2016-12-13

Added · Updated

Guide to Enhanced Competency Framework on Anti-Money Laundering and Counter-Terrorist Financing

The Hong Kong Monetary Authority issued this guide to establish the Enhanced Competency Framework on Anti-Money Laundering and Counter-Terrorist Financing, encouraging authorized institutions to adopt it for benchmarking and developing AML/CFT practitioners. The framework defines two qualification levels, Core and Professional, with specific syllabus requirements, training programs, and examinations administered by the Hong Kong Institute of Bankers. It mandates annual certification renewal through Continuing Professional Development and outlines grandfathering provisions for existing staff to ensure a sustainable talent pool in the banking sector.

Hong Kong Monetary Authority logo

Hong Kong

Hong Kong Monetary Authority

Click to view thumbnail

Guide to Enhanced Competency Framework on Anti-Money Laundering and Counter-Terrorist Financing Hong Kong Monetary Authority December 2016

1 Table of Contents

  1. Introduction .................................................................................................................. 2
  2. Objectives...................................................................................................................... 3
  3. Scope of application ..................................................................................................... 3
  4. Qualification structure and syllabus .......................................................................... 5
  5. Training programmes and examinations................................................................... 5
  6. Grandfathering ............................................................................................................ 6
  7. Certification .................................................................................................................. 6
  8. Continuing professional development ........................................................................ 7
  9. Exemption ..................................................................................................................... 8
  10. Maintenance of relevant records ................................................................................ 9
  11. Administration of the ECF-AML/CFT ...................................................................... 9
  12. Accreditation ................................................................................................................ 9 Annex 1 – Highlights of Competencies for Key Roles of Relevant Practitioners in AML/CFT Compliance .......................................................................................................... 10 Annex 2 – Syllabus for ECF-AML/CFT Core Level .......................................................... 14 Annex 3 - Flowchart illustrating the possible routes to meet the ECF-AML/CFT certifications ........................................................................................................................... 21

2

  1. Introduction 1.1 The financial services industry accounted for about 16.6% of Hong Kong’s Gross Domestic Product (“GDP”) and employed about 7.8% of the total labour workforce in
  2. Within the financial services industry, banking is the largest contributor in terms of GDP (about 61%) and employment (about 42%)1 . According to the HKSAR Government’s projection, the financial services industry is the fastest growing economic sector in terms of manpower requirements, with a projected average annual growth rate of 2.2% between 2012 and 20222 . Having a sustainable talent pool of finance professionals is crucial to the continuous growth and development of the financial services industry and to the maintenance of Hong Kong’s status as an international financial centre. 1.2 To this end, a Steering Committee chaired by the HKMA, comprising representatives from the banking industry and the Hong Kong Institute of Bankers (HKIB), has been set up to advise on the development of an enhanced competency framework (ECF) for banking practitioners in Hong Kong. The aim is to develop competency standards for major functional areas which are central to the safety and soundness of banks and where manpower and skills shortages are more apparent. 1.3 In recent years, the threats posed by money laundering and terrorist financing to market integrity and financial institutions have been increasing. As a result, the international anti-money laundering and counter-terrorist financing (AML/CFT) standards have been evolving to enable financial institutions to strengthen their controls and procedures and build a stronger compliance culture to combat the pertinent money laundering and terrorist financing risks. To meet with the constant upgrading in the AML/CFT infrastructure, there is a need for the banking sector in Hong Kong to build up a talent pipeline to help meet the growing demand for qualified professional in AML/CFT area. As a result, AML/CFT is designated as one of the first modules to be developed under the ECF.

1 Financial Services Development Council, Developing Hong Kong’s Human Capital in Financial Services, January 2015. 2 Government of The Hong Kong Special Administrative Region, Report on Manpower Projection to 2022, April 2015.

3 2. Objectives 2.1 The Enhanced Competency Framework on AML/CFT (hereinafter referred to as “ECF-AML/CFT”) features the common core competences required of AML/CFT practitioners in the Hong Kong banking industry. The objectives of the ECF are twofold: (a) to develop a sustainable talent pool of AML/CFT practitioners for meeting the workforce demand in this sector; and (b) to raise and maintain the professional competence of AML/CFT practitioners in the banking industry. 2.2 Although the ECF is not a mandatory licensing regime, authorized institutions (“AIs”) are encouraged to adopt the ECF for the following purposes: (a) to serve as a benchmark to determine the level of competence required and to assess the ongoing competence of individual employees; (b) to support relevant employees to attend training programmes and examinations that meet the ECF benchmark; (c) to support the continuing professional development of individual employees; and (d) to specify the ECF as one of the criteria for recruitment purposes. 3. Scope of application 3.1 The ECF-AML/CFT is targeted at “Relevant Practitioners”, including new entrants and existing practitioners, engaged by an AI to perform AML/CFT compliance roles in its Hong Kong operation. Details of the respective roles are classified by a two-level qualification structure (i.e. Core Level and Professional Level) in Annex 1 for AIs to determine whether a staff member is a Relevant Practitioner and, if applicable, the competency level relevant to the staff member. For avoidance of doubt, a staff member is not required to perform all of the roles specified in Annex 1 in order to be classified as a Relevant Practitioner.

4 3.2 Generally, the scope of Relevant Practitioners can be applicable across different organisational structures (e.g. whether such roles are housed under a business unit solely dedicated to AML/CFT compliance function or as part of a wider legal and compliance function) and the functional roles rather than the functional titles of staff members should be of essence for considering whether the definition of Relevant Practitioners is met. 3.3 The ECF-AML/CFT is not intended to capture staff performing other job functions that are incidental to AML/CFT compliance. Specifically, the following categories of staff do not fall within the definition of Relevant Practitioner: (a) Staff in AML/CFT compliance function performing solely clerical and administrative duties. (b) AML/CFT compliance staff in overseas branches and subsidiary undertakings of locally-incorporated AIs. It should however be noted that AIs have a responsibility to ensure relevant staff in overseas branches and subsidiaries receive adequate AML/CFT training, including those applicable in relevant overseas regulatory requirements. (c) Regional AML/CFT compliance staff, whether located in or outside Hong Kong, performing AML/CFT duties in the AI that are “merely incidental” to duties performed in their regional role. AIs are expected to adopt a principles-based approach and to support their decisions with sound justifications in determining whether a regional staff member falls within the definition of Relevant Practitioners or not. Appropriate regard should be given to the significance of the AML/CFT compliance role performed by the relevant staff member in the Hong Kong operations of the AI. 3.4 It is not necessary for a Relevant Practitioner to meet the ECF-AML/CFT benchmark for Core Level or Professional Level before he or she can take up the roles specified for the corresponding level. However, AIs are expected to encourage and support the Relevant Practitioner to achieve the applicable benchmark in order to ensure the overall competency standard in discharging the AML/CFT compliance roles.

5 4. Qualification structure and syllabus 4.1 The qualification structure of ECF-AML/CFT comprises two levels: (a) Core Level – suitable for entry-level staff with less than three years of relevant work experience in AML/CFT compliance; and (b) Professional Level – suitable for staff with three years or above of relevant work experience in AML/CFT compliance. 4.2 The Core Level consists of five training areas to equip new entrants and staff in junior AML/CFT roles with the essential fundamentals for performing their AML/CFT duties. The syllabus outline for Core Level is set out at Annex 2. 4.3 The Professional Level, consisting of seven training areas, aims to develop further the knowledge of the more experienced practitioners. Apart from the focus on AML/CFT, the Professional Level also covers anti-bribery and corruption and fraud prevention given they are inextricably intertwined with AML. The syllabus outline for Professional Level will be available in 2017. 4.4 The coverage and competency requirements in the syllabus of the ECF-AML/CFT is referenced to the Hong Kong Qualifications Framework (“QF”), with the Core Level being pitched at QF Level 4 (i.e. equivalent to an associate degree or higher diploma) and the Professional Level at QF Level 5 (i.e. equivalent to a bachelor’s degree). 5. Training programmes and examinations 5.1 Relevant Practitioners can attain the ECF-AML/CFT qualifications by completing accredited training programmes and passing examinations. HKIB is the initial provider of the accredited training programmes and examinations under the ECF-AML/CFT. 5.2 The sit-in examination for the Core Level is set at 2.5 hours. The examination is conducted in English and consists of multiple choice questions only. The passing mark is 70%.

6 5.3 The training programme and examination arrangements for the Professional Level will be announced in 2017. 6. Grandfathering 6.1 A Relevant Practitioner may be grandfathered on a one-off basis based on his or her years of qualifying work experience upon implementation of the relevant level of qualification. Such work experience need not be continuous. The detailed grandfathering requirements are as follows: (a) Core Level – A Relevant Practitioner may apply for grandfathering if he or she has possessed at least 3 years of work experience in AML/CFT compliance as at 31 December 2016. Existing Relevant Practitioners can submit their applications to the HKIB, administrator of ECF-AML/CFT, from 3 January 2017. The deadline for application for grandfathering falls on 30 April 2017 and late submission will not be accepted. Other Relevant Practitioners may submit applications to the HKIB for grandfathering within 3 months from joining the AML/CFT function of an AI. (b) Professional Level – A Relevant Practitioner may apply to the HKIB for grandfathering if he or she has possessed at least 8 years of AML/CFT compliance work experience, of which 3 years is at managerial level or above. The applicable date for counting of years of experience and the application arrangements will be announced when the Professional Level qualification is launched next year. 6.2 Applications for exemption are handled by the HKIB subject to a fee (charged on a cost-recovery basis). A Relevant Practitioner is required to complete the application form with the relevant work experience verified by his or her existing employer. If required, the HKIB may request the applicant to provide additional information to substantiate the application for grandfathering. 7. Certification 7.1 Relevant Practitioners may apply to the HKIB for certification as Associate AML Professional (AAMLP) or Certified AML Professional (CAMLP) under the following conditions (please refer to the flowchart at Annex 3):

7 (a) AAMLP – A Relevant Practitioner may apply to the HKIB for the professional certification if he or she (1) has completed the training programmes and passed the examination for the Core Level (work experience is not a prerequisite for obtaining the certification); or (2) has been grandfathered pursuant to paragraph 17(a) based on the required work experience upon the launch of the Core Level module. (b) CAMLP – A Relevant Practitioner may apply to the HKIB for the professional certification if he or she (1) has completed the training programme and passed the examination and have at least 3 years of work experience in AML/CFT compliance; or (2) has been grandfathered pursuant to paragraph 17(b) based on the required work experience upon the launch of the Professional Level module. 7.2 A Relevant Practitioner may also apply to the HKIB for certification as AAMLP or CAMLP through the exemption path, where applicable. 7.3 The ECF-AML/CFT certification is subject to annual renewal by HKIB. A Relevant Practitioner has to meet the annual continuing professional development (CPD) requirement and pay the annual certification fee to renew the ECF-AML/CFT certification. 8. Continuing professional development 8.1 To maintain ongoing professionalism and up-to-date knowledge of the latest AML/CFT risks, compliance developments, and local and international regulatory requirements and standards, holders of AAMLP and CAMLP certifications are required to undertake the following minimum CPD requirements: (a) AAMLP – a minimum of 10 hours of verifiable CPD in each calendar year, of which at least 5 hours should be on the topic of AML/CFT while the remaining CPD hours should be on compliance (including financial crime compliance), legal and regulatory requirements, risk management or ethics. (b) CAMLP – a minimum of 12 hours of verifiable CPD in each calendar year, of which at least 6 hours should be on the topic of AML/CFT while the remaining CPD hours should be on compliance (including financial crime compliance), legal and regulatory requirements, risk management or ethics.

8 8.2 The renewals of AAMLP and CAMLP certifications are subject to fulfilment of the annual CPD requirements starting from the calendar year following the year of certification. 8.3 Activities that qualify for CPD include: (a) Professional examinations; (b) e-learning which requires submission of assignments or completion of test or other verification; (c) Attending courses, workshops, roundtables, lectures, seminars, forums and conferences in related disciplines; (d) Delivering speeches, presentations and lectures or acting as a panellist in seminars or conferences related to AML/CFT, compliance or risk management; and (e) Writing on AML/CFT, compliance, risk management or related disciplines for publication. 8.4 Activities which facilitate holders of the AAMLP certification towards attaining the Professional Level will qualify for CPD if proof of attendance and assessment record can be provided. 8.5 The minimum CPD requirements will be subject to periodic review in light of the development in the banking sector. 9. Exemption 9.1 The exemption arrangements will be announced when the Professional Level is launched. Preliminarily, the granting of full or partial exemption of comparable qualifications awarded by the Association of Certified Anti-money Laundering Specialist and the International Compliance Association will be considered for meeting the competency standards of both the Core Level and Professional Level of the ECF-AML/CFT. 9.2 Details of the exemption, and bridging arrangements where appropriate, will be announced when the ECF-AML/CFT Professional Level is rolled out next year.

9 10. Maintenance of relevant records 10.1 AIs should keep proper training, examination and CPD records of Relevant Practitioners for monitoring purpose. AIs that are current employers of Relevant Practitioners are expected to keep and confirm relevant information of their relevant staff to facilitate the HKIB’s processing of the applications for grandfathering and certification. Regarding information related to a Relevant Practitioner’s previous employment(s), the current employer of the Relevant Practitioner is expected to confirm whether such information is consistent with its records (e.g. curriculum vitae provided by the Relevant Practitioner at the time of job application). 10.2 AIs should keep the training records of all staff (including non-Relevant Practitioners) in accordance with the training record-keeping requirement set out in the HKMA’s Guideline on Anti-Money Laundering and Counter Terrorist Financing (For Authorized Institutions). 11. Administration of the ECF-AML/CFT 11.1 The Hong Kong Institute of Bankers (HKIB) is the administrator of the ECF-AML/CFT. The major roles of HKIB in this respect include administering examinations, handling certification and grandfathering applications and maintaining a public register of AAMLP and CAMLP certification holders. 12. Accreditation 12.1 An accreditation mechanism will be put in place in the third quarter of 2017 to assess whether training programmes offered by AIs, other professional bodies or training institutes, can meet the standards under the ECF-AML/CFT and thus qualify for accreditation.

10 Annex 1 – Highlights of Competencies for Key Roles of Relevant Practitioners in AML/CFT Compliance The tables below are intended to be used by AIs as reference for ongoing development of competency of Relevant Practitioners responsible for various AML/CFT functions. They are by no means exhaustive or tailored to set out requirements on specific job roles of an individual Relevant Practitioner. AIs can therefore make their own adjustments that better suit their practical circumstances. I) Core Level Key Tasks

  1. Assist in AML/CFT risk assessment reviews and communication of results.
  2. Assist management in reviewing the AML/CFT compliance risk management framework by performing periodic compliance tests on the AML/CFT program.
  3. Execute remediation of compliance deficiencies (discovered internally or by regulators) within a bank.
  4. Review and investigate suspicious transaction alerts and prepare appropriate documentation on these investigations and escalate cases of suspicious activity to the appropriate personnel (e.g. Money Laundering Reporting Officer) where further investigation and report filings may be necessary. Technical Skills Professional Knowledge Behaviour and Attitude Be able to: • Understand and apply risk assessment methodology • Conduct customer due diligence / know-your-customer processes • Implement remediation of compliance deficiencies identified • Up-to-date knowledge on AML/CFT legal, regulatory requirements from Hong Kong and globally • AML/CFT policies, guidelines and procedures required by the bank • Nature of deficiencies identified by regulators or within the bank • Applies professional knowledge to conduct the risk assessment review with due regard to regulatory requirements and quality standards set by the bank • Review customer and transaction data critically to identify suspicious cases; apply judgement to determine cases for

11 • Collect and document evidence on suspicious transactions; determine if escalation or other follow up action is required

• Conduct investigation on suspicious transactions; report investigation approach and results in writing • Risk scenarios applicable to the bank • Documentation requirements, including evidence and audit trail tracking, and investigation reports to management escalation • Analyse data to explore root causes and to derive remedial initiatives • Communicate review findings in an accurate and timely manner • Work collaboratively with internal and external stakeholders of the bank

12 II) Professional Level Key Tasks

  1. Develop, implement and periodically review the AML/CFT compliance risk management framework and the related controls for identification, management, monitoring and reporting of AML/CFT compliance risks and issues (including the operation of AML/CFT systems).
  2. Review, analyse and communicate AML/CFT management information such as trends surrounding suspicious transactions / filed Suspicious Transaction Reports (STR) and sanctions screening hits. Report results of AML/CFT risk management reviews and identify key areas of improvements. Monitor remedial actions for identified weak AML/CFT controls that require corrective actions.
  3. Evaluate and communicate new laws and regulations and stay abreast of all legislative and regulatory developments relating to AML/CFT, both at local and international levels.
  4. Review suspicious activity that has been investigated and concluded as reportable and file STRs to the Joint Financial Intelligence Unit (JFIU) in accordance with regulatory requirements.
  5. Plan periodic compliance tests on the bank’s AML/CFT program against compliance testing policies, procedures and regulations.
  6. Provide guidance and training to business units on AML/CFT related matters, including but not limited to transaction monitoring, filtering, sanctions screening, trade based money laundering and correspondent banking. Technical Skills Professional Knowledge Behaviour and Attitude Be able to: • Develop, review and update AML/CFT policies, framework and governance with a risk-based approach, against changing regulatory requirements in Hong Kong and globally and according to risk profile of the bank

• Propose improvements to the governance and • Up-to-date knowledge and understanding of both the Hong Kong and international regulatory requirements on AML/CFT • Strong working knowledge of all relevant HKMA handbooks and guidance • In-depth understanding of how the regulatory • Displays in-depth understanding in the business needs of AI, and able to correlate the knowledge with regulatory requirements • Applies skills, knowledge and judgement in making decisions and deriving recommendations, balancing the needs of internal and

13 oversight arrangements for AML/CFT risks, and actions required to address deficiencies • Perform in-depth due diligence investigation into suspicious activity; exercise appropriate judgement and form a conclusion on whether the suspicious activity is reportable to the JFIU based on final due diligence • Reassess the risk rating of the client and consider whether the discontinuance and reputational risks that may arise as a result of the suspicious transaction framework interacts with the bank’s own internal policies and procedures • Knowledge of industry benchmark and best practices in developing and managing the AML/CFT practice of the bank • Scenarios, regulatory requirements, process and procedures for conducting final due diligence investigations and for filing STRs to the JFIU external stakeholders • Critically review suspicious transactions and investigation outcome; challenge current practices to identify enhancement opportunities on the bank’s AML/CFT practice • Build organisational capability in implementing or enhancing AI’s AML/CFT framework • Communicate and collaborate with internal and external stakeholders effectively to drive for actions on suspicious transactions and enhancement of AML/CFT practices in the bank

14 Annex 2 – Syllabus for ECF-AML/CFT Core Level Programme Outcomes • Explain what money laundering/terrorist financing (ML/TF) is and how to relate it to the banking and finance sector and to their work of Relevant Practitioners in Hong Kong • Specify the importance of ML/TF related to Hong Kong banking and finance sector • Describe the anti-money laundering and counter-terrorist financing (AML/CFT) International Standards and related Hong Kong legal and regulatory framework • Identify key elements of AML/CFT risk management framework in system design and assess the related risks • Assess the transactions pattern and apply customer due diligence requirements for identifying suspicious transactions for reporting • Execute and evaluate the ongoing AML/ CFT monitoring system and investigation process Chapter Learning Outcomes and Syllabus Chapter 1 A) Chapter title Fighting ML/FT – why it is important and what is the legal / regulatory framework B) Chapter objectives Articulate and apply to workplace scenarios AML/CFT principles, and its legal/regulatory framework from both Hong Kong and international lens C) Learning outcomes At the end of the module, learners will be able to:  Apply key concepts relevant to ML and TF  Recognise the relationship between ML and TF and the importance to combat ML/TF  Apply the international standards on AML/CFT  Recognise the international AML/CFT environment along with the key international and regional bodies  Apply to workplace scenarios the HK AML/CFT framework, and how it can be applied in a banking organisation D) Chapter outline 1. What is ML/TF? 1.1 What is ML? 1.2 What is TF? 1.3 Relationship between ML and TF 1.4 Relationship between ML and Anti-bribery and corruption (ABC) 1.5 Relationship between ML and fraud prevention

15 1.6 Designated categories of offence 2. Why combating ML/ TF is important? 2.1 International AML/CFT environment 2.2 ML/TF in Hong Kong and Banking context 3. International AML/CFT Standards Setting and Advisory Bodies 3.1 Key international and regional bodies

  • How do global and regional AML bodies affect Hong Kong? i. Financial Action Task Force (FATF) vs. non-cooperating countries ii. Asia Pacific Group on Money Laundering iii. Egmont/Wolfsberg Groups iv. World Bank/IMF 3.2 International standards and obligations 3.3 The 40 FATF Recommendations
  1. Hong Kong AML/CFT Legislative framework 4.1. Overview of Hong Kong AML/CFT legislative framework 4.2. The obligation and liability to individuals & banks for violation of the AML/CFT legislations 4.3. Guidance issued by Hong Kong authorities 4.4. Hong Kong legal and regulatory requirements for Financial Institutions Chapter 2 A) Chapter title Managing the risk of ML/TF in banks in Hong Kong – How does ML/TF take place B) Chapter objectives To understand the nature of ML/TF risks, and how they can happen within a bank in Hong Kong C) Learning outcomes At the end of the module, participants will be able to:  Describe the inherent risks of ML and TF in a banking organisation  Identify the circumstances when banks are exposed to ML/TF risks  Evaluate the nature of ML/TF risks and apply to workplace scenarios  Articulate the banking services, products and delivery channels that are subject to ML/TF risks  Explain and apply the relevant regulatory requirements to manage ML/TF risks

16 D) Chapter outline 1. How the three stages of money laundering link to banks? 1.1. Placement 1.2. Layering 1.3. Integration 2. How is the banking sector vulnerable to ML/TF? 2.1. Customer risk 2.2. Product/service risk 2.3. Delivery/distribution channel risk 2.4. Country risk 2.5. Other risks related to ML/TF 2.6. Case studies 3. ML/TF vulnerabilities when dealing with particular types of customers or in specific bank services, products and delivery channels 3.1. Customers/Counterparts Politically Exposed Persons Correspondent banking Intermediaries Clients dealing with cash intensive businesses 3.2. Bank Accounts General bank accounts Charity/ foundation accounts Payable through accounts Multi-currency or cross border accounts Money services banking accounts Special use/ concentration accounts 3.3. Bank Products Deposit-related products Investment-related products Trade-related products Products prone to tax evasion risk Prepaid cards 3.4. Banking Services Private banking Off-shore international activity Wire transfers 3.5. Delivery Channels Non-face-to-face account opening/transactions Chapter 3 A) Chapter title How can banks combat ML/TF through establishing an AML/CFT risk management framework

17 B) Chapter objectives To acquire an understanding on the systems and approaches adopted by banks in combating ML/TF C) Learning outcomes At the end of the module, learners will be able to:  Describe the objectives of a compliance system in AML/CFT  Recognise and apply the principles to adopt a risk-based approach to AML/CFT  Recognise the respective roles and responsibilities within the AML/CFT compliance system  Analyse the design of a bank’s AML/CFT risk management framework in terms of policies, procedures, recordkeeping and on-going staff training  Correlate AML/CFT risk management with the bank’s overall risk management and corporate governance  Apply steps to manage conflict and conduct issues D) Chapter outline 1. Objectives of AML/CFT risk management 2. Risk-based approach to AML/CFT 2.1 What is risk-based approach? 2.2 Why risk-based approach is important? 2.3 Assessment and understanding of risk (both at institutional and customer level) 2.4 Determination of risk appetite 3. Core elements in risk management system design 3.1 Three lines of defense 3.2 Roles and responsibilities of relevant parties 3.3 Policies and procedures 3.4 Record keeping requirements 3.5 Ongoing staff training 3.6 Culture building on ethics, integrity and compliance 4. Continuing monitoring 5. Managing conflict and conduct issues Chapter 4 A) Chapter title Knowing your customer – Customer due diligence B) Chapter objectives To build the knowledge and skills in conducting customer due diligence (CDD) C) Learning outcomes At the end of the module, participants will be able to:  Explain what is meant by CDD

18  Outline the basis of customer risk assessment  Describe and apply to workplace scenarios the list of basic documents required for customer identity verification  Articulate and apply the data requirements for CDD purpose under different scenarios  Explain the grounds for periodic and event-triggered reviews D) Chapter outline 1. What is CDD and why it is important? 1.1. What is CDD? 1.2. When should CDD be undertaken? 1.3. Customer risk assessment 1.4. Customer acceptance policy 2. Identification and verification requirements 2.1. General customers 2.2. High risk customers 2.3. Lower risk customers 2.4. Intermediaries 2.5. Correspondent banking 2.6. Private banking 3. Beneficiary owners 4. Types of structures used to hide beneficial owners i. Shell companies ii. Trusts (on-shore vs. off-shore) iii. Bearer shares iv. Nominees 5. Persons purporting to act on behalf of the customer 6. Differences between identifying documentation for personal vs. business accounts 7. Specific CDD requirements 7.1. Customer information required under CDD 7.2. Enhanced customer due diligence 7.3. Simplified customer due diligence 7.4. On-boarding customer screening 7.5. Ongoing CDD obligations including periodic and event-triggered reviews 8. CDD requirements in cross-border context

19 Chapter 5 A) Chapter title Monitoring your customer by screening, monitoring and reporting suspicious transaction B) Chapter objectives Chapter objectives: To build the knowledge and skills in mitigating ML/TF risks through screening, monitoring and reporting suspicious transactions C) Learning outcomes At the end of the module, participants will be able to:  Describe the principles and apply steps on transaction monitoring system with red-flagging  Explain what is meant by sanction programs and the relevant Hong Kong ordinances  Elaborate how to maintain a sanction filtering system and to clear sanction hit case  Describe the responsibilities of Money Laundering Reporting Officer (MLRO)  Assess STR reporting to JFIU with SAFE approach D) Chapter outline 1. Customer screening & transaction screening 1.1. Purpose of customer & transaction screening 1.2. Differences between customer screening vs. transaction screening 1.3. Ongoing customer screening 2. Sanctions programmes 2.1. Requirements for an effective sanctions compliance regime 2.2. Handling of sanction alerts 2.3. Sanctions lists applicable to banks in Hong Kong 3. Ongoing monitoring 3.1. Use of CDD information and external sourced information 3.2. Behaviour patterns 3.3. Unusually high volume/value of cash transactions 3.4. Atypical wire transactions 3.5. Frequent use of a safe deposit box 4. Screening/monitoring systems 4.1. IT solutions 4.2. Scenarios 4.3. Thresholds 4.4. Adjustments based on risk profile 5. Internal and external suspicious transaction reporting 5.1. Factors triggering the obligation to file a STR

20 5.2. Internal reporting to MLRO 5.3. Information to be reported in the STR 5.4. Post-STR filing action 5.5. Tipping-off offence 6. AML/CTF investigation process 6.1. Risk review of financial investigations and decision-making process 6.2. Liaison and engagement with senior management and enforcement agencies 7. Reacting to law enforcement/regulatory requests and JFIU responses

21 Annex 3 - Flowchart illustrating the possible routes to meet the ECF-AML/CFT certifications

22