know your customer/anti-money laundering...

KYC/AML/CFT Policy Global IME Bank Ltd.

Know Your Customer/Anti-Money Laundering

Counter Financing of Terrorism Policy

(KYC/AML /CFT Policy)

Global IME Bank Limited

2018

KYC/AML/CFT POLICY 2018

Page i

KYC/AML/CFT Version Control

Version Control No. Date Remarks

Version 1 July 2012 Revised

Version 2 August 2015 Revised

Version 3 December 2017 Revised

Version 4 December 2018 Revised


Page ii

Prepared by:

Suresh Prakash Chataut- [Asst. AML /CFT Compliance Officer]_______________________

Reviewed & Recommended by :

Kamala K. Ojha – [Chief AML/CFT Compliance Officer] ___________________________

Shanta Siwakoti – [Chief Operating Officer]_____________________

Ganesh Pd. Awasthi- [Chief Liability Marketing & Business Promotion]_______________

Sushil Shrestha- [Chief Internal Audit] ______________________________________

Raja Aryal- [Chief Compliance Officer ]_______________________________

Recommended by:

Anil Joshi – [Head - Information Technology/Card & E-banking] _____________________

Buddhi Akela [Chief Risk Officer] _______________________________________

Mahesh Sharma Dhakal - [Deputy Chief Executive Officer] ______________________

Supported by:

Janak Sharma Poudyal- [Chief Executive Officer] ___________________________

Approved by:

The Board of Directors

Supported by:

Assets (Money) Laundering Prevention Committee

http://www.globalimebank.com/memberdetail/mr-ganesh-prasad-awasthi.html


Page iii

Contents 1. Preamble .......................................................................................................................................... 1

2. Scope and Objectives of KYC/AML/CFT Policy ......................................................................... 2

3. Governance Structure of AML/CFT ............................................................................................. 3

3.1 Board of Directors ....................................................................................................................... 3

3.2 Assets (Money) Laundering Prevention Committee ................................................................ 4

3.3 Chief Executive Officer .............................................................................................................. 4

3.4 AML/CFT Management Committee ......................................................................................... 4

3.5 Chief Compliance Officer ........................................................................................................... 5

3.6 AML/CFT Compliance Unit/ Chief AML/CFT Compliance Officer ..................................... 6

3.7 Branch AML/CFT Compliance Officer and other responsible operating units ................... 7

4. Money Laundering .......................................................................................................................... 7

5. Financing of Terrorism .................................................................................................................. 7

6. Anti-Money Laundering (AML)/Counter-Financing of Terrorism (CFT) ............................... 8

7. Know Your Customer (KYC) ........................................................................................................ 8

8. Establishing Relationship ............................................................................................................... 9

9. The Bank shall not deal or accept the following person/entities as a customer: ....................... 9

10. Supervision and Monitoring of Transactions ............................................................................. 10

11. Wire Transfer ................................................................................................................................ 11

12. Trade Based Money Laundering: ................................................................................................ 11

13. Correspondent Banking ............................................................................................................... 11

14. Downward Correspondent Banking (Nested Account) ............................................................. 12

15. Payable-through Accounts or Pass-through accounts ............................................................... 12

16. Resubmission Policy ...................................................................................................................... 12

17. Reporting of Transactions to FIU ................................................................................................ 12

18. Failure to Report ........................................................................................................................... 13

19. Sanctions Compliance Policy ....................................................................................................... 13

20. Prohibition of Personal Accounts for Business Purposes .......................................................... 13

21. Risk Grading of Customer Profile ............................................................................................... 13

22. Reviewing/Monitoring of Customer Profile................................................................................ 14

23. Customer Due Diligence (CDD) ................................................................................................... 14

23.1 General Provisions of Customer Identification .................................................................. 14

23.2 Customer Due Diligence Measures (but not limited to): .................................................. 15

23.3 Simplified Customer Due Diligence (SCDD): ..................................................................... 16


Page iv

23.4 Enhanced Customer Due Diligence (ECDD) ...................................................................... 16

24. Risk Based Approach (RBA) ....................................................................................................... 17

24.1 Risk Management ..................................................................................................................... 17

24.2 Customer Risk ........................................................................................................................... 19

24.3 Country Risk ............................................................................................................................. 19

24.4 Geographical Risk ..................................................................................................................... 20

24.5 Product and Delivery Channel Risk ........................................................................................ 20

25. Awareness and Training ............................................................................................................... 20

26. Internal Audit Function................................................................................................................ 21

27. Confidentiality and Tipping off ................................................................................................... 21

28. Non-compliance with KYC/AML/CFT Policy............................................................................ 21

29. Not to be Liable for Providing Information ............................................................................... 22

30. Importance of Know Your Employee (KYE) ............................................................................. 22

31. Record Keeping ............................................................................................................................. 22

32. Miscellaneous ................................................................................................................................. 23

33. KYC/AML/CFT Procedure Manual/Guideline ......................................................................... 23

34. Maintenance and Update.............................................................................................................. 23

35. Effective Date ................................................................................................................................ 24


Page v

ABBREVIATIONS

AML Anti-Money Laundering

APG Asia Pacific Group on Money Laundering

BM Branch Manager

BOD Board of Directors

CDD Customer Due Diligence

CEO Chief Executive Officer

CFT Counter-Financing of Terrorism

DMLI Department of Money Laundering and Investigation

ECDD Enhanced Customer Due Diligence

EU European Union

FATF Financial Action Task Force

FIU Financial Information Unit

HRD Human Resource Department

KYC Know Your Customer

ML Money Laundering

NRB Nepal Rastra Bank

OFAC Office of Foreign Assets Control

OI Operation In-charge

RMC Risk Management Committee

RO Relationship Officer

STR Suspicious Transaction Report

TBML Trade Based Money Laundering

TF Terrorist Financing

TTR Threshold Transaction Report

UK United Kingdom

US United State

UN United Nation


Page 1

1. Preamble

Global IME Bank Limited (GIBL) herein after referred as “The Bank” is a Commercial Bank of

Nepal categorized under “A” class by Nepal Rastra Bank (NRB). The Bank is committed

towards providing entire commercial banking products and services without compromising its

reputation for integrity. The Bank's shares are publicly traded as an 'A' category company in the

Nepal Stock Exchange.

The Bank is well aware with the importance of preventing money laundering and terrorism

financing activities and is fully committed in implementation of the highest standards of Anti-

Money Laundering and Counter Financing of Terrorism (‘AML/CFT’). The Bank is subject to

applicable legislation designed to prevent AML/CFT. This legislation includes Asset (Money)

Laundering Prevention Act 2064, Asset (Money) Laundering Prevention Rule 2073 and Nepal

Rastra Bank (Central Bank) Directive/Circulars issued from time to time.

Further, The Bank acknowledges the FATF recommendations against criminal activities related

to money laundering and adopts appropriate mechanism to address those recommendations to

prevent Bank being used for Money Laundering/Terrorist Financing activities (ML/TF). The

Bank is also committed to continually discharging its Anti-Money Laundering obligations to its

foreign correspondent banks that may from time to time require due diligence information to

ensure transactions as per the recommendations of the FATF.

Hence, Banks Policy on Know Your Customer, Anti Money Laundering, and Counter Financing

of Terrorism (hereinafter referred as the “Policy”) outlines the minimum general unified

standards of internal AML/CFT control which should be strictly adhered by the Bank in order to

mitigate the legal, regulatory, reputational, and subsequent operational and financial risks.

In order to mitigate the risks and comply with KYC/AML/CFT norms with international best

practices and statutory regulation, the Bank shall formulate internal policies, manual, control and

procedures to effectively manage the risks of ML/TF based on principals of the Policy. The

Banks AML/CFT Compliance Unit shall regularly perform periodic monitoring of the

effectiveness of the Policy, considering its regulatory applicability and adequacy.


Page 2

This Policy establishes standards which every employee and business partner of the Bank should

observe. Board of Directors (BODs) and all employees are under an obligation to implement the

procedures laid down in this Policy.

This is a revised Policy in compatible to local and international regulations which shall replace

the existing KYC/AML/CFT Policy issued on December 2017.

Any change in the provision on Government Law/Act/Rules, NRB Directive/Circulars issued on

KYC/AML/CFT after the implementation of this Policy shall be applicable even if the new

provision does not coincide with this Policy.

2. Scope and Objectives of KYC/AML/CFT Policy

Primary Scope and Objectives of this Policy are as follows:

To Prevent the Bank from being used for ML/TF activities.

To ensure that the employees are not involved in money laundering and terrorist

financing.

To establish a “Due Diligence” as a guiding principle for the Bank business practices.

To establish procedures to verify the bonafide identification of those individuals/

entities which establishes the transactional relationship with the Bank, for applying

appropriate risks depending upon the risk posed by them.

To deploy the appropriate mechanism for detection and reporting of suspicious

activities.

To ensure that the concerned staffs are adequately trained in AML/CFT Acts/Rules and

NRB Directive, Bank's Policies, and Manuals/Guideline.

To comply with all the regulatory instructions, Government Laws/Rules and

Regulations (issued from time to time).

Conduct self-assessments of compliance with KYC/AML/CFT Policy and Procedures.


Page 3

3. Governance Structure of AML/CFT

Combating Money Laundering, Terrorist Financing, and fraud have become an area of increasing

focus for governments and regulators across the world. Since AML/CFT violations continue to

attract stiff regulatory fines and penalties for the Financial Institutions, the Bank is concerned

than ever about risk and compliance management, thus it has established a structure as follows:

3.1 Board of Directors

The Board of Directors shall be responsible for approving, enforcing this Policy on

prevention of ML/TF. The Board shall review the implementation status of the Bank as

per the Anti-Money Laundering Prevention Act, 2064 (2nd

amendment 2070), Anti

Money Laundering Rules, 2073, and the provisions contained in the Directives issued by

NRB related to AML/CFT at least on a quarterly basis.


Page 4

3.2 Assets (Money) Laundering Prevention Committee

The Bank shall have a board level Assets (Money) Laundering Prevention Committee

which is constituted in line with the guidelines of NRB Directives. The Committee

highlights on risk governance and identifies the need for a strong AML/CFT risk

management framework, well-defined AML risk management processes and effective

risk assessment and measurement mechanism. The Committee shall also review the

KYC/AML/CFT Policy and recommend for approval to the Board of Directors. The

meeting shall be held on at least once in 3 months or as required. The Committee

comprised of following members:

Board Member - Coordinator

Deputy Chief Executive Officer - Member

Chief Risk Officer - Member

Chief Compliance Officer - Member

Chief AML/CFT Compliance Officer - Member Secretary

3.3 Chief Executive Officer

CEO shall be responsible to ensure that the procedures, mechanisms implemented are in

line with the KYC/AML/CFT Policy of the Bank, NRB Directive and Asset (Money)

Laundering Prevention Act/Rule and Bank shall have robust system, proper data base and

efficient & adequate resources, proper & focus based AML /CFT training provided to the

staffs for effective AML/CFT monitoring.

3.4 AML/CFT Management Committee

The Bank shall formulate AML/CFT Management Committee, The purpose of the

committee shall be to assess/review/monitor the status of the Bank’s standing on

complying with Know Your Customer principle, implementation of its KYC/AML/CFT

Policy/Guideline, identifying issues/lapses on part of the Banks effort to monitor the

customers and their transactions and mitigate the risks arising there on. It shall also

ensure that a standard process manual is in place to safeguard the Bank from being used

for ML/TF activities. The Committee shall also review the AML/CFT implementation


Page 5

status report submitted by the Chief AML/CFT Compliance Officer and recommend

forwarding the report to Assets (Money) Laundering Prevention Committee through

CEO. The meeting shall be held at least once in 3 months or as required. The Committee

comprised of following members:

Deputy Chief Executive Officer - Coordinator

Chief- Risk Officer - Member

Chief Compliance Officer - Member

Chief Operating Officer - Member

Chief- Liability Marketing & Business Promotion - Member

Head - Information Technology/Card & E-banking - Member

Chief AML/CFT Compliance Officer - Member Secretary

3.5 Chief Compliance Officer

CCO shall head the Compliance Department and shall be responsible towards ensuring

that the organization is conducting its operations/business in full compliance with the

internal policies, regulatory framework and relevant national and international

laws/standard and regulations. Furthermore, CCO is also responsible for ensuring that the

organization performing its operations within professional standards, accepted business

practices and prudential business practices. The AML/CFT Compliance Unit, a separate

unit under the Compliance Department.

Chief Compliance Officer shall be responsible to ensure that the Bank has adequate

policies and systems to safeguard the bank against the risk of being used for any illicit

activities. CCO shall also serve the role of an advisor in the formulation of

policy/procedural guidelines. He/she shall assist/communicate to the top management and

the BOD level Committee towards managing the AML/CFT risk, to which the Bank is

exposed to and towards formulating necessary policy/procedures for mitigation of the

same. CCO shall also be responsible for effective implementation of the Policies and

Guidelines/Manuals, in all areas within the bank.


Page 6

3.6 AML/CFT Compliance Unit/ Chief AML/CFT Compliance Officer

The Bank establishes a dedicated AML/CFT Compliance unit; AML/CFT Compliance

Officer shall be the Chief of the Unit, who shall prepare KYC/AML/CFT Policy,

Guidelines in line with the Asset (Money) Laundering Prevention Act, Rule, and NRB

directive and forward the same for the approval.

The Chief AML/CFT Compliance Officer shall be responsible for effective

implementation of the Policy and Guidelines/Manuals. The Officer shall closely work

with other departments/branches especially with Branch AML/CFT Compliance Officers

and other concerned Department on KYC/AML/CFT related issues and take specialized

service from the head of all other departments as required. The Bank shall also nominate

an Assistant AML/CFT Compliance Officer in corporate level, who shall assist the

officer in all matters related to KYC/AML/CFT.

The Chief AML/CFT Compliance Officer shall ensure effective transaction monitor is in

place and shall file STR to FIU after proper analysis. Further, other reports such as TTR,

AML implementation status reports and any other reports as required by the NRB on

AML/CFT aspect shall be submitted by the Officer. The Officer shall also be the member

secretary of the AML/CFT Management Committees and Assets (Money) Laundering

Prevention Committee and shall put up risk associated with ML/TF to the committees for

developing a mechanism to mitigate such risk. The officer shall enforce branches and

departments to strictly adhere to AML/CFT compliance and correspond with FIU, DMLI,

Correspondent Bank and Remittance Partner or any other regulatory bodies in matters

related to AML/CFT.

The Officer shall also conduct basic and refresher training to the staff regularly, further

the unit shall be responsible to check KYC/AML/CFT compliance in the Bank through

offsite and onsite inspection.


Page 7

3.7 Branch AML/CFT Compliance Officer and other responsible

operating units

In order to ensure fulfillment of norms of KYC/AML/CFT in the branches, OI of the

Branch shall be designated as the Branch AML/CFT Compliance Officer who shall report

to the Chief AML/CFT Compliance Officer in KYC/AML/CFT related matters. Branch

AML/CFT Compliance Officer and other responsible operating units shall also be

responsible for ensuring compliance of norms of KYC/AML/CFT as per the prevailing

regulation and direction given by Chief AML/CFT Compliance Officer from time to time.

4. Money Laundering

Money laundering is the process by which criminals disguise the illegal origin of their funds. In

simple words, it is the process of laundering (washing) black money for the purpose of

converting the same into clean money. Money laundering is done by launderers worldwide to

conceal funds from criminal activities such as drugs/arms trafficking, terrorism, tax evasion,

extortion, etc. There are three stages of Money Laundering, which are (i) Placement (ii)

Layering and (iii) Integration.

4.1 Placement is the first stage in money laundering where the cash proceeds of criminal

activity enter into the financial system.

4.2 Layering is the second stage in money laundering where attempts are made to distance

the money from its illegal source through layers of financial transactions.

4.3 Integration is the third stage of money laundering. This stage involves the re-

introduction of the illegal proceeds into legitimate commerce by providing a legitimate-

appearing explanation for the funds.

5. Financing of Terrorism

Financing of Terrorism means financial support to any form of terrorism or to those who

encourage plan or engage in terrorism. The source of such fund may be either legal or illegal.


Page 8

6. Anti-Money Laundering (AML)/Counter-Financing of Terrorism

(CFT)

AML/CFT is a term used in the financial and legal industries to describe the legal controls that

require the financial institutions and other regulated entities to prevent, detect, and report ML/TF

activities. The Bank has implemented standard KYC norms to prevent, detect and report of

ML/TF activities to the FIU.

7. Know Your Customer (KYC)

KYC is the process of a business verifying the identity of its customers; it is to safeguard the

banks from being used by criminal elements for ML/TF activities.

For the purpose of KYC Policy customer is defined as (i) A Person or entity that maintains an

account and or has business relationship with the Bank (ii) One on whose behalf an account is

maintained i.e. beneficial owners and (iii) Any person or entity connected with the financial

transaction that may impose significant reputational or other risks to the Bank, such as a wire

transfer or issue of high value demand draft as a single transaction.

Beneficial owner in terms of AML/KYC is a person who generally has ultimate control over the

funds through ownership or other means and/or who are the ultimate source of funds for the

account. The Bank shall identify the individuals who have control over such account/fund or

having 10% shareholding in case of a legal entity.

The Bank KYC Policy incorporates the following four key elements, which shall be elaborated

in the KYC/AML/CFT Manual/Guidelines:

Customer Acceptance Policy.

Customer Identification Procedures.

Monitoring of Transactions.

Risk Management.

The Guideline shall cover in details following areas under key elements of KYC Policy:


Page 9

Internal responsibility and work / job classification.

The Basis of Risk Assessment system and mechanism

Risk-Based Customer identification, update and monitoring mechanism

PEP identification mechanism

Beneficial owner identification mechanism

System/ mechanism for suspicious transaction identification

Mechanism for monitoring transaction to prevent trade-based money laundering.

8. Establishing Relationship

The Bank shall establish relationship with customers like depositors, borrowers, remittance

customers, correspondent banks, remittance agents as well as other associates like consultants,

valuators, vendors and its employees. In this regard, the Bank shall obtain relevant information

as deemed necessary of all of its relationships and shall adopt following measures while

establishing customer relationship.

Strictly follow the Customer Identification and the Customer Acceptance

Procedure, which are the basic elements of KYC Policy.

Obtain KYC documents/information at the time of commencing the business

relationship.

Carry out initial Due Diligence at the time of establishing the relationship. This

shall include but not limited to verification of the background and screening

procedures to verify that the customer has a clean record.

9. The Bank shall not deal or accept the following person/entities as a

customer:

Anonymous or Fictitious Accounts

Shell Banks/Firm/Companies


Page 10

Unregistered Company/Institution/Entity.(except where Regulator has

provisioned for opening/operating of bank account or conducting any financial

transactions)

The Customer acting on behalf of another customer to open an account.

Entities/Persons appearing in Negative/Sanctioned lists and any other list issued

by NRB, Nepal Government and international authorized bodies such as, UN, US,

HMT, EU, OFAC, Australian.

The Customers who are unable to provide documents, information, and details

required for the customer identification and verification.

Documents, information, and other details provided appear conflicting to the

identity of the customer.

Those who deal with armaments.

10. Supervision and Monitoring of Transactions

Transaction monitoring shall be an ongoing process to the transaction done by the customer,

which is an essential aspect of an effective KYC procedure. The transaction that does not justify

the customer profile, the transaction performed just below the threshold limit to avoid reporting

and transactions equal to or above the threshold limit as mentioned in the NRB directive shall be

paid special attention by Operational Staffs, Relationship Managers, and AML/CFT Compliance

Unit. Further transactions of suspicious nature shall be reported as and when noticed to the FIU

through Chief AML/CFT Compliance Officer. The Banks KYC/AML/CFT Guideline shall

incorporate detail Guideline for Detecting Suspicious Transaction.

Besides monitoring of the customer and transaction manually via exceptional reports developed

by the Bank internally, the Bank shall also implement an automated system. The system shall

support account monitoring and screening of the entire customer against various sanction list

/PEP list and would do so at the time of the customer onboarding, whenever the circumstances

demand and also as soon as these lists are updated. The monitoring of transactions and AML

automated system shall be supervised by the Compliance AML/CFT unit; Chief AML/CFT

Compliance Officer shall also be responsible to enhance the monitoring system by reviewing and

adding scenario/rules for suspicious activity detection.


Page 11

11. Wire Transfer

There is a greater chance of wire transfer to be used for terrorist financing, fraud, and money

laundering activities; hence, the Bank shall have mechanism established to prevent terrorists and

other criminals from having unregulated access to the wire transfer facility. The Bank shall

ensure that complete information of sender and beneficiary accompanies the wire transfer

message/request before initiating the transaction and the transfer of fund are in line with the

customers’ business profile and is consistent to the account history. If any doubt is established,

enhance customer due diligence shall be carried out and suspicious report shall be filed to the

FIU.

12. Trade Based Money Laundering:

Trade Based Money Laundering (TBML) is the process of disguising the proceeds of crime and

moving value through the use of trade transactions in an attempt to legitimize their illicit origins.

Such money laundering activities are done through under-invoicing, over-invoicing,

misrepresentation of the price, quantity, and quality of goods through imports or exports

activities. The Bank shall not be involved in TBML activities of customers. All the trade

transactions shall be strictly checked/ monitored prior to the execution by the concerned

department/unit and ensure that the required documents are obtained as per the prevailing NRB’s

guideline/regulations.

13. Correspondent Banking

A correspondent bank is a financial institution that provides services on behalf of another

financial institution. The Bank shall carry out customer due diligence while establishing a new

correspondent relationship and also at the time of reviewing/renewing such relationships. From

AML aspect Bank’s Treasury Department shall complete AML/CFT compliance test for all the

existing Banks/Financial Institutions with which the Bank has correspondent relationship in the

format (Questionnaire) prescribed by the AML/CFT unit of the Bank every year, within 3

months from the start of the new Calendar year (A.D). Such questionnaire shall help evaluate the

quality of the Correspondent Banking Client’s AML/CFT program, including how it meets


Page 12

internationally recognized standards and sufficiency so as to mitigate the risk presented based

upon their products, customer base, and jurisdiction.

14. Downward Correspondent Banking (Nested Account)

The Bank shall not allow downward correspondent banking service and nested account activities

to other financial institutions.

15. Payable-through Accounts or Pass-through accounts

The Bank shall not allow its customers to directly access the correspondent account to conduct

business on their own behalf.

16. Resubmission Policy

Bank shall not attempt to resubmit any transaction that has already been rejected due to concern

over Sanctions, Money Laundering or Terrorist Financing. The record of such rejected

transaction to be maintained by the concern department and ensure that they are not resubmitted

after changing the information.

17. Reporting of Transactions to FIU

BM, OI and RO shall be a key person to report any unusual transaction identified to the Chief

AML/CFT Compliance Officer. The Officer shall further analyze and, if suspicion is established,

will immediately file STR to FIU. Similarly, TTR shall also be reported to the FIU by the

AML/CFT Compliance Unit on fortnightly basis.

Further, in regard to other regulatory reporting on AML/CFT issues, required information/data

shall be furnished by concern departments and branches, which shall be analyzed by the Unit and

report to the regulator.


Page 13

18. Failure to Report

Staff failing to report, identified unusual and suspicious transactions, shall be taken action in

accordance with Banks Policy and Asset (Money) Laundering Prevention Act 2064 or NRB

Directive as appropriate.

19. Sanctions Compliance Policy

Sanctions compliance is a common, global challenge facing banks and financial institutions. The

Bank shall check various sanction lists directed by the regulator and other competent authorities

and any other lists as appropriate to safe-guard Banks reputation and prevent it from being used

by money launderers and terrorists, such as OFAC, US, UN, EU, HMT, Australian sanction list.

Departments/ Branches while opening account, reviewing account and initiating the wire transfer

transaction shall perform the sanction check against customer and Parties involved in the

transaction. If any exact match is found, The Bank shall block/freeze the accounts/assets of such

customer immediately and notify the concerned authority. Similarly, any customer under doubt

on their information should also be referred to the Chief AML/CFT Compliance Officer as

suspicious. The Chief AML/CFT Compliance Officer shall investigate on such issues and derive

conclusion within reasonable time and give appropriate instruction.

The Bank shall have appropriate mechanism in place to screen the customer against various

sanctions list and PEP list, which shall be duly exercised while the customer on-boarding and

carrying out wire transfer transaction. Such automated mechanism shall support screening of the

entire customer against updated sanction list.

20. Prohibition of Personal Accounts for Business Purposes

The Bank shall not allow personal saving accounts to be used for business purposes.

21. Risk Grading of Customer Profile

The Bank shall establish risk grading of every customer based on their risk profile by evaluating

the impact of transactions to the Bank and as guided by Asset (Money) Laundering Prevention


Page 14

Act and NRB Directive. The Bank shall also consider influencing factors such as geographical,

occupational, professional, sectoral, customer type, product or service type, nature of the

transaction, and categorize customers into following risks category.

a) Low Risk,

b) Medium Risk, and

c) High Risk.

The Bank shall review High risk customer account once a year and Low and Medium risk

customer accounts once in every three years. For high risk customer approval of Senior

Management (COO) or as designated by him/her must be obtained. However, customers’

accounts in all risk categories shall be reviewed immediately in case of any unusual/suspicious

activities noticed.

22. Reviewing/Monitoring of Customer Profile

The Bank can effectively control and reduce the risk from customers only by conducting on-

going due diligence, which is also an important part of applying effective KYC procedure. The

transactions that do not match with the customers/profile, the line of business, high-value

transactions, high account turnover and transactions exceeding threshold limit shall be given

more attention. Any deviation in the transaction performed in the account against the customer

profile shall be followed by reviewing of the customer profile by carrying out Customer Due

Diligence (CDD) and Enhanced Customer Due Diligence (ECDD) based on transactions and risk

categorization of the customer.

23. Customer Due Diligence (CDD)

23.1 General Provisions of Customer Identification

The Bank shall apply customer due diligence measures in the following circumstances:

When establishing a business relationship.

When conducting wire transfer transactions.


Page 15

When the opening of customer’s account.

Any person or entity connected with a financial transaction with the Bank.

When carrying out occasional transactions, such as electronic and cash payments

for amounts exceeding established thresholds.

At any time of the transaction in relation to the high risk and politically exposed

person.

When there are doubts about the authenticity or adequacy of previously obtained

customer identification data.

Other provision as prescribed by the Regulator.

23.2 Customer Due Diligence Measures (but not limited to):

Identifying the customer and verifying the customer's identity on the basis of

documents, data or information obtained from a reliable source.

Checking the name of the customer against various sanction lists (such as OFAC,

UN, US EU, HMT, Australian list etc), any other list adopted/maintained by the

Bank (such as PEP list, watch list) and list provided by the Nepal

Government/Regulator.

Identifying and verifying the beneficial owner and obtaining sufficient

information of the beneficial owner to the extent that the Bank is satisfied with the

understanding of the same.

Obtaining information on the purpose and intended nature of the business

relationship.

Conducting ongoing monitoring of the business relationship including scrutiny of

transactions undertaken throughout the course of that relationship to ensure that

the transactions being conducted are consistent with the Bank’s knowledge of the

customer, the business and risk profile.

Ensuring that the documents, data or information held are kept up-to-date and the

due diligence carried out are in line with the risk profile of the customer.


Page 16

23.3 Simplified Customer Due Diligence (SCDD):

Categories of customers such as listed Companies (Company listed in the Nepal Stock

Exchange) public/Government authority, any other service/product provided to the

customer for the special motive as per the instruction of the regulator, simplified CDD

measures shall be applied. Such measure reflects the accepted low risk of ML/TF. The

Bank shall give special care while satisfying itself that the customer or business

qualifies for the simplified treatment or not.

23.4 Enhanced Customer Due Diligence (ECDD)

Based on the risk assessment ECDD, measures shall be applied by the Bank to the High

Risk Customers/transactions. It is a process of requiring intensive ‘Due Diligence’ for a

high risk customer and obtain adequate information/documents that satisfy the Bank for

the establishing/maintaining relationship. It is a process of applying measures that are

over and above the standard (KYC) procedures commensurate to the level of risks.

Enhanced due diligence shall be required when establishing the business relationship or

conducting transactions with the following customers, the details procedure/mechanism

shall be covered by the KYC/AML/CFT Guideline:

The Customer who conducts complex, unusual large transactions and unusual

patterns of transactions or which have no apparent economic or visible lawful

purpose,

The Transaction with the customer of a country, which is international, identified as

a deficient or non-compliant country of international AML/CFT standards,

PEP1 and their family members and person associated with them,

Correspondent Bank, Remittance Agents.

Trusts, Charities, Nonprofit making organizations, NGOs and organizations

receiving donations.

1 Politically Exposed Persons (PEPs) are the individuals who are or have been entrusted with prominent public function in the

country or abroad, e.g. Heads of States or of Governments, senior politicians, senior government/ judicial/ military officers, senior

executives of state owned corporations, important political party officials, etc.)


Page 17

Non-face to face customers

Customer suspected of ML/TF or other offences, and customers from high risk

countries.

Cash incentive business and individuals associated with such business

High net worth individuals

Gaming, Casino

Entities involved in mining and trading of precious metal including trading in rough

diamond.

Other customers/accountholders as prescribed by the Regulator.

24. Risk Based Approach (RBA)

24.1 Risk Management

The risk-based approach shall take the following steps in assessing the most cost-

effective and balanced way to manage and mitigate the money laundering and terrorist

financing risks in the Bank:

Identify and assess the ML/TF risks that are significant to the Bank.

Design and deploy controls to manage and mitigate the assessed risks.

Monitor and improve the effective operation of the controls in place.

Risk management generally shall be regarded as a continuous process, carried out on a

dynamic basis. The Bank therefore, ensures that its risk management processes for

managing ML/TF risks are kept under regular monitoring and review.

The Bank shall revisit its assessments at least annually. The RBA principals propose

identification, assessment, understanding, and mitigation of ML/TF risk including

explicit consideration to key risk factors and its impacts such as geographical location,

type of customer, and type of business/product and delivery channel.


Page 18

Where the Bank identifies higher risks, it shall ensure that its AML/CFT procedure

adequately addresses such risks by carrying out ECDD. Where the Bank identifies

lower risks, simplified due diligence measures under certain conditions (pursuant to

Applicable Legislation/NRB Directive) may be adopted.

In case of existing customer accounts, where due diligence exercise is not possible due

to lack of information or non-cooperation by the customer, the Bank shall debit freeze

the account of such customers and should consider closing accounts or terminate entire

banking relationship after issuing due notice, as appropriate, to the customer.

The Bank shall focus on the areas where risks are relatively high in order to allocate

resources in the most effective way. Based on regulatory guidelines/circulars and

international best practices, FATF recommendations on AML/CFT risk management,

the Bank will develop necessary internal policies, procedures and risk parameters to

ensure alignment with regulatory framework and best practices in this regard. The

Bank shall carry out due diligence of the customer based on the risk

identified/established.

Following the best practice, the Bank shall implement three lines of defense as part of

the effective risk management from AML/CFT aspect:

The First line of defense shall be performed by Business/front lined staff. Each

of the Bank businesses (Head of each Business Unit) shall own and manage the

ML/TF risks arising from the business/accounts, and is responsible for having

controls in place to mitigate the risk and promoting AML/CFT principles.

The Second line of defense will be performed by the AML/CFT Compliance

Unit. The Chief AML/CFT Compliance officer shall monitor and facilitates the

implementation of effective AML/CFT risk management practices by businesses

(operational management) and assists the risk owners in reporting adequate risk

related information up and down the Bank and also provide risk owners

(businesses) with regulatory compliance expertise and guidance, set standards and

trainings to manage ML/TF risks.


Page 19

The Third line of defense will be performed by internal audit. The Bank internal

audit shall carry out AML/CFT theme based audit, through a risk-based approach,

where it will reviews activities (effectiveness) of the first two lines of defense

with purpose to ensure (BODs and senior management) that applicable

Act/rules/directives and internal policies/manuals requirements are carried out

effectively.

24.2 Customer Risk

For effective development of an overall risk framework, the Bank shall determine the

potential ML and TF risks posed by a customer, or category of customers, based on its

own principle, which shall be in line with the recommendation of FATF and the

Regulator.

24.3 Country Risk

Those countries which have deficiencies in their national AML/CFT regimes and

countries with effective sanctions pose significant threats to the Banks reputation.

Therefore, the customers’ that have any link with such countries shall be identified in

order to protect the Bank against reputational and financial risks. The Bank shall

introduce mechanism/system to identify high risk countries before establishing and

carrying out the transaction on behalf of the customer thus requiring ECDD.

Factors that may result in a determination those customers from or connected with a

particular country pose a higher risk includes, for example:

Countries subject to sanctions, embargoes or similar measures issued by, for

example, the United Nations (“UN”), OFAC, etc.

Countries identified by credible sources (e.g. FATF, FATF-style national

authorities or other recognized evaluation bodies) as lacking adequate money

laundering laws and regulations;

Countries identified by credible sources as providing funding or support for

terrorist activities; or


Page 20

Countries identified by credible sources as having significant levels of corruption,

drug trafficking, human trafficking or other criminal activity.

24.4 Geographical Risk

Those areas where ML/TF risk is high due to the geographical location of the country

where illegal activities are high e.g. smuggling, human trafficking, criminal activities,

etc. The Bank shall/may assess the risk of customers of that region based on his/her

transaction and categorized and monitor accordingly.

24.5 Product and Delivery Channel Risk

Certain products and delivery channels offered by the Bank may pose a higher risk of

money laundering or terrorist financing depending on the nature of the specific product or

service offered. Such products and services may facilitate a higher degree of anonymity,

or involve the handling of high volumes of the transaction. The Bank shall identify the

High-risk product and delivery channels and apply appropriate measures to mitigate the

risk of ML/TF.

The Bank shall pay special attention to the ML/TF threats arising from new or developing

technologies and take necessary steps to prevent its misuse for money laundering

activities. The Bank will ensure that appropriate KYC procedures are duly applied to the

customers.

25. Awareness and Training

Bank staffs, Directors and Promoters hold 2% and above shares or as directed by NRB from time

to time, are to be made aware of their statutory and regulatory obligations on KYC/AML/CFT at

least once in a year. Induction training shall be provided to new staffs on the KYC/AML/CFT

and the Bank’s Policy to counter it. The Bank shall refresh employees’ knowledge on the

practices of ML/TF from time to time with indications to the recognition of suspicious

transactions. Such training may be given through online e-learning course also. Further frequent

onsite visits shall also be conducted by the AML/CFT Compliance unit to check/monitor the

activities and to create awareness in aspect to KYC/AML/CFT. Report of such visits shall be


Page 21

submitted to the AML/CFT Management Committee for review. More extensive training

including foreign training shall also be provided to staff in the AML/CFT Compliance Unit and

other AML/CFT relevant staff. The training shall be conducted in coordination with Training and

Development, Human Resource Department.

26. Internal Audit Function

As per the Policy, the Bank shall maintain an independent audit function, that is adequately

resourced and capable to regularly assess the effectiveness of the Bank’s internal policies,

procedures and controls, and its compliance with regulatory requirements especially covering

the aspect of KYC/AML/CFT issues. The Internal audit shall carry out a theme based audit, the

report of which shall be provided to the AML/CFT Compliance Unit.

27. Confidentiality and Tipping off

The Bank shall keep the details of all transaction of STR, TTR and correspondence record to and

from the regulatory body on Banks customers under the investigation, as confidential and this

information shall not be shared with the customer or any irrelevant bank staff, unrelated official

meetings or anyone outside the Bank. Informing the customer about the STR (i.e. tipping off)

will be treated as a criminal offense and be punished accordingly.

Further, any documents, information and transaction details of the customer shall be kept

confidential and not leaked/shared to an unauthorized person. Such personal data is considered as

confidential and is prohibited to be shared to the third party unless otherwise stipulated by the

applicable Legislation.

28. Non-compliance with KYC/AML/CFT Policy

Failure from staffs to abide by the Policy set by the Bank to prevent ML and TF will be treated

as a disciplinary issue. Any deliberate breach will be viewed as gross misconduct. Further, such

actions shall also attract the penalty as per the applicable legislation and regulatory provision.


Page 22

29. Not to be Liable for Providing Information

In case any loss occurs to a person/customer, the business of the bank because of submission of

information to the FIU or other investigating authorities by the designated staff, the Bank shall

not take any action to such designated officials.

30. Importance of Know Your Employee (KYE)

The Bank employees will conduct themselves in accordance with the highest ethical standards

and the extant regulatory requirements and laws. Staff should not provide advice or other

assistance to individuals who are indulging in ML/TF activities. Any knowledge/information of

any staff involved in such activities shall not be kept hidden and as per the Whistle Blowing

Policy of the Bank, it shall be informed to the competent authority.

HRD shall conduct code of conduct of every employee as per Staff Service Bylaw and Know

Your Employee (KYE) procedure and maintain up-to-date information of each employee. It shall

also monitor the transaction of the employees and if any suspicious nature of activities related to

ML/TF is observed it shall be notified/ reported to Chief AML/CFT Compliance Officer.

31. Record Keeping

The Bank will maintain records of transactions including the results of any analysis undertaken

for a minimum period of five years from its completion and closure of transactions/account.

The records of identification data obtained through CDD process like copies of identification

documents, account opening forms, verification documents, and other documents, shall also be

maintained for a minimum period of five years after the end of the relationship.

The record shall be kept digitally as well as in physical form to ensure that such records could be

retrieved without any delay.

Further Records shall be kept of all training given to staff including the date and nature of the

training along with names of the training resource person and staff attending the training by

HRD.


Page 23

32. Miscellaneous

32.1 While introducing new products and services, entering affiliation with any third

party, the Bank shall confirm that it is in accordance with this Policy and NRB

Directive and Act. Any affiliates of the Bank shall have policies and practice

which prevents the organization from money laundering and terrorist activities.

The Bank may review AML/CFT related documents and practices of such

affiliates. Where Bank holds 50% or more shares of any organizations, such

organization shall prepare their own AML/CFT Policy as directed by their

respective Regulators and shall also be in line/spirit with the Policy of the Bank.

32.2 Every internal document (Policy, manual, process notes, guideline, etc.) should

be developed in compliance to this Policy, likewise, all the process notes &

product papers should mention about the monitoring and control mechanism of

ML/TF as per this Policy and KYC/AML/CFT Guideline where applicable.

33. KYC/AML/CFT Procedure Manual/Guideline

A separate manual shall supplement this Policy. The manual shall be reviewed by the Chief

AML/CFT Compliance Officer at least on annual basis or as and when required and may be

amended/revised as per the requirement with approval of the AML/CFT Management

Committee.

34. Maintenance and Update

The review and update of this Policy shall be an ongoing process to ensure continuous alignment

of the Policy with the Bank’s strategy, internal and external dynamics in which Bank operates.

Such factors shall include the developments, changes, and trends whether required by law or by a

generally accepted risk management or business practices within the financial sector. Review

and amendments of the Policy shall be assessed and approved by the BOD.

The Bank management on need basis may develop the guidelines/procedures and elaborate on

topics/ issues covered by this Policy.


Page 24

This Policy shall be subject to review in at least once a year or whenever circumstances justify.

(If there is no change required in the KYC/AML/CFT Policy within a year, a note will be raised

to renew the Policy with no change).

35. Effective Date

This Policy shall come into effect following approval from the BOD and subsequently circulated

to the staff.