KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

namedate of birthpassportdriving licensephotographresidential addressgovernment issued documentissued judicial authority

KYC to onboard international persons

nameaddressdate of birthphotographpassportdriving license

corporate requirements

full nameregistration numberregistration office in country of incorporationbusiness addresscertificate of incorporation

National ID card name

Emirates Identity Authority (EIDA)

National ID Photo

back of national id photo back

Does the country have Esignature Laws?

2016 No. 696 ELECTRONIC COMMUNICATIONS The Electronic Identification and Trust Services for Electronic Transactions Regulations 2016

E-sig law files

What year did the relevant AML laws and regulations become effective?

2007

Further details on AML regime

1994 (amended 2003 and 2007). AML Regulations have taken effect in the UK since 15 December 2007. Changes to the Money Laundering regulations 2007 came into force on 1 October 2012. The main changes relate to the fit and proper test (in relation to MSBs and Trust and Company Service Providers), registration, the definition of a relevant person, penalties and disclosure.

Who is the regulator for AML controls for Banking

Financial Services Authority (FSA)

Link to site

http://www.fsa.gov.uk/

Other financial Services

Financial Services Authority (FSA)

Website of Regulator

http://www.fsa.gov.uk/

Financial Sector regulator

http://www.hmrc.gov.uk/, http://www.lawsociety.org.uk/home.law, http://www.icaew.com

Practical Guidance for AML

Key sources of practical guidance with regard to AML requirements include: a) Joint Money Laundering Steering Group (JMLSG); b) The Institute of Chartered Accountants in England and Wales (ICAEW); c) HM Revenue and Customs; d) The Law Society.

Practical guidance PDF's

www.jmlsg.org.uk

Is there a requirement to verify the identity of customers retroactively?

Retroactive details

Has the country been the subject of FATF mutal evaluation in the last 3 years?

A mutual evaluation follow-up report was conducted in October 2009 . This was a follow-up from the Mutual Evaluation conducted in June 2007.

PDF of FATF review

Are there minimum transaction thresholds (Y/N)

Yes

More details on minimum transaction thresholds.

Yes - one off transactions below EUR15,000.

What are the requirements for customer identification information for individuals

full name, residential address and date of birth ideally from a government issued document which includes the customer's full name and photo, and either residential address or date of birth e.g. valid passport, valid photo card driving licence etc; or a government issued document (without a photograph) which includes the customer's full name, supported by a second document, either a government-issued, or issued by a judicial authority, a public sector body or authority, a regulated utility company, or another FSAregulated firm in the UK financial services sector or in an equivalent jurisdiction, which includes the customer's full name and either residential address or date of birth.

Details to be Collected on Corporates

full name, registration number, registered office in country of incorporation, business address. Additionally, for private /unlisted companies: names of all directors (or equivalent), names of individuals who own or control over 25% of its shares or voting rights and names of any individual(s) who otherwise exercise control over the management of the company.. The firm should verify the existence of the corporate from either a confirmation of the company's listing on a regulated market or a search of the relevant company registry or a copy of the company's Certificate of Incorporation. For private/unlisted companies, firms may decide, following a risk assessment, to verify one or more of the directors as appropriate in line with CDD requirements for individuals. In respect of Beneficial owners, the firm must take risk based and adequate measures to verify the identity of the Beneficial Owner(s).

What are the high level requirements around beneficial ownership (identification and verification)?

The ML Regulations define beneficial owners as individuals either owning or controlling more than 25% of body corporates or partnerships (or at least 25%of trusts) or otherwise owning or controlling the customer. These individuals must be identified, and risk-based and adequate measures must be taken to verify their identities.

What circumstances are enhanced customer due diligence measures required?

A firm must apply, on a risk-sensitive basis, enhanced customer due diligence measures and enhanced ongoing monitoring in any situation which by its nature can present a higher risk of money laundering or terrorist financing. Three specific types of relationships where enhanced due diligence measures must be applied are: a) where the customer has not been physically present for identification purposes; or b) in respect of a correspondent banking relationship with Respondents from non- European Economic Area ('EEA') states; or c) in respect of a business relationship or an occasional transaction with a Politically Exposed Person ('PEP').

How should FI's deal with Politically exposed persons

Firms are required, on a risk-sensitive basis, to: a) have appropriate risk based procedures to determine whether a customer is a PEP; b) obtain appropriate senior management approval for establishing the business relationship with that customer; c) take adequate measures to establish the source of wealth and source of funds which are involved in the proposed business relationship or occasional transaction; and d) conduct enhanced ongoing monitoring of the relationship.

What enhanced due diligence must be performed for correspondent banking relationships?

Best practice in the UK requires that due diligence should be undertaken using a risk-based approach. Enhanced due diligence measures must be applied in respect of a correspondent banking relationship with Respondents from nonEuropean Economic Area ('EEA') states, but should be considered to be performed whenever the Respondent is considered to present a greater money laundering/terrorist financing risk. The enhanced due diligence process should further consider the following elements,designed to ensure that the Correspondent has secured a greater level of understanding of: a) the Respondent's ownership and management; b) the Respondent's business; c) PEP involvement; and d) the Respondent's AML / terrorist financing controls.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

Yes

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

Where a customer approaches firms by post, telephone or over the internet, i.e. has not been physically present for identification purposes, the firms must take specific and adequate measures to compensate for this higher risk such as carrying out non face-to-face verification, either electronically or by reference to documents. UK Guidance states that where identity is verified electronically, or copy documents are used, a firm should apply an additional verification check to manage the risk of impersonation fraud e.g. require copy documents to be certified by an appropriate person.

To whom are SAR's made? (suspicious activity reports)

SOCA (Serious Organised Crime Agency)

Link to website of SAR reporting

http://www.soca.gov.uk/

Other Suspicious or unusual transactions obligations.

Are there any de-minimis thresholds below which transactions do not need to be reported?

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Yes – The Proceeds of Crime Act 2002 (POCA) outlines the following penalties with regard to reporting requirements: a) Failure to report: up to five years imprisonment and/or an unlimited fine; and/or b) Tipping off: up to two years imprisonment and/or unlimited fine Changes to the Money Laundering regulations 2007 which came into force on 1 October 2012, include penalties imposed for failure to provide information required by notice.

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

No, however, the transaction monitoring should be performed by using adequate means which assumes use of some automated technology.

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

Consent is required from SOCA (UKFIU) to proceed with a current/ongoing transaction that is identified as suspicious.

Does the local legislation allow transactions to be monitored outside the jurisdiction?

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

N/A

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

N/A

To whom should the report on AML systems be submitted?

N/A

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

N/A

Data Protection Laws And Personal Data

N/A

Data Protection for Corporate Data

N/A

Data protection for "sensitive Data" and additional protections.

N/A

Do any restrictions on the transfer of credit reports exist?

N/A

Regulator Acronym

FSA

Year of last FATF mutual evaluation

2007

Field 67

identity is verified electronically require copy documents to be certified by an appropriate person.

National ID card details

Compulsory identity cards were to be introduced under the Identity Cards Act 2006.

Compulsory?

National ID source

http://www.zdnet.com/pictures/government-unveils-uk-citizen-id-card/2/

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Requirement to proceed

Yes

requirement to use automated suspicious transaction tools

Who are SARS made to?

SOCA

shell banks

Yes

EDD for correspondent banking

Yes

Minimum transactions

EUR 15,000

Min transaction USD

16377

key restrictions

There are few exceptions to the law, but caution should be taken with transactions relating to marriage, divorce, wills, real estate and negotiable instruments.

Summary

The U.K. law is similar to the U.S. law because it allows nearly anything in electronic form that is logically associated with a document with the intent to indicate agreement to function as an electronic signature. Summary of law Section 7(2) defines an electronic signature as anything in electronic form incorporated into or otherwise logically associated with any electronic communication or data that purports to be incorporated for the purpose of establishing the authenticity or integrity of communications or data. The law also provides for digital or advanced electronic signatures, but there is no legal reason to utilize them.

Are e-signatures acceptable

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

The changes to the Money Laundering regulations 2007 are to make the money laundering regime more effective and proportionate and reduce the regulatory burden on British businesses.

Non financial sector (e.g. casinos, high value goods etc.)

HM Revenue and Customs, The Law Society, The Institute of Chartered Accountants in England and Wales (ICAEW)

Does the country have a risk based approach?

Yes - with the Financial Services Authority leading the work in terms of firms’ legal obligations and their practical implementation.

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

UK Guidance states that where identity is verified electronically, or copy documents are used, a firm should apply an additional verification check to manage the risk of impersonation fraud. For example, one of these checks may be to require copy documents to be certified by an appropriate person.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

N/A

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.

N/A