Pakistan’s AML/CTF supervisors
State Bank of Pakistan (SBP)
State Bank of Pakistan (SBP) is the country's central bank, founded under the State Bank of Pakistan Act, 1956. The SBP Act requires the Bank to oversee Pakistan's monetary and credit systems. State Bank of Pakistan is the regulator for AML controls for Banks and related services. The Anti-Money Laundering, Counter-Terrorism Financing, and Counter-Proliferation Financing (AML/ CFT/ CPF) Regulations for SBP’s regulated entities were issued by SBP.
Securities and Exchange Commission of Pakistan (SECP)
Securities and Exchange Commission of Pakistan (SECP) was operational on Jan 1, 1999, with the aim of developing a modern and efficient corporate sector, insurance, NBFCs and capital markets. SECP is in charge of ensuring that stockbrokers, commodity brokers, NBFCs, insurers, corporations, and non-profit organisations comply with AML/CFT regulations.
Financial Information Unit (FIU- Pakistan)
Financial Information Unit (FIU- Pakistan), established in October 2007, is Pakistan's central agency responsible of receiving, analysing, and disseminating financial information about suspected proceeds of crime and potential money laundering offences, as well as the funding of any operations or transactions linked to terrorism, to investigatory and supervisory authorities.
How to comply with AML/CFT regulations in Pakistan
As a designated service provider, you must ensure that you have a rigorous anti-money laundering/counter-terrorism financing policy in place, which includes the following:
- Conduct customer due diligence in compliance with their market and operating model, the nature and types of customers they serve, products they offer, and risk raised by their geographic location.
- Entities must determine the beneficial owners and take appropriate measures to verify their identity by using accurate and reliable documents, records, or information sources.
- All customer business relationships must be monitored on a regular basis to ensure that transactions are consistent and CDD is up to date.
- Implement appropriate internal policies and procedures for politically exposed persons, as well as ensure compliance with relevant record-keeping requirements including retention periods.
- Reporting entities must establish AML/CFT/CPF polices, processes, controls, responsibilities, and preventive measures that take into consideration their scale, nature of business, and operational complexities.
- Internal Risk Assessment Reports (IRAR) for assessing the effectiveness of existing AML/CFT policies, controls, obligations and preventive measures including STR/CTR
Each registered entity should consider the unique nature of its market, corporate structure, clients and transaction types, and other factors when adopting initiatives and procedures to ensure their effectiveness. IRAR is responsible for identifying, assessing, and comprehending ML/ TF/ PF risks at the entity level for consumers, products, facilities, distribution platforms, technologies, and employees etc.
All AML/CFT programs must be risk-based. The risk assessment serves as the foundation for your entire anti-money laundering/counter-terrorism financing program. Your program must demonstrate clearly the connections between defined risks and the processes, practises, and controls that address those risks.
What are my AML/CTF reporting obligations?
As a designated service provider, the company is required to notify FIU-Pakistan regarding suspicious activity. Notable ongoing reporting responsibilities are the following:
- Suspicious Transaction Report (STR) - there is no STR reporting threshold, and STR reporting is undertaken on any suspicious transaction, whether completed or attempted, regardless of the threshold. Reporting entities are required to maintain all the records related to STRs for a period of at least 10 years.
- Currency Transaction Report (CTR) - when a cash transaction exceeds a given threshold, which in this case is PKR 2 million or equivalent, a reporting agency is required to report it.