KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

namedate of birthnationalityidentity cardpassport

KYC to onboard international persons

namedate of birth

corporate requirements

full nameregistration numberregistered address trading addresstype of businessDate and place of incorporation or establishmentTelephone numberE-mailAddress of the head office and branches

National ID card name

National ID Card

National ID Photo

back of national id photo back

Does the country have Esignature Laws?

Bahrain eGovernment Programme

E-sig law files

What year did the relevant AML laws and regulations become effective?

2006

Further details on AML regime

2001 (amended 2006). The Anti Money Laundering & Terrorist Financing Unit (“AMLTFU”) was established in July 2002, under the direct control of the Ministry of the Interior. The AMLTFU is the money laundering enforcement unit in the Kingdom of Bahrain responsible for receiving, requesting, analysing and disseminating disclosures of financial information to the investigatory and supervisory authorities concerning suspected proceeds of crime and alleged money laundering.

Who is the regulator for AML controls for Banking

Central Bank of Bahrain (CBB)

Link to site

http://www.cbb.gov.bh

Other financial Services

Central Bank of Bahrain (CBB)

Website of Regulator

http://www.cbb.gov.bh

Financial Sector regulator

N/A

Practical Guidance for AML

Yes. CBB website for information on AML & Combating the Financing of Terrorism (“CFT”)

Practical guidance PDF's

page.php

Is there a requirement to verify the identity of customers retroactively?

Retroactive details

Has the country been the subject of FATF mutal evaluation in the last 3 years?

No, Bahrain's compliance with international AML/CFT standards was assessed by the International Monetary Fund in 2005, as part of a financial sector assessment programme review of the Kingdom. The report was approved by the IMF in January 2006. The same report was subsequently discussed and endorsed by the MENA-FATF in November 2006.

Are there minimum transaction thresholds (Y/N)

Yes

More details on minimum transaction thresholds.

Yes. Financial Institution: The Financial Crime module of CBB Rulebook Volume 1 states that a bank most implement customer due deligence measures when: a) Establishing business relations with a new or existing customer; b) A change to the signatory or beneficiary of an existing account or business relationship is made; c) A significant transaction takes place; d) There is a material change in the way that the bank account is operated or in the manner in which the business relationship is conducted; e) Customer documentation standards change substantially; f) The bank has doubts about the veracity or adequacy of previously obtained customer due diligence information; g) Carrying-out one-off or occasional transactions above BHD6,000, or where several smaller transactions that appear to be linked fall above this threshold; h) Carrying out wire transfers irrespective of amount; or i) There is a suspicion of money laundering or terrorist financing. Non financial institutions: Article 4 of Ministerial Order No.23 of 2002 () exempts the following transactions from customer due diligence: a) the transaction or transactions which total less than BHD10,000; b) transactions related to life insurance if the premiums are paid through an account opened for the customer in a local bank; and c) transactions related to a retirement scheme if they arise from the Insured's occupation or contract of employment or if the amount of subscriptions is paid through an account opened for the customer in a local bank.

What are the requirements for customer identification information for individuals

Financial institutions: The Financial Crime module (FC – 1.2) of CBB Rulebook Volume 1 states that banks must obtain and record the following information, where applicable: In the case of natural person: Full legal name and any other names used / Full permanent address / Date and place of birth / Nationality / Passport number / CPR or residency number / Telephone/fax number / email address / Occupation or public position held / Employer's name and address (if self-employed, the nature of the self-employment) / Type of account and nature and volume of anticipated business dealings with the conventional bank licensee/Signature of the customer(s) / Source of funds. Non financial institutions: Article 4 of Ministerial Order No.23 of 2002 () identifies details to be established and kept on record for non financial institutions where applicable: In the case of natural persons: Customer’s full name / Date of birth / Nationality / Full details of the identity card or passport / Central Population Register (CPR) Card number (if any) / Occupation / Usual residence address / Employer’s name and address.

Details to be Collected on Corporates

Financial institutions: The Financial Crime module (FC – 1.2) of CBB Rulebook Volume 1 states that banks must obtain and record the following information, where applicable: In the case of legal entities: The entity's full name and other trading names used / Registration number (or equivalent) / Legal form / Registered address and trading address / Type of business activity / Date and place of incorporation or establishment / Telephone, fax number and email address / Regulatory body or listing body (for regulated activities such as financial services and listed companies) / Name of external auditor / Type of account, and nature and volume of anticipated business dealings with conventional bank licensees/ / Source of funds. Non financial institutions: Article 4 of Ministerial Order No.23 of 2002 () identifies details to be established and kept on record for non financial institutions where applicable: In the case of a corporate client: Customer’s full name / Legal status / Registration number and place / Address of the head office and branches (if any) / Names of board members / Legal representative of the corporate person and his identification. The Memorandum and Articles of Association and the Power of Attorney must also be verified for incorporated activities.

What are the high level requirements around beneficial ownership (identification and verification)?

Financial institutions: The Financial Crime module (FC – 1.1.5 to FC - 1.1.7 and FC - 1.6.1) of CBB Rulebook Volume 1 states that banks must obtain a signed statement from all new customers confirming whether or not the customer is acting on their own behalf. This undertaking must be obtained prior to conducting any transactions with the customer concerned. Where a customer is acting on behalf of a third party, the bank must also obtain a signed statement from the third party, confirming they have given authority to the customer to act on their behalf. Where the third party is a legal person, the bank must have sight of the original board resolution (or other applicable document) authorising the customer to act on the third party’s behalf, and retain a certified copy. Banks must establish and verify the identity of the customer and (where applicable) the party/parties on whose behalf the customer is acting, including the beneficial owner of the funds. Financial services must not be provided to charitable funds and religious, sporting, social, cooperative and professional societies, until an original certificate authenticated by the relevant Ministry confirming the identities of those purporting to act on their behalf (and authorising them to obtain the said service) has been obtained. Non financial institutions: Ministerial Order No.7 of 2001 (requires each institution to verify a customer’s identity and his source of funds and obtain proof that: a) Establishes the customer's identity; b) Establishes that the source of funds is as claimed by the customer; c) Determines the customer's address, date of birth and nationality. If the customer is an agent of a business or firm subject to the supervision of a controlling authority and resides in a country that has similar laws for prohibition and combating money laundering, it may be sufficient evidence to receive written confirmation from the customer of the availability of proof of the principal’s identity, its registration and maintenance thereof.

What circumstances are enhanced customer due diligence measures required?

The CBB Rulebook Volume 1, Financial Crime module FC – 1.3 to FC 1.8 states that enhanced customer due diligence must be performed on those customers identified as having a higher risk profile and additional enquiries made or information obtained in respect of those customers. Specific conditions that give rise to a higher risk profile include: Instances where there is non-face-to-face business; dealing with Politically Exposed Persons (“PEPs”); dealing with charities, clubs and other societies; dealing with a professional intermediary who manages pooled funds; and dealing with a correspondent bank.

How should FI's deal with Politically exposed persons

The Financial Crime module (FC – 1.5) of CBB Rulebook Volume 1 states that Banks must have appropriate risk management systems to determine whether a customer is a PEP, both at the time of establishing business relations and thereafter on a periodic basis. Banks must utilise publicly available databases and information to establish whether a customer is a PEP. Banks must establish a client acceptance policy with regard to PEPs, taking into account the reputational and other risks involved. Senior management approval must be obtained before a PEP is accepted as a customer. Where an existing customer is a PEP, or subsequently becomes a PEP, enhanced monitoring and customer due diligence measures must include: a) analysis of complex financial structures, including trusts, foundations or international business corporations; b) a written record in the customer file to evidence that reasonable measures have been taken to establish both the source of wealth and the source of funds; c) development of a profile of anticipated customer activity, to be used in ongoing monitoring; d) approval of senior management for allowing the customer relationship to continue; and e) on-going account monitoring of the PEP’s account by senior management (such as the Money Laundering Reporting Officer (“MLRO”).

What enhanced due diligence must be performed for correspondent banking relationships?

The Financial Crime module (FC – 1.8) of CBB Rulebook Volume 1 states that Banks must implement the following additional measures, prior to opening a correspondent banking relationship: a) Complete a signed statement that outlines the respective responsibilities of each institution in relation to money laundering detection and monitoring responsibilities; and b) Ensure that the correspondent banking relationship has the approval of senior management. Banks which intend to act as correspondent banks must gather sufficient additional information (e.g. through a questionnaire) about their respondent banks to understand the nature of the respondent's business. Factors to consider include: a) Information about the respondent bank's ownership, structure and management; b) Major business activities of the respondent and its location (i.e. whether it is located in a FATF compliant jurisdiction) as well as the location of its parent (where applicable); c) Where the customers of the respondent bank are located; d) The respondent's AML and Combating the Financing of Terrorism (“CFT”) controls; e) The purpose for which the account will be opened; f) Confirmation that the respondent bank has verified the identity of any third party entities that will have direct access to the correspondent banking services without reference to the respondent bank; g) The extent to which the respondent bank performs on-going due diligence on customers with direct access to the account, and the condition of bank regulation and supervision in the respondent's country (e.g. from published FATF reports). Banks should take into account the country where the respondent bank is located and whether that country abides by the FATF 40+ 9 recommendations when establishing correspondent relationships with foreign banks. Banks should obtain where possible copies of the relevant laws and regulations concerning AML/CFT and satisfy themselves that respondent banks have effective customer due diligence measures consistent with the FATF 40+ 9 recommendations; h) Confirmation that the respondent bank is able to provide relevant customer identification data on request to the correspondent bank; and i) Whether the respondent bank has been subject to a money laundering or terrorist financing investigation.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

Yes. The Financial Crime module (FC – 1.10) of CBB Rulebook Volume 1 states that Banks must not establish business relations with banks which have no physical presence or 'mind and management' in the jurisdiction in which they are licensed and which is unaffiliated with a regulated financial group. Banks must not knowingly establish relations with banks that have relations with shell banks.

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

The Financial Crime module (FC – 1.4) of CBB Rulebook Volume 1 states that where no face-to-face contact takes place, banks must take additional measures in order to mitigate the potentially higher risk associated with such business. In particular, banks must take measures to ensure that the customer is the person they claim to be and that the address provided is genuinely the customer's. There are a number of checks that can provide a bank with a reasonable degree of assurance as to the authenticity of the applicant: a) Telephone contact with the applicant on an independently verified home or business number; b) With the customer's consent, contacting an employer to confirm employment, via phone through a listed number or in writing; and c) Salary details appearing on recent bank statements.n

To whom are SAR's made? (suspicious activity reports)

CBB and the Anti Money Laundering & Terrorist Financing Unit (“AMLTFU”) (). For licensees registered under the Ministry of Industry and Commerce, SARs must be simultaneously sent to both the MOIC and the AMLTFU.

Link to website of SAR reporting

www.cbb.gov.bh, http://www.moic.gov.bh/Moic/En/Legal

Other Suspicious or unusual transactions obligations.

Financial Institutions: The Financial Crime module (FC – 5.1.1) of CBB Rulebook Volume 1 specifies that banks must implement procedures to ensure that staff who handle customer business (or are managerially responsible for such staff) make a report promptly to the MLRO if they know or suspect that a customer (or a person on whose behalf a customer may be acting) is engaged in money laundering or terrorism financing, or if the transaction or the customer's conduct otherwise appears unusual or suspicious. These procedures must include arrangements for disciplining any member of staff who fails, without reasonable excuse, to make such a report. Non financial institutions: Ministerial Order No.7 of 2001 Article 4.9) specifies that all institutions shall report to the Anti Money Laundering Unit any suspicious or extraordinary transactions regardless of the value of amounts subject to the transaction.

Are there any de-minimis thresholds below which transactions do not need to be reported?

A transaction needs to be reported if it is above BHD6,000 or where several smaller transactions that appear to be linked fall above this threshold. If the transactions fall below this threshold, they do not need to be reported.

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Article 3.4 and Article 3.5 of Law No. (4) of 2001 specifies that: a) Any person who commits any of the offences related to money laundering shall be liable to imprisonment for a period not exceeding two (2) years and/or a fine not exceeding BHD50,000 or both. b) Any person who contravenes the provisions of Regulations and Ministerial Regulations issued under this law shall be liable to imprisonment for a period not exceeding three (3) months or a fine not exceeding BHD 20,000 or both.

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

No, unless the bank is specifically requested by the CBB to do so.

Does the local legislation allow transactions to be monitored outside the jurisdiction?

Article 8 of Law No. (4) of 2001 states that where a foreign state makes a request for specific information relating to suspicious transactions, persons and corporations involved in those transactions or the investigation or prosecution of a money laundering offence, the AMLTFU shall execute the request or inform the foreign state of any delay in or the reason for not executing the request.

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

N/A

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

N/A

To whom should the report on AML systems be submitted?

N/A

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

N/A

Data Protection Laws And Personal Data

N/A

Data Protection for Corporate Data

N/A

Data protection for "sensitive Data" and additional protections.

N/A

Do any restrictions on the transfer of credit reports exist?

N/A

Regulator Acronym

CBB

Year of last FATF mutual evaluation

N/A

Field 67

business numberbank statements.

National ID card details

Bahraini citizens must have both an ID card, called a "smart card",

Compulsory?

National ID source

http://www.identity-cards.net/record/bahrain

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Requirement to proceed

requirement to use automated suspicious transaction tools

Who are SARS made to?

AMLTFU

shell banks

Yes

EDD for correspondent banking

Yes

Minimum transactions

BHD 10,000

Min transaction USD

26528

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

N/A

Non financial sector (e.g. casinos, high value goods etc.)

Ministry of Industry and Commerce

Does the country have a risk based approach?

Yes, the Central Bank of Bahrain (CBB) uses a risk based approach to customer due diligence and ongoing monitoring through its rulebooks. The CBB requires banks to have effective anti-money laundering policies and procedures in addition to measures for combating the financing of terrorism.

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

Financial institutions: The Financial Crime module (FC – 1.2.4 and FC - 1.2.5) of CBB Rulebook Volume 1 states that an authorised official of the licensee must certify copy documents, by viewing the original and writing on the copy the words ‘original sighted’, together with the date and a signature. Equivalent measures must be taken for electronic copies. Identification documents which are not obtained by an authorised official of the licensee in original form must instead be certified by one of the following from a Gulf Cooperation Council (GCC) or FATF member state: a lawyer; a notary; a chartered/certified accountant; an official of a government ministry; an official of an embassy or consulate; or an official of another licensed financial institution or of an associate company of the licensee. Non financial institutions: Article 4 of Ministerial Order No.23 of 2002 () details that before establishing any business relationship, registered persons shall establish the identities of their customers, representatives and beneficiaries from the transaction by using all the reasonable methods and adopt all the possible precautions to ascertain the validity of documents or details concerning their identities.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

N/A

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.

N/A