COP 2019 Walkthrough
Know Your Counterparty: Money Laundering and Finance of Terrorism.
Use Know Your Counterparty (KYC) principles to combat money laundering (the process used to disguise the origin of financial proceeds of crime) and terrorism financing (any activity that financially supports people who encourage, plan or engage in terrorism). In practice, this means establishing the identity of all the organisations with which you do business, ensuring a clear understanding of your business relationship with each, and being reasonably able to spot and react to unusual or suspicious transactions.
As part of implementing KYC principles, you should conduct a risk assessment of all your business partners (see provision 5.1). High risk partners may include those that: consistently prefer cash transactions, use unusual financial terms and conditions, use a little known or far away bank, frequently change their bank account, have their offices in high risk countries, or conduct their business through intermediaries.
For each high risk business partner, identify the beneficial owner and principal—the person who ultimately owns or controls the business and the person on whose behalf a transaction is being done.
The circumstances under which you need to report a transaction or activity as ‘suspicious’ vary from country to country and are typically set out in national law. Make sure you know the relevant laws and thresholds that apply in all jurisdictions where you operate. And make sure you have a robust process in place for reporting both business partners and end consumers to the relevant authority if necessary.
12. Know Your Counterparty: money laundering and finance of terrorism
12.1 Members shall document and apply a Know Your Counterparty (KYC) policy and procedures for business partners that are suppliers and customers of gold, silver, PGM, diamonds, coloured gemstones or jewellery products containing these materials.
The policy and procedures shall:
- Establish the identity of the counterparty by checking government-issued identification.
- Where triggered by a risk assessment or applicable law, establish the beneficial ownership and principals of the counterparty.
- Verify that the counterparty and, if applicable, their beneficial owners are not named on relevant government lists for individuals or organisations implicated in money laundering, fraud or involvement with prohibited organisations and/or those financing conflict.
- Maintain an understanding of the nature and legitimacy of their business.
- Monitor transactions for unusual or suspicious activity and report suspicions of money laundering or finance of terrorism to the relevant authority as applicable.
- Maintain adequate records for either five years minimum or as long as required by national legislation, whichever is longer.
12.2 Members shall nominate an individual to be responsible for implementing the KYC policy and procedures.
12.3 Members’ KYC policy and procedures shall be up to date and appropriate, and shall include training, documentation procedures and regular reviews.
Assign responsibility (COP12.2)
You must make sure that your KYC policy and procedures are overseen by a suitably qualified and experienced individual with:
- expertise in your industry
- awareness of key counterparties; and
- good knowledge of money laundering techniques, including how they might be used in your industry’s transactions and areas of operation.
The person who undertakes financial transactions would naturally be this responsible person in a smaller company.
Policy and procedures (COP12.1)
You are required to set up a policy to outline your aims and procedures on KYC. As part of the procedures, most members develop a KYC form which they send to counterparties and require them to complete. RJC has a template policy, procedure and KYC form available above. Please note that you do not need to send out KYC forms every year for completion by your counterparties. They only need to complete a new form if any of their details have changed.
It’s important to note that your procedures will involve ongoing monitoring and record keeping. This means your KYC procedure is an ongoing responsibility that you must review and maintain.
You will need to monitor your KYC systems on an ongoing basis. Part of this means familiarising yourself with indicators of risk, or red flags.
Non-exhaustive list of red flags examples you should check and monitor for as part of your KYC procedures:
- A counterparty is in a jurisdiction that is subject to sanctions
- A counterparty is in a conflict-affected and/or high-risk area (CAHRA)
- A counterparty is based in an unusual location a-typical of the industry or peers
- Information submitted through a KYC form does not make sense, i.e. the owner resides in Peru but the business is in Colombia
- The counterparty you are working with has limited knowledge of the industry
- A counterparty makes unusual financial terms and conditions, or requests terms that don’t make any financial sense
- Use of unusual or distant banks
- Use of non-banking financial institutions for no apparent legitimate business purpose
- Frequent and unexplained changes in bank accounts or accounting personnel
- Use of companies without any apparent legitimate fiscal, legal or commercial reason as part of a transaction
- A counterparty has an unusually complex organisational structure
- Refusal to identify beneficial owners or controlling interests in cases where this would be commercially expected or required as the counterparty is high-risk/you identify a red flag
- Attempted anonymity by conducting ordinary business through accountants, lawyers or other intermediaries
- Use of cash in a non-standard manner or if the counterparty deals primarily in cash
- A counterparty purports to buy mostly from the public
- Involvement of politically exposed persons
- Government identification is unusual or doesn’t match, i.e. a Peruvian company submits a business license issued by the government of Thailand
- A counterparty in Miami pays by a bank transfer from Spain
- A counterparty pays an invoice using a cheque from an unknown third party (where this is the case, make sure there is a legitimate reason for the third party’s involvement, identify the third party and establish the relationship between them and your counterparty). Monitor to see if it happens regularly.
It’s important to note that if you or a colleague identify a red flag or a risk of money laundering or terrorism financing, it is not your responsibility to determine the type or purpose of the criminal activity at hand. You are responsible for reporting the risk to the proper authorities in your jurisdiction of operation only.
Training and reviews (COP12.3)
PLEASE NOTE: Your KYC procedures and systems must be:
- Routine, but fresh and front of mind
- Focused on protecting the business.
It’s important to remember that KYC procedures are not only about sending and processing KYC forms, but ongoing monitoring is a very important part.
It’s important that all those involved in financial transactions are aware of your KYC policies and procedures, including red flags. Relevant employees will need to:
- manage and process received KYC forms
- maintain KYC records
- check counterparties against high-risk jurisdictions, politically exposed persons (PEP) lists, and sanctions/watchlists
- monitor for unusual activity (to support identifying red flags).
Annual reviews/testing of programme
Under COP 12.3, members must conduct annual reviews to check if your KYC system and procedures work adequately. This may include review of:
- Whether changes in the business warrant changes/updates in your KYC procedures (for example if a new line of business has developed)
- Whether the responsible senior manager’s responsibilities and job duties are still adequate to meet the KYC requirements within your business
- Whether records are complete for all counterparties (or as many as possible)
- Whether high-risk jurisdictions, politically exposed persons (PEP) and sanctions lists etc are being checked regularly
- Whether all relevant cash transactions have been recorded
- Whether there were any cases of unusual or suspicious activity, and if so, were they properly documented? What was the resolution and was there anything to report to appropriate authority?
Document that you have performed this review, even if the review was brief, dating documents accordingly.
Records (COP12.1e & COP12.4)
Members must keep completed KYC forms and associated records for a minimum of five years, or as long as required by applicable law (whichever is longer).
As part of your monitoring, you will need to record cash or cash-like transactions equal to or above 10,000USD/EUR. If required by applicable law, the threshold for these records may be less than this, and you will be required to record transactions of whichever is lower. This will facilitate your monitoring of red flags too – for example if a counterparty makes increasing number of these transactions, with surprising new sources of goods, for example.
AT THE AUDIT: Your auditor will review your policies and procedures (including your KYC forms/questionnaires you send out to counterparties) as well as take a random sample of your completed forms/records.
Sometimes members are unable to achieve 100% complete KYC records for all counterparties, ie not all KYC forms have been comprehensively completed and sent back. The COP requires members to establish the identity of all customers and suppliers, and where triggered by a risk assessment or applicable law, the beneficial ownership and principals of the supplier or customer. This does not necessarily always mean 100% complete records as collecting and maintaining relevant data is an ongoing process.
Auditors take into consideration the extent and nature of any missing information, the reasons why the information is missing and whether it demonstrates weaknesses in your management systems. There could be a reasonable, practical explanation for why certain identity information is missing or out of date:
- because your counterparty has moved offices,
- because your business relationship is inactive or
- because of a minor clerical error.
If, however, basic identity information is frequently missing from your records or if an active counterparty with missing information cannot be contacted or located, you are likely to be in a situation of non-conformance.
REQUESTING BENEFICIAL OWNER DETAILS: Auditors understand that gathering information about beneficial owners may not be as straightforward as acquiring basic identity information. For example, if you should get information about beneficial ownership but it is not legally required, your counterparty may not co-operate. Similarly, if you have a new counterparty, or one that has just changed ownership, you may well need to chase the information. If, however, you are missing information that is legally required and cannot show that you are actively trying to get it (particularly if it is missing for several counterparties), then you are likely to be in a situation of non-conformance.
Auditors will ask those involved in financial transactions questions on your KYC procedures and how they go about identifying high risk counterparties and monitoring and recording suspicious activity.
Please find two template documents you can download here:
Definition of Key Terms
Know Your Counterparty (KYC) principles are established to combat money laundering and the financing of terrorism. They require businesses to identify every organisation that they deal with, to understand the legitimacy of their business relationships and to identify and react to unusual or suspicious transaction patterns. You may have heard previously of KYS, or Know Your Supplier. This has been replaced with KYC which expands the requirements to ‘counterparties’, which includes customers (but not necessarily end-consumers, unless required by applicable law).
Money laundering is the process of disguising the financial proceeds of crime to conceal their illegal origin. This usually involves three stages:
- Acquiring money illegally – illegal profits are broken up into relatively small amounts and introduced to the financial system, often deposited as cash, cheques or money orders into many different scattered bank accounts
- ‘Churning’ money to hide its illegal origin – illegal funds are moved around to distance them from their original source. They may be channelled through investments, or across international bank accounts
- Using that money for ‘bad’ or illegal purposes – the illegal funds re-enter the legitimate economy at this stage. They may be mixed with legitimate proceeds in company accounts or used to buy and sell high-value goods, such as jewellery, cars or antiques.
In the case of terrorism financing, legitimate and legal funding sources can also be involved in stage 1. Funds in stage 3 are distributed in the opposite direction: out of the legitimate economy towards criminal organisations.
You may have heard of the acronym AML which stands for ‘Anti-Money Laundering’.
A counterparty is any supplier or customer of gold, silver, PGM, diamonds, coloured gemstones or jewellery products containing these materials with whom you do business. Only if required by applicable law, does this extend to end consumers.
The financing of terrorism is any kind of financial support to those who attempt to encourage, plan or engage in terrorism. You may have seen the acronym CFT which means ‘Combating the Financing of Terrorism’.
Beneficial owner is the person(s) who owns or controls a counterparty and/or the person on whose behalf a transaction is being done.
A politically exposed person (PEP) is or has been entrusted with a prominent public function. Their status and influence puts many of these people in positions that can be potentially abused to commit money laundering and related predicate offences, including corruption and bribery, as well as activities related to terrorist financing.
Frequently Asked Questions
RJC will update and add new FAQs to this list as needed. If you cannot see your question or have further questions on COP6, please email firstname.lastname@example.org
The provision is designed to
- Help prevent money-laundering within the jewellery industry
- Help you confirm you are dealing with legitimate entities
- Ensure the legitimacy of all your transactions, thereby protecting your business
- Ensure a level playing field, since KYC procedures ensure your business partners are also in conformance
- Enhance the integrity of the industry.
Most countries have strict regulations to prevent money laundering, which is a criminal activity. You must ensure you are aware of the local anti-money laundering (AML) laws and regulations in every jurisdiction in which you operate.
COP7’s objective is to help respect Human Rights and avoid contributing to conflict through a member’s sourcing practices. COP7 requires members to identify key aspects of their material’s supply chain, for example identify the refiner of metals bought and the country of origin of stones. After collecting this information from suppliers, members must assess whether there are any risks associated with sourcing from conflict-affected or high-risk areas (CAHRAs) in their supply chains. As members will need to request information from suppliers for COP12 (of course COP12 covers customers too), many members have combined the letters/forms to request information from suppliers to understand the risks of sourcing from conflict-affected and high-risk areas, with their KYC requests.
Also, if a counterparty operates in a CAHRA, they are considered high-risk under COP12, and additional information and checks will need to be carried out.
There is an important link between these two provisions. In most cases, national law will define what makes a transaction or activity ‘suspicious’, and under what circumstances you need to report it, and to which authority. Make sure you are aware of the applicable law, and associated thresholds for reporting, in all jurisdictions that you operate in. If you carry out international transactions, you need to be aware of, and comply with, the applicable law for all relevant jurisdictions, sometimes those of your counterparty as well as your own.
AT THE AUDIT: Your auditor will check that your system to understand your legal requirements (COP1) such as your procedure and/or records, includes relevant anti-money laundering legislation. This is especially important if there are requirements above those in COP12, for example a lower cash transaction amount threshold that you need to keep records of, or if you are required to identify all beneficial owners, whatever the risk level for a counterparty.
To check if a counterparty operates from a high-risk jurisdiction:
- FATF high-risk jurisdictions lists: http://www.fatf-gafi.org/countries/#high-risk
Sanction lists members should check:
- US Sanctions list: https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country-information
- UN Sanctions list: https://www.un.org/sc/suborg/en/sanctions/un-sc-consolidated-list
- Any applicable politically exposed persons (PEP) lists, sanctions and watchlists in the member and counterparty’s jurisdictions
You can also seek information and support from your national trade association, or from the resource you may use for support on COP1 Legal Compliance (see above).