Back Matter

ANNEX I: Details of all Bodies met on the On-Site Mission—Ministries, Other Government Authorities or Bodies, Private Sector Representatives, and Others

1. Ministers, ministries and interagency committees

Office of the Chief Minister

Government of Gibraltar—Legislation Support Unit

Attorney-General’s Department

Department of Trade, Industry & Telecommunications—Finance Centre

AMLCFT Enforcement Committee

2. Operational, law enforcement, and intelligence agencies

Chief Justice Supreme Court

Co-Ordinating Centre for Criminal Intelligence and Drugs Customs

Financial Intelligence Unit

Royal Gibraltar Police

3. Supervisory bodies

Gibraltar Regulatory Authority

Financial Services Commission

Companies House (Registrar of Companies, Partnerships, and Trusts)

Board of Charities Commissioners

Bureaux de Change Committee

Office of Finance & Development Secretary Department

4. Financial institutions and designated non-financial businesses and professions

Armor Portfolio Management

Attias & Levy (lawyers)


Brian Francis (real estate)

Caledonian Insurance Brokers

Credit Suisse

Currency Centre

Fidecs Management

Finsbury Trust

Gala Casino

Gibraltar Asset Management

Gibraltar Savings Bank

Hassans (lawyers)

Jyske Bank

Sakata (Jewelers)

Sovereign Trust

Western Union

5. Professional bodies

Association of Trust and Company Managers

Bar Council

Gibraltar Association of Compliance Officers

Gibraltar Bankers’ Association

Gibraltar Gaming and Betting Association

Society of Chartered and Certified Accountants

Society of Trust and Estate Practitioners

ANNEX II: Copies Of Key Laws, Regulations and Other Measures

This annex contains:

1. Criminal Justice Ordinance 1995 includes ML offence (Sections 2 – 5).

2. Drug Trafficking Offences Ordinance – ML offence (sections 54 – 56).

3. Terrorism Ordinance 2005) – includes FT offence (Sections 5 – 8).

4. Anti-Money Laundering Guidance Notes (AMLGN).

Criminal Justice 1995-14


PART I. preliminary.


1. This Ordinance may be cited as the Criminal Justice Ordinance, 1995 and shall come into effect on such day as the Governor may, by notice in the Gazette appoint and different days may be so appointed for different purposes.

PART II. money laundering and other offences.

Assisting another to retain the benefit of criminal conduct.

2. (1) Subject to subsection (3), if a person enters into or is otherwise concerned in an arrangement whereby-

  • (a) the retention or control by or on behalf of another (“A”) of A’s proceeds of criminal conduct is facilitated (whether by concealment, removal from the jurisdiction, transfer to nominees or otherwise); or

  • (b) A’s proceeds of criminal conduct-

    • (i) are used to secure that funds are placed at A’s disposal; or

    • (ii) are used for A’s benefit to acquire property by way of investment,

knowing or suspecting that A is a person who is or has been engaged in criminal conduct or who has benefited from criminal conduct, he is guilty of an offence.

(2) In this section, references to any person’s proceeds of criminal conduct include a reference to any property which in whole or in part directly or indirectly represented in his hands his proceeds of criminal conduct.

(2A)(1) Where a person undertakes relevant financial business in accordance with section 8 and that person –

  • (a) knows or suspects that another person is engaged in money laundering;

  • (b) the information or other matter, on which that knowledge or suspicion is based came to his attention in the course of his trade, profession, business or employment; and

  • (c) he does not disclose the information or other matter to a customs or police officer as soon as is reasonably practicable after it comes to his attention,

  • he is guilty of an offence.

(2) A person is not guilty of an offence under subsection (1) if-

  • (a) that person is a notary, independent legal professional, auditor, external accountant or tax advisor, and

  • (b) the information has been obtained on or received from one of their clients -

    • (i) in the course of ascertaining the legal position for their client; or

    • (ii) whilst perforating the task of defending or representing that client in, or concerning judicial proceedings, including advice on instituting or avoiding proceedings,

whether such information is received or obtained before, during or after such proceedings.

(3) Where a person discloses to a Police or Customs Officer a suspicion or belief that any funds or investments are derived from or used in connection with criminal conduct or discloses to a Police or Customs Officer any matter on which a suspicion or belief is based-

  • (a) the disclosure shall not be treated as a breach of any restriction upon the disclosure of information imposed by statute or otherwise; and

  • (b) if he does any act in contravention of subsection (1) and the disclosure relates to the arrangement concerned, he does not commit an offence under this section if—

    • (i) the disclosure is made before he does the act concerned and the act is done with the consent of the Police or Customs Officer; or

    • (ii) the disclosure is made after he does the act. but is made on his initiative and as soon as it is reasonable for him to make it.

(4) In proceedings against a person for an offence under this section, it is a defence to prove–

  • (a) that he did not know or suspect that the arrangement related to any person’s proceeds of criminal conduct; or

  • (b) that he did not know or suspect that by the arrangement, the retention or control by or on behalf of A of any property was facilitated or, as the case may be. that by the arrangement any property was used, as mentioned in subsection (1); or

  • (c) that–

    • (i) he intended to disclose to a Police or Customs Officer such a suspicion, belief or matter as is mentioned in subsection (3) in relation to the arrangement; but

    • (ii) there is reasonable excuse for his failure to make disclosure in accordance with subsection (3)(b).

(5) In the case of a person who was in employment at the relevant time, subsections (3) and (4) shall have effect in relation to disclosures, and intended disclosures, to the appropriate person in accordance with the procedure established by his employer for the making of such disclosures as they have effect in relation to disclosures, and intended disclosures, to a Police or Customs Officer.

(6) A person guilty of an offence under this section shall be liable–

  • (a) on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both; or

  • (b) on conviction on indictment, to imprisonment for a term not exceeding fourteen years or to a fine or to both.

Drug Trafficking Offences 1995-06

  • (b) in any other case where forfeiture was ordered by the magistrates’ court, before the end of the period of 30 days mentioned in section 50(2).

Interpretation of Part IV.

53. In this Part–

  • “cash” includes coins and notes in any currency;

  • “exported”, in relation to any cash, includes it being brought to any place in Gibraltar for the purpose of being exported whether in the currency in which it is being brought or in some other currency to which it has been exchanged and by whatever means the export is, or is intended to be, effected.


Concealing or transferring proceeds of drug trafficking.

54. (1) A person is guilty of an offence if he–

  • (a) conceals or disguises any property which is, or in whole or in part directly or indirectly represents, his proceeds of drug trafficking, or

  • (b) converts or transfers that property or removes it from the jurisdiction,

for the purpose of avoiding prosecution for a drug trafficking offence or the making or enforcement in his case of a confiscation order.

(2) A person is guilty of an offence if. knowing or having reasonable grounds to suspect that any property is, or in whole or in part directly or indirectly represents, another person’s proceeds of drug trafficking, he–

  • (a) conceals or disguises that property, or

  • (b) converts or transfers that property or removes it from the jurisdiction,

for the purpose of assisting any person to avoid prosecution for a drug trafficking offence or the making or enforcement of a confiscation order.

(3) In subsections (l)(a) and (2)(a) the references to concealing or disguising any property include references to concealing or disguising its nature, source, location, disposition, movement or ownership or any rights with respect to it.

Assisting another person to retain the benefit of drug trafficking.

55. (1) Subject to subsection (3), a person is guilty of an offence if he enters into or is otherwise concerned in an arrangement whereby-

  • (a) the retention or control by or on behalf of another person (call him “A”) of A’s proceeds or drug trafficking is facilitated (whether by concealment, removal from the jurisdiction, transfer to nominees or otherwise), or

  • (b) A’s proceeds of drug trafficking–

    • (i) are used to secure that funds are placed at A’s disposal, or

    • (ii) are used for A’s benefit to acquire property by way of investment,

and he knows or suspects that A is a person who carries on or has carried on drug trafficking or has benefitted from drug trafficking.

(2) In this section, references to any person’s proceeds of drug trafficking include a reference to any property which in whole or in part directly or indirectly represented in his hands his proceeds of drug trafficking.

(3) Where a person discloses to a customs or police officer a suspicion or belief that any funds or investments are derived from or used in connection with drug trafficking or any matter on which such a suspicion or belief is based–

  • (a) the disclosure shall not be treated as a breach of any restriction upon the disclosure of information imposed by statute or otherwise; and

  • (b) if he does any act in contravention of subsection (1) above and the disclosure relates to the arrangement concerned, he does not commit an offence under this section if–

    • (i) the disclosure is made before he does the act concerned and the act is done with the consent of the customs or police officer; or

    • (ii) the disclosure is made after he does the act. but is made on his initiative and as soon as it is reasonable for him to make it.

    (4) In proceedings against a person for an offence under this section, it is a defence to prove-

    • (a) that he did not know or suspect that the arrangement related to any person’s proceeds of drag trafficking;

    • (b) that he did nor know or suspect that by the arrangement the retention or control by or on behalf of A of any property was facilitated or, as the case may be, that by the arrangement any property was used as mentioned in subsection (l)(b); or

    • (c) that—

      • (i) he intended to disclose to a customs or police officer such a suspicion, belief or matter as is mentioned in subsection (3) in relation to the arrangement, but

      • (ii) there is reasonable excuse for his failure to make disclosure as mentioned in paragraph (b)(i) or (ii) of that subsection.

    (5) In the case of a person who was in employment at the time in question, subsections (3) and (4) shall have effect in relation to disclosures, and intended disclosures, to the appropriate person in accordance with the procedure established by his employer for the making of such disclosures, as they have effect in relation to disclosures, and intended disclosures, to a customs or police officer.

    Acquisition, possession or use of proceeds of drug trafficking.

    56. (1) A person is guilty of an offence if, knowing that any property is, or in whole or in part directly or indirectly represents, another person’s proceeds of drug trafficking, he acquires or uses that property or has possession of it.

    (2) It is a defence to a charge of committing an offence under this section that the person charged acquired or used the property or had possession of it for adequate consideration.

    (3) For the purposes of subsection (2)–

    • (a) a person acquires property for inadequate consideration if the value of the consideration is significantly less than the value of the property; and

    • (b) a person uses or has possession of property for inadequate consideration if the value of the consideration is significantly less than the value of his use or possession of the property.

    (4) The provision for any person of services or goods which are of assistance to him in drug trafficking shall not be treated as consideration for the purposes of subsection (2).

    (5) Where a person discloses to a customs or police officer a suspicion or belief that any property is. or in whole or in part directly or indirectly represents, another person’s proceeds of drug trafficking, or discloses to a customs or police officer any matter on which such a suspicion or belief is based–

    • (a) the disclosure shall not be treated as a breach of any restriction upon the disclosure of information imposed by statute or otherwise; and

    • (b) if he does any act in relation to the property in contravention of subsection (1). he does not commit an offence under this section if–

      • (i) the disclosure is made before he does the act concerned and the act is done with the consent of the customs or police officer; or

      • (ii) the disclosure is made after he does the act, but is made on his initiative and as soon as it is reasonable for him to make it.

(6) For the purposes of this section, having possession of any property shall be taken to be doing an act in relation to it.

(7) In proceedings against a person for an offence under this section, it is a defence to prove that–

  • (a) he intended to disclose to a customs or police officer such a suspicion, belief or matter as is mentioned in subsection (5), but

  • (b) there is reasonable excuse for his failure to make the disclosure in accordance with paragraph (b) of that subsection.

(8) In the case of a person who was in employment at the time in question, subsections (5) and (7) shall have effect in relation to disclosures, and intended disclosures, to the appropriate person in accordance with the procedure established by his employer for the making of such disclosures as they have effect in relation to disclosures, and intended disclosures, to a customs or police officer.

(9) No customs or police officer or other person shall be guilty of an offence under this section in respect of anything done by him in the course of acting in connection with the enforcement, or intended enforcement of any provision of this Ordinance or of any other enactment relating to drug trafficking or the proceeds of drug trafficking.

Terrorism 2005-43

Terrorist property.

4.(1) In this Ordinance “terrorist property” means–

  • (a) money or other property which is likely to be used for the purposes of terrorism;

  • (b) proceeds of the commission of acts of terrorism; and

  • (c) proceeds of acts earned out for the purposes of terrorism.

(2) In subsection (1) a reference to proceeds of an act includes a reference to any property which wholly or partly, and directly or indirectly represents the proceeds of the act, including payments or other rewards in connection with its commission.

(3) Any reference to a person’s property (whether expressed as a reference to the property he holds or otherwise) is to be read as follows–

  • (a) in relation to land, it is a reference to any interest which lie holds in the land;

  • (b) in relation to property other than land, it is a reference—

    • (i) to the property, if it belongs to him; or

    • (ii) to any other interest which he holds in the property.

PART II Offences relating to finance, etc..

Raising funds for terrorism.

5.(1) A person commits an offence if that person–

  • (a) invites another to provide money or other property; and

  • (b) intends that it should be used, or has reasonable cause to suspect that it may be used, for the purposes of terrorism.

(2) A person commits an offence if that person–

  • (a) receives money or other property; and

  • (b) intends that it should be used, or has reasonable cause to suspect that it may be used, for the purposes of terrorism.

(3) A person commits an offence if that person–

  • (a) provides money or other property; and

  • (b) knows or has reasonable cause to suspect that it will or may be used for the purposes of terrorism.

(4) In this section a reference to the provision of money or other property is a reference to its being given, lent or otherwise made available, whether or not for consideration.

Use and possession of money or other property for terrorism.

6.(1) A person commits an offence if that person uses money or other property for the purposes of terrorism.

(2) A person commits an offence if that person–

  • (a) possesses money or other property; and

  • (b) intends that it should be used, or has reasonable cause to suspect that it may be used, for the purposes of terrorism.

Arranging funds for terrorism.

7. A person commits an offence if that person–

  • (a) enters into or becomes concerned in an arrangement as a result of which money or other property is made available or is to be made available to another; and

  • (b) knows or has reasonable cause to suspect that it will or may be used for the purposes of terrorism.

Arrange me tit for retention or control of terrorist property.

8.(1) A person commits an offence if that person enters into or becomes concerned in an arrangement of terrorist property–

  • (a) by concealment;

  • (b) by removal from the jurisdiction;

  • (c) by transfer to nominees; or

  • (d) in any other way,

which facilitates the retention or control by or on behalf of another person of such property.

(2) It is a defence for a person charged with an offence under subsection (1) to prove that that person did not know and had no reasonable cause to suspect that the arrangement related to terrorist property.

Part I

A. What Is Money Laundering?

1-1 Money Laundering is the process by which criminals attempt to conceal or disguise the true origin and ownership of the proceeds of their criminal activities. If undertaken successfully, it also allows them to maintain control over those proceeds and, ultimately, to provide a legitimate cover for their source of income thus avoiding prosecution, conviction and confiscation of the criminal funds.

1-2 Money laundering is a global phenomenon that affects all countries in varying degrees. By its very nature it is a hidden activity and therefore the scale of the problem and the amount of criminal money being generated each year is impossible to measure accurately. However, failure to prevent the laundering of the proceeds of crime permits criminals to benefit from their actions, thus making crime a more attractive proposition.

B. The Need To Combat Money Laundering

1-3 In recent years there has been a growing recognition that it is essential to the fight against crime that criminals be prevented, whenever possible, from legitimising the proceeds of their activities by converting funds from “dirty” to “clean”.

1-4 The ability to launder the proceeds of criminal activity through the financial system is vital to the success of criminal operations. Those involved have to exploit the world’s financial sector businesses if they are to benefit from the proceeds of their activities. The unchecked use of the financial systems for this purpose has the potential to undermine individual financial institutions, and ultimately the entire financial sector. The increased integration of financial markets, and the removal of barriers to the free movement of capital, have enhanced the ease with which criminal money can be laundered and complicate the tracing process.

1-5 The long term success of any of the world’s financial sectors depends on attracting and retaining legitimately earned funds. Criminally earned money is invariably transient in nature. It damages reputations and deters the honest investor. Gibraltar, as a financial centre, has an important role to play in combating money laundering. Financial institutions and intermediaries which become involved in money laundering risk likely prosecution, the loss of their good market reputation, and damaging the reputation of Gibraltar.

1-6 Money laundering was traditionally thought to be associated solely with banks, other credit institutions and bureaux de change. Efforts to combat money laundering have traditionally been targeted towards this sector. However, money launderers have adapted rapidly to the defence systems put up in these sectors and have shifted their attention to less conventional parts of the financial system particularly in the initial conversion from cash. Non-bank financial institutions have therefore become progressively more vulnerable to money laundering.

C. Stages Of Money Laundering

1-7 There is no one method of laundering money. Methods can range from the purchase and resale of a luxury item (e.g. a car or jewellery) to passing money through a complex international web of legitimate businesses and ‘shell’ companies (i.e. those companies that primarily exist only as named legal entities without any trading or business activities). There are a number of crimes where the initial proceeds usually take the form of cash which needs to enter the financial system by some means. Street level purchases of drugs are almost always made with cash. Equally, however, it is emphasised that there are also many crimes (particularly the more sophisticated ones) where cash is not involved.

1-8 Despite the variety of methods employed, the laundering process is accomplished in three stages which may comprise numerous transactions by the launderers that could alert a financial institution to criminal activity -

  • Placement - the physical disposal of the initial proceeds derived from illegal activity.

  • Layering - separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide anonymity.

  • Integration - the provision of apparent legitimacy to criminally derived wealth. If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing as normal business funds.

1-9 The three basic steps may occur as separate and distinct phases. They may occur simultaneously or, more commonly, may overlap. How the basic steps are used depends on the available laundering mechanisms and the requirements of the criminal organisations.

1-10 Money Laundering risks and prevention had traditionally centred on the entry of cash into a financial system. This is no longer the case. It must be recognised that most money laundering centres around the placement and layering stages. As such, institutions must guard against use of investment vehicles, corporate or other legal structures that could be used as part of a money laundering scheme. It is seldom the case that one transaction or business relationship encompasses the entire money laundering operation hence why adequate KYC procedures must exist within an institution to determine if the activity being conducted through it may form part of a larger money laundering scheme.

D. The Different Risks of the Financial System to Money Laundering

1-11 Money launderers have sought means to convert the illegally earned cash or to mix it with legitimate cash earnings before it enters the financial system, thus making it harder to detect at the placement stage. Equally, many money launderers have also penetrated the financial system and now merely seeking to disguise further the origins of the criminal activity. Where, for example, such crime involves corruption or dissipation of a country’s assets, these benefits are more likely to manifest themselves within the existing financial system rather than from the outside. The use of a wide range of products offered by institutions and used by criminals facilitates the furtherance of the money launders aims. Institutions should consider the money laundering risks posed by the products and services they offer, particularly where there is no face-to-face contact with the customer, and devise their procedures with due regard to those risks.

1-12 Although it may not appear obvious that the products might be used for money laundering purposes, vigilance is necessary throughout the financial system to ensure that weaknesses cannot be exploited.

1-13 Some of the lowest risk products are those in which funds can only be received from a named investor by way of payment from an account held in the name of the investor and where the funds can only be returned to the named investor. However, whilst some products present a lower risk, no financial sector product or service is immune from the laundering process.

1-14 The highest risk products or services are those where unlimited third party funds can be freely received, or where funds can be paid to third parties.

1-15 Institutions who deal direct with the public may be used at the initial placement stage, particularly if they receive cash. The liquidity of some products may attract money launderers since it allows them quickly and easily to move their money from one product to another, mixing lawful and illicit proceeds and integrating them into the legitimate economy.

1-16 Financial services providers conducting relevant financial business in liquid products are clearly most vulnerable to use by money launderers, particularly where they are of high value. Payment in cash is likely to need further investigation, particularly where it cannot be supported by evidence of a cash based business as the source of funds.

1-17 Institutions and intermediaries must therefore keep transaction records that are comprehensive enough to establish an audit trail. Such records can also provide useful information on the people and organisations involved in laundering schemes.

1-18 Thus efforts to combat money laundering largely focus on those points in the process where the launderer’s activities are more susceptible to recognition and have therefore to a large extent concentrated on the deposit taking procedures of banks and building societies i.e. the placement stage.

1-19 Money transmission and lending services, are vulnerable to being used in the layering and integration stages of money laundering as well as the placement stage. Electronic funds transfer systems increase the vulnerability by enabling the cash deposits to be switched rapidly between accounts in different names and different jurisdictions.

1-20 Mortgage and other loan accounts may be used as part of this process to create complex layers of transactions.

1-21 Some banks and building societies may additionally be susceptible to the attention of the more sophisticated criminal organisations and their “professional money launderers”. Such organisations, possibly under the disguise of front companies and nominees, may create large scale but false international trading activities in order to move their illicit monies from one country to another. They may create the illusion of international trade using false/inflated invoices to generate apparently legitimate international wire transfers, and may use falsified/bogus letters of credit to confuse the trail further. Many of the front companies may even approach their bankers for credit to fund the business activity. Banks and building societies offering international trade services should be on their guard for laundering by these means.

1-22 Investment businesses are more likely to find themselves being used at the layering and integration stages of money laundering. The liquidity of many investment products particularly attracts sophisticated money laundering since it allows them quickly and easily to move their money from one product to another, mixing lawful and illicit proceeds and integrating them into the legitimate economy. Investment businesses are also able to transfer monies across borders quickly and efficiently. Complex and sophisticated new investment products that are constantly being introduced and the lack of measures in emerging markets offer considerable potential to the money launderer.

1-23 Although it may not appear obvious that insurance and retail investment products might be used for money laundering purposes, vigilance is necessary throughout the financial system to ensure that non traditional banking products and services are not exploited.

1-24 Intermediaries and product providers who deal direct with the public may be used at the initial placement stage of money laundering, particularly if they receive cash. Premiums on insurance policies may be paid in cash, with the policy subsequently being cancelled in order to obtain a return of premium (e.g. by cheque), or an insured event may occur resulting in a claim being paid out. Retail investment products are, however, more likely to be used at the layering and integration stages. The liquidity of a unit trust may attract money launderers since it allows them quickly and easily to move their money from one product to another, mixing lawful and illicit proceeds and integrating them into the legitimate economy.

1-25 Lump sum investments in liquid products are clearly most vulnerable to use by money launderers, particularly where they are of high value. Payment in cash should merit further investigation, particularly where it cannot be supported by evidence of a cash based business as the source of funds.

1-26 Insurance and investment product providers and intermediaries should therefore keep transaction records that are comprehensive enough to establish an audit trail. Such records can also provide useful information on the people and organisations involved in laundering schemes.

1-27 Corporate vehicles, trust structures and nominees are firm favourites with money launderers as a method of layering their proceeds. Providers of these services can find themselves much in demand from criminals.

1-28 The facility with which currency exchanges can be effected through a bureau is of particular attraction especially when such changes are effected in favour of a cheque or gold bullion.

Part II What the Gibraltar Law Requires14

E. Assistance

2-1 The combined effect of the statutes (listed in Part I) is to make it an offence for any person to provide assistance to a criminal to obtain, conceal, retain or invest funds if that person knows or suspects that those funds are the proceeds of criminal conduct. Such assistance is punishable on conviction on indictment by a maximum of 14 years imprisonment or a fine, or to both. A person who undertakes a relevant financial business is required under the statutes to report his knowledge or suspicion to the law enforcement agencies as soon as it is reasonably practicable after it comes to his attention.

2-2 The term “criminal conduct” includes any indictable offence wherever committed which would constitute an indictable offence if committed in Gibraltar. This includes (but is not limited to) corruption, drug trafficking offences, terrorist activity, the financing of terrorism, major thefts and fraud, robbery, forgery and counterfeiting, illegal deposit taking, blackmail and extortion.

F. Fiscal Offences

2-3 Individuals and companies may legitimately avoid tax, by arranging their affairs in such a way as to minimise their liability to it. Financial sector staff need to be aware that criminals may claim “tax avoidance” as a reason for obscuring the origin of money from criminal activities. On the one hand, such claims cannot always be taken at face value, but on the other hand, a financial institution has no positive obligation to establish whether a customer has paid tax due from him.

2-4 Evasion of taxation within Gibraltar will usually involve the commission of one of a number of indictable offences under the general criminal code e.g. false declaration, false accounting, with the object of escaping or reducing a tax liability. Mere suspicion on the part of an institution or its employee that a customer was intending to commit a tax offence is not sufficient. There would need to be a suspicion that:

  • a related indictable offence had actually been committed; and

  • the benefit from that offence formed part of a transaction or series of transactions in which the institution was involved.

2-5 Although a similar offence committed abroad would be caught, it cannot be assumed that all overseas tax offences are indictable offences in Gibraltar and therefore reportable as such. Mere suspicion that a customer or client is placing money in, or moving money through, Gibraltar with the intention of committing an offence against an overseas tax authority is not sufficient. Institutions will not often be aware of the whole picture relating to the financial affairs of their clients and will not under such circumstances be able to determine what tax liabilities might exist and whether they had been discharged. It is doubtful whether an institution would be expected to know, or be in a position to form a genuine suspicion if, for example, a customer held accounts elsewhere through which the tax could have been paid.

2-6 Financial institutions may reasonably assume that customers will meet their tax liabilities unless there is some reason to suspect otherwise, although they should not be taken in too easily by the tax avoidance excuse. Money launderers involved in other crimes may seek to explain transactions that might appear to be suspicious as being for the purposes of legal tax avoidance and financial institutions should remain on their guard. Such statements should not necessarily be taken at face value. If criminal conduct is suspected, then the normal reporting obligations apply. However, each suspected case would need to be examined in the light of its particular circumstances.

G. Tipping Off

2-7 It is also an offence for anyone to prejudice an investigation by informing the person who is the subject of a suspicion, or any third party, that a disclosure has been made, or that the authorities are acting, or are proposing to act, in connection with an investigation into money laundering. Preliminary enquiries of a customer to verify identity or to ascertain the source of funds or the precise nature of the transaction being undertaken will not trigger a tipping off offence before a suspicions report has been submitted in respect of that customer unless the enquirer knows that an investigation is underway or that the enquiries are likely to prejudice an investigation. Where it is known or suspected that a suspicions report has already been disclosed to a Police or Customs Officer and it becomes necessary to make further enquiries, great care should be taken to ensure that customers do not become aware that their names have been brought to the attention of the law enforcement agencies. The punishment for this ‘tipping-off’ offence is a maximum of five years imprisonment or a fine, or both.

H. Failure To Report

2-8 It is also an offence for any person who conducts a relevant financial business who acquires knowledge or a suspicion of money laundering in the course of his trade, profession, business, or employment not to report the knowledge or suspicion of money laundering as soon as it is reasonably practicable after the information came to his attention. Failure to report in these circumstances is punishable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale, or both or on conviction on indictment for a term not exceeding fourteen years or to a fine, or to both.

2-9 In the case of a person who is employed by an institution, internal reporting in accordance with the procedures laid down by the employer will satisfy this requirement. (See Part VI - Recognition and Reporting of Suspicious Transactions). The legislation protects those reporting suspicions of money laundering from claims in respect of any alleged breach of client confidentiality.

I. Constructive Trust

2-10 A number of concerns have been raised about possible conflicts between the civil and criminal law in the area of constructive trusteeship, as a result of the duty to report suspicious transactions in respect of crimes other than drug trafficking and terrorist transactions. Although each case must be considered on its facts, guidance on reporting procedures is provided in Part 6.

J. Terrorist Financing

2-11 The Terrorism (United Nations Measures) (Overseas Territories) Order 2001 (the “Order”) makes financing of terrorism an offence. Terrorism itself is defined as the use or threat of action where:

  • the use or threat is designed to influence the government or to intimidate the public or a section of the public, and the use or threat is made for the purpose of advancing a political, religious or ideological cause;

  • where the action involves serious violence against a person, serious damage to property, endangers a person’s life, other than that of the person committing the action, creates a serious risk to the health or safety of the public or a section of the public, or is designed seriously to interfere with or seriously to disrupt an electronic system;

  • the use or threat of action above involves the use of firearms or explosives is terrorism whether or not the first condition is satisfied;

2-12 The financing of terrorism is dealt with in under two separate offences:

  • The collection of funds;

    • inviting another to provide funds;

    • receiving funds;

    • providing funds;

      intending that they should be used, or knowing that they may be used, for the purposes of terrorism.

  • Making funds available. Any person who makes any funds or financial (or related) services available directly or indirectly to or for the benefit of;

    • a person who commits, attempts to commit, facilitates or participates in the commission of acts of terrorism;

    • a person controlled or owned directly or indirectly by a person above; or

    • a person acting on behalf, or at the direction, of that person.

2-13 Terrorists often control funds from a variety of sources from around the world and increasingly, employ sophisticated techniques to fund their activities and move money between different jurisdictions.

2-14 Terrorist groups are known to have links with organised criminal activity. However, there are two major differences;

  • often small amounts are required to commit terrorist activities;

  • terrorists can be funded from legitimately obtained income, including charitable donations and it may not, therefore, be clear when legitimate earnings become terrorist funds.

2-15 The risk of terrorist financing entering the financial system can be reduced if institutions apply anti-money laundering systems of control, particularly in respect of Know You Customer procedures and source of funds verification.

K. Failure to disclose knowledge or suspicion of offences

2-16 The Order requires a “relevant institution” to report to the Governor where it knows or suspects that a person is or has been a customer of that institution or with whom the institution has had dealings with is a terrorist, or a person who receives funds in relation to terrorism or makes funds available for terrorism.

2-17 A “relevant institution” for the purposes of the Order is either a bank or an EEA bank branch in Gibraltar or a Building Society.

L. Measures to prevent the use of the financial system for the purposes of money laundering. (“The Sections”). Part III, Sections 6 to 22, of the Criminal Justice Ordinance 1995.

2-18 Although the substantive law applies to all persons and businesses the Sections place additional administrative requirements on the financial services sector. Section 8 lists the relevant financial business which is covered and defines such business as engaging in any one or more of the following:

  • deposit taking business of banks, bank branches and building societies;

  • business of the Savings Bank;

  • investment business as defined by the Financial Services Ordinances 1989 and 1998;

  • any of the activities listed in the annex to the Banking Coordination Directive with the exception of credit reference services (see Error! Reference source not found.);

  • insurance business as defined by Article 6 of the First Life Directive

  • auditor, external accountant or tax advisor;

  • real estate agent;

  • notary or other independent legal professional, when participating whether-

    • by assisting in the planning or execution of transactions for their client concerning the-

      1. buying and selling of real property or business entities; or

      2. managing of client money, securities or other assets; or

      3. opening or management of bank, savings or securities accounts; or

    • by acting on behalf of and for their client in any financial or real estate transaction;

  • the business of acting as a company manager, professional trustee, insurance intermediary or insurance manager as defined by the Financial Services Ordinance 1989;

  • dealer in high value goods whenever payment is made in cash and in an amount of EUR 15 000 or more;

  • casinos;

  • currency exchange office / bureau de change;

  • money transmission / remittance office.

2-19 These guidance notes only cover the following financial services providers;

  • Banks and Building Societies whether or not operating in or from Gibraltar as a branch or locally incorporated institution;

  • The Gibraltar Savings Bank;

  • Investment Businesses and Controlled Activities conducted under an authorisation granted under the Financial Services Ordinances 1989 or 1998 (this includes investments services, company management, professional trusteeship, insurance management and insurance intermediation);

  • Life insurance companies;

  • Currency exchangers/bureau de change;

  • Money transmission/remittance offices.

These Guidance Notes refer to these persons as ‘institutions’ throughout.

2-20 The Sections do not state that the activities covered must be the principal activities carried out by a business and, therefore, institutions undertaking any of the activities listed will need to assess the extent to which the relevant financial business they undertake is subject to the Sections and take a common sense approach as to where their activities cease to be applicable for the purposes of the Sections.

2-21 Section 9 requires the institutions concerned to establish and maintain specific policies and procedures and training programmes to prevent their businesses and the financial system being used for the purposes of money laundering. In essence, these procedures are designed to achieve two purposes: firstly, to enable suspicious activities to be recognised as such and reported to the authorities; secondly, to ensure that a business can provide its part of the audit trail. These requirements cover:

  • internal controls and communication of policies (Part III);

  • identification procedures (Part IV);

  • record keeping (Part V);

  • recognition of suspicious transactions and reporting procedures (Part VI);

  • education and training of relevant employees (Part VII).

2-22 Each of these subjects is covered by separate sections of these Guidance Notes as indicated above.

2-23 Failure to comply with any of the requirements of the Sections constitutes an offence punishable by a maximum of 2 years imprisonment or a fine, or both. This is irrespective of whether money laundering has actually taken place. (Subsection 9(2)).

M. The Role of The Supervisory Authorities

2-24 The requirement to maintain procedures to counter money laundering is a statutory one and there are criminal penalties for failure to comply. Against this background, failure to maintain the procedures outlined in the Sections may well raise questions about an institution’s “fitness and properness”. Hence the supervisory authorities will, in the exercise of their supervisory responsibilities, take a close interest in institutions’ compliance with the Sections and these Guidance Notes. As the introduction to these Guidance Notes make clear compliance with these notes are compulsory and as such the Financial Services Commission will view those institutions who do not adhere to them as failing to meet the conditions under which their authorisation was granted.

2-25 The Commissioner appointed under the Financial Services Commission Ordinance has informed all authorised banks, insurance companies, investment businesses and businesses conducting controlled activities that failure to install or maintain adequate policies and procedures relating to money laundering would be taken into account in considering whether the minimum criteria for authorisation continued to be met. They have also advised all these institutions that these Guidance Notes would be used as the criteria against which they will assess the adequacy of an institution’s systems to counter money laundering.

2-26 The Sections also require the supervisory authorities themselves to report any information they obtain which, in their opinion, indicates that any person has or may have been engaged in money laundering and to disclose that information to the law enforcement authorities.

Part III Internal Controls Policies and Procedures

3-1 To comply with the Sections all institutions need to establish clear responsibilities and accountabilities within their organisations to ensure that policies, procedures, and controls are introduced and maintained which can deter criminals from using their facilities for money laundering, thus ensuring that they comply with their obligations under the law.

3-2 Institutions must appoint an “appropriate person,” referred to in these guidance notes as the “Money Laundering Reporting Officer (‘MLRO’),” to undertake the role of central point of contact with the law enforcement agencies to handle suspicious transaction reporting.

3-3 The central reception of the law enforcement agencies for disclosure of suspicions by the MLRO shall be the Gibraltar Financial Intelligence Unit (“GFIU”).

3-4 All institutions must:

  • i introduce procedures for the prompt validation of suspicions and subsequent reporting to the Gibraltar Financial Intelligence Unit;

  • ii provide the MLRO with the necessary access to systems and records to fulfil this requirement;

  • iii establish close co-operation and liaison with GFIU (see Part VI of these Guidance Notes).

3-5 As good practice, businesses are recommended to make arrangements to verify, on a regular basis, compliance with policies, procedures, and controls relating to money laundering activities, in order to satisfy management that the requirement in the Sections to maintain such procedures has been discharged. Larger institutions may wish to ask their internal audit or compliance departments to undertake this role. Smaller institutions may wish to introduce a regular review by management.

3-6 It is important that the procedures and responsibilities for monitoring compliance with and effectiveness of money laundering policies and procedures are clearly laid down by all financial institutions.

3-7 Gibraltar is concerned with money laundering which takes place in Gibraltar and does not seek to apply its money laundering legislation extra-territorially (i.e. within other countries). However, where a Gibraltar institution has overseas branches, subsidiaries or, associates where control can be exercised, it is required that a group policy be established to the effect that all overseas branches and subsidiaries should ensure that its anti-money laundering strategies, internal controls, procedures and processes are undertaken at least to the standards required under Gibraltar law or, if the standards in the host country are more rigorous, to those higher standards. Reporting procedures and the offences to which the money laundering legislation in the host country relates must nevertheless be adhered to in accordance with local laws and procedures. Where local laws prohibit the application of Gibraltar equivalent practices, or higher standards, the institution must inform the FSC of this.

3-8 Where suspicions of money laundering in overseas operations of an institution arise, these must be reported within the jurisdiction where this arose and the records of the related transactions are held, there may also be a requirement for a report to be made to GFIU.

3-9 It is recognised that the financial sector encompasses a wide and divergent range of businesses, from large corporations to small independent operations. It is equally recognised that the extent of necessary procedures and controls will also vary in relation to size of the organisation. Practices within all companies, businesses and firms should be agreed within each organisation corresponding to the size and structure of the institution in question. It will be necessary to ensure that relevant staff are adequately trained to address the issue of money laundering. (See Part VII.) 3-10 Whilst there is a statutory obligation to establish and maintain procedures for the purpose of forestalling and preventing money laundering in the ordinary course of business, there is nothing that requires institutions to install specific systems to detect money laundering activities.

N. Anonymous or fictitious names

3-11 No institution may maintain accounts or business relationships which are either anonymous or in fictitious names.

Part IV Why should an institution identify its customer?

4-1 Having sufficient information about your customer - “knowing your customer” (KYC) - and making use of that information underpins all anti-money laundering efforts, and is the most effective defence against being used to launder the proceeds of crime. If a customer has established an account using a false identity, s/he may be doing so to defraud the institution itself, or to ensure that s/he cannot be traced or linked to the crime the proceeds of which the institution is being used to launder. A false name, address. or date of birth will usually mean that law enforcement agencies cannot trace the customer if s/he is needed for interview as part of an investigation.

4-2 Sections 11 and 13 of the Criminal Justice Ordinance require all institutions to seek satisfactory evidence of the identity of those with whom they deal (referred to in these Guidance Notes as verification of identity). Unless satisfactory evidence of the identity of potential customers is obtained in good time, the business relationship must not proceed.

4-3 When a business relationship is being established, the nature of the business that the customer expects to conduct with the institution must be ascertained at the outset to establish what might be expected later as normal activity. This information should be updated as appropriate, and as opportunities arise. In order to be able to judge whether a transaction is or is not suspicious, institutions need to have a clear understanding of the business carried on by their customers.

4-4 An institution must establish to its satisfaction that it is dealing with a real person (natural, corporate or legal), and must verify the identity of persons who are authorised to operate any bank or investment account, or transact business for the customer. Whenever possible, the prospective customer should be interviewed personally.

4-5 The verification procedures needed to establish the identity of a prospective customer should basically be the same whatever type of account or service is required. The best identification documents possible should be obtained from the prospective customer i.e. those that are the most difficult to obtain illicitly. No single piece of identification can be fully guaranteed as genuine, or as being sufficient to establish identity so verification will generally be a cumulative process.

4-6 The Sections require that records of the verification of identity must be retained for five years after an account is closed or the business relationship ended (see Part V - Record Keeping).

Identification Procedures

4-7 The Sections setting out identification requirements do not specify what may or may not represent satisfactory evidence of identity. This part of the Guidance Notes, therefore, sets out best practice in relation to the systems and controls to be operated by institutions. The overriding principle is that every institution must know who their customers are, and have the necessary documentary evidence to verify this.

Who should an institution identify?

O. Definitions and explanations of terms

4-8 Whenever the opening of a business relationship is being considered, or a one-off transaction or series of linked transactions of €15,000 or more is to be undertaken, identification procedures must be followed. Identity must also be verified in all cases where money laundering is known, or suspected.

4-9 Once verification of identity has been satisfactorily completed, no further evidence is needed when other transactions are subsequently undertaken. Records must be maintained as set out Part V, and information should be updated or reviewed as appropriate.

4-10 The meaning of “Applicant for Business”, “Business Relationship” and “One-Off Transaction” are essential to an understanding of this guidance, and these terms are defined below.

4-11 It is important to determine whether the applicant for business is undertaking a one-off transaction, or whether the transaction is the initial step in an ongoing business relationship as this can affect the verification requirements. The same transaction may be viewed differently by an institution and by an introducing intermediary depending on their respective relationships with the applicant for business. Therefore, where a transaction involves an intermediary, both the institution and the intermediary must separately consider their positions, and ensure that their respective obligations regarding verification of identity and associated record keeping are met.

4-12 For example, from a life company’s viewpoint, most dealings with an applicant will fall within the definition of a business relationship, as even with single premium contracts there will generally be an intention to establish an on-going relationship with the customer. For a unit trust manager, an applicant may be making a one-off purchase, or entering into a business relationship in the form of a regular savings plan. If an intermediary is involved, it may be dealing with an applicant to a life company or a fund operator within the context of a business relationship, or as an occasional customer undertaking a one-off transaction. Most transactions undertaken by exchange bureaux will be one-off transactions.

4-13 When a client agreement is entered into, or a terms of business letter exchanged, this of itself will not automatically trigger the requirement to verify identity. However, steps should be taken to ensure that verification of identity is completed before any relevant financial business is undertaken, unless the transaction is covered by an exemption and money laundering is not suspected. An institution may, of course, choose to verify identity at the outset to avoid delays at a later stage when its customer wants to transact business.

P. “Applicant For Business”

4-14 The person whose identity must be verified is described throughout the Sections as an “applicant for business”. Who this is will vary:

  • a customer dealing on his own behalf is clearly the applicant for business;

  • when a customer is acting as agent for a principal (for example, as authorised manager of a discretionary investment service for clients) and deals in his own name on behalf of an underlying client, then it is the customer acting as the agent, and not his client, who is the institution’s applicant for business. The underlying client may well be, in turn, an applicant for business so far as the agent is concerned;

  • when a person wants an investment to be registered in the name of another (e.g. a grandchild), it is the person who provides the funds who should be regarded as the applicant for business, rather than the registered owner;

  • when an intermediary introduces a client to an institution, but in the client’s name rather than that of the intermediary is given as the investor, it is the underlying client who is the institution’s applicant for business;

  • when a customer seeks advice, or access to an execution-only dealing service, in his own name and on his own behalf, he is clearly the applicant for business;

  • when a professional agent introduces a third party to an institution so that the third party may be given advice, and/or make an investment in his own name, then it is the third party (not the introducer) who is the institution’s applicant for business;

  • when an individual claiming to represent a company, partnership or another legal entity applies for business, then the applicant for business will be the entity, the identity or existence of which should be verified, rather than that of any individual

  • when a company manager or company formation agent introduces a client company, it is the client company which is the applicant for business;

  • when a trust is introduced, it is the settlor that is the applicant for business.

4-15 These distinctions are important since they are relevant in determining the correct procedures for verification of identity where this is required.

Q. “Business Relationship” And “One-Off Transactions”

4-16 It is important to determine whether the applicant for business is seeking to establish a “business relationship” with the institution, or is an occasional customer undertaking a “one-off transaction”. This may affect the verification requirements.

4-17 Section 7(2) defines a “business relationship” as any arrangement between two or more persons designed to facilitate transactions between the parties on a “frequent, habitual or regular” basis where the monetary value of dealings in the course of the arrangement is not known, or capable of being ascertained at the outset.

4-18 A “one-off transaction” means any transaction carried out other than in the course of an established business relationship. The Sections cover sales transactions as well as purchases. Where business is undertaken whether on a one-off basis, or when a series of small deals is placed whether with the same or different product provider, identification procedures will be required on the part of the institution if these, as single or linked transactions, amount to €15,000 or more. An institution may have no obligation to verify identity, if it is not involved in any single transaction, or series of linked transactions, totalling €15,000 or more, or if the applicant is an existing customer.

Adopting a risk based approach to KYC

4-19 KYC processes conducted using a “tick box” approach add no value to the Anti-Money Laundering Regime or in combating the financing of terrorism. Institutions may favour the adoption of such an approach as set procedures are easily handled by members of staff. However, such an approach shows little understanding of the real risks posed to the institutions and frequently only serves to annoy customers.

4-20 It is therefore more important that when conducting KYC processes or remediation procedures, the approach to customers and the level of detail/documentation required be adapted according to the risk posed by the customer, the level and nature of the business, the risk tolerance of the institution and any existing relationships with that customer.

4-21 Institutions must therefore design and adapt their KYC processes and remediation processes using a risk-based methodology.

4-22 The identification requirements set out below are therefore the minimum that would be expected to be documented.

Establishing the identity of Key Underlying Principals

4-23 Because the nature of the applicant for business may change as the business relationship develops it is advantageous for the institution who makes initial contact with the applicant for business to identify and seek to conduct KYC process of all key underlying principals at the early stages.

4-24 For example, an individual may approach a company manager to establish a company through which he intends to conduct his investment business activity. For the Company Manager the applicant for business will be that individual, who is also likely to be the beneficial owner. The KYC processes described below clearly impose a requirement on the company manger to conduct KYC on the individual only. However, that company, once formed, will approach a bank for a bank account or an asset manager to handle the beneficial owner’s investments. For the bank or asset manager, the “applicant for business” will be the company itself and the KYC processes for that institution is wider than for the company manager.

4-25 If the company has appointed third party directors or will allow other people to operate the bank account, the bank or asset manager are obliged to seek KYC on those persons as well.

4-26 It would therefore make sense that this information be sought from the company manager who, if they fall under the definition of eligible introducer, may provide the bank or asset manager with all the KYC documentation without the need for them to do this independently.

4-27 Where possible, institutions should seek and obtain KYC documentation on all key underlying individuals which may be required by other institutions at the commencement of the business relationship.

What constitutes a person’s identity?

R. The two aspects of a KYC process

4-28 When referring to a performing KYC on an applicant for business a distinct needs to be drawn between the physical person and the nature and scope of the activity that is to be conducted (which includes determining the source of funds or wealth).

The physical person

4-29 Identity generally means a set of attributes which uniquely define a natural or legal person. There are two main constituents of a person’s identity, remembering that a person may be any one of a range of legal persons (an individual, body corporate, partnership, etc). For the purposes of this guidance, the two elements are:

  • the physical identity (e.g. name, date of birth, registration number); and

  • their address.

4-30 Confirmation of a person’s address is useful in determining whether a customer is resident in a high-risk country. Knowledge of both residence and nationality may also be necessary, in a non money laundering context, to avoid breaches of UN or other international sanctions to which Gibraltar is a party. Where a passport is taken as evidence, the number, date and place of issue should be recorded.

Nature and scope of activity

4-31 The other main element in a person’s identity is sufficient information about the nature of the business that the customer expects to undertake, and any expected or predictable, pattern of transactions. For some business these may be obvious, however, for more complex businesses this may not be the case. The extent of the description required will depend on the institution’s own understanding of the applicant’s business.

4-32 When commencing a business relationship, institutions must record the purpose and reason for establishing the business relationship, and the anticipated level and nature of activity to be undertaken. The extent of documentary evidence will depend on the nature of the product or service. For example, a single premium insurance policy need involve only one transaction whereas savings or deposit accounts may involve a large number of transactions. Documentation about the nature of the applicant’s business should also cover the origin of funds to be used during the relationship. For example, funds may be transferred from a bank or the applicant’s employer, or be the proceeds of a matured insurance policy.

4-33 A proportionate and risk-based approach will be needed to determine what information is to be collected and verified for these purposes. For low risk cases institutions should record, as minimum and to a level of “plausible verifiability”:

  • the purpose and reason for establishing the business relationship;

  • the anticipated level and nature of the activity that will be conducted;

  • the expected source of the funds that will be used within the relationship.

4-34 For higher risk cases, the institution must seek to independently verify the above.

4-35 Once a business relationship has been established, reasonable steps should be taken by the institution to ensure that descriptive information is kept up to date as opportunities arise. It is important to emphasise that the customer identification process do not end at the point of application. The need to confirm and update information about identity, such as changes of address, and the extent of additional KYC information to be collected over time will differ from sector to sector and between firms within any sector. It will also depend on the nature of the product or service being offered, and whether personal contact is maintained enabling file notes of discussion to be made or whether all contact with the customer is remote.

S. Personal Applicants for Business

4-36 Where verification of identity is required, the following information must be obtained from all individual applicants for business, and should be independently verified by the institution itself:

  • true name and/or names used;

  • a current address.

Details of occupation/employment and sources of wealth or income should be recorded to a level of “plausible verifiability” and for higher risk cases, also be independently verified.

4-37 One or more of the following steps is recommended to verify addresses:

  • checking the Register of Electors;

  • provision of a recent utility bill, tax assessment or bank or building society statement containing details of the address (to guard against forged copies’ it is strongly recommended that original documents are examined);

  • checking the telephone directory;

  • record of home visit.


Figure 1- Illustrating the KYC requirements for a personal applicant for business

Citation: IMF Staff Country Reports 2007, 157; 10.5089/9781451815085.002.A999

4-38 The information obtained should demonstrate that a person of that name exists at the address given, and that the applicant is that person.

4-39 The date of birth is important as an identifier in support of the name, and is helpful to assist law enforcement. Although there is no obligation to verify the date of birth, this provides an additional safeguard. It is also helpful for residence/nationality to be ascertained to assist risk assessment procedures and to ensure that an institution does not breach UN or other international financial sanctions.

4-40 For applications dealt with “face-to-face”, verification should ideally include a document obtained from a dependable source bearing a photograph. Wherever possible, a current, valid, full passport or national identity card should be requested and copies retained. It is impractical to set out detailed descriptions of the various identity cards and passports that might be offered as evidence of identity by foreign nationals. However, these can be verified by using the Kluwerpers Passport Handbook.15

4-41 Where the document used to verify identity also contains the address, there is no need for further address verification required where the customer is perceived to be low risk the address matches that given for the business relationship. High risk customers should have their address verified using at least two independent sources other than the document in question.

4-42 Because documents providing photographic evidence of identity need to be compared with the applicant’s appearance, and to guard against the dangers of postal intercept and fraud, prospective customers should not be asked to send these identity documents by post.

4-43 Where there is no face-to-face contact, and photographic identification would clearly be inappropriate, procedures to identify and authenticate the customer should ensure that there is sufficient evidence, either documentary or electronic, to confirm address and personal identity. At least one additional check must be undertaken to guard against impersonation. In the event that internal procedures require sight of a current passport or ID Card where there is no face-to-face contact, then copies should be certified by a person or persons whom the institution’s MLRO has approved for these purposes. Original documentation should not be forwarded through the post.

4-44 In drawing up the list of persons approved to certify documents for an institution the MLRO will need to provide documentary evidence of the following:

  • (a) That the person;

    1. adheres to ethical and/or professional standards; and

    2. is readily contactable; and

    3. exercises his or her profession or vocation in a jurisdiction with equivalent anti-money laundering measures; and

  • (b) The MLRO has obtained senior management agreement to permit such a person from certifying documents for these purposes.

4-45 There is obviously a wide range of documents which might be provided as evidence of identity. It is for each institution to decide the appropriateness of any document in the light of other procedures adopted. However, particular care should be taken in accepting documents which are easily forged or which can be easily obtained using false identities.

4-46 In respect of business relationships where the surname and/or address of the applicants for business differ, the name and address of all applicants, not only the first named, should normally be verified in accordance with the procedures set out above.

4-47 Any subsequent change to the customer’s name, address, or employment details of which the institution becomes aware should be recorded as part of the know your customer process. Generally this would be undertaken as part of good business practice and due diligence but also serves for money laundering prevention.

4-48 File copies of supporting evidence should be retained. Where this is not possible, the relevant details should be recorded on the applicant’s file. Institutions which regularly conduct one-off transactions, such as exchange bureaux and money transmission agents, must record the details in a manner which allows cross reference to transaction records. Such institutions may find it convenient to record identification details on a separate form, similar to the example in D, to be retained with copies of any supporting material obtained.

4-49 An introduction from a respected customer personally known to the management, or from a trusted member of staff, may assist the verification procedure but does not replace the need for verification of address as set out above. Details of the introduction should be recorded on the customer’s file. However, personal introductions without full verification should not become the norm, and directors/senior managers must not require or request staff to breach account opening procedures as a favour to an applicant.

Financially excluded, elderly, students, etc.

4-50 Most people need to make use of the financial system at some point in their lives. It is important, therefore, that the socially or financially disadvantaged should not be precluded from obtaining financial services just because they do not possess evidence of identity or address where they cannot reasonably be expected to do so. Internal procedures must allow for this, and must provide appropriate advice to staff on how identity can be confirmed in these exceptional circumstances.

4-51 In these cases it may be possible for the institution to accept confirmation from a professional (e.g. doctor, lawyer, etc) who knows the person. Where the individual lives in accommodation for which he or she is not financially responsible, or for which there would not be documentary evidence of his/her address, it may be acceptable to accept a letter from Social Services or a similar organisation as confirmation of a person’s address. A manager may authorise the opening of a business relationship if s/he is satisfied with confirmation of identity circumstances but must record his/her authorisation on the customer’s file, and must also retain this information in the same manner and for the same period of time as other identification records.

4-52 For students or other young people, the normal identification procedures set out above should be followed as far as possible. Where such procedures would not be relevant, or do not provide satisfactory evidence of identity, verification might be obtained in the form of the home address of parent(s), or by making enquiries of the applicant’s college or university. However, care should be taken around the beginning of the academic year before a student has taken up residence at the place of education as registration frauds are known to occur.

4-53 Under normal circumstances, a family member or guardian who has an existing relationship with the institution concerned would introduce a minor. In cases where the person opening the account is not already known, the identity of that person, and any other person who will have control of the account, should be verified.

T. Bodies Corporate

4-54 Because of the difficulties of identifying beneficial ownership, and the possible complexity of organisation and structures, corporate entities and trusts are the most likely vehicles to be used for money laundering, particularly when a legitimate trading company is involved. Particular care should be taken to verify the legal existence of the applicant and to ensure that any person purporting to act on behalf of the applicant is authorised to do so. The principal requirement is to look behind a corporate entity to identify those who have ultimate control over the business and the company’s assets, with particular attention being paid to any shareholders or others who exercise a significant influence over the affairs of the company. Enquiries should be made to confirm that the company exists for a legitimate trading or economic purpose, and that it is not merely a “brass plate company” where the controlling principals cannot be identified.

4-55 Before a business relationship is established, measures should be taken by way of company search and/or other commercial enquiries to ensure that the applicant company has not been, or is not in the process of being, dissolved, struck off, wound-up or terminated. In addition, if the institution becomes aware of changes in the company structure or ownership, or suspicions are aroused by a change in the nature of business transacted, further checks should be made.

4-56 Particular care should be exercised when establishing business relationships with non-Gibraltar registered companies, or companies with no direct business link to Gibraltar. Such companies may be attempting to use geographic or legal complication to interpose a layer of opacity between the source of funds and their final destination. In such circumstances, institutions should carry out effective checks on the source of funds and the nature of the activity to be undertaken during the proposed business relationship. This is particularly important if the corporate body is registered or has known links to countries without anti-money laundering legislation and procedures equivalent to Gibraltar’s. In the case of a trading company, a visit to the place of business may also be made to confirm the true nature of the business.


Figure 2 - Illustrating the KYC requirements for a body corporate applicant for business

Citation: IMF Staff Country Reports 2007, 157; 10.5089/9781451815085.002.A999

4-57 No further steps to verify identity over and above usual commercial practice, will normally be required where the applicant for business is known to be a company or a subsidiary of a company, quoted on a recognised investment exchange.

4-58 The following documents should normally be obtained from companies:

  • copy of the latest report and accounts (audited where applicable);

  • copy of the company’s Memorandum & Articles of Association;

  • copy of the board resolution to open the relationship and the empowering authority for those who will operate any accounts;

  • copy of the certificate of incorporation/certificate of trade or equivalent.

4-59 Where the business relationship is being opened in a different name from that of the applicant, the institution should also make a search, or equivalent trading name search for the second name.

4-60 The following persons (i.e. individuals or legal entities) must also be identified in line with this part of the notes:

  • All of the directors who will be responsible for the operation of the account/transaction.

  • All the authorised signatories for the account/transaction.

  • All holders of powers of attorney to operate the account/transaction.

  • The beneficial owner(s) of the company

  • The majority shareholders of the company (if different from the beneficial owners).

4-61 Where these are already known to the institution and identification records already accord with the requirements of these notes, there is no need to verify identity again.

4-62 When authorised signatories change, care should be taken to ensure that the identities of at least two current signatories have been verified. In addition, it may be appropriate to make periodic enquiries to establish whether there have been any changes in directors/shareholders, or the nature of the business/activity being undertaken. Such changes could be significant in relation to potential money laundering activity, even though authorised signatories have not changed.

U. Partnerships and unincorporated businesses

4-63 In the case of partnerships and other unincorporated businesses whose partners/directors are not known to the institution, the identity of at least two partners or equivalent should be verified in line with the requirements for personal customers. Where a formal partnership agreement exists, a mandate from the partnership authorising the opening of an account and conferring authority on those who will operate it should be obtained.

V. Powers of attorney

4-64 The authority to deal with assets under a power of attorney constitutes a business relationship and therefore, where appropriate, it may be advisable to establish the identities of holders of powers of attorney, the grantor of the power of attorney and third party mandates. Records of all transactions undertaken in accordance with a power of attorney should be kept in accordance with Part V.

W. Trusts, nominee and fiduciary accounts

4-65 Trusts, nominee companies and fiduciaries are popular vehicles for criminals wishing to avoid identification procedures and to mask the origin of money derived from crime. The particular characteristics of trusts which make them useful for the genuine customer also makes them particularly attractive for money launderers.

4-66 Some trusts, nominee and fiduciary accounts provide a higher money laundering risk than others. Identification and know your customer procedures need to be determined according to the perceived risk. Absolute and bare trusts established in Gibraltar present the lowest risk and anti-money laundering measures can therefore be tailored to reflect this. Discretionary trusts established elsewhere and particularly from territories not having equivalent anti-money laundering provisions should be subject to enhanced scrutiny.


Figure 3- Illustrating the KYC requirements for a trust applicant for business

Citation: IMF Staff Country Reports 2007, 157; 10.5089/9781451815085.002.A999

4-67 The principal means of preventing money laundering using trusts, nominee companies, and fiduciaries is to verify the identity of the provider of funds, i.e. the settlor, those who have control over the funds, this is to say, the trustees, and any controllers who have the power to remove the trustees. For discretionary trusts, the nature and purpose of the trust and the original source of funding should be ascertained. For non- discretionary trusts source of funds need not be sought.

4-68 Exceptionally, identification requirements might be waived for any trustee who does not have authority to operate an account, or give instructions about the use or transfer of funds.

4-69 Particular care needs to be exercised when trusts, special purpose vehicles, or international business companies connected to trusts, are established. Those created in jurisdictions without equivalent money laundering procedures in place will warrant additional enquiry.

Discretionary trusts and non-Gibraltar based bare trusts

4-70 These trusts present a higher money laundering risk and therefore additional measures are needed. Measures must be taken to identify the trust company or corporate service provider in line with the requirements for individuals or companies generally, together with the underlying principals e.g. protectors, settlors, trustees, on whose behalf an applicant is acting.

4-71 Institutions should obtain written confirmation from the trustees/managers of the trust that there are no anonymous principals.

4-72 Any application to open an account, or undertake a transaction on behalf of another without the applicant identifying a trust or nominee capacity should be regarded as suspicious and should stimulate further enquiries.

Conventional Family and Absolute Gibraltar Trusts

4-73 In the case of conventional Gibraltar trusts, identification evidence should be obtained for:

  • those who have control over the funds i.e. the principal trustees (who may include the settlor) and protectors (where these exist and who have a right to appoint or remove trustees);

  • the provider of the funds i.e. the settlor (except where s/he is deceased).

4-74 Where the settlor is deceased, written confirmation should be obtained for the source of funds in the form, for example, of grant of probate, or copy of the will creating the trust.

4-75 Where a corporate trustee acts jointly with a co-trustee, the identity of any non- regulated co-trustees should be verified even if the corporate trustee is covered by an exemption. The relevant guidance contained in this section for verifying the identity of persons, institutions or companies should be followed.

4-76 Although there should be no need for an institution to review an existing trust (or similar) instrument, confirmation of the identity of the settlor, and information about the identity of all trustees should be obtained.

4-77 Copies of any documents should be certified as true copies. In addition, a cross check should be made to ensure that any bank account on which the trustees have drawn funds is in their names, and the identities of any additional authorised signatories to the bank account should also be verified.

4-78 It is normal practice for disbursement of any trust property to be made to the trustees. As a matter of practice, some life assurance companies will make payments direct to beneficiaries on receiving a request from the trustees. In such circumstances, the payment should be made to the named beneficiary by way of a crossed cheque marked “account payee only”, or a bank transfer direct to an account in the name of the beneficiary.

Receipt and Payment of Funds

4-79 Where money is received on behalf of a trust, reasonable steps should be taken to ensure that:

  • details of the source of the funds are sought;

  • the nature of the transaction or instruction is understood.

4-80 It is also important to ensure that payments are properly authorised in writing by the trustees.

Identification of New Trustees

4-81 Where a trustee whose identity has been verified is replaced, the identity of the new trustee should be verified before s/he is allowed to exercise control over funds.

X. Life Policies Placed in Trust

4-82 Where a life policy is placed in trust, and where the trustees have no beneficial interest in the funds or authority to give payment instructions, it is necessary to verify only the identity of the settlor/policyholder.

Y. Executorship Accounts

4-83 Where a business relationship is entered into for the purpose of winding up the estate of a deceased person, the identity of the executor(s)/administrator(s) of the estate should be verified in line with this guidance, depending on the nature of the executor (i.e. whether personal, corporate, or a firm of solicitors). However, the identity of the executor or administrator need not normally be verified when payment from an established bank or building society account in the deceased’s name is being made to the executor or administrator in accordance with the Grant of Probate or Letters of Administration solely for the purpose of winding up the estate. Payments to the underlying beneficiaries on the instructions of the executor or administrator may be made without verification of their identity.

4-84 If any suspicions are aroused about the nature or origin of assets comprising an estate that is being wound up, then a report of the suspicions should be made in accordance with the procedures set out in Part VI.

Z. Client Accounts Opened By Intermediaries

4-85 Stockbrokers, fund managers, solicitors, accountants, estate agents and other intermediaries frequently hold funds on behalf of their clients in “client accounts” opened with institutions. Such accounts may be pooled omnibus accounts holding the funds of many clients, or they may be opened specifically for a single client or for a number of clients, either undisclosed to the institution or identified for reference purposes only. In each case, it is the intermediary who is the institution’s customer and these situations should be distinguished from those where an intermediary introduces a client who himself becomes a customer of the institution.

4-86 In certain circumstances, the Sections require the institution not only to verify the identity of the intermediary, but also to look through him to his underlying clients. The Sections in this area are complex. Basically, there are four scenarios:

  1. The intermediary is itself a regulated Gibraltar or EU financial institution and thus subject to the Sections and/or the Directive. In this case the institution need concern itself only with its immediate customer - the intermediary. Client accounts opened by stockbrokers, fund managers and other financial intermediaries that are covered by the Sections or Directive for all their activities therefore need not be investigated further.

  2. The intermediary is itself a firm of EU solicitors or accountants but subject to the Sections only in respect of their relevant financial business. Client accounts held by institutions for solicitors and accountants will generally be omnibus accounts, and will contain funds connected with activities that are not relevant financial business. Verification of the identity of the underlying clients related to these transactions will not have been undertaken in accordance with the Sections. Protection under legal privilege precludes institutions from securing any information about the underlying clients. Similarly, an accountant’s professional code of conduct will generally preclude the firm from divulging information to institutions concerning their underlying clients. It will therefore not be possible for an institution to establish the identity of the person(s) for whom a solicitor or accountant is acting. However this need not preclude an institution from making reasonable enquiries about transactions passing through client accounts that give cause for concern, or from reporting those transactions if suspicions cannot be allayed. In the event that a money laundering enquiry concerns a client account, the law enforcement agencies will seek information directly from the intermediary.

  3. The intermediary is a regulated financial institution from a country that is outside the EU but has equivalent money laundering legislation. The Sections specify that in such a case, the requirement to take reasonable measures can be satisfied by obtaining from the account holder a general undertaking in writing that he has obtained and recorded evidence of the identity of any client whose funds he deposits in the account.

  4. The intermediary is from a country without equivalent money laundering legislation. Reasonable measures must be taken to verify the identity of the underlying client. In satisfying this requirement, institutions should have regard to the nature of the intermediary and their degree of confidence in it, to its geographical location, to the type of business being done and, in particular, whether it is reasonable to expect the intermediary to reveal the name of the principal. In many cases an undertaking on the lines of that in iii above will be sufficient. However, there may be cases where it becomes apparent that the intermediary is playing little or no role beyond providing a “front”. In such cases an undertaking will not be adequate and full verification procedures will be necessary if the account opening is to proceed.

Politically Exposed Persons (PEPS) Risk & Corruption

4-87 Business relationships with individuals holding important public positions, and with persons or companies clearly related to them can expose an institution to significant reputational and/or legal risk. Such people, often referred to as potentates or PEPs, include heads of state, ministers, high-level civil servants, judges, military commanders, and directors or managers of public enterprises. There is always a possibility, especially in countries where corruption is prevalent, that such persons will abuse their positions for their own enrichment, through bribes or embezzlement.

4-88 Accepting and managing funds from, and indeed any form of business relationship with, corrupt PEPs could severely damage an institution’s reputation, and may undermine public confidence in the ethical standards of an entire financial centre, since such cases usually receive substantial media attention.

4-89 Corruption by PEPs invariably involves the serious crime such as theft or fraud. The proceeds of corruption are often transferred to jurisdictions outside the of the country from where they originated and concealed through private companies, trusts, foundations or under the names of relatives or close associates.

4-90 In addition, an institution may find itself incurring substantial costs arising from law enforcement investigations (including international mutual assistance requests) and legal proceedings. Under certain circumstances, an institution and/or its officers and employees could be punishable for money laundering offences, if they know, or should have known, that funds were derived from criminal activity. In addition, a business relationship with PEPs might call into question an institution’s fitness and propriety, thus putting at risk its authorisation to carry on financial services.

4-91 Specific risk based measures should be adopted to reduce the risks inherent in dealing with PEPs. Amongst the measures institutions must adopt systems of control to reduce the risks associated with establishing and maintaining business relationships with PEPs are:

  • the development of a clear policy and internal guidelines, procedures and controls regarding such business relationships;

  • maintenance of appropriate risk management systems to determine whether a potential customer or a customer is a PEP;

  • decisions to enter into business relationships with PEPs to be taken only by senior management;

  • the proactive monitoring of the activity on such accounts, so that any changes are detected, and consideration can be given as to whether such change suggests corruption or misuse of public assets;

  • close scrutiny of receipts of large sums from government bodies, state owned activities, or governments and central bank accounts;

  • an assessment of the countries which are more vulnerable to corruption;

  • the application of additional monitoring over customers from high risk countries whose line of business is more vulnerable to corruption (e.g. oil or arms sales).

4-92 Institutions should ensure that timely reports are made to GFIU where proposed or existing business relationships with PEPs give grounds for suspicion.

Correspondent Relationships

4-93 Transactions conducted through correspondent relationships need to be monitored according to perceived risk. “Know Your Correspondent” procedures should be established to ascertain whether the correspondent bank or counter-party is itself regulated for money laundering prevention and, if so, whether the correspondent is required to verify the identity of customers to FATF standards. Where this is not the case, additional due diligence may be required to ascertain and assess the correspondent’s internal policy on money laundering prevention and its know your customer procedures.

4-94 Banks must not maintain relationships with shell banks that have no physical presence in any country or with correspondent banks that permit their accounts to be used by such banks.

4-95 The respondent institution’s CFT/AML controls should be assessed and ascertained that they are adequate and effective. Both institutions should document the CFT/AML responsibilities.

4-96 At least one person senior to, or independent from the, the officer sponsoring the relationship is required to approve the setting up of the relationship. A review of the conduct of the relationship should be conducted, at least annually.

4-97 The volume and nature of transactions flowing through correspondent accounts with institutions from high risk jurisdictions, or those with material deficiencies (see Error! Reference source not found. E) should be monitored against expected levels and destinations, and any material variances should be explored.

4-98 Institutions should guard against passing funds through accounts without taking reasonable steps to satisfy themselves that sufficient due diligence has been undertaken by the remitting bank on the underlying client and the origin of funds.

4-99 Staff dealing with correspondent banking accounts should be trained to recognise high risk circumstances, and be prepared to challenge correspondents over irregular activity, whether isolated transactions or trends, submitting a suspicion report where appropriate.

4-100 Institutions should consider terminating the accounts of correspondents who fail to provide satisfactory answers to reasonable enquiries including, where appropriate, confirming the identity of customers involved in unusual or suspicious transactions.

When must identity be verified?

4-101 Generally an institution should never establish a business relationship until all the relevant parties to the relationship have been identified and the nature of the business they expect to conduct has been established. Once an ongoing relationship has been established, any regular business undertaken for that customer should be assessed at regular intervals against the expected pattern of activity of the customer. Any unexpected activity can then be examined to determine whether there is a suspicion of money laundering.

4-102 Where evidence of identity is required, it must be obtained as soon as is reasonably practicable after the applicant seeks to enter into a business relationship, or effect a one- off transaction with the institution. Section 14 states that what constitutes an acceptable time span must be determined in the light of all the circumstances including the nature of the business, the geographical location of the parties, and whether it is practicable to obtain evidence before commitments are entered into, or money passes. Thus the institution can start processing business immediately, provided that at the same time it is taking steps to verify the customer’s identity. Clearly, every effort should be made to complete verification before settlement takes place unless this is impracticable for good reasons. (Of course, the verification must be completed even if settlement has occurred.)

4-103 In the case of telephone business, it is acceptable to await settlement by an investor to ascertain whether the payment is made from an account held in the investor’s name. The proceeds of any dealing in an investment should not be remitted to the investor until identification is verified.

4-104 Section 11(1) stipulates that if satisfactory evidence of identity has not been obtained in a reasonable time, then “the business relationship or one-off transaction in question shall not proceed any further”. This means that, in certain circumstances, an institution may have to freeze or cancel a transaction after it has dealt but before settlement.

AA. Freezing

4-105 Where satisfactory evidence of identity is required, an institution should “freeze” the rights attaching to the transaction pending receipt of the necessary evidence. The investor may continue to deal as usual, but, in the absence of the evidence of identity, proceeds should be retained. Documents of title should not be issued, nor income remitted (though it may be re-invested).

4-106 Where an investor exercises cancellation rights, or cooling off rights, the sum invested must be re-paid (subject to any shortfall deduction where applicable). The repayment of money arising in these circumstances does not constitute “proceeding further with the business”. However this could offer a readily available route for laundering money, and institutions should be alert to any abnormal exercise of cancellation/cooling off rights by any investor, or in respect of business introduced through any single intermediary. In the event that abnormal exercise of these rights becomes apparent, this should be regarded as suspicious, and reported via the usual channels (see Part VI).

BB. Exceptional Circumstances

4-107 It is recognised that there may be exceptional circumstances when applicants for business will not be able to provide appropriate documentary evidence of their identity and where independent address verification is impossible. In such cases, institutions might agree that a senior manager may authorise the business if he is satisfied as to the applicant’s acceptability. The reasons supporting this decision should be recorded in the same manner and retained for the same period of time as other identification records. If the senior manager is not satisfied, or money laundering is suspected, then the institution must not proceed with the business. If money laundering is suspected, the reporting procedures should be followed, taking care that “tipping-off” does not occur.

CC. Acquisition of One Financial Sector Business by Another

4-108 When a company acquires the business of another financial services company or firm, either in whole, or as a product portfolio (e.g. the mortgage book), it is not necessary for the identity of all existing customers to be verified again, provided that all customer account records are acquired with the business, and that the due diligence enquiries prior to acquisition do not give rise to doubt that money laundering procedures followed by the business accorded with Gibraltar requirements.

4-109 In the event that the money laundering procedures previously undertaken have not been in accordance with Gibraltar requirements, or the procedures cannot be checked, or the customer records are not available to the acquiring institution, verification of identity and KYC procedures will need to be undertaken for all transferred customers as soon as practicable.

DD. Bearer Securities

4-110 By their anonymous nature, bearer securities have no audit trail and are therefore vulnerable to being used for money laundering. Bearer securities delivered other than through a recognised clearing system merit special attention.

4-111 Where the value of the transaction exceeds €15,000, verification evidence should be obtained for the following transactions:

  • bearer shares converting to registered form;

  • surrender of coupons for payment of dividend, bonus, or capital event.

4-112 The middle market price quoted in the Financial Times, Bloomberg or Reuters etc on the day of receipt should normally be used to establish share value.

4-113 In the case of transfers from bearer to registered shares, evidence of identity of the registered holder must be obtained in line with the procedures set out above.

4-114 The submission of coupons in exchange for a cheque in payment of dividends, bonuses or capital events, does not require the identity of the owner to be verified unless the value of the cheque is in excess of €15,000, and the requested payee is not a Gibraltar or EU regulated financial sector firm. As the identity of the holder of bearer certificates from which the coupons are derived is not known, identification evidence must be obtained in respect of the payee of the requested cheque before the cheque is issued.

Remediation of pre 1ST April 1995 business relationships

4-115 All relevant financial business have been required since 2002 to review all existing business relationships and identify missing KYC documentation. That exercise was to have been completed by 31st January 2003. Institutions must by now; have sought and obtained the missing documentation, be in the process of obtaining that information or have closed or blocked that relationship until such time as the documentation is supplied, obtained or verified.

4-116 The FSC will continue to monitor progress being made by institutions in this respect as part of its risk based assessment of institutions.

4-117 The FSC’s expectations is that institutions will have instigated a risk-based approach to KYC remediation with project management disciplines in place that will enable the identification and resource management requirements of the business relationships with identified milestones and measurable targets set throughout the affected customer base.

4-118 Institutions are strongly encouraged to follow through this approach for the entire customer base (not just those established before 1st April 1995) where management perceives that KYC documentation for those accounts are not up to existing standards. In carrying out their review, management must decide whether to obtain any missing elements of the documentary evidence, or to decide that, in light of the existing nature of the business relationship, it is unnecessary to do so.

Reliance on third parties to conduct kyc for customers

4-119 Every institution must retain adequate documentation to demonstrate that its KYC procedures have been properly implemented, and that it has carried out the necessary verification itself. There are, however, certain circumstances in which it may be possible for institutions to rely on KYC procedures carried out by third parties. Whereas the procedures listed below refer to the obtaining and verification of original documentation, they do not exempt institutions from the requirement to have copies of all documentation in their possession, or to have ready access to such documentation.

EE. Introductions from Group Companies or Intermediaries

4-120 Where a business relationship is being instituted the institution is obliged to carry out KYC procedures on any client introduced to it by a third party unless the third party is an eligible introducer able to provide the institution with copies of all documentation required by the institution’s KYC procedures.

4-121 To be an eligible introducer, a third party must meet ALL FOUR of the following conditions;

  • it must be regulated by the FSC, or an equivalent institution if it carries on business outside Gibraltar,

  • it must be subject to equivalent, or more stringent, anti-money laundering legislation than that in place in Gibraltar,

  • it must be based in Gibraltar or a country which has an equivalent anti-money laundering regime, and

  • there must be no secrecy or other obstacles which would prevent the Gibraltar institution from obtaining the original documentation if necessary.

4-122 In Gibraltar, Eligible Introducers would be all persons caught by these Guidance Notes who are subject to the FSC’s regulatory regime. Essentially all persons listed in Paragraph 2.19 with the exception of Bureau and Money Transmission agents as KYC requirements are only required in these cases for one-off transactions of €15,000 or above. Institutions should be aware, however that similar activities conducted outside of Gibraltar may not meet all the requirements stated above particularly as some activities are regulated by professional bodies and not by a public or quasi public regulatory body.

4-123 Where an introducer satisfies the definition of eligible introducer, an institution may place reliance upon the KYC procedures of the eligible introducer, and simply obtain copies of the relevant documentation rather than be required to see the original documentation. Exemptions for postal applications do not apply in these circumstances.

4-124 Where reliance is to be placed on an eligible introducer, the introducer must complete and return to the institution, the certificate in Appendix F1. Copies of all the necessary documentation must also be immediately supplied. The documentation must be the same as the institution would require to satisfy its own KYC procedures. A business relationship may not be commenced until the completed Introducer’s Certificate has been received together with the copies of the required documentation.

FF. Introduction of One-Off Transactions from Overseas

4-125 Where an applicant for business who is effecting a one-off transaction is introduced by an overseas branch or subsidiary in the same group as the institution, or by another EU financial institution, or a regulated institution from a country with equivalent legislation, Section 14(1)(a-c) provides that the institution need not verify identity even if the transaction exceeds €15,000, as long as the introducer has provided the name of the customer and given the firm a written assurance that evidence of identity has been taken and recorded. This assurance can be given separately by the introducer for each new customer, or by way of a written general assurance. However, the Section 14(1)(c) exemption is only applicable provided condition (ii) of 14(i)(c) is fulfilled, namely that there are reasonable grounds for believing that the non-Gibraltar introducer:

  • acts in the course of a business in relation to which an overseas regulatory authority exercises regulatory functions; and

  • is based, or incorporated in, or formed under the law of, a country other than an EU member state in which there are in force provisions at least equivalent to those required by the Money Laundering Directive, particularly in respect of verification of identity and record keeping; or

  • operates under a rigorous group policy in accordance with Gibraltar standards and provides some form of group introduction certificate that evidence of identity has been taken and recorded.

4-126 This exemption applies only to one-off transactions. If the person being introduced is forming a business relationship with the institution, then that business must obtain evidence of identity. In many circumstances, the procedures described below (the postal concession) may apply. Otherwise evidence of identity may be obtained direct or by way of a written assurance from a reputable local source (such as a banker, professional adviser, consulate etc). In situations of this kind, institutions should ensure that the division of responsibilities between themselves and the introducer is clearly agreed and understood.

Transitional requirements for controlled activity businesses.

4-127 The Criminal Justice (Amendment) Ordinance 2004 (ORD 14 of 2004) provides that for new businesses (company managers, professional trustees, insurance intermediaries and managers) caught by the amendments (for this section of the notes referred to as “new activities”) existing business relationships and one-off transactions do not need to be fully compliant with the provisions of the Criminal Justice Ordinance 1995 on the day the amendments came into effect.

4-128 Instead, it provides for supervisory or regulatory guidance to spell out what the procedures that are to be followed should be. It is recognised that the new activities had already largely complied with the requirements of the Ordinance and Guidance Notes as the trade associations which represent them had subscribed to the Guidance Notes and the Financial Services Commission had required compliance with the same as a condition of licensing. However, it is necessary to ensure that within a reasonable period of time, all the records and procedures of the new activities are fully compliant with the provisions of the Ordinance and the Guidance Notes.

GG. Provisions in relation to KYC Documentation

4-129 By the 1st June 2005 all existing business relationships must be examined and reviewed in order to determine what documentation is missing, incomplete or out of date and how these comply with the provisions of this Part of the Notes. In conducting this review, the form in Error! Reference source not found. G should be used and the completed form should then form part of the KYC documentation maintained for the relationship.

4-130 In carrying out their review, management of the new activities must decide whether to obtain any missing elements of the documentary evidence, or to decide that, in light of the existing nature of the business relationship, it is unnecessary to do so. Each business relationship must be treated in one-way or the other. A decision must not be taken on the basis of categories or groups of clients.

4-131 When reviewing the nature of a business relationship, management should take into account a number of considerations, such as the length of time the relationship has been in place, the frequency with which the institution has contact with the client, and the volumes and numbers of transactions. Such factors will help determine whether it is necessary to update or supplement KYC documentation already held using a risk based approach.

4-132 Where it is decided to seek missing documentation, the institution must do so at the earliest possible opportunity and persist until the information is received, or the original decision revised. Where missing information is not obtained within a reasonable period of time, the institution should consider termination of the business relationship.

4-133 Where business is introduced to another relevant financial business, it is up to the receiving institution to accept or reject the form on Error! Reference source not found. G as a valid substitute for copies of the underlying KYC documentation.

HH. Provisions in relation to training

4-134 By the 1st June 2005 management of the new activities must ensure that all members of staff have received the appropriate levels of training as outlined in Part VII of these notes.

Exemptions and Concessions

4-135 Irrespective of the size and nature of the transactions and the exemptions set out below, identity must be verified in all cases where money laundering is known or suspected. If money laundering is known or suspected then a report must be made to GFIU and verification procedures undertaken if this has not already been done.

4-136 The obligation to maintain procedures for obtaining evidence of identity is general, but Sections 11, 12 and 14 set out a number of exemptions and concessions.

II. Gibraltar or EU Credit or Financial Institutions (Section 14(1)(a) and (b))

4-137 Verification of identity is not required when there are reasonable grounds for believing that the applicant for business is itself a financial institution in Gibraltar or an EU country, and is thus subject to the Sections and/or the Money Laundering Directive. What constitutes reasonable grounds is not defined, but these might mean ensuring that the credit or financial institution does actually exist (e.g. that it is listed in the Bankers’ Almanac, or is a member of a regulated or designated investment exchange); and that it is also regulated. In cases of doubt, the relevant regulator’s list of institutions can be consulted. Additional comfort can also be obtained by obtaining from the relevant institution evidence of its authorisation to conduct financial and/or banking business.

4-138 Unregulated Gibraltar or EU credit or financial businesses (e.g. bureaux de change) should be subject to further verification in accordance with the procedures for companies or businesses.

JJ. One-Off Transactions: Single or Linked (Section 11(1) and 11(4))

4-139 Verification of identity is not normally needed in the case of a single one-off transaction when payment by, or to, the applicant is less than €15,000.16 Irrespective of the size of a transaction, any suspicions of money laundering must be reported in line with the procedures set out in Part VI.

4-140 For the purpose of these Guidance Notes, transactions that are separated by an interval of three months or more need not, in the absence of specific evidence to the contrary, be treated as linked. However, Section 11(5) requires that identification procedures should be undertaken for linked transactions that together exceed the exemption limit, i.e. where in respect of two or more one off transactions:

  1. it appears at the outset to a person handling any of the transactions that the transactions are linked and that the aggregate amount of these transactions will exceed €15,000; or

  2. at any later stage, it comes to the attention of such a person that the transactions are linked, and that the €15,000 limit has been reached.

    In respect of Bureaux de Change and Money Transmission services it is recommended that this level be reduced to €5,000.

4-141 The Sections do not require institutions to install additional computer systems specifically to identify linked transactions. However, if systems in place recognise that two or more transactions appear to be linked and total more than €15,000, the institution must act upon that information.

4-142 The requirement to aggregate linked transactions is designed to identify people who might structure their dealings to avoid the identification procedures. It is not meant to cause inconvenience for genuine business transactions. There is clearly no need to count both ends of the same transaction, e.g. a purchase and a subsequent sale.

KK. Small Insurance Contracts

4-143 Sections 14(8)(g) provides that identification procedures can be waived for insurance business in respect of which:

  • a premium is payable in one instalment of an amount not exceeding €2,500; or,

  • a regular premium is payable and where the total payable in respect of any one calendar year does not exceed €1,000.

LL. Policies of insurance in connection with a pension scheme

4-144 Section 14(1)(e) provides that no steps are necessary to obtain evidence of a person’s identity in respect of a policy of insurance in connection with a pension scheme taken out by virtue of a person’s contract of employment, or occupation where the policy:

  1. contains no surrender clause; and

  2. may not be used as collateral for a loan.

4-145 A ‘policy of insurance’ includes any contract, which secures any benefit in respect of occupational or personal pension schemes, effected with an insurance company authorised to conduct long-term insurance business. The exemption extends to personal pension arrangements, both for self-employed and employees (whether or not both the employee and the employer contribute).

MM. Concessions for Postal/Coupon/Telephone Business/Electronic Business

4-146 Section 12 provides a concession where a customer would normally be required to produce evidence of identity before transacting business (whether directly or introduced by an intermediary). Where it is reasonable in all the circumstances for payment to be made by post, or electronically, or for the details of the payment to be given by telephone, then if payment is to be made from an account held in the customer’s name (or jointly with one or more other persons) at an authorised financial or credit institution, identification requirements may be waived.17

4-147 The postal concession can be used without additional identity verification for mail-shot, off the page, coupon business, or business placed over the telephone. However, in such cases a record should be maintained indicating how the transaction arose and detailing the Gibraltar or EU authorised credit institution’s details and the number of the account from which the cheque or payment is drawn.

4-148 Whilst a payment can be made directly between accounts with credit institutions or by cheque or debit card, the accepting institution must be able to confirm that the account is held in the sole or joint name(s) of the investor. (Payments to or from a joint account, where only one party is involved in the transactions, are not regarded as third party payments.) Where the payment is made either by cheque or by other means, and where the account name from which the funds are to be debited is not apparent, or has not been provided by the originating credit institution, confirmation of the account holder may be obtained in a variety of ways, e.g.:

  • sight of a statement for the account from the credit institution concerned (in the case of payment by debit card, the statement should be capable of confirming that payments made using the card are debited to that account); or

  • sight of a blank cancelled cheque or paying-in slip for the account; or

  • cheques or drafts might have confirmation of account details added to the front or reverse - where this is done by hand the information should be certified by the branch or credit institution concerned; or

  • in the case of a payment by telegraphic transfer (e.g. CHAPS), from narrative information provided by the paying bank, including account name; or

  • as a last resort, by contacting the bank, building society, or debit card issuer concerned to seek confirmation of the name(s) in which the account is held from which the payment is to be debited. However, it should be noted that in the absence of a specific authorisation from the customer, a bank or building society may refuse to identify the account holder on the grounds of confidentiality.

Note: In respect of direct debits, it cannot be assumed that the account-holding bank will carry out any form of validation of the account name and number, or that the mandate will be rejected if they do not match.

4-149 If a firm relying on the concession has grounds to believe that the identity of the customer has not previously been verified by the credit institution on which the payment has been drawn, then taking a risk-based approach, additional measures to verify identity should be sought.

4-150 The concession for postal/coupon business does not apply where

  • initial or future payments can be received from third parties;

  • cash withdrawals can be made, other than by the investors themselves on a face-to- face basis where identity can be confirmed, e.g. passbook accounts where evidence of identity is required for making withdrawals;

  • redemption or withdrawal proceeds can be to be paid to a third party or to a bank account that cannot be confirmed as belonging to the investor, other than to a personal representative named in the Grant of Probate or Letters of Administration on the death of the investor;

The following repayment restrictions must apply:

  • (i) repayments made to another institution must be subject to confirmation from the receiving firm that the money is either to be repaid to the investor or reinvested elsewhere in the investor’s name;

  • (ii) repayments made by cheque must be sent either to the named investor’s last known address and crossed “account payee only”, or to the investor’s bank with an instruction to credit the named investor’s account;

  • (iii) repayments via BACS should ensure that the stipulated account is in the name of the investor;

  • It should not be possible to change the characteristics of products or accounts at a future date to enable payments to be received from, or made on behalf of, third parties.

NN. Non Written Applications

4-151 Unit trust managers and other institutions receiving non-written applications from intermediaries, i.e. where a deal is placed over the telephone or by other electronic means, who have an obligation to verify the identity of customers, and where the postal concession is not available, may wish to make use of a version of the certification process available for written business. The intermediary should be asked to give specific confirmation that identity has been verified or, if not, that the investor was an established customer prior to 1st April 1995 and that the applicant’s name and address corresponds with the intermediary’s own records. Records of answers given by the intermediary must be recorded and retained for the relevant period if these answers are to constitute sufficient evidence of verification of identity by the institution.

OO. Internet

4-152 Provision of financial services via the Internet opens up the potential for new mechanisms for fraud and money laundering.

4-153 Any institution offering Internet services should implement procedures to establish and authenticate customer identity, and should ensure that sufficient information is acquired to confirm address and personal identity in accordance with the requirements set out above. Care should be taken to ensure that the same supporting documentation is obtained from Internet customers as for other postal/telephone banking customers. An initial deposit cheque drawn on another regulated EU institution will provide additional comfort.

4-154 Institutions should consider regular monitoring of transactions over the Internet. Unusual transactions should be investigated and reported if suspicious.

Countries with equivalent legislation

4-155 Because money laundering is a global phenomenon, a large number of countries have enacted legislation to safeguard their economies and financial systems from being contaminated by money from criminal sources. For example, all member countries of the European Union (which includes Gibraltar and the ten accession states which joined the EU in May 2004), are required to enact legislation to implement the European Union Money Laundering Directive.

4-156 Guernsey, Jersey and the Isle of Man are not part of the European Union, or the Financial Action Task Force. All three dependencies have introduced all-crimes anti- money laundering measures to supplement their previous drugs-related anti-money laundering legislation and financial sector procedures. The measures introduced are in line with those operating in Gibraltar.

4-157 Institutions entering into business relationships with customers who are introduced by institutions regulated in one of the Crown Dependencies may assume, unless there is evidence to the contrary, that the introducing institution’s customer verification and record keeping procedures are equivalent to Gibraltar’s and that the relevant records will be freely available, either on request or by Gibraltar Law Enforcement Agencies obtaining a Court Order.

4-158 The difficulties arise when assessing the equivalence of jurisdictions which are not within the EEA. Since the inception of these guidance notes, the view has been that EEA and Financial Action Task Force member countries would pass the equivalence state. Such a view was acceptable where there was no independent verification of the anti-money laundering regimes in other jurisdictions. With both IMF and FATF evaluations taking effect and being widely published, the narrow view of “club membership” need no longer apply.

4-159 The list of equivalent jurisdictions is shown at Appendix E

Part V Record Keeping

5-1 The requirement contained in Section 16 to keep records of customers’ identification and transactions is an essential constituent of the audit trail that the Sections seek to establish.

5-2 The most important single feature of the Sections in this area is that they require relevant records to be retained for at least five years from the date of completion of the business.

5-3 If the law enforcement agencies investigating a money laundering case cannot link funds passing through the financial system with the original criminal money, then confiscation of those funds cannot be made. Often the only valid role required of a financial institution in a money laundering investigation is as a provider of relevant records, particularly where the money launderer has used a complex web of transactions specifically for the purpose of confusing the audit trail.

5-4 The records prepared and maintained by any financial institution on its customer relationships and transactions should be such that:

  • requirements of legislation are fully met;

  • competent third parties will be able to assess the institution’s observance of money laundering policies and procedures;

  • any transactions effected via the institution can be reconstructed; and

  • the institution can satisfy within a reasonable time any enquiries or court orders from the appropriate authorities as to disclosure of information.

PP. Documents Verifying Evidence Of Identity

5-5 Section 16(1)(a) specifies that, where evidence of a person’s identity is required, businesses must maintain a record that:

  • indicates the nature of the evidence obtained, and

  • comprises either a copy of the evidence or (where this is not reasonably practicable) contains such information as would enable a copy of it to be obtained.

5-6 Part VI of these Guidance Notes sets out the nature of the evidence required.

5-7 These records of identity must be kept for at least five years from the date when the relationship with the customer has the ended. In accordance with Sections 16(2)(a) and 2(4), this is the date of:

  1. the carrying out of the one-off transaction, or the last in a series of linked one-off transactions; or

  2. the ending of the business relationship; or

  3. the commencement of proceedings to recover debts payable on insolvency.

5-8 Under Section 16(4), where formalities to end a business relationship have not been undertaken but a period of five years has elapsed since the date when the last transaction was carried out, then the five year retention period commences on the date of the completion of that last transaction.

QQ. Transaction Records

5-9 Section 16(1)(b) requires institutions to retain, for at least five years, records of all transactions undertaken in respect of relevant financial business. The precise nature of the records required is not specified, but the objective is to ensure, in so far as is practicable, that in any subsequent investigation the company/business can provide the authorities with its section of the audit trail. These record keeping requirements are separate from those of the financial services regulators, but there is a considerable degree of overlap.

5-10 For each transaction consideration should be given to retaining a record of:

  • the name and address of its customer;

  • the name and address (or identification code) of its counterparty;

  • what the transaction was used for, including price and size;

  • whether the transaction was a purchase or a sale;

  • the form of instruction or authority;

  • the account details from which the funds were paid (including, in the case of cheques, sort code, account number and name);

  • the form and destination of payment made by the business to the customer;

  • whether the investments, etc were held in safe custody by the business or sent to the customer or to his/her order and, if so, to what name and address.

RR. Record Keeping By Eligible Introducers

5-11 Section 13(4) and (5) specifically addresses the responsibility for record keeping in respect of business introduced by eligible introducers. If the eligible introducer is itself authorised under the Financial Services, Banking, Building Societies or Insurance Companies Ordinances for relevant financial business, the principal can rely on an assurance that the eligible introducer will keep, on the principal’s behalf, the necessary records in respect of both verification of identity and transactions. It is of course necessary for the principal to keep copies of the records itself..

SS. Format And Retrieval Of Records

5-12 To satisfy the requirements of the law enforcement agencies, it is important that records are capable of retrieval without undue delay. It is not necessary to retain documents in their original hard copy form, provided that the firm has reliable procedures for holding records in microfiche or electronic form, as appropriate, and that these can be reproduced without undue delay. In addition, an institution may rely on the records of a third party, such as a bank or clearing house in respect of details of payments made by customers. However, the primary requirement is on the institution itself and the onus is thus on the business to ensure that the third party is willing and able to retain and, if asked to, produce copies of the records required.

5-13 However, the record requirements are the same regardless of the format in which they are kept or whether the transaction was undertaken by paper or electronic means. Documents held centrally must be capable of distinguishing between the transactions relating to different customers and of identifying where the transaction took place and in what form.

5-14 The Regulations do not state the location where relevant records should be kept but the overriding objective is for financial sector businesses to be able to retrieve relevant information without undue delay.

5-15 When setting document retention policy, financial sector businesses must weigh the statutory requirements and the needs of the investigating authorities against normal commercial considerations. When original vouchers are used for account entry, and are not returned to the customer or his agent, it is of assistance to the law enforcement agencies if these original documents are kept for at least one year to assist forensic analysis, and this can also provide evidence to a financial institution when conducting its own internal investigations. However, this is not a requirement of the money laundering legislation and there is no other statutory requirement in Gibraltar that would require the retention of these original documents.

5-16 It is also of assistance to law enforcement, particularly in cases where a third party has been relied upon to undertake verification of identity procedures or to confirm identity, that copies of all records relating to verification of identification are retained in Gibraltar.

5-17 Institutions are asked to ensure that when original documents which would normally have been destroyed are required for investigation purposes, they check that the destruction policy has actually been adhered to before informing the law enforcement agencies that the documents are not available.

5-18 Where documents verifying the identity of a customer are held in one part of a group, they do not need to be held in duplicate form in another. However, if the documents are held in another jurisdiction, they must wherever possible (subject to local legislation) be freely available on request within the group, or otherwise be available to the investigating agencies under due legal procedures and mutual assistance treaties. Access to group records must not be impeded by confidentiality or data protection restrictions.

5-19 Financial sector businesses should also take account of the scope of money laundering legislation in other countries, and should ensure that group records kept in other countries that are needed to comply with Gibraltar legislation are retained for the required period. Particularly care needs to be taken to retain or hand over the appropriate records when an introducing branch or subsidiary ceases to trade or have a business relationship with a customer whilst the relationship with other group members continues, or where a company holding relevant records becomes detached from the rest of the group.

Wire Transfers

5-20 Investigations of major money laundering cases over the last few years have shown that criminals make extensive use of electronic payment and message systems. The rapid movement of funds between accounts in different jurisdictions increases the complexity of investigations. In addition, investigations become even more difficult to pursue if the identity of the original ordering customer or the ultimate beneficiary is not clearly shown in an electronic payment message instruction.

5-21 Following the FATF special recommendation on terrorist financing, relevant financial businesses are required to include accurate and meaningful originator and beneficiary information on all outgoing funds transfers and related messages that are sent, and this information should remain with the transfer or related message throughout the payment chain.

5-22 Institutions should have effective risk-based procedures in place to identify wire transfers lacking complete originator information.

5-23 The records of electronic payments and messages must be treated in the same way as any other records in support of entries in the account and kept for a minimum of five years.

TT. Interpretation of the requirements for wire transfers

5-24 For the purposes of this interpretative note, the following definitions apply.

  1. The terms wire transfer and funds transfer refer to any transaction carried out on behalf of an originator person (both natural and legal) through a financial institution by electronic means with a view to making an amount of money available to a beneficiary person at another financial institution. The originator and the beneficiary may be the same person.

  2. Cross-border transfer means any wire transfer where the originator and beneficiary institutions are located in different jurisdictions. This term also refers to any chain of wire transfers that has at least one cross-border element.

  3. Domestic transfer means any wire transfer where the originator and beneficiary institutions are located in Gibraltar. This term therefore refers to any chain of wire transfers that takes place entirely within Gibraltar, even though the system used to effect the wire transfer may be located in another jurisdiction.

  4. The term financial institution is as defined by the FATF Forty Recommendations. The term does not apply to any persons or entities that provide financial institutions solely with message or other support systems for transmitting funds.

  5. The originator is the account holder, or where there is no account, the person (natural or legal) that places the order with the financial institution to perform the wire transfer.

UU. Scope

5-25 The requirement regarding wire transfer applies, under the conditions set out below, to cross-border and domestic transfers between financial institutions.

Cross-border wire transfers

5-26 Information accompanying cross-border wire transfers must always contain the name of the originator and where an account exists, the number of that account. In the absence of an account, a unique reference number must be included.

5-27 Information accompanying the wire transfer should also contain the address of the originator. However, financial institutions may substitute the address with a national identity number, customer identification number, or date and place of birth.

5-28 Where several transfers from a single originator are bundled in a batch file for transmission to beneficiaries in another jurisdiction, they shall be exempted from including full originator information, provided they include the originator’s account number, and the batch file contains full originator information.

Domestic wire transfers

5-29 Information accompanying domestic wire transfers must also include originator information as indicated for cross-border wire transfers, unless full originator information can be made available to the beneficiary financial institution and appropriate authorities by other means. In this latter case, financial institutions need only include the account number or a unique identifier provided that this number or identifier will permit the transaction to be traced back to the originator.

5-30 The information must be made available by the ordering financial institution within five business days of receiving the request either from the beneficiary financial institution or from appropriate authorities. Law enforcement authorities should be able to compel immediate production of such information.

VV. Exemptions from the wire transfers requirements

5-31 The wire transfers requirement is not intended to cover the following types of payments:

  • (a) Any transfer that flows from a transaction carried out using a credit or debit card so long as the credit or debit card number accompanies all transfers flowing from the transaction. However, when credit or debit cards are used as a payment system to effect a money transfer, they are covered by the wire transfer requirement, and the necessary information should be included in the message.

  • (b) Financial institution-to-financial institution transfers and settlements where both the originator person and the beneficiary person are financial institutions acting on their own behalf.

WW. Role of ordering, intermediary and beneficiary financial institutions
Ordering financial institution

5-32 The ordering financial institution must ensure that qualifying wire transfers contain complete originator information. The ordering financial institution must also verify this information for accuracy and maintain this information in accordance with the standards set out in these Guidance Notes.

Intermediary financial institution

5-33 For both cross-border and domestic wire transfers, financial institutions processing an intermediary element of such chains of wire transfers must ensure that all originator information that accompanies a wire transfer is retained with the transfer.

5-34 A record must be kept for five years by the receiving intermediary financial institution of all the information received from the ordering financial institution.

Beneficiary financial institution

5-35 The lack of complete originator information may be considered as a factor in assessing whether a wire transfer or related transactions are suspicious and, as appropriate, whether they are thus required to be reported to the financial intelligence unit or other competent authorities. In some cases, the beneficiary financial institution should consider restricting or even terminating its business relationship with financial institutions that fail to meet these standards.”


5-36 Where an institution has submitted a report of suspicious activity to GFIU (see Part VI of these Guidance Notes) or where it knows that a client or transaction is under investigation, it should not destroy any relevant records without the agreement of the authorities even though the five year limit may have been reached.

Part VI Recognition and Reporting of Suspicious Transactions

XX. Recognition Of Suspicious Transactions

6-1 As the types of transactions which may be used by a money launderer are almost unlimited, it is difficult to define a suspicious transaction. Suspicion is personal and subjective and falls far short of proof based on firm evidence. It is more than the absence of certainty that someone is innocent. A person would not be expected to know the exact nature of the criminal offence or that the particular funds were definitely those arising from the crime. However, a suspicious transaction will often be one which is inconsistent with a customer’s known, legitimate business or personal activities or with the normal business for that type of customer. Therefore, the first key to recognition is knowing enough about the customer’s business to recognise that a transaction, or series of transactions, is unusual.

6-2 Questions that a financial Institution must consider when determining whether an established customer’s transaction must be suspicious are:

  • Is the size of the transaction consistent with the normal activities of the customer?

  • Is the transaction rational in the context of the customer’s business or personal activities?

  • Has the pattern of transactions conducted by the customer changed?

  • Where the transaction is international in nature, does the customer have any obvious reason for conducting business with the other country involved? business with the other country involved?

YY. Reporting Of Suspicious Transactions

6-3 There is a statutory obligation on all staff to report suspicions of money laundering. Section 18 contains the requirement to report to the “Appropriate Person” (for the purpose of these Guidance Notes called the Money Laundering Reporting Officer) in accordance with internal procedures. In line with accepted practice, some businesses may choose to require that such unusual or suspicious transactions be drawn initially to the attention of supervisory management to ensure that there are no known facts that will negate the suspicion before further reporting on to the Money Laundering Reporting Officer or an appointed deputy.

6-4 Each institution has a clear obligation to ensure:

  • that each relevant employee knows to which person they should report suspicions, and

  • that there is a clear reporting chain under which those suspicions will be passed without delay to the Reporting Officer.

6-5 Once employees have reported their suspicions to the appropriate person they have fully satisfied the statutory obligations.

Constructive Trust

6-6 The duty to report suspicious transactions and to avoid “tipping off” lead to a conflict between the reporting institution’s responsibility under the criminal law and its obligation, as a constructive trustee, to a victim of fraud and other crimes under the civil law.

6-7 A financial institution’s liability as a constructive trustee arises when it becomes suspicious that the funds in a customer’s account rightfully belong to a third party. The financial institution then takes on the obligation of constructive trustee for the rightful owner. If the funds are paid away other than to the rightful owner, the civil law treats the institution as though it were a trustee for the funds, and holds the institution liable to make good the loss suffered. Having a suspicion which it considers necessary to report under the money laundering legislation may, prima facie, indicate that it knows or should know that the funds belong to a third party.

6-8 In the normal course of events, a financial institution would not pay out money to a third party knowing itself to be in breach of trust. The concern in relation to money laundering is that the financial institution will have reported its suspicion to GFIU. It will therefore have no option but to act on the customer’s instruction, because by refusing to pay out the funds it might alert the perpetrator of, for example a fraud, and in doing so commit a tipping-off offence under the money laundering legislation.

6-9 The tipping-off offence contained in the Criminal Justice Ordinance 1995 includes a prohibition on informing a suspected victim of crime that funds are at risk, where to do so is likely to prejudice a money laundering investigation. Article 8 of the EC Money Laundering Directive states that “credit and financial institutions and their directors and employees shall not disclose to the customer concerned nor to other third persons that information has been transmitted to the authorities …or that a money laundering investigation is being carried out”

6-10 Given the absolute nature of the prohibition in the criminal law, if an institution makes a disclosure under the money laundering legislation, and is acting in accordance with GFIU or the investigating officer’s consent in paying out the money, the risk of the institution being held liable by a civil court as constructive trustee is considered to be slight.18

6-11 However, to minimise the liability, the following procedures should be followed:

  1. When evaluating a suspicious transaction, the MLRO should consider whether there is a constructive trust issue involved. If the MLRO concludes that there is reason to believe that the institution may incur a liability as a constructive trustee, the precise reasons for this belief should be reported to GFIU immediately, along with the other matters giving rise to suspicion that the funds relate to the proceeds of crime. The constructive trust aspects should be set out clearly in the “reason for suspicion” section of the standard reporting form, with “Potential Constructive Trust Issue” marked clearly at the top of this section. Neither the customer nor any third party should be tipped off.

  2. On receipt of the report, GFIU will evaluate the information and “fast track” the report to the appropriate investigator who will determine whether the “consent” to undertake the transaction can be issued.

  3. Where a suspicious transaction report has previously been made to GFIU, and a potential constructive trust issue comes to light subsequently, GFIU (or the designated investigator) should be provided with an immediate further report indicating the reasons why a constructive trust situation is believed to have arisen.

The Role of the Money Laundering Reporting Officer

6-12 The overall responsibility for money laundering prevention lies with senior management and controllers of an institution.

6-13 The MLRO is responsible for the oversight of the institution’s anti-money laundering activities and is the key person in the implementation of the anti-money laundering strategy of the institution.

6-14 The MLRO will act as the “appropriate person” required to be appointed under Section 18 to receive and process internal and external suspicious transaction reports. The MLRO will also act as a central point of contact with the law enforcement agencies in order to handle the reported suspicions of their staff regarding money laundering.

6-15 The MLRO needs to be senior to be free to act on their own authority and to be informed of any relevant knowledge or suspicion in the institution. The type of person appointed as Money Laundering Reporting Officer will vary according to the size of the institution and the nature of its business, but he should be sufficiently senior to command the necessary authority. Larger institutions may choose to appoint a senior member of their compliance, internal audit or fraud departments. In small institutions it may be appropriate to designate the Operations Manager. When several subsidiaries operate closely together within a group, there is much to be said for designating a single Money Laundering Reporting Officer at group level. The MLRO shall be an employee of the institution whether as part of its governing body, management or staff and be primarily based in Gibraltar. It is not appropriate, in the case of multinational institutions and for the purposes of the Criminal Justice Ordinance, for the MLRO to be located outside Gibraltar.

6-16 Where an institution has branches or offices in other jurisdictions, the functions of the MLRO may be delegated to other persons within those branches or offices. Where such functions are delegated, the FSC will expect the MLRO to take ultimate responsibility for ensuring that the requirements of the AMLGNs are applied to those operations.

6-17 Section 18 imposes on the Reporting Officer a significant degree of responsibility. He is required “to determine” whether the information or other matters contained in the transaction report he has received gives rise to knowledge or suspicion that a customer is engaged in money laundering.

6-18 He must take steps to validate the suspicion in order to judge whether or not a report should be submitted to GFIU. In making this judgement, he must consider all other relevant information available to him concerning the transaction or applicant to whom the report relates. This may require a review of other transaction patterns or business in the same name, the length of the business relationship and referral to identification records held. If after the review, he decides that there are no facts that would negate the suspicion, then he must disclose the information to GFIU. The MLRO also needs to pass onto GFIU issues which he/she thinks appropriate and can be expected to liaise with GFIU on any questions of whether to proceed with a transaction in the circumstances.

6-19 Section 18(c) therefore requires that the Money Laundering Reporting Officer has reasonable access to information that will enable him to undertake his responsibility. In addition, the reference in Section 18(b) to “determination” implies a process with some formality. It is important therefore that the Money Laundering Reporting Officer should keep a written record of every matter reported to him, of whether or not the suggestion was negated or reported, and of his reasons for his decision.

6-20 The Reporting Officer will be expected to act honestly and reasonably and to make his determinations in good faith. Provided the Reporting Officer or an authorised deputy does act in good faith in deciding not to pass on any suspicions report, there will be no liability for non-reporting if the judgement is later found to be wrong.

6-21 Care should be taken to guard against a report being submitted as a matter of routine to GFIU without undertaking reasonable internal enquiries to determine that all available information has been taken into account

ZZ. Internal Reporting Procedures And Records

6-22 Reporting lines should be as short as possible, with the minimum number of people between the person with the suspicion and the MLRO. This ensures speed, confidentiality and accessibility to the MLRO. However, in line with accepted practice, some financial sector businesses may choose to require that such unusual or suspicious transactions be drawn initially to the attention of supervisory management to ensure that there are no known facts that will negate the suspicion before further reporting to the MLRO or an appointed deputy.

6-23 Supervisors should also be aware of their own legal obligations. An additional fact which the supervisor supplies may negate the suspicion in the mind of the person making the initial report, but not in the mind of the supervisor. The supervisor then has a legal obligation to report to the MLRO.

6-24 Larger groups may choose to appoint assistant MLROs within divisions or subsidiaries, to enable the validity of the suspicion to be examined before being passed to a central MLRO. In such cases, the role of the assistant MLROs must be clearly specified and documented. All procedures should be documented in appropriate manual and job descriptions.

6-25 All suspicions reported to the MLRO should be documented (in urgent cases this may follow an initial discussion by telephone). In some organisations it may be possible for the person with the suspicion to discuss it with the MLRO and for the report to be prepared jointly. In other organisations the initial report should be prepared and sent to the MLRO. The report should include the full details of the customer and as full a statement as possible of the information giving rise to the suspicion.

6-26 The MLRO should acknowledge receipt of the report and at the same time provide a reminder of the obligation to do nothing that might prejudice enquiries, i.e. “tipping off”. All internal enquiries made in relation to the report, and the reason behind whether or not to submit the report to the authorities, should be documented. This information may be required to supplement the initial report or as evidence of good practice and best endeavours if, at some future date, there is an investigation and the suspicions are confirmed.

6-27 On-going communication between the MLRO and the reporting person/department is important. The institution may wish to consider advising the reporting person, department or branch of the MLRO’s decision, particularly if the report is believed to be invalid. Likewise, at the end of an investigation, consideration should be given to advising all members of staff concerned of the outcome. It is particularly important that the MLRO is informed of all communication between the investigating officer and the branch/subsidiary concerned at all stages of the investigation.

6-28 Records of suspicions which were raised internally with the MLRO but not disclosed to the authorities should be retained for five years from the date of the transaction. Records of suspicions which the reporting authority has advised are of no interest should be retained for a similar period. Records of suspicions that assist with investigations should be retained until the financial institution is informed by the investigating officer that they are no longer needed.

Reporting Procedures

6-29 The central reception point for disclosure of suspicions by the Reporting Officers is

  • The Gibraltar Financial Intelligence Unit (GFIU)

  • Suite 832

  • Europort

  • Gibraltar

  • Tel 70211

  • Fax 70233

  • E-Mail

6-30 The Gibraltar Financial Intelligence Unit (GFIU) is integrated into the Government of Gibraltar Co-ordinating Centre for Criminal Intelligence and Drugs. It is staffed by officers seconded from HM Customs Gibraltar and The Royal Gibraltar Police and is a member of the Egmont Group of Financial Intelligence Units. The GFIU is manned from 0900hrs to 1700hrs Mondays to Fridays.

6-31 The use of a standard format in the reporting of disclosures is important and all institutions are encouraged to use the form as illustrated at Appendix C.

6-32 Disclosures should be typed whenever possible or, if the standard layout is followed, generated on word-processing software. Institutions using popular commercial software packages may be able to take advantage of form-based document and template features. Further information and advice can be obtained from GFIU.

6-33 Sufficient information should be disclosed on the suspicious transaction, including the reason for the suspicion, to enable the investigating officer to conduct appropriate enquiries. If a particular offence is suspected, this should be stated so that the report may be passed to the appropriate investigation team with the minimum of delay. However, it is not necessary to complete all sections of the disclosure form and its submission should not be delayed if particular details are not available.

6-34 Where additional relevant evidence is held which could be made available to the investigating officer, this should be noted on the form.

6-35 The receipt of all disclosures will be acknowledged by GFIU. In the majority of cases, written consent will also be given to continue processing the transaction. However, in exceptional circumstances such as the imminent arrest of a customer and restraint of assets, consent may not be given. The reporting institution concerned will be made aware of the situation and should follow the directions of the Police or Customs officer in charge of the investigation.

6-36 Following receipt of a disclosure and initial research within GFIU, the information contained in the disclosure (not the disclosure itself) is allocated to a designated, trained financial investigator in either the Royal Gibraltar Police or HM Customs Gibraltar. An investigation will be mounted if appropriate, which will seek to obtain admissible evidence of criminal activity, leading ultimately to prosecution. As the investigation proceeds, evidential material may also be sought from the institution which made the original disclosure, generally by way of a Court Order.

6-37 The customer is not approached in the initial stages of the investigation and will not be approached unless criminal activity is identified. The customer is not advised at any stage of the disclosure or its source and, in the event of prosecution, the source of information will be protected. Courts generally recognise the need to protect sources of sensitive intelligence, and it is the duty of investigators to seek in such circumstances to obtain the relevant evidence by independent means.

6-38 The money laundering legislation is drafted in such a way that reports submitted to GFIU may be allocated only to Police or Customs Officers for investigation. There is no mechanism for passing the information to tax authorities either in Gibraltar or overseas and there is no intention to put such a mechanism in place.

6-39 Access to the information contained in disclosures is restricted to designated officers within the Royal Gibraltar Police and HM Customs Gibraltar. Whilst other officers may be involved in a subsequent investigation, the original information is restricted to GFIU and these designated officers. Maintaining the integrity of the confidential relationship which has developed between law enforcement agencies and disclosing institutions is of paramount importance.

6-40 It is therefore important that all disclosures are made to GFIU in accordance with these procedures. It is recognised however that there may be occasions when an urgent operational response is required which can only be effected by direct contact with RGP or Customs. In such circumstances, GFIU must be advised as soon as practicable and a written disclosure submitted as usual.

6-41 Whilst the legislation permits disclosure to any Police or Customs Officer only GFIU will issues letters of acknowledgement and consent.

6-42 Following the submission of a disclosure report, an institution is not precluded from subsequently terminating its relationship with a customer, provided it does so for normal commercial reasons. It must not alert the customer to the fact of the disclosure as to do so would constitute a “tipping-off” offence. Close liaison with GFIU and the investigating officer is encouraged in such circumstances so that the interests of all parties may be fully considered.

AAA. Feedback from the Investigating Authorities

6-43 The provision of feedback by the investigating agency to the disclosing institution is recognised as an important element of the system. Case officers in charge of investigations are encouraged to provide feedback, in general terms, as to the progress of investigations. GFIU may also provide feedback on such cases, and will provide to the institutions on a regular basis, feedback as to the volume and quality of disclosures and on the levels of successful investigations arising from them. Such information, whether provided verbally or in written form should not be used as the basis of subsequent commercial decisions.

6-44 Institutions should ensure that all contact between particular sections of their organisation and law enforcement agencies is reported back to the Money Laundering Reporting Officer, so that an informed overview of the situation may be obtained. The MLRO should ensure that there is an established close co-operation and liaison with GFIU (see Part III of the Guidance Notes). In addition, Police or Customs will continue to provide information on request to a disclosing institution in order to establish the current status of a specific investigation.

6-45 Disclosing institutions should not be disheartened by a perceived lack of an immediate result following a disclosure, and should guard against dismissing further suspicions based on similar circumstances. Criminal investigations can, by their very nature, take weeks, months or even years to result in arrest and conviction.

6-46 A disclosure may be the very first piece in a complex puzzle, or it may be the final piece which completes the picture.

Part VII Education and Training

BBB. Statutory Requirements

7-1 Section 9(1)(b)and(c) requires institutions to take appropriate measures to make employees aware of:

  1. policies and procedures to prevent money laundering and for identification, record keeping and internal reporting;

  2. the legal requirements;

    and to provide relevant employees with training in the recognition and handling of suspicious transactions.

7-2 The Sections do not specify the nature of the training to be given and these Guidance Notes therefore set out what steps might be appropriate to enable institutions to fulfil this requirement.

CCC. The Need for Staff Awareness

7-3 The effectiveness of the procedures and recommendations contained in these Guidance Notes must depend on the extent to which staff in institutions appreciates the serious nature of the background against which the Sections have been issued. Staff must be aware of their own personal obligations under the legislation and that they can be personally liable for failure to report information in accordance with internal procedures. All staff must be trained to co-operate fully and to provide a prompt report of any suspicious transactions.

7-4 It is, therefore, important that businesses covered by the Sections introduce comprehensive measures to ensure that staff is fully aware of their responsibilities.

DDD. Education and Training Programmes

7-5 Timing and content of training packages for various sectors of staff will need to be adapted by individual businesses for their own needs. However it is recommended that the following might be appropriate.

7-6 All relevant staff should be educated in the process of the “know your customer” requirements for money laundering prevention purposes. The training in this respect should cover not only the need to know the true identity of the customer but also, where a business relationship is being established, the need to know enough about the type of business activities expected in relation to that customer at the outset to know what might constitute suspicious activity at a future date. Relevant staff should be alert to any change in the pattern of a customer’s transactions or circumstances that might constitute criminal activity.

7-7 Although Directors and Senior Managers may not be involved in the day-to-day procedures, it is important that they understand the statutory duties placed on them, their staff and the institution itself. Some form of high-level general awareness raising training is therefore suggested.

New Employees

7-8 A general appreciation of the background to money laundering, and the subsequent need for reporting any suspicious transactions to the Money Laundering Reporting Officer should be provided to all new employees who are likely to be dealing with customers or their transactions, irrespective of the level of seniority. They should be made aware of the importance placed on the reporting of suspicions by the organisation, that there is a legal requirement to report, and that there is a personal statutory obligation to do so.

Sales/Advisory/Cashier Staff/Foreign Exchange Dealers

7-9 Members of staff who are dealing directly with the public are the first point of contact with potential money launderers and their efforts are vital to the organisation’s strategy in the fight against money laundering. They must be made aware of their legal responsibilities and should be made aware of the organisation’s reporting system for such transactions. Training should be provided on factors that may give rise to suspicions and on the procedures to be adopted when a transaction is deemed to be suspicious.

7-10 It is vital that ‘front-line’ staff are made aware of the organisation’s policy for dealing with non-regular customers particularly where large transactions are involved, and the need for extra vigilance in these cases.

“Back Office” Staff

7-11 Those members of staff who receive completed proposals and cheques for payment of premiums, unit trusts or other investments must receive appropriate training in the processing and verification procedures. Those members of staff who are in a position to deal with account opening, or to accept new customers, must receive the training given to cashiers etc above. In addition, the need to verify the identity of the customer must be understood, and training should be given in the organisation’s account opening and customer/client verification procedures. Such staff should be aware that the offer of suspicious funds or the request to undertake a suspicious transaction may need to be reported to the Money Laundering Reporting Officer (or alternatively a line supervisor) whether or not the funds are accepted or the transactions proceeded with and must know what procedures to follow in these circumstances.

Administration/Operations Supervisors and Managers

7-12 A higher level of instruction covering all aspects of money laundering procedures should be provided to those with the responsibility for supervising or managing staff. This will include the offences and penalties arising from the Drug Trafficking Offences Ordinance and the Criminal Justice Ordinance for non-reporting and for assisting money launderers; procedures relating to the service of production and restraint orders; internal reporting procedures and the requirements for verification of identity and the retention of records.

Money Laundering Reporting Officers

7-13 In depth training on all aspects of the Money Laundering Legislation, Sections and internal policies will be required for the Money Laundering Reporting Officer. In addition, the Reporting Officer will require extensive instructions on the validation and reporting of suspicious transactions and on the feedback arrangements, and on new trends and patterns of criminal activity.

EEE. Refresher Training

7-14 In accordance with Section 5(b)and(c) it will also be necessary to make arrangements for refresher training at regular intervals i.e. at least annually to ensure that staff do not forget their responsibilities. Some financial sector businesses may wish to provide such training on an annual basis, others may choose a shorter or longer period or wish to take a more flexible approach to reflect individual circumstances, possibly in conjunction with compliance monitoring.

ANNEX III: List of all Laws, Regulations and Other Material Received

Banking Ordinance

Bureaux de Change Ordinance 1980

Charities Ordinance

Collective Investment Schemes Ordinance 2005

Commissioners for Oaths and Public Notaries Ordinance 1953

Consolidated Banking Ordinance—2/14/03

Criminal Justice Ordinance 1995

Criminal Offences Ordinances

Criminal Procedure Ordinance 1961

Disclosure Under the Drug trafficking Offenses Ordinance 1985

Drug (Misuse) Ordinance 1973

Drug Trafficking Offences Ordinance 1995

Drug Trafficking Offences Ordinance 1995 (Designated Countries & Territories) Order 1999

European Arrest Warrant Ordinance 2004

Evidence Ordinance 1948

Explosives Ordinance

Export Control Ordinance 2005

Financial Institutions (Prudential Supervision) Ordinance 1997

Financial Services Commission Ordinance

Financial Services Commission Ordinance, 1989

Financial Services Ordinance, 1989

Firearms Ordinance

Friendly Societies Ordinance 1888

Fugitive Offenders Ordinance 2002

Gambling Ordinance 2005

Gibraltar Constitution 1969 & British Overseas Territories Act 2002

Gibraltar Regulatory Authority Ordinance

Gibraltar Savings bank Ordinance 1935

Hijacking Act 1971

Import and Export Ordinance 1986

Insider Dealing Ordinance

Insurance Companies Ordinance

Intellectual Property (Copyright and Related Rights) Ordinance

Interpretation & General Clauses Ordinance

Magistrates’ Court Ordinance

Mutual Legal Assistance (International Ordinance) 2005

Mutual Legal Assistance (Schengen Convention) 2004

Piracy Act 1721—applicable by virtue of English Law Application Ordinance

Protected Cell Companies Ordinance 2001

Terrorism Ordinance 2005

The Al-Qaida & Taliban (UN Measures) (Overseas Territories) Order 2002

The Financial Institutions (Prudential Supervision) Ordinance

The Terrorism (UN Measures) (Overseas Territories(Order 2001

Regulations and Other Measures

Banking Guidance Notes—No.1, 3, 6

Banking Regulations

Explosives Regulations

Export of Goods (Control) Regulations

Export of Goods (Control) Regulations, 1997

Financial Services (Conduct of Business) Regulations

Financial Services (Conduct of Fiduciary Services Business) Regulations 2005 (final draft)

Financial Services (Licensing) Regulations

Financial Services Ordinance, 1989—Conduct of Business Regulations

FSC’s Anti-Money Laundering Guidance Notes

Government of Gibraltar ance AML Guidance for Businesses which accept Large Cash Payments

Implemented Financial Services EU Directives

Imports and Exports (Control) Regulations 1987

Money Laundering Notes 2004 v4.04

Supreme Court—Barristers and Solicitors Rules

Supreme Court—Solicitors’ (Practising Certificates) Rules, 2005

Supreme Court—Solicitors’ Accounts Rules

The post BCCI Directive –Police Discipline Regulations 1991

Other Materials

An Extract from Archbold 41st Edition on the Chapter of Piracy

Analysis of Regulatory Cooperation

Application for Registration as a Charity

Approved Persons Regime—Draft Consultation Paper

Companies House—Forum Latest/Current Available Information on Company

FAQ: Gibraltar’s Anti-Money Laundering Provisions

FGIU Newsletter 1/05

Financial Services Commission Visit ‘aide-mémoire’ Accountacy, Client Money, Governance, IT, KYC

Financial Services Commission—Annual Report 2005, 4, 3

Financial Services Commission—Risk-Based Framework for Supervising the Financial Services Industry

Financial Services Commission—Strategy Documents

First Supplement to the Gibraltar Gazette—No. 3,095 of 3/25/99

FSC Company File Review—checklist

FSC Examples of Feedback Letters

FSC Inspection Checklist

FSC Newsletters

FSC Regulatory Response Matrix

FSC Powerpoint Presentations

FSC Self Assessment Compliance with Basle Core Principles-13 January 2006

FSC Statement of Principles for On-site Visits

FSC Banking Guidance Note 6 Internal Audit

FSC Template Statement of Compliance

FSC Trust File Review—checklist

GCID/DFIV Annual Report 2005

GFIU Annual Report 1996

Gibraltar Pre-assessment Questionnaire

Handbook of Banking Supervision

Licence Agreement for Gambling Licence (template)

Mutual Evlauation Report on Gibraltar—Offshore Group of Banking Supervisors 2002 (and responses)

Press Releases 91/96, 3/96

Response to Recommendations Arising from IMF Assessment 2001.

Review of the Supervisory Activities of the Gibraltar Financial Services Commission and the Finacial Services Commissioner (The Pratt Report) January 2005 (and responses and current status of recommendations)

Tokyo Convention Act 1967

UK Counter-Terrorism Committee Responses 2002-2005


Subsequent to the on-site mission, the authorities advised that the new Gambling Ordinance entered into force on October 26, 2006. The provisions of the GO can be expected to significantly improve the supervisory oversight of the gambling sector. Since the Ordinance was enacted seven months after the on-site mission, however, the assessors have not been able to gauge the effectiveness of implementation of the provisions of the GO and, accordingly, it is not taken into account in assessing Gibraltar’s standing against applicable provisions of the FATF Recommendations.


In this context a package of reforms has been submitted to the EU for approval, and the EU’s response is expected by end-2006. The main features of this tax package include: abolition of tax on profits for all companies; introduction of a profit tax on financial service providers; introduction of a payroll tax; introduction of a business property occupation tax; introduction of annual company registration fee; and additional profit tax on utility companies.


Under the EU’s “passporting” provision, institutions (banks, insurance companies, and investment firms) incorporated in Gibraltar can provide cross-border financial services to clients in European Economic Area (EEA) states and vice-versa. Separate agreements on passporting banking, insurance, and investment services to the U.K. have been reached.


One reason for doing this is that Spain imposes a tax on the financing of Gibraltar based companies holding property in Spain.


See Letter from P.R. Caruana, Chief Minister, to Donald Johnston, 27 February 2002, available at


As of the time of this report, 27 countries were listed in Schedule1 of the order: Anguilla, Australia, the Bahamas, Bahrain, Barbados, Bermuda, Canada, The Cayman Islands, Denmark, Guernsey, Hong Kong, India, Isle of Man, Italy, Jersey, Malaysia, Montserrat, Netherlands, Nigeria, Saudi Arabia, South Africa, Spain, Sweden, Switzerland, United Kingdom, United Mexican States, and United States of America.


Subsequent to the on-site mission, the authorities advised that the new Gambling Ordinance entered into force on October 26, 2006. The provisions of the GO can be expected to significantly improve the supervisory oversight of the gambling sector. Since the Ordinance was enacted seven months after the on-site mission, however, the assessors have not been able to gauge the effectiveness of implementation of the provisions of the GO and, accordingly, it is not taken into account in assessing Gibraltar’s standing against applicable provisions of the FAT Recommendations.


The TCSP category of the DNFBP sector is subject to the same AMLGN requirements as financial institutions. The recommendations on standards in Sections 2.2, 2.3, 2.5 and 2.6, therefore, apply. Similarly, licenses for all internet casinos require compliance with the FSC issued AMLGNs. The sole land based casino is currently not subject to the higher requirements detailed in the AMLGNs.


Subsequent to the on-site mission, the authorities advised that the new Gambling Ordinance entered into force on October 26, 2006. The provisions of the GO can be expected to significantly improve the supervisory oversight of the gambling sector. Since the Ordinance was enacted seven months after the on-site mission, however, the assessors have not been able to gauge the effectiveness of implementation of the provisions of the GO and, accordingly, it is not taken into account in assessing Gibraltar’s standing against applicable provisions of the FATF Recommendations.


See Letter of P.R. Caruana, Chief Minister, to Donald Johnston, 27 February 2002, available at


An External Confiscation Order is defined as “an order made by a court in a designated country for the purpose of recovering payments or other rewards received in connection with drug trafficking or their value.” Section 42 of the CJO similarly defines “External Confiscation Order” as an order made by a court in a designated country for the purpose of recovering property obtained as a result of or in connection with conduct corresponding to an offense, the value of property so obtained, or of depriving a person of a pecuniary advantage so obtained.


These factors are only required to be set out when the rating is less than compliant.


The TCSP category of the DNFBP sector is subject to the same AMLGN requirements as Financial Institutions. The recommendations on standards in Sections 2.2, 2.3, 2.5 and 2.6, therefore apply. Similarly, licenses for all internet casinos require compliance with the FSC issued AMLGNs. The sole land-based casino is currently not subject to the higher requirements detailed in the AMLGNs.


Appendix A to these Guidance Notes contains a summary of the Gibraltar legislation.


Kluwerpers Passport Handbook can be obtained from Veen Uitgevers Goep-Kluwerpers B.V. Vinkenburgstraat, 2A 3512,A.B. Utrecht, Netherlands.


When calculating the equivalent of a transaction into EUROs an institution may wish to; calculate this on a daily basis (or more frequently throughout the day), set individual limits for their own use taking a view on the exchange rate to be used and the frequency of the review or adopt a general limit of £9,000 in respect of one-off transactions or £1,500 for single insurance premiums or £600 per annum for regular insurance premiums.


Because verification of identity was not a statutory requirement for banks and building societies prior to 1st April 1995, an institution should exercise a greater degree of vigilance where a transaction appears suspicious, and the postal concession has been relied upon. Where such suspicions are aroused, identity should be verified.


In such circumstances or constructive trust, independent legal advice should be sought.

Gibraltar: Detailed Assessment Report on Anti-Money Laundering and Combating the Financing of Terrorism
Author: International Monetary Fund
  • View in gallery

    Figure 1- Illustrating the KYC requirements for a personal applicant for business

  • View in gallery

    Figure 2 - Illustrating the KYC requirements for a body corporate applicant for business

  • View in gallery

    Figure 3- Illustrating the KYC requirements for a trust applicant for business