At Guaranty Trust Bank (Kenya) Limited (“The Bank”), we are committed to the fight against all forms of financial crime, which includes, money laundering, terrorism financing, bribery and corruption. To this end, the Bank has continually implemented a framework for Anti-Money Laundering (“AML”), Combating the Financing of Terrorism (“CFT”) and the Prevention of the Financing and Proliferation of Weapons of Mass Destruction. Strict adherence to the same is mandatory for all members of staff Group wide.
The framework ensures compliance with AML/CFT legislation and regulations in Kenya and has incorporated leading best practices including, but not limited to:
Policies and procedural guidelines have been developed by the Bank and are regularly reviewed/revised to ensure that they remain relevant and current and are in line with the evolving regulatory requirements and leading practices. The Policies and Procedures clearly articulate the Bank’s AML and CFT stance in the global fight against financial crime and are available on the Bank’s intranet site for access to all members of staff at any point in time.
The Bank’s Compliance Policies are reviewed and approved by the Board of Directors on an annual basis and where it is necessary to update the policy between cycles, the changes are incorporated in the Policy and approved at the next Board of Directors meeting.
The Bank has moved away from a “rule based, tick box” approach for combating financial crime risk, to a risk-based approach. Thus, the Bank identifies and assesses the risks from a proactive stance and allocates the requisite resources which center around systems and controls to manage these risks.
The scope of the Bank’s AML/CFT framework includes the following:
The Board of Directors of the Bank has oversight responsibilities for the AML/CFT framework. The Board ensures that the Bank’s Management and all employees conform strictly with all regulatory and internal procedures relating to AML/CFT and that the Bank maintains a zero tolerance to regulatory infraction. In accordance with AML/CFT global best practice, the “tone is set from the top”. The Bank’s Designated Chief Compliance Officer is appointed by the Board of Directors and approved by the Central Bank of Kenya.
AML & CFT reports are submitted monthly and quarterly to Senior Management and the Board respectively. These reports provide the Board and senior management with information to enable them assess the Bank’s compliance with its regulatory obligations. The reports also ensures that Directors and senior management are kept abreast on current trends and developments in the financial industry, particularly in the area of AML/CFT risk management.
A duly completed account opening form and the provision of identification and other relevant information and documents are the foundation/bedrock for on-boarding a customer in the Bank. Customer Due Diligence (CDD) is conducted prior to entering into any banking relationship with a customer. This includes at a minimum, identity and address verification as well as ascertaining the source of income and wealth of the customer.
Where appropriate, KYC includes ascertaining who the Ultimate Beneficial Owner (UBO), Legal representatives and Trustees are.
Enhanced Due Diligence (EDD) is conducted on high risk customers including Politically Exposed Persons (PEPs). The approval of Senior Management and Compliance is required prior entering into a relationship with high risk countries.
The Bank takes requisite and regulatory measures when embarking on relationships with Designated Non-Financial Businesses and Professionals (DNFBPs) and other prescribed businesses, due to their perceived risk and in compliance with regulatory requirements.
As part of the Bank’s KYC and CDD procedures, identification documents are requested and obtained to confirm the ultimate beneficial owners of a business and the organization’s control and structure. Sanction screening is also conducted prior to entering into a relationship as well as prior to effecting a transaction to ensure that the Bank does not enter into a relationship with a sanctioned person/entity.
The Bank is in compliance with the Foreign Account Tax Compliance Act (FATCA) and Common Reporting Standards criteria, and thus, have put measures in place in identifying the defined persons in the Bank’s database. All identified US persons are required to complete the requisite tax forms i.e. W8 BEN, W8 BEN-E and W9. A Customer who fails to complete the forms would be regarded as recalcitrant.
Transaction monitoring occurs on a manual and automated basis. The former is performed by all members of staff, who are regularly provided with red flags to look out for and the latter resides within the Compliance Unit.
All members of staff are aware of the fact that suspicious activities/ transactions should immediately be referred to the Compliance Unit.
Suspicious Transactions are brought to the attention of the Compliance Unit on a manual or automated basis, the former by way of members of staff filing internal suspicious transaction reports to the Compliance Unit and the latter by way of transaction monitoring tools reviewed by Compliance Officers. If deemed appropriate, a report is filed to the FRC.
To properly monitor transactions passing through the Bank’s systems, the SAS AML tool, has been fully deployed in the Bank, providing an advancement in the means by which transactions are monitored and investigated.
Regulatory and statutory requirements provide that certain reports and returns are made to regulatory bodies. In Kenya, the Financial Reporting Centre (FRC) is the agency charged with the responsibility of receiving the following core transaction based reports:
The Bank renders reports to the FRC and the Central Bank of Kenya (CBK) in accordance with the provisions of sections 44 of the Proceeds of Crime and Anti Money Laundering Act 2009 Revised 2012 (“the Act”).
Section 44 (1) of the Act provides that a financial institution must submit a report on all unusual and suspicious transactions.
Section 44 (6) of the Act provides that a financial institution must file reports all cash transactions exceeding US$ 10,000 or its equivalent in any other currency carried out by it.
The Bank understands that part of its corporate and social responsibility is to cooperate with law enforcement agencies in the fight against financial crime. To this end, the Bank maintains a cordial and supportive relationship with all regulatory and law enforcement agencies. The Bank promptly complies with all requests made, pursuant to the law, and provides information to regulators including the FRC, the CBK and other relevant agencies.
The Bank is also at the forefront of cooperating with regulators to give feedback on new regulations and means to mitigate the risks that are being encountered in the financial industry brought on by new innovations and developing trends.
The Bank as a policy, does not enter into any relationship with sanctioned individuals/entities. All employees, as applicable to their functions, are required to screen names of individuals and organizations who have or plan to enter a business relationship or carry out a transaction with/through the Bank against the Bank’s internal watch list.
The internal watch list contains amongst others, the names of individuals and entities, who have been blacklisted by various regulatory bodies worldwide: Office of Foreign Asset Control “OFAC”; European Union (EU); Her Majesty’s Treasury (HMT); The Ministry of Economy, Finance and Industry in France (MINEFI); The United Nations (UN); The Local List as provided by local regulatory and enforcement bodies.
Employees are required, as part of the Bank's policy, to refrain from any relationship and/or transaction which yield a true or positive match and follow the escalation procedure. Sanctions screening is done at account opening and on a real time basis for all SWIFT transactions.
PEPs are individuals who are or have been entrusted with prominent public functions and people or entities associated with them. Enhanced due diligence measures are applied to PEPs, as with other high-risk customers to mitigate the AML/CFT risk they pose. This is to ensure that the Bank is not unknowingly supporting activities such as money laundering and/or the financing of terrorism.
In line with FATF's recommendation, the Bank employs the use of an automated monitoring tool in identifying and monitoring PEP transactions. This is achieved through the thorough review of information provided by customers and their transaction trends.
Establishment of new accounts for PEPs as well as continuity of such accounts (for those already existing in the system) is subject to the approval of the Chief Operating Officer and the Compliance Unit.
The Bank only enters into and maintains correspondent banking relationships with financial institutions that have implemented sufficient AML/CFT policies and procedures. The Bank does not enter into any form of relationships with shell banks nor maintain any payable through accounts. The Bank ensures that due diligence is performed annually on our correspondent relationships to avoid AML/CFT risks.
In line with international best practice, the Bank does not open accounts or conduct transactions for customers using pseudonyms or numbers instead of actual names or maintain relationships with individuals or entities that have been sanctioned.
The Bank conducts Risk Assessment on its customers, products and services. This is to ensure that AML/CFT risks are identified and mitigated.
The Bank is committed to the highest standards of ethical conducts in all its endeavors and interactions. The Bank has zero tolerance for any form of bribery, corruption, fraud and unethical practices among employees, between the Bank and its employees, as well as between the Bank and external parties. The Bank also expects the same standards to be applied by third parties acting on behalf of the Bank.
The Bank places a high premium on the training of its employees. Training is conducted to ensure employees are well informed about the AML/CFT laws, KYC principles and the red flags of money laundering or terrorism financing which may occur in their job functions. Annual Compliance training is mandatory for all members of staff, including Senior Management and Directors.
Training is conducted via e-learning, face to face or on an ad hoc basis by email to the appropriate personnel in relation to topical national and international findings.
In order to adhere to regulations and to ensure an ever-evolving fit for use Compliance function, internal audit of the AML/CFT function is conducted on a quarterly basis. The purpose of the audit is to test the adequacy of the AML/CFT functions and ensure that the AML/CFT measures put in place by the Bank are effective.
The report and findings of the audit are circulated to Senior management. A follow-up to the audit takes place to ensure that the relevant issues are closed out and highlighted recommendations have been implemented.
Customer identification documents are retained throughout the life of the account and for 7years after the cessation of the banking relationship and for 7 years after the transaction date for transaction instruments. In litigation and/or regulatory investigations, the records will be kept for as long as they are required.
The Bank has a duly approved Data Protection and Retention Policy which is revised on an annual and ad-hoc basis to reflect the legal, regulatory and operating environment. The Bank adheres strictly to both local and international data protection policies such as the National Data Protection Regulations in countries where we operate and the European Union General Data Protection Regulation (EU-GDPR.)