Relationships

(1) A relevant person must, in relation to each new business relationship, establish, record, maintain and operate the procedures and controls specified in sub-paragraph (3).

(2) Subject to sub-paragraph (4), the procedures and controls must be undertaken —

(a) before a business relationship is entered into; or

(b) during the formation of that relationship.

(3) Those procedures and controls are —

(a) identifying the customer;

(b) verifying the identity of the customer using reliable, independent source documents, data or information;

(c) verifying the legal status of the customer using reliable, independent source documents, data or information;

(d) obtaining information on the nature and intended purpose of the business relationship; and

(e) taking reasonable measures to establish the source of funds including where the funds are received from an account not in the name of the customer — (i) understanding and recording the reasons for this; (ii) identifying the account holder and on the basis of materiality and risk of ML/FT taking reasonable measures to verify the identity of the account holder using reliable, independent source documents, data or information; and (iii) if the account holder is assessed as posing a higher risk of ML/FT, satisfying the requirements in paragraph 15.3

(4) In exceptional circumstances the verification of the identity of the customer in accordance with sub-paragraphs (3)(b) and (c) may be undertaken after the formation of the business relationship if —

(a) it occurs as soon as reasonably practicable;

(b) the delay is essential so as not to interrupt the normal course of business;

(c) the customer has not been identified as posing a higher risk of ML/FT;

(d) the risks of ML/FT are effectively managed;

(e) the relevant person has not identified any unusual activity or suspicious activity;

(f) the relevant person’s senior management has approved the establishment of the business relationship and any subsequent activity until sub-paragraphs (3)(b) and (c) has been complied with; and

(g) the relevant person ensures that the amount, type and number of transactions is appropriately limited and monitored.

(5) Except as provided in sub-paragraph (4) and Part 6, where the requirements of this paragraph are not met, the procedures and controls must provide that—

(a) the business relationship must proceed no further;

(b) the relevant person must terminate the business relationship; and

(c) the relevant person must consider making an internal disclosure.

(1) A relevant person must, in relation to each continuing business relationship, establish, record, maintain and operate the procedures and controls specified in sub-paragraph (3).

(2) The procedures and controls must be undertaken during a business relationship as soon as reasonably practicable.

(3) Those procedures and controls are —

(a) an examination of the background and purpose of the business relationship;

(b) if satisfactory verification of the customer’s identity was not obtained or produced, requiring such verification to be obtained or produced in accordance with paragraph 8;

(c) if satisfactory verification of the customer’s identity was obtained or produced, a determination as to whether it is satisfactory; and

(d) if verification of the customer’s identity is not satisfactory for any reason, requiring that the relevant person takes measures to verify the customer’s identity in accordance with paragraph 8.

(4) The relevant person must keep written records of any examination, steps, measures or determination made or taken under this paragraph.

(5) Except as provided in Part 6, where the requirements of this paragraph are not met within a reasonable timeframe, the procedures and controls must provide that—

(a) the business relationship must proceed no further;

(b) the relevant person must consider terminating the business relationship; and

(c) the relevant person must consider making an internal disclosure

(1) A relevant person must, in relation to an occasional transaction, establish, record, maintain and operate the procedures and controls specified in subparagraph (3).

(2) The procedures and controls must be undertaken before the occasional transaction is entered into.

(3) Those procedures and controls are —

(a) identifying the customer;

(b) verifying the identity of the customer using reliable, independent source documents, data or information;

(c) verifying the legal status of the customer using reliable, independent source documents, data or information;

(d) obtaining information on the nature and intended purpose of the occasional transaction; and

(e) taking reasonable measures to establish the source of funds including, where the funds are received from an account not in the name of the customer — (i) understanding and recording the reasons for this; (ii) identifying the account holder and on the basis of materiality and risk of ML/FT taking reasonable measures to verify the identity of the account holders using reliable, independent source documents, data or information; and (iii) if the account holder is assessed as posing a higher risk of ML/FT, satisfying the requirements in paragraph 15.

(4) Subject to sub-paragraph (6), if the transaction is an exempted occasional transaction the requirements of sub-paragraphs (3)(b) and (c) cease to apply.

(5) Subject to sub-paragraph (6), if the transaction is an exempted occasional transaction the requirements of paragraph 12(2)(a)(ii) cease to apply.

(6) Sub-paragraphs (4) and (5) do not apply if —

(a) the customer is assessed as posing a higher risk of ML/FT; or

(b) the relevant person has identified any suspicious activity.

(7) Except as provided in sub-paragraphs (4) and (5) and Part 6, where the requirements of this paragraph are not met, the procedures must provide that—

(a) the occasional transaction is not to be carried out; and

(b) the relevant person must consider making an internal disclosure.