KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

passportidentity cardresidence permit

KYC to onboard international persons

passportidentity cardresidence permit

corporate requirements

articles of incorporationcertificate of registrationidentity of dirrectorslegal representatives

National ID card name

بطاقة الهوية (bițāqat al-hawiya

Does the country have Esignature Laws?

Official Gazette-Law No. 81 Relating to Electronic Transactions and Personal Data

E-sig law files

What year did the relevant AML laws and regulations become effective?

2001

Further details on AML regime

Law 318 Fighting Money Laundering became effective in 2001 and was amended twice; firstly in 2003 to criminalise terrorist financing and then recently in 2015 to include tax evasion.

Who is the regulator for AML controls for Banking

banks and financial institutions are regulated by the Central Bank of Lebanon (“BDL”)

Link to site

www.bdl.gov.lb

Other financial Services

Central Bank of Lebanon (“BDL”)

Website of Regulator

www.bdl.gov.lb

Financial Sector regulator

N/A

Practical Guidance for AML

Money Laundering is of the utmost importance for the Central Bank of Lebanon. Accordingly, periodical updates are performed on all the circulars related to money laundering

Practical guidance PDF's

Basic-Circulars.html

Is there a requirement to verify the identity of customers retroactively?

Yes

Retroactive details

Yes, as required by Article 6 of Basic Circular no.83.

Has the country been the subject of FATF mutal evaluation in the last 3 years?

No evaluation has been performed in the last 3 years. The last evaluation dates back to 2009

PDF of FATF review

topiclist.asp

Are there minimum transaction thresholds (Y/N)

More details on minimum transaction thresholds.

No. Due diligence is required for cash/cheque transactions below USD10,000 or equivalent in a foreign currency. However, it should be noted that any new client opening an account in any bank is required to submit a detailed KYC form.

What are the requirements for customer identification information for individuals

Individuals: a copy of a passport, identity card, individual civil registration or residence permit and KYC form showing residential/work addresses, profession and average monthly income

Details to be Collected on Corporates

Legal entities: Articles of incorporation, certificate of registration at the Chamber of Commerce, ownership structure, a list showing the stocks or shares, a list of the authorised signatories, in addition to a copy of the identify of its legal representative and the directors and persons who hold, whether directly or indirectly a percentage of shares enabling them to have effective control of the company. Banks are required to obtain legal documents pertaining to the ultimate beneficiary.

What are the high level requirements around beneficial ownership (identification and verification)?

The customer should fill out a form detailing the identity of beneficial owners by providing the individual(s) name, family name, residential address, profession and information about his/her financial situation.

What circumstances are enhanced customer due diligence measures required?

Enhanced due diligence measures are required if customers are classified as high risk as per the Central Bank's guidelines. Article 9 of Basic Circular no.83 identifies the following customer risk factors but falls short of classifying these as high risk: a) customers whose occupation relies mainly on cash (money exchange, gold and precious stones dealers, restaurants and night clubs, real estate agents and car dealers); b) foreign PEPs, their family members and close associates; c) offshore companies; d) companies established in countries known to be tax havens; e) non face-to-face customers; f) customers dealing only through intermediaries; g) customers dealing through fiduciary contracts or trusts; h) companies with a capital totally or partly constituted of bearer shares; and i) customers who are nationals or resident in countries that do not or insufficiently apply the FATF recommendations.

How should FI's deal with Politically exposed persons

Article 9 of Basic Circular no.83 requires the establishment of an adequate system in order to determine whether a foreign customer is a PEP and the adoption of risk based controls to include: a) obtaining more detailed information about customers, notably the source of their wealth; b) obtaining, according to risk levels, the necessary administrative approvals, in order to deal or continue to deal with customers and to execute operations; c) periodically review the relationship; and d) continuous peer comparisons.

What enhanced due diligence must be performed for correspondent banking relationships?

Article 2 of Basic Circular no. 83 provides that when establishing a relationship with a foreign correspondent bank, the bank must ascertain the following: a) the respondent bank is not a shell bank and that it actually exists based on submitted documentary evidence; b) it does not deal with shell banks; c) it has a good reputation and is subject to effective controls; d) it implements sufficient and effective procedures to fight money laundering and terrorist financing; e) the nature of the respondent bank’s business; f) the approval of senior executive management must be obtained; and g) determine the responsibility of both parties particularly for payable through accounts and make sure that the respondent is capable of providing relevant customer identification data if requested.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

Yes.

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

a) transactions in writing - the Bank should verify the client's identity and the authenticity of the signature; and b) transactions done via an agent - the Bank should obtain an official procuration and the identity cards of the agent and the client.

To whom are SAR's made? (suspicious activity reports)

Governor of the Central Bank in his capacity as chairman of the SIC and to the Special Investigation Committee (SIC)

Link to website of SAR reporting

http://www.sic.gov.lb

Other Suspicious or unusual transactions obligations.

No, unless it is specifically requested by the Central Bank of Lebanon.

Are there any de-minimis thresholds below which transactions do not need to be reported?

No. All suspicious transactions, regardless of materiality, need to be reported.

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Any person who does not comply with the reporting requirements could be imprisoned and subject to a fine as stipulated by Law no. 318

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

Yes. As stipulated by Basic Circular no. 83, banks are required to use specialised software to monitor accounts and transactions for any of the mentioned risk indicators.

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

Banks should inform the SIC of suspicious transactions and are permitted to process the transactions unless objected to by the SIC. In addition, Banks are not allowed to close suspicious clients’ accounts

Does the local legislation allow transactions to be monitored outside the jurisdiction?

The law is silent in that regard.

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

As stipulated by the Central Bank of Lebanon Basic Circular no. 83, external auditors are required to assess the Bank’s AML function and issue a “gap analysis” report in that regard.

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

External auditors are required to report on yearly basis

To whom should the report on AML systems be submitted?

The report should be addressed to the following parties: The Governor of the Central Bank, the SIC and the Management of the Bank.

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

The external auditor is required to check the Bank’s compliance with the requirements of Basic Circular no. 83, of which: a) Section I: Relations with foreign correspondent banks abroad; b) Section II: Relations with customers and due diligence measures; c) Section III: Controlling certain operations and customers; and d) Section IV: Committees and administrative units in charge of the control of operations for fighting money laundering and terrorist financing, and their tasks. Accordingly, we are required to check a sample of KYC files related to new clients operating with the Bank, the Bank’s monitoring of its correspondent banks and the Bank’s monitoring framework set at the branches level, etc.

Data Protection Laws And Personal Data

Banking Secrecy Law.

Data Protection for Corporate Data

Banking Secrecy Law.

Data protection for "sensitive Data" and additional protections.

As for clients who have facilities with banks, their information can be shared between banks and this is done to help banks better assess the credit risk of facilities provided or to be provided.

Do any restrictions on the transfer of credit reports exist?

Regulator Acronym

BDL

Year of last FATF mutual evaluation

2009

Field 67

transactions in writing Bank should verifytransactions done via an agentprocurationidentity cards of the agent and the client.

National ID card details

compulsory Identity document issued to citizens of the Republic of Lebanon by the police on behalf of the Lebanese Ministry of Interior or in Lebanese embassies/consulates (abroad) free of charge.

Compulsory?

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Yes

Requirement to proceed

Yes

requirement to use automated suspicious transaction tools

Yes

Who are SARS made to?

SIC

shell banks

Yes

EDD for correspondent banking

Yes

Minimum transactions

LBP 15,070,000

Min transaction USD

10000

Personal Data protection

Data Protection for Corporates

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

N/A

Non financial sector (e.g. casinos, high value goods etc.)

there is no defined regulator for the non-financial sector. Banks are required to monitor these clients closely and identify any potential suspicious transactions.

Does the country have a risk based approach?

Yes. Article 9 of Basic Circular no.83 requires the adoption of a risk based approach

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

Clients are requested to provide original copies prior the opening of any new accounts with the Bank/Financial Institution. Copies of these documents are then taken by the Banks/Financial Institution for archiving and in some cases copies are certified by Public Notaries to assert validity of the copies to be archived.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

No.

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.

Yes. The Banking Secrecy Law was promulgated on 03 Sept 1956. Article 2 provides that managers and employees of banking establishments are bound to absolute secrecy in favour of the bank’s clients and may not disclose to anyone, whether a private individual or an administrative, military or judicial authority, the names of clients, their assets and facts concerning them. Banks are authorised to open code number deposit accounts for their clients. The following exceptions apply: Banking secrecy terminates in the case of bankruptcy or in the case of debtor accounts, SIC is exempt so as to provide for the lifting of confidentiality in favour of competent judicial authorities where it has reason to suspect suspicious activity and additionally, records are required to be kept by financial institutions of cash transactions that exceed USD10,000 which are not subject to the Bank Secrecy Law.