According to the SRO 170(1)/2018 issued by the SECP, the government entities accounts shall not be opened in the personal names of the government officials and account which is to be operated by an officer of the federal or provincial or local government in his/her official capacity, shall be opened only on production of a special resolution or authority from the concerned administrative department or ministry duly endorsed by the Ministry of Finance or Finance Department/ Division of the concerned government. The regulated person shall also take into account any rules, regulations or procedures prescribed in the governing laws of such entities relating to opening and maintaining of their bank accounts.
As per SECP interpretation, the "regulated persons" covering securities brokers, commodities brokers, insurers, Takaful operators, NBFCs and Modarabas, shall take appropriate steps to identify, assess and understand its money laundering and terrorism financing risks in relation to its customers, jurisdictions or countries its customers are from and products, services, transactions and delivery channels of the regulated person.
Under the (Anti Money Laundering and Countering Financing of Terrorism) Regulations, 2018, the SECP has specified that no regulated person shall open or maintain anonymous account or an account in fictitious name. These regulated persons shall apply COD measures when establishing business relationship with a customer and when there is doubt about the veracity or adequacy of previously obtained customer identification data.
The said regulated persons shall develop and implement policies, procedures and controls, which are approved by its board of directors, to enable the regulated person to effectively manage and mitigate the risks that are identified in the risk assessment of ML/TF or notified to it by the Commission and monitor the implementation of those policies, procedures and controls and enhance them, if necessary.
The SECP has said that the customer due diligence (COD) in broader term includes identifying the customer or beneficial owner and verifying the customer's/beneficial owner's identity on the basis of documents, data or information obtained from customer and/or from reliable and independent sources; understanding and, as appropriate, obtaining information on the purpose and intended nature of the business relationship; and monitoring of accounts/transactions on ongoing basis to ensure that the transactions being conducted are consistent with the regulated person knowledge of the customer, the customer's business and risk profile, including, the source of funds and, updating records and data information to take prompt action when there is material departure from usual and expected activity through regular matching with information already available with regulated person.
The SECP has further directed that the regulated person will maintain a list of all such customers/accounts where the business relationship was refused or needed to be closed on account of negative verification; regulated person are required to apply COD requirement to its existing customers on the basis of materiality and risk and should conduct due diligence on existing relations at appropriate times, taking into account whether and when COD measures have previously been undertaken and the adequacy of data obtained.
Where regulated person are not able to satisfactorily complete required COD measures, account shall not be opened or any service provided and consideration shall be given if the circumstances are suspicious so as to warrant the filing of an Suspicious Transaction Report (STR) and where COD of an existing customer is found unsatisfactory, the relationship should be treated as high risk and reporting of suspicious transaction be considered in accordance with regulations and where regulated person forms a suspicion of money laundering or terrorist financing, and it reasonably believes that performing the COD process will tip-off the customer, it may not pursue the COD process, and instead should file an STR in accordance with regulations, the SECP added.