1. INTRODUCTION

On 4 February 2016, the Basel Committee on Banking Supervision published a revised General Guide to Account Opening ("the Guide"). The Guide was first published in 2003, and the latest revised version appears as a new Annex 4 to the Basel Committee's Guidelines on Sound Management of Risks related to Money Laundering and Financing of Terrorism. The revised version of the Guide takes into account the significant enhancements recommended by the Financial Action Task Force ("FATF") Recommendations and other related materials.

The Guide is intended to assist banks in defining their approach to account opening. Although the Guide does not take into consideration specific local legal or regulatory requirements in force in a country, it is nevertheless a useful document which all banks should note. The Guide can be particularly useful to help a bank benchmark its existing account opening protocols against international best practices, particularly when local laws are silent or ambiguous on a point.

The Guide is divided into two sections covering different aspects of customer identification:

  1. Types of information to be collected and verified for natural persons; and
  2. Types of information to be collected and verified for legal persons and legal arrangements.

The Guide is organised in such a way as to set out a minimum set of information that a bank should obtain, as well as additional information which a bank could consider obtaining, depending on the bank's assessment of risk.

2. NATURAL PERSONS

For the purposes of identification of individuals who are customers or beneficial owners or authorised signatories, the Guide recommends that the bank should, at minimum, collect the following information:

At a minimum Potential additional information (on the basis of risks)
Legal name (first and last name); Any other names used (such as marital name, former legal name or alias);
Complete residential address; Business address, post office box number, e-mail address and landline or mobile telephone numbers;
Nationality, an official personal identification number or other unique identifier; Residency status;
Date and place of birth. Gender.

With a view to developing an initial customer's risk profile, the Guide recommends the collection of the following information:

Key attributes Potential additional information (on the basis of risks)
Occupation, public position held; Name of employer, where applicable;
Income; Sources of customer's wealth;
Expected use of the account: amount, number, type, purpose and frequency of the transactions expected; Sources of funds passing through the account;
Financial products or services requested by the customer. Destination of funds passing through the account.

The Guide reiterates that a bank should verify the identity of the customer, established through the information collected using reliable and independently sourced documents, data or information. The measures to verify the information produced should be proportionate to the risk posed by the customer relationship and should enable the bank to satisfy itself that it knows who the customer is.

Particular attention needs to be focused on those customers assessed as having higher-risk profiles. Additional sources of information and enhanced verification procedures may include:

  • Confirming an individual's residential address on the basis of official papers, a credit reference agency search or through home visits;
  • Prior bank reference and contact with the bank regarding the customer;
  • Verification of income sources, funds and wealth identified through appropriate measures;
  • Verification of employment and of public positions held; and
  • Personal reference (i.e. by an existing customer of the same bank).

Banks should verify that any person purporting to act on behalf of the customer is so authorised. If so, banks should identify and verify the identity of that person. In such a case, the bank should also verify the authorisation to act on behalf of the customer (such as a signed mandate or an official judgment).

3. LEGAL PERSONS, LEGAL ARRANGEMENTS AND BENEFICIAL OWNERSHIP

I. Legal Persons

Within the Guide, the term legal person is used to refer to any entity (e.g. business or non-profit organisation which is distinct from its officers and shareholders) that is not a natural person or a legal arrangement. In considering the customer identification guidance for the different types of legal persons, particular attention should be given to the different levels and nature of risk associated with these entities.

For legal persons, the Guide recommends that the following should be obtained for identification purposes:

At a minimum Potential additional information (on the basis of risks)
Name, legal form, status and proof of incorporation of the legal person;
Permanent address of the principal place of the legal person's activities;
Official identification number (company registration number, tax identification number); Legal entity identifier if eligible;
Mailing and registered address of legal person; Contact telephone and fax numbers;
Identity of natural persons who are authorised to operate the account. In the absence of an authorised person, the identity of the relevant person who is the senior managing official; Identity of relevant persons holding senior management positions.
Identity of the beneficial owners;
Powers that regulate and bind the legal person (such as the articles of incorporation for a corporation).

With a view to developing an initial customer's risk profile, the Guide recommends the collection of the following information:

At a minimum Potential additional information (on the basis of risks)
Nature and purpose of the activities of the legal entity and its legitimacy; Financial situation of the entity;
Expected use of the account: amount, number, type, purpose and frequency of the transactions expected. Sources of funds paid into the account and destination of funds passing through the account.

Again, the Guide reiterates that a bank should verify the identity of the customer established through the information collected using reliable, independently sourced documents, data or information. In particular, for legal persons, the bank should obtain the following documentary verification:

  • A copy of the certificate of incorporation and memorandum and articles of association, or partnership agreement (or any other legal document certifying the existence of the entity);
  • For established corporate entities – reviewing a copy of the latest financial statements (audited if available).

In addition, the Guide identifies the following non-documentary verification procedures which could be considered:

  • Undertaking a company search and/or other commercial enquiries to ascertain that the legal person has not been, or is not in the process of being, dissolved, struck off, wound up or terminated;
  • Utilising an independent information verification process, such as by accessing public corporate registers, private data bases or other reliable independent sources;
  • Validating the Legal entity identifier and associated data in the public access service;
  • Obtaining prior bank references;
  • Visiting the corporate entity, where practical;
  • Contacting the corporate entity by telephone, mail or e-mail.

The measures to verify the information produced should be proportionate to the risk posed by the customer relationship and should allow the bank to satisfy itself that it knows the customer's identity.

Banks should verify that any person purporting to act on behalf of the legal person is so authorised. If so, banks should verify the identity of that person. This should entail verification of the authorisation to act on behalf of the customer (a signed mandate, a board resolution or an official judgment). Banks should take reasonable measures to verify the identity of the beneficial owners, according to the due diligences procedures for natural persons outlined above.

II. Legal Arrangements

The Guide uses the term "legal arrangements" to refer to express trusts or other similar legal arrangements (e.g. fiducie, treuhand and fideicomiso). For legal arrangements, the Guide recommends that the following information should be obtained:

At a minimum Potential additional information (on the basis of risks)
Name of the legal arrangement and proof of existence; Contact telephone and fax numbers if relevant;
Address, and country of establishment;

Nature, purpose and objects of the legal arrangement (e.g. is it discretionary, testamentary etc); Legal entity identifier, if eligible;
The names of the settler, the trustee(s), the protector (if any), the beneficiaries or class of beneficiaries, and any other natural person exercising ultimate effective control over the legal arrangement (including through a chain of control/ ownership). The names of the relevant persons having a senior management position in the legal arrangement, if relevant, addresses of trustees, beneficiaries.

With a view to developing an initial customer's risk profile, the Guide recommends the collection of the following information:

At a minimum Potential additional information (on the basis of risks)
Description of the purpose/activities of the legal arrangement (e.g. in a formal constitution, trust deed); Sources of funds;
Expected use of the account: amount, number, type, purpose and frequency of the transactions expected. Origin and destination of funds passing through the account.

As for the previous categories, the Guide reiterates that the bank should verify the identity of the legal arrangement through information collected using reliable, independently sourced documents, data or information. Some of the verification procedures are as follows:

  • Obtaining an independent undertaking from a reputable and known firm of lawyers or accountants confirming the documents submitted;
  • Obtaining prior bank references;
  • Accessing or searching public and private databases or other reliable independent sources.

Measures to verify the information produced should be proportionate to the risk posed by the customer relationship and enable the bank to satisfy itself that it knows the customer's identity. In addition, banks should undertake reasonable measures to verify the identity of the beneficial owners of the legal arrangements. Banks should verify that any person purporting to act on behalf of the legal arrangement is so authorised. If so, banks should verify not only the identity of that person but also the person's authorisation to act on behalf of the legal arrangement (by means of a signed mandate, an official judgment or other equivalent documents).

III. Focus on specific type of customers

The Guide also includes commentary on how account opening measures could be applied in relation to accounts opened for certain specific types of customers.

(a) Retirement benefit programmes

In a situation where an occupational pension programme, employee benefit trust or share option plan is the account applicant, the Guide states that the trustee and any other person who has control over the relationship (e.g. the trust administrator, programme manager or account signatories) could be considered as beneficial owners and the bank should take steps to identify them and verify their identities.

(b) Mutuals/friendly societies, cooperatives and provident societies

In a situation where such entities apply to open an account, the persons exercising control or significant influence over the entity's assets should be considered the beneficial owners and therefore identified and verified. This will often include board members as well as executives and account signatories.

(c) Professional Intermediaries

When a professional intermediary opens a customer account on behalf of a single customer, that customer must be identified. Professional intermediaries will often open "pooled" accounts on behalf of a number of entities. Where funds held by the intermediary are not co-mingled but "sub-accounts" are established, each of which attributable to a particular beneficial owner, the Guide recommends that all the beneficial owners of the account held by the intermediary should be identified. Where the funds are co-mingled, the Guide nevertheless says that the bank should look through the intermediary to the beneficial owners. However, the Guide does recognise that there could be exceptions where the bank does not need to look beyond the intermediary but such exceptions should be specifically provided for by law or in relevant supervisory guidance. One example would be where the intermediary itself is subject to due diligence standards in respect of its customer base which are equivalent to those applying to the bank itself.

Where such exceptions apply and an account is opened for an open or closed-end investment company, unit trust or limited partnership that is subject to customer due diligence requirements which are equivalent to those applying to the bank itself, the Guide states that the bank could treat this investment vehicle as its customer and take steps to identify:

  • The investment vehicle itself;
  • Its directors or any controlling board where the investment vehicle is a company;
  • Its trustee where the investment vehicle is a unit trust;
  • Its managing (general) partner where the investment vehicle is a limited partnership;
  • The account signatories; and
  • Any other person who has control over the relationship (such as the fund administrator or manager).

Where other types of investment vehicles are involved, steps similar to the above should be taken where appropriate.

The Guide may be obtained from the Basel Committee's website (https://www.bis.org/bcbs/publ/d353.pdf).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.