nameidentification documentspassport numberresidential address telephone numberemaildate of birthsource of income
full namepassportresidential addressbusiness addresscontact numbersemaildate of birthregistration nature of businesspurpose of accounttype of accountsource of earningsmonthly credit turnovermodes of transactions
Computerized National Identity Card
E-COMMERCE LAW IN PAKISTAN
2015
The Anti-Money Laundering Act was enacted in Mar 2010 after its approval by the Parliament of Pakistan. In addition, local banking regulator, the State Bank of Pakistan (“SBP”), has issued detailed AML
and CFT regulations, together with guidelines on a risk based approach in 2012; both of which have subsequently been amended, and revised regulations issued in 2015.
The SBP is the regulator for AML controls for banking and related services while the Securities and Exchange Commission (“SECP”) is the regulator for all other entities
http://www.sbp.org.pk/ http://www.secp.gov.pk/
N/A
N/A
N/A
The SBP has issued detailed guidelines on AML/CFT regulations, together with guidelines on risk based approach.
Yes
Yes
No. The latest Mutual Evaluation Report was performed by Asia Pacific Group on Money Laundering and is dated 09 Jul 2009
The AML and CFT regulations of 2015 are available at the following link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf) which specifies monetary thresholds for transactions executed by
occasional customers/ walk-in customers and online transactions. Organisations however, have defined their own internal monetary thresholds.
As per SBP AML/CFT Regulations (para 3 of Regulation 1: Customer Due Diligence), for identity and due diligence purposes, at the minimum, the following information shall also be obtained, verified and
recorded on KYC/CDD form or account opening form:
a) full name as per identity document;
b) CNIC/Passport/NICOP/POC/ARC number or where the customer is not a natural person, the registration/incorporation number or business registration number (as applicable);
c) existing residential address, registered or business address (as necessary), contact telephone number(s) and e-mail (as applicable);
d) date of birth, incorporation or registration (as applicable);
e) nationality or place of birth, incorporation or registration (as applicable);
f) nature of business, geographies involved and expected type of counter-parties (as applicable);
g) purpose of account;
h) type of account;
i) source of earnings;
j) expected monthly credit turnover (amount and no. of transactions); and
k) normal or expected modes of transactions.
As per SBP AML/CFT Regulations (para 3 of Regulation 1: Customer Due Diligence), for identity and due diligence purposes, at the minimum, the following information shall also be obtained, verified and
recorded on KYC/CDD form or account opening form:
a) full name as per identity document;
b) CNIC/Passport/NICOP/POC/ARC number or where the customer is not a natural person, the registration/incorporation number or business registration number (as applicable);
c) existing residential address, registered or business address (as necessary), contact telephone number(s) and e-mail (as applicable);
d) date of birth, incorporation or registration (as applicable);
e) nationality or place of birth, incorporation or registration (as applicable);
f) nature of business, geographies involved and expected type of counter-parties (as applicable);
g) purpose of account;
h) type of account;
i) source of earnings;
j) expected monthly credit turnover (amount and no. of transactions); and
k) normal or expected modes of transactions.
As per paragraphs 7 and 8 of Regulation 1 of SBP AML and CFT regulations Banks/DFIs shall take reasonable measures to obtain information to identify and verify the identities of the beneficial owner(s). Where the customer is not a natural person, the bank/DFI shall (i) take reasonable measures to understand the ownership and control structure of the customer for obtaining information required and (ii) determine the natural persons who ultimately own or control the customer. Verification of the identity of the beneficial owners shall be completed before business relations are established including verification from NADRA wherever required.
Section ‘D’ of SBP’s AML/CFT Guidelines on Risk Based Approach (paragraph 4-6) available on the link (http://www.sbp.org.pk/l_frame/AML-CFT-Guidelines-RiskBasedApproach.pdf) provides specific high risk elements and recommendations for EDD such as NPOs, NGOs, charities, associations, house wife accounts, landlords, proprietorships, self-employed professionals, on-line transactions, cash, wire transfers etc. Paragraph 5 provides high risk elements/factors bifurcated into customers, products and delivery channels, geography or locations.
Paragraph 29 of Regulation 1 of the SBP AML/CFT regulations available on the link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf) covers in detail the treatment for PEPs. In relation to
PEPs and their close associates or family members, banks/DFIs shall:
a) implement appropriate internal policies, procedures and controls to determine if a customer or beneficial owner is a PEP;
b) obtain approval from the bank’s senior management to establish or continue business relations where the customer or a beneficial owner is a PEP or subsequently becomes a PEP;
c) establish, by appropriate means, the sources of wealth or beneficial ownership of funds, as appropriate; including bank/ DFI’s own assessment to this effect; and
d) conduct during the course of business relations, enhanced monitoring of business relations with the customer.
Regulations 2 of SBP AML/CFT regulations available on the link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf) cover this topic in detail.
Yes. As per Regulation 2 of SBP AML/CFT regulations (paragraph 4) available on the link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf). No bank/DFI shall enter into or continue
correspondent banking relations with a s
In dealing with non-face-to-face transactions and/or relationships, adequate measures have been adopted by organizations. Additional due diligence may be required when:
a) transactions do not make economic sense or are inconsistent with customer’s business or profile;
b) transactions involving locations of concern & wire transfer; and
c) transactions involving unidentified parties.
As per paragraph 7 of Regulation – 4 of the AML/CFT, the regulations are available on the following link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf). Currency Transaction Reports (“CTRs”) should be reported for transactions of INR2m (approx. USD30,000) and above as per requirements of the AML Act. This is also stated in the SBPs BPRD Circular Letter No. 04 of 2015 available on the link (http://www.sbp.org.pk/bprd/2015/CL4.htm)
As per paragraph 7 of Regulation - 4 of SBP AML/CFT regulations available on the link (http://www.sbp.org.pk/l_frame/Revised-AML-CFT-Regulations.pdf). Banks/DFIs should note that STRs, including attempted transactions, should be reported regardless of the amount of the transactions; and, the CTRs should be reported for transactions of INR2m (approx. USD30,000) and above as per requirements of the AML Act.
Liability for failure to file a suspicious transaction report and for providing false information is provided in paragraph 33 of the AML Act, 2010 available on the link (http://www.sbp.org.pk/about/act/Anti-Act- 2010.pdf). Paragraph 34 of this Act lays out requirements with respect to non-disclosure of information and consequences of violation.
Yes by SBP. The following are extracts from SBP AML/CFT Regulation No. 4 (paragraph 5). Banks/DFIs are advised to make use of technology and upgrade their systems and procedures in accordance with the changing profile of various risks. Accordingly, all banks/DFIs are advised to implement automated Transaction Monitoring Systems (“TMS”) capable of producing meaningful alerts based on pre-defined parameters/thresholds and customer profile, for analysis and possible reporting of suspicious transactions. Further, banks/DFIs shall establish criteria in their AML/CFT Policies and/or Procedures for management of such alerts.
No
No
No
N/A
N/A
N/A
N/A
No
No
None except for those specified above.
SBP, SECP
2009
First made at the age of 18, not compulsory to carry all the time.
The AML Ordinance was issued in 2007 followed by the Anti-Money Laundering Act in 2010. Subsequently AML and CFT regulations were issued in 2012 which were subject to amendments that have been incorporated in the revised regulations issued in 2015. The previous regulations required the following (which have now been stringently amended for inclusion in the revised regulations): a) verification of the identity of the customers shall be completed as soon as it is reasonably practicable but not later than five business days from the date of opening of the account; b) half yearly list is to be maintained by banks/DFIs highlighting all accounts/deposits where the business relationship needed to be closed on account of negative verification; c) obtain copy of CNIC from occasional customers/walk-in customers conducting cash transactions above INR1m (approx. USD15,000) whether carried out in a single operation or in multiple operations that appear to be linked; and d) currency Transaction Reports should be reported above the threshold of INR2.5m (approx. USD38,000).
N/A
Yes. SBP has issued detailed guidelines on AML/CFT regulations, together with guidelines on the risk based approach
As per paragraph 4 of Regulation 1 of SBP AML and CFT regulations, the Bank/DFI shall verify identity documents of
the customers from relevant authorities/document issuing bodies and where necessary using other reliable, independent sources and retain on record copies of all reference documents used for identification
and verification. The particulars/CNIC of such persons must be verified from the National Database Registration Authority (“NADRA”) through VeriSys or bio-metric technology. Verification of the identity of
the customers and beneficial owners shall be completed before business relations are established including verification of CNIC/NICOP/POC from NADRA wherever required for customers under these
regulations.