KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

identification numberprofessioninvoice numberaddressemail

KYC to onboard international persons

identification number

corporate requirements

entity namesocial security numbersentity economic activitiesinvoice numberresidencyphone number

National ID card name

Cédula de Identidad or Carné de Identidad

National ID Photo

back of national id photo back

Does the country have Esignature Laws?

LOW ON ELECTRONIC DOCUMENTS, ELECTRONIC SIGNATURE AND CERTIFICATION SERVICES OF SIGNATURE

E-sig law files

What year did the relevant AML laws and regulations become effective?

1995

Further details on AML regime

In 1995, money laundering was incorporated as a crime in the Chilean Penal System by law N°19.366. In December 2003, law N°19.913 was promulgated. This law created a specific Financial Analysis Unit “Unidad de Análisis Financiero” to prevent and stop money laundering. In December 2009, law Nº 20.393 was published. This law established the penal responsibility of legal entities relating to the crimes of money laundering, financing of terrorism and bribery. In February 2015, law N° 20.818 was promulgated and published. This law established guidelines for public entities about Article 3 Law N°. 19.913

Who is the regulator for AML controls for Banking

Superintendencia de Bancos e Instituciones Financieras”, (“SBIF”)

Link to site

http://www.sbif.cl/sbifweb/servlet/Portada?indice=0.0

Other financial Services

Unidad de Análisis Financiero” (“UAF”)

Website of Regulator

http://www.uaf.cl/english/whatwedo.aspx

Financial Sector regulator

http://www.uaf.cl/english/whatwedo.aspx

Practical Guidance for AML

Yes, there are several instructions given by the regulators that are mandatory for institutions. The “Manual para la prevención del blanqueo de capitales” - published by the “Asociación de Bancos e Instituciones Financieras de Chile A.G.”, Recomendaciones para la identificación y procedimientos relacionados con Personas Expuestas Políticamente (“PEP”)”, and “Circular conjunta N° 50 de Unidad de Análisis Financiero y N° 57 de Superintendencia de Casinos de Juegos”.

Practical guidance PDF's

about-the-association-of-banks

Is there a requirement to verify the identity of customers retroactively?

N/A

Retroactive details

N/A

Has the country been the subject of FATF mutal evaluation in the last 3 years?

N/A (The last mutual evaluation was performed in 2010

PDF of FATF review

Are there minimum transaction thresholds (Y/N)

More details on minimum transaction thresholds.

No.

What are the requirements for customer identification information for individuals

a) individual b) Rol Único Tributario (“RUT”) number (the National Identification Number for individuals and legal entities c) individual profession or degree d) invoice number e) address in Chile or in country of origin f) email

Details to be Collected on Corporates

a) entity name; b), similar to Social Security Numbers for individuals or Employer ID Numbers for entities); c) entity economic activities; d) invoice number; e) residency; and f) phone number.

What are the high level requirements around beneficial ownership (identification and verification)?

UAF Regulations specifically require the reviewing of clients, prospective clients and UBOs to identify if any party is a PEP. Local regulation does not explicitly establish an ownership threshold to define

What circumstances are enhanced customer due diligence measures required?

Special due diligence and KYC procedures must be applied to: a) PEPs (escalation to management for approval); b) electronic transfers (information about the transferor must be kept); c) individuals and members listed in "Comité de Sanciones ONU" (UN sanctions about N° 1.267 of 1999, N° 1.333 of 2000 and N°1.390 of 2002 resolutions) (continuous monitoring - information obtained must be reported to UAF); d) non-cooperative countries/jurisdictions/territories and tax havens (transactions with these countries/jurisdictions/territories must be reviewed and reported to UAF); and e) customer who exercises one of activities described in Article 3 Law N°19.913.

How should FI's deal with Politically exposed persons

Financial institutions and certain non-financial institutions must implement special due diligence procedures for PEPs: a) establish risk management systems to determine if a prospective client, a client or a final beneficiary is a PEP or not; b) require and obtain senior management approval to establish a relationship with a PEP; c) take reasonable measures to determine the source of wealth and funds of clients and final beneficiaries identified as PEPs and the reasonability of the operations; and d) implement measures and procedures of continuous due diligence regarding the relationship with the PEP.

What enhanced due diligence must be performed for correspondent banking relationships?

According to RAN Chapter 1-14, the following additional KYC measures must be performed when establishing a correspondent banking relationship: a) gather sufficient information to fully understand the correspondent bank’s business and verify its reputation and control quality; b) assess the policies and procedures performed by the correspondent bank to detect suspicious activities; c) document the responsibilities of each institution; and d) obtain management approval to establish a new correspondent banking relationship.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

According to RAN Chapter 1-14, banks must abstain from starting relationships or performing operations with shell banks.

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

There is no specific mention in local AML regulations about this subject

To whom are SAR's made? (suspicious activity reports)

Financial Analysis Unit “Unidad de Análisis Financiero”

Link to website of SAR reporting

http://www.uaf.cl/entidades/como.aspx

Other Suspicious or unusual transactions obligations.

Cash transactions over USD10,000 must be reported.

Are there any de-minimis thresholds below which transactions do not need to be reported?

There are no thresholds for suspicious activity reports.

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Yes. The failure to comply with the reporting requirements is considered an infraction to Law 19.913. Any entities and individuals involved may be sanctioned.

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

Yes. According to RAN Chapter 1-14, banks must have appropriate technological tools that allow them to develop warning systems, in order to identify and detect unusual transactions.

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

According to local regulation, every suspicious operation must be reported as fast as possible and in an unobstructed manner to the UAF. Reports must be filed in an electronic format. Financial institutions

Does the local legislation allow transactions to be monitored outside the jurisdiction?

No. According to RAN Chapter 1-14, if the bank has branches or subsidiaries abroad, the Board must ensure that the laws and regulations of the host country adequately meet the requirements of this

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

No, there is no legal requirement for an external auditor to provide an opinion or report on the bank’s AML systems and controls. Information about suspicious activity reports and controls is not audited. During the financial statement audit, the external auditor is informed about the suspicious activity reports to evaluate if there is any impact on the audit process.

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

N/A

To whom should the report on AML systems be submitted?

N/A

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

N/A

Data Protection Laws And Personal Data

Yes, as “personal data” is defined by Law N° 19.628 as any data related to an identified or identifiable individua

Data Protection for Corporate Data

it does not. Law N° 19628 applies only to data relating to individuals. However, professional secrecy regulations and contractual obligations mean such data must be kept as confidential

Data protection for "sensitive Data" and additional protections.

Sensitive data” is defined by Law N° 19.628 as any personal data relating to physical or moral characteristics of individuals, or to facts or circumstances of their private life or intimacy. Note that according to Law N° 19.628, any kind of personal data treatment shall be expressly authorised by the data subject (individual), in writing, and prior to the data treatment. The data subject shall be informed about the purposes of its data treatment, and is entitled to revoke such authorisation, among other rights. As a general rule, “sensitive data” cannot be treated in any form, except: a. when it is expressly authorised by law; b. when the “sensitive data” is required for granting health benefits to the data subject; and c. when the data subject expressly authorises the “sensitive data” treatment as described immediately above.

Do any restrictions on the transfer of credit reports exist?

Any transfer of personal data shall be authorised by the data subject as described in A29 c) above. Regarding credit reports, no data subject authorisation is required when the information comes from, or is collected by, public sources, as long as the data corresponds to economic, financial, banking and commercial information contained in lists referred to a category of individuals that only indicates certain information (individual’s group, occupation, professional or technical degrees, birth date, address), or is needed for commercial communications requiring a direct answer or the direct sale of goods and services. On the other hand, article 17 of Law 19.628 allows the communication of economic, financial, banking and commercial liabilities when these are not duly paid, and are expressed in certain commercial instruments (e.g. unpaid checks, notes, banking loans, mortgages, etc.). In general, this kind of report cannot include: liabilities that have been renegotiated, are subject to negotiation or are subject to pending terms or conditions; utilities debts; debts incurred during unemployment periods; and, liabilities that became enforceable 5 years previously. Regarding criminal records, this information can be understood as “sensitive data”, and its treatment is only allowed as described in A29 c). Although, if this data is treated by a government or public organisation (public services, public authorities, etc.) within its legal faculties, no data subject authorisation is needed for data treatment purposes. In relation to criminal records, administrative penalties or disciplinary faults, this information cannot be communicated after the statute of limitation period for pursuing those sanctions has elapsed, except in cases where such information is requested by the courts of justice or other competent authorities and such information is kept under secrecy. Regarding medical data, this information can be understood as “sensitive data”, and its treatment is only allowed as described in A29 c). As mentioned in A29 c) b., the treatment of this kind of personal data is allowed when it is required for granting health benefits to the data subject, with no data subject authorisation.

Regulator Acronym

SBIF, UAF

Year of last FATF mutual evaluation

2010

Field 67

no specific regulation in AML

National ID card details

It is compulsory at 18, when it has to be carried at all times.

Compulsory?

National ID source

http://www.elipse.cl/productos/sistema%20reloj%20control%20de%20asistencia/sistema%20reloj%20control%20de%20asistencia%20con%20carnet%20de%20identidad%20o%20cedula%20de%20identidad.html

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Requirement to proceed

Yes

requirement to use automated suspicious transaction tools

Yes

Who are SARS made to?

AML

shell banks

Yes

EDD for correspondent banking

Yes

PDF of case law

Minimum transactions

CLP 3,267,853

Min transaction USD

5000

Personal Data protection

Personal Data Protection Act

https://www.leychile.cl/Navegar?idNorma=141599

key restrictions

Agreements and documents related to acts or contracts where the law requires the personal attendance of one or more of the parties and those related to family law are exempted from the law.

Summary

Yes, Article 3 of law 19.799 recognizes electronic signatures as legal and enforceable, while Articles 5 provides for their admissibility. Summary of law Chile's laws provide for the enforcement of both simple electronic signatures and digital signatures ( called advanced or certified signatures). It considered a two-tier jurisdiction because it gives digital signatures the same status as handwritten signatures but also recognizes simple electronic signatures as legal and enforceable. Countries that follow this model give companies the opportunity to select different forms of signatures and customize their business processes based of the form that is most convenient and appropriate for each use case. Electronic signatures are presumed valid unless proof to the contrary is produced.

Are e-signatures acceptable

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

N/A

Non financial sector (e.g. casinos, high value goods etc.)

Unidad de Análisis Financiero” (“UAF”)

Does the country have a risk based approach?

Yes, enhanced due diligence, know your customer, know your employee, know your supplier, are all systems that must be configured as a tool of risk management to prevent money laundering and the financing of terrorism.

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

According to SBIF regulations, banking institutions should apply appropriate procedures to verify that the information provided by clients is valid and accurate. If the information is not reliable or the client does not provide information for proper identification, the bank must evaluate the termination of the commercial relationship and send a suspicious operation report to UAF.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

Article 19 N° 4 of the Chilean Constitution set forth the constitutional right of respect and protection of private life and honour of an individual and their family. If this constitutional right is breached or

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.

Yes. Title XVI of “Ley General de Bancos” establishes the bank secrecy law. According to this law, deposits and investments are subject to bank secrecy. Other operations are under reserve.