

1. staff members whose tasks relate, directly or indirectly, to AML/CFT/PF;
2. staff members whose tasks expose them to the risk of encountering AML/CFT/PF attempts;
3. members of governance bodies, in particular those of the deliberative and executive bodies. The financial institution ensures that mandated intermediaries to which it resorts also have adequate AML/CFT/PF training.

Chapitre 2: Provisions relating to controls and reporting Article 11: Internal control and audit The financial institution establishes a device for controlling the proper application of internal programs and procedures relating to AML/CFT/PF. This device is audited at a frequency taking into account the nature, volume and complexity of the institution's operations, and at least once a year. The conclusions of audit missions are submitted to the Board of Directors or equivalent deliberative body of the financial institution, which takes necessary measures to ensure follow-up.

Article 12: Report on the implementation of the internal AML/CFT/PF prevention framework The financial institution prepares an annual report on the implementation of its entire internal AML/CFT/PF framework. This report must in particular:

1. describe the organization and resources of the financial institution regarding AML/CFT/PF prevention;
2. present training and awareness actions carried out;
3. inventory controls performed to ensure proper implementation and compliance with customer identification procedures, data retention, detection and declaration of suspicious transactions;
4. highlight investigation results, particularly regarding weaknesses identified in procedures and their compliance, as well as statistics relating to the implementation of the suspicious declaration framework;
5. indicate, where applicable, the nature of information transmitted to third-party institutions, including those established outside the country of implantation;
6. draw up a map of the most common suspicious transactions, indicating observed developments;
7. trace conclusions of internal audit missions carried out and measures taken for their implementation, where applicable;
8. present perspectives and the action program for the coming year. The financial institution transmits the report referred to in this article to the BCEAO and its supervisory authority, within a period of two (2) months from the end of the relevant financial year.

Article 13: Banking correspondence To ensure implementation of obligations relating to cross-border banking correspondence and other similar relationships provided for in Article 31 of the Uniform Act on AML/CFT/PF, the financial institution may resort to tools and principles developed by other jurisdictions, groups or associations including FATF, provided they include the collection of minimum information mentioned in the questionnaire appearing in Annex 1 of this Instruction.

TITRE II: DISPOSITIONS SPECIFIQUES AUX AGREES DE CHANGE MANUEL Article 14: Responsibilities of manual exchange dealers regarding AML/CFT/PF The manual exchange dealer takes, under its responsibility, the following measures:

1. establish an AML/CFT/PF framework adapted to its activity and backed by one or more clearly defined and documented procedures;
2. prepare an annual report on the implementation of the AML/CFT/PF framework;
3. ensure compliance by all staff with the AML/CFT/PF procedures referred to in point 1 of this article;
4. ensure that all staff benefit periodically from training and awareness on AML/CFT/PF.

Article 15: Information system of manual exchange dealers The manual exchange dealer establishes an information system enabling, in particular:

1. recording of operations carried out by the same client, whether occasional or habitual;
2. identification of transactions with a suspicious or unusual nature. The information system must also ensure that modifications related to the implementation of targeted financial sanctions are taken into account without delay, in accordance with Article 89 of the Uniform Act on AML/CFT/PF. The effectiveness of the information system must be subject to periodic review at least once every three years, to adapt said system to the nature and evolution of the financial institution's activity as well as its legal and regulatory environment.

Article 16: Internal AML/CFT/PF framework The manual exchange dealer designates at least one person within its ranks responsible for the AML/CFT/PF framework. The number of designated persons is adapted to the organization, nature and volume of activities carried out. The persons designated under the preceding paragraph are responsible for:

1. centralizing suspicion indicators identified by staff;
2. documenting internal suspicious declaration files;
3. drafting suspicious declarations and transmitting them to the CENTIF;
4. responding to regular or ad hoc requests from supervisory authorities, the CENTIF or partner institutions;
5. ensuring compliance with AML/CFT/PF procedures referred to in Article 14 of this Instruction in all operations carried out by the manual exchange dealer.

Article 17: Report on implementation of the AML/CFT/PF framework by manual exchange dealers The manual exchange dealer transmits, within a period of two months from the end of the relevant financial year, the annual report referred to in Article 14 of this Instruction, to the BCEAO National Directorate and to the Ministry responsible for Finance's department in charge of external finances of its country of implantation. The annual report contains, in particular:

1. a description of the organization and resources deployed for the AML/CFT/PF framework;
2. statistics on the number of suspicious declarations made;
3. perspectives for the coming year, particularly regarding training and acquisition or updating of AML/CFT/PF tools;
4. risk assessment referred to in Article 15 of the Uniform Act on AML/CFT/PF;
5. any other information deemed relevant by the manual exchange dealer.

Article 18: Supervision of manual exchange dealers The BCEAO ensures supervision of the compliance by the manual exchange dealer with its AML/CFT/PF obligations. The manual exchange dealer is required to submit to this supervision and provide all necessary information for its proper conduct.

Article 19: Reporting by manual exchange dealers The manual exchange dealer is required to declare to the BCEAO, within ten days following the end of each quarter and according to the template attached to Annex 2 of this Instruction, foreign exchange purchase or sale operations carried out at its counters during the past quarter. These declarations are accompanied by a summary document presenting notably...