Chapter 4. Customer Identification Programme
21. A Relevant Person must develop a programme for identification of the customers (and/or their representatives) and any beneficial owners.
The identification of the customer (its representative) and the beneficial owner (s) requires the Relevant Person to record information about the customer (its representative), the beneficial owner of the customer and the intended purpose of the business relationships. It must include the receiving and recording relevant information by using the AML/CFT Law on the customer (and/or its representative) and the beneficial owner or owners.
The Relevant Person chooses between the Simplified Due Diligence and the Enhanced Due Diligence, depending on the client’s risk level, in accordance with paragraph 7 of Article 5 of the AML/CFT Law.
22. The identification programme of the customer, its representative and beneficial owner (s) should at least include:
1) the procedure for accepting customers for service, including the procedure and grounds for refusing to establish business relationships and/or to conduct operations; and a similar process is required for the termination of business relationships;
2) the procedure for identifying the customer (its representative) and the beneficial owner, including the features of the procedures for conducting Simplified and Enhanced Due Diligence of the customer;
3) careful identification while establishing and updating correspondent relationships with foreign financial organisations;
4) a detailed description of the means of identification by the Relevant Person of politically exposed persons among natural persons who receive services or are accepted for receipt of services;
5) the procedure for verifying the customer and the beneficial owner on their inclusion in the Lists;
6) identification features of the remote establishment of business relationships (without the personal presence of the customer or its representative);
7) customer (its representative) and the beneficial owner identification by means of obtaining information from other financial organisations;
8) additional sources of information, including those provided by state authorities, in order to identify the customer or its representative and the beneficial owner;
9) detailed procedures for verifying the accuracy of information about the customer (its representative) and the beneficial owner;
10) requirements relating to the form, content and procedure for monitoring the customer’s profile, and updating the information contained in the profile, with attention to the frequency of updating the information;
11) the procedure for ensuring the access of employees of the Relevant Person to the information obtained concerning identification etc..;
12) the procedure for assessing the risk level of the customer and the basis for assessing such risk.
23. Subject to the requirements of Article 6 of the AML/CFT Law, a Relevant Person shall organise the identification of the customer (its representative) and the beneficial owner before establishing business relationships.
24. Subject to the requirements of paragraph 1 of Article 7 of the AML/CFT Law, a Relevant Person must identify the customer (or its representative) and the beneficial owner, check business relationships and consider transactions, including, if necessary, obtaining and recording information about the source of financing of transactions, taking into account the risk level of the customer (its representative) and the beneficial owner. It shall check the accuracy of the information received about the customer in following cases:
1) customer performing a threshold operation (transaction);
2) customer performing (or attempting performing) a suspicious operation (transaction);
3) customer performing an unusual operation (transaction);
4) the customer’s operation (transaction) having characteristics that correspond to typologies, schemes and methods of ML/FT.
When a customer completes an operation (transaction) within the framework of an established business relationships, the customer (its representative) and the beneficial owner is not be required to be identified if the identificationwas carried out during the establishment of such business relationships, except as provided for in subparagraphs 2), 3) and 4) of part one of this paragraph, as well as in the course of the need to update previously received or obtained additional information in accordance with the customer’s risk level and requirements.
Validation of customer information must be carried out by means of reconciling with the data in timely and relevant documents or by means of reconciling with the data from available sources such as validation of information by means that would allow to the establishment and verify the identity of the customer (or its representative), including visiting the address.
Verification of the accuracy of the information must be conducted through reconciling with data from available sources, copies of supporting documents including information and extracts from databases containing information from available sources.
25. Information received in accordance with paragraphs 23 and 24 of the Guidance in the framework of the customer identification (its representative) shall be documented and included in the client’s profile. It must be kept by the Relevant Person throughout the entire period of business relationships with the customer and for at least six years after the day of termination of the business relationships.
When applying subparagraph 1) of paragraph 6 of article 5 of the AML/CFT Law, a Relevant Person shall immediately request information about the customer from other financial monitoring entities for updating (inclusion in) the client's profile. It shall seek to request without delay shall receive copies of supporting documents, which also include information such as extracts from information systems or databases of other financial monitoring entities relevant to Customer Due Diligence and supplied by other Relevant Persons.
A Relevant Person shall take all reasonable steps to hold and update internal documents and maintain a complete profile of clients.
26. In the process of customer identification (and/or the identification of the beneficial owner), a Relevant Person shall verify the inclusion of such a customer (beneficial owner) in the Lists.
The verification of the inclusion of the customer (beneficial owner) does not depend on the risk level of the customer and shall be carried out in a timely fashion when amendments are made to the Lists.
A Relevant Person in the process of customer identification (identification of the beneficial owner) shall organise verification on customer’s belonging (beneficial owner) to a politically exposed person.
27. The frequency of updating and/or the need to obtain additional information on the customer (its representative) and the beneficial owner shall be established taking into account the level of risk of the customer (group of clients) and/or the degree of exposure of the services (products) of the Relevant Person provided to the customer to ML/FT risks.
Information on each high risk customer (or its representative) and the beneficial owner (s) shall be updated by the Relevant Person at least once a year.