KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

face to face meetingidentification informationinquire with public security bureaucheck online citizens’ identity information system

KYC to onboard international persons

face to face meetingidentification informationinquire with public security bereaucheck the online citizens’ identity information system

corporate requirements

financial institutionsidentification informationface-to-face meeting

National ID card name

Chinese: 國民身分證; pinyin: Guómín Shēnfènzhèng; Pe̍h-ōe-jī: Kok-bîn Sin-hun-chèng

National ID Photo

back of national id photo back

Does the country have Esignature Laws?

Electronic Signature of the People's Republic of China

E-sig law files

China.pdf

What year did the relevant AML laws and regulations become effective?

2014

Further details on AML regime

The primary legislation governing AML in China is as follows: a) Anti-Money Laundering Law (2006); b) Provisions on Anti-Money Laundering through Financial Institutions (2006); c) Administrative Measures for Financial Institutions on Report of Large-sum Transactions and Doubtful Transactions (2006); d) Administrative Measures for Financial Institutions on Report of Transactions Suspected of Financing for Terrorist Purposes (2007); e) Administrative Measures for Financial Institutions on Identification of Client Identity and Preservation of Client Identity Materials and Transactions Records (2007); f) Measures on the Administration of Freezing Assets Related to Terrorist Financing (2014); and g) Measures for the Supervision and Administration of Anti-Money Laundering by Financial Institutions (for Trial Implementation) (2014).

Who is the regulator for AML controls for Banking

The People’s Bank of China (“PBOC”) is the main enforcement body who carry out on-site inspections and apply fines if violations are found.

Link to site

http://www.pbc.gov.cn/english/130437/index.html );

Other financial Services

the industry regulatory body for Banking is China Banking Regulatory Commission (“CBRC”)

Website of Regulator

http://www.cbrc.gov.cn/english/index.html

Financial Sector regulator

http://www.csrc.gov.cn/pub/csrc_en/

Practical Guidance for AML

Yes, the Guideline for the Assessment of Money Laundering and Terrorism Financing Risks and Categorized Management of Customers of Financial Institutions issued by PBOC; Guideline on Anti-Money Laundering and Counter-Terrorist Financing (For Securities Industries) issued by CSRC; and

Practical guidance PDF's

index.html

Is there a requirement to verify the identity of customers retroactively?

Yes.

Retroactive details

There is no clear requirement to retrospectively verify the identity of customers before a new AML regime was introduced. However, on “Notice of the People's Bank of China on Further Strengthening the Anti-money Laundering Work of Financial Institutions” (2008), it states that: “Pursuant to the time of establishing business relationships, all legal person financial institutions shall, in accordance with the following requirements, formulate specific implementation plans, and urge all branches to complete the client risk classification on schedule: a) financial institutions shall complete, before the end of 2009, the classification of the clients with whom they established business relationships from 01 Aug 2007 to 01 Jan 2009. b) financial institutions shall complete, before the end of 2011, the classification of the clients with whom they established business relationships before 01 Aug 2007 but established no new business relationships after 01 Aug 2007. c) financial institutions shall, within ten working days after the establishment of business relationships, complete the classification of the clients with whom they establish business relationships after 01 Jan 2009. All legal person financial institutions shall file their respective working plans on client risk classification with the People's Bank of China.

Has the country been the subject of FATF mutal evaluation in the last 3 years?

FATF has completed an assessment of the implementation of anti-money laundering and counter-terrorist financing standards in the People's Republic of China (China). The first Mutual Evaluation Report of

PDF of FATF review

Are there minimum transaction thresholds (Y/N)

Yes

More details on minimum transaction thresholds.

Yes, for one-off services such as cash remittance, cash exchange and negotiable instrument cashing, the threshold is a one-off transaction of RMB10,000 or foreign currency with a value of USD1,000 or equivalent. For property insurance contracts paid in cash, the threshold is a single amount insurance premium of RMB10,000, or foreign currency of value USD1,000 or equivalent. For life insurance contracts paid in cash, the threshold is a single amount insurance premium of RMB20,000 or foreign currency of value USD2,000 or equivalent. For any insurance contracts paid by account transfer, the threshold is an insurance premium of RMB200,000 or foreign currency of value USD20,000 or equivalent.

What are the requirements for customer identification information for individuals

Individuals: financial institutions are required to verify the customer identification information via a site visit in a face-to-face meeting; they should enquire with the public security bureau and check the online citizens’ identity information system owned by the PBOC.

Details to be Collected on Corporates

Corporates: financial institutions are required to verify the customer identification information via a site visit in a face-to-face meeting. In addition, they should enquire with the state administration of industry and commerce.

What are the high level requirements around beneficial ownership (identification and verification)?

According to “Notice of the People's Bank of China on Further Strengthening the Anti-Money Laundering Work of Financial Institutions” issued in 2008, financial institutions shall strengthen the maintenance and management of client identity data to ensure the accuracy and validity of client identity data. For the natural person who actually controls the client and actual beneficiary of transactions stated in “Identification Measures”, it includes but is not limited to two types of people: the first is the actual controller, and the second is person who actually controls the transactions or enjoys relevant financial benefit but is not disclosed by the client (except for the agent). Financial institutions shall carry out such work as checking clients' valid identity certificates (identity documents) or re-identifying clients through inquiry of client, obtaining corroboration evidence from clients or using investigation agents, depending on the situations.

What circumstances are enhanced customer due diligence measures required?

When one financial institution (the trustor) entrusts another financial institution (the trustee) to sell financial products to clients, the trustor can rely on the customer due diligence conducted by the trustee based on the following conditions: a) the customer due diligence undertaken by the trustee meets the requirements of anti-money laundering laws and regulations; and b) the trustor is able to effectively obtain and preserve the KYC information.

How should FI's deal with Politically exposed persons

According to “Notice of the People's Bank of China on Further Strengthening the Anti-money Laundering Work of Financial Institutions” issued in 2008, if the client or the natural person who has the actual control over the client and the actual beneficiary of transactions are current or previous foreign persons who perform important public functions, such as President, Head of Government, Senior Politicians, important government, judicial or military officials, senior management of SOE, party officials and etc., or the family members and other close associations of these people, financial institutions shall perform due diligence based on the requirements of “Foreign PEP”.

What enhanced due diligence must be performed for correspondent banking relationships?

There is no specific regulation or guidance on this area in the 2007 AML law update. However, the Administration Regulation on Electronic Banking Business, published by the China Banking Regulatory Commission (CBRC), covers electronic banking including wire transfer, internet banking and telephone banking. This requires that the financial institutions intending to provide cross-border electronic banking services must make an application to the CBRC and provide the following documents: a) the country and its law / regulation relating to electronic banking; b) the main customers and services it intends to provide; c) the analysis and prediction of the business volume and the size of the customer base in the next three years; and d) the legal compliance analysis on cross-border electronic banking. There is no other KYC or other requirement issued by the authorities that specifically covers correspondent banking.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

According to “Notice of the People's Bank of China on Strengthening the Anti-money Laundering Work of Financial Institutions in their Cross-border Business Cooperations” issued in 2012, for the foreign financial institution which has no operating business in its registered place and is not well regulated, financial institutions shall not open a correspondent account for it or develop other business relationships with it which might damage the reputation.

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

According to “Guidelines against Money Laundering and Terrorist Financing through Payment and Clearing Organizations” issued in 2012, it states in Article 8 that when a payment organization starts a business relationship with overseas institutions, it shall fully collect the overseas institution information including its business, reputation, internal control policies, and acceptance of regulation to assess the integrity and efficiency of anti-money laundering and anti-terrorist financing measurements. Financial institutions shall ensure the responsibilities and obligations of anti-money laundering and anti-terrorist financing with overseas institutions.

To whom are SAR's made? (suspicious activity reports)

China Anti-Money Laundering Monitoring and Analysis Centre (“CAMLMAC”)

Link to website of SAR reporting

http://www.camlmac.gov.cn/

Other Suspicious or unusual transactions obligations.

Different thresholds are used to define Large Value Transactions which are mandatory for reporting. a) for individuals, the threshold is defined as daily cash transactions over RMB200,000 (approx. USD10,000); or wire transactions over RMB500,000 (approx. USD100,000); and b) for entities other than individuals, the threshold is defined as RMB2m (approx. USD200,000). Besides, according to “Measures for the Supervision and Administration of Anti-Money Laundering by Financial Institution (for Trial Implementation)”, Article 13, financial institutions shall report to PBOC or its branch when the following situations happen: a) amendments on key internal control policies of anti-money laundering; b) change of anti-money laundering working organ, working staff and contracts; c) significant risk issues relating to anti-money laundering work; d) self-review on money laundering risks or other risk analytical materials; and e) other anti-money laundering issues as requested by PBOC to immediate report.

Are there any de-minimis thresholds below which transactions do not need to be reported?

No.

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Yes, the People’s Republic of China’s AML law states that the Chairman, senior manager or any other person responsible are punishable. Penalties include disciplinary sanction or revoking of qualification to hold a post, fine of RMB 10,000 (approx. USD1,533) up to RMB 500,000 (approx. USD76,686) to an individual and/or RMB20,000 (approx. USD3,067) up to RMB 5m (approx. USD766,589) to the organisation. For very serious cases, the regulator can order to suspend business for rectification or to revoke its business license.

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

Yes. PBOC decree 2 2006 requires financial institutions to monitor and report both large value and suspicious transactions based on a set of pre-defined patterns/threshold.

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

No.

Does the local legislation allow transactions to be monitored outside the jurisdiction?

None stated in local regulations or guidance.

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

No.

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

N/A

To whom should the report on AML systems be submitted?

N/A

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

N/A

Data Protection Laws And Personal Data

No.

Data Protection for Corporate Data

No.

Data protection for "sensitive Data" and additional protections.

No.

Do any restrictions on the transfer of credit reports exist?

Credit reports, criminal records and medical data are all prohibited from transfer for a non-related purpose (including KYC) without proper authority/consent

Regulator Acronym

PBOC, CBRC

Year of last FATF mutual evaluation

2012

Verification of docs (domestic individual)

Financial institutions are required to confirm the certified copies with the authentication body

Field 67

collect business, reputation, internal control policies

National ID card details

compulsory to nationals of the Republic of China who have household registration in the Taiwan Area.

Compulsory?

National ID source

https://en.wikipedia.org/wiki/National_Identification_Card_(Republic_of_China)

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Requirement to proceed

requirement to use automated suspicious transaction tools

Yes

shell banks

EDD for correspondent banking

Minimum transactions

RMB 10,000

Min transaction USD

1000

key restrictions

Agreements related to personal relationship(such as marriage, adoption, inheritance), some real estate agreements and agreements related to the suspension of public utilities are exempted from the law.

Summary

Yes, Article 14 recognizes electronic signatures as legal and enforceable, while Articles 7 and 8 provide for their admissibility. Summary of law China's law is modeled on a combination of the EU Directive on Electronic Signatures, UNCITRAL Model laws and United Nations Conventions on Electronic Communications in International Contracts. It provides for the enforcement of both simple electronics signatures and digital signatures. It is considered two-tier jurisdiction because it gives digital signatures the same status as handwritten signatures but also recognizes simple electronic signatures as legal and enforceable. Countries that follow this model give companies the opportunity to select different forms of signatures and customize business processes based on the form that is most convenient and appropriate for each use case. Electronics signatures are presumed valid unless proof contrary is produced. Despite the clear legal support for electronic signatures, some judges in China are still averse to recognizing them, As a result, you may wish to use handwritten signatures for more sensitive matters like employment contracts.

Are e-signatures acceptable

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

Prior to the Anti-Money Laundering Law, China issued three main regulations on monitoring and reporting large-sum and suspicious transactions within financial institutions in 2003, requiring financial institutions to take the responsibilities for identifying, monitoring and reporting of doubtful and suspicious capital flow. Previously the regulations applied to crimes of drugs, crimes committed by organized criminal gangs, crimes of terrorism, and crimes of smuggling. This has been specifically broadened to bribery and corruption crimes, crimes of disrupting the control of financial order and crimes of financial frauds. In late 2012, the central bank issued “Guidelines for the Assessment of Money Laundering and Terrorism Financing Risks and Categorized Management of Customers of Financial Institutions” that requires

Non financial sector (e.g. casinos, high value goods etc.)

the industry regulatory body for Securities Firms is China Securities Regulatory Commission (“CSRC”)

Does the country have a risk based approach?

Yes. According to Anti-Money Laundering Law of the People’s Republic of China issued in 2006, in Article 17, it states that “Where a financial institution identifies the identity of its clients through a third party, it shall be guaranteed that the third party has adopted the measures for clients' identity clarification as required by the present Law. Where any third party fails to adopt the measures for the clients' identity clarification as prescribed by the present Law, the financial institution shall bear the liabilities for its failure to perform the obligation of clarifying the client's identity.” With the issuance of the latest KYC regulations in 2007, regulators require financial institutions to establish a risk-based KYC approach and report to PBOC. At the end of 2012, PBOC issued a new guideline called “Guidelines for the Assessment of Money Laundering and Terrorism Financing Risks and Categorized Management of Customers of Financial Institutions”. In the new guideline, PBOC required Financial Institutions to take into consideration customer background, products, and geographical location as risk factors. All Financial Institutions need to report to the PBOC the new model by Mar 2013 and complete the implementation by end of 2015.

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

Where copies of identification documentation are provided, financial institutions are required to confirm the certified copies with the authentication body, to ensure the accuracy of the information provided. If the financial institution certifies the identity through a third party, it should be assured that the third party has adopted measures for client identity clarification as prescribed by the present Law.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

No law or regulation in China impacts the transfer of information to the country.

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.

China does not have Bank Secrecy Laws. Personal data and transaction records are governed by different regulations from free transfer, i.e. outside of the bank.