AML/CFT Snapshot

Compliance Check-List
(Collection for Banking Institutions in Afghanist
Name of the Banking Institution:
Completed by (Name & Position):
Date:
No Category Compliance Category Compliance Element
1 Program Document
Compliance Program
2 Reviewing the Program Document
3 AML/CFT Policy (ies) Policy (ies)
4 AML/CFT Procedure (s) Procedure (s)
5 Should cover: Senior management oversight
6 Account opening
7 STR/SAR and LCTR
8 Record keeping
9 Thresholds/limits
AML/CFT Internal Controls
10 Dual controls
11 Built-in safeguards (electronic paramete
12 Staff screening
13 Reviews
14 Reports
15 Designated by Board of Directors
16 Required qualifications and expertise (TOR)
Approved Chief Compliance Officer
17 Independent
18 Sufficient authority
19 Dedicated/stand-alone department
20 KYC Unit
21 Sanctions Screening
22 Program Management
23 Dedicated/stand-alone department Transaction Monitoring
24 AML/CFT Compliance Program Investigation
25 (Four Pillars) Compliance officers at branches
26 Screening employees (Fit & Proper Criteria)
27 Screening third party employees (if applicable)
28 Ongoing AML/CFT Training Plan
29 Should cover: Operational Personnel
30 Customer facing staff
31 Compliance staff
32 Audit staff
Ongoing AML/CFT Training
33 Senior Management/Board of Directors
34 Attendance, record and evidence of training
35 Relevancy of contents
36 Frequency and level of trainings
37 Evaluation of training (s)
38 Technical compliance
39 Effectiveness of controls
40 Testing transactions
41 Testing controls
42 Assess knowledge of employees
43 Independent AML/CFT Audit Adequacy, accuracy and completeness of training programs
44 Process of Identifying suspicious activity
45 Reporting to Board of Directors
46 Measuring effectiveness of corrective actions
47 Audit frequency based on risk assessment
48 Audit coverage
49 Risk Assessment
50 Updated Assessment
51 AML/CFT Risk Assessment AML/CFT Risk Assessment Risk Factors
52 Reviewing risk Scoring Model
53 New Products, Technologies, Delivery Channels & Practices
54 Natural Persons
55 Customer Identification Requirements Legal Person and Legal Arrangements
56 NGOs / NPOs
57 KYC/Ac Opening Forms (Dari or Pashto Language)
58 KYC/Ac Opening Forms English Language
59 Screening before A/c activation
60 Payment/Transaction screening
61 Customer Due Diligence (CDD) Account Opening & Screening Customer acceptance and rejection policy
62 Required verification (Documentary & Non-documentary)
63 Verification process for non-resident (s)
64 Timeframe for verification
 65 Transaction limit/oversight before verification (if permitted)
66 Based on regulatory requirement (any)
67 KYC review and update Based on Risk Profile or RBA (any)
68 KYC/Ac Opening Forms updating report and statistics
69 EDD before establishing business relationship
70 Enhanced Due Diligence Enhanced CDD Ongoing basis.
71 EDD Procedure
72 Do you apply SDD?
73 Simplified Due Diligence SDD If yes, do you have SDD application policy?
74 Review and reporting
75 Documentary Verification Documentary Verification
Verification
76 Non-Documentary Verification Non-Documentary Verification
77 System, software, database or electronic monitoring
78 Coverage of sanctions platform
79 Before establishing business relationship
80 Economic Sanctions Sanctions Ongoing screening (frequency)
81 Real time platform
82 Investigation of false or positive matches
83 Detection and reporting of positive matches
84 Defined categories of PEP (Domestic & Foreign)
85 Detection and reporting procedure
86 Politically Exposed Person PEP Approval of senior management
87 EDD measures
88 Review and updates
89 Detection and reporting procedure
90 Coverage of monitoring tool
91 Other Local & International World Check, FIU, Police, Tax Authority, Anti- Real time screening platform
92 Watchlist (s) Corruption Agencies, Transparency bodies Manual screening mechanism
93 EDD measures
94 Review and updates
95 Procedure
96 Customer facing employee (s) report
97 Daily thresholds/limits
98 Aggregated cash activity
99 Wire transfer (s)
100 Monitoring/Investigation Geographical factors
101 Change reports
102 Unusual activity report
Suspicious Transactions
103 Electronic parameters (Software Reports)
Suspicious Transactions
104 Other alert reports
105 Investigating red flags and/or ML/TF Indicators
106 Formal evaluation of each instance (by investigation unit)
107 Documentation of Investigation
108 Forming suspicion
109 Documentation and Reporting Reporting STR within defined timeframe
110 Confidentiality (Tipping Off)
111 Reporting statistics to Board of Directors
112 Record keeping (Regulatory timeframe)
113 Electronic platform
114 Large Cash Transactions LCTRs Parameters to detect structuring
115 Reporting LCTRs within defined timeframe

Disclaimer:
This checklist is solely informative and doesn't bypass the legal and regulatory responsibilities of FIs. This list shall not be treated as legal, regulatory or official document.
To receive soft editable file, please send your request to (nesar.yosufzai@gmail.com).
pshot By: Nesar Yosufzai, CAMS
@NesarYosufzai

k-List
Note: 02 | September 2017

tions in Afghanistan) Version | 0.1

Supervisory Authority Other Authority (ies) Compliant Reply Comments

AML/CFT Supervisory Authority FIU Yes
AML/CFT Supervisory Authority FIU No
AML/CFT Supervisory Authority FIU No
AML/CFT Supervisory Authority FIU Not Applicable
AML/CFT Supervisory Authority N/A Not Applicable
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
 AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority N/A
AML/CFT Supervisory Authority FIU & LEAs
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU
AML/CFT Supervisory Authority FIU

ory or official document.

Yes
No
Not Applicable
 EXPLANATIONS
No
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

17
18

19
20

21

22

23

24
24

25
26
27
 EXPLANATIONS
Description
"AML/CFT Compliance Program Document" should be in written form and approved by the Board of Directors. The Program should address all AML/CFT related areas of the financial i
"AML/CFT Policy" should be approved by the Board of Directors and/or Supervisory Authority. The Policy should reflect the responsibilities of the high-level stakeholders, should be re
"AML/CFT Procedure" should be approved by the Board of Directors/Executive Board. The Procedure should be detailed and regularly updated.
The AML/CFT Program should Include internal controls. The control measures should be regularly tested and updated.
Chief Compliance officer should be appointed by the Board of Directors and approved by Supervisory Authority. CCO is responsible for coordinating and monitoring day-to-day complia
Independent with required units and personnel.
Training is a key pillar of Compliance Program. The training contents, coverage, frequency, levels, and completeness should reflect the knowledge need.
Attest the overall effectiveness, controls, test transactions, assess employees knowledge, adequacy, accuracy and completeness of training, process of identifying suspicious activity, ti
Mainly responsible for CDD risk assessment, EDD, and providing support to other business lines.
Managing sanction screening tools, review suspected matches and reporting.
Updating the Compliance Program, monitoring regulatory changes, and coordinate regulatory examinations (AML/CFT).
Managing transaction monitoring tools, and reporting valid matches.
Investigating alerts, forming suspicion and filing STR/SAR. STR filing should be channeled through CCO.
Category of Branches should be considered based on AML/CFT risk assessment.
Training should explain Laws, Regulations, Policies, Procedures, Internal Controls, civil and criminal penalties, record keeping, thresholds, ML/TF Risks, typologies and compliance cultu
Proper CDD is the best way to prevent ML/TF risk. CDD is required when establishing business relationship, carrying occasional transactions, when there is doubt about the validity or
Natural Person:
Full Name (First, Middle, Last/Family and alias)
Father Name
Business Name (If Sole Trader)
Gender
Marital Status
National Identification Card/Passport/Tazkira or National ID Card/Travel Document
Permanent and mailing address
Nationality
Date of Birth
Occupation/Organization
Income and Source of Income
Education (If needed)
Phone / Mobile number (s)
Photo (Latest)
Monthly/Yearly turnover
Assets
 Biometric (Optional but recommended)
Other Information
Signature and or Finger Print
Legal Person and Legal Arrangements:
legal name of the entity
Certificate of Incorporation/License
Customer Category and Nature of Business
Tax Identification/Certificate
Tax clearance certificate
Memorandum of Association or Articles of Association
Partnership Agreement
Trust deed
Address including mailing address
Phone, Mobile, Fax, and email
Name, Address and contacts of board members
Identification documents of shareholders, board members, directors, and partners.
Identification documents of settlors, trustees, protectors, and beneficiaries with respect to TRUSTs.
Resolution of competent board/body to open the account.
Authorization of competent authority to conduct financial transactions.
Authorization of competent authority for the account signatory and/or representing the legal entity.
NGO/NPOs:
Legal Name
Certificate of establishment
Constitution
Type of business
Address including mailing address
Contacts (Phone, Mobile, Fax and Email)
Name and address of the Executive Committee
Resolution of competent authority to open the account.
Authorization of competent authority to conduct financial transactions.
Authorization of competent authority for the account signatory and/or representing the legal entity.
Identification documents of board members, directors and senior officers.
Certificate of Tax Return or Tax Exemption Certificate
Financial Statements
Coverage of operations and businesses
Enhanced due diligence should be applied on high risk business relationships.
 Additional Information about Occupation, volume of Assets, Identifications, Beneficial Owners, Guarantors, and Signatories.
Additional information about individuals with control over the account.
Additional Information about nature of the business.
Domicile verification/visits
Banking references
Additional Information about source of fund/assets.
Profiling and reason of targeted transactions.
Certification and Independent verification of documents.
Approval of the senior management to continue business relationship.
Enhanced monitoring levels including controls applied and thresholds.
Carrying out the first payment from another bank under the customer name (if possible).
Financial Statements (Audited is recommended).
Explanations of changes in account activity.
Additional documents and developments.
Financial Institutions should assess their ML/TF risks and implement proportionate internal policies, procedures and controls.
Risk Factors:
Customer type
Geographical location
Products/Services/Delivery Channels
Documentary Verification:
Obtaining copy of Identification, certification, business license and other relevant documents. "Identification and/or documentation should be valid."
Original should be seen and copy should be marked.
Date and place of birth.
Validity of official documents
Credit Registry (ies)
Company search
Other Registries
Non-documentary Verification:
Contacting the customer.
Visit to the address (s)
Banking references.
Independent verification.
Verification of the source of income.
Verification of employment
Contacting the customer via email, mobile, phone, fax and.
Economic sanctions are applied to financially isolate the targeted country, sector or subject (s).
 Targeted
Sectoral
Comprehensive
Financial institutions should establish appropriate risk management systems to determine whether a customer or beneficial owner is a politically exposed person or not?
Due diligence may require compliance personnel to gather information about a customer or transaction before deeming it suspicious and filing an STR.
Banks should report the particulars of transactions (deposits, withdrawals or transfers) in excess of reporting threshold.
Supporting Documents (Sample Types):
Individual:
Tazkira (ID)
Passport
Driving License
Birth Certificate
Tax Identification Number (TIN)
Business License (If Sole Trader)
Employment Contract
Salary Slip
Bank References /Statement
Credit Report
Marriage Certificate
Educational Documents
HR Letter
Title deeds /Real Estate Records
Power of Attorney / Probate
Credit Card Transactions Report (This will explain the movement and life style of the subject)
Utility Bills
Screening Report
Legal Entity:
Business License
Articles of Association
Guarantee Letters
Audited Financial Statements
Tax Identification Number (TIN)
Bill of lading
Custom document (s)
Valid Invoice
Transportation documents
 Insurance documents
Sale/Supply/Distribution agreements
Credit Report
Utility Bills
Screening Report
Simplified CDD shall not be applied whenever there is suspicion of money laundering or terrorist financing or specific higher risk scenario.
 QUICK NOTES
No Subject
1 Anonymous Account
2 LCTR (Threshold)
3 Beneficial Owner
Record Keeping
4
5 Simplified CDD
6
7
8
9
10
PEP
11
12
13
14
15
 QUICK NOTES
Description
Financial Institutions shall not keep anonymous accounts in fictitious names.
Large Cash Transaction Report (LCTR) threshold for banking institution is AFN 1,000,000 (One Million) and its equivalent.
Financial institutions shall identify the beneficial owner and take reasonable steps to verify his/her identifications.
Financial Institutions shall maintain all necessary records on transactions, both domestic and international attempted or executed for at least five years following the attempt
or execution of the transaction. The record keeping period for the supporting records of STR/SAR is ten years.
Simplified CDD shall not be applied whenever there is suspicion of money laundering or terrorist financing or specific higher risk scenario.
Local Examples:
Heads of State or Government
Members of Parliament and Provincial Councils
Ministers, Deputy Ministers, Director Generals
Governors
Local Government Heads /Directors
Senior Management Officials (Director General, Director, Deputy Director, Heads, Chairman)
Senior Executives of state owned corporations
Senior Politicians, Political Party Officials
Family members and close associates of PEPs
 ACRONYMS
Acronym Description
AGO Attorney General's Office
AML Anti-Money Laundering
AML-PC Anti-Money Laundering and Proceeds of Crime Law
CFT Counter Financing Terrorism
CCO Chief Compliance Officer
CDD Customer due diligence
CT Counter Terrorism
DAB Da Afghanistan Bank (Central Bank of Afghanistan)
EDD Enhanced due diligence
FATF Financial Action Task Force
FinTRACA Financial Transactions and Reports Analysis Center of Afghanistan (Financial Intelligence Unit)
FI Financial Institution
FSD Financial Supervision Department (Supervisory Authority)
HR Human Resource
KYC Know Your Customer
LCTR Large Cash Transaction Report
LEA Law Enforcement Agency
NGO Non-Governmental Organization
NPO Non-Profit Organization
PEP Politically Exposed Person
RBA Risk Based Approach
STR Suspicious Transaction Report
SAR Suspicious Activity Report
TIN Tax Identification Number
 SOURCES
Source Description
Association of Certified Anti-Money Laundering Specialists -ACAMS
United Nations Office on Drugs and Crime
AML/CFT Responsibilities & Preventative Measures Regulation
Anti-Money Laundering and Proceeds of Crime Law
Financial Action Task Force Recommendations
 SOURCES
Website/Links
www.acams.org
www.unodc.org
http://dab.gov.af/Content/Media/Documents/AML-CFTResponsibilitiesandPreventiveMeasureRegulationFinnal2642016155033416553325325.pdf
http://dab.gov.af/Content/Media/Documents/AMLLawEnglish1212015103612655553325325.pdf
http://www.fatf-gafi.org/media/fatf/documents/recommendations/pdfs/FATF%20Recommendations%202012.pdf