CENTRAL BANK OF CYPRUS EUROSYSTEM

1 CENTRAL bank OF CYPRUS E U R O S Y S T E M PPRREEVVEENNTTIIOONN OOFF MMOONNEEYY LLAAUUNNDDEERRIINNGG AANNDD TTEERRRROORRIISSTT FFIINNAANNCCIINNGG DDIIRREECCTTIIVVEE TTOO CCRREEDDIITT IINNSSTTIITTUUTTIIOONNSS IINN AACCCCOORRDDAANNCCEE WWIITTHH AARRTTIICCLLEE 5599((44)) OOFF TTHHEE PPRREEVVEENNTTIIOONN AANNDD SSUUPPPPRREESSSSIIOONN OOFF MMOONNEEYY LLAAUUNNDDEERRIINNGG AACCTTIIVVIITTIIEESS LLAAWWSS OOFF 22000077 TTOO 22001133 (FOURTH ISSUE) DECEMBER 2013 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 i CONTENTS PAGE PREFACE 1 1. INTERNAL CONTROL PROCEDURES AND RISK MANAGEMENT 3 Obligation to establish procedures 3 Customer Acceptance Policy 7 2. THE ROLE OF THE MONEY LAUNDERING COMPLIANCE OFFICER 8 Appointment of a Money Laundering Compliance Officer ( MLCO ) 8 Duties of the Money Laundering Compliance Officer 9 Annual Report of the Money Laundering Compliance Officer 14 3.

2 THE APPLICATION OF APPROPRIATE MEASURES AND PROCEDURES ON A RISK SENSITIVE BASIS 17 Introduction 17 Identifying and Assessing Risks 18 Design and implementation of controls to manage and mitigate risks 19 Monitoring and improving the effective operation of credit institutions internal procedures 21 Dynamic risk management Risk management report 22 22 4. CUSTOMER IDENTIFICATION AND DUE DILIGENCE PROCEDURES 23 Introduction 23 When customer identification and due diligence procedures should be applied. 23 Customer identification and due diligence procedures 24 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 ii Timing of identification 25 Exercise of due diligence and updating of identification data of existing customers 26 Simplified customer identification and due diligence procedures 28 Prohibition of anonymous and numbered accounts and accounts in fictitious names 31 Transactions and products that favour anonymity 31 Prohibition of correspondent relationships with shell banks 32 Failure or refusal to provide identification evidence 32 Construction of a customer s business profile 33 Reliance on third parties for customer identification and due diligence purposes 35 Specific customer identification issues 38 Natural persons 38 Joint Accounts 39 Nominees or agents of third persons 40 Accounts of unions, societies, clubs.

3 Provident funds and charities 40 Accounts of unincorporated businesses/partnerships 40 Accounts of corporate customers (companies) 41 Investment funds and persons engaged in the provision of financial and investment services 43 Safe custody and safety deposit boxes 45 Procedures for high risk customers 45 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 iii Customer identification and due diligence on a risk sensitive basis 45 High risk customers 46 Non-face to face customers 46 Accounts in the names of companies whose shares are in the form of bearer 48 Accounts in the names of trusts / foundations 48 Client accounts in the name of third persons 50 Accounts of Politically Exposed Persons ( PEPs ) 52 Correspondent accounts of banks outside European Union 55 Services to private banking customers 57 Electronic gambling /gaming through the internet 59 Customers from countries which do not adequately apply FATF s recommendations 59 On-going monitoring of accounts and transactions 61 5.

4 CASH DEPOSITS AND WITHDRAWALS 65 Cash deposits 65 Deposits of cash imported from abroad 65 Prohibition of accepting cash deposits in foreign currency notes that have been imported from abroad 65 Acceptance of cash deposits in foreign currency 66 Definition of connected persons and connected cash deposits 67 Internal procedures and responsibilities of the Money Laundering Compliance Officer 67 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 iv Exempted cash deposits 68 Cash withdrawals 69 6. RECORD KEEPING PROCEDURES 70 Introduction 70 Format of records 72 Electronic funds transfers 72 7. RECOGNITION AND REPORTING OF SUSPICIOUS TRANSACTIONS/ACTIVITIES 74 Introduction 74 Examples of suspicious transactions/activities 74 Internal reporting of suspicious transactions and activities 74 Reports to MOKAS 75 8. EDUCATION AND TRAINING OF EMPLOYEES 77 9. IMPLEMENTATION OF THE DIRECTIVE ON BANKS BRANCHES AND SUBSIDIARIES OPERATING OUTSIDE THE EUROPEAN UNION 79 10.

5 SUBMISSION OF DATA, INFORMATION AND PRUDENTIAL RETURNS TO THE CENTRAL bank OF CYPRUS 80 Submission of data and information 80 Monthly Statement of large cash deposits and funds transfers 80 Monthly Statement of customers' loans and deposits by country of permanent residence of the ultimate beneficial owner 80 Adjustment of credit institutions computerised accounting systems 81 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 v 11. REPEAL AND CANCELLATION OF PREVIOUS DIRECTIVES AND OF THEIR AMENDMENTS 81 12. APPENDICES: 82 Appendix 1: Questionnaire for the Assessment of the Fitness and Probity of an Individual to be Appointed as a Money Laundering Compliance Officer. 82 Appendix 2: Internal Money Laundering Suspicion Report. 88 Appendix 3: Money Laundering Compliance Officer's Internal Evaluation Report. 89 Appendix 4: Money laundering Compliance Officer's Report to the Unit for Combating Money Laundering ( MOKAS ).

6 90 Appendix 5: Examples of suspicious transactions / activities related to money laundering and terrorist financing. 99 Appendix 6: Statement of large cash deposits and funds transfers (Explanations and guidance for filling in the Monthly Statement of large cash deposits and funds transfers). 108 CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 1 Preface (i). CYPRUS enacted the appropriate legislation and has taken effective regulatory and other measures by putting in place suitable mechanisms for the prevention and suppression of money laundering and terrorist financing activities. Moreover, CYPRUS is committed to applying all the requirements of international treaties and standards in this area and, specifically, those deriving from the European Union Directives. (ii). In 1992, CYPRUS enacted the first Law by which money laundering deriving from drug trafficking was criminalised.

7 In 1996 CYPRUS enacted The Prevention and Suppression of Money Laundering Activities Law defining and criminalising money laundering deriving from all serious criminal offences. The Law recognised the important role of the financial sector on the prevention and forestalling of money laundering activities and contained special provisions for measures and procedures that persons involved in financial business should put in place to that effect. The Law was subsequently amended to adopt new international initiatives and standards in the area of money laundering, including the 2nd European Union Directive for the prevention of the use of the financial system for the purpose of money laundering (Directive 91/308/EEC). (iii). The Law designated the CENTRAL bank of CYPRUS as the competent supervisory authority for persons engaged in banking activities and assigned to it the responsibility of supervising and monitoring the compliance of banks with the provisions of the Law with the aim of preventing the use of the services provided by banks for money laundering.

8 (iv). On 13/12/2007 the House of Representatives enacted The Prevention and Suppression of Money Laundering Activities Law (hereinafter to be referred to as the Law ) by which the former Laws on the prevention and suppression of money laundering activities of 1996-2004 were consolidated, revised and repealed. Under the current Law, which came into force on 1 January 2008, the CYPRUS legislation was harmonised with the Third European Union Directive on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing (Directive 2005/60/ C) hereinafter to be referred to as the European Union Directive . The Basic Law and its subsequent amendments ( 58( )/2010, 80( )/2012, 192( )/2012 and 101( )/2013) are available at the webpage of the CENTRAL bank of CYPRUS (v). From 1989 up to 1996, the CENTRAL bank of CYPRUS issued several circulars to the banks operating in CYPRUS , recommending the introduction of specific measures against the use CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 2 of the financial system for the purpose of money laundering.

9 As from 1997, the CENTRAL bank of CYPRUS , exercising its powers emanating from the Law enacted in 1996, proceeded with the issue of a series of Directives to all banks in CYPRUS prescribing the practices and procedures that banks should adopt so as to comply with the requirements of the Law for the implementation of preventive measures against money laundering activities. (vi). The present CENTRAL bank of CYPRUS Directive (Fouth Edition) (hereinafter to be referred to as the Directive ) is issued to all credit institutions in accordance with Article 59(4) of the Prevention and Suppression of Money Laundering Activities Laws of 2007 to 2013, and aims at laying down the specific policy, procedures and control systems that all credit institutions should implement for the effective prevention of money laundering and terrorist financing so as to achieve full compliance with the requirements of the Law. It is emphasized that the Law explicitly states that Directives are binding and compulsory to all persons to whom they are addressed.

10 Furthermore, the Law assigns to the supervisory authorities, including the CENTRAL bank of CYPRUS , the duty of monitoring, evaluating and supervising the implementation of the Law and of the Directives issued to the supervised entities. CENTRAL bank OF CYPRUS EUROSYSTEM CENTRAL bank of CYPRUS s Directive December 2013 3 1. INTERNAL CONTROL PROCEDURES AND RISK MANAGEMENT Obligation to establish procedures The Law Article 58 1. Article 58 of the Law requires all persons carrying on financial or other business to establish adequate and appropriate systems and procedures, inter alia, for the following: (i). Internal control, risk assessment and risk management in order to forestall and prevent money laundering and terrorist financing, and (ii). the detailed examination of any transaction which by nature may be considered to be particularly vulnerable to be associated with money laundering or terrorist financing, and in particular, complex and unusually large transactions and all unusual patterns of transactions which have no apparent economic or clear lawful purpose.