Regulations Governing Internal Audit and Internal Control System of Anti-money Laundering and Countering Terrorism of Agricultural Financial Institutions
2018-12-27
手機睡眠
語音選擇
Article 1
These Regulations are adopted pursuant to Paragraph 3, Article 6 of the Money Laundering Control Act (referred to as the “Act” hereunder).
Article 2
The term “agricultural financial institution” used in these Regulations include the credit departments of farmers’ associations, the credit departments of fishermen’s associations (collectively referred to as the “credit departments” hereunder) and the Agricultural Bank of Taiwan.
Article 3
The Agricultural Bank of Taiwan shall establish specific policies and procedures for correspondent banking and other similar relationships, including at least:
1. Gather sufficient publicly available information to fully understand the nature of the respondent institution’s business and to determine its reputation and quality of management, including whether it has complied with anti-money laundering and countering financing of terrorism (AML/CFT) regulations and whether it has been investigated or received administrative sanction in connection with money laundering or terrorist financing (ML/TF);
2. Assess whether the respondent institution has adequate and effective AML/CFT controls;
3. Obtain approval from senior management before establishing relationships with a respondent institution;
4. Document the respective AML/CFT responsibilities of each party;
5. Where a correspondent relationship involves in “payable–through accounts”, it should be satisfied that the respondent institution has performed customer due diligence (CDD) on customers who have direct access to the accounts of the correspondent bank and is able to provide relevant CDD information to the correspondent bank upon request;
6. The banking business is prohibited from entering into correspondent relationship with shell banks or respondent institutions that permit their accounts to be used by shell banks;
7. For a respondent institution that is unable to provide the aforementioned information upon the request of Agricultural Bank of Taiwan, Agricultural Bank of Taiwan may decline its application to open an account, suspend transactions with it, file a suspicious ML/TF transaction report or terminate business relationship with it.
1. Gather sufficient publicly available information to fully understand the nature of the respondent institution’s business and to determine its reputation and quality of management, including whether it has complied with anti-money laundering and countering financing of terrorism (AML/CFT) regulations and whether it has been investigated or received administrative sanction in connection with money laundering or terrorist financing (ML/TF);
2. Assess whether the respondent institution has adequate and effective AML/CFT controls;
3. Obtain approval from senior management before establishing relationships with a respondent institution;
4. Document the respective AML/CFT responsibilities of each party;
5. Where a correspondent relationship involves in “payable–through accounts”, it should be satisfied that the respondent institution has performed customer due diligence (CDD) on customers who have direct access to the accounts of the correspondent bank and is able to provide relevant CDD information to the correspondent bank upon request;
6. The banking business is prohibited from entering into correspondent relationship with shell banks or respondent institutions that permit their accounts to be used by shell banks;
7. For a respondent institution that is unable to provide the aforementioned information upon the request of Agricultural Bank of Taiwan, Agricultural Bank of Taiwan may decline its application to open an account, suspend transactions with it, file a suspicious ML/TF transaction report or terminate business relationship with it.
Article 4
An agricultural financial institution should assess ML/TF risks before launching new products or services or new business practices and establish relevant risk management measures to mitigate identified risks.
Article 5
Agricultural Bank of Taiwan shall conduct domestic and cross-border outward and inward wire transfers involving foreign currencies in accordance with the Directions Governing Banking Enterprises for Operating Foreign Exchange Business.
An agricultural financial institution shall conduct domestic wire transfers involving NTD in accordance with the following rules:
1. Provide required and accurate originator information and required beneficiary information by any of the means below:
(1) Include information on the originator and the beneficiary accompanying the wire transfer; or
(2) Include the account number or a unique transaction reference number which permits the transaction to be traced back to the originator and the beneficiary and make information available within three business days of receiving the request either from the beneficiary financial institution or from appropriate competent authorities, or immediately upon the request of a prosecutor’s office or judicial police authority.
2. Maintain the following required information on the originator and the beneficiary in accordance with Article 11 of the Regulations Governing Anti-Money Laundering of Agricultural Financial Institutions:
(1) The aforementioned originator information shall include: name of the originator, the originator account number where such an account is used to process the transaction (if not available, a unique transaction reference number that permits traceability), and any of the information below:
A. National identity number;
B. Address; or
C. Date and place of birth.
(2) The aforementioned beneficiary information shall include: name of the beneficiary and the beneficiary account number (if not available, a unique transaction reference number that permits traceability).
An agricultural financial institution that fails to conduct wire transfers in accordance with the preceding two paragraphs is not allowed to engage in wire transfer business.
A beneficiary agricultural financial institution shall conduct domestic wire transfers involving NTD in accordance with the following rules:
1. Have risk-based policies and procedures for determining when to execute, reject, or suspend a wire transfer lacking the information specified under Subparagraph 2, Paragraph 2 hereof, and the appropriate follow-up action.
2. Maintain the information on the originator and the beneficiary received in accordance with Article 11 of the Regulations Governing Anti-Money Laundering of Agricultural Financial Institutions.
An agricultural financial institution shall conduct domestic wire transfers involving NTD in accordance with the following rules:
1. Provide required and accurate originator information and required beneficiary information by any of the means below:
(1) Include information on the originator and the beneficiary accompanying the wire transfer; or
(2) Include the account number or a unique transaction reference number which permits the transaction to be traced back to the originator and the beneficiary and make information available within three business days of receiving the request either from the beneficiary financial institution or from appropriate competent authorities, or immediately upon the request of a prosecutor’s office or judicial police authority.
2. Maintain the following required information on the originator and the beneficiary in accordance with Article 11 of the Regulations Governing Anti-Money Laundering of Agricultural Financial Institutions:
(1) The aforementioned originator information shall include: name of the originator, the originator account number where such an account is used to process the transaction (if not available, a unique transaction reference number that permits traceability), and any of the information below:
A. National identity number;
B. Address; or
C. Date and place of birth.
(2) The aforementioned beneficiary information shall include: name of the beneficiary and the beneficiary account number (if not available, a unique transaction reference number that permits traceability).
An agricultural financial institution that fails to conduct wire transfers in accordance with the preceding two paragraphs is not allowed to engage in wire transfer business.
A beneficiary agricultural financial institution shall conduct domestic wire transfers involving NTD in accordance with the following rules:
1. Have risk-based policies and procedures for determining when to execute, reject, or suspend a wire transfer lacking the information specified under Subparagraph 2, Paragraph 2 hereof, and the appropriate follow-up action.
2. Maintain the information on the originator and the beneficiary received in accordance with Article 11 of the Regulations Governing Anti-Money Laundering of Agricultural Financial Institutions.
Article 6
The AML/CFT internal control system of an agricultural financial institution and any subsequent amendment thereto shall be approved by its board of directors (council), and shall contain the following:
1. The policies and procedures for identifying, assessing and managing ML/TF risks;
2. An AML/CFT program established based on ML/TF risks and business size to manage and mitigate identified risks, which also includes enhanced control measures for higher risk situations; and
3. Standard operating procedures for monitoring compliance with AML/CFT regulations and implementation of the AML/CFT program, which shall be included in the self-inspection and internal audit system, and enhanced if necessary.
The ML/TF risk identification, assessment and management mentioned in Subparagraph 1 of the preceding paragraph shall cover at least customers, geographic areas, products and services, transactions or delivery channels, and contain the following:
1. A risk assessment report shall be documented;
2. The risk assessment shall consider all risk factors to determine the level of overall risk, and appropriate measures to mitigate the risks;
3. There shall be a risk assessment update mechanism in place to ensure that risk data are kept up-to-date; and
4. When the risk assessment is completed or updated, the report shall be submitted to the Council of Agriculture (referred to as the “COA” hereunder) for recordation.
The AML/CFT program mentioned in Subparagraph 2 of Paragraph 1 hereof shall include the following policies, procedures and controls:
1. Customer due diligence;
2. Watch list filtering;
3. Ongoing due diligence of accounts and transactions;
4. Correspondent banking business;
5. Record keeping;
6. Filing of currency transaction report (CTR);
7. Filing of suspicious ML/TF transaction report (STR);
8. Appointment of a chief AML/CFT compliance officer in charge of compliance matters;
9. Employee screening and hiring procedure;
10. Ongoing employee training program;
11. An independent audit function to test the effectiveness of AML/CFT system; and
12. Other matters required by the AML/CFT regulations and the COA.
The board of directors (council) of an agricultural financial institution takes the ultimate responsibility of ensuring the establishment and maintenance of appropriate and effective AML/CFT internal controls. The board of directors (council) and senior management (secretary general) shall understand the institution’s ML/TF risks and the operation of its AML/CFT program, and adopt measures to create a culture of AML/CFT compliance.
1. The policies and procedures for identifying, assessing and managing ML/TF risks;
2. An AML/CFT program established based on ML/TF risks and business size to manage and mitigate identified risks, which also includes enhanced control measures for higher risk situations; and
3. Standard operating procedures for monitoring compliance with AML/CFT regulations and implementation of the AML/CFT program, which shall be included in the self-inspection and internal audit system, and enhanced if necessary.
The ML/TF risk identification, assessment and management mentioned in Subparagraph 1 of the preceding paragraph shall cover at least customers, geographic areas, products and services, transactions or delivery channels, and contain the following:
1. A risk assessment report shall be documented;
2. The risk assessment shall consider all risk factors to determine the level of overall risk, and appropriate measures to mitigate the risks;
3. There shall be a risk assessment update mechanism in place to ensure that risk data are kept up-to-date; and
4. When the risk assessment is completed or updated, the report shall be submitted to the Council of Agriculture (referred to as the “COA” hereunder) for recordation.
The AML/CFT program mentioned in Subparagraph 2 of Paragraph 1 hereof shall include the following policies, procedures and controls:
1. Customer due diligence;
2. Watch list filtering;
3. Ongoing due diligence of accounts and transactions;
4. Correspondent banking business;
5. Record keeping;
6. Filing of currency transaction report (CTR);
7. Filing of suspicious ML/TF transaction report (STR);
8. Appointment of a chief AML/CFT compliance officer in charge of compliance matters;
9. Employee screening and hiring procedure;
10. Ongoing employee training program;
11. An independent audit function to test the effectiveness of AML/CFT system; and
12. Other matters required by the AML/CFT regulations and the COA.
The board of directors (council) of an agricultural financial institution takes the ultimate responsibility of ensuring the establishment and maintenance of appropriate and effective AML/CFT internal controls. The board of directors (council) and senior management (secretary general) shall understand the institution’s ML/TF risks and the operation of its AML/CFT program, and adopt measures to create a culture of AML/CFT compliance.
Article 7
An agricultural financial institution shall be staffed with adequate number of AML/CFT personnel and resources appropriate to the size and risks of its business. The board of directors (secretary general) of the agricultural financial institution shall appoint a senior officer to act as the chief AML/CFT compliance officer and vest the officer full authority in coordinating and supervising AML/CFT implementation and shall ensure that its AML/CFT personnel and the chief AML/CFT compliance officer do not hold concurrent positions that may have a conflict of interest with their AML/CFT responsibilities. In addition, the Agricultural Bank of Taiwan shall set up an independent, dedicated AML/CFT compliance unit under the president, legal compliance unit, or risk management unit of the head office and such AML/CFT compliance unit shall not handle businesses other than AML/CFT.
The dedicated AML/CFT compliance unit or the chief AML/CFT compliance officer mentioned in the preceding paragraph shall be charged with the following duties:
1. Supervising the planning and implementation of policies and procedures for identifying, assessing and monitoring ML/TF risks.
2. Coordinating and supervising the implementation of the institution-wide AML/CFT risk identification and assessment.
3. Monitoring and controlling ML/TF risks.
4. Developing an AML/CFT program.
5. Coordinating and supervising the implementation of AML/CFT program.
6. Confirming compliance with AML/CFT regulations, including the relevant specimen or self-regulatory rules formulated by the related financial services association and accepted by the Financial Supervisory Commission for recordation, or relevant templates or self-regulatory rules formulated by the Agricultural Bank of Taiwan and accepted by the COA for recordation.
7. Supervising the reporting on suspicious ML/TF transactions and on the properties or property interests and location of individuals or legal entities designated by the Counter-Terrorism Financing Act to the Investigation Bureau, Ministry of Justice.
The chief AML/CFT compliance officer mentioned in Paragraph 1 hereof shall report to the board of directors (council) and the board of supervisors (supervisors) or the audit committee at least semiannually, and report to the board of directors (council), the board of supervisors (supervisors) and the secretary general or the audit committee whenever a major regulatory violation is discovered.
The dedicated AML/CFT compliance unit or the chief AML/CFT compliance officer mentioned in the preceding paragraph shall be charged with the following duties:
1. Supervising the planning and implementation of policies and procedures for identifying, assessing and monitoring ML/TF risks.
2. Coordinating and supervising the implementation of the institution-wide AML/CFT risk identification and assessment.
3. Monitoring and controlling ML/TF risks.
4. Developing an AML/CFT program.
5. Coordinating and supervising the implementation of AML/CFT program.
6. Confirming compliance with AML/CFT regulations, including the relevant specimen or self-regulatory rules formulated by the related financial services association and accepted by the Financial Supervisory Commission for recordation, or relevant templates or self-regulatory rules formulated by the Agricultural Bank of Taiwan and accepted by the COA for recordation.
7. Supervising the reporting on suspicious ML/TF transactions and on the properties or property interests and location of individuals or legal entities designated by the Counter-Terrorism Financing Act to the Investigation Bureau, Ministry of Justice.
The chief AML/CFT compliance officer mentioned in Paragraph 1 hereof shall report to the board of directors (council) and the board of supervisors (supervisors) or the audit committee at least semiannually, and report to the board of directors (council), the board of supervisors (supervisors) and the secretary general or the audit committee whenever a major regulatory violation is discovered.
Article 8
Each business unit of an agricultural financial institution shall appoint a senior manager to act as the supervisor to take charge of supervising AML/CFT related matters of the business unit and the status of self-inspection conducted by the business unit.
The internal audit unit (internal auditor) of an agricultural financial institution shall audit the following matters and submit audit opinions on:
1. Whether the ML/TF risk assessment and the AML/CFT program meet the regulatory requirements and are implemented; and
2. The effectiveness of the AML/CFT program.
The president (secretary general) of an agricultural financial institution shall oversee respective units to prudently evaluate and review the implementation of internal control system for AML/CFT. The chairman, president (secretary general), chief auditor (auditor), and chief AML/CFT compliance officer shall jointly issue a statement on internal control for AML/CFT (see attached), which shall be submitted to the board of directors (council) for approval and disclosed on the institution’s website within three (3) months after the end of each fiscal year, and filed via a website designated by the COA.
The internal audit unit (internal auditor) of an agricultural financial institution shall audit the following matters and submit audit opinions on:
1. Whether the ML/TF risk assessment and the AML/CFT program meet the regulatory requirements and are implemented; and
2. The effectiveness of the AML/CFT program.
The president (secretary general) of an agricultural financial institution shall oversee respective units to prudently evaluate and review the implementation of internal control system for AML/CFT. The chairman, president (secretary general), chief auditor (auditor), and chief AML/CFT compliance officer shall jointly issue a statement on internal control for AML/CFT (see attached), which shall be submitted to the board of directors (council) for approval and disclosed on the institution’s website within three (3) months after the end of each fiscal year, and filed via a website designated by the COA.
- Attachment Statement on Internal AML/CFT Control.pdf
Article 9
An agricultural financial institution shall establish screening and hiring procedures to ensure high standards when hiring employees, including examining whether the prospective employee has character integrity and the professional knowledge required to perform his/her duty.
The chief AML/CFT compliance officer, the AML/CFT personnel and the AML/CFT supervisors of the business units of an agricultural financial institution shall meet one of the following qualification requirements in three (3) months after appointment/assignment to the position and the agricultural financial institution shall set out relevant control mechanism to ensure compliance with the provisions hereof:
1. Having served as a legal compliance or AML/CFT personnel on a full-time basis for at least three (3) years;
2. Having attended at least 24 hours of courses offered by institutions recognized by the COA or Agricultural Bank of Taiwan, passed the exams, and received completion certificates therefor. But personnel who have met the qualification requirement for the legal compliance personnel are deemed to meet the qualification requirement under this Subparagraph after they have attended at least 12 hours of training on AML/CFT offered by institutions recognized by the COA; or
3. Having received an AML/CFT professional certificate issued by an international or a domestic institution recognized by the COA.
The chief AML/CFT compliance officer, the AML/CFT personnel and the AML/CFT supervisors of domestic business units of an agricultural financial institution shall annually attend at least 12 hours of training on AML/CFT offered by institutions recognized by the COA or Agricultural Bank of Taiwan or internal or external training units consented by the chief AML/CFT compliance officer mentioned in Paragraph 1of Article 7 herein. The training shall cover at least newly amended laws and regulations, trends and typologies of ML/TF risks. If the person has obtained an AML/CFT professional certificate issued by an international or a domestic institution recognized by the COA in a year, the certificate may be used to substitute the training hours for the year.
An agricultural financial institution shall annually arrange appropriate hours and contents of training on AML/CFT for its directors (council members), supervisors, president (secretary general), legal compliance personnel, internal auditors, and business personnel in view of the nature of its business, to familiarize them with their AML/CFT duties and equip them with the professional knowhow to perform their duties.
The chief AML/CFT compliance officer, the AML/CFT personnel and the AML/CFT supervisors of the business units of an agricultural financial institution shall meet one of the following qualification requirements in three (3) months after appointment/assignment to the position and the agricultural financial institution shall set out relevant control mechanism to ensure compliance with the provisions hereof:
1. Having served as a legal compliance or AML/CFT personnel on a full-time basis for at least three (3) years;
2. Having attended at least 24 hours of courses offered by institutions recognized by the COA or Agricultural Bank of Taiwan, passed the exams, and received completion certificates therefor. But personnel who have met the qualification requirement for the legal compliance personnel are deemed to meet the qualification requirement under this Subparagraph after they have attended at least 12 hours of training on AML/CFT offered by institutions recognized by the COA; or
3. Having received an AML/CFT professional certificate issued by an international or a domestic institution recognized by the COA.
The chief AML/CFT compliance officer, the AML/CFT personnel and the AML/CFT supervisors of domestic business units of an agricultural financial institution shall annually attend at least 12 hours of training on AML/CFT offered by institutions recognized by the COA or Agricultural Bank of Taiwan or internal or external training units consented by the chief AML/CFT compliance officer mentioned in Paragraph 1of Article 7 herein. The training shall cover at least newly amended laws and regulations, trends and typologies of ML/TF risks. If the person has obtained an AML/CFT professional certificate issued by an international or a domestic institution recognized by the COA in a year, the certificate may be used to substitute the training hours for the year.
An agricultural financial institution shall annually arrange appropriate hours and contents of training on AML/CFT for its directors (council members), supervisors, president (secretary general), legal compliance personnel, internal auditors, and business personnel in view of the nature of its business, to familiarize them with their AML/CFT duties and equip them with the professional knowhow to perform their duties.
Article 10
For the implementation of internal audit and internal control system of AML/CFT of an agricultural financial institution, the COA may, at any time, appoint an officer, or entrust an appropriate agency (institution) to conduct an inspection using risk-based approach. The inspection includes on-site and off-site inspections.
When conducting the inspection in the preceding Paragraph, the COA or the entrusted agency (institution) may order the agricultural financial institution to provide the relevant books, documents, electronic data files or other relevant materials. The aforementioned materials, whether stored in hard copy, electronic file, e-mail or any other form, shall be provided, and the agricultural financial institution shall not circumvent, reject or obstruct the inspection for any reason.
When conducting the inspection in the preceding Paragraph, the COA or the entrusted agency (institution) may order the agricultural financial institution to provide the relevant books, documents, electronic data files or other relevant materials. The aforementioned materials, whether stored in hard copy, electronic file, e-mail or any other form, shall be provided, and the agricultural financial institution shall not circumvent, reject or obstruct the inspection for any reason.
Article 11
These Regulations shall be effective from the date of promulgation.