BackRich TextPrint

You need the Flash plugin.

Download Macromedia Flash Player



  • FC Financial Crime

    • FC-A Introduction

      • FC-A.1 Purpose

        • Executive Summary

          • FC-A.1.1

            This Module applies, to all investment firm licensees, a comprehensive framework of Rules and Guidance aimed at combating money laundering and terrorist financing. In so doing, it helps implement the FATF Recommendations on combating money laundering and the financing of terrorism & proliferation, issued by the Financial Action Task Force (FATF), that are relevant to investment firm licensees. It also helps implement IOSCO guidance in this area. (Further information on these can be found in Chapter FC-9.) The Module also contains measures relating to the combating of fraud in the investment business sector.

            Amended: October 2014

          • FC-A.1.2

            The Module requires investment firm licensees to have effective anti-money laundering ('AML') policies and procedures, in addition to measures for combating the financing of terrorism ('CFT'). The Module contains detailed requirements relating to customer due diligence, reporting and the role and duties of the Money Laundering Reporting Officer (MLRO). Furthermore, examples of suspicious activity are provided, to assist investment firm licensees monitor transactions and fulfil their reporting obligations under Bahrain law.

          • FC-A.1.3

            This Module also covers measures in place to combat fraud: these apply to Category 1 investment firms and Category 2 investment firms. Chapter FC-10 sets out basic requirements regarding measures to deter, detect and report instances of fraud and attempted fraud.

            Amended: July 2007

        • Legal Basis

          • FC-A.1.4

            This Module contains the Central Bank of Bahrain's ('CBB') Directive (as amended from time to time) regarding the combating of financial crime, and is issued under the powers available to the CBB under Article 38 of the Central Bank of Bahrain and Financial Institutions Law 2006 ('CBB Law'). The Directive in this Module is applicable to all investment firm licensees.

            Amended: January 2011
            Amended: January 2007

          • FC-A.1.5

            For an explanation of the CBB's rule-making powers and different regulatory instruments, see Section UG-1.1.

            Amended: January 2007

      • FC-A.2 Module History

        • Evolution of Module

          Amended: January 2007

          • FC-A.2.1

            This Module was first issued in April 2006, as part of the first phase of Volume 4 (Investment Business) to be released by the BMA. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.

            Amended: January 2007

          • FC-A.2.2

            When the CBB replaced the BMA in September 2006, the provisions of this Module remained in force. Volume 4 was updated in July 2007 to reflect the switch to the CBB; however, new calendar quarter dates were only issued where the update necessitated changes to actual requirements.

            Amended: January 2007

          • FC-A.2.3

            A list of recent changes made to this Module is detailed in the table below:

            Module Ref. Change Date Description of Changes
            FC-4.3.1 07/2006 Updated telephone number for the Director, Compliance Directorate.
            FC-A.1 01/2007 Updated to reflect new CBB Law: new Rule FC-A.1.4 introduced Categorising this Module as a Directive.
            FC-4.3.1 01/2007 Updated new e-mail address for the Compliance Directorate.
            FC-3.3.7 04/2008 Clarified to whom in the CBB, the reports required under Paragraph FC-3.3.1 should be submitted to.
            Table of Contents 07/2008 Added Supplementary Information Documents to Part B.
            FC-1.1.11 07/2010 Cross reference added.
            FC-1.2.1, FC-1.2.3, FC-1.2.5, FC-1.9, FC-3.1, FC-3.2.1, FC-3.3.7, FC-4.2.3 and FC-4.3.1 07/2010 Paragraphs amended.
            FC-1.6 and FC-1.7 07/2010 New sections added regarding enhanced CDD for charities, clubs and societies and “pooled funds'.
            FC-3.3 07/2010 Heading amended.
            FC-A.1.4 01/2011 Clarified legal basis.
            FC-1.6.4 01/2011 Corrected name of Compliance Directorate.
            FC-3.1.6 01/2011 Amended requirements for position of MLRO.
            FC-3.1.6 10/2011 Corrected minor typo to be in line with other Volumes of the CBB Rulebook.
            FC-3.3 10/2011 Amended Section to allow for CBB-approved consultancy firm to do required sample testing and report under Paragraph FC-3.3.1.
            FC-3.3.5 and FC-3.3.6 01/2012 Amended to reflect the addition of approved consultancy firm.
            FC 10/2014 Updated to reflect February 2012 update to FATF Recommendations.
            FC-1.1.11 10/2015 Clarified Rule for incomplete customer due diligence.
            FC-10.1.4 01/2016 Clarified Rule.
            FC-1.2.8 07/2016 Change made for consistency across CBB Rulebook.
            FC-1.5.1 07/2016 Aligned definition of PEPs as per FATF Recommendations.
            FC-1.5.4 07/2016 Definition of PEPs is already included in Glossary so this guidance paragraph was deleted.
            FC-4.2.3 07/2016 Updated instructions for STR.
            FC-1.2.9A 01/2017 Added guidance paragraph on CR printing
            FC-7.2.1AA 04/2017 Implementing and complying with the United Nations Security Council resolutions requirement.
            FC-1.1.2B 10/2017 Amended paragraph on CDD requirements.
            FC-1.2.7 10/2017 Amended paragraph.
            FC-1.2.8A 10/2017 Added new paragraph on legal entities or legal arrangements CDD.
            FC-2.2.10 — FC-2.2.11 10/2017 Amended paragraphs on On-going CDD and Transaction Monitoring
            FC-3.1.3A 10/2017 Added paragraph on combining MLRO or DMLRO position with any other position within the licensee.
            FC-B.2.4 01/2018 Amended paragraph.
            FC-1.8.1 01/2018 Amended paragraph.
            FC-1.10.1 01/2018 Deleted sub-paragraph.
            FC-4.2.6 01/2018 Amended paragraph.
            FC-7.1.4 01/2018 Amended paragraph.
            FC-7.2.2 01/2018 Deleted paragraph.
            FC-1.1.2 07/2018 Deleted sub-paragraph (a).
            FC-1.2.1 07/2018 Amended Paragraph deleting the threshold.
            FC-1.10.2 07/2018 Amended Paragraph.
            FC-1.10.3 07/2018 Deleted Paragraph.
            FC-1.10.9 07/2018 Deleted Paragraph.
            FC-1.10.1 01/2019 Amended references.
            FC-3.3.2 - FC-3.3.5 01/2019 Amended references.
            FC-3.3.7 01/2019 Amended references.
            FC-6.1.2 01/2019 Amended references.

        • Superseded Requirements

          Amended: January 2007

          • FC-A.2.4

            Prior to the introduction of this Module, the CBB had issued various regulatory instruments containing requirements covering different aspects of financial crime. These requirements were consolidated and updated into a comprehensive financial crime regulation, issued in January 2006 to all non-bank and non-insurance licensees (including investment firm licensees, except those licensed as Bahrain Stock Exchange brokers). In turn, this new consolidated regulation was transposed, with no major changes, into the initial version of this Module. This and other instruments replaced by this Module are listed below:

            Document Ref. Date of Issue Module Ref.
            (Version 01)
            Document Subject
            BC/17/97 10 Nov 1997 FC-B.1 Money Laundering
            OG/308/89 14 Oct 1989 FC-B.1 Money Laundering
            EDBC/6/01 14 Oct 2001 FC-1, FC-4 to FC-7 Re: Money Laundering Module
            BC/1/02 27 Jan 2002 FC-3 FATF Special Recommendations on Terrorism Financing
            BC/3/00 5 Mar 2000 FC-1.5 Re: Accounts for Charity Organisations
            Resolution No 1 31 Dec 2003 FC-1, FC-2, FC-4 to FC-7 Money Laundering (NB This Module replaces Resolution No. 1 with respect to BSE brokers, custodians and registrars only: Resolution No. 1, as amended, continues to apply to the BSE and issuers of securities.)
            FIS/C/001/2006 2 Jan 2006 FC-A to FC-10 New Financial Crime Regulation
            Amended: January 2007

          • FC-A.2.5

            Guidance on the implementation and transition to Volume 4 (Investment Business) is given in Module ES (Executive Summary).

            Amended: July 2010

    • FC-B Scope of Application

      • FC-B.1 License Categories

        • FC-B.1.1

          This Module applies to all categories of investment firm licensees (i.e. categories 1, 2 and 3). Category 3 investment firms are exempt from Chapter FC-10, however.

        • FC-B.1.2

          This Module applies to all investment firm licensees, irrespective of whether they are a Bahraini investment firm licensee or an overseas investment firm licensee operating in Bahrain as a branch. Overseas investment firm licensees, and Bahraini investment firm licensees that are subsidiaries of an overseas-based group, may apply additional AML/CFT policies and procedures, provided they satisfy the minimum requirements contained in this Module.

          Amended: July 2007

        • FC-B.1.3

          Category 3 investment firms are exempt from Chapter FC-10 because of the limited nature of their business.

        • FC-B.1.4

          The scope provided for simplified customer due diligence requirements — as set out in Section FC-1.8 — will reduce the burden of customer due diligence for many investment firm licensees.

        • FC-B.1.5

          The requirements of this Module are in addition to and supplement Decree Law No. (4) of 2001 with respect to the prevention and prohibition of the laundering of money; this Law was subsequently updated, with the issuance of Decree Law No. 54 of 2006 with respect to amending certain provisions of Decree No. 4 of 2001 (collectively, ‘the AML Law’). The AML Law imposes obligations generally in relation to the prevention of money laundering and the combating of the financing of terrorism, to all persons resident in Bahrain (including financial services firms such as investment firm licensees). All investment firm licensees are therefore under the statutory obligations of that Law, in addition to the more specific requirements contained in this Module. Nothing in this Module is intended to restrict the application of the AML Law (a copy of which is contained in Part B of Volume 4 (Investment Business), under 'Supplementary Information'). Also included in Part B is a copy of Decree Law No. 58 of 2006 with respect to the protection of society from terrorism activities (‘the anti-terrorism law’).

          Amended: January 2007

      • FC-B.2 Overseas Subsidiaries and Branches

        • FC-B.2.1

          Investment firm licensees must apply the requirements in this Module to all their branches and subsidiaries operating both in the Kingdom of Bahrain and in foreign jurisdictions. Where local standards differ, the higher standard must be followed. Investment firm licensees must pay particular attention to procedures in branches or subsidiaries in countries that do not or insufficiently apply the FATF Recommendations and do not have adequate AML/CFT systems (see also Section FC-7.1).

          Amended: October 2014

        • FC-B.2.2

          Where another jurisdiction's laws or Regulations prevent a licensee (or any of its foreign branches or subsidiaries) from applying the same standards contained in this Module or higher, the licensee must immediately inform the CBB in writing.

          Amended: January 2007

        • FC-B.2.3

          In such instances, the CBB will review alternatives with the licensee. Should the CBB and the licensee be unable to reach agreement on the satisfactory implementation of this Module in a foreign subsidiary or branch, the licensee may be required by the CBB to cease the operations of the subsidiary or branch in the foreign jurisdiction in question.

          Amended: January 2007

        • FC-B.2.4

          Financial groups (e.g. an investment firm with its subsidiary) must implement groupwide programmes against money laundering and terrorist financing, including policies and procedures for sharing information within the group for AML/CFT purposes, which must also be applicable, and appropriate to, all branches and subsidiaries of the financial group. These must include:

          (a) The development of internal policies, procedures and controls, including appropriate compliance management arrangements, and adequate screening procedures to ensure high standards when hiring employees;
          (b) An ongoing employee training programme;
          (c) An independent audit function to test the system;
          (d) Policies and procedures for sharing information required for the purposes of CDD and money laundering and terrorist financing risk management;
          (e) The provision at group-level compliance, audit, and/or AML/CFT functions of customer, account and transaction information from branches and subsidiaries when necessary for AML/CFT purposes; and
          (f) Adequate safeguards on the confidentiality and use of information exchanged.
          Amended: January 2018
          Added: October 2014

    • FC-1 Customer Due Diligence

      • FC-1.1 General Requirements

        • Verification of Identity and Source of Funds

          • FC-1.1.1

            Investment firm licensees must establish effective systematic internal procedures for establishing and verifying the identity of their customers and the source of their funds. Such procedures must be set out in writing and approved by the investment firm licensee's Board of Directors and senior management (as applicable) and must be strictly adhered to.

            Amended: October 2014

          • FC-1.1.2

            Investment firm licensees must implement the customer due diligence measures outlined in Chapter FC-1 when:

            (a) [This Sub-paragraph was deleted in July 2018];
            (b) Establishing business relations with a new or existing customer;
            (c) A change to the signatory or beneficiary of an existing account or business relationship is made;
            (d) Customer documentation standards change substantially;
            (e) The licensee has doubts about the veracity or adequacy of previously obtained customer due diligence information;
            (f) A significant transaction takes place;
            (g) There is a material change in the way that an account is operated or in the manner in which the business relationship is conducted; or
            (h) There is a suspicion of money laundering or terrorist financing.
            Amended: July 2018
            Amended: January 2007

          • FC-1.1.2A

            Investment firm licensees must understand, and as appropriate, obtain information on the purpose and intended nature of the business relationship.

            Added: October 2014

          • FC-1.1.2B

            Investment firm licensees must conduct ongoing due diligence on the business relationship, including;

            (a) Scrutinizing transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution's knowledge of the customer, their business and risk profile, including, where necessary, the source of funds; and
            (b) Ensuring that documents, data and information collected under the CDD process is kept up-to-date and relevant, by undertaking reviews of existing records, particularly for higher risk categories of customers.
            Amended: October 2017
            Added: October 2014

          • FC-1.1.3

            For the purposes of this Module, 'customer' includes counterparties such as financial markets counterparties, except where financial institutions are acting as principals where simplified due diligence measures may apply. These simplified measures are set out in Section FC-1.8.

            Amended: January 2007

          • FC-1.1.4

            The CBB's specific minimum standards to be followed with respect to verifying customer identity and source of funds are contained in Section FC-1.2, with further explanations provided in Guidance Notes (see Supplementary Information, item FC-(v), in Part B of Volume 4). Enhanced requirements apply under certain high-risk situations: these requirements are contained in Sections FC-1.3 to FC-1.5 inclusive. Additional requirements apply where a licensee is relying on a professional intermediary to perform certain parts of the customer due diligence process: these are detailed in Section FC-1.6. Simplified customer due diligence measures may apply in defined circumstances: these are set out in Section FC-1.8.

            Amended: January 2007

        • Verification of Third Parties

          • FC-1.1.5

            Investment firm licensees must obtain a signed statement from all new customers (or for one-off transactions above the BD 6,000 threshold) confirming whether or not the customer is acting on their own behalf or not. This undertaking must be obtained prior to conducting any transactions with the customer concerned.

          • FC-1.1.6

            Where a customer is acting on behalf of a third party, the licensee must also obtain a signed statement from the third party, confirming they have given authority to the customer to act on their behalf. Where the third party is a legal person, the licensee must have sight of the original Board resolution (or other applicable document) authorising the customer to act on the third party's behalf, and retain a certified copy.

          • FC-1.1.7

            Investment firm licensees must establish and verify the identity of the customer and (where applicable) the party/parties on whose behalf the customer is acting, including the Beneficial Owner of the funds. Verification must take place in accordance with the requirements specified in this Chapter.

          • FC-1.1.8

            Where financial services are provided to a minor or other person lacking full legal capacity, the normal identification procedures as set out in this Chapter must be followed. In the case of minors, investment firm licensees must additionally verify the identity of the parent(s) or legal guardian(s). Where a third party on behalf of a person lacking full legal capacity wishes to open business relations, the licensee must establish the identity of that third party as well as the person conducting the business.

            Amended: January 2007

        • Anonymous and Nominee Accounts

          • FC-1.1.9

            Investment firm licensees must not establish or keep anonymous accounts or accounts in fictitious names. Where investment firm licensees maintain a nominee account, which is controlled by or held for the benefit of another person, the identity of that person must be disclosed to the licensee and verified by it in accordance with the requirements specified in this Chapter.

        • Timing of Verification

          • FC-1.1.10

            Investment firm licensees must not commence a business relationship or undertake an occasional transaction (above the threshold) with a customer before completion of the relevant customer due diligence ('CDD') measures specified in Chapter FC-1. However, verification may be completed after receipt of funds in the case of non face-to-face business, or the subsequent submission of CDD documents by the customer after initial face-to-face contact, providing that no disbursement of funds takes place until after the requirements of this Chapter have been fully met.

        • Incomplete Customer Due Diligence

          • FC-1.1.11

            Where a licensee is unable to comply with the requirements specified in Chapter FC-1, it must consider whether to terminate the relationship or not proceed with the transaction. If funds have been received, these must be returned to the counterparty in the same method as originally received. If it proceeds with the transaction (to avoid tipping off the customer), it should additionally consider whether it should file a suspicious transaction report (STR).

            Amended: October 2015
            Amended: July 2010

          • FC-1.1.12

            See also Chapter FC-4, which covers the filing of suspicious transaction reports. Regarding the return of funds to the counterparty, if funds are received in cash, funds should be returned in cash. If funds are received by wire transfer, they should be returned by wire transfer.

            Amended: October 2014

        • [Deleted]

          • FC-1.1.13

            [This Paragraph was deleted in October 2014.]

            Deleted: October 2014

          • FC-1.1.14

            [This Paragraph was deleted in October 2014.]

            Deleted: October 2014

      • FC-1.2 Face-to-face Business

        • Natural Persons

          • FC-1.2.1

            If the customer is a natural person, investment firm licensees must obtain and record the following information (in hard copy or electronic form), before providing financial services of any kind:

            (a) Full legal name and any other names used;
            (b) Full permanent address (i.e. the residential address of the customer; a post office box is insufficient);
            (c) Date and place of birth;
            (d) Nationality;
            (e) Passport number (if the customer is a passport holder);
            (f) CPR or residency permit number (for residents of Bahrain or GCC states);
            (g) Telephone/fax number and email address (where applicable);
            (h) Occupation or public position held (where applicable);
            (i) Employer's name and address (if self-employed, the nature of the self-employment);
            (j) Type of account, and nature and volume of anticipated business dealings with the licensee;
            (k) Signature of the customer(s); and
            (l) Source of funds.
            Amended: July 2018
            Amended: July 2010
            Amended: January 2007

          • FC-1.2.2

            See the Guidance Notes (filed under Supplementary Information in Part B of Volume 4) for further information on source of funds (FC-1.2.1(1)) and CDD requirements for Bahrain residents (FC-1.2.1(c) & (f)).

          • FC-1.2.3

            Investment firm licensees must verify the information in Paragraph FC-1.2.1(a) to (f), by the following methods below; at least one of the copies of the identification documents mentioned in (a) and (b) below must include a clear photograph of the customer:

            (a) Confirmation of the date of birth and legal name, by taking a copy of a current valid official original identification document (e.g. birth certificate, passport, CPR or residency permit);
            (b) Confirmation of the permanent residential address by taking a copy of a recent utility bill, bank statement or similar statement from another licensee or financial institution, or some form of official correspondence or official documentation card, such as CPR, from a public/governmental authority, or a tenancy agreement or record of home visit by an official of the licensee; and
            (c) Where appropriate, direct contact with the customer by phone, letter or email to confirm relevant information, such as residential address information.
            Amended: July 2010
            Amended: January 2007

          • FC-1.2.4

            Any document copied for the purpose of identification verification must be an original. An authorised official of the licensee must certify the copy, by writing on it the words 'original sighted', together with the date and his signature. Equivalent measures must be taken for electronic copies.

            Amended: January 2007

          • FC-1.2.5

            Identity documents which are not obtained by an authorised official of the licensee in original form (e.g. due to a customer sending a copy by post following an initial meeting) must instead be certified (as per FC-1.2.4) by one of the following from a GCC or FATF member state:

            (a) A lawyer;
            (b) A notary;
            (c) A chartered/certified accountant;
            (d) An official of a government ministry;
            (e) An official of an embassy or consulate; or
            (f) An official of another licensed financial institution or of a licensed associate company of the licensee.
            Amended: July 2010
            Amended: January 2007

          • FC-1.2.6

            The individual making the certification under FC-1.2.5 must give clear contact details (e.g. by attaching a business card or company stamp). The licensee must verify the identity of the person providing the certification through checking membership of a professional organisation (for lawyers or accountants), or through checking against databases/websites, or by direct phone or email contact.

            Amended: January 2007

        • Legal Entities or Legal Arrangements (such as trusts)

          • FC-1.2.7

            If the customer is a legal entity or a legal arrangement such as a trust, the licensee must obtain and record the following information from original identification documents, databases or websites, in hard copy or electronic form, to identify the customer and to take reasonable measures to verify its identity, legal existence and structure:

            (a) The entity's full name and other trading names used;
            (b) Registration number (or equivalent);
            (c) Legal form and proof of existence;
            (d) Registered address and trading address (where applicable);
            (e) Type of business activity;
            (f) Date and place of incorporation or establishment;
            (g) Telephone, fax number and email address;
            (h) Regulatory body or listing body (for regulated activities such as financial services and listed companies);
            (hh) The names of the relevant persons having a senior management position in the legal entity or legal arrangement;
            (i) Name of external auditor (where applicable);
            (j) Type of account, and nature and volume of anticipated business dealings with the licensee; and
            (k) Source of funds.
            Amended: October 2017
            Amended: January 2007

          • FC-1.2.8

            The information provided under FC-1.2.7 must be verified by obtaining certified copies of the following documents, as applicable (depending on the legal form of the entity):

            (a) Certificate of incorporation and/or certificate of commercial registration or trust deed;
            (b) Memorandum of association;
            (c) Articles of association;
            (d) Partnership agreement;
            (e) Board resolution seeking the financial services (only necessary in the case of private or unlisted companies);
            (f) Identification documentation of the authorised signatories of the account (certification not necessary for companies listed in a GCC/FATF state);
            (g) Copy of the latest financial report and accounts, audited where possible (audited copies do not need to be certified); and
            (h) List of persons authorised to do business on behalf of the company and in the case of the opening of an account, a Board resolution (or other applicable document) authorising the named persons to operate the account (resolution only necessary for private or unlisted companies).
            Amended: July 2016
            Amended: January 2007

          • FC-1.2.8A

            For customers that are legal persons, Investment firm licensees must identify and take reasonable measures to verify the identity of beneficial owners through the following information:

            (a) The identity of the natural person(s) who ultimately have a controlling ownership interest in a legal person, and
            (b) To the extent that there is doubt under (a) as to whether the person(s) with the controlling ownership interest is the beneficial owner(s), or where no natural person exerts control of the legal person or arrangement through other means; and
            (c) Where no natural person is identified under (a) or (b) above, the identity of the relevant natural person who holds the position of senior managing official.
            Added: October 2017

          • FC-1.2.9

            Documents obtained to satisfy the requirements in Paragraph FC-1.2.8 above must be certified in the manner specified in Paragraphs FC-1.2.4 to FC-1.2.6.

            Amended: January 2007

          • FC-1.2.9A

            For the purpose of Paragraph FC-1.2.8(a), the requirement to obtain a certified copy of the commercial registration, may be satisfied by obtaining a commercial registration abstract printed directly from the Ministry of Industry, Commerce and Tourism's website, through "SIJILAT Commercial Registration Portal".

            Added: January 2017

          • FC-1.2.10

            The documentary requirements in Paragraph FC-1.2.8 above do not apply in the case of listed companies: see Section FC-1.8 below. Also, the documents listed in Paragraph FC-1.2.8 above are not exhaustive: for customers from overseas jurisdictions, documents of an equivalent nature may be produced as satisfactory evidence of a customer's identity.

            Amended: January 2007

          • FC-1.2.11

            Investment firm licensees must also obtain and document the following due diligence information. These due diligence requirements must be incorporated in the licensee's new business procedures:

            (a) Enquire as to the structure of the legal entity or trust sufficient to determine and verify the identity of the ultimate beneficial owner of the funds, the ultimate provider of funds (if different), and the ultimate controller of the funds (if different);
            (b) Ascertain whether the legal entity has been or is in the process of being wound up, dissolved, struck off or terminated;
            (c) Obtain the names, country of residence and nationality of Directors or partners (only necessary for private or unlisted companies);
            (d) Require, through new customer documentation or other transparent means, updates on significant changes to corporate ownership and/or legal structure;
            (e) Obtain and verify the identity of shareholders holding 20% or more of the issued capital (where applicable). The requirement to verify the identity of these shareholders does not apply in the case of listed companies;
            (f) In the case of trusts or similar arrangements, establish the identity of the settlor(s), trustee(s), and beneficiaries (including making such reasonable enquiries as to ascertain the identity of any other potential beneficiary, in addition to the named beneficiaries of the trust); and
            (g) Where a licensee has reasonable grounds for questioning the authenticity of the information supplied by a customer, conduct additional due diligence to confirm the above information.
            Amended: January 2007

          • FC-1.2.12

            For the purposes of Paragraph FC-1.2.11, acceptable means of undertaking such due diligence might include taking bank references; visiting or contacting the company by telephone; undertaking a company search or other commercial enquiries; accessing public and private databases (such as stock exchange lists); making enquiries through a business information service or credit bureau; confirming a company's status with an appropriate legal or accounting firm; or undertaking other enquiries that are commercially reasonable.

            Amended: January 2007

          • FC-1.2.13

            In cases where an investment firm licensee is providing investment management services to a regulated mutual fund, and is not responsible for receiving investors' funds being paid into the fund, it may limit its CDD to confirming that the administrator of the fund is subject to FATF-equivalent customer due diligence measures (see FC-1.6 for applicable measures). Where there are reasonable grounds for believing that investors' funds being paid into the fund are not being adequately verified by the administrator, then the investment firm licensee should consider terminating its relationship with the fund.

            Amended: January 2007

      • FC-1.3 Enhanced Customer Due Diligence: General Requirements

        • FC-1.3.1

          Enhanced customer due diligence must be performed on those customers identified as having a higher risk profile, and additional inquiries made or information obtained in respect of those customers.

        • FC-1.3.2

          The additional information referred to in Paragraph FC-1.3.1 might include documents (either in hard copy or electronic format) relating to the following:

          (a) Evidence of a person's permanent address through the use of a credit reference agency search or through independent verification by home visit;
          (b) A personal reference (e.g. by an existing customer of the licensee);
          (c) Another licensed entity's reference and contact with the concerned licensee regarding the customer;
          (d) Documentation outlining the customer's source of wealth;
          (e) Documentation outlining the customer's source of income; and
          (f) Independent verification of employment, or public position held.
          Amended: January 2007

        • FC-1.3.3

          In addition to the general Rule contained in Paragraph FC-1.3.1 above, special care is required in the circumstances specified in Sections FC-1.4 to FC-1.7 inclusive.

          Amended: January 2007

      • FC-1.4 Enhanced Customer Due Diligence: Non face-to-face Business and New Technologies

        • FC-1.4.1

          Investment firm licensees must establish specific procedures for verifying customer identity where no face-to-face contact takes place.

        • FC-1.4.2

          Where no face-to-face contact takes place, investment firm licensees must take additional measures (to those specified in Section FC-1.2), in order to mitigate the potentially higher risk associated with such business. In particular, investment firm licensees must take measures:

          (a) To ensure that the customer is the person they claim to be; and
          (b) To ensure that the address provided is genuinely the customer's.
          Amended: January 2007

        • FC-1.4.3

          There are a number of checks that can provide a licensee with a reasonable degree of assurance as to the authenticity of the applicant. They include:

          (a) Telephone contact with the applicant on an independently verified home or business number;
          (b) With the customer's consent, contacting an employer to confirm employment, via phone through a listed number or in writing; and
          (c) Salary details appearing on recent bank statements.
          Amended: January 2007

        • FC-1.4.4

          Financial services provided via post, telephone or internet pose greater challenges for customer identification and AML/CFT purposes. Investment firm licensees must establish procedures to prevent the misuse of technological developments in money laundering or terrorist financing schemes. Investment firm licensees must also ensure that they comply with any e-commerce laws and/or CBB Modules issued from time to time.

          Amended: January 2007

        • FC-1.4.5

          Investment firm licensees must identify and assess the money laundering or terrorist financing risks that may arise in relation to:

          (a) The development of new products and new business practices, including new delivery mechanisms; and
          (b) The use of new or developing technologies for both new and pre-existing products.
          Added: October 2014

        • FC-1.4.6

          For purposes of Paragraph FC-1.4.5, such a risk assessment must take place prior to the launch of the new products, business practices or the use of new or developing technologies. Investment firm licensees must take appropriate measures to manage and mitigate those risks.

          Added: October 2014

      • FC-1.5 Enhanced Customer Due Diligence: Politically Exposed Persons ('PEPs')

        • FC-1.5.1

          Investment firm licensees must have appropriate risk management systems to determine whether a customer or beneficial owner is a Politically Exposed Person ('PEP'), both at the time of establishing business relations and thereafter on a periodic basis. Investment firm licensees must utilise publicly available databases and information to establish whether a customer is a PEP.

          Amended: July 2016
          Amended: October 2014
          January 2007

        • FC-1.5.2

          Investment firm licensees must establish a client acceptance policy with regard to PEPs, taking into account the reputational and other risks involved. Senior management approval must be obtained before a PEP is accepted as a customer.

          Amended: January 2007

        • FC-1.5.3

          Where an existing customer is a PEP, or subsequently becomes a PEP, enhanced monitoring and customer due diligence measures must include:

          (a) Analysis of complex financial structures, including trusts, foundations or international business corporations;
          (b) A written record in the customer file to establish that reasonable measures have been taken to establish both the source of wealth and the source of funds;
          (c) Development of a profile of anticipated customer activity, to be used in on-going monitoring;
          (d) Approval of senior management for allowing the customer relationship to continue; and
          (e) On-going account monitoring of the PEP's account by senior management (such as the MLRO).
          Amended: January 2007

        • FC-1.5.3A

          In cases of higher risk business relationships with such persons, mentioned in Paragraph FC-1.5.1, investment firm licensees must apply the measures referred to in (b), (d) and (e) of Paragraph FC-1.5.3.

          Added: October 2014

        • FC-1.5.3B

          The requirements for all types of PEP must also apply to family or close associates of such PEPs.

          Added: October 2014

        • FC-1.5.3C

          For the purpose of Paragraph FC-1.5.3B, 'family' means spouse, father, mother, sons, daughters, sisters and brothers. 'Associates' are persons associated with a PEP whether such association is due to the person being an employee or partner of the PEP or of a firm represented or owned by the PEP, or family links or otherwise.

          Added: October 2014

        • FC-1.5.4

          [This Paragraph was deleted in July 2016 as definition is included under Part B in the Glossary.]

          Deleted: July 2016
          Amended: October 2014
          January 2007

      • FC-1.6 Enhanced Due Diligence: Charities, Clubs and Other Societies

        • FC-1.6.1

          Financial services must not be provided to charitable funds and religious, sporting, social, cooperative, professional and other societies, until an original certificate authenticated by the relevant Ministry confirming the identities of those purporting to act on their behalf (and authorising them to obtain the said service) has been obtained. For Clubs and Societies registered with the General Organisation for Youth and Sports (GOYS), licensees must contact GOYS to clarify whether the account may be opened in accordance with the rules of GOYS.

          Amended: October 2014
          Adopted: July 2010

        • FC-1.6.2

          Investment firm licensees are reminded that clubs and societies registered with GOYS may only have one account with banks in Bahrain.

          Adopted: July 2010

        • FC-1.6.3

          Charities should be subject to enhanced transaction monitoring by licensees. Investment firm licensees should develop a profile of anticipated account activity (in terms of payee countries and recipient organisations in particular).

          Adopted: July 2010

        • FC-1.6.4

          Investment firm licensees must provide a monthly report of all payments and transfers of BD3,000 (or equivalent in foreign currencies) and above, from accounts held by charities registered in Bahrain. The report must be submitted to the CBB's Compliance Directorate (see FC-4.3 for contact address), giving details of the amount transferred, account name, number and beneficiary name account and bank details. Investment firm licensees must ensure that such transfers are in accordance with the spending plans of the charity (in terms of amount, recipient and country).

          Amended: January 2011
          Adopted: July 2010

      • FC-1.7 Enhanced Due Diligence: 'Pooled Funds'

        • FC-1.7.1

          Where investment firm licensees receive pooled funds managed by professional intermediaries (such as investment and pension fund managers, stockbrokers and lawyers or authorised money transferors), they must apply CDD measures contained in Section FC-1.8 to the professional intermediary. In addition, investment firm licensees must verify the identity of the beneficial owners of the funds where required as shown in Paragraphs FC-1.7.2 or FC-1.7.3 below.

          Adopted: July 2010

        • FC-1.7.2

          Where funds pooled in an account are not co-mingled (i.e. where there are 'sub-accounts' attributable to each beneficiary), all beneficial owners must be identified by the investment firm licensee, and their identity verified in accordance with the requirements in Section FC-1.2.

          Adopted: July 2010

        • FC-1.7.3

          For accounts held by intermediaries resident in Bahrain, where such funds are co-mingled, the investment firm licensee must make a reasonable effort (in the context of the nature and amount of the funds received) to look beyond the intermediary and determine the identity of the beneficial owners or underlying clients, particularly where funds are banked and then transferred onward to other financial institutions (e.g. in the case of accounts held on behalf of authorised money transferors). Where, however, the intermediary is subject to equivalent regulatory and money laundering regulation and procedures (and, in particular, is subject to the same due diligence standards in respect of its client base) the CBB will not insist upon all beneficial owners being identified provided the licensee has undertaken reasonable measures to determine that the intermediary has engaged in a sound customer due diligence process, consistent with the requirements in Section FC-1.8

          Adopted: July 2010

        • FC-1.7.4

          For accounts held by intermediaries from foreign jurisdictions, the intermediary must be subject to requirements to combat money laundering and terrorist financing consistent with the FATF Recommendations and the intermediary must be supervised for compliance with those requirements. The licensee must obtain documentary evidence to support the case for not carrying out customer due diligence measures beyond identifying the intermediary. The licensee must satisfy itself that the intermediary has identified the underlying beneficiaries and has the systems and controls to allocate the assets in the pooled accounts to the relevant beneficiaries. The due diligence process contained in Section FC-1.8 must be followed.

          Amended: October 2014
          Adopted: July 2010

        • FC-1.7.5

          Where the intermediary is not empowered to provide the required information on beneficial owners (e.g. lawyers bound by professional confidentiality rules) or where the intermediary is not subject to the same due diligence standards referred to above, a licensee must not permit the intermediary to open an account or allow the account to continue to operate, unless specific permission has been obtained in writing from the CBB.

          Adopted: July 2010

      • FC-1.8 Introduced Business from Professional Intermediaries

        • FC-1.8.1

          A licensee may only accept customers introduced to it by other financial institutions or intermediaries, if it has satisfied itself that the introducer concerned is subject to FATF-equivalent measures and customer due diligence measures. Where investment firm licensees delegate part of the customer due diligence measures to an introducer, the responsibility for meeting the requirements of Chapters 1 and 2 remains with the licensee, not the introducer.

          Amended: January 2018
          Amended: July 2010

        • FC-1.8.2

          Investment firm licensees may only accept introduced business if all of the following conditions are satisfied:

          (a) The customer due diligence measures applied by the introducer are consistent with those required by the FATF Recommendations;
          (b) A formal agreement is in place defining the respective roles of the licensee and the introducer in relation to customer due diligence measures. The agreement must specify that the customer due diligence measures of the introducer will comply with the FATF Recommendations;
          (c) The introducer immediately provides all necessary information required in Paragraphs FC-1.2.1 or FC-1.2.7 and FC-1.1.2A pertaining to the customer's identity, the identity of the customer and beneficial owner of the funds (where different), the purpose of relationship and, where applicable, the party/parties on whose behalf the customer is acting; also, the introducer has confirmed that the licensee will be allowed to verify the customer due diligence measures undertaken by the introducer at any stage; and
          (d) Written confirmation is provided by the introducer confirming that all customer due diligence measures required by the FATF Recommendations have been followed and the customer's identity established and verified. In addition, the confirmation must state that any identification documents or other customer due diligence material can be accessed by the licensee and that these documents will be kept for at least five years after the business relationship has ended.
          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

        • FC-1.8.3

          The licensee must perform periodic reviews ensuring that any introducer on which it relies is in compliance with the FATF Recommendations. Where the introducer is resident in another jurisdiction, the licensee must also perform periodic reviews to verify whether the jurisdiction is in compliance with the FATF Recommendations.

          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

        • FC-1.8.4

          Should the licensee not be satisfied that the introducer is in compliance with the requirements of the FATF Recommendations, the licensee must conduct its own customer due diligence on introduced business, or not accept further introductions, or discontinue the business relationship with the introducer.

          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

      • FC-1.9 Shell Banks

        • FC-1.9.1

          Investment firm licensees must not establish business relations with banks which have no physical presence or 'mind and management' in the jurisdiction in which they are licensed and which are unaffiliated with a regulated financial group ('shell banks'). Investment firm licensees must not knowingly establish relations with financial institutions that have relations with shell banks.

          Amended: July 2010
          Amended: January 2007

        • FC-1.9.2

          Investment firm licensees must make a suspicious transaction report to the Financial Intelligence Unit and the Compliance Directorate if they are approached by a shell bank or an institution they suspect of being a shell bank.

          Amended: July 2010

      • FC-1.10 Simplified Customer Due Diligence

        • FC-1.10.1

          Investment firm licensees may apply simplified customer due diligence measures, as described in Paragraphs FC-1.10.2 to FC-1.10.8, if:

          (a) [This Subparagraph was deleted in January 2018].<
          (b) The transaction concerns the sale of a security listed on the Bahrain Bourse ('BHB'), and issued as a result of an initial public offering after January 2006, and the customer already holds an investor number, an allotment letter and a valid BHB Form 2 in place. Furthermore, the BHB should have advised the broker (by circular) that all necessary customer due diligence information and copies of all original identification documents will be made available upon request without delay;
          (c) The customer is a company listed on a GCC or FATF member state stock exchange with equivalent disclosure standards to those of the BHB;
          (d) The customer is a financial institution whose entire operations are subject to AML/CFT requirements consistent with the FATF Recommendations and it is supervised by a financial services supervisor in a FATF or GCC member state for compliance with those requirements;
          (e) The customer is a financial institution which is a subsidiary of a financial institution located in a FATF or GCC member state, and the AML/CFT requirements applied to its parent also apply to the subsidiary;
          (f) The customer is the Bahrain Monetary Agency ('CBB'), the BHB or a licensee of the CBB; or
          (g) The customer is a Ministry of a Gulf Cooperation Council ('GCC') or Financial Action Task Force ('FATF') member state government, a company in which a GCC government is a majority shareholder, or a company established by decree in the GCC.
          Amended: January 2019
          Amended: January 2018
          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

        • FC-1.10.2

          For customers falling under category (b) in Paragraph FC-1.10.1, the customer's name and contact information must be recorded. However, the verification, certification and due diligence requirements (contained in Paragraphs FC-1.2.3, FC-1.2.5, FC-1.2.8, FC-1.2.9 and FC-1.2.11), may be dispensed with.

          Amended: July 2018
          Amended: July 2010

        • FC-1.10.3

          [This Paragraph was deleted in July 2018].

          Deleted: July 2018
          Amended: July 2010
          Amended: January 2007

        • FC-1.10.4

          For customers falling under categories (c) to (g) in Paragraph FC-1.10.1, the information required under Paragraph FC-1.2.1 (for natural persons) or FC-1.2.7 (for legal entities) must be obtained. However, the verification, certification and due diligence requirements (contained in Paragraphs FC-1.2.3, FC-1.2.5, FC-1.2.8, FC-1.2.9 and FC-1.2.11), may be dispensed with.

          Amended: July 2010

        • FC-1.10.5

          Investment firm licensees wishing to apply simplified due diligence measures as allowed for under categories (c) to (g) of Paragraph FC-1.10.1 must retain documentary evidence supporting their categorisation of the customer.

          Amended: July 2010
          Amended: January 2007

        • FC-1.10.6

          Examples of such documentary evidence may include a printout from a regulator's website, confirming the licensed status of an institution, and internal papers attesting to a review of the AML/CFT measures applied in a jurisdiction.

          Amended: July 2010

        • FC-1.10.7

          Investment firm licensees may use authenticated SWIFT messages as a basis for confirmation of the identity of a financial institution under FC-1.10.1(d) and (e) where it is dealing as principal. For customers coming under Paragraph FC-1.10.1(d) and (e), investment firm licensees must also obtain and retain a written statement from the parent institution of the subsidiary concerned, confirming that the subsidiary is subject to the same AML/CFT measures as its parent.

          Amended: July 2010

        • FC-1.10.8

          Simplified customer due diligence measures must not be applied where a licensee knows, suspects, or has reason to suspect, that the applicant is engaged in money laundering or terrorism financing or that the transaction is carried out on behalf of another person engaged in money laundering or terrorism financing.

          Amended: July 2010

        • FC-1.10.9

          [This Paragraph was deleted in July 2018].

          Deleted: July 2018
          Amended: July 2010

    • FC-2 AML/CFT Systems and Controls

      • FC-2.1 General Requirements

        • FC-2.1.1

          Investment firm licensees must implement programmes against money laundering and terrorist financing which establish and maintain appropriate systems and controls for compliance with the requirements of this Module and which limit their vulnerability to financial crime. These systems and controls must be documented, and approved and reviewed annually by the Board of the licensee. The documentation, and the Board's review and approval, must be made available upon request to the CBB.

          Amended: October 2014
          Amended: January 2007

        • FC-2.1.2

          The above systems and controls, and associated documented policies and procedures, should cover standards for customer acceptance, on-going monitoring of high-risk accounts, staff training and adequate screening procedures to ensure high standards when hiring employees.

      • FC-2.2 On-going Customer Due Diligence and Transaction Monitoring

        • Risk Based Monitoring

          • FC-2.2.1

            Investment firm licensees must develop risk-based monitoring systems appropriate to the complexity of their business, their number of clients and types of transactions. These systems must be configured to identify significant or abnormal transactions or patterns of activity. Such systems must include limits on the number, types or size of transactions undertaken outside expected norms; and must include limits for cash and non-cash transactions.

            Amended: January 2007

          • FC-2.2.2

            Investment firm licensees' risk-based monitoring systems should therefore be configured to help identify:

            (a) Transactions which do not appear to have a clear purpose or which make no obvious economic sense;
            (b) Significant or large transactions not consistent with the normal or expected behaviour of a customer; and
            (c) Unusual patterns of activity (relative to other customers of the same profile or of similar types of transactions, for instance because of differences in terms of volumes, transaction type, or flows to or from certain countries), or activity outside the expected or regular pattern of a customer's account activity.
            Amended: January 2007

          • Automated Transaction Monitoring

            • FC-2.2.3

              Investment firm licensees must consider the need to include automated transaction monitoring as part of their risk-based monitoring systems to spot abnormal or unusual flows of funds. In the absence of automated transaction monitoring systems, all transactions above BD 6,000 must be viewed as 'significant' and be captured in a daily transactions report for monitoring by the MLRO or a relevant delegated official, and records retained by the licensee for five years after the date of the transaction.

              Amended: January 2007

            • FC-2.2.4

              The CBB would expect larger investment firm licensees to include automated transaction monitoring as part of their risk-based monitoring systems. See also Chapters FC-3 and FC-6, regarding the responsibilities of the MLRO and record-keeping requirements. Where the investment firm licensee is not receiving funds — for instance where it is simply acting as agent on behalf of a principal, and the customer is directly remitting funds to the principal — then the investment firm licensee may agree with the principal that the latter should be responsible for the daily monitoring of such transactions.

              Amended: January 2007

          • Unusual Transactions or Customer Behaviour

            • FC-2.2.5

              Where a licensee's risk-based monitoring systems identify significant or abnormal transactions (as defined in FC-2.2.2 and FC-2.2.3), it must verify the source of funds for those transactions, particularly where the transactions are above the occasional transactions threshold of BD 6,000. Furthermore, investment firm licensees must examine the background and purpose to those transactions and document their findings. In the case of one-off transactions where there is no on-going account relationship, the licensee must file an STR if it is unable to verify the source of funds to its satisfaction (see Chapter FC-4).

              Amended: January 2007

            • FC-2.2.6

              The investigations required under Paragraph FC-2.2.5 must be carried out by the MLRO (or relevant delegated official). The documents relating to these findings must be maintained for five years from the date when the transaction was completed (see also FC-6.1.1(b)).

              Amended: January 2007

            • FC-2.2.7

              Investment firm licensees must consider instances where there is a significant, unexpected or unexplained change in customer activity.

            • FC-2.2.8

              When an existing customer closes one account and opens another, the licensee must review its customer identity information and update its records accordingly. Where the information available falls short of the requirements contained in Chapter FC-1, the missing or out of date information must be obtained and re-verified with the customer.

            • FC-2.2.9

              Once identification procedures have been satisfactorily completed and, as long as records concerning the customer are maintained in line with Chapters FC-1 and FC-6, no further evidence of identity is needed when transactions are subsequently undertaken within the expected level and type of activity for that customer, provided reasonably regular contact has been maintained between the parties and no doubts have arisen as to the customer's identity.

          • On-going Monitoring

            • FC-2.2.10

              Investment firm licensees must take reasonable steps to:

              (a) Scrutinize transactions undertaken throughout the course of that relationship to ensure that transactions being conducted are consistent with the investment firm licensee's knowledge of the customer, their business risk and risk profile; and
              (b) Ensure that they receive and maintain up-to-date and relevant copies of the identification documents specified in Chapter FC-1, by undertaking reviews of existing records, particularly for higher risk categories of customers Investment firm licensees must require all customers to provide up-to-date identification documents in their standard terms and conditions of business.
              Amended: October 2017

            • FC-2.2.11

              Investment firm licensees must review and update their customer due diligence information at least every three years, particularly for higher risk categories of customers. If, upon performing such a review, copies of identification documents are more than 12 months out of date, the licensee must take steps to obtain updated copies as soon as possible.

              Amended: October 2017

    • FC-3 Money Laundering Reporting Officer (MLRO)

      • FC-3.1 Appointment of MLRO

        • FC-3.1.1

          Investment firm licensees must appoint a Money Laundering reporting officer ("MLRO"). The position of MLRO is a controlled function and the MLRO is an approved person.

          Amended: January 2007

        • FC-3.1.1.A

          For details of CBB’s requirements regarding controlled functions and approved persons, see Section AU-1.2. Amongst other things, approved persons require CBB approval before being appointed, which is granted only if they are assessed as ‘fit and proper’ for the function in question. A completed Form 3 must accompany any request for CBB approval.

          Amended: January 2007

        • FC-3.1.2

          The position of MLRO must not be combined with functions that create potential conflicts of interest, such as an internal auditor or business line head. The position of MLRO may not be outsourced.

        • FC-3.1.3

          Subject to Paragraph FC-3.1.2, however, the position of MLRO may otherwise be combined with other functions in the licensee, such as that of Compliance Officer, in cases where the volume and geographical spread of the business is limited and, therefore, the demands of the function are not likely to require a full time resource.

          Amended: July 2010
          Amended: January 2007

        • FC-3.1.3A

          For purpose of Paragraphs FC-3.1.2 and FC-3.1.3 above, Investment firm licensees must clearly state in the Application for Approved Person Status — Form 3 — when combining the MLRO or DMLRO position with any other position within the Investment firm licensee.

          Added: October 2017

        • FC-3.1.4

          Investment firm licensees must appoint at least one deputy MLRO (or more depending on the scale and complexity of the licensee’s operations). The deputy MLRO must be resident in Bahrain unless otherwise agreed with the CBB.

          Amended: January 2007

        • FC-3.1.5

          Investment firm licensees should note that although the MLRO may delegate some of his functions, either to other employees of the licensee, or even (in the case of larger groups) to individuals performing similar functions for other group entities, the responsibility for compliance with the requirements of this Module remains with the licensee and the designated MLRO. The deputy MLRO should be able to support the MLRO discharge his responsibilities and to deputise for him in his absence.

          Amended: January 2007

        • FC-3.1.6

          So that he can carry out his functions effectively, investment firm licensees must ensure that their MLRO:

          (a) Is a member of senior management of the licensee and has a sufficient level of seniority within the licensee, has the authority to act without interference from business line management and has direct access to the Board and senior management (where necessary);
          (b) [Subparagraph (b) combined with (a) in January 2011];
          (c) Has sufficient resources, including sufficient time and (if necessary) support staff, and has designated a replacement to carry out the function should the MLRO be unable to perform his duties;
          (d) Has unrestricted access to all transactional information relating to any financial services provided by the licensee to a customer, or any transactions conducted by the licensee on behalf of that customer;
          (e) Is provided with timely information needed to identify, analyse and effectively monitor customer accounts;
          (f) Has access to all customer due diligence information obtained by the licensee; and
          (g) Is resident in Bahrain.
          Amended: October 2011
          Amended: January 2011
          Amended: January 2007

        • FC-3.1.7

          In addition, investment firm licensees must ensure that their MLRO is able to:

          (a) Monitor the day-to-day operation of its policies and procedures relevant to this Module; and
          (b) Respond promptly to any reasonable request for information made by the Financial Intelligence Unit or the CBB.
          Amended: July 2010
          Amended: January 2007

        • FC-3.1.8

          If the position of MLRO falls vacant, the licensee must appoint a permanent replacement (after obtaining CBB approval), within 120 calendar days of the vacancy occurring. Pending the appointment of a permanent replacement, the licensee must make immediate interim arrangements (including the appointment of an acting MLRO) to ensure continuity in the MLRO function's performance. These interim arrangements must be approved by the CBB.

          Amended: January 2007

      • FC-3.2 Responsibilities of the MLRO

        • FC-3.2.1

          The MLRO is responsible for:

          (a) Establishing and maintaining the licensee's AML/CFT policies and procedures;
          (b) Ensuring that the licensee complies with the AML Law, any other applicable AML/CFT legislation and this Module;
          (c) Ensuring day-to-day compliance with the licensee's own internal AML/CFT policies and procedures;
          (d) Acting as the licensee's main point of contact in respect of handling internal suspicious transaction reports from the licensee's staff (refer to Section FC-4.1) and as the main contact for the Financial Intelligence Unit, the CBB and other concerned bodies regarding AML/CFT;
          (e) Making external suspicious transaction reports to the Financial Intelligence Unit and Compliance Directorate (refer to Section FC-4.2);
          (f) Taking reasonable steps to establish and maintain adequate arrangements for staff awareness and training on AML/CFT matters (whether internal or external), as per Chapter FC-5;
          (g) Producing annual reports on the effectiveness of the licensee's AML/CFT controls, for consideration by senior management, as per Paragraph FC-3.3.3;
          (h) On-going monitoring of what may, in his opinion, constitute high-risk customer accounts; and
          (i) Ensuring that the investment firm licensee maintains all necessary CDD, transactions, STR and staff training records for the required periods (refer to Section FC-6.1).
          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

      • FC-3.3 Compliance Monitoring

        • Annual Compliance Review

          • FC-3.3.1

            Investment firm licensees must take appropriate steps to identify and assess their money laundering and terrorist financing risks (for customers, countries or geographic areas; and products, services, transactions or delivery channels). They must document those assessments in order to be able to demonstrate their basis, keep these assessments up to date, and have appropriate mechanisms to provide risk assessment information to the CBB. The nature and extent of any assessment of money laundering and terrorist financing risks must be appropriate to the nature and size of the business.

            Added: October 2014

          • FC-3.3.1A

            Investment firm licensees should always understand their money laundering and terrorist financing risks, but the CBB may determine that individual documented risk assessments are not required, if the specific risks inherent to the sector are clearly identified and understood.

            Added: October 2014

          • FC-3.3.1B

            Investment firm licensees must review the effectiveness of its AML/CFT procedures, systems and controls at least once each calendar year. The review must cover the licensee and its branches and subsidiaries both inside and outside the Kingdom of Bahrain. The scope of the review must include:

            (a) A report, containing the number of internal reports made in accordance with Section FC-4.1, a breakdown of all the results of those internal reports and their outcomes for each segment of the licensee's business, and an analysis of whether controls or training need to be enhanced;
            (b) A report, indicating the number of external reports made in accordance with Section FC-4.2 and, where a licensee has made an internal report but not made an external report, noting why no external report was made;
            (c) A sample test of compliance with this Module's customer due diligence requirements; and
            (d) A report as to the quality of the licensee's anti-money laundering procedures, systems and controls, and compliance with the AML Law and this Module.
            Amended: October 2014
            Amended: January 2007

          • FC-3.3.2

            The reports listed under Paragraph FC-3.3.1B(a) and (b) must be made by the MLRO. The sample testing required under Paragraph FC-3.3.1B(c) must be undertaken either by the licensee's internal auditor, its external auditor or a consultancy firm approved by the CBB. The report required under Paragraph FC-3.3.1B(d) must be made by the licensee's external auditor or a consultancy firm approved by the CBB.

            Amended: January 2019
            Amended: October 2011

          • FC-3.3.2A

            In order for a consultancy firm to be approved by the CBB for the purposes of Paragraph FC-3.3.2, such firm should provide the CBB's Compliance Directorate with:

            (a) A sample AML/CFT report prepared for a financial institution;
            (b) A list of other AML/CFT related work undertaken by the firm;
            (c) A list of other audit/review assignments undertaken, specifying the nature of the work done, date and name of the licensee; and
            (d) An outline of any assignment conducted for or in cooperation with an international audit firm.
            Added: October 2011

          • FC-3.3.2B

            The firm should indicate which personnel (by name) will work on the report (including, where appropriate, which individual will be the team leader) and demonstrate that all such persons have appropriate qualifications in one of the following areas:

            (a) Audit;
            (b) Accounting;
            (c) Law; or
            (d) Banking/Finance.
            Added: October 2011

          • FC-3.3.2C

            At least two persons working on the report (one of whom would normally expected to be the team leader) should have:

            (a) A minimum of 5 years professional experience dealing with AML/CFT issues; and
            (b) Formal AML/CFT training.
            Added: October 2011

          • FC-3.3.2D

            Submission of a curriculum vitae for all personnel to be engaged on the report is encouraged for the purposes of evidencing the above requirements.

            Added: October 2011

          • FC-3.3.2E

            Upon receipt of the above required information, the CBB Compliance Directorate will assess the firm and communicate to it whether it meets the criteria required to be approved by the CBB for this purpose. The CBB may also request any other information it considers necessary in order to conduct the assessment.

            Added: October 2011

          • FC-3.3.3

            The reports listed under Paragraph FC-3.3.1B must be submitted to the licensee's Board, for it to review and commission any required remedial measures, and copied to the licensee's senior management.

            Amended: January 2019

          • FC-3.3.4

            The purpose of the annual compliance review is to assist a licensee's Board and senior management to assess, amongst other things, whether internal and external reports are being made (as required under Chapter FC-4), and whether the overall number of such reports (which may otherwise appear satisfactory) does not conceal inadequate reporting in a particular segment of the licensee's business (or, where relevant, in particular branches or subsidiaries). Investment firm licensees should use their judgement as to how the reports listed under Paragraph FC-3.3.1B(a) and (b) should be broken down in order to achieve this aim (e.g. by branches, departments, product lines, etc).

            Amended: January 2019

          • FC-3.3.5

            Investment firm licensees must instruct their appointed firm to produce the report referred to in Paragraph FC-3.3.1B(d). The report must be submitted to the CBB by the 30th of April of the following year. The findings of this review must be received and acted upon by the licensee.

            Amended: January 2019
            Amended: January 2012
            Amended: January 2007

          • FC-3.3.6

            The appointed firm may rely upon work performed by the licensee's internal audit function, as part of their procedures for producing the report referred to in Paragraph FC-3.3.5.

            Amended: January 2012

          • FC-3.3.7

            The four reports referred to in Paragraph FC-3.3.1B must be submitted to the Director, Compliance Directorate of the CBB by the 30th of April of each year.

            Amended: January 2019
            Amended: July 2010
            Amended: April 2008
            Amended: January 2007

    • FC-4 Suspicious Transaction Reporting

      • FC-4.1 Internal Reporting

        • FC-4.1.1

          Investment firm licensees must implement procedures to ensure that staff who handle customer business (or are managerially responsible for such staff) make a report promptly to the MLRO if they know or suspect that a customer (or a person on whose behalf a customer may be acting) is engaged in money laundering or terrorism financing, or if the transaction or the customer's conduct otherwise appears unusual or suspicious. These procedures must include arrangements for disciplining any member of staff who fails, without reasonable excuse, to make such a report.

        • FC-4.1.2

          Where investment firm licensees' internal processes provide for staff to consult with their line managers before sending a report to the MLRO, such processes must not be used to prevent reports reaching the MLRO, where staff have stated that they have knowledge or suspicion that a transaction may involve money laundering or terrorist financing.

      • FC-4.2 External Reporting

        • FC-4.2.1

          Investment firm licensees must take reasonable steps to ensure that all reports made under Section FC-4.1 are considered by the MLRO (or his duly authorised delegate). Having considered the report and any other relevant information, if the MLRO (or his duly authorised delegate) still suspects that a person has been engaged in money laundering or terrorism financing, or the activity concerned is otherwise still regarded as suspicious, he must report the fact promptly to the relevant authorities. Where no report is made, the MLRO must document the reasons why.

        • FC-4.2.2

          To take reasonable steps, as required under Paragraph FC-4.2.1, investment firm licensees must:

          (a) Require the MLRO to consider reports made under Section FC-4.1 in the light of all relevant information accessible to or reasonably obtainable by the MLRO;
          (b) Permit the MLRO to have access to any information, including know your customer information, in the licensee's possession which could be relevant; and
          (c) Ensure that where the MLRO, or his duly authorised delegate, suspects that a person has been engaged in money laundering or terrorist financing, a report is made by the MLRO which is not subject to the consent or approval of any other person.
          Amended: January 2007

        • FC-4.2.3

          Reports to the relevant authorities made under Paragraph FC-4.2.1 must be sent to the Financial Intelligence Unit at the Ministry of the Interior, and to the CBB's Compliance Directorate using the Suspicious Transaction Reporting Online System (Online STR system). STRs in paper format will not be accepted.

          Amended: July 2016
          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

        • FC-4.2.4

          Investment firm licensees must report all suspicious transactions or attempted transactions. This reporting requirement applies regardless of whether the transaction involves tax matters.

        • FC-4.2.5

          Investment firm licensees must retain all relevant details of STRs submitted to the relevant authorities, for at least five years.

        • FC-4.2.6

          In accordance with the AML Law, investment firm licensees, their Directors, officers and employees:

          (a) Must not warn or inform ('tipping off') their customers, the beneficial owner or other subjects of the STR when information relating to them is being reported to the relevant authorities; and
          (b) In cases where investment firm licensees form a suspicion that transactions relate to money laundering or terrorist financing, they must take into account the risk of tipping-off when performing the CDD process. If the investment firm licensee reasonably believes that performing the CDD process will tip-off the customer or potential customer, it may choose not to pursue that process, and must file an STR.
          Amended: January 2018
          Amended: January 2007

      • FC-4.3 Contacting the Relevant Authorities

        • FC-4.3.1

          Reports made by the MLRO or his duly authorised delegate under Section FC-4.2 must be sent electronically using the Suspicious Transaction Reporting Online System (Online STR system).

          Amended: October 2014
          Amended: July 2010
          Amended: January 2007

        • FC-4.3.2

          The relevant authorities are:
          Financial Intelligence Directorate (FID)
          General Directorate of Anti Corruption and Economic and Electronic Security
          Ministry of Interior
          P.O. Box 26698
          Manama, Kingdom of Bahrain
          Telephone: + 973 17 749397
          Fax: + 973 17 715502
          E-mail: bahrainfid@moipolice.bh

          Director of Compliance Directorate
          Central Bank of Bahrain
          P.O. Box 27
          Manama, Kingdom of Bahrain
          Telephone: 17 547107
          Fax: 17 535673
          E-mail: Compliance@cbb.gov.bh

          Added: October 2014

    • FC-5 Staff Training and Recruitment

      • FC-5.1 General Requirements

        • FC-5.1.1

          Investment firm licensees must take reasonable steps to provide periodic training and information to ensure that staff who handle customer transactions, or are managerially responsible for such transactions, are made aware of:

          (a) Their responsibilities under the AML Law, this Module, and any other relevant AML/CFT laws and Regulations;
          (b) The identity and responsibilities of the MLRO and his deputy;
          (c) The potential consequences, both individual and corporate, of any breach of the AML Law, this Module and any other relevant AML/CFT laws or Regulations;
          (d) The licensee's current AML/CFT policies and procedures;
          (e) Money laundering and terrorist financing typologies and trends;
          (f) The type of customer activity or transaction that may justify an internal report in accordance with Section FC-4.1;
          (g) The licensee's procedures for making an internal report as per Section FC-4.1; and
          (h) Customer due diligence measures with respect to establishing business relations with customers.
          Amended: January 2007

        • FC-5.1.2

          The information referred to in Paragraph FC-5.1.1 must be brought to the attention of relevant new employees of investment firm licensees, and must remain available for reference by staff during their period of employment.

          Amended: January 2007

        • FC-5.1.3

          Relevant new employees must be given AML/CFT training within three months of joining a licensee.

          Amended: January 2007

        • FC-5.1.4

          Investment firm licensees must ensure that their AML/CFT training for relevant staff remains up-to-date, and is appropriate given the licensee's activities and customer base.

          Amended: January 2007

        • FC-5.1.5

          The CBB would normally expect AML/CFT training to be provided to relevant staff at least once a year.

          Amended: January 2007

        • FC-5.1.6

          Investment firm licensees must develop adequate screening procedures to ensure high standards when hiring employees. These procedures must include controls to prevent criminals or their associates from being employed by investment firm licensees.

          Amended: January 2007

    • FC-6 Record-Keeping

      • FC-6.1 General Requirements

        • CDD and Transaction Records

          • FC-6.1.1

            Investment firm licensees must comply with the record-keeping requirements contained in the AML Law and in the CBB Law. Investment firm licensees must therefore retain adequate records (including accounting and identification records), for the following minimum periods:

            (a) For customers, in relation to evidence of identity and business relationship records (such as application forms, account files and business correspondence, including the results of any analysis undertaken (e.g. enquiries to establish the background and purpose of complex, unusual large transactions)), for at least five years after the customer relationship has ceased; and
            (b) For transactions, in relation to documents enabling a reconstitution of the transaction concerned, for at least five years after the transaction was completed.
            Amended: October 2014
            Amended: April 2008
            Amended: January 2007

        • Compliance Records

          • FC-6.1.2

            Investment firm licensees must retain copies of the reports produced for their annual compliance review, as specified in Paragraph FC-3.3.1B, for at least five years. Investment firm licensees must also maintain for 5 years reports made to, or by, the MLRO made in accordance with Sections FC-4.1 and FC-4.2, and records showing how these reports were dealt with and what action, if any, was taken as a consequence of those reports.

            Amended: January 2019
            Amended: January 2007

        • Training Records

          • FC-6.1.3

            Investment firm licensees must maintain for at least five years, records showing the dates when AML/CFT training was given, the nature of the training, and the names of the staff that received the training.

        • Access

          • FC-6.1.4

            All records required to be kept under this Section must be made available for prompt and swift access by the relevant authorities or other authorised persons.

    • FC-7 NCCT Measures and Terrorist Financing

      • FC-7.1 Special Measures for Non-Cooperative Countries or Territories ('NCCTs')

        • FC-7.1.1

          Investment firm licensees must give special attention to any dealings they may have with entities or persons domiciled in countries or territories which are:

          (a) Identified by the FATF as being 'non-cooperative'; or
          (b) Notified to investment firm licensees from time to time by the CBB.
          Amended: January 2007

        • FC-7.1.2

          Whenever transactions with such parties have no apparent economic or visible lawful purpose, their background and purpose must be re-examined and the findings documented. If suspicions remain about the transaction, these must be reported to the relevant authorities in accordance with Section FC-4.2.

        • FC-7.1.3

          Investment firm licensees must apply enhanced due diligence measures to business relationships and transactions with natural and legal persons, and financial institutions, from countries where such measures are called for by the FATF. The type of enhanced due diligence measures applied must be effective and proportionate to the risks.

          Added: October 2014

        • FC-7.1.4

          With regard to jurisdictions identified as NCCTs or those which in the opinion of the CBB, do not have adequate AML/CFT systems, the CBB reserves the right to:

          (a) Refuse the establishment of subsidiaries or branches or representative offices of financial institutions from such jurisdictions;
          (b) Limit business relationships or financial transactions with such jurisdictions or persons in those jurisdictions;
          (c) Prohibit financial institutions from relying on third parties located in such jurisdictions to conduct elements of the CDD process;
          (d) Require financial institutions to review and amend, or if necessary terminate, correspondent relationships with financial institutions in such jurisdictions;
          (e) Require increased supervisory examination and/or external audit requirements for branches and subsidiaries of financial institutions based in such jurisdictions; or
          (f) Require increased external audit requirements for financial groups with respect to any of their branches and subsidiaries located in such jurisdictions.
          Amended: January 2018
          Added: October 2014

      • FC-7.2 Terrorist Financing

        • FC-7.2.1AA

          Investment firm licensees must implement and comply with United Nations Security Council resolutions relating to the prevention and suppression of terrorism and terrorist financing. Investment firm licensees must freeze, without delay, the funds or other assets of, and to ensure that no funds or other assets are made available, directly or indirectly, to or for the benefit of, any person or entity either (i) designated by, or under the authority of, the United Nations Security Council under Chapter VII of the Charter of the United Nations, including in accordance with resolution 1267(1999) and its successor resolutions as well as Resolution 2178(2014) or (ii) designated as pursuant to Resolution 1373(2001).

          Added: April 2017

        • FC-7.2.1

          Investment firm licensees must comply in full with the provisions of the UN Security Council Anti-terrorism Resolution No. 1373 of 2001 ('UNSCR 1373').

        • FC-7.2.2

          [This Paragraph was deleted in January 2018].

          Deleted: January 2018
          Amended: January 2007

        • FC-7.2.3

          A copy of UNSCR 1373 is included in Part B of Volume 1 (Conventional Banks), under 'Supplementary Information' on the BMA Website.

        • FC-7.2.4

          Investment firm licensees must report to the CBB details of:

          (a) Funds or other financial assets or economic resources held with them which may be the subject of Article 1, paragraphs c) and d) of UNSCR 1373; and
          (b) All claims, whether actual or contingent, which the licensee has on persons and entities which may be the subject of Article 1, paragraphs c) and d) of UNSCR 1373.
          Amended: January 2007

        • FC-7.2.5

          For the purposes of Paragraph FC-7.2.4, 'funds or other financial resources' includes (but is not limited to) shares in any undertaking owned or controlled by the persons and entities referred to in Article 1, paragraph c) and d) of UNSCR 1373, and any associated dividends received by the licensee.

        • FC-7.2.6

          All reports or notifications under this Section must be made to the CBB's Compliance Directorate.

          Amended: January 2007

        • FC-7.2.7

          See Section FC-4.3 for the Compliance Directorate’s contact details.

          Amended: January 2007

      • FC-7.3 Designated Persons and Entities

        • FC-7.3.1

          Without prejudice to the general duty of all investment firm licensees to exercise the utmost care when dealing with persons or entities who might come under Article 1, paragraphs (c) and (d) of UNSCR 1373, investment firm licensees must not deal with any persons or entities designated by the CBB as potentially linked to terrorist activity.

          Amended: January 2007

        • FC-7.3.2

          The CBB from time to time issues to investment firm licensees lists of designated persons and entities believed linked to terrorism. Investment firm licensees are required to verify that they have no dealings with these designated persons and entities, and report back their findings to the CBB. Names designated by the CBB include persons and entities designated by the United Nations, under UN Security Council Resolution 1267 ('UNSCR 1267').

          Amended: January 2007

        • FC-7.3.3

          Investment firm licensees must report to the relevant authorities, using the procedures contained in Section FC-4.2, details of any accounts or other dealings with designated persons and entities, and comply with any subsequent directions issued by the relevant authorities.

    • FC-8 Enforcement Measures

      • FC-8.1 Regulatory Penalties

        • FC-8.1.1

          Without prejudice to any other penalty imposed by the CBB Law, the Decree Law No. 4 or the Penal Code of the Kingdom of Bahrain, failure by a licensee to comply with this Module or any direction given hereunder shall result in the levying by the CBB, without need of a court order and at the CBB's discretion, of a fine of up to BD 20,000.

          Amended: January 2007

        • FC-8.1.2

          Module EN provides further information on the assessment of financial penalties and the criteria taken into account prior to imposing such fines (see Paragraph EN-5.1.4). Other enforcement measures may also be applied by the CBB in response to a failure by a licensee to comply with this Module; these other measures are also set out in Module EN.

          Amended: January 2007

        • FC-8.1.3

          The CBB will endeavour to assist investment firm licensees to interpret and apply the requirements of this Module. Investment firm licensees may seek clarification on any issue by contacting the Compliance Directorate (see Section FC-4.3 for contact details).

          Amended: January 2007

        • FC-8.1.4

          Without prejudice to the CBB's general powers under the law, the CBB may amend, clarify or issue further directions on any provision of this Module from time to time, by notice to its investment firm licensees.

          Amended: January 2007

    • FC-9 AML/CFT Guidance and Best Practice

      • FC-9.1 Guidance provided by International Bodies

        • FATF Recommendations

          • FC-9.1.1

            The FATF Recommendations (see www.fatf-gafi.org) (together with their associated interpretative notes and best practices papers) issued by the Financial Action Task Force (FATF), provide the basic framework for combating money laundering activities and the financing of terrorism. FATF Recommendations 2, 9-12, 15, 17-21, 26-27, 33-35 and 40 and the AML/CFT Methodology are relevant to the investment business sector.

            Amended: October 2014

          • FC-9.1.2

            The relevant authorities in Bahrain believe that the principles established by these Recommendations should be followed by investment firm licensees in all material respects, as representing best practice and prudence in this area.

            Amended: October 2014

        • Other Website References Relevant to AML/CFT

          • FC-9.1.3

            The following lists a selection of other websites relevant to AML/CFT:

            (a) The Middle East North Africa Financial Action Task Force: www.menafatf.org;
            (b) The Egmont Group: www.egmontgroup.org;
            (c) The United Nations: www.un.org/terrorism;
            (d) The UN Counter-Terrorism Committee: www.un.org/Docs/sc/committees/1373/;
            (e) The UN list of designated individuals: www.un.org/Docs/sc/committees/1267/1267ListEng.htm;
            (f) The Wolfsberg Group: www.wolfsberg-principles.com; and
            (g) The Association of Certified Anti-Money Laundering Specialists: www.acams.org.
            Amended: October 2014
            Amended: January 2007

    • FC-10 Fraud

      • FC-10.1 General Requirements

        • FC-10.1.1

          The requirements of this Chapter apply to Category 1 investment firms and Category 2 investment firms only.

          Amended: July 2007

        • FC-10.1.2

          Investment firm licensees must ensure that they allocate appropriate resources and have in place systems and controls to deter, detect, and record instances of fraud or attempted fraud.

        • FC-10.1.3

          Fraud may arise from internal sources originating from changes or weaknesses to processes, products and internal systems and controls. Fraud can also arise from external sources, for instance through false invoicing or advance fee frauds. Further guidance — and occasional investor alerts — can be found on the CBB's website (www.cbb.gov.bh).

          Amended: January 2007

        • FC-10.1.4

          Any actual or attempted fraud incident (however small) must be reported to the appropriate authorities (including the Compliance Directorate at the CBB) and followed up. Monitoring systems must be designed to measure fraud patterns that might reveal a series of related fraud incidents.

          Amended: January 2016
          Amended: January 2007

        • FC-10.1.5

          Investment firm licensees must ensure that a person, of sufficient seniority, is given overall responsibility for the prevention, detection and remedying of fraud within the organisation.

        • FC-10.1.6

          Investment firm licensees must ensure the effective segregation of functions and responsibilities, between different individuals and departments, such that the possibility of financial crime is reduced and that no single individual is able to initiate, process and control a transaction.

        • FC-10.1.7

          Investment firm licensees must provide regular training to their management and staff, to make them aware of potential fraud risks.

Back to top