The FIAU has published the final version of the revised Implementing Procedures Part I, intended to provide guidance to subject persons in complying with their AML/CFT obligations (the “Guidance”). These updates reflect the legislative amendments which took place between December 2017 and January 2018 to the Prevention of Money Laundering Act (“PMLA”) and the Prevention of Money Laundering and Funding of Terrorism Regulations (“PMLFTR”). The revised Implementing Procedures Part I provide all subject persons, within the various sectors of the economy, a more in-depth guidance so as to better fulfil their AML/CFT obligations.

We set out below the key changes to the Implementing Procedures taking effect through this revision:

• The Risk-Based Approach*. Subject persons are required to adopt a risk-based approach when carrying out their AML/CFT obligations.  This will enable subject persons to shift resources where most needed in terms of higher than normal ML/FT risk. The Guidance provides a detailed explanation on how a Business Risk Assessment and Customer Risk Assessment are to be conducted. A degree of proportionality and flexibility is also envisaged, in that policies and procedures in place may be proportionate to the nature and size of the business.
   
• Customer Due Diligence*. The Section of the Guidance on CDD has been revamped setting out:
  - clearer definitions of what is a customer, an agent and a beneficial owner, as well as further explaining the difference between a business relationship and an occasional transaction;
  - the importance of conducting appropriate and effective ongoing monitoring, greater clarity around transaction monitoring and on the importance of having an automated system;
  - the possibility of using various technological alternatives for the carrying out of the CDD obligations, particularly for the identification and verification of customers; and,
  - more information when dealing with corresponding banking relationships and politically exposed persons (“PEPs”).
   
• Monitoring and Oversight functions*. Reference is made to the possible setting up of a day-to-day monitoring function and a general oversight function. Subject persons are to designate an individual with the oversight responsibility to ensure that the AML/CFT obligations are being fulfilled.
   
• Outsourcing*.  Outsourcing is one of the latest trends within the AML fora and therefore a new chapter has been dedicated within the Implementing Procedures. This chapter now provides subject persons with a clear understanding of which obligations may be outsourced or otherwise.
   
• Dealing with Non-Reputable & High-Risk Jurisdictions*.  This revised chapter provides enhanced guidance in assessing the reputability of jurisdictions and determining high-risk jurisdictions. The Guidance makes reference to the application of these obligations in light of communications issued by bodies such as the EU Commission and the FATF.
   
• Administrative Sanctions and Criminal Offences*. Penalties for breaches of AML/CFT obligations have also been amended to reflect the changes that took place in the PMLFTR 2017. The Guidance highlights the penalties for relevant activity and relevant financial business.
   
• Sanctions Screening**. Subject persons have also to fulfil their obligations emanating from the National Interest (Enabling Powers) Act, which relates to sanctions, freezing of assets and reporting. The FIAU is no longer responsible for ensuring compliance with these obligations.
   
• The Role of the MLRO**. The MLRO need no longer be located in Malta nor be present where the operations are/records kept. However the MLRO must have access, to all the records so as to conduct his/her functions and duties. Additionally, there is no restriction or limitation on the MLRO from having additional roles.

*Denotes matters largely already considered in the consultation document dated 30 October 2018.
**Denotes matters considered in the final version of the updated Guidance dated 19 July 2019.

We would also like to highlight that the current sector-specific guidelines for banks have been repealed and that the FIAU will be drafting new guidance for this sector.

KPMG’s Risk Consulting AML/CFT professionals are fully committed to assist you with the overall implementation and understanding of these new updates. With our broad ranging services we aim to provide you with leading edge AML/CFT advice and assistance to assist you in your different requirements.

You can also find more information within our AML and CFT Brochure.