Obligation to conduct an institutional risk assessment to recognise, evaluate, and comprehend the ML/TF risks

Obligation to create good risk management policies, controls, and procedures to manage and mitigate the identified ML/TF risks; to keep track of how well those controls are being used; and to improve or scale back those controls as the risks change for the better or worse

Obligation to develop and implement a thorough, risk-based ML/TF prevention program. Internal policies, controls, and procedures on the following must be included in the program at a minimum

1. Risk Assessment
2. A compliance management system, such as appointing a compliance officer at the management level or establishing a compliance unit
3. Techniques for personnel screening to achieve high standards
4. Programs for ongoing education and training
5. Independent auditing activities
6. Information on how the customer due diligence, record-keeping, and reporting obligations will be implemented
7. Compliance with all AMLC guidelines, including those regarding asset preservation, bank investigations, and freeze orders
8. Adequate protections for the use and confidentiality of information exchange, including measures to stop tip-offs
9. Cooperation between the Supervisory Authorities and the AMLC

Customer due diligence steps must be taken when:

1. Establishing a professional or business relationship
2. Any transactions over PHP 100,000 or any other threshold that may be established by applicable regulatory authorities, including circumstances where the transaction is carried out in a single operation or numerous operations that appear to be related
3. Occasionally performing wire transactions
4. ML/TF act is suspected, regardless of any criteria or exclusions
5. The validity or sufficiency of previously acquired identity information and/or data are under question by the covered person

Obligation to implement the following steps as part of the customer due diligence measures

1. Process for identifying customers
2. Process for verifying customers
3. Agent identification and verification
4. Verification of beneficial ownership
5. Establishing the relationship's purpose
6. Ongoing procedure of surveillance

The obligation to conduct increased due diligence in circumstances of higher risk and the potential to conduct less thorough due diligence in cases of lower risk

Obligation to ascertain and fully document the identities of PEPs, as well as those of their immediate families, close friends, and acquaintances, and to exercise more due diligence

Obligation to save and securely preserve all client records and transaction documents for at least 5 years after the date of transaction

Duty to retain all records gathered through customer due diligence, account files, business correspondence, and the outcomes of any analysis undertaken for a minimum of 5 years after an account has been closed, a business or professional relationship has ended, or after the date of an occasional transaction

There are additionally industry-specific rules that must be followed, such as:

Dealers who undertake high value transactions as well as those who trade in precious metals and prehistoric stones are required to report suspicious transactions to the FFU, whenever they make a cash transaction whose value is equal to or greater than the amount set by the country’s AML Committee.

Real estate agents and brokers are required to notify the FFU of any dubious real estate sales or purchases they complete on behalf of their clients.

Financial institutions, non-financial businesses, and professions, as well as their managers, officials, and workers, are not subject to legal prosecution for carrying out a suspicious transaction that was voluntarily reported in compliance with local AML regulations.