nameplace of birthidentification numbertelephone numberaddress
namedate of birthplace of birthidentity documentsaddresstelephone numberoccupationsource of incomesurname
company name established date;Telephone numbertax identification numberregistry number volume of incomeshareholders and ultimate beneficial owners.
Cedula de Identidad
eSignature Legality Summary
a) 2009 – Law No. 18.494 – introduced several modifications to Law 17.835;
b) 2004 – Law No. 17.835 – system controls and prevention of money laundering and financing of terrorism; and
c) 1998 – Law No. 17.016 – standards with regard to the misuse of public power (corruption).
Previously, Uruguayan AML Laws focused on the illicit traffic of narcotic drugs but have been gradually extended to other crimes.
Uruguayan Central Bank (“UCB”)
Internal Audit of the Nation
Yes, the Unit of Financial Information and Analysis (“UIAF”) of the UCB has issued guidance with regard to suspicious or unusual transactions in order to assist the parties required to report these transactions in the detection of unusual or suspicious patterns in customer behaviour. Although the published guidelines are not exhaustive, they constitute a collection of types or patterns of transactions that could be linked to money laundering operations from criminal activities or terrorist financing
Yes, the UCB, supervisor of the financial system, established the requirement to periodically update information on existing clients, especially in the case of high risk customers.
The country has not been subject to review in the last three years. The UIAF participate in Grupo de Acción Financiera de Sudamérica (“GAFISUD”) and in the Egmont Group.
Yes, customer due diligence is not required on transactions below USD3,000 with occasional customers.
a) name and surname;
b) date and place of birth;
c) identification document;
d) marital status;
e) address and telephone number;
f) main activity or occupation; and
g) volume of income (salary and other earnings). `
a) company name;
b) established date;
c) address and telephone number;
d) tax identification number;
e) bylaws and other information on the entity as registry number etc.;
f) main activity;
g) volume of income (on financial statements); and
h) shareholders and ultimate beneficial owners.
Financial institutions must implement procedures in order to identify the ultimate beneficial owner of each transaction, verify their identity and register their names.
Enhanced customer due diligence measures are required for ‘permanent customers’. Institutions must analyse each customer and classify them according to their activity, residence and risk profile. Institutions must obtain, evaluate and register additional information about the financial situation, in order to justify the customer’s transactions and the origin of funds for those customers classified as high risk and those with transactions over a certain limit.
Financial institutions should apply additional due diligence procedures in the case of PEPs, their relatives and their associates. Financial institutions should:
a) rely on procedures that allow them to determine whether a client is a PEP;
b) get senior management approval upon establishing a new relationship with this type of client;
c) take reasonable measures in order to determine the origin of the funds; and
d) carry out a special and permanent assessment of the customer’s transactions.
For correspondent banking relationships, local institutions must obtain the following information in relation to foreign institutions: a) the nature of their business; b) management details; c) reputation; d) principal activities and location of the premises; e) account purpose; f) regulation and supervision in their country; g) political context; and h) procedures applied in order to prevent being used for laundering of assets or financing of terrorism.
Yes, it is not permitted to perform any type of business with financial institutions established in jurisdictions that do not require physical presence. It is also not permitted to establish a relationship with foreign
institutions which allow shell banks to open accounts.
Financial institutions must implement special procedures to verify the relevant identity and to control non face-to-face transactions such as non-resident or e-banking transactions.
UIAF, established by the Uruguayan Central Bank
By the above mentioned Circular No. 1722 of UCB dated 21 Dec 2000, transactions considered suspicious can be conducted on a periodic basis or isolated, and that according to the customs of the activity concerned, are unusual, with no apparent economic or legal justification, or of unusual or unjustified complexity. Subjects required to report must immediately inform the UIAF regarding transactions covered by this where there is evidence or suspicion of involvement in the legitimisation of assets derived from criminal activities. In addition, financial intermediation institutions must notify the UCB and provide information regarding physical or legal persons carrying out the following transactions: a) operations consisting of coins, currency conversion, foreign cheques, precious metals, bank deposits, shares or other securities which are easy to redeem, for amounts in excess of USD10,000 or its equivalent in other currencies; b) receiving and sending of money orders and transfers (including international transfers) for amounts in excess of USD1,000 or its equivalent in other currencies, regardless of the mode of operation used for execution. Transfers and money orders are exempted from the obligation to be reported if they are made between bank accounts in cases where both the account of origin and destination are based in local financial intermediaries; and c) purchase or sale, exchange or arbitration of foreign currency or precious metals for an amount over USD10,000 or its equivalent in other currencies, where the counterpart is made in cash.
Yes, fines and penalties from Uruguayan Central Bank and National Internal Audit Office.
After a certain time, if there is no a response from UCB regarding the reported transaction, the institution should consider if it is appropriate to proceed with the transaction with the customer
The Communication 2010/254 issued by the CBU on 21 Dec 2010 defined that banks must have an audit report referring to the consideration of reasonable assurance regarding the design and operations of policies, procedures and monitoring mechanisms adopted to prevent the bank from being used for money laundering and terrorist financing.
directors and shareholders of the Bank
a) yes; b) yes; and c) yes. The procedures to be performed include: a) inquiry corroborating the description of policies, procedures and control mechanisms established by the Bank; and b) verification that the policies, procedures and control mechanisms are in accordance with the provisions of the regulation and its effective implementation by the auditor's judgment samples.
data protection Law (No. 18331)
data protection Law (No. 18331)
The country has a separate definition of "sensitive data", defined as: the data and personal information referring to origin, ethnic, politic, religion, health and sexual life and preference.
The response is affirmative; there are credit reports, banking information, and criminal information (only local Authorities and Interpol) that are prohibited from being transferred. Medical information is protected by secrecy
One should be cautious of transactions that must be notarized or that relate to real estate.
Yes, the law allows the parties to agree privately to the form of signature.
Summary of law
The law is somewhat unusual in that it allows the parties to challenge consent after it has been given. That is, the parties may agree to transact business electronically and sign the document electronically, but this will not stop either party from challenging that consent at a later date. On the other hand, there is evidence that electronic signatures are used commonly in Uruguay and are submitted in court filings.
Yes, the UCB has established that the supervision process must be proactive and integrity orientated, focused on risks and performed on a consolidated basis. The Corporate Governance and Internal
Control System Regulations which are in force (UCB Circular 1987) establish that institutions must have a risk framework according to the nature, size and complexity of their transactions. An AML framework
is specifically required.
Notary certification and signature verification are required to certify the validity of the documents provided. Each institution also has its own policies and procedures to verify the documents and its copies.
Yes, the international transfer of data is regulated by Law and limited upon requirements (e.g. consent, adequate protection, International law regulation, etc.) and it is controlled by the public authorities.
In Uruguay there are secrecy regulation laws, such as banking secrecy, professional secrecy, court data, and other specific regulations.