Bermuda
Detailed Assessment Report on Anti-Money Laundering and Combating the Financing of Terrorism

In the case of Bermuda, application of risk-based approaches seems particularly relevant not only to the insurance sector, but also to other types of financial and nonfinancial activities. The legal framework for investigation and prosecution of money laundering (ML) is well developed, and law enforcement and prosecutorial staff are highly motivated and professional. Bermuda’s Financial Investigation Unit (FIU) should be more adequately funded, staffed, and provided with additional technical resources, including, for instance, expertise in forensic accounting. A key strength of Bermuda’s supervisory regime is the integrated nature of financial sector supervision.

Abstract

In the case of Bermuda, application of risk-based approaches seems particularly relevant not only to the insurance sector, but also to other types of financial and nonfinancial activities. The legal framework for investigation and prosecution of money laundering (ML) is well developed, and law enforcement and prosecutorial staff are highly motivated and professional. Bermuda’s Financial Investigation Unit (FIU) should be more adequately funded, staffed, and provided with additional technical resources, including, for instance, expertise in forensic accounting. A key strength of Bermuda’s supervisory regime is the integrated nature of financial sector supervision.

Detailed Assessment Report

1 GENERAL

1.1 General Information on Bermuda

23. Bermuda is the United Kingdom’s oldest overseas dependent territory, with internal self-government comprising the Bermudas or Somers Islands, an archipelago of some 150 islands in the Atlantic Ocean, about 570 miles east-southeast of the mid-Atlantic region of the United States. It covers an area of approximately 21 square miles, and has a population of 65,773 (July 2006 est.). The Head of State is the British monarch, whose representative is the Governor, who in turn appoints as Premier the member of the House of Assembly who appears to him best able to command the confidence of a majority of the members of that House. The Governor also appoints other ministers in accordance with the advice of the Premier. The legislative branch of government is bicameral, consisting of a senate of 11 appointed members and a House of Assembly of 36 elected members. The Bermuda Constitution Order 1968 establishes the current parliamentary system, and maintains Bermuda’s status of internal self-government with a high degree of control over its own affairs, except for defense, internal security, and international affairs. Bermuda relies on the United Kingdom (UK) to extend to it relevant provisions, including international conventions and United Nations Security Council Resolutions (UNSCRs).

24. Bermuda’s legal system is based on the British model consisting of codified legislation and English common law. The court system is made up of Magistrate Courts, a Court of Appeal, and a Supreme Court, with final appeal to the Privy Council in Britain.

25. With a GDP per capita of US$76,403 (nominal terms 2005), Bermuda is one of the most prosperous countries in the world. Its economy is based primarily on international financial services and tourism, both of which represented a significant portion of Bermuda’s nominal GDP of $4.8 billion, or real GDP of $3.7 billion (at 1996 constant market prices). The Bermuda economy has exhibited strong growth over the last decade largely attributed to the expanding international business sector. It has a fixed exchange rate that is pegged to the US dollar at par US$1.00=BMD$1.00.

26. The Bermuda government has excellent credit ratings, placing the country among the most creditworthy sovereign borrowers in the world, and is an indicator of good governance. Official corruption is minimal, and has been a criminal offence since the Criminal Code Act was passed in 1907. In addition, the Bermuda government has agreed in principle to have the UN Convention against Corruption extended to it by the UK. Leading credit rating agencies have stable or positive outlooks on Bermuda, primarily based on its commitment to high standards of fiscal prudence, its standing as a significant international financial center, and a proven track record of managing the economy and business environment.

27. Bermuda places much importance on the fitness of owners and the types of businesses it authorizes to operate in, and from within, Bermuda. This approach has helped in preserving the stability of its financial services industry. Leading this effort is the Bermuda Monetary Authority (BMA), an integrated financial regulator established in 1969. The BMA seeks to promote a high level of compliance with international financial standards, including those set by the Basel Committee, IOSCO, and IAIS. Bermuda is a member of the Offshore Group of Banking Supervisors, the Basel Cross Border Banking Group, as well as of the IAIS, and IOSCO.

28. Bermuda is a member of the Caribbean Financial Action Task Force (CFATF). Its AML/CFT legal framework includes the Proceeds of Crime Act 1997, the Anti Terrorism (Financial and Other Measures) Act 2004, and the POC Regulations. Non-mandatory AML guidelines have also been issued to provide practical guidance to the implementation of the legal requirements. Bermuda has also formed a National Anti-ML Committee, whose main mandate is to advise the Minister of Finance and issue guidelines on AML issues. The last AML/CFT assessment of Bermuda was conducted by the IMF in March 2003 (as part of an OFC assessment), using the October 2002 Methodology, and based on the FATF 40+8 Recommendations prevailing at that time. That assessment found Bermuda to be compliant or largely compliant with a majority of the Recommendations.

1.2 General Situation of ML and Financing of Terrorism

The ML Situation

29. There has been only one prosecution for ML in Bermuda. That prosecution was successful, and currently there are several other cases pending prosecution. In 2001, Bermuda established a Confiscated Assets Fund, which now has a balance of over US$700,000.00, with an additional $1 million confiscated but not yet deposited in the Fund.

30. Bermuda is not known as a major source country for predicate crimes that would give rise to ML/FT. It is not a drug producing country nor is it an important transshipment point for drugs to other countries. Law enforcement authorities have made seizures of cannabis, cocaine, and other illegal drugs, in many cases on the strength of intelligence provided by the US Drugs Enforcement Agency. The authorities have made arrests and drug seizures over the last five years, but the trend has been rather flat, except for 2003, when the number of arrests and drug seizures increased sharply.

Number of drug-related arrests and seizures, 2002–2006

article image

31. Bermuda is, however, exposed to ML risk from predicate crimes occurring in other countries, particularly through its large international financial services sector. To address some of this risk, the authorities have passed two important pieces of legislation: The Proceeds of Crime Act (POCA 1997), and The Proceeds of Crime (Money Laundering) Regulations 1998. Both instruments came into force in January 1998. The Regulations imposed, inter alia, procedures requirements on FIs in the areas of customer identification, recordkeeping, and suspicious activity reporting. In 2000 and 2003, Bermuda underwent evaluations of its financial supervisory and AML/CFT regimes by the UK (KPMG review), and the IMF, respectively. These evaluations concluded that Bermuda ranked as one of the most developed offshore jurisdictions that had made considerable progress towards meeting international financial standards. However, since the IMF’s assessment, there has been little change to the AML/CFT legal and regulatory framework. At the time of the mission in, amendments to the POCA had been laid before Parliament, including for the establishment of a new Financial Intelligence Agency (FIA) to replace the current FIU.

The Terrorist Financing Situation

32. To date, there has been no evidence of terrorism or FT in Bermuda. To address FT issues, the UK has extended, by Order in Council, a number of legislative measures to Bermuda to comply with UN requirements. These measures include: The Terrorism (United Nations Measures) (Overseas Territories) Order 2001; The Afghanistan (United Nations Sanctions) (Overseas Territories) Order 2001 (as amended in 2001); and The Al-Qa’ida and Taliban (United Nations Measures) (Overseas Territories) Order 2002. After the IMF’s assessment in 2003, Bermuda enacted its own domestic FT legislation by passing the Anti-Terrorism (Financial & other Measures) Act 2004 (ATFA).

1.3 Overview of the Financial Sector

Banks and Deposit-taking Institutions

33. Bermuda, with only four licensed banks and one deposit-taking company, is not a significant international banking center. These FIs have total assets, as of June 2006 equivalent, of approximately US$23 billion and US$20 billion in deposits. The four banks have 15 branches in Bermuda, and the two largest banks have 33 overseas subsidiaries. There are no current statistics on off-balance sheet assets under administration, but end of 2005 data indicate the total to be about US$51.3 billion. No information with respect to non-resident deposits is collected and available. In addition, there is one credit union, with members exclusively from a local labor union, which is also supervised by the BMA under delegated authority from the Minister of Finance.

34. A number of banks are members of financial groups with affiliates involved in trust business, investment companies, and other organizations. At the time of the mission, there were some 25 entities that belonged to such groups. These groups are supervised by a special team of the BMA. Bermuda has adopted an integrated approach to supervision, assigning supervisory responsibilities to the BMA as a single integrated supervisor for banks, deposit taking companies, trust business, insurance, investment business including mutual fund administration, money services business (none licensed as yet), and credit unions under delegated authority from the Minister of Finance.

Insurance Sector

35. Bermuda has a significant international insurance/reinsurance market consisting of approximately 1,433 companies in four different classes of licensees as follows:

Class 1: 355 companies (single parent captives insuring risk of its owners or affiliates).

Class 2: 399 companies (a) multi owner captive s insuring risk of its owners or affiliate owners; and (b) a single-parent and multi owner captive s and / or deriving up to 20 percent of its net premiums from unrelated risk).

Class 3: 566 companies (other than Class 1, 2, and 4 including (a) re-insurers writing third party business; (b) insurers writing direct policies with third parties; (c) single parent, group, association, or joint venture captives where more than 20 percent of their net premiums written arise from risks which are unrelated to the business of the owners; and (d) finite insurers and rent-a–captives).

Class 4: 40 companies (high end insurers and re insurers capitalized at a minimum of US$100 million underwriting direct excess liability and or property catastrophe reinsurance risk).

Long term Insurers (80) and composite insurers (40): 120 companies.

36. Total gross premiums exceed US$105 billion, of which more than 20 percent consists of pure long term (life) insurance, and about 30 percent including life and composite insurance. There are 16 authorized insurance intermediaries including agents (5), brokers (4) and managers (7).

37. The latest available statistics at the time of the mission are from 2005, with respect to the domicile of owners of insurance companies and their respective premium amounts, providing an indication as to the geographic area where they conduct business. These are set out in the box below.

Market Statistics by Domicile of Beneficial Owner/s For the Year ended 31st December, 2005

article image
article image
Investment Services, Mutual Funds and Securities Market

38. As of September 30, 2006, there were about 1,267 registered mutual (investment) funds in Bermuda, comprising some 2,161 investment portfolios with net asset values totaling in excess of US$210 billion. A new licensing regime for fund administrators is in process of being implemented under the Investment Funds Act 2006, which allows firms conducting such business (about 58 firms) a 12–month grace period starting March 2007. Statistics on the types of funds and their assets are provided below.

Mutual Funds

(Collective Investment Schemes)

article image

39. Bermuda has also established a stock exchange (The Bermuda Stock Exchange) with a fully-electronic offshore securities market. It has been in operation since 1971, and the BSX currently lists securities for about 72 companies and 346 investment funds, mostly offshore issuers, with a market capitalization of about US$350 billion, of which the domestic market comprises about US$2.6 billion. Some 18 broker-dealers have been authorized to trade in this market.

40. The following box sets out the types of FIs that can engage in the financial activities that are within the definition of “financial institutions” in the FATF 40+9.

Types of FIs

article image

41. Apart from information on the foreign subsidiaries of Bermudian banks, there is no information readily available to the BMA with respect to branches and subsidiaries of long term insurance companies.

42. The BMA is the sole regulator of the financial services sector in Bermuda and has responsibility for authorizations, registrations, and prudential supervision. As part of its supervision, BMA is responsible for reviewing the AML/CFT systems and controls of licensed entities in order to check compliance, and to ensure they are managing their risks prudently. The AML Regulations, however, do not cover life insurance business, and only certain aspects of mutual fund administration (subscriptions and redemptions) services are covered. At the time of the mission, the sole payments systems services provider was not subject to BMA’s supervision but was being considered for licensing.

43. There is also a Compliance Association, consisting of compliance officers from a number of regulated FIs. This association is very active in Bermuda and a key focus of its activities relates to AML/CFT issues.

1.4 Overview of the DNFBP Sector

44. The following boxes summarize the AML/CFT framework for DNFBPs in Bermuda, provide some of the key characteristics of each of the DNFBP sectors and activities.

AML/CFT Framework for Bermuda DNFBPs

article image

Characteristics of Bermuda DNFBPs

article image

45. Casinos – Casinos do not operate in Bermuda. Under the Criminal Code 1907, Section 155, gaming is prohibited in Bermuda. Under the Prohibition of Gaming Machines Act 2001 and related legislation, the importation, purchase, sale, maintenance, or use of gaming machines is strictly prohibited. The prohibition on gaming extends to cruise ships, which are prohibited from casino operations while in Bermuda waters. Bermuda companies are prohibited from offering internet gambling services.

46. Real Estate – Bermuda has a local real estate sector comprising approximately 56 Agents and 204 sales persons involved in intermediating sales/rentals of overwhelmingly local property. All agents and salespersons are required to be licensed under the Real Estate Agents Act of 1976. The licensing under the Act imposes some general standards about who can be involved in this sector, and enables the Minister to take action to deal with abuse. The Registrar of Companies has the Authority, under Section 11 of the Act, to require any information he or she may require to assess the proper conduct of business.

47. Purchase or sale of property by non-Bermuda is tightly controlled and highly taxed; each such transaction requires exchange control permission by the Minister of Finance, through the BMA. These features greatly diminish the liquidity of Bermuda property for non-residents and appear to limit its attractiveness to international money launderers as a vehicle for laundering the proceeds of overseas crime. Property transactions between Bermuda residents are not subject to similar controls. The segmented market has created very sharp differentials in the value of property available to non-residents and the value of property reserved for domestic residents, creating strong economic incentives for ineligible parties to attempt to buy property that is restricted to residents. Trust agreements designed to mask underlying ownership appear to have been used for this purpose. There also appears to be some ML risk in the Bermuda property market. Law enforcement investigators frequently find that local drug traffickers have invested their criminal proceeds in the property market, particularly in lower cost property.

48. Real estate agents are not subject to AML/CFT preventive measures requirements. The government is considering extending the scope of application of POC Regulations to classify other designated non-financial business, including real estate agents, as Regulated Dealers. At the time of the mission no formal proposal had been tabled.

49. Dealers in Precious Metals/Precious Stones – There are a number of retail jeweler stores that sell high value goods, such as Rolex watches and diamond rings although there is no wholesale market for trading in precious metals and stones. The government is considering extending the scope of application of the POC Regulations to cover other designated non-financial business to be classified as Regulated Dealers. This category would cover any person who, in the course of carrying on a business, deals in goods or services and accepts high value cash payments above a threshold level. No formal proposal had been tabled as of the time of the mission.

50. Lawyers – The legal profession plays an important role in the Bermuda financial and commercial sectors. In addition to offering legal advice and representing clients in legal proceedings, law firms advise and prepare the full range of sophisticated financial transactions organized and carried out from Bermuda. Also, subsidiaries of law firms are key providers of trust and company services. As of January 2007, 42 Law Firms were active in Bermuda and the Bar had issued current practicing certificates to approximately 325 individuals.

51. The legal profession in Bermuda is unified, consisting of barristers or attorneys. Lawyers are not subject to the POC Regulations 1998, and thus are not required to implement mandatory AML/CFT preventive measures. Lawyers are covered by the generalized requirements for SAR reporting under Section 46 (2) of POCA. However, Section 46 (3) of the Act provides an exemption from this requirement for information received in privileged circumstances. The exemption is very broad. There are no current arrangements for monitoring and enforcing compliance by lawyers and, in practice, no SARs have been filed by lawyers acting as lawyers, rather than as other service providers. Members of the Bermuda Bar Association are subject to the Barristers Code of Professional Conduct, 1981, and the Bar has legal authority to discipline members for failure to comply with the Code.

52. At the time of the mission, a government sponsored bill was before the Parliament which would amend the POCA to impose certain AML/CFT preventive obligations on professional legal advisers in independent practice when they are involved in financial transactions. Arrangements for the Bermuda Bar to act as an SRO for compliance monitoring and enforcement are under consideration, but modalities have not yet been determined. Subsequent to the mission, on June 22, 2007, the amendments to POCA dealing with preventive measures for lawyers were approved.

53. Notaries – Notaries must be a barrister or attorney. The main function of notaries in Bermuda is to verify identities and authenticate signatures. They do not prepare or carry out financial transactions for clients.

54. Accountants – Approximately 12 public accounting firms, including both local and international, operate in Bermuda, including offices of the ‘Big Four’. Many firms specialize in insurance, given the dominance of that sector in the Bermudian economy. In addition to traditional auditing and accounting functions, some public accounting firms, through affiliates, are licensed trust service providers, and some are providers of company services (CSPs). The Institute of Chartered Accountants of Bermuda (ICAB) is the statutory governing body for public accountants. ICAB is formally affiliated to the Canadian Institute of Chartered Accountants. Membership in the ICAB is required to act as a public accountant. A small number of professional accountants who are not public accountants offer various other accountancy services, such as general accounting or business advisor services. [See comment above under section 1.4.]

55. Like lawyers, accountants are not currently subject to the explicit AML/CFT preventive obligations of the POC Regulation 1998, but are also covered by the generalized requirements for SAR reporting under Section 46 (2) of POCA. There is no regime for monitoring and enforcing compliance by accountants with this SAR reporting requirement.

56. At the time of the mission, a government sponsored Bill was before the parliament that would amend the POCA to impose AML/CFT preventive requirements on public accountants in limited circumstances. Subsequent to the mission, on June 22, 2007, the amendments to POCA dealing with the AML/CFT obligations of public accountants were adopted as law. Arrangements for the ICAB to act as an SRO for compliance monitoring and enforcement are under consideration, but modalities not yet been determined.

57. Trust Service Providers and Company Service Providers (TCSPs) – Bermuda firms offer an extensive range of trust services and company formation and management services. Provision of trust services is a regulated activity under the Trusts (Regulation of Trust Business) Act 2001. Some 33 licensed Bermuda companies, with combined employees of over 300 individuals, offer the full range of trust services with a market emphasis on discretionary trusts for high net worth families. The regulatory regime focuses on conduct of business, including AML/CFT preventive measures. Trust service providers are categorized as FIs and are subject to the POCA requirements for FIs. BMA is the supervisor of trust companies; it has a well-developed supervisory program that includes oversight of compliance with AML/CFT requirements.

58. Some 30–40 firms provide CSP services, including company incorporation applications, company administration, provision of directors, and registered offices. The main company service providers are law firms. The Bermuda Bar Act 1974 restricts persons who may prepare a memorandum for incorporation to lawyers and accountants. Presently about 90 percent of the applications for incorporation are submitted by the two largest law firms.

59. As of the time of the mission, CSPs were not regulated nor were they subject to specific AML/CFT preventive measures. Amendments to the POC Regulations were being drafted that would bring CSPs within the scope of POCA. It is anticipated that BMA will be charged with responsibility for oversight of CSPs.

60. While CSPs are not currently regulated, integrity risks in the company formation process are mitigated by other controls. The Companies Act 1981 requires identification of beneficial ownership, both at the time of incorporation and on an on-going basis, necessitating a certain level of CDD by CSPs. Prior to acceptance by the Registrar of Companies, all company applications are individually vetted by the BMA, including the conduct of independent due diligence on the beneficial owners and the controllers of the company.

61. Non-Profit Organizations – Under the Charities Act 1978, every charitable organization in Bermuda wishing to undertake money-raising activities must apply to the Registrar General to be registered as a charitable organization. Approximately 400 charities are registered under the above legislation and they have total revenues of approximately US$84 million per year. (This total excludes the Bermuda Hospital Board, which alone has total annual revenue of approximately US$120 million.)2 Many of the registered charities are small, with half having annual revenues of US$25,000 or less. Several large international charities have affiliates registered in Bermuda, e.g., Red Cross, World Vision, Salvation Army. While most funds raised in Bermuda appear to be applied locally, several registered charities raise funds for overseas assistance. Organizations which carry out charitable activities in Bermuda, but which do not solicit funds from the public, are not required to register. No information is available on the scope of these activities, but some locally-based foundations and charitable trusts are understood to be active on the island.

62. Applications for registration are considered and authorized by the Charities Commission, an official, all volunteer advisory board. Registration formalities are streamlined and straightforward, including listing of officers and directors, statement of objectives, explanation of how funds will be raised and applied, and a summary of latest financial information. The Charities Commissioners reviews applications to confirm the public benefit of the charities’ activities, and the reputation and capacity of the applicants. Charities are required to maintain general financial records and to fill an annual financial statement with the Registrar General. The Commission is of the view that the files on charities at the Register General were not well organized or up-to–date, somewhat handicapping their usefulness for either the authorities or the public. Access to the files is permissible but cumbersome, including payment of fees. In recent years the authorities have not encounter significant illegalities in the NPO sector aside from misappropriation of small balances. The financing of terrorism has not been a focus of official oversight.

1.5 Overview of commercial laws and mechanisms governing legal persons and arrangements

63. Bermuda is not a significant incorporation jurisdiction. As of the end of March 2007, there were only 16,742 companies and 906 partnerships registered in Bermuda. Their make-up is as follows:

Companies and Partnerships Registered in Bermuda

article image

64. Companies - Three types of companies may be formed under the Companies Act 1981: limited liability companies, companies limited by guarantee, and unlimited liability companies. The Companies Act 1981 distinguishes between companies which are foreign owned, defined as exempted companies, and those which are owned by Bermudians, defined as local companies. Only local companies which are owned by at least 60 percent Bermudians and meet other specific statutory criteria may carry on business in Bermuda, unless the company has the express permission of the Minister of Finance. Overseas or “permit” companies are non-Bermudian companies that are authorized by the Minister to carry business in or from within Bermuda through a local branch.

65. Both the Companies Act 1981 and the Exchange Control Act 1972 impose requirements to disclose the owners of companies and charge the BMA to vet the chain of ownership and the beneficial owners. BMA vetting of all owners is required at the time of incorporation. Vetting of non-resident owners is required when there are transfers of equity securities to or from persons who are non–residents. Beneficial ownership information reviewed by the BMA is confidential and is maintained by the Authority on behalf of the Minister of Finance.

66. The register of companies is maintained by the office of the Registrar of Companies, an office within the Ministry of Finance. The Companies Act 1981 gives the Minister a variety of powers to compel compliance with the Act and to sanction non-compliance. Companies formed under laws of another country who carry on business in Bermuda are required to obtain a permit issued by the Minister of Finance under Section 134 of the Companies Act 1981. Permission requires a full vetting of beneficial ownership by the BMA. The register of permits is maintained by the Registrar of Companies. There is no requirement under the Companies Act 1981 to disclose subsequent changes of ownership for overseas companies unless specified in the permit. There is no sanction if an overseas company misrepresents the beneficial owners. However, the Minister of Finance has the power to revoke the permit.

67. Under Section 130 of the Companies Act 1981, every exempted company must have:

  • two directors resident in Bermuda; or

  • a director or secretary ordinarily resident in Bermuda; or

  • a director or resident representative ordinarily resident in Bermuda; or

  • in the case of a company with shares of which are listed on an approved stock exchange, a resident representative.

68. For local companies, it is generally accepted that one or more directors will reside in Bermuda.

69. Under Section 65 of the Companies Act 1981, every company must have a registered office in Bermuda and maintain at its registered office an up-to–date register of members. Information pertaining to the share register must be retained in Bermuda. It is an offence not to make the register available to the public. Publicly held companies listed on an appointed stock exchange are not required to have information about the ultimate owners of its shares.

70. Trusts - Bermuda does not require trusts (as distinguished from unit trusts registered as mutual funds, of which there are around 109) to be registered, and there are no reliable figures available on the number of trust relationships, nor of the amount of assets held in trust. It is believed, however, that the number of trusts and amount of property held in trust are substantial. Bermuda follows the common law with regard to the formation of trusts. The Trustee Act 1975, which is similar to the UK legislation Trustee Act 1925, makes general provisions for trusts in Bermuda and provides for the duties and powers of trustees.

71. The 1987 UK Trustee Act, which makes provisions of the Hague Convention on Trusts applicable in the UK, has been extended to Bermuda and has been enacted in domestic law under the Trusts (Special Provisions) Act 1989. The Trusts (Special Provisions) Act 1989 follows closely the provisions of The Hague Convention on Trusts pertaining to conflict of laws and provides a general descriptive definition of the characteristics of a trust.

72. Provisions dealing with trusts formed for non–residents (settlors or beneficiaries), or where the assets settled in the trust are located outside of Bermuda, are the same as those for domestic trusts. The Trusts (Special Provisions) Act 1989 allows for the establishment of a purpose trust, other than for charitable purposes, under specified conditions. There is no general requirement for trusts to be registered.

73. All persons who hold themselves out as carrying on the business of offering the services as a trustee are required to be licensed under the Trusts (Regulation of Trust Business) Act 2001. Trust services businesses are subject the POC Regulations 1998 and supervised as FIs by the BMA. In common with all institutions regulated for the purposes of proceeds of crime, trust service providers must know the identity of the settlors, as well as the protectors and the beneficiaries of trusts.

74. Persons carrying on trust business in Bermuda are required to be licensed under the Trusts (Regulation of Trust Business) Act 2001, whether or not the trusts are governed by Bermudian or foreign law. They are also a regulated entity under the POCA and have similar obligations as trustees of domestic trusts regarding the identity of settlors, beneficiaries, and protectors.

75. Where companies are owned by trusts the persons authorized to incorporate the companies of a trust must submit, at the time of incorporation to the BMA as the agent of the MEF, information about the trust, in particular the identity of settlors and beneficiaries.

76. Partnerships - There are two types of partnerships which may be established under Bermuda law: ordinary partnerships and limited partnerships. Some partnerships must be registered; a process which includes official vetting of partners by the BMA. The registration requirement depends on the residency status of the partners and on where the partnership will carry on business. In general, when all partners are Bermuda residents or non-exempted Bermuda registered companies, no registration or official vetting is required. In cases where one or more of the partners is a non-resident or an exempted Bermuda registered company, registration and official vetting of partners by the BMA is required to identify ultimate beneficial owners.

77. Foreign partnerships, whether ordinary or limited, which intend to operate in or from Bermuda must register as overseas partnerships, including full vetting of partners by the BMA. Also, all limited partnerships, regardless of the residency status of partners, must be registered, including vetting of partners by the BMA. Exempted partnerships and overseas partnerships must appoint a resident representative in Bermuda and maintain a registered office.

78. Foundations - Foundations may be formed as companies limited by guarantee. The provisions pertaining to companies under the section dealing with companies would apply to foundations incorporated under the Companies Act 1981, or under a private Act and subject to the Companies Act 1981. A charitable trust may also use the term foundation in its name.

1.6 Overview of strategy to prevent ML and FT

a. AML/CFT Strategies and Priorities

79. While the authorities indicate that they have developed and reviewed an AML strategy coordinated through the NAMLC, it does not seem to have been formally adopted as a national strategy with clearly formulated and implemented components, e.g. in setting out policies, goals, action plans, priorities, and accountabilities. Some measures have been taken under each of the “strategy” components (e.g., establishment of law enforcement coordination and international cooperation arrangements) outlined below. However, implementation has been generally limited, as the legal, regulatory, and institutional requirements and arrangements to combat ML/FT remain relatively unchanged since the last AML/CFT assessment in 2003. Bermuda describes its strategy as consisting of the following five components:

  • Enhance AML Enforcement Initiatives.

  • Undertake Additional Public/Private Sector Education and Collaboration.

  • Supervisory, Regulatory, and Law Enforcement Agencies Coordination.

  • Strengthen International Cooperation.

  • Amendments to Legislation and GNs.

b. The institutional framework for combating ML and FT

80. The National Anti-ML Committee (NAMLC) advises government on AML issues and provides guidance with compliance with the AML regime. It also facilitates the coordination of activities among the relevant government authorities and agencies concerned with AML issues. The NAMLC consists of the Financial Secretary (Chairman); the Attorney General; the Permanent Secretary of the Ministry of Labour, Home Affairs, and Public Safety; the Chairman and CEO of the BMA; the Commissioner of Police; and such persons appointed by the Ministry of Finance.

81. The BMA is responsible for the regulation and supervision of banking and deposit-taking business; insurers; collective investment schemes/mutual funds; investment services providers; the Bermuda Stock Exchange; trustees; and the Credit Union. Insurers, Exempt Investment Service Providers, Exempt Trust Service Providers and Company Services Providers are not supervised by the BMA.

82. The FIU is part of the Commercial Crime Department of the Bermuda Police Service and administers the provisions of: (i) the Proceeds of Crime Act 1997 as amended in 2000; (ii) the Proceeds of Crime (Money Laundering) Regulations 1998; (iii) the Anti-Terrorism (Financial & Other Measures) Act 2004; and (iv) the UN Terrorism Order (The Terrorism [UN Measures] Overseas Territories Order 2001). The FIU, as a law enforcement agency and unit within the Bermuda Police Service, exercises powers under the Police Act 1974.

83. The Customs Department is responsible for the monitoring of cross-border movements of currency and goods. All information relating to customs offences or suspicious cross-border movements of currency and goods are forwarded to the Joint Intelligence Unit (JIU), which is a multidisciplinary agency comprising the Police, HM Customs, and US Customs. The JIU controls the collecting, collating, and dissemination of revenue and drug intelligence to the relevant authorities.

84. The Office of the Director of Public Prosecutions (DPP) is responsible for prosecution of offences, including those under the ML and FT legislation. The DPP is also responsible for making applications for forfeiture and confiscation of property. The AG’s Chambers deal with the non-criminal aspects of the AML/CFT regime. It is the central authority responsible for receiving requests from overseas authorities to obtain evidence locally for use in connection with criminal proceedings or investigations in the requesting country.

c. Approach concerning risk

85. The authorities have not conducted a systemic ML/FT risk assessment to support implementation of AML/CFT measures. In addition, the current legal and regulatory framework does not provide basis for applying risk-based approaches to AML/CFT that would include enhanced CDD measures for higher risk activities. The AML Regulations and GNs, however, provide for exempted or reduced customer identification requirements, but there is no established basis for such exemptions or reduction in CDD. The GNs contain some of these exemptions/simplifications, particularly with respect to insurance and investment services, that can adversely affect implementation of effective AML/CFT controls in these sectors. These provisions are described in section 3 of this report.

86. There is a common view in both the public and private sectors that a main source of ML in Bermuda is domestic drug-trafficking. This view may be influenced by the fact that a large majority of SARs filed to date relate to suspected drug-trafficking, reflecting a key limitation under current legislation that requires suspicious activity reporting only when it relates to drug-trafficking. By international comparison, the incidence of drug-trafficking in Bermuda is small, given the size of the population and domestic economy, and the fact that Bermuda is not known to be a significant drug producing, consuming or transit country.

87. Bermuda is more significantly exposed to ML/FT risks connected with activities in its very large international (offshore) sectors, including in the banking, trust, investment/mutual fund services, and life and investment components of the insurance sector. Neither the “strategy” described above nor the mutual evaluation questionnaire focuses on such risks as a priority area for action. On the contrary, at the time of the mission the law only required reporting of suspicious activity relating to drug trafficking, and the AML Regulations specifically exempt certain business activities from the AML regime e.g. life insurance business. The authorities acknowledge that the international business sector is more vulnerable to ML. There is, however, no knowledge or expressed view with respect to vulnerabilities in the system to FT.

d. Progress since the last IMF/WB assessment or mutual evaluation

88. Apart from a few changes to the POCA and the GNs, the only significant new legislation enacted was the Anti-Terrorism (Financial and Other Measures) Act 2004. Progress in other areas for the AML/CFT regime since the AML legislation and GNs were brought into force in 1998, and the last IMF assessment in 2003, has generally been slow. This notwithstanding that the bar was raised considerably with the revision of FATF 40 in 2003, and the introduction of a new assessment Methodology shortly thereafter. More recently, the quantification of effectiveness in the ratings of the FATF 40+9 Recommendations was also a significant change, resulting in a more rigorous process for assessing compliance.

89. A Bill to amend the POCA has been recently introduced before the Parliament to strengthen certain aspects of the regime, and draft new AML Regulations have been recently prepared and issued for consultation. In addition, the mission was informed that new draft Guidance Notes are also being considered to reflect the proposed changes to the Regulations. It is important to note that soon after the last IMF mission in 2003, draft revisions to the 1998 Guidance Notes were prepared but as of the date of the current mission, these had not been finalized and implemented. The main changes proposed in the Bill to amend the POCA and draft new Regulations are as follows:

90. POCA Bill:

  • Sharing of information between the FIU and BMA, and with other jurisdictions.

  • Vetting of employees and audit tests of AML systems.

  • Voiding of contracts when the parties know or should have known that they were related to ML activities.

  • Granting the Minister of Finance powers to make AML Regulations relating to lawyers, accountants and corporate service providers.

  • Granting powers of search and seizure under the Criminal Justice (International Cooperation) (Bermuda) Act 1994 (the CJICBA).

  • Information orders.

  • Temporary freezing orders.

91. Post mission, the authorities informed the mission team that the POCA amendment Bill was passed in June 2007, along with a new Financial Intelligence Act to establish an administrative FIU, as well as amendments to the CJICBA. Proposed POC Regulations are also being drafted to bring them in line with international standards and both recent and forthcoming legislation. Key changes introduced by the draft Regulations include:

  • The reference to a person licensed under the Investment Business Act 2003 is to be extended to include not only those entities licensed under the IBA 2003 but also persons who, in the course of their business, handle client money or assets;

  • The definition of those persons within the insurance sector that are to be regarded as subject to the Regulations will be amended. The policy objective in the insurance sector remains to make subject to the Regulations only those insurance firms whose business is susceptible to ML abuse. This includes those engaging in the underwriting and/or placement of life insurance and other investment-related insurance business, including single premium annuities.

  • Certain additional financial activities, which can be conducted without the businesses being financially regulated, also will now be included in the definition of ‘regulated institution’. Specifically, this relates to persons in the business of lending money to the public, engaging in financial leasing, providing financial guarantees or commitments and money service providers’;

  • It is further proposed to extend the scope of the term ’regulated institution’ to cover a range of non-financial businesses and professions, including lawyers, accountants, and any person carrying on the business of corporate (or partnership) service provider;

92. The mission reviewed these proposed changes in the legislative regime, identified certain remaining gaps and lack of clarity in some of the provisions and recommended a thorough review to ensure full compliance with the FATF Recommendations, and the result of this assessment.

2 Legal System and Related Institutional Measures

Laws and Regulations

2.1 Criminalization of ML (R.1 & 2)
2.1.1 Description and Analysis

Legal Framework: The Proceeds of Crime Act 1997; Proceeds of Crime (Money Laundering) Regulations 1998.

93. Criminalization of ML (c. 1.1 - Physical and Material Elements of the Offence): Sections 43–45 of POCA set out the ML offence under Bermudian law. Section 43 refers to the basic offence of concealing or transferring proceeds of criminal conduct Section 44 to assisting another to retain such proceeds, and Section 45 to acquisition, possession, or use of such proceeds in a manner consistent with the Vienna and Palermo Conventions. In addition, Sections 479(5) and 491 of the Criminal Code 1907 (hereinafter the “Criminal Code”) provide that the use of the term ’money’ includes all forms of money. However, Bermudian law does not provide for the offence of possession of criminal property by the perpetrator of the predicate crime, as required by Article 3(c)(i) of the Vienna Convention and Article 6(1)(b)(i) of the Palermo Convention.

94. The Laundered Property (c. 1.2): Sections 4(1) (definition of property), 5 (value of property), and 6 (gifts) of POCA provide for a wide-ranging definition of property, including property that directly or indirectly represents the proceeds of crime. Section 2(2) provides that the term ’property’ includes property, wherever situated.

95. Proving Property is the Proceeds of Crime (c. 1.2.1): There are no requirements in Sections 43, 44 and 45 of POCA of a prior conviction of a predicate offence; however, according to the authorities, the evidence at trial for the ML offence must be able to establish criminal conduct as an element of the ML crime, without the need for proof of all of the elements of, or reference to a specific offence, on the part of the defendant or the person on whose behalf the defendant is laundering proceeds. In the area of ML, however, although there have been no ML cases prosecuted in the last three years, and only one in the last five years, the authorities are confident that it would be possible to convict for a ML offense without a conviction for the underlying predicate offense.

96. The Scope of the Predicate Offences (c. 1.3): Under the definition of ‘criminal conduct’ in Section 3 of POCA, predicate offences consist of drug-trafficking offenses and ‘relevant offenses,’ which are other indictable offenses, i.e., serious offenses that must be tried in the Supreme Court. See Sections 4 and 13 of the Criminal Code. The term ‘criminal conduct’ is used in the criminalization of the ML offenses under Sections 43, 44 and 45 of POCA. Hence, under Bermudian law, predicate offences include a range of offences in each of the designated categories of offences.

97. Threshold Approach for Predicate Offences (c. 1.4): All serious offences constitute predicate offenses under Bermudian law as stated in Section 3 of POCA which contains the definition of the term ’criminal conduct.’ In some cases, the same crime may be tried as either an indictable offense or as a lesser crime, a summary offense, allowing the prosecutor, in their discretion, to obtain lesser or greater penalties, depending on the nature of the crime. See, for example, Section 48 of POCA, which provides for both types of offense. Indictable offenses include both felonies and misdemeanors, according to the interpretation of ’indictable offense,’ Section 3 of the Criminal Code.

98. Extraterritorially Committed Predicate Offences (c. 1.5): Conduct which took place in another country may constitute a predicate offence for ML in Bermuda by virtue of Section 3 of POCA, which defines ’drug trafficking’ and ’drug trafficking arrangement’ to include conduct occurring outside of Bermuda. Similarly, the definition of ’relevant offence’ also refers to conduct occurring outside of Bermuda, covering “any act or omission, which, had it occurred in Bermuda, would have constituted an indictable offense other than a drug trafficking offense.”

99. Laundering one’s Own Illicit Funds (c. 1.6): Under Section 43 of POCA, the basic ML offense applies to persons who commit the predicate offense and who then launder the proceeds thereof.

100. Ancillary Offences (c. 1.7): By virtue of Sections 27, 28, 230, and 231 of the Criminal Code, the inchoate offences of conspiracy, attempt, aiding, and abetting apply to the offence of ML. In addition, Sections 44 (assisting another to retain the proceeds of criminal conduct) and 45 (acquisition, possession, or use of proceeds of criminal conduct) of the POCA also create specific offences which are related to the crime of ML.

101. Additional Element - If an act overseas which does not constitute an offence overseas, but would be a predicate offence if occurred domestically, lead to an offence of ML (c. 1.8): Under Section 3 of POCA, the definition of ‘relevant offense,’ which is a component of the defined term ‘criminal conduct’ (the term used for predicate offense in POCA) includes “any act or omission which, had it occurred in Bermuda, would have constituted an indictable offence other than a drug trafficking offense.” In addition, ‘drug trafficking’ is defined to include “whether in Bermuda or elsewhere, any act constituting… an offence under a corresponding law [in another jurisdiction].”

102. Further, in the POCA Amendments Act, a positive defense is created in Section 10 of the amendments, which adds a new Section 45B to POCA that provides that if the defendant committed the predicate offence in a foreign jurisdiction, and the criminal conduct was not, at the time it occurred, unlawful in that jurisdiction, the defendant does not commit an offence under Sections 43, 44 or 45, which are the ML offences, unless the Minister has issued an order that would prescribe conduct, i.e., list certain offences that would not be subject to this defense. The purpose of this provision is to prevent Bermudian FIs from being charged with a ML offense for taking funds or investments from, for example, US gambling casinos, since gambling casinos are prohibited under Bermudian law.

103. With respect to financing of terrorism, Section (9)(8) of the ATFA provides “For the purposes of Subsection (1)(a) a person shall be treated as having committed an offence under one of Sections 5 to 8 if he … would have committed an offence under one of those Sections [5-8] if he had been in Bermuda at the time when he took the action or was in possession of the thing.”

104. Liability of Natural Persons (c. 2.1): Section 43 of POCA provides “A person is guilty of an offence if he … conceals or disguises any property which is, or in whole or in part directly or indirectly represents, his proceeds of criminal conduct …” Section 44 of POCA provides for offenses relating to assisting another to retain proceeds of criminal conduct. Section 45 of POCA provides for offenses relating to acquisition, possession, or use of proceeds of criminal conduct. In each case, the term ’person’ applies to both natural and legal persons.

105. The Mental Element of the ML Offence (c. 2.2): Under Bermudian law, intention is always the subject of reasonable inferences from facts proved. See Section 28(b) of the Evidence Act of 1905, which states that a court or jury, in looking at whether the accused has committed an offense, “shall decide whether he did intend or foresee that result by reference to all the evidence, drawing such inferences from the evidence as appear proper in the circumstances.” See also Archbold, Criminal Pleading, Evidence and Practice (London, Sweet & Maxwell), at 1754, Section II, (A)(1)(b), which was cited by the authorities.

Criminal Sanctions Under Proceeds of Crime Act 1997

article image
Source: DPP

106. Liability of Legal Persons (c. 2.3): The definition of ’person’ under Bermudian law refers to both natural and legal persons under the Interpretation Act 1951. Further, Section 56 of POCA extends criminal liability for ML offences to legal persons as follows: “Where a body corporate is guilty of an offence under this Act and that offence is proved to have been committed with the consent or connivance of any director, manager, secretary or other similar officer of the body corporate or any person who was purporting to act in any such capacity, he, as well as the body corporate, shall be guilty of that offence and shall be liable to be proceeded against and punished accordingly.”

107. Liability of Legal Persons should not preclude possible parallel criminal, civil or administrative proceedings (c. 2.4): The liability of legal persons does not preclude possible parallel proceedings since by virtue of Section 56 parallel criminal proceedings are available as against natural persons who gave consent or connived with the legal person in the commission of the offence. In addition, each of the six regulatory laws and regulations has general sanction provisions that grant liability to directors and officers on conviction of the financial institution. See, generally, the response to c. 17.3, below.

108. Sanctions for ML (c. 2.5): Under Section 48 of POCA, the available sanctions for ML are imprisonment ranging from three to 20 years; and for summary offences, fines ranging from US$ 5,000.00 up to US$50,000.00 for more serious offences. For indictable offences, fines can range from US$10,000 to US$100,000 and, in some cases, to an unlimited amount. See chart below, for penalties relating to offenses under POCA. In addition, Section 230 of the Criminal Code, relating to conspiracy to commit any offense, provides for penalties ranging from one-half to the full penalty associated with the principal offense.

109. Directors and officers who have connived with legal persons are also subject to sanction under Section 56 of POCA, for the same offense charged against the legal person. Section 70G of the Criminal Code provides for a fine in the court’s discretion for indictable offences, and up to US$20,000 for summary offences. In addition, there is a range of criminal, civil and administrative sanctions that are applied by the BMA. See chart at c. 17.4.

2.1.2 Recommendations and Comments

110. Although the Bermudian legal framework is generally complete with respect to Recommendations 1 and 2, there has only been one prosecution of ML in the last five years, and limited numbers of ML investigations. Hence, it is difficult to gauge the effectiveness of what would otherwise be a comprehensive legal framework for ML. In addition, criminal fines for ML are not sufficiently high so as to be dissuasive.

2.1.3 Compliance with Recommendations 1 & 2
article image
2.2 Criminalization of Terrorist Financing (SR.II)
2.2.1 Description and Analysis

Legal Framework: The Anti-Terrorism (Financial and Other Measures) Act 2004 (The ATFA)

111. Criminalization of Financing of Terrorism (c.II.I): The ATFA is the primary legislation criminalizing the financing of terrorism. Terrorist financing offenses extend to any person who willfully provides or collects money or other property by any means, directly or indirectly, with the unlawful intention that they should be used, or in the knowledge that they are to be used, in full or in part by virtue of Sections 5–15, of the ATFA.

112. There are two levels of intent, the first, relating to intending or suspecting that the funds will be used under Sections 5(1)(b) and 2(b), and the second, in Section 5(3)(b), which refers to knowledge or suspicion that the funds will or may be used, in the three FT offences set forth below:

Fund-raising

5. (1) A person commits an offence if he —

  • (a) invites another to provide money or other property; and

  • (b) intends that it should be used, or suspects that it may be used, for the purposes of terrorism.

(2) A person commits an offence if he —

  • (a) receives money or other property; and

  • (b) intends that it should be used, or suspects that it may be used for the purposes of terrorism.

(3) A person commits an offence if he —

  • (a) provides money or other property; and

  • (b) knows or suspects that it will or may be used for the purposes of terrorism.

(4) In this section a reference to the provision of money or other property is a reference to its being given, lent or otherwise made available, whether or not for consideration.

Use and possession

6.(1) A person commits an offence if he uses money or other property for the purposes of terrorism.

(2) A person commits an offence if he —

  • (a) possesses money or other property; and

  • (b) intends that it should be used, or suspects that it may be used, for the purposes of terrorism.

Funding arrangements

7. A person commits an offence if —

  • (a) he enters into or becomes concerned in an arrangement as a result of which money or other property is made available or is to be made available to another; and

  • (b) he knows or suspects that it will or may be used for the purposes of terrorism.

113. Section 2 of the ATFA contains a definition of ’property’ that “includes property wherever situated and whether real or personal, heritable or moveable, and things in action and other intangible or incorporeal property.” The term ’property’ rather than ’funds’ was used in order to differentiate this term from terms used in the financial services sector relating to mutual and hedge funds, for example. This definition is consistent with although not identical to the Terrorist Financing Convention’s definition of ’funds.’

114. The terrorist financing offense does not require that the funds were actually used to carry out or attempt a terrorist act or that they be linked to a specific terrorist act by virtue of Sections 5(1)(b), (2)(b), (3)(b), Section 6(2) and Section 7 of the ATFA which refer to intentions, knowledge and suspicions relating to actions for the purposes of terrorism.

115. It is an offence under Section 5(2) of the Terrorism Act to attempt to commit the offence of terrorist financing.

116. It is an offence to engage in any of the types of conduct set out in Article 2(5) of the Terrorist Financing Convention since by virtue of Sections 27, 28, 230 and 231 of the Criminal Code, the inchoate offences of conspiracy, attempt, aiding and abetting apply to the offence of terrorist financing. The language of Section 28 of the Criminal Code which refers to the element of a “common intention to prosecute an unlawful purpose” in relation to acts taken in furtherance of a criminal act, achieves the same result as the Convention’s reference to “common purpose” in Article 2(5)(c).

117. However, there are a number of elements in the Convention that are missing from domestic legislation, the most significant of which relates to the definition of terrorism. The Interpretative Note to SR II, in paragraph 2(c)(i), states that terrorist acts should include all of the acts covered by a list of nine conventions. Article (2)(1)(a) of the SFT Convention, in addition to the more general definition of acts in Article 2(1)(b) the financing of which should be criminalized This requirement is set forth in Article 2(1)(a) of the SFT Convention, in addition to the more general definition of terrorism in Article 2(1)(b) of the SFT Convention, as currently appears in the definition of terrorism in Section 3 of the Act. Although acts covered in the more general definition of terrorism require an intention to cause death or serious bodily injury to a civilian and a purpose to intimidate a population or compel government action and therefore have a wide scope, this definition would not encompass all of the acts covered by the nine conventions: for example, the offense described in the 1979 Convention for the Suppression of Unlawful Seizure of Aircraft covers the unlawful seizure by force of an aircraft in flight, which requires no similar intention or purpose as would be the case under the more general definition that is contained in the Act.

118. In addition, the Act does not cover a defendant who engages in one of the types of conduct required to be criminalized under the SFT, namely “organizes or directs others” to commit a terrorist financing offense or attempt thereto, under Article 2(5)(b). In addition, the ATFA does not contain one of the elements of the Convention: the definition of ’terrorism’ in Section 3(1)(b). The ATFA fails to mention international organizations, as required by Article 2(1)(b) of the Convention.

119. Predicate Offence for ML (c. II.2): All terrorist financing offences are indictable offenses under Section 3 of the ATFA, and therefore are predicate offenses under Section 3 of POCA.

120. Jurisdiction for Terrorist Financing Offence (c. II.3): Under Section 17 of the ATFA, any person committing a terrorist financing offense outside of Bermuda that would have constituted such an offense in Bermuda will be guilty of the offense. Since there is no geographic limitation or requirement of a nexus with Bermuda in the criminalization of terrorist financing offense, the offense would apply whether the person alleged to have committed the offense was in the same country or a different country from the one in which the terrorist organization is located, or where the terrorist act occurred or will occur. However, the Act does not cover terrorist organizations, which is a significant omission.

121. The Mental Element of the FT Offence (applying c. 2.2 in R.2): Under Bermudian law, intention is always the subject of reasonable inferences from facts proved. See Section 28(b) of the Evidence Act of 1905, which states that a court or jury, in looking at whether the accused has committed an offense, “shall decide whether he did intend or foresee that result by reference to all the evidence, drawing such inferences from the evidence as appear proper in the circumstances.” (See c. 2.2 above.)

122. Liability of Legal Persons (applying c. 2.3 & c. 2.4 in R.2): While there is no specific reference to legal persons in the ATFA as there is under POCA, the defined term ’person’ includes both natural and legal persons under the Interpretation Act 1951. With respect to legal persons, Section 70G of the Criminal Code provides for a fine in the court’s discretion for indictable offences, and up to US$20,000 for summary offences.

123. Sanctions for FT (applying c. 2.5 in R.2): Sanctions for FT are found in Section 13 of the ATFA: for summary convictions, penalties range from a fine of up to US$20,000 and imprisonment of up to 12 months, or both, and for indictable offenses, to fines of up to US$200,000 and imprisonment of up to 14 years. See chart, below for summary of offenses:

Offenses under Anti-Terrorism

(Financial and Other Measures) Act 2004

article image
Source: DPP
2.2.2 Recommendations and Comments

124. Although many of the basic elements of SR II are in place, there are a few deficiencies that should be remedied by amending relevant legislation. The most significant of these is that SR II requires that terrorism be defined in relation to all of the acts covered by a list of nine conventions, as set forth in Article 2(1)(a) of the SFT Convention, and not simply that the more general definition of terrorism in the SFT Convention be adopted. In addition, there is no reference in the definition of terrorism in the Act to the phrase “organizes or directs others” to commit a terrorist financing offense or attempt thereto under Article 2(5)(b). Further, the Act does not contain one of the elements of the Convention: the definition of ’terrorism’ in Section 3(1)(b) the Act fails to mention international organizations, as required by Article 2(1)(b) of the Convention.

125. Finally, it is difficult to assess the effectiveness of the anti-terrorist financing regime in Bermuda, since there have been no SARs filed, investigations or prosecutions of the financing of terrorism under Bermudian law. Regardless of the reasons, additional efforts should be made by the authorities by way of additional training of the financial sector, as well as in analysis of SARs.

2.2.3 Compliance with Special Recommendation II
article image
2.3 Confiscation, freezing and seizing of proceeds of crime (R.3)
2.3.1 Description and Analysis

Confiscation of Property related to ML, FT, or other predicate offences including property of corresponding value (c. 3.1):

Legal framework: The general conditions for confiscation are in the following pieces of legislation: Criminal Code 1907; Proceeds of Crime Act 1997 (POCA); Misuse of Drugs Act 1972 (MDA); Anti-Terrorism (Financial and Other Measures) Act 2004 (ATFA); and the Police and Criminal Evidence Act 2005 (PACE).

126. Confiscation framework. The Bermudian confiscation regime is divided between drugs-related and non-drugs related schemes. The regime for drugs-related confiscation is broader and includes the power to forfeit all of the property acquired by the defendant within the six years prior to proceedings being instituted against him, and reversal of the burden of proof. Conversely, in cases involving other criminal proceeds, the authorities have more limited powers. Section 9 of the POCA provides for confiscation of property obtained as a benefit in connection with drug trafficking upon conviction. Section 10 of POCA provides for confiscation of property obtained as a benefit from one or more relevant offences. Pursuant to Section 3 of POCA, ’relevant offence’ means any indictable offence committed in Bermuda other than a drug trafficking offence or any act or omission which, had it occurred in Bermuda, would have constituted an indictable offence other than a drug trafficking offence. In both cases, confiscation proceedings may be initiated either through a request by the Attorney General to the Supreme Court or on the Court’s own motion, where it considers it appropriate to do so.

127. Under Section 37 of the Misuse of Drugs Act 1972 (MDA), the court may order the forfeiture, regardless of whether a person has been convicted of a drug-trafficking offense or not, of any money or thing that has been used in the commission of or in connection with the offense, as well as any money or other property received or possessed by any person as the result or product of the offense. The court may indicate in the forfeiture order that the thing to which a forfeiture order applies may be redeemed through the payment of the value, or a proportion of the value thereof, to the Crown [see MDA, Section 37(2)].

128. Besides what is provided under Section 37 of the MDA, the laws of Bermuda do not provide for the confiscation of property, which constitutes instrumentalities intended for use in the commission of ML, FT, or other non-drug trafficking predicate offenses.

129. In contrast with Section 37 of the MDA, under POCA Sections 9 and 10, the court must be satisfied—under the preponderance of the evidence standard of proof applicable in civil proceedings—that the defendant’s benefit originates from the offense for which he is convicted. Confiscation under Bermuda’s legislation does not target particular assets, as it is a value-based system. Accordingly, confiscation orders issued under POCA specify the amount to be recovered. The court assesses the amount to be recovered after determining the amount of the benefit derived following the rules in POCA Section 15. In appraising the amount of realizable property, the court may take into account a statement of the Attorney General regarding matters related to the value of the proceeds of the crime for which the defendant has been convicted (see POCA, Section 13). ’Realizable property’ includes any property held by a person to whom the defendant has, directly or indirectly, made a gift caught by this Act [POCA 3(b)].

130. If the court is satisfied that the amount that might be realized at the time the confiscation order is made is less than the amount the court assesses to be the value of the defendant’s proceeds of criminal conduct, the court may resolve that the amount to be recovered under the confiscation order shall be on par with the amount deemed realizable (see POCA, Sections 15(3) and 20). For the purposes of POCA, the value of property (other than cash) in relation to any person holding the property shall be its market value [POCA, Section 591)]. The AG may apply to the court for a revision of the assessment of the amount to be recovered under a confiscation order if there is evidence that the real value of the defendant’s proceeds of crime is greater that the value assessed by the court (Section 18).

131. Section 9 provides a broader scope of realizable property upon conviction for a drug-trafficking offense than Section 10 makes available for other offenses, which results in the need for prosecutors to fashion their case within the ambit of Section 9. Another advantage of prosecuting a ML offense as a drug-trafficking offense is that under POCA Section 12(3)(a), the court is required to assume that: (a) any item held by the defendant at any time since his conviction or transferred to him during the period of six years prior to proceedings being instituted against him, constitutes proceeds of drug trafficking; (b) any item of expenditure during the said six year period was met out of such proceeds; and (c) for purposes of valuing any item of property received by him, that he received the property free of any other interests on it. Hence, in order to take advantage of the broader scope of Section 9, prosecutors must allege that the predicate crime is a drug trafficking offense, whether or not that is the case. According to the authorities, these assumptions will apply at the court’s discretion when the only drug trafficking offense the defendant is being sentenced for is an ML offense, regardless of the predicate offense [POCA, Section 12(5)]. As discussed below in greater detail, under the POCA, an ML offense is considered a drug trafficking offense.

132. The authorities explained that for the purposes of confiscation stemming from a conviction for ML, the ML offense is categorized by the court as a drug-trafficking offense in the MDA 1972. Accordingly, confiscation orders are issued under Section 9 of POCA, and not under Section 10. While this interpretation is convenient for the purposes of widening the scope of realizable property of an offender convicted for ML, the legal basis for the artificial categorization of ML as a drug trafficking offense regardless of the nature of the predicate offense is not entirely clear. As a matter of fact, Section 3 of the POCA plainly states that ’drug trafficking offence’ means a ML offence which relates to the proceeds of drug trafficking. According to the authorities, in these cases the predicate offense is not relevant for the purposes of confiscation, since confiscation is premised only on the offense for which the conviction is dictated. Such confiscation orders have not been challenged to date.

133. In regards to terrorist property, Section 14 of the ATFA provides for post-conviction forfeiture of any money or other property under the possession or control of the defendant at the time of the offence, or that is related to a funding arrangement intended for the purposes of terrorism. Pursuant to Section 3 of the CC, "have in possession" means “having under control in any place whatsoever, whether for the use or benefit of the person of whom the term is used or of another person, and although another person has the actual possession or custody of the thing in question.” Under Bermudian law, ’terrorist property’ includes (a) money or other property which is likely to be used for the purposes of terrorism; (b) proceeds of the commission of acts of terrorism; and (c) proceeds of acts carried out for the purposes of terrorism (see ATFA, Section 4). Therefore, Section 14 is broad enough to encompass all forms of property, in addition to any property found in the possession of the defendant at the time of arrest or found at his place of residence.

134. Additionally, ATFA Section 15 makes provision for the forfeiture, in civil proceedings before a magistrate’s court, of cash obtained through terrorism or intended to be used for the purposes of terrorism. Section 15(1) gives effect to Schedule 3 of the ATFA, which applies to cash intended to be used for the purposes of terrorism or is property earmarked as terrorist property. Under Article 6 of Schedule 3 of the ATFA, a police officer, a customs officer, or an immigration officer may submit the application for forfeiture. The powers conferred by Schedule 3 are exercisable in relation to any cash, whether or not proceedings have been brought for an offence in connection with the cash [Section 15 (2)].

135. Regarding FT, the ATFA provides for the forfeiture of money or other property related to an arrangement which facilitates the retention or control of terrorist property by or on behalf of another person [Section 14(5)], and of money or other property received as a payment or other reward in connection with the commission of the offence [Section 14(6)]. As stated above, the court determines the amount to be recovered through the forfeiture order, based on the assessed value of all the property caught, including gifts.

Confiscation of Property Derived from Proceeds of Crime (c. 3.1.1 applying c. 3.1):

136. Property derived indirectly from proceeds of crime. Section 10(3)(b) of the POCA makes available for confiscation any pecuniary benefit derived as a result of or in connection with an offense. Any such pecuniary advantage is treated as if the defendant had obtained a sum of money equal to the value of the pecuniary advantage. Section 31(1)(b) of the MDA provides for forfeiture to the Crown of any money or other property received or possessed by any person as the result or product of a drug trafficking offense, which is interpreted by the authorities as covering any kind of gain in the value of property derived, obtained, or realized from a drug offense.

137. For purposes of confiscating, seizing and freezing terrorist property, Paragraph 15 of Schedule 3 of the ATFA provides that profits accruing in respect of terrorist property are to be treated as representing the property obtained through terrorism.

138. Property held by a third party. Provided the prosecutor proves the link between the property held by a third party to the drug offense the defendant is being prosecuted for, the court may order the forfeiture, regardless of whether anyone has been convicted of a drug trafficking offense or not, of any money or thing that has been used in the commission of or in connection with the offense, as well as any money or other property received or possessed by any person as the result or product of the offense [MDA, Section 37(1)(b)]. Based on the arguments stated above, the court may apply Section 37(1)(b) to property held by a third party that is connected to ML offense, should it decide to characterize the offense as a drug offense under the MDA.

139. Section 31(4) of POCA provides that the court may order any person having possession of realizable property to give possession of it to the receiver appointed by the court which includes, in addition to property held by the defendant, property held by a person to whom the defendant has directly or indirectly made a gift.

140. With regards to ML, a gift is covered by this Act if it was made by the defendant at any time since the commission of the relevant offence, or, if more than one, the earliest of the offences to which the proceedings relate (including any offence which the court takes into consideration in determining his sentence); and the court considers it appropriate in all the circumstances to take the gift into account [POCA, Section 6(2)]. As noted above, both the POCA and the MDA provide for issuance of confiscation orders not with respect to particular property, but against the defendant/offender for a specific sum.

Provisional Measures to Prevent Dealing in Property subject to Confiscation (c. 3.2):

141. Provisional measures. For ML, where proceedings have been instituted against a person for drug-trafficking or a relevant offense, and there is reasonable cause to believe that the person had benefited from such offenses, Bermudian legislation provides for provisional measures to prevent the transfer and disposal of realizable property by persons who have an interest or ability to dispose or transfer such property. Sections 27, 28, and 29 of the POCA provide for prosecutors to apply for a restraint and/or charging order from the Supreme Court on all realizable property held by a person charged with drug trafficking or relevant offences (including ML), or held by a defendant convicted of such crimes. A restraint order is made to prohibit any person from dealing with any realizable property, subject to such conditions and exceptions as may be specified by the Supreme Court in the order [POCA, 28(1)]. A charging order is one made to secure the payment of money to the Crown on any such realizable property as may be specified in the order [POCA, 29 (1)]. Restraint and charging orders are exercisable by the prosecution even when criminal proceedings, or the application for a confiscation order have not been concluded, if the court is satisfied that there is reasonable cause to believe that the defendant benefited from drug trafficking or from any relevant offence [POCA, 27(1)(c)(ii)]. Currently, there is no provision for civil forfeiture (confiscation without conviction) for ML.

142. Restraint orders may cover all types of property, whether proceeds of crime or not. Under the POCA, “realizable property” is defined as any property held by the defendant other than property in respect of which there is in force a forfeiture order under the MDA, and any property held by a person to whom the defendant has directly or indirectly made a gift (Section 3). Section 18 allows the AG to apply to the court to adjust the restraining order (judge has discretion). Restraint orders and charging orders can be applied to all realizable property, or interests in realizable property, held beneficially by the defendant or by a person to whom the defendant has directly or indirectly made a gift. Charging orders may specifically be imposed on land, securities, interests held as a trustee of a trust, units of a unit trust, and interest and dividends payable on the property. Provision may be made for the authorities to take possession of property subject to confiscation or charge orders, or to appoint a receiver, as appropriate.

143. Sections 27 and 28 of POCA would appear to apply also to offenses under the ATFA, to the extent that offenses under this Act are indictable offenses (see ATFA, Section 13), and therefore would constitute relevant offenses for the purposes of the POCA.

Ex Parte Application for Provisional Measures (c. 3.3):

144. Ex parte applications. Sections 28 and 29 of POCA allow for ex parte applications to be made to a Supreme Court Judge for restraint or charging orders.

Identification and Tracing of Property subject to Confiscation (c. 3.4):

145. Legal powers of authorities to identify and seize assets. The Bermuda Police Service, through the FIU and the courts, enforces existing drug-related provisions for asset tracing and forfeiture. For the purpose of investigations concerning the proceeds of criminal conduct and their location, Section 37 of POCA allows police officer to apply to the Supreme Court for a production order in relation to a particular material, or a material of a particular description. Failure to comply with a production order is punishable on summary conviction to imprisonment for two years or a fine of US$10,000, or both (POCA, Section 38). Section 39(5) of POCA establishes police powers for seizing any material of substantial value to the investigation in the execution of a search warrant granted by the Supreme Court. Additionally, under Section 464(1) of the CC, a magistrate or a Justice of the Peace may issue a search warrant, upon complaint made under oath, directing police officers to search any premises for material with evidentiary value with respect to any offense or that it is intended to be used for the purpose of committing an offense.

146. While the purpose of a restraint order is a means to confiscation, search and seizure powers are also available with respect property that has evidentiary value, under Sections 8 and 19 of PACE. Police seizure powers are limited to material that has evidentiary value (PACE, Sections 8 and 19), when any other material discovered on the premises, even though it may not have any evidentiary value, may also be seized by the police, on application to a judge.

147. A third power to seize assets is granted under Section 50 of the POCA which allows police officers to seize and detain cash being imported into or exported from Bermuda. See c.IX.3 below.

Protection of Bona Fide Third Parties (c. 3.5):

148. Rights of bona fide third parties. Section 16 of the POCA allows third parties who have an interest in realizable assets, to make an application to the Supreme Court, either before or after the making of a confiscation order, in order to have the nature, extent and value of their interest in such property declared by the Court and therefore taken into account in the making of or the satisfaction of the confiscation order. A person who asserts an interest in a realizable property shall prove to the court that there is no involvement in the defendant’s criminal conduct and that the interest in the property was acquired for sufficient consideration and without knowing or having reasonable grounds to suspect that the property was, at the time he acquired it, involved in or the proceeds of criminal conduct (POCA, Sections 16(1) and (2)].

149. With regard to forfeiture order under the ATFA, the court shall give persons claiming an interest in the forfeitable property an opportunity to be heard before making the order [ATA, Section 14(7)].

Power to Void Actions (c. 3.6):

150. Provisions to counter disposal of assets subject to confiscation. Under a recent amendment to POCA, new Section 45A provides as follows: “Any agreement entered into for the purposes of facilitating the commission of money laundering is void.” While this provision is generally consistent with Recommendation 3, it does not provide the authorities with the means to prevent actions to hinder the recovery of property subject to confiscation.

151. However, Section 18 of POCA permits prosecutors to request the court to take into account, for making the confiscation order, the value of any property transferred by the defendant through a fraudulent transaction, under the civil standard of balance of probabilities. According to the authorities, the burden of proof is then reversed, so that the defendant must prove the legitimacy of the transaction.

Additional Elements (Rec 3) – Provision for (a) Confiscation of assets from organizations principally criminal in nature; (b) Civil forfeiture; and, (c) Confiscation of Property which Reverses Burden of Proof (c. 3.7):

152. Criminal organizations. There is currently no specific provision allowing for the confiscation of property of organizations that are found to be primarily criminal in nature.

153. Civil forfeiture. There is currently no provision for civil forfeiture (confiscation without conviction) for ML.

154. Reversed burden of proof. In the context of drug trafficking convictions, in application of Section 12(3)(a) of POCA, defendants bear the burden of proving that property they acquired during the six years prior to the beginning of proceedings against them was not purchased with the proceeds of drug trafficking. As is discussed above, the court is required to apply a refutable presumption: that any property of the defendant held or acquired during the period beginning six years prior to the date when the proceedings were instituted against him and ending on this date, are proceeds of drug trafficking. As explained above, this presumption is discretionary only when the defendant is being convicted for laundering of proceeds of crimes connected with a drug trafficking offense.

155. Statistics on confiscation. The FIU maintains statistics relating to cash seizures, confiscations and forfeitures (the Bermuda Police Service keeps statistics relating generally to all crimes). The box below shows the amounts paid into the Confiscated Assets Fund (CAF) since 2003, with the balance available for use at the direction of the Minister of Finance. However, there is no information on amounts of restrained property compared with amounts ultimately confiscated, nor the types of crimes related to these actions. Information on the recovery rates of the amounts subject to confiscation orders, and the amounts actually recovered is also needed.

Confiscated Assets Fund - Balance per year 2003–2007

(in US$)

article image

156. Implementation. During 2004, the courts issued two successful confiscation orders under the POCA, for a total amount of $52,335. Forfeitures under the MDA remain relatively constant, with six forfeitures in 2004 amounting to $17,529, compared to the $13,908 forfeited in three separate 2003 cases. Cash seized in 2004 under POCA detention orders exceeded $56,600, and in 2005 there were two cash seizures worth $57,761; both 2004 and 2005 represented a considerable a drop from the $173,000 seized in 2003. Three restraining orders still in place from 2003/2004 are valued at approximately $1.5 million. One new restraining order was issued in 2005 for approximately $621,000. Three cash seizures from 2004 were forfeited under the POCA during 2005 amounting to $47,561.

157. While Bermuda’s legal framework for confiscation and provisional measures is well-developed, the amount of funds seized, confiscated or forfeited appears fairly low for a jurisdiction of Bermuda’s characteristics. The low number of cases and of confiscations and forfeitures is considered to be partly due to the insufficient resources assigned to the DPP, the Police, the FIU, and the Customs Department.

2.3.2 Recommendations and Comments
  • Explicitly provide in legislation for the confiscation of property which constitutes instrumentalities intended for use in the commission of ML or other non-drug trafficking predicate offenses.

  • Explicitly provide in legislation that, for the purposes of confiscation of the benefits of ML offenses, the proceeds that are the basis of the offense may include any payments received by the defendant at any time in connection with the ML offense carried out by him or by another person.

  • While there is a new provision for voiding contracts, it does not provide the authorities with the means to prevent actions to hinder the recovery of property subject to confiscation.

158. Additional statistics should be maintained on amounts of restrained property compared with amounts ultimately confiscated and the types of crimes related to these actions. Also needed is information on the recovery rates of the amounts subject to confiscation orders, and the amounts actually recovered. The authorities may wish to consider whether to introduce provisions for civil forfeiture, for the confiscation of assets of criminal organizations.

2.3.3 Compliance with Recommendation 3
article image
2.4 Freezing of funds used for terrorist financing (SR.III)
2.4.1 Description and Analysis

159. Bermuda has in place a well-developed regime giving the governor and the police broad powers to freeze and seize suspected terrorist assets. The application of the UN resolutions on terrorist financing in Bermuda is made through the extension by the UK of the Terrorism (United Nations Measures) (Overseas Territories) Order 2001 and of the Al Qaida and Taliban (United Nations Measures) (Overseas Territories) Order 2002. To date, no freeze notices directed at specific FIs have been necessary under the Terrorism Orders.

Freezing Assets under S/Res/1267 (c. III.1):

160. Section 7 of the Al Qaida and Taliban (United Nations Measures) (Overseas Territories) Order 2002 broadly implements sanctions against persons listed pursuant to UN Security Council Resolution (UNSCR) 1267 (1999). Section 8 sets forth the governor’s power to issue by way of notice a freezing order directed at particular financial assets, economic benefits, and economic resources upon reasonable grounds to suspect that the assets are held by, for or on behalf of any individual listed in pursuant to UNSCR 1267.

Freezing Assets under S/R es/1373 (c. III.2):

161. The 2001 Order is designed to implement UNSCR 1373. Section 5(1) of the Terrorism Order 2001 allows for the immediate freezing of funds which may be related to terrorism by means of a notice of the Governor ordering the freezing of funds immediately without prior notice. Orders issued pursuant to the Order may be issued for a limited or unlimited length of time. The freezing notice may be issued by the Governor where he has reasonable grounds for suspecting that the person for, or on behalf of, whom any funds are held is or may be (i) a person who commits, attempts to commit, facilitates or participates in the commission of acts of terrorism; or (ii) a person controlled or owned directly or indirectly by, or acting on behalf of or under the direction of, such person. The Terrorism Order explicitly provides for procedures that have to be followed when issuing a freezing notice. According to the Bermudian Constitution, the Governor may rely on law enforcement authorities to give effect to his freezing orders. As there has been no known identified evidence of terrorist financing in Bermuda, there has been no freezing of property in respect of FT. Bermuda has not designated persons and entities that should have their funds or other assets frozen, as required by UNSCR 1373.

Freezing Actions Taken by Other Countries (c. III.3):

162. Freezing orders of other jurisdictions. Bermuda is able to respond to freezing requests from other countries under the Terrorism Order 2001. Requests from foreign governments to implement a freezing order would be referred to the Attorney General’s Chambers, who would analyze the matter with the assistance of the DPP Office. If the AG is satisfied that there are reasonable grounds to issue a freeze or restraint order, application for such an order would be prepared for the Governor’s signature.

Extension of c. III. 1-III.3 to funds or assets controlled by designated persons (c. III.4):

163. Freezing of funds controlled by designated persons. The freezing actions under Section 5(1) apply to ’funds’, which for the purposes of the Terrorism Order 2001 comprise financial assets and economic benefits of any kind (see Terrorism Order 2001, Section 2) held by, or on behalf of a suspected terrorist or a person which facilitates terrorism; by a person controlled or owned directly or indirectly by a terrorist or a person which facilitates terrorism; or by a person acting on behalf or at the direction of such persons.

Communication to the Financial Sector (c. III.5):

164. Communication of actions to the financial sector. While the BMA has drawn the attention of FIs to their reporting obligations and related legal provisions, it has issued no specific written guidance to its licensees concerning their affirmative obligations to implement measures with respect to the UNSCR 1267 list. Changes to the list under UNSCRs are notified by the UK Foreign and Commonwealth Office to the Cabinet Office of the Government of Bermuda, which forwards these to relevant Ministries and to the BMA. The BMA then informs the FIs in writing of any changes to names in the UNSCRs, drawing attention to the need for FIs to review their databases for any possible connections with listed individuals. The authorities informed the mission that FIs are encouraged to monitor relevant websites for names of suspected terrorists and terrorist organizations, including that of the Bank of England.

Guidance to Financial Institutions (c. III.6):

165. Guidance for financial institutions concerning their obligations. The Guidance Notes contain no guidance for FIs concerning their obligations to freeze funds of designated terrorist and terrorist organizations or check their accounts against UN or national terrorist lists.

166. Both Terrorism Orders provide for FIs holding the frozen assets to send without delay a copy of the received notification to the person whose funds have been frozen or on whose behalf they are held [Section 5(5)]. The requirement is complied with if the FIs send the notice to the last known address of the frozen funds or—if an address is not available—provides the owner with a copy of the order at the first available opportunity [Section 5(6)]. Failure to do so is considered an offense under the Terrorism Order 2001 [Section 5(10)] and Terrorism Order 2002 [Section 8(10)].

167. The BMA checks against the Bank of England’s list of individuals and entities listed under UNSCR 1267, and also checks for updates. BMA notifies FIs in Bermuda of such list and any updates.

De-Listing Requests and Unfreezing Funds of De-Listed Persons (c. III.7):

168. Procedures for delisting requests and unfreezing funds. Under both Orders the Governor can revoke a freezing order at any time. However, neither the Orders nor the ATFA includes specific listing or delisting procedures. Any such request to the government would be referred to the Attorney General, who would make an application to the Governor or the Court, as applicable. It is equally clear that the Governor would decide how to handle any matter that would require international negotiation to remove a person from an international terrorist list.

Access to frozen funds for expenses and other purposes (c. III.9):

169. Access to frozen funds. Section 13 of the Terrorism Order 2001 and Section 22 of the Terrorism Order 2002 provide that licenses granted by the Governor in connection with freezing notices may be subject to conditions.

Review of Freezing Decisions (c. III.10):

170. Review of freezing decisions before courts by individuals. Both the Al Qaida and Taliban (United Nations Measures)(Overseas Territories) Order 2002 and the Terrorism (United Nations Measure s)(Overseas Territories) Order 2001 provide for persons by, for on behalf of whom funds that are frozen to apply to the Supreme Court for the freezing order to be set aside. At least seven days before the hearing of the application, the applicant needs to provide the governor with a copy of the application and all witness statements or affidavits used to support the application.

Freezing, Seizing and Confiscation in Other Circumstances (applying c. 3.1–3.4 and 3.6 in R.3, c. III.11)

171. Freezing, seizing, and confiscation in other circumstances. Paragraph 2 of Schedule 2 of the ATFA provides for the seizure of cash by police, immigration or customs officers where there are reasonable grounds for suspecting that it is cash intended for terrorism. Section 14 of the ATFA provides for conviction-based forfeiture of any money or property which has been or was intended to be used for the commission of an offense under the Act if the person is convicted for that offense. Section 14 of the ATFA provides for the conviction-based forfeiture of any money or other property that the defendant: (i) intended to be used, or suspected might be used, for the purposes of terrorism; (ii) knew or suspected would or might be used for the purposes of terrorism; or (iii) plays a part in an arrangement in which money or other property is made available, knowing or suspecting that it will or may be used for the purposes of terrorism.

172. Section 15 of the ATFA provides for the forfeiture in civil proceedings before a magistrate’s court of terrorist cash. Paragraph 17 of Schedule 3 of ATFA provides the authorities investigative powers for tracing and identifying suspected terrorist property subject to seizure and forfeiture; while Paragraph 2 of Schedule 4 of the Act allows police officers to apply ex parte to a judge in Chambers for an account monitoring order for the purposes of investigating terrorism and the tracing of terrorist property.

Protection of Rights of Third Parties (c. III.12):

173. Apart from the case where assets frozen belonged to a person with the same name as the listed person, there is no general procedure for protecting the rights of bona fide third parties. Under Paragraph 7 of Schedule 3 of the ATFA, any party aggrieved by a forfeiture order may appeal to the Supreme Court within 30 days of the date of the order. Furthermore, Paragraph 9 of Schedule 3 of the ATFA allows a person to apply before a magistrate’s court for the release of cash belonging to the applicant which has been detained under the Schedule.

Enforcing the Obligations under SR III (c. III.13):

174. Implementation. Orders issued pursuant to the Al Qaida and Taliban (United Nations Measures) (Overseas Territories) Order 2002 and the Terrorism (United Nations Measures) (Overseas Territories) Order 2001 may be released for a limited or unlimited amount of time. Rather than elaborate a bureaucratic mechanism for designating entities or persons whose assets should be frozen pursuant to its terms, however, it simply vests the governor with broad decision-making powers on a case-by–case basis. Similarly, neither does the Terrorism Order explicitly (a) provide that a freezing order can be made without delay and prior notice; (b) elaborates procedures that have to be followed when issuing a freezing notice; or (c) designates a party responsible for administering frozen funds or for enforcing freezing or unfreezing actions. Nevertheless, Bermudian authorities have never invoked the authority of the Governor under the Terrorism Orders to issue freeze orders directed at local institutions suspected of holding terrorist funds. Theoretically, should a case arise, the Attorney General has the competence to review relevant information and prepare any necessary applications, and presumably the governor would issue an order promptly and without prior notice as necessary.

175. Sanctions. The breach of a freezing notice issued by the Governor is punishable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding £5,000 or its equivalent, or to both, or on conviction on indictment for a term not exceeding seven years or to a fine, or to both [Section 11(1)]. In the case of the person holding the funds in question, the sanction for failing to comply with a freezing notice is imprisonment for a term not exceeding six months or to a fine not exceeding £5,000 or its equivalent, or to both, on summary conviction [Section 11(3)].

Additional Element (SR III) – Implementation of Measures in Best Practices Paper for SR III (c. III.14):

176. The measures set out in the Best Practices Paper for SR.III have not been implemented.

Additional Element (SR III) – Implementation of Procedures to Access Frozen Funds (c. III.15):

177. There are no procedures to authorize access to funds or other assets that were frozen pursuant to S/RES/1373(2001) to pay for expenses or service charges.

2.4.2 Recommendations and Comments
  • Procedures for delisting requests and unfreezing funds should be developed and published.

  • Guidance should be issued to the financial services community concerning affirmative obligations to freeze assets of persons listed by the UNSCR 1267 Committee and the EU. These affirmative obligations should include incorporating the information into their AML/CFT compliance programs, and reporting to authorities on any transactions that may be connected to terrorist financing.

2.4.3 Compliance with Special Recommendation III
article image
2.5 The Financial Intelligence Unit and its functions (R.26)
2.5.1 Description and Analysis

178. Establishment of FIU as National Centre (c. 26.1): The Financial Investigation Unit (FIU) was established in 1998 as a law enforcement model financial intelligence within the Commercial Crime Department of the Bermuda Police Service. The Commercial Crime Department of the Police is comprised of the Fraud Unit and the FIU. The FIU is the designated central reporting authority in Bermuda for receiving, collating, analyzing, and disseminating disclosures of financial information and other relevant information and intelligence concerning suspected ML or FT activities, while the Fraud Unit is tasked with the general investigation of white collar or financial crime. The FIU also conducts follow-up investigations on SARs, and generally implements the provisions of the POCA and the PCMLR as regards ML and FT investigations, cash seizures, confiscations and forfeitures. The FIU does not have powers to impose sanctions or penalties under the AML/CFT regime.

179. Following the recent enactment of the Financial Intelligence Agency Act 2007 (the FIA Act), a new administrative agency (the FIA) is in the process of being organized to take on the responsibilities of the FIU. Since the FIA was not in existence at the time of the mission, the assessment hereunder will be limited to the FIU, and, where appropriate, reference will be made to the FIA Act.

180. As is the case with most police FIUs, there is no specific statutory provision establishing and empowering the FIU as a national centre for receiving and processing SARs and other relevant information concerning suspected ML or FT activities. Hence, the unit exercises its powers as a law enforcement body under the Police Act 1974, and related investigatory powers within the proceeds of crime and terrorist financing legislation. Section 46(2)(c) of POCA requires SARs to be filed with a police officer as does Regulation 6(1)(d) of the Proceeds of Crime (Money Laundering) Regulations 1998 with respect to reporting officers of regulated institutions. However, the Guidance Notes, although not having the force of law, provide for the filing of SARs and communication with respect to the SARs to be made with the FIU, and this is reinforced by the FIU, the BMA and the SROs through training and other outreach activities.

181. The authorities expect that the FIA will be established before the end of 2007, but it is unclear when it will become operational. Potentially, there could be a vacuum in the conduct of financial intelligence functions if these tasks are handed over from the FIU to the FIA before this one is adequately staffed, equipped, and its staff trained. In the interest of an uninterrupted transfer of responsibilities, it would be desirable that the authorities provide for a suitable period of transition of responsibilities so that the FIU will remain tasked with financial intelligence functions until the FIA is fully operational.

182. The existing FIU is fully operational as an independent agency. While the creation of an administrative FIU is a major step forward, the current police FIU may not have the capacity to fully perform its functions with the resources available, in particular the analysis of SARs, which is a significant shortcoming.

183. Guidelines to Financial Institutions on Reporting STR (c. 26.2): Guidance on reporting SARs is provided in The Guidance Notes (GNs) on the Prevention of ML issued by the National Anti-ML Committee (NAMLC). A senior member of the FIU, as a representative of the Commissioner of Police, sits on the NAMLC. Paragraphs 74 to 77, and Appendix E of the GNs comprise guidelines for the identification of complex and unusual transactions or patterns, or transactions and suspicious patterns of behavior. Paragraphs 77A to 92 and Appendix G of the GNs provide guidance regarding the manner of reporting, including the specification of reporting forms. In addition, the FIU actively participates in speaking engagements with the local FIs and other entities in terms of delivering such guidance. The GNs were initially published in 1998, with a minor amendment made in 2001. They are currently under review with regard to updating and widening its scope.

184. Access to Information on Timely Basis by FIU (c. 26.3): As part of the Bermuda Police Service, the FIU has access to all the information sources it requires to effectively perform its duties and responsibilities. This includes immigration, tax, company records, vehicle registration, and customs databases. In addition, through representation at the NAMLC and close working relationship with the BMA and the Ministry of Finance, the FIU has easy access to other sources of information when required. The FIU’s access to information appears to be effective.

185. Additional Information from Reporting Parties (c. 26.4): The FIU is able to obtain additional information from regulated institutions after a SAR is made pursuant to the general police powers, by way of production and monitoring orders provided under Sections 37 and 41of the POCA. It can access information relating to a person who has at any time held a realizable property from a government department by way of a disclosure order under Section 40 of the POCA. The FIU will normally not approach the customer unless criminal activity has been identified.

186. Dissemination of Information (c. 26.5): Although the authority is not expressly provided under the POCA or in the PCMLR, the FIU may disseminate financial information and intelligence to domestic authorities for investigation or action based on its general police powers.

187. Operational Independence (c. 26.6): The FIU is an autonomous police unit within the Bermuda Police Service. For administration purposes, it falls under the Commercial Crime Department, reports to the Commissioner of Police, and relies on budget and resources from the Bermuda Police Service. The mission is not aware of any factor that would inhibit the FIU’s operational autonomy or subject it to undue influence or interference, including any restriction on its ability to analyze SARs, proceed with investigations, or present evidence or reports to the DPP for further action. Such decisions are taken solely by the head of the FIU, and not by the Chief of Police.

188. Information safeguards (c. 26.7): The Commercial Crime Department (FIU/Fraud) currently occupies rented office space in the City of Hamilton, which is now small for its operations. The FIU is planning to move to larger and newly constructed offices elsewhere in the City of Hamilton later in 2007. It currently shares office space with the Fraud Unit, and there is common access for members of both units. Access to the office building is limited to staff only and by invitation. Apart from staff of the Fraud Unit, with whom it shares a closed network and database, no other Police units or domestic agencies have access to the database or data.

189. Appropriate physical and information technology security measures are in place to prevent unauthorized access to FIU information and to protect the physical security of the FIU’s staff. Generally, documents and files are kept in a secure place, and the office is protected by an alarm system. Data is stored on a closed database system utilized by members of both the FIU and Fraud Unit. FIU staff has been trained to handle sensitive information and have demonstrated keen sensitivity to the confidentiality of STR information. They are subject to disciplinary action, including the possibility of criminal charge, under internal police and customs regulations in accordance with officer conduct and the Official Secrets Act 1989. The FIU is obliged not to disclose any financial information or intelligence save for the purpose of carrying out its functions or when required by the law or the courts.

190. Under newly amended Section 58(4) of the POCA, there are strict confidentiality requirements with an explicit gateway to enable the Bermuda Police and FIA to disseminate in any case that would allow them to discharge their statutory functions. In addition, under Sections 18 and 21 of the FIA Act, strict confidentiality provisions will apply to the new FIA as well.

191. Current practice is for disclosures of SARs and FIU’s information/case to be sanitized prior to disseminating to designated police or customs officers to be transmitted by secure hand delivery or secure mail.

192. Publication of Annual Reports (c. 26.8): The FIU does not produce or publish any official annual reports. Instead, it reports to the Commissioner of Police and FIU related activities are published in the annual Police Report. Such information is contained in the Commercial Crime Department’s section of the annual Police Reports. It also reports on a quarterly basis to the Bermuda Law Enforcement Review Group (BLERG) through the Commissioner of Police. The FIU has a program of speaking engagements with the private sector when it shares information on statistics, trends, and typologies. Through its membership in the NAMLC, it regularly shares and discusses issues relating to ML and FT trends, techniques, and related policy matters with other NAMLC members.

193. Egmont Group membership (c. 26.9): The Bermuda FIU became a member of the Egmont Group in 1999 and is regularly represented at the Egmont Group meetings. The current Head of the FIU is actively involved in the Egmont Training Working Group. Bermuda hosted the Egmont Group Plenary in May 2007.

194. Exchange of Information among FIUs (c. 26.10): Generally, the FIU follows the Egmont Principles for Information Exchange. Through its membership of the Egmont Group, it is authorized to share financial information and intelligence with its foreign counterparts, either through its own initiative or upon request. The only limitation is found in Section 58(1) of POCA, pursuant to which the FIU shall not to disclose any financial information or intelligence save for the purpose of carrying out its functions or when required by the law or the courts. There is no specific provision governing the manner in which the FIU may exchange financial information with its counterparts and other competent authorities, and information may be shared without a Memorandum of Understanding (MOU). However, where requested by another Egmont Group member, such MOU agreements have been made following the Egmont MOU template. To date, 12 MOUs have been agreed and signed with other Egmont members. Five of these MOUs were agreed and signed during the May 2007 Egmont Group Plenary in Bermuda, while and additional one remains under negotiation. These MOUs were negotiated at the request of the counterpart agency that required such an agreement before it could disseminate information to Bermuda.

195. Adequacy of Resources to FIU (c. 30.1): At present, the FIU has 12 approved staff posts composed of: nine police financial investigators (one Detective Inspector/Head of FIU, three Detective Sergeants, and five Detective Constables), in addition of three civilian positions of Analyst, Forensic Accountant, and Secretary. At the time of the mission, there were three vacant positions: one Detective Sergeant, one Detective Constable (financial investigator), and one Forensic Accountant. As mentioned above, the FIU shares office space and a computer system with the Fraud Unit.

196. The FIU relies for its resources on the Police Service. Its budget forms part of the general Police Service budget, consequently, it competes with other Police units for a share of a limited budget. This has created financial and resource constraints that limit training and operational activities, including the analysis and investigation of SARs. The FIU has limited specialized financial analysis capacity with only one Financial Analyst who has collaborated over the last two years has with other police units in the investigation of major non-POCA related cases. According to the authorities, the current volume of work requires additional resources to enable comprehensive and timely investigations of SARs which have not been possible with the available resources. It is expected that when the proposed new FIA becomes operational in the next 12 months, it will be well equipped to carry out investigations and confiscation activities.

197. Consistent with the rest of the Police Service, the FIU has difficulty maintaining staff succession, due largely to difficulties in recruiting and retaining officers that would replace those that leave the Commercial Crime Department due to promotion, retirement, and non-competitive pay grades.

198. Integrity of FIU Authorities (c. 30.2): Upon application to join the FIU, all persons (Police and civilians) undergo background checks, in addition to those conducted when being hired by the Bermuda Police Service, to determine and identify their levels of suitability and integrity. All members of the FIU are subject to the duty of confidentiality provision of Section 58 of the POCA. It is not a specific requirement that Police officers possess a high level of skill in financial investigation, as the resource pool is limited within the Police Service. A full training program is undertaken once the successful candidate commences work in the unit. Applicants for the civilian positions of Analyst and Forensic Accountant are required to already possess the necessary skills and training.

199. Training of FIU Staff (c. 30.3): Most FIU staff is experienced law enforcement officers and all of its police financial investigators participate in a program of ongoing training based upon available financial resources. Such training involves the modular training offered through the UK’s Assets Recovery Agency in London, which include courses on financial investigations, confiscation, ML, and enhanced financial investigation skills. In addition, FIU staff has also attended overseas training courses offered by organizations such as the US Securities and Exchange Commission, and the Regional Drug Law Enforcement Training Center (REDTRAC) in Jamaica. FIU personnel also regularly attend overseas conferences as well as locally-based workshops and seminars in order to keep abreast of developments in the field. The mission noted that the training budget of the Bermuda Police Service has been decreasing over the last few years. This reduction has in turn affected the FIU’s own training budget. The lack of adequate funding prevents the development of the skills of financial investigators, and during 2005 and 2006, training was funded using the limited resources from the Confiscated Assets Fund (CAF).

200. Statistics (applying R.32 to FIU): The FIU compiles statistics to show, inter alia, the number of SARs received, investigations carried out and results. The FIU produces relevant statistics on suspicious activity reports, types of reporting institution, the number of investigated reports, and details of the underlying reasons for suspicion or of the predicate offense. The Office of the Director of Public Prosecutions maintains statistics on SARs resulting in investigations, prosecutions, or convictions for ML, FT or an underlying predicate offense.

201. The box below shows relevant statistics relating to SARs filed with the FIU over the last four years:

Suspicious Activity Reports 2003-2007

article image
2.5.2 Recommendations and Comments
  • Ensure that the new administrative Financial Intelligence Unit (FIA) is established and becomes operational, and provide sufficient staffing levels at the existing Police FIU to enable an increased number of ML/FT-related investigations.

  • Once established, the FIA should publish information relating to trends and typologies, with the input of the Police Service.

2.5.3 Compliance with Recommendation 26
article image
2.6 Law enforcement, prosecution and other competent authorities – the framework for the investigation and prosecution of offenses, and for confiscation and freezing (R.27, & 28)
2.6.1 Description and Analysis

202. Designation of Authorities ML/FT Investigations (c. 27.1): The FIU is responsible for matters relating to the proceeds of crime, including ML offenses. As a unit within the Bermuda Police Service, the FIU administers the provisions of the Proceeds of Crime Act 1997 as amended in 2000, the Proceeds of Crime (Money Laundering) Regulations 1998, the Anti-Terrorism (Financial & Other Measures) Act 2004, and related United Nations Terrorism Order (The Terrorism [United Nations Measures] Overseas Territories Order 2001, and the Al Qaida and Taliban (UN Measures) (Overseas Territories) Order 2002. It is a law enforcement unit within the Bermuda Police Service and exercises its powers under the Police Act 1974.

203. The Special Branch and the Criminal Investigation Department within the Bermuda Police Service are empowered to investigate the predicate offenses of terrorist acts under the Criminal Code Act 1907. The Office of the Director of Public Prosecutions (“DPP”) is responsible for prosecution of offenses and related matters under Bermudian criminal laws, including POCA and the terrorist financing legislation.

204. As indicated above, there have been no ML cases prosecuted in the last three years, and only one in the last five years, despite indications of drug proceeds being concealed or integrated in the jurisdiction in real estate or high end goods, which suggests a lack of effectiveness in conducting investigations relating to ML and FT.

205. Ability to Postpone/Waive Arrest of Suspects or Seizure of Property (c. 27.2): The PACE provides wide-ranging arrest and detention powers to the police in matters connected to criminal proceedings. There are no specific provisions in the existing legislation that allow the police authorities to take measures such as postponing or waiving the arrest of suspected persons and/or the seizure of the money for the purpose of identifying persons involved in such activities or for evidence gathering. However, the authorities indicated that these measures are taken into account in operations conducted by the investigative officers on a case by case basis. The Police, including the FIU, would consult with the DPP on such matters.

206. Additional Element - Ability to Use Special Investigative Techniques (c. 27.3): Although there are no specific legal provisions concerning the use of special investigation techniques, the authorities consider that, the general powers of the Police under the Police Act 1974 allow the use of investigative techniques. With the exception of wire-tapping, which has a specific statutory basis, investigative techniques of the Police, such as controlled delivery and surveillance, are part of the general powers of the Police. The technique most often used by the FIU is that of surveillance.

207. Additional Element - Use of Special Investigative Techniques for ML/FT Techniques (c. 27.4): The authorities indicated that, although there are no specific examples or cases that can be cited, the use of controlled delivery techniques is available as an investigatory tool in ML and FT investigations. Controlled delivery techniques are often used by the Narcotics Unit of the Bermuda Police Service in its investigations. The FIU has successfully utilized a surveillance team, a unit of specially trained Police officers, in several ML investigations where undercover surveillance work was required.

208. Additional Element - Specialized Investigation Groups & Conducting Multi-National Cooperative Investigations (c. 27.5): Bermuda has an inter-agency task force, the joint Customs/Police Combined Enforcement Interdiction Team that conducts investigations. The authorities are of the opinion that while the main focus of this unit has been drug-related ML interdictions, given the substantial AML training that has been undertaken by staff from both organizations, a greater role could be undertaken in financial crime investigations. In addition, given amendments to the Bermuda Monetary Authority Act, it would seem that greater cooperation and coordination between all three bodies is desirable. In addition, existing information-sharing gateways between these entities should also be strengthened where necessary.

209. In addition, there are a number of joint Customs/Police units that are formed to interdict the illicit cross-border movement of goods/people and to deal with ML cases. These units operate under established guidelines with Customs taking the lead at borders and Police taking the lead for domestic investigations. Customs Officers assigned to these units hold Special Constable status.

210. Additional Elements - Review of ML & FT Trends by Law Enforcement Authorities (c. 27.6): Although matters relating ML and FT trends, techniques, and related policy issues are shared and discussed on a regular basis by the FIU with other NAMLC members, no formal review of ML and FT trends has been undertaken.

211. Ability to Compel Production of and Searches for Documents and Information (c. 28.1): Production orders, monitoring orders and search warrants are available to law enforcement authorities (POCA, Sections 37, 39, and 41). For purposes of investigating proceeds of criminal conduct, Section 37 of POCA allows police officers to apply to the Supreme Court for a production order in relation to a particular material or a material of a particular description. Failure to comply with a production order is punishable on summary conviction to imprisonment for two years or a fine of $10,000 or both (POCA, Section 38).

212. A Police officer is also able to gain access to information relating to a person who has at any time held a realizable property from a government department by way of a disclosure order under Section 40 of the POCA. Section 50 of the POCA provides for the search and seizure of cash from any person that is suspected to be related to any criminal activity. Under such provisions, a customs officer is also deemed to be a Police officer. Confiscation of the proceeds of crime is provided under Sections 9 and 10 of the POCA.

213. Section 16 of the Anti-Terrorism (Financial & other Measures) Act 2004 provides for account monitoring orders. Sections 18, 19, and 20 make further provision for general Police powers related to FT, particularly for production orders and search warrants. Sections 14 and 15 of the Act provide for the forfeiture of any funds related to terrorist financing.

214. Sections 18, 19, and 20 of the Terrorism Order 2001 make further provision for general Police powers related to FT, particularly for production orders and search warrants. Sections 14 and 15 of the ATFA provide for the forfeiture of any funds related to terrorist financing.

215. Section 41 of the POCA allows the Police to obtain a monitoring order under which a bank can be directed to give the Police information about transactions conducted through an account held by a particular person with the bank. This power enables the Police to monitor a specific account over a specified period. There is a timeframe for these monitoring orders: the order must specify the period, up to three months, which may be renewed for an additional three months.

216. Under Section 42 of the POCA, where a production order or a monitoring order has been made, it is an offense to disclose that fact if such disclosure is likely to prejudice the investigation into the criminal conduct, or is intended to reveal the existence of the monitoring order.

217. Although the Police have sufficient legal powers to compel the production of information, and to seize and forfeit the proceeds of crime, these powers are not exercised to a sufficient degree, resulting in relatively few investigations, prosecutions, and seizures and forfeitures. Whether this is based on inadequate police and prosecution resources, the failure to prioritize ML and FT, or a lack of training, statistical data shows that relatively little is being accomplished.

218. Power to Take Witnesses’ Statement (c. 28.2): The Bermuda Police Service and the Customs Department may take statements from witnesses, witnesses may make statements before a magistrate, and witnesses may swear statements before a commissioner of oaths. The Court may summon witnesses to appear in a criminal case under Section 4 of the Evidence Act 1905; depositions of witnesses may be read into the record of a criminal trial under Section 9 of the Indictable Offenses Act 1929, and Sections 78 - 80 provide for proof by written statement.

Adequacy of Resources to Law Enforcement and Other AML/CFT Investigative or Prosecutorial Agencies (c. 30.1):

219. Financial Investigation Unit. The current volume of work of the FIU requires substantial additional resources. While all SARs received are subject to an initial review, only a small percentage of SARs are analyzed. The sole analyst in the FIU is often required to assist in other non-FIU related investigations that limit his work for the Unit, resulting in few full-scale investigations arising from SARs. It is expected that once the FIA is established and becomes operational over the course of the next 12 months, it will assume the financial intelligence functions of the existing FIU. Under the proposed FIA law, the new agency will have two full-time analysts. At that point, the Police financial investigation unit may be somewhat better equipped to focus on its investigation and confiscation tasks.

220. As mentioned before, the Police Service has difficulty in maintaining staff succession of experienced financial investigators in the FIU. Recruiting and retaining FIU officers reflects a general problem in the Police Service due to promotions within the Police, the specialized nature of the work and required expertise, and the non-competitive pay grade available for those with suitable backgrounds, as compared with the private sector.

221. The Attorney General’s Chambers. The Attorney General’s Chambers (AGC) Litigation and Civil Advisory section carries out the functions of receiving mutual legal assistance requests on behalf of the AG. The AGC is staffed by a Solicitor General, a Principal Crown Counsel, a Senior Crown Counsel and three Crown Counsels. Bermuda does not receive an inordinate number of requests for mutual legal assistance and currently there is one Crown Counsel that deals with such requests. However, other Crown Counsels in the section are capable of handling these matters should the need arise. The AGC resources are adequate in terms of the number of Crown Counsels, but there is a need for training on Mutual Legal Assistance (MLA), as they rely on the DPP for drafting some of the requests. In 2005, the Attorney General made provisions to have a dedicated Counsel for these matters in order to improve on the delivery of such requests. There is support staff available to assist the Crown Counsel in dealing with MLA requests, and the resources in Chambers are sufficient considering that the number of such requests is manageable. The DPP has taken on the responsibility for sending MLA requests on behalf of the AGC to the Police in a timely manner.

222. Department of Public Prosecutions. The Department of Public Prosecutions is headed by a Director of Public Prosecutions (DPP) appointed by the Governor under the Bermudian Constitution. The Director is therefore not subject to election or appointment by the government. The Department has staff positions for: 1 Director, 1 Principal Crown Counsel, 2 Senior Crown Counsels (SCCs), 5 Crown Counsels (CCs) and 5 Junior Crown Counsels (Jaccs). One of the Senior Crown Counsels specializes in POCA issues (the POC team has three members assigned for the investigative stage and any other support the police might need). Two SCCs and two CCs are contract workers. At the time of the mission, the Department was understaffed with 4 vacant posts as follows: Principal Crown Counsel (which has been vacant for the last two years) and 3 Crown Counsels. The JCC positions are reserved for Bermudian nationals but there is a problem in recruiting and retaining JCC interested in CC positions, mainly due to pay grades that are lower than the private sector, and also because only a small number of Bermudian lawyers who return to Bermuda are interested in pursuing a career in the criminal law field. This all contribute to high staff turnover as trained staff leave for more lucrative positions in the private sector, and as contract positions (expatriates??) are not renewed or the incumbent departs for other reasons.

223. The budget of the Department is determined by the Ministry of Justice, which is potentially problematic because the DPP occasionally has had to investigate politicians. While appointed by the Governor, the DPP has to justify its budget to the AG, who is a political appointee. The staff of the Office of the DPP is appointed by the DPP upon the recommendation of the Public Service Commission.

224. Integrity of Competent Authorities (c. 30.2): Upon application to join the FIU, all persons (Police and civilian) undergo background checks in addition to those conducted when being hired by the Bermuda Police Service, in order to determine and identify their suitability and integrity. All members of the Police FIU are subject to the duty of confidentiality under Section 58 of the POCA.

225. All applicants to the Customs Department undergo a process which includes aptitude testing, an enhanced vetting process through the Police, and an interview, prior to being hired as trainee Customs Officers. Trainee Officers undergo a two-year training process and must pass the Customs Officers examination. Failure will result in dismissal. Additionally, all staff must swear the Official Secrets Act. The promotion process is contained in a Memorandum of Understanding signed by the Department and the Bermuda Public Service Union (the official negotiating body for Customs) – the process is transparent and complies with the Public Service Commission Regulations. Requirements for all posts are set out in a career path document and all staff members are provided training to prepare them for upward mobility and to carryout specialized tasks associated with their duties. Interview panels consist of both internal and external members and interview/assessment test questions are stored in a centralized data base with access limited to the administrator and are randomly selected by the program. Periodic external audits carried out to assess the departments operations against “best practice” guidelines and revenue to ensure compliance with established financial instructions.

226. Legal professional staff at the AG’s Chambers and Office of the DPP is required to have a track record for professional standards and integrity, must take oath under Official Secrets Act, and must have appropriate skill levels as per the job description. Recruitment of–al staff at the AGC and DPP is the joint responsibility of Department of Human Resources, Public Services Commission, the Governor & the Department of Public Prosecutions. Recruitment of Legal Professionals adheres to: (a) minimum qualifications required for each post; (b) suitability of candidates based on job description; and (c) standards set for the profession by the National Bar Council. Each post has minimum qualifying standards which are generally strictly adhered to when being filled from outside the government service. Crown Counsels are qualified Barristers and Attorneys and are required to have five (5) years post-qualification experience. CCs also have to abide by the Official Secrets Act, in addition to their professional code of ethics. Prospective support staff is also expected to have a high level of integrity and are subjected to Police background checks at the time of hiring, as well as sworn under the Official Secrets Act.

227. Training for Competent Authorities (c. 30.3): As the FIU is a law enforcement model within the Bermuda Police Service, there are some nine Police officers attached to that unit who are fully trained financial investigators. In addition, the civilian FIU Analyst is a retired Police officer and fully trained financial investigator. All Police officers within the FIU have been trained as basic financial investigators, and most have received training in specific areas such as confiscations, money laundering, and enhanced financial investigative skills. All Police officers within the FIU are familiar with the Egmont Group secure web for use in the spontaneous sharing of financial information with other competent FIU’s worldwide. The officers are familiar with the Egmont Group Principles of Information Exchange.

228. A full training program is undertaken once a successful candidate commences work in the FIU. All Police financial investigators within the FIU undertake a program of ongoing training based upon available financial resources. The civilian positions of Analyst and Forensic Accountant do require the applicants to already possess the necessary skills and training. Training involves the modular training offered through the Assets Recovery Agency in London, UK. Training courses also include basic and enhanced financial investigation skills, confiscation, and money laundering. Officers also participate in other courses offered by organizations such as the Securities & Exchange Commission in Washington DC, and REDTRAC-a regional law enforcement training school in Jamaica that some of the FIU staff have attended. FIU personnel also regularly attend overseas conferences as well as locally based workshops and seminars in order to keep abreast of developments in the field. In particular, one local training seminar held during 2006 focused upon terrorist financing. All training is based upon the limited funding allocated to the FIU each year within the overseas training budget of the Bermuda Police Service. In 2005, some additional funding was allocated to the FIU for training purposes from the Confiscated Assets Fund; this funding has been fully utilized. The funding allocated to the FIU annually for training purposes is insufficient, and prevents the timely development of the skills of the Police financial investigators within the unit.

229. Some Customs officers have received training from the concluded Caribbean Anti-Money Laundering Programme (CALP), and have been certified as financial investigators. Currently, officers are not being trained in financial investigations. The Crown Counsel responsible for mutual legal assistance requests has received training on the FATF 40+9 Methodology that was provided by the Caribbean Financial Action Task Force (CFATF) in February 2005, as well as local conferences on money laundering.

230. The DPP is mindful of the need for permanent training for legal staff on ML/FT issues. However, training efforts are hampered by problems of limited staff numbers, budgetary constraints, as well as the absence of locally-based training opportunities.

231. Additional Element (Rec 30) - Special Training for Judges (c. 30.4): No training on international developments in the criminal law of ML and FT has taken place.

232. Statistics (applying R.32): There have been no ML cases prosecuted in the last three years, but the DPP is responsible for maintaining statistics on prosecutions and convictions for ML and FT.

2.6.2 Recommendations and Comments
  • The authorities should make enhanced efforts to investigate cases with indications of ML arising from SARs, and use the existing legal powers to initiate non-SAR triggered investigations.

  • Establish measures to ensure continuation of the experience and skill in financial investigations in the Commercial Crime Department.

  • Separate provisions must be made in the budget for training of AGC, DPP, Customs and Police staff, as well as judges, in AML/CFT related matters.

2.6.3 Compliance with Recommendations 27 & 28
article image
2.7 Cross Border Declaration or Disclosure (SR.IX)
2.7.1 Description and Analysis

Legal Framework: Sections 85, 86 of the Revenue Act and Section 50 of the Proceeds of Crime Act.

233. Mechanisms to Monitor Cross-border Physical Transportation of Currency (c. IX.1): Currently, Bermudian law does not require, and there is no system for, the declaration or disclosure of incoming and outgoing physical cross-border transportation of cash and bearer instruments to help detect ML or FT. According to the authorities, the Collector of Customs (Head of the Customs Department) is planning to issue a notice for such purpose under Section 16 of the Revenue Act 1898 and has prepared a draft notice to that effect. Under the draft notice, disclosure of cash and negotiable instruments (hereinafter “currency”) above $10,000 would be required by all persons arriving in Bermuda. By covering all negotiable instruments rather than just bearer instruments, the new system will not only be more robust than the international standards set forth in SR IX, but will also take on an increasingly popular typology in Bermuda: using checks for domestic payment of drugs. However, the new declaration system will not cover outgoing transportation of currency from Bermuda, although the Collector has the requisite legal authority under Section 16 to do so.

234. Although the declaration system being considered is an important step, it still would not fully comply with the requirements of SR. IX since, among other things, it would not cover outgoing transportation of currency. Given concerns about ML associated with domestic drug trafficking, there is no reason not to adopt a system that covers both incoming and outgoing transportation of currency.

235. Request Information on Origin and Use of Currency (c. IX.2): Once the proposed declaration/disclosure system is put in place and the declaration form published, the authorities indicate that both Customs and the Police will have the legal authority to ask questions concerning possible crimes under their general powers provided by Section 5 of the Police Act.

236. Restraint of Currency (c. IX.3): Under current law, a police officer (which includes a customs officer under Section 57(1) of POCA) has the ability to seize and detain cash and negotiable instruments if they suspect that they relate to proceeds of criminal conduct under Section 50 of the POCA, which states as follows:

  • Seizure and detention of cash imported or exported.

    • 50 (1) A police officer may seize and detain, in accordance with this Part, any cash which is being imported into or exported from Bermuda if the officer has reasonable grounds for suspecting that it directly or indirectly represents any person’s proceeds of criminal conduct or is intended by any person for use in any criminal conduct.

237. Under Section 50(2) of the POCA, seized cash may not be detained for more than 48 hours, unless continued detention is authorized by a magistrate for up to a three-month period, which may be extended in three-month increments for up to two years.

238. With respect to seizures of cash relating to terrorist financing, under the ATFA, any authorized officer, defined in Schedule 3, Part 7, paragraph 22(1) to include police, customs and immigration officers, may seize cash “if he has reasonable grounds for suspecting that it is terrorist cash.” The time periods for detaining such cash are the same as in Section 50(2) above. See ATFA, Schedule 3, Part 2, paragraph 2.

239. Customs and Police officers do not have the authority to seize, detain and confiscate cash and negotiable instruments in the event of a false declaration. As noted above, they only have authority to seize and detain cash with respect to suspicion of ML or FT under POCA and the ATFA.

240. Retention of Information of Currency and Identification Data by Authorities when appropriate (c. IX.4): Assuming that the cash or negotiable instruments are seized based on reasonable grounds, the detention procedures outlined under Section 50(2) of the POCA would allow their retention for use by law enforcement. With respect to identification data, all detentions made under Section 50 are recorded by the Police/Customs Joint Intelligence Unit using ’i2’ analytical software.

241. Access of Information to FIU (c. IX.5): The authorities have indicated that once a declaration system is implemented, procedures will be developed to provide the FIU with information on declarations filed. No information sharing mechanisms are being contemplated at this time between the relevant authorities, and it is recommended that a memorandum of understanding (MOU) between Customs, the Police and the FIU (and future FIA) that establishes such procedures would be useful.

242. Domestic Cooperation between Customs, Immigration and Related Authorities (c. IX.6): The Customs Department works with the Immigration Department in a number of ways. It is the frontline agency at all ports of entry, including the airport, with respect to immigration controls under delegated authority from the Governor of Bermuda. Under Section 62(1) of the Bermudian Constitution, the Governor is responsible for external affairs, defense, internal security and the police. The Immigration Department makes the final determination with regard to immigration issues. In addition, both departments are represented on NAMLC. It is expected that such cooperation will cover issues relating to a disclosure system once it is in place.

243. Cooperation between Government departments and other related authorities is available as needed. For example, in a recent criminal case involving extradition arising from the commission of a predicate offense, the Customs and Immigration Departments worked closely with the Police (including the FIU), DPP, AGC and the US Department of Justice. The two individuals charged were tried in the US and subsequently convicted.

244. The authorities should formalize and enhance domestic cooperation by developing a mechanism, such as a sub-committee of NAMLC, specifically to address customs issues that would provide a forum for regular meetings among the Customs Department, the Police (including the FIU), the future FIA, the Immigration Department, the AGC, and the DPP.

245. International Cooperation between Competent Authorities relating to Cross-border Physical Transportation of Currency (c. IX.7): All search and detention reports, including searches for and seizures of currency, are recorded in the Bermudian internal database (i2), in the World Customs Organization’s Customs Enforcement Network, and in the Caribbean Customs Law Enforcement Council’s Regional Intelligence Liaison Officer (RILO) network. The latter two networks are available to Bermuda Customs and to other customs authorities who are members. The authorities have indicated that their cooperation with foreign customs, FIU and law enforcement agencies is available through normal channels when the need arises. There have been a number of cases in the last five years that required the Custom Department’s cooperation with foreign agencies, including US Immigration and Customs Enforcement (ICE) and US Customs and Border Protection (CBP). Since CBP maintains a presence in Bermuda and are signatories to an MOU with the Bermudian Customs and Police, there is routine cooperation on day-to–day matters involving incoming and departing US citizens at the airport and from cruise ships. Bermudian Customs also meets with ICE teams annually and is in contact with them frequently concerning US passengers and crew on cruise ships.

246. Sanctions for Making False Declarations/Disclosures (applying c. 17.1-17.4 in R.17, c. IX.8: Once the declaration system is in place, Sections 85 and 86 of the Revenue Act would be applicable. Section 85 makes it an offense to knowingly make a false declaration, punishable by civil penalty imposed by the Collector of up to $12,000 for any false statement. Under Section 86, two offenses are established. The first is for false declaration for which there is strict liability and punishable by forfeiture to pay $12,000. The second offense is to knowingly making a false declaration and is punishable by up to two years imprisonment and a civil penalty of up to $30,000.

Penalties under Revenue Act 1898

article image

247. With respect to legal persons, since the Interpretation Act defines ’person’ as used in all Bermudian laws to include legal persons as well as natural persons, corporate entities would be included in the sanctions imposed under the Revenue Act.

248. The fines attached to these violations are not sufficiently dissuasive, and may be viewed as simply a cost of doing business given the potential for the transportation of large sums of cash or negotiable instruments. Section 84A(6) gives the authority to the MEF to increase the level of penalties for certain crimes, which therefore may be done without reverting back to the legislature. However, in this case, the Third Schedule, Standard Scale of Penalties, has been revised in 2004 and therefore could not be used as a means of increasing the level of penalties since there has not been “a change in the value of money” as required by this provision as a condition to raising the levels of penalties.

249. In addition, a provision comparable to Section 56 of POCA, Offences by Bodies Corporate, should be included in the Revenue Act so that if corporations are found guilty of an offence under the Revenue Act, there would be clear legal authority to charge directors and officers who have connived with the corporation in committing an offense.

250. Sanctions for Cross-border Physical Transportation of Currency for Purposes of ML or FT (applying c. 17.1-17.4 in R.17, c. IX.9): In addition to the sanctions referred to in the response to c.IX.8 above, the cross-border transportation of cash and negotiable instruments may give rise to a ML offence, which would be subject to penalties of a fine of $50,000 to an unlimited amount, and imprisonment of between five and 20 years, under Section 48 of POCA. In addition, cash and negotiable instruments seized under Section 50 of POCA may also be subject to forfeiture on application of DPP to a court, under Section 51.

251. With respect to transportation of cash and negotiable instruments relating to terrorist financing offences, penalties range from $20,000 up to $200,000 and imprisonment of between 12 months and 14 years, under Section 13 of the ATFA. In addition, forfeiture of terrorist property is available under Section 15(1) of the ATFA which gives effect to the provisions in Schedule 3 of the Act.

252. Confiscation of Currency Related to ML/FT (applying c. 3.1-3.6 in R.3, c. IX.10): According to the authorities, consideration is being given to the drafting of legislation authorizing the Collector to require forfeiture of all undeclared items, including cash and negotiable instruments. Where there are reasonable grounds for suspicion of ML or financing of terrorism, confiscation measures under POCA are available. See responses to c.3.1 – 3.6 above.

253. Confiscation of Currency Pursuant to UNSCRs (applying c. III.1-III.10 in SR III, c. IX.11): There are no confiscation provisions explicitly relating to the confiscation of outgoing or incoming currency. See the responses to c. III.1 - III.10, above.

254. Notification of Foreign Agency of Unusual Movement of Precious Metal and Stones (c. IX.12): All search and detention reports relating to gold, other precious metals and precious stones are recorded in the Bermudian internal database (i2), in the World Customs Organization’s Customs Enforcement Network, and the Caribbean Customs Law Enforcement Council’s Regional Intelligence Liaison Officer (RILO) network. These sources are available to customs authorities who are members of the network. With respect to specific notifications of foreign customs authorities, only those relating to gold are routinely made to other customs agencies. The authorities indicated that their cooperation has never been requested with respect to unusual movements of precious metals but that it is available through normal channels.

255. The authorities should consider developing a procedure to notify other customs agencies of search and detention reports relating to precious metals other than gold, as well as to precious stones.

256. Safeguards for Proper Use of Information (c. IX.13): All data systems used to record seizures and detentions of currency are password protected. Both domestic and international access is limited to specified customs officers for both the domestic and international networks, and passwords are required to be changed periodically.

257. Additional Element – Implementation of SR.IX Best Practices (c. IX.14): According to the authorities, consideration was given to the Best Practices paper in the course of drafting the notice regarding disclosures of cash and negotiable instruments.

258. Additional Element – Computerization of Database and Access to Competent Authorities (c. IX.15): The computerized database maintained by Customs is available to specified police officers who have direct access, and information from that database is provided to other competent authorities on request.

2.7.2 Recommendations and Comments

259. The authorities should move quickly to fully implement the basic elements of SR IX, particularly to address ML associated with domestic drug trafficking. Additionally, the declaration system should cover outgoing transportation of currency. Legal authority should also be considered not just to seize and detain, but also to confiscate currency solely on the basis of a false declaration. The amount of civil money penalties should be increased, and domestic cooperation and information–sharing enhanced among law enforcement authorities. Procedures should be implemented to provide the FIU with information from declarations filed.

2.7.3 Compliance with Special Recommendation IX
article image

3 PREVENTIVE MEASURES - FINANCIAL INSTITUTIONS

Customer Due Diligence & Record Keeping

3.1 Risk of ML or terrorist financing
Sectoral and Institutional Risk Issues

260. Bermuda is not known as a major ML/FT jurisdiction, particularly with respect to crimes originating domestically, including drug trafficking and terrorism. However, it is particularly vulnerable to other forms of ML such as those arising from outside the jurisdiction given its standing as an international financial center. Bermuda has a significant concentration of insurance business (approx. 1,312 companies with over US$105 billion in premiums), investment services and mutual funds (over US$216 in net asset). Bermuda is not a significant banking center by international standards (it only has 4 commercial banks with assets of about US$20 billion and one deposit taking company) but there are two very large banks with significant foreign operations. Moreover, some of these banks provide services to other sectors such as the insurance and mutual funds sector which are very large and can pose ML/FT exposure, albeit in a less direct manner. These FIs largely caters to a global market, mainly customers from countries in North America, Europe, Asia and Latin America which do represent in some cases significant sources of ML/FT risk.

261. Bermudian banks also provide significant off-balance sheet services mainly in asset administration and custody for amounts. There are also financial groups with affiliates engaged in any one or more financial activities including banks, trust, investment and insurance business which have implications for Bermuda as either home or host jurisdiction with respect to consolidated risk management and supervision. Such financial groups could also present a degree of contagion of ML/FT risks, including reputational risk, where the activities of the various business units are interrelated.

262. Financial services outside these formal sectors are considered to be minimal or non-existent (e.g. currency exchange and money transfer services) and are therefore not viewed as a posing significant ML/FT risk. Most residents have access to banking and financial services, including expatriate workers, and the Bermudian economy is not considered to be a cash-based relative to other countries.

263. With respect to the insurance sector, about 70 percent of insurance policies consist of insurance/reinsurance for general risk (property and catastrophe), with about 30 percent comprising long term business (life, annuity and other investment-linked products), including reinsurance, accounting for about US$30 billion in premium. While life and investment-linked policies are not the largest proportion of insurance business, the amount is still substantial, which creates the potential for ML/FT risk in this area. On a systemic level, since the highest concentration of financial activity is in the non-long term sector, the degree of ML/FT risk is correspondingly lower as reflected in the FATF Recommendations which do not cover FIs for this type of business.

264. A majority of insurance companies are captives administered by insurance managers licensed in Bermuda. While most of these captives underwrite owner related risks, the largest concentration (Class 3: some 566+ companies) write third party risks and about 30+ write long-term business. Insurance managers are not subject to the AML Regulations, and this can present a significant lacuna in ML/FT risk management, compliance and supervision.

265. While non-life policies are generally considered to present low ML/FT risks, the authorities should nonetheless be vigilant about potential vulnerabilities that can arise from the unique features of captive operations and management structures. These can include their use as fronts for ML operations (e.g., policy overpricing techniques for transferring and investing illicit funds outside of the country of origin of the company owners and/or policyholders). In addition, captives have not been subject to the same degree of rigor of supervision as other insurers, and a full reliance has been placed on licensed insurance managers for their administration and AML compliance functions. While there were no documented case of ML/FT abuse in this sub-sector, neither have the authorities conducted an assessment of ML/FT vulnerability and risk, nor has there been comprehensive onsite supervision of their activities.

266. The investment services and mutual funds sectors are exposed to ML/FT risks, particularly in the layering and integration stages of ML. The authorities and industry representatives generally consider the high-end market for mutual fund business (e.g., institutional and large subscription business) as presenting a low-risk for ML/FT, and attract a “lighter touch” approach to registration/supervision from a prudential and public interest point of view. However, both retail and institutional/large subscription funds are exposed to such risk and in particular high-net worth clients do present a higher degree of risk as the business is akin and usually connected to private banking and trust, which are generally considered as high risk.

Channels of Delivery Issues

267. As an international financial center, a significant proportion of international business is conducted through intermediaries and introducers located in other jurisdictions, both affiliated and non-affiliated to the Bermudian licensees. The AML Regulations and the Guidance Notes both contain specific provisions and compliance rules for business conducted through such intermediaries mainly with respect to customer identification requirements. In the insurance sector, the domestic market for insurance is relatively small with only a small proportion of business conducted through intermediaries (16 brokers, agents and salespersons). However, a significant proportion of international insurance business is conducted through foreign intermediaries or administered in Bermuda through insurance managers. This creates certain administration and supervisory challenges with respect to risk-management and supervision on a cross-border basis that can create AML/CFT compliance risks. Internationally, the use of intermediaries for the sale and delivery of long term insurance products is considered to be one of the weakest links with respect to AML/CFT controls. Bermuda is no exception and is particularly exposed to such risks in the use of intermediaries located in other jurisdictions.

268. With respect to non-insurance sectors, ML/FT risks can also arise in business conducted through or introduced by local services providers, particularly through legal and other professionals which are currently not subject to the AML Regulations. While FIs can generally rely on the professionalism of local introducers, intermediaries and other service providers in support of their customer due diligence processes, over-reliance can create systemic control weaknesses and leading to high profile investigations of financial crime.

Legal and Regulatory Issues

269. Since the POCA and the AML Regulations were brought into operation in 1998, there have been no substantive change to the legislation, and no amendments with respect to the legal or regulatory provisions concerning the duties of FIs under such laws. In addition, there has been little change to the non-mandatory Guidance Notes since they were issued in 1998 (the main change was in 2001 dealing with fiscal/tax offences). During the last IMF assessment mission in 2003, there was an expectation that the draft Guidance Notes developed subsequent to the mission were to be implemented to address a number of shortcomings, e.g., in CDD. Consequently, the AML laws, regulations and guidelines have not kept pace with the international standards that address the evolving ML/FT risks, and have not helped in raising awareness of ML/FT risks and compliance obligations. In particular, the lack of coverage in the AML Regulations of life insurance business and the limited scope of CDD requirements (customer identification only) contribute to such risks. The GNs also contain a number of provisions (especially for insurance and investment business) that limit or exempt the application of customer identification requirements in cases that are highly unusual and which can weaken the application of AML/CFT controls.

270. Post mission, several pieces of legislation were approved including amendments to the POCA, CJICBA, and a new Financial Intelligence Agency Act. Once fully implemented, these new laws will address a number of the weaknesses in the AML/CFT legal framework identified by the mission, and provide a better guidance to the implementation of AML/CFT risk management processes by FIs.

3.2 Customer due diligence, including enhanced or reduced measures (R.5 to 8)
  • Note:(1) For purposes of this section, Financial Institutions (FIs) and regulated institutions shall have, unless otherwise indicated, the same meaning and are used interchangeably to facilitate description of and references to the Regulations and Guidance Notes.

  • (2) References in this section where there is a requirement or obligation for FIs to comply with the FA TF Recommendations generally refer to the existence of or need for obligations to be established in law, regulations or other enforceable means. The Guidance Notes are not other enforceable means for purposes of this assessment. Consequently, where such references appear in the text with respect to the Guidance Notes, they are only to be interpreted as recommended industry practice for implementation in Bermuda.

3.2.1 Description and Analysis

271. Legal Framework: Section 49 of the POCA empowers the Minister of Finance to make Regulations for, inter alia, requiring financial and other institutions to “establish and maintain procedures relating to the identification of clients, the keeping of records, the making of reports, and training.” Such regulations could also create criminal offences for failing to comply with the established requirements. Pursuant to Section 49, the Proceeds of Crime (Money Laundering) Regulations 1998 (hereinafter referred to as Regulations, Regs., or AML Regulations) were issued prescribing a number of requirements for covered institutions, including customer identification, record-keeping and reporting procedures, as well as for staff training. These Regulations also established sanctions for non-compliance with the requirements through court proceedings. It does not provide for administrative sanctions nor does it identify a competent authority to monitor and enforce compliance. This function is largely carried out by the BMA under the regulatory laws as described below under Rec. 23 and 29. In addition to the AML Regulations, the POCA established the National Anti-ML Committee that is responsible, among other things, for the issuance of guidance for institutions subject to the POCA and Regulations to aid in compliance with the requirements established under such legislation (Section 49 (1) (b) of the POCA), as described below.

272. In 1998, the National Anti-Money Laundering Committee (NAMLC) issued non-mandatory Guidance Notes on the Prevention of ML (Guidance Notes) (amended January 2004) with the main objective of providing guidance on good practice for complying with the POCA and Regulations. In addition, a trial court “may” take into account the Guidance Notes when ascertaining whether a person complied with the POCA (Section 49A) and Regulations (Reg. 8). The Guidance Notes can also be used for definitional purposes when determining compliance with customer identification (Reg. 4 (7)) and record-keeping requirements (Reg. 5(6)). Similar provisions are contained in para. 1(6) of Schedule 1 of the Anti-Terrorism (Financial and Other Measures) Act, 2004 which states that for purposes of establishing whether a person committed the offence of failure to report knowledge or suspicion of FT, a court “must consider whether he followed any relevant guidance”. No such guidance has been issued specifically on CFT issues.

273. The Guidance Notes are not mandatory and, consequently, there are no sanctions for non-compliance and they cannot be considered Other Enforceable Means (OEMs) for purposes of assessing compliance with the applicable FATF Recommendations. The authorities have acknowledged this fact. The use of Guidance Notes in this report is to reflect regulatory expectations of industry practices by the NAMLC and BMA in FIs for compliance with the POCA and Regulations. As noted above, the Guidance Notes are not used herein for purposes of assessing technical compliance with the FATF Recommendations for criteria requirements that should be established in law, regulation or OEMs. Nonetheless, where relevant they are taken into account in assessing the effectiveness of implementation in so far as they can reflect industry compliance practices.

274. Covered Institutions: The institutions covered by the POCA, Regulations (and Guidance Notes) include the following:

Institutions Covered by POCA

article image
article image

Scope of application of the Regulations:

275. Insurance sector: Reg. 2(2)(a)(iv) of the AML Regulations explicitly excludes life insurance business from the application of the AML requirements. In addition, it also appears that where insurance policies contain both life and investment components, and particularly where the life component is the most significant element, it could be interpreted to also exclude this type of business from the Regulations. From discussions with the authorities and industry, it does not appear that this issue has been given much consideration in practice. This can lead to inconsistent implementation of the requirements. The exclusion of life insurance constitutes a significant lacuna in the AML/CFT regime particularly given the importance of the insurance industry of Bermuda. For the insurance sector, it is widely accepted that life and investment linked policies are particularly vulnerable to ML/FT abuse, and this view is reflected in the Guidance Notes which identify life insurance as a risky activity for ML. It is also noted that while long term business (includes life and annuity/investment business) only constitutes about 30 percent of total gross premium (2005 statistics including reinsurance), the volume is still relatively large, totaling some US$30 billion. In addition, only societies and companies registered under the Insurance Act are covered by the Regulations, thereby excluding insurance intermediaries (especially persons acting as salesmen, agents and brokers) registered under this Act.

276. In addition, insurance managers are also not being covered by the Regulations. Insurance managers, including those for captive companies, substantially represent the mind and management for a relatively large number of insurance companies operating in Bermuda. Nonetheless, the BMA expects such managers to ensure that the underlying companies comply with the AML Regulations but the current Regulations would exclude life business as described in the preceding paragraph. A similar situation applies to mutual fund administrators (processing subscriptions and redemptions) which are however covered by the Regulations as described below.

277. Investment/Securities Sector: Reg. 2((2)(a)(vi) covers persons processing subscriptions and redemptions for collective investment schemes (now defined as mutual funds under the Investment Funds Act of December 2006), as defined in Section 1 (2)(a) of the Bermuda Monetary Authority Act. The Investment Funds Act 2006 repealed this section of the BMA Act, as well as the BMA (Collective Investment Schemes) Regulations 1998. It therefore appears that, from a legal standpoint, these repeals excluded mutual funds creating a significant gap in the scope of application of the AML Regulations in an important financial sector. In any event, this gap in scope of the Regulations is wider because mutual funds administrators have a broader definition of activities under the Investment Funds Act that go beyond processing subscriptions and redemptions and which are captured by the FATF definition of FIs. Similar to the insurance sector, this is a significant limitation in coverage given the number (1,267) and volume (US$211 billion) of mutual funds assets under administration in Bermuda. At the time of the mission, the authorities had drafted proposed new AML Regulations that would include licensed fund administrators as financial institutions which would cover all of their activities as defined under the Investment Funds Act.

278. In addition, as DNFBPs (particularly lawyers and accountants) are currently not covered by the AML/CFT regime, there is an ambiguity about whether such professionals are covered by the Regulations when e.g., they provide investment advice or other investment services under Part 2 of the Investment Business Act which are subject to the existing Regulations. To date the authorities have not licensed such professionals under the Investment Business Act (e.g. lawyers) and are unaware of whether they carry on such investment activities.

279.Money and value transfer business, formal or informal: Up to 17 January 2007, the Regulations did not cover money transfer services, only currency exchange services under Reg. 2 (2)(ix). By an amendment to this section on 16 January 2007, all those persons licensed under the BMA’s Money Service Business Regulations issued on the same date are now covered. The MSB Regulations, and by extension, the AML Regulations, cover persons who carry on a money service business which include inter alia, money transmission, currency exchange business, debit/credit card issuance and check cashing, administering/intermediating electronic payments. Persons covered by the MSB Regulations have a 12–month period to apply for a license and at the time of the mission none had been issued and only a couple were under consideration. Prior to the MSB Regulations, there had been one formal independent money transfer service conducting business in Bermuda through a local licensed FI. That service, which was closely monitored by the authorities, was closed down by the FI apparently because of increasing compliance costs (because of the volume of SAR reporting and related issues) and because of reputational concerns. In addition to this case, the authorities are aware of one informal money transmission operator in Bermuda that had been providing money transfer services to certain segments of the expatriate community by aggregating international payments through a local bank account. The mission was informed that the account has been closed.

280.Payments and check management services: The Regulations have recently been amended to cover these services. (See discussion in the preceding paragraph.). There is one well established company operating in Bermuda which is in process of applying for a license under the BMA Money Service Business Regulations that would include money transmission services. This company also engages the management of electronic payment and check cashing services.

281. Prohibition of Anonymous Accounts (c. 5.1): There are no specific legal provisions that prohibit FIs from maintaining anonymous accounts or accounts in fictitious names. However, the known practice is that neither fictitious, nor numbered accounts, are maintained by FIs in Bermuda. The Regulations require FIs to have procedures to conduct and record customer identification for all accounts and to ensure effective monitoring. The authorities maintain that these requirements, including adherence with the Guidance Notes, effectively discourages maintenance of numbered accounts and that any institution that sought to make use of numbered accounts would still need to ensure that it did not prevent proper internal diligence and monitoring.

282. When is CDD required (c. 5.2): Reg. 4(1) states that FIs shall “establish and maintain identification procedures” which require that an applicant for business produce satisfactory evidence of identity as soon as is reasonably practical after first making contact with the FI. Where such identification is not obtained, the business shall not proceed any further. However, when such application for business involves a one-off transaction (as opposed to the establishment of a business relationship), which gives rise to knowledge or suspicion of ML, the FI may proceed with the transaction but only in accordance with any directions given by a police officer for that purpose. This is a reasonable approach to implementation of this requirement as it helps in avoiding tipping off the prospective client.

283. It is noted that the requirement established by Reg. 4(1) only relates to customer identification that while an important element, does not extend to the full range of customer due diligence requirements under Rec. 5 of the FATF. In addition, while the identification obligations created by the Regulations are indirect “procedures” requirements, failure to obtain proper identification should result in a refusal of the client business unless, as mentioned above, there is suspicion or knowledge of ML and it involves a one-off transaction. The mission could not ascertain how in practice this requirement has been complied with or enforced, that is, the need to obtain identification when there is suspicion without tipping off the client. The Guidance Notes do not cover this issue.

284. Specifically, the Reg. 4(2) requires FIs to have customer identification procedures that require customer identification when:

  • a) Forming a business relationship;

  • b) Carrying out occasional one-off transactions where the amount is BD$10,000 or more (equivalent to US$10,000, or the equivalent in any foreign currency). This requirement includes multiple transactions below this amount which appear to be linked, and where the total equals or exceeds BD$ 10,000. The Guidance Notes state that the interval period for aggregating such small transactions should be three months.

  • There are no specific provisions for wire transfers and the US$10,000 threshold is too high for a wire transfer under SR VII which requires establishes the threshold at US$1,000.

  • c) In respect of any one-off transactions, any person handling such transactions for the FI knows or suspects that the applicant for business is engaged in ML or that the transaction is being carried out on behalf of another person engaged in ML. This requirement does not specifically cover FT suspicion and limits the application to one-off transaction, thereby excluding circumstances or other situations where a suspicion or knowledge of ML/FT arises, e.g. any activity in the course of business relationships.

285. There are no requirements for FIs to conduct CDD when there are doubts about the veracity or adequacy of previously obtained customer identification information. (c. 5.2(e))

286. The Guidance Notes (G71) states that once verification and recordkeeping of identification has been completed, no further evidence of identity is needed when transactions are subsequently undertaken.

287. Identification measures and verification sources (c. 5.3): As mentioned under c5.2 above, the AML Regulations do not cover all of the CDD requirements under Rec. 5. While the non–mandatory Guidance Notes expand on the Regulation, they also do not cover all of the CDD issues and as mentioned before, they are not considered “Other Enforceable Means”. A description of the regulatory and guidelines provisions for CDD which is narrowly focused on identification requirements mainly.

288. Reg. 4 (1) described under c5.2 above establishes the legal requirement for FIs to put in place “procedures” that will require the identification of applicants for business, regardless of whether they are individuals or legal entities and arrangements, and whether they are one-off transactions or business relationship. These procedures should require FIs to obtain “satisfactory evidence” of identity, and that such evidence is reliable, implying that verification of identity is required. Furthermore, Reg. 4(7) states that for purposes of this requirement, satisfactory evidence may be determined in accordance with the non-mandatory Guidance Notes which state that:

  • a) G12. FIs should have procedures to enable them to determine, or receive confirmation of, the true identify of customers.

  • b) G26 through G73 provide further details as to what the verification of identity should be, including details for joint account holders, principals and beneficiaries, individuals, partnerships, companies and corporate trustees, regulated intermediary and other institutions and legal arrangements. Exemptions from the verification of identity procedures are also provided under G38 through G45, such as when clients are other regulated FIs and small one-off transactions. Additional but limited guidance (especially for deposit taking institutions) is provided in Part III of the Guidance Notes for deposit taking, investment services, fiduciary and insurance entities.

  • c) For individuals, G56 to G66 provide details of the types of information and verification that should be obtained. In particular, G58 states that “the relevance and usefulness in this context of the following personal information should be considered:” Such wording could be made more explicit so as to provide more clear guidance to FIs for purposes of implementation of the Regulatory requirements. The information referred to under G58 includes full name, date and place of birth, nationality, address, contact details, occupation and employer or nature of self-employment, and specimen signature. In addition, guidance is provided as to the types of identification documents that are preferred e.g. passport and driving license with photographs. Documents that are easily obtained in any name should not be accepted e.g. credit cards. Adequate guidance is also given under G62–G64 with respect to non-resident customers. Where FIs are unable to obtain information from the sources identified in the Guidance Notes, they may seek such information from another institution including confirmation on whether they have it in their records. A form for such request is provided in Appendix D of the Guidance Notes.

289. Identification of Legal Persons or Other Arrangements (c. 5.4):

  • a) (*) Legal persons and arrangements: Reg. 4(4) requires FIs to “establish and maintain identification procedures” which require that FIs identify persons (the principal) on whose behalf an applicant for business appears to be acting. To this end, the Guidance Notes (G28) state that FIs should establish the true nature of the relationship between the principal and applicant for business, including authorized signatories. Principals in this case are widely interpreted as to include beneficial owners, settlors, controlling shareholders, directors and major beneficiaries. It is not clear whether “beneficial owners” in this context would generally extend to the “ultimate beneficiaries”, that is to natural persons where applicable. In the case of trusts and settlements under trusts, an FI should obtain written confirmation from trustees or managers of the trust or settlement with respect to their knowledge of the underlying principals (settlors and named beneficiaries), and that there are no anonymous principals.

  • b) For companies or corporate trustees, the Guidance Notes (G32 and G33) specify that FI should verify the identity of the underlying beneficiary owners, namely those that ultimately own or control interests of 5% or more. In this context, beneficial owners include persons on whose instructions the signatories or intermediaries instructing such signatories are accustomed to act. The following information should be obtained:

  • i) certificates of incorporation

  • ii) names and addresses of beneficial owners and/or persons on whose instructions signatories are empowered to act

  • iii) memorandum of Association and by-laws

  • iv) board resolutions and other mandates and other account opening authorities, including full names of all directors and specimen signatures

  • v) certificate of incumbency and powers of attorney

  • vi) signed director’s statement as to the nature of the company’s business.

Unlike the wording under G32 and G33, G67, G68 and G69 seem to weaken the requirement to identify legal entities. G67 states that “the company should duly accredit all account signatories” which seems to place the onus on the client. And G68 states that the “relevance and usefulness in this context” of the following documents should be “carefully considered”. Wording under both provisions should provide more clear and explicit guidance to FIs for purposes of implementation of the Regulatory requirements.

  • c) For partnerships, the Guidance Notes (G69) also state that the “relevance and usefulness” of obtaining the following information for purpose of verification should be considered: (i) the partnership agreement and (ii) information in respect of the partners and managers. This wording also seems inadequate for purposes of supporting compliance with the obligations imposed by the Regulations.

290. Guidance Note 72 states that a file for each applicant for business should show the steps taken and the evidence obtained in the process of verification, and where exemptions apply, the justification for such exemption. Where such verification is not possible, the process should be suspended and any funds held to the order of the applicant for business should be held until verification is completed. In any event, funds should be returned only to the source from which they came and not to third parties. Where there is a suspicion of ML, a report to the FIU (police) should be made and guidance sought on how to proceed.

291. Identification of Beneficial Owners (c. 5.5*; 5.5.1 * & 5.5.2): See c. 5.4 above. Reg. 4(4) requires FIs to “establish and maintain identification procedures” which require that FIs identify persons (the principal) on whose behalf an applicant for business appears to be acting. To this end, the Guidance Notes (G28) states that FIs should establish the relationship between the principal and applicant for business, including authorized signatories. Principals in this case are widely interpreted as to include beneficial owners, settlors, controlling shareholders, directors and major beneficiaries. In the case of trusts and settlements under trusts, an FI should obtain written confirmation from trustees or managers of the trust settlement with respect to their knowledge of the underlying principals (settlors and named beneficiaries), and that there are no anonymous principals.

292. Where FIs provide fiduciary services, e.g. trust and company services (as defined in Part III of the Guidance Notes), the Guidance Note (G135) places the onus on the “relevant employees” of FIs stating that “Good practice requires relevant employees to ensure that engagement documentation (client agreement etc.) is duly completed and signed at the time of entry.” The onus should be on the FI/service provider and not on the employees per se. In such cases, verification of new clients should include in the circumstances described (i) the settlor and/or “where appropriate” the principal beneficiary(ies); (ii) the beneficial owners of companies; and (iii) a note as to any further information on identification required from the customer’s agent or intermediary.

293. With respect to insurance entities conducting on long-term (life/investment but note that this is inconsistent with the scope of the Regulations that excludes life insurance as discussed above) business, the Guidance Notes (e.g., G139, G140 and G141), there is no provision for the identification of beneficiaries particularly with respect to the timing of such identification. G139, as worded, opens the possibility of ML/FT risk, e.g., in structuring or layering. Where payment of the proceeds of a policy surrender is made before verification of a customer is completed, G130 states that an FI is considered to have complied with the duty to verify the client (“to have taken reasonable measures of verification”) in circumstances where payment to a policy holder is made by check or to an account held solely or jointly in the name of a policy holder by electronic means. This exemption from the conduct of customer identification can give rise to ML/FT risk, e.g., where a customer has paid the policy premium in cash and/or where the FI received such premium from or through another person that is not the applicant for business or beneficiary. In the absence of a general prohibition of cash acceptance by, either insurers or intermediaries, payment on surrender by check, wire transfer or other non-cash means (conversion risk) could involve a degree of ML/FT risk. This is particularly important as G 138 highlights the risk of ML in these types of transactions. In addition, where ML/FT is suspected, there should be an obligation for the FI to conduct CDD as far as possible and to report such cases to the FIU. G139 should therefore be reviewed for purposes of the potential loophole it creates.

294. G140 provides that a significant one-off transaction involving “switch”8 transactions does not require CDD when certain payment conditions are met. However, when read alone or together with G141, it can involve a series of future transactions which could result in the establishment of a business relationship. In addition, as under G139, G140 and G141 should be reviewed with respect to the possibility of creating the opportunity for laying or structuring ML/FT transactions.

295. With regards to Investment Services (securities) business, the Guidance Notes (G123) state that where an agent or intermediary introduces an underlying customer (principal), the latter should be identified. And, where (G125) the intermediary acts as a nominee for the underlying customer and the intermediary deals in its own name, both the intermediary/nominee and the underlying customer are subject to identification and verification, except when the applicant for business is a regulated FI. It should be clarified/emphasized the underlying customer/principal includes ultimate beneficiaries.

296. With respect to G129 (investment services), as for insurance under G139, there is a need to clarify that such cases of early redemption only apply when in the course of establishing a business relationship or conducting a one-off transaction. There should not be an exemption when redemption occurs well after the business relationship is established. In addition, allowing FIs to meet their CDD obligations simply by making payment in the manner described in G129 could give rise to the opportunity for ML/FT.

297. G130 also in effect exempts Investment Services businesses from CDD when they involve Switch transactions, largely similar to those for insurance described under para. 151. This is not appropriate.

298. Where (G131, 132 and 133) an Investment Services business contracts with a customer who agrees to make regular subscriptions, and arranges for the collection of such subscriptions e.g., by completing a direct debit mandate or standing order, the FI should conduct customer identification verification on that customer. However, where a customer sets up a savings scheme and the money so invested is used to acquire investments registered in the name of a “third party”, the person who funds the “cash transaction” is the person whose identification is to be verified. G132 further states that the person who is the “legal owner” of the investment at the time the investment is realized/sold is the person whose identity is to be verified, except where this person is the same one who funded the investment. This is unacceptable for purposes of Rec. 5.5 as the “third party” or beneficiary should be identified at the time the business relationship or one-off transaction is established/conducted. And, where the third party/beneficiary changes subsequent but prior to realization of the investment, then that other new person(s) should also be verified at the time of the change. In addition, identification of the “legal owner” at the time of realization may be insufficient because such person may not be the beneficiary in cases where the investment is held in trust for others. As worded, the G132 can confuse the need to identify the “third party”, “legal owner” and beneficiary, as well the timing for such identification. G133 should also be reviewed as it creates an inappropriate exemption from identification of customers/investors establishing savings and investment vehicles where income is to be reinvested. As worded, G133 states that neither the establishment of such facilities nor the reinvestment of income is to be considered as entering into a business relationship and hence no verification of the customer is required.

299. Information on Purpose and Nature of Business Relationship (c. 5.6): There are no specific provisions either in the POCA, Regulations or Guidance Note that require FIs to obtain information on the purpose and intended nature of the business relationship with customers. Verification procedures, as used in the Guidance Notes, relate specifically to evidence of identity (See Reg. 5 and G11 and G12). Nowhere in the Regulations or Guidance Notes is the “duty of vigilance” or “verification” of customers defined as would indicate, explicitly or otherwise, that these terms include the full range of CDD required under FATF, including establishing the purpose or nature of business relationships.

300. Ongoing Due Diligence on Business Relationship (c. 5.7; 5.7.1 & 5.7.2): There are no specific provisions either in the POCA, Regulations or Guidance Note that require FIs to conduct ongoing CDD during the course of business relationship that would include enhanced monitoring for higher risk business and regular updating of customer profile information, etc.

301. Risk – Enhanced Due Diligence for Higher Risk Customers (c. 5.8): There are no specific provisions either in the POCA, Regulations or Guidance Note that require FIs to conduct enhanced CDD for higher risk customers, business relationships or transactions. There are general principles in the various regulatory guidance notes, e.g., BMA Guidance Note 13 for insurers, which states, for instance, that insurers should implement risk management, control systems and practices, consistent with the entities’ size, complexity and nature of the risk exposures. Such provisions could usefully be applied to ML/FT risk controls in a manner that imposes obligations for enhance CDD for higher risk business. No such clear link exists for compliance with the AML Regulations.

302. Risk – Application of Simplified/Reduced CDD Measures when appropriate (c. 5.9): Except in the specific cases described below (see also section for Exemptions from Customer Identification and Verification above), there are no general regulatory or other provisions that would allow FIs to apply reduced or simplified CDD measures to their customers, business relationships or transactions for AML/CFT purposes. Guidance Notes in particular contain a number of provisions which appear to either exempt FIs from customer verification or allow the application of reduced CDD measures but these have not been justified on the basis of lower risk and the existences of adequate checks and controls in the system. In addition, c 5.9 provides for simplification or reduction of CDD, not complete exemption. The exempted cases are:

  • a) Reg. 4(5): No customer identification/verification is required when the applicant for business is another regulated FI, including a foreign FI, representing an underlying client/principal. In such case, only a written assurance from the FI is required that evidence of identity of the underlying client has been obtained and recorded. Similar provisions are contained under Reg. 4(3) where an applicant for business is introduced by a regulated FI. There are no regulatory provisions which would allow for simplified CDD where the client/principal is another regulated FI subject to adequate AML/CFT requirements and supervision. However, G39 exempts FIs from verifying the identity of an “applicant for business” where such customer is a regulated FI including a foreign FI subject to regulations at least equivalent to the Bermudian Regulations, as listed in Appendix A of the Guidance Notes. It is noted that G39 makes no distinction, as do Regs. 4(3) and 4(4) above, concerning whether the client FI is applying for business as a principal, or is introducing or acting on behalf of another. Consequently, the Guidance Notes may be interpreted as only covering those situations where the client FI is not acting as principal. This should be clarified and made consistent with the Regulations. If G39 is strictly observed, it may create confusion and could create gaps in the identification of underlying clients that, e.g., may use FI facilities to conduct transactions such as with the use of internal/consolidation accounts. Clarification of these exemptions could also provide a better basis for allowing simplified CDD permitted under Rec. 5.9 where low risk is justified. Notwithstanding, in cases where a client FI is seeking to establish cross-border banking and other similar relationships, enhanced CDD would be required under FATF Rec. 7.

  • b) G32: does not require verification of the underlying beneficial owners who own or control the company when they are quoted in a recognized stock exchange.

  • c) G130 Investment Services: No customer identification is required where a significant one-off transaction is a “switch” transaction where the proceeds of an investment are directly re-invested in another investment as described therein. There does not appear to be a basis for proven low risk in these transactions especially as the possibility of multiple investment transactions can effectively result in a business relationship being established. G132 also exempts from identification the third party/legal owner/beneficiary of an investment at the time savings scheme is established for funding investments registered or held in the name of third parties. In addition, G133 states that for savings and investment vehicles which offer customers the facility to reinvest income, the use of such facility should not be considered as entering into a business relationship and “the reinvestment of income” should not require customer identification verification. As described above, it appears that the setting up of such savings or investment vehicles, not only the reinvestment transactions, would also be exempt from such verification which should not be acceptable.

  • d) With regard to Insurance business, all life insurance business is exempted by virtue of Reg. 2(2)(iv), hence the issue of allowing for simplified or reduced CDD measures to this line of business does not apply. However, G140 also exempts from identification verification of “switch” transactions broadly similar to Investment Services described above. G141 also exempts from this identification customers that use facilities where payments from one insurance policy are used to fund the premium of another policy for the same customer. Such facilities are not considered to give rise to a business relationship, nor do the individual payments. As worded no client identification is required for the entire facility and it is unclear why this “facility” should not be considered as constituting a business relationship. In addition, G142 states that verification of identification is not required in respect of persons who receive benefit payments under an employer sponsored pension or savings scheme where such persons do not seek personal investment advice. Where such advice is sought, verification of identity is simplified and considered to have been met when verification of the employer and trustees of the scheme has been completed by the insurer and the principal employer confirms the identity and address of the individual in writing.

303. While there are no provisions in the law or regulations for simplified or reduced CDD, the Guidance Notes lists a number of cases where customer identification is not required including: (i) other regulated institutions in Bermuda and overseas from countries listed in Appendix A; (ii) small one-off transactions, single or linked. However, no threshold is mentioned here and it can only be assumed that a significant transaction or linked transactions would be US/BD$10,000 or more; (iii) certain accounts transacted through the post, telephonic or electronic means involving accounts or investment products that do not allow funds transfers, and where payment is received from another regulated institution and where reliance is made on the CDD of that other institution. (See Rec. 9); (iv) certain mailshot, coupon and similar business conducted through the telephone or other electronic means. It is unclear why these are exempt especially when the risk may be higher in cases where there is no face-to–face contact with clients. (See discussion under Rec. 8 below.)

304. Risk – Simplification / Reduction of CDD Measures relating to overseas residents (c. 5.10): There are no requirements or provisions that limit simplified CDD to non-resident customers that are from countries that Bermuda is satisfied have effectively implemented the FATF Recommendations. The Guidance Notes (Appendix A) provide a list of countries that are considered to have AML regulations at least equivalent to Bermuda’s but these are mainly for purposes of introductions and FIs acting as intermediaries for underlying clients, and not for purposes of simplified or reduced CDD.

305. Risk – Simplified/Reduced CDD Measures Not to Apply when Suspicions of ML/FT or other high risk scenarios exist (c. 5.11): There are no requirements or provisions which would prohibit simplified or reduced CDD where there is suspicion of ML/FT. There is only a limited reference in G43 (e) which indicates that where there is suspicion of ML, reliance on another institution for customer verification should not be allowed when customers conduct certain transactions by post, telephone or electronic means.

306. Risk Based Application of CDD to be Consistent with Guidelines (c. 5.12): The Guidance Notes issued by the National Anti-ML Committee contain provisions where verification of customer identity can be exempted or simplified for the cases described above. These are uni-directional and do not address the need for enhanced CDD for higher risk customers. As noted above, a number of these exemptions/simplifications are not justified.

307. Timing of Verification of Identity – general rule (c. 5.13): Reg. 4(1) imposes a general requirement for FIs to “establish and maintain identification procedures which require: (a) that any applicant for business of a type mentioned in paragraph (2) shall produce satisfactory evidence of his identity as soon as practical after first making contact with the regulated institution.” This provision covers both business relationships and significant one-off transactions. It does not address the need to verify the identity of the customer or beneficiary before establishing the relationship or conducting an occasional transaction. However, because the Regulation refers to “after first making contact” for practical purposes it may be interpreted as carrying out verification during the course of this process. The Guidance Notes elaborates this point stating in G47 that the best time to verify the identity of customers is prior to entry rather than at entry, and that verification should be completed before completing any transaction. However, some exceptions apply as described below.

308. Timing of Verification of Identity – treatment of exceptional circumstances (c.5.14 & 5.14.1): (See 5.13 above.) G48 states that if there are sound business reasons to do so, an account may be opened or a significant one-off transaction carried out before verification of identity is completed. In this case, FIs are expected to have stringent controls to ensure that funds are not transferred to third parties. Alternatively, a senior employee may give authority for such accounts or transactions and that this authority should not be delegated. Such decisions must be recorded in writing and a suggested form to use for recording such authority is provided in Appendix C of the Guidance Notes. G50 also states that in cases of business transacted through the telephone and where payment is or is expected to be made from financial intermediaries, or another account, the FI (verifier) should ensure that such account is held in the name of the applicant for business at or before the time of payment and should not remit the proceeds of any transaction to the applicant for business or on his order until customer verification has been completed. Because the Guidance Notes are not mandatory, enforceability of these and similar provisions is an important shortcoming.

309. With regard to Investment Services, G129 states that verification of identify should normally be completed before payment of the proceeds of redemption occur in cases of significant one-off transactions and transactions carried out within a business relationship. This can be interpreted as requiring verification any time after (which could be a very long time) after a business relationship is established or a one-off transaction/investment is made, and is inappropriate for Rec. 5. In addition, G129 states that the need for verification of identity is satisfied by an “investment manager” where payment of redemption is made to the “legal owner” of the investment (as opposed to the beneficiary owner which could be different) by way of check or to an account held solely or jointly in the name of the “legal holder” of the investment by electronic means. A literal interpretation of this provision would make it inconsistent with Rec. 5. G132 also states that verification of identity of the “legal owner” of an investment (if not the person who funded it), will be completed “when the investment is realized”. This is also unsatisfactory.

310. For Insurers, G139 contains similar provisions as for Investment Services and states that where surrender of a policy occurs prior to completion of verification, including significant one-off transactions and those carried out within a business relationship, verification should be completed before the customer receives the proceeds of the surrender. As well, there is uncertainty with respect to the application of this provision as postponement of verification of identification of the customer should be only for a reasonable period of time to facilitate the process of establishing the business relationship. Postponement of verification before or at the time of payment or exercise of rights under the policy should nonetheless only apply to beneficiaries of life policies (FATF Rec. 5.14) and not generally.

311. Failure to Complete CDD before commencing the Business Relationship (c. 5.15): Subject to the limitation that the Regulations and Guidance Notes do not stipulate a need to conduct the full range of CDD measures, Reg. 4(2) states that where an FI is unable to obtain satisfactory evidence, the business in question shall not proceed any further. One exception is where there is knowledge or suspicion of ML when the FI can proceed on instructions from the competent authority. However, under Reg. 4(2)(d), such cases only relate to “one-off” transactions and not to business relationships. For Investment Businesses, G127 also states that where verification of identity is not completed within a reasonable time, then the business relationship or significant one-off transaction shall not proceed any further. However, where under G128 an investor exercises cancellation rights (or cooling off rights) before completion of verification, such repayment of funds will not constitute “proceeding further with the business’. FIs are advised that under such circumstances care should be exercised to ensure that ML is not involved. Under no circumstances should such repayment be made to a third party.

312. Failure to Complete CDD after commencing the Business Relationship (c. 5.16): Reg. 4(1)(b) states that where satisfactory evidence is not obtained in the course of establishing a business relationship (does not cover existing customers/relationships under FATF Rec. 5.17), the business in question shall not proceed any further except in accordance with instructions from a police officer (FIU) when there is knowledge or suspicion of ML BUT only with respect to one-off transactions (Reg. 4(2)(d).

313. Existing Customers – CDD Requirements (c. 5.17): There are no provisions in the POCA, Regulations or Guidance Notes that require CDD on existing customers at the time the requirements under these instruments were established. In practice, the lack of sufficient CDD documentation on such clients is considered by some FIs as one of their main challenges and a source of ML risk. The BMA has focused on this issue to some extent in the course of their onsite visits.

314. Existing Anonymous-account Customers – CDD Requirements (c. 5.18): Not applicable, except with respect to numbered accounts which are not prohibited but which the authorities state do not exist in Bermuda. The BMA indicated that in the course of its supervisory activities, it has not been informed nor has it come across any case where such accounts are used.

315. Foreign PEPs – Requirement to Identify (c. 6.1): There are no requirements for FIs to have risk management systems to determine whether clients or beneficiaries are PEPs.

316. Foreign PEPs – Risk Management (c. 6.2; 6.2.1): There are no requirements for FIs to obtain senior management approval for establishing or continuing business relationships with PEP clients or beneficiaries.

317. Foreign PEPs – Requirement to Determine Source of Wealth and Funds (c. 6.3): There are no requirements to take reasonable measures to establish the source of wealth and source for PEPs.

318. Foreign PEPs – Ongoing Monitoring (c. 6.4): There are no requirements to conduct enhanced CDD and monitoring for PEP relationships.

319. Domestic PEPs – Requirements (Additional Element c. 6.5): There are no requirements to extend enhanced CDD for domestic PEPs.

320. Domestic PEPs – Ratification of the Merida Convention (Additional Element c. 6.6): No Ratification.

321. Cross Border Correspondent Accounts and Similar Relationships – Introduction: There are no requirements to conduct enhanced CDD with respect to correspondent banking and similar relationships. On the contrary, the Guidance Notes (G39) exempt FIs from CDD when the applicant for business is another regulated FI, including foreign FIs from countries listed in Appendix A.

322. Requirement to Obtain Information on Respondent Institution (c. 7.1): There are no requirements to require FIs to obtain information about a respondent institution to understand its business nor to obtain information about its reputation, quality of supervision or any other regulatory or enforcement action for AML/CFT reasons.

323. Assessment of AML/CFT Controls in Respondent Institution (c. 7.2): There are no requirements for FIs to assess the adequacy and effectiveness of a respondent’s AML/CFT controls.

324. Approval of Establishing Correspondent Relationships (c. 7.3): There are no requirements for FIs to obtain senior management approval to establish or continue correspondent relationships.

325. Documentation of AML/CFT Responsibilities for Each Institution (c. 7.4): There are no requirements for FIs to document the respective AML/CFT responsibilities of the FI and respondent institutions

326. Payable-Through Accounts (c. 7.5): There are no requirements for FIs to satisfy themselves that respondent institutions have conducted CDD in accordance with Rec. 5 on their own clients that have direct access to the FIs’ correspondent accounts, nor are there requirements for the FIs to satisfy themselves that they can obtain information on such customers from the respondent institution, upon request.

327. Misuse of New Technology for ML/FT (c. 8.1): There are no provisions requiring FIs to implement measures to prevent misuse of technological developments that could facilitate ML/FT.

328. Risk of Non-Face to Face Business Relationships (c. 8.2 & 8.2.1): There are no regulatory or other requirements for FIs to implement specific policies and procedures to address specific risks associated with certain the use of facilities or other payment mechanisms that may involve non-face-to-face business. On the contrary, the Guidance Notes (G42-G43) allow FIs to rely on the verification of identify conducted by another regulated FI when payment is received from that other FI in respect of non-paying accounts (G42 and G43) being opened by the customer, and where business is conducted through the use of mailshots, off-the–page and coupons (G44).

3.2.2 Recommendations and Comments
  • Establish in the Regulations or in other enforceable instrument (Other Enforceable Means) all of the applicable requirements under FATF Recommendations 5–8. The current Regulations are limited and the Guidance Notes are not enforceable.

  • The Regulations should be amended to cover all of the relevant financial activities covered by the FATF Recommendations, particularly life insurance.

  • Extend the regulatory regime for FIs to explicitly cover CFT issues.

  • Extend the CDD requirements beyond customer identification.

  • Require CDD in all cases (business relationships and one-off transactions) where there is knowledge or suspicion of ML/FT and not only in cases of one-off transactions. Also, clarify that the threshold for one-off transactions does not apply when there is suspicion. This requirement should also include reporting of suspicion when an FI cannot obtain the required identification/CDD information under Rec. 5.15 and 5.16.

  • Reduce the minimum CDD threshold for wire transfers to the equivalent of US/BD$ 1,000. (See recommendation on recordkeeping under section 3.5.3.

  • Extend the CDD requirements to cases where there is doubt as to the veracity or adequacy of previously obtained information. See recommendation below on the need to update information for “grandfathered accounts”.

  • Reg. 4(4) could more explicitly establish the requirement to identify and obtain CDD information on underlying beneficiaries, including for legal persons and arrangements. This would make the Guidance Notes more consistent with the Regulations.

  • Review the customer identification exemptions provided for in the Guidance Notes for consistency with the Regulations and FATF Rec. 5, 8, and 9.

  • Review the wording of Guidance Notes 129, 130, 139, 140 and 140 on exemptions from identification to ensure that they do not create a practical limitation of CDD in the insurance and investment services sectors. Similar review is required for GNs 131, 132 and 133 for investment services. This should also be reviewed in the context of timing of verification for purposes of Rec. 5.13 and 5.14.

  • CDD requirements that include the purpose and nature of business relationships (and significant one-off transactions) should be established.

  • Require FIs to conduct enhanced monitoring for higher risk business and regular updating of customer profile information, to conduct enhanced CDD for higher risk customers, business relationships and transactions.

  • Require FIs to conduct enhanced CDD for higher risk customers, business relationships or transactions in either in the POCA, Regulations or other enforceable means.

  • Review the exemptions/simplifications provided for in the Regulations and (non-mandatory) Guidance Notes to ensure that they are justified on the basis of proven (documented) low risk. Where applicable, such lower exemptions/simplifications should be allowed only where customer information is publicly available or when there are otherwise adequate checks and controls in the system, especially when the clients are not other regulated FIs.

  • Where simplified CDD is allowed, there should be provisions to limit these to cases where non-resident customers that are from countries that have effectively implemented the FATF Recommendations.

  • As a general rule, do not allow exemptions or reduced CDD measures when there is suspicion of ML/FT.

  • Remove the general exemption in Guidance Note 50 on the timing for verification when payment is to be made from “other account” as this could be interpreted, e.g., from an account held by any non-FI business or unregulated person.

  • Require FIs to expedite the conduct of CDD and update client documentation for clients in existence when the Regulations were issued, the so called “grandfathered” customers. The Regulations were issues in 1998 (about 9.5 years ago) and the slow progress in updating such information creates a significant vulnerability across the industry.

  • Require FIs to conduct enhanced CDD for PEPs.

  • Require FIs to conduct enhanced CDD with respect to correspondent banking and similar relationships.

  • Require FIs to address risks associated with non-face to face business relationships or transactions, and to implement measures to prevent misuse of technological developments that could facilitate ML/FT.

3.2.3 Compliance with Recommendations 5 to 8
article image
article image
3.3 Third parties and introduced business (R.9)
3.3.1 Description and Analysis

329. Legal Framework: Because the Regulations only require FIs to obtain evidence of identity (see Rec. 5 above) and does not extend to the full range of CDD requirements, reliance on intermediaries and introducers would only apply to customer identification. In practice, FIs seem to require more information about their clients than basic identification. Reg. 4(3) states that “where an applicant for business is introduced to a regulated institution by another regulated institution, or foreign regulated institution, a written assurance from the introducing institution to the effect that evidence of the identity of the applicant has been obtained and recorded under procedures maintained by the introducing institutions shall be satisfactory evidence of identify for the purpose of paragraph (1)”. Par. (1) of Reg. 4 establishes the requirement for FIs to have “procedures” that require applicants for business to produce evidence of identity. A foreign regulated institution is a person or entity subject to regulation in any other jurisdiction which is at the least equivalent to the AML Regs. of Bermuda (Reg. 2(2)(c)).

330. In addition, Reg. 4(5) states that where the applicant for business is another regulated institution or foreign regulated institution which is acting other than as a principal, “it shall be reasonable for the regulated institution to accept a written assurance from the applicant for business to the effect that evidence of the identity of the principal has been obtained and recorded under procedures maintained by the applicant for business.”

331. The non-mandatory Guidance Notes (G5 bottom) also state that where an applicant for business is introduced by a member of the same group, verification of identity is not required. It is unclear whether a member of the group refers only to branches, subsidiaries or representative offices operating overseas, or whether they can include non-regulated entities, whether financial or non-financial, of a group of which the Bermudian FI is a member. G35 further provides that where an intermediary client is a regulated institution acting on behalf of an underlying client, and where the account is to be in the institution’s name, then customer identification of the underlying customer is not required but only of the intermediary. G43 provides further examples where an FI can rely on customer identification carried out by another regulated institution, e.g. for certain business conduced by post, phone and electronic means. G45 and Appendix B of the Guidance Notes provide an example of the letter of introduction that FIs can use for introducing clients to other institutions for this purpose. Further specific guidance is provided on reliance on intermediaries and introducers, particularly for the deposit, insurance and investment services sectors in: G56, G57, G65, G114, G114, G123, G124, G125, G126, G147 and G148.

332. For purposes of the above requirements, foreign regulated institutions under Reg. 2(2) are those persons or entities in the 27 jurisdictions listed in Appendix A of the Guidance Notes.

333. Requirement to Immediately Obtain Certain CDD elements from Third Parties (c. 9.1): There is no requirement for FIs to immediately obtain CDD information from third parties. Reg. 4(3) only states that only a “written assurance” from the introducing institution shall constitute satisfactory evidence of identity of the client being introduced. This is insufficient. Reg. 4(5) also sets out a similar requirement where the intermediary FI (applicant for business) is acting for an underlying client (principal) in which case it would be “reasonable for the regulated institution to accept a written assurance” from the intermediary FI. Unlike Reg. 4(3), this provision implies the possibility of receiving such written assurance but is does not impose a direct implicit requirement to obtain such assurance.

334. Availability of Identification Data from Third Parties (c. 9.2): As mentioned under Rec. 9.1 above, there is only an indirect requirement to obtain a written assurance constituting the limited CDD information (satisfactory evidence of identity) on the client. In addition, there are no provisions in the Regulations or any enforceable means to require that such information be made available promptly on request. There is only a limited provision on recordkeeping in the non-mandatory Guidance Notes (G100) which states that records held by “third parties are not in readily retrievable form unless the regulated institution is satisfied that the third part is itself an institution that is able and willing to keep such records and disclose them to it when required.” This does not, however, directly address or impose an obligation on FIs to take steps to satisfy themselves as to the availability and access to such information without delay. In addition, it does not appear to be the general practice that such written assurances or agreements from/with foreign FIs to obtain (and provide) customer information when requested include provisions that would override secrecy or confidentiality laws and restrictions in the jurisdictions where the information and/or underlying client are located.

335. Regulation and Supervision of Third Party (applying R. 23, 24 & 29, c. 9.3): Regulated institutions for purposes of the AML Regulations are defined under the Reg. 2(2) and largely covers banks and deposit taking entities, securities services providers and fund administrators, insurance entities, trustees, credit unions, and currency exchange services. However, even though the Regulations do not cover e.g., life insurance, in practice, there is reliance on foreign services providers for certain elements of CDD particularly by insurance and investment firms. There is no evidence or indication that the authorities and FIs have satisfied themselves that the third parties are adequately covered by and supervised for compliance with CDD requirements as established in the FATF Recommendations. The list of countries in Appendix A of the Guidance Notes, while useful, was largely drawn from the FATF countries at the time of issue which were believed to have adequate AML/CFT controls. In practice, however, some FIs (e.g., insurance and investments entities) indicate that they routinely conduct business in Asia, Latin America and the Caribbean and rely on intermediaries in such regions (e.g., on brokers, agents and/or affiliates) for part of their business. Except for Japan, no countries from these regions are listed in the Appendix for guidance.

336. Furthermore, for purposes of ascertaining whether such FIs are subject to adequate AML/CFT supervision, particularly those subject to consolidated supervision from Bermuda, not all Bermudian FIs have been subject to effective AML/CFT supervision. This is particularly relevant with respect to onsite inspections and including in the insurance sector which is a mainstay in Bermuda’s financial sector and economy.

337. Adequacy of Application of FATF Recommendations (c. 9.4): Appendix A of the Guidance Notes provides a list of 27 countries and territories which are considered to have AML regulations at least equivalent to those of Bermuda. While there is no established process to ascertain the adequacy of such countries’ AML/CFT regimes, the authorities state that the list was largely drawn from the FATF countries believed to have adequate systems in place at the time the Guidance Notes were issued. This list has not been revised since 1998.

338. Ultimate Responsibility for CDD (c. 9.5): There is no explicit provision that imposes ultimate responsibility on the FIs for customer identification and verification in the Regulations or other enforceable instrument. In practice, FIs acknowledge that they are ultimately responsible for CDD.

3.3.2 Recommendations and Comments
  • Require FIs to immediately obtain CDD information from acceptable third parties when relying on their CDD.

  • When allowing FIs to rely on CDD conducted by third parties, require them to satisfy themselves that the requisite CDD documentation has been obtained by such third parties, and that it will be made available to the FIs promptly on request.

  • Periodically review the adequacy of the basis on which FIs rely on the CDD of other third parties whether in Bermuda or in other countries, with respect to their supervision for AML/CFT purposes, and implementation of the FATF Recommendations by countries where the third parties are located.

  • Make it explicit that where reliance on others for certain aspects of CDD is allowed, that the ultimate responsibility lies with the FI.

3.3.3 Compliance with Recommendation 9
article image
3.4 Financial institution secrecy or confidentiality (R.4)
3.4.1 Description and Analysis

Legal Framework:

339. Inhibition of Implementation of FATF Recommendations (c. 4.1): Bermuda has no general statutory law on secrecy other than with respect to the regulatory laws discussed below and the common law principles of confidentiality that apply to the customers of banks and other FIs. The authorities have cited the leading precedent on confidentiality, an English Court of Appeal case, Tournier v. National Provincial and Union Bank of England [1924] 1KB461 which, according to a leading text on the issue, held that –

  • “a bank owes to its customer an implied contractual duty to keep his affairs secret, but that the duty is qualified. The duty arises at the commencement of the relationship and continues after the customer has closed his account in relation to information gained during the period of the account. It covers information about the customer’s affairs gained by virtue of the banking relationship and is not limited to information from or about the account itself.”

  • R. G. Toulson and C. M. Phipps, Confidentiality, 2nd ed. (Sweet & Maxwell, 2006), p. 257.

340. There are four qualifications, or exceptions to this duty:

  • (a) Where disclosure is under compulsion by law; (b) where there is a duty to the public to disclose; (c) where the interests of the bank require disclosure; (d) where the disclosure is made by the express or implied consent of the customer.

  • Tournier, at 471–472 and 473, cited in Toulson and Phipps, p. 258.

341. According to the authorities, Bermudian case law has followed this precedent, one example being Brian Lines v. Lines Overseas Management Ltd. [2006] Bda LR 43, 236, at 242.

342. The exception relating to disclosure under compulsion by law is embodied in a number of places in Bermudian statutory law. All of the five regulatory laws (the only exception being the MSB Regulations) provide for confidentiality of information with gateways to the authorities. The Banks and Deposit Companies Act 1999 is typical: Section 52(1) provides that “no person who under or for the purposes of this Act receives information relating to the business or other affairs of any person; and no person who obtains such information directly or indirectly from a person who has received it as aforesaid, shall disclose the information without the consent of the person to whom it relates and (if different) the person from whom it was received as aforesaid.” Disclosure of information in contravention of the statute is a criminal offense with penalties of up to $100,000 and five years imprisonment or both, under Section 52(3). Subsequent sections have a series of gateways allowing disclosure of information to the BMA, the Minister of Finance, the DPP and police, as well as disclosures by them to foreign authorities. See Sections 53 – 55. See also Sections 52, 52A, 52B, 52C of the Insurance Act 1978, Sections 78 – 81 of the Investment Business Act 2003, Sections 68 – 71 of the Investment Funds Act 2006, and Sections 48 – 51 of the Trusts (Regulation of Trust Business) Act 2003.

343. However, there is no explicit gateway in any of these laws for disclosures to the FIA, since it was not in existence at the time those laws were enacted and therefore consideration should be given to remedying this deficiency by amending relevant laws.

3.4.2 Recommendations and Comment
3.4.3 Compliance with Recommendation 4
article image
3.5 Record keeping and wire transfer rules (R.10 & SR.VII)
3.5.1 Description and Analysis

344. Legal Framework: Reg. 5 establishes recordkeeping procedures for FIs covered by the AML Regulations. It explicitly requires FIs to maintain records for the minimum period of 5 years or longer when required. Unlike the “procedures” requirement for establishing the identity of clients under Reg. 4, the recordkeeping requirement is direct and explicit. [For consistence and for the removal of any doubt, it would be useful that wording of the customer identification (CDD) and internal reporting (suspicious activity reporting) requirements under the Regulations were consistent (direct and explicit) with that of Reg. 5 for recordkeeping and with Reg. 7 for employee training.]

345. The recordkeeping requirements include: (a) evidence of client identity; (b) a record indicating the nature of evidence of identity providing information that would enable a copy of it to be obtained; and (c) other business records or copies of such records that may be necessary to assist an investigation into ML. Item (b) which provides for a record “indicating” the nature of evidence could be interpreted as to provide for situations where the underlying identity records are held by others (FIs) such as when reliance is placed on third parties. For purpose of item (c) above, regard may be had to the Guidance Notes as to what may be necessary to facilitate an investigation.

346. The Guidance Notes (G11 and G12) also include recordkeeping as part of the duty of vigilance which FIs are expected to observe. Further detailed guidance on recordkeeping is provided in G93–G102. These guidelines provide details as to the type of records that can be used to facilitate an ML investigation and provide an audit trail for customer transactions. Additional details are also provided for some of the sectors covered including Investment Services (G123) and Insurance (G144–G148).

347. In addition to the recordkeeping provisions contained in the Regulations and Guidance Notes, the various regulatory laws also contain certain complementary elements that while not specifically for AML/CFT, could usefully be applied for this purpose. For instance, the minimum licensing criteria for institutions supervised by the BMA require licensees to conduct their affairs in a “prudent manner”. A key element of such conduct involves maintaining “adequate accounting and other records of its business and adequate systems of control of its business and records.” The Banks and Deposit Companies Act (1999) Second Schedule further states that such records should allow an institution to manage its affairs in such a manner as would allow it to comply with this Act and does not extend to the POCA and its Regulations. In contrast, the Insurance and Investment Business Acts extend the requirement in their respective schedules to other legislation which can include the AML Regulations. However, the Investment Funds Act (2006) and the Money Service Business Regulations (2007) have identical provisions in their Schedules for minimum licensing criteria that exclude reference to the application of recordkeeping requirements to compliance with any other legislation. It would be useful if all the minimum licensing criteria Schedules in the regulatory laws include a reference to other legislation as contained in the Insurance and Investment Business Acts. And, for the removal of doubt, specific reference can also be made to the AML/CFT legislation.

348. Record-Keeping & Reconstruction of Transaction Records (c. 10.1 & 10.1.1): The records retention period requirement is set out in Reg. 5(4) which states that records relating to the opening of an account are to be kept for five years after the day on which the account is closed. If the record relates to the renting of a deposit box, the five year period commences the day after which the box ceases to be used. This, however, may not necessarily be the same day when the rental period expires.

349. With respect to transaction records, the five year period starts the day after which a transaction takes place. The record transaction retention requirement does not distinguish between domestic and international transactions. Reg. 5(4) also states that where a police officer notifies the FI in writing that particular records are/may be relevant to an investigation which is being carried out, such records shall be retained pending the outcome of the investigation. This last requirement does not specify that the retention period is in addition to the five year requirement, and could theoretically result in a retention period of less than five years if the outcome of the investigation is determined before five years. In addition, it is unclear what in this case constitutes the “outcome of the investigation”, whether it refers to e.g., the prosecution, trial, conviction and/or the confiscation process. However, the Guidance Notes (G95) suggest that even where the five year period has elapsed, the FIU may request the FI to keep such records until further notice implying that the records could be held for longer than the prescribe period. The reference in Reg. 5(4) where such a request should come from a police office should be taken into account in any future change in the FIU structure and arrangements (re: the proposed new FIA) to ensure that such provisions remain effective.

350. With respect to the sufficiency of transaction records, Reg. 5(2) states that they should contain such details to assist in an investigation into suspected (known?) ML and that the Guidance Notes should be consulted for this purpose. The Guidance Notes (G94 to G102) provide such details which include: account opening records, ledger records and supporting documentation for ledger entries including debit and credit slips and checks. Additional sufficient details are provided in the Guidance Notes for identification records including for beneficiaries. However, G97 states that records relating to “transactions” include (a) customer identification details and (b) details of securities and investments transacted. This significantly limits the scope of transaction records because it would exclude such details relating to non-securities related business, e.g., banking, and insurance transactions.

351. The Guidance Notes (G98) also require sufficient details of payment records made through electronic transfers to enable FIs to establish the remitting customers’ identity and as far as possible that of the ultimate recipients. They do not specify what the “sufficient detail” should be or whether they would include full originator information to comply with the requirements under SRVII for wire transfers.

352. Record-Keeping for Identification Data (c. 10.2): See Rec. 10.1 above.

353. Availability of Records to Competent Authorities (c. 10.3): Reg. 5(3) requires FIs to keep records or copies of records in such a way as to allow for their retrieval in legible form within a reasonable period of time. For this purpose, the GNs indicate that FIs should be able to access such records without delay and that they may be in original, microfilm, microfiche or electronic form. G100 also states that records held by third parties (e.g. intermediaries and introducers) would not be considered to be in readily retrievable form unless the regulated institution is satisfied that the third party is itself an institution that is able and willing to keep such records and disclose them to it when required. In practice, some FIs require third parties to agree that such information will be provided to them. As discussed in Rec. 9, there are no requirements or guidelines that would identify measures that could be taken particularly in the context of cross-border customers and arrangements where secrecy and confidentiality may limit the availability of such records. Written assurances and agreement that do not include effective and tested mechanisms to obtain such records without delay may not be sufficient. Discussions with some FIs suggest that such agreements may not include these types of provisions. G101 further states that where the FIU (police?) requires sight of records that would have been destroyed under an FI’s normal procedures, the FI is nonetheless required to search for such records and provide as much detail as possible to the FIU.

354. Obtain Originator Information for Wire Transfers (applying c. 5.2 & 5.3 in R.5, c.VII.1): Customer identification for one-off transactions below the equivalent of US$10,000 (BD$ 10,000) are not covered by CDD (identification) requirements in the regulations or otherwise. Consequently, wire transfers between the equivalent of US$1,000 and US$9,999 are not subject to customer identification requirements and hence FIs are not required to obtain and maintain full originator information. For wire transactions above US$10,000, the non-mandatory Guidance Notes (G94 to G98) set out the type of detail records that should be maintained to identify a customer, but do not specify such details to include account numbers, address or other substitute information as allowed for by SRVII. G98 only states that FIs should retain records of electronic payments with “sufficient detail” to enable them to establish the identity of the remitting customer and as far as possible the identity of the ultimate recipient. While not specific to wire transfers, such detail may be available in the Guidance Notes under Methods of Verification (G56 to G70) which include address, date of birth and other information. In discussions with banks, there appears to be no restrictions in law or practice on the inclusion of names and account numbers in outgoing wire transfers.

355. Inclusion of Originator Information in Cross-Border Wire Transfers (c. VII.2): There is no requirement to include full originator information in cross-border wire transfers.

356. Inclusion of Originator Information in Domestic Wire Transfers (c. VII.3): There are no provisions anywhere for domestic wire transfers and the limitations under SRVII. 1 and VII.2 also apply here.

357. Processing of Non-Routine Transactions: Intermediary and Beneficiary Financial Institutions (c.VII.4): There are no provisions that require intermediary and beneficiary FIs in a wire transfer payment chain to transmit originator information.

358. Risk-based Procedures for Transfers Not Accompanied by Complete Originator Information. (c. VII.5): There are no requirements for the adoption of procedures (risk-based) for handling wire transfers that are not accompanied by complete originator information. Neither do the Guidance Notes (Appendix E) include the lack of such information for wire transfers as a basis for deciding if a transaction is suspicious.

359. Monitoring of Implementation of SR VII (c. VII.6): There are no systems in place to specifically review compliance with wire transfer requirements under SRVII. And neither the BMA onsite procedures nor examinations conducted to date specifically focus on wire transfer activity risk and activity.

360. Sanctions (applying c. 17.1–17.4 in R.17) (c. VII.7): As there are no specific enforceable requirements for wire transfers, hence there are no applicable sanctions.

3.5.2 Recommendations and Comments
  • Include in all the Schedules for minimum licensing criteria of the financial regulatory laws a recordkeeping requirement to comply with the AML/CFT legislation, not only for purposes of the regulatory laws.

  • Consider rewording Reg. 5(4) to make it more consistent with Guidance Note 95 to state that the retention period in cases of an investigation would be longer than the minimum five-year period specified. Also clarify what constitutes the “outcome of the investigation” and whether it would include, e.g., the prosecution, trial, conviction or confiscation procedures.

  • Revise the Guidance Notes (G97) to ensure that the retention of transaction records are not limited to details of securities and investments transacted, and that they apply to non–securities related business, e.g., banking and insurance transactions.

  • Require that FIs satisfy themselves that they can obtain records promptly on request from third parties on which reliance is placed for CDD.

  • Reduce the minimum recordkeeping threshold to the equivalent of US$1,000, and specify that full originator information should be obtained and retained for the minimum period in accordance with SRVII.

  • Ensure that the Regulations, Guidance Notes, examination procedures and general oversight of FIs includes compliance with wire transfer requirements as set out under all the essential criteria of SRVII.

  • Include lack of complete originator information as a basis for determining whether a suspicious activity report is filed with the FIU.

3.5.3 Compliance with Recommendation 10 and Special Recommendation VII
article image

Unusual and Suspicious Transactions

3.6 Monitoring of transactions and relationships (R.11 & 21)
3.6.1 Description and Analysis

361. Legal Framework: There are no requirements in law or regulations or other enforceable means for FIs to pay special attention to complex, unusually large, or unusual patterns of transactions that have no apparent economic or lawful purpose. G75 states that “although the Guidance Notes “tend to focus on new business relationships and transactions,” FIs should be alert to the implications of financial flows and transaction patterns of existing customers, particularly where there is a significant, unexpected and unexplained change in behavior of an account.” While this does not meet the standards requirement, it does provide some guidance for identifying suspicious activity. Examples of suspicious transactions are provided in Appendix E of the Guidance Notes.

362. Special Attention to Complex, Unusual Large Transactions (c. 11.1): There are no requirements for FIs to pay special attention to complex, unusually large, or unusual patterns of transactions that have no apparent economic or lawful purpose. In addition, some FIs do not aggregate customer accounts for purposes of monitoring for unusual and suspicious transactions throughout the FI either on a standalone basis or group-wide. In practice, FIs have filed SARs with the FIU which may involve having to monitor for such types of transactions under the suspicious reporting regime.

363. Examination of Complex & Unusual Transactions (c. 11.2): See Rec. 11.1 above.

364. Record-Keeping of Findings of Examination (c. 11.3): See Rec. 11.1 above.

365. Special Attention to Countries Not Sufficiently Applying FATF Recommendations (c. 21.1 & 21.1.1): There are no requirements in law or regulations or other enforceable means for FIs to pay special attention to business relationships and transactions with persons from or in countries which do not sufficiently apply the FATF Recommendations. The non-mandatory Guidance Notes provide a list (Appendix A) of 27 jurisdictions where foreign regulated institutions operating in such jurisdictions can be accepted by Bermudian FIs as “reliable” introducers of business. This however does not satisfy the requirements of Rec. 21.

366. Examinations of Transactions with no Apparent Economic or Visible Lawful Purpose from Countries Not Sufficiently Applying FATF Recommendations (c. 21.2): See Rec. 21.1 above. There are no such requirements for FIs.

367. Ability to Apply Counter Measures with Regard to Countries Not Sufficiently Applying FATF Recommendations (c. 21.3): Except as described in the Guidance Notes above, there is no process to enable Bermuda to apply counter-measures with respect to countries that do not sufficiently apply the FATF Recommendations.

3.6.2 Recommendations and Comments
  • Introduce in law, regulations or OEMs a requirement to monitor, examine and record information on complex, unusually large, or unusual patterns of transactions that have no apparent economic or lawful purpose.

  • Require FIs to pay special attention, examine and record business relationships/transactions with persons from or in countries which do not sufficiently apply the FATF Recommendations, and implement a system identify such countries.

3.6.3 Compliance with Recommendations 11 & 21
article image
article image
3.7 Suspicious transaction reports and other reporting (R.13–14, 19, 25 & SR.IV)

Description and Analysis

368. Legal Framework: POCA, the POCA Regulations and the ATFA

369. Requirement to Make STRs on ML and FT to FIU (c. 13.1 & IV.1): Under Section 46 of POCA, there are two separate and distinct provisions relating to the filing of SARs: The first relates all filings of SARs by any person, voluntary or required, and states as follows:

  • “Disclosure of knowledge or suspicion of money laundering

  • 46 (1) Where a person in good faith discloses to a police officer—

    • (a) his suspicion or belief that another person is engaged in money laundering, or

    • (b) any information or other matter on which that suspicion or belief is based,

  • the disclosure shall not be treated as a breach of any restriction upon the disclosure of information imposed by statute or otherwise and shall not give rise to any civil liability.”

370. A defense is available for those who fail to file a SAR if they have “a reasonable excuse for not disclosing the information or other matter,” under Section 46(4) or if they are members of the legal profession and the information came to them in privileged circumstances, under Sections 46(3) and 46(6).

371. FIs are also covered under the Proceeds of Crime (AML Regulations 1998) which require that each such institution, including banks, insurance companies, investment and trust businesses, and collective investment schemes, “institute and maintain internal reporting procedures” including that a reporting officer be named to receive reports of suspicions of money laundering, and that requiring the reporting officer “to disclose to a police officer the information or other matter contained in a report, where the reporting officer knows or suspects that a person is engaged in money laundering.” (Section 6(1) of the ML Regulations). There is no requirement in the Regulations that the Reporting Officer actually files the SAR, nor any offence created by his or her failure to do so. However, Section 46(2) of POCA would create an offence for such officer failing to report.

372. With respect to terrorist financing, there are three separate and distinct provisions for the filing of SARs. The first is in Section 9 of the ATFA, which requires all persons in a trade, profession, business or employment, other than regulated institutions, to file SARs with respect to terrorist financing. Section 9 states in relevant part as follows:

  • “Disclosure of information: duty

  • 9. (1) This section applies where a person —

    • (a) believes or suspects that another person has committed an offence under any of Sections 5 to 8; and

    • (b) bases his belief or suspicion on information which comes to his attention in the course of a trade, profession, business or employment.

  • (2) But this section does not apply if the information came to the person in the course of a business in the regulated sector (as defined in paragraph 1(12) of Schedule 1 for the purposes of that paragraph).9

  • (3) The person commits an offence if he does not disclose to a police officer, as soon as is reasonably practicable —

    • (a) his belief or suspicion; and

    • (b) the information on which it is based.

  • (4) It is a defence for a person charged with an offence under Subsection (3) to prove that he had a reasonable excuse for not making the disclosure.

  • (6) Subsection (3) does not require disclosure by a professional legal adviser of —

    • (a) information which he obtains in privileged circumstances; or

    • (b) a belief or suspicion based on information which he obtains in privileged circumstances.

    • (7) For the purposes of Subsection (6) information is obtained by an adviser in privileged circumstances if it comes to him, otherwise than with a view to furthering a criminal purpose —

      • (a) from a client or a client’s representative, in connection with the provision of legal advice by the adviser to the client;

      • (b) from a person seeking legal advice from the adviser, or from the person’s representative; or

      • (c) from any person, for the purpose of actual or contemplated legal proceedings.”

373. Based on the statutory language above, for persons engaged in the course of a trade, profession, business or employment, failure to file a SAR is an offence when they have a belief or suspicion of terrorist financing, under Section 9(1) of the ATFA.

374. In addition, voluntary SARs may be filed under Section 10(1) of the Act by any person, based on “a suspicion or belief that any money or other property is terrorist property or is derived from terrorist property” or under “the circumstances mentioned in Sections 9(1) and (3).” Section 10(2). With respect to the regulated sector, a person employed by a financial institution may choose to make a report to a police officer directly, rather than to the MLRO as required by the procedures of the financial institution.

375. For the regulated sector, a different SAR offense applies: For FIs and any other entities prescribed by the Minister of Justice, a failure to file a SAR is an offense when such persons have knowledge or suspicion based on information developed in the course of business in the regulated sector, under Schedule 1, Part 1, Section 1. To date, the Minister has not extended this provision to regulated sectors. In addition, such persons have a defense against failing to file a SAR if they have “a reasonable excuse for not disclosing the information or other matter” or if they are members of the legal profession and the information came to them in privileged circumstances. Schedule 1, Part 1, Section 1(5).

376. These provisions raise a number of concerns as follows:

  • First, Bermudian law does not require the filing of SARs for suspicions relating to terrorist organizations as required by SR II, nor is this addressed in the POCA Amendments.

  • Second, there are two different standards for filing SARs relating to terrorist financing, the first, for those engaged in a trade, profession, business or employment, and for voluntary SARs, is based on “belief or suspicion” under Section 9(1)(a) of the ATFA, whereas for regulated institutions, the standard is “knows or suspects” under Schedule 1, Part 1, paragraph 1(2) which is a higher standard. It is not clear why a higher standard would apply to regulated institutions when it is most likely that they would have the most sophisticated internal controls and monitoring systems in place to detect instances of terrorist financing. It should be noted that no SARs relating to terrorist financing have been received by the FIU since the ATFA became operational on March 7, 2005.

377. Third, the defense of reasonable excuse to a prosecution for failure to file a SAR is unnecessarily broad in Section 46(4) of POCA, and Schedule 1, Part 1, paragraph 1(5)(b) of the ATFA. Since the term ‘reasonable excuse’ is not defined by statute, it is subject to the discretion of Bermudian courts, and therefore could, in some circumstances, undercut the obligation to file SARs. Consideration should be given to narrowing this defense.

378. STRs Related to Terrorism and its Financing (c. 13.2): Under the ATFA, as stated in the response to c. 13.1 above, while there is no direct obligation to file a SAR, it is an offense not to file one in connection with FT. Failure to file a SAR with respect to terrorist organizations is not an offense. In addition, Section 8 of the Terrorism Order 2001 provides for notification by FIs to the Governor in cases where it knows or suspects that a customer or counterparty is involved in the financing of terrorism.

379. No Reporting Threshold for STRs (c. 13.3): Under the POCA and the ATFATFA, all suspicious transactions must be reported regardless of the amount involved. Attempted transactions are not explicitly required by statute or regulation but would fall under the general offence which covers knowledge or suspicion of money laundering, regardless whether the transaction went forward.

380. Making of ML and FT STRs Regardless of Possible Involvement of Tax Matters (c. 13.4, c. IV.2): Under current Bermudian law, only drug trafficking and terrorist financing-related suspicions are covered; however, the FIU does receive tax fraud-related SARs from time to time. The POCA Amendments Act would expand the scope of SARs to include all indictable offenses, which would encompass tax matters as well.

381. Additional Element – Reporting of All Criminal Acts (c. 13.5): Under current Bermudian law, only drug trafficking and terrorist financing-related suspicions must be reported.

382. Protection for Making STRs (c. 14.1): Under Section 46(1) of POCA, any good faith disclosure (i.e., SAR) to a police officer based on suspicion or belief that another person is engaged in ML “shall not be treated as a breach of any restriction upon the disclosure of information imposed by statute or otherwise and shall not give rise to any civil liability.” There are similar provisions for those who file a voluntary FT-related SAR, under Section (10)(3) of the AFTA. However, there are no such protections for those in a trade or business (other than regulated institutions) who are required to file a SAR under Section 9 of the AFTA, and similar protections for regulated institutions under Schedule 1, Part 1, paragraph 2(1) of the ATFA. have not yet been implemented. Nor are there any explicit protections against criminal liability for filing of either ML–or FT-related SARs.

383. Prohibition Against Tipping-Off (c. 14.2): The tipping-off provision contained in Section 47 of POCA focuses on the disclosure of information that would prejudice an investigation being conducted into money laundering:

“Tipping-off

  • 47 (1) A person is guilty of an offence if—

    • (a) he knows or suspects that a police officer is acting, or is proposing to act, in connection with an investigation which is being, or is about to be, conducted into money laundering; and

    • (b) he discloses to any other person information or any other matter which is likely to prejudice that investigation or proposed investigation.

  • (2) A person is guilty of an offence if—

    • (a) he knows or suspects that a disclosure has been made to a police officer or to an appropriate person under Section 44, 45 or 46; and

    • (b) he discloses to any other person information or any other matter which is likely to prejudice any investigation which might be conducted following such a disclosure.

  • (3) Nothing in Subsection (1) or (2) makes it an offence for a professional legal adviser to disclose any information or other matter—

    • (a) to, or to a representative of, a client of his in connection with the giving by the adviser of legal advice to the client; or

    • (b) to any person—

      • (i) in contemplation of, or in connection with, legal proceedings; and

      • (ii) for the purpose of those proceedings;

      • but this subsection does not apply in relation to any information or other matter which is disclosed with a view to furthering any criminal purpose.

  • (4) In proceedings against a person for an offence under Subsection (1) or (2), it is a defense to prove that he did not know or suspect that the disclosure was likely to be prejudicial in the way there mentioned.

  • (5) No police officer or other person shall be guilty of an offence under this section in respect of anything done by him in the course of acting in accordance with the enforcement, or intended enforcement, of any provision of this Act or of any other statutory provision relating to criminal conduct or the proceeds of criminal conduct.”

384. A number of concerns are raised by these provisions:

  • Banks file the vast majority of SARs, with the two biggest components of the financial sector, insurance and investment business, filing a miniscule number of SARs. Further, although SARs are required for all those in a trade, business, profession or employment, only 2 – 3 percent of SARs are filed by non-financial businesses. Since the vast majority of SARs have been filed by banks even though they make up a small part of the financial sector, it appears that other sectors may be underreporting.

  • The tipping-off provision contained in Section 47(1) is limited to investigations being conducted with respect to ML and makes no mention of FT investigations. Under Recommendation 14(b), all SARs must be protected.

  • Section 47(2)(b) makes it an offense to disclose “to any other person information or any other matter which is likely to prejudice any investigation which might be conducted following such a disclosure.” Hence, under current law, there is no explicit prohibition against a person disclosing the fact that a SAR has been filed, or any information contained in that SAR, unless that disclosure also is likely to prejudice an investigation that might be conducted following the filing of a SAR. This appears to be an objective, rather than a subjective test, in that the subsection makes reference to “any investigation that might be conducted,” which would require a finder of fact to determine whether a hypothetical investigation might be prejudiced.

  • Finally, the use of the term ‘disclosure’ in this Section is confusing in that while it is meant to refer to the SAR itself, it could be taken to mean the disclosure being made by the person tipping-off.

385. In order to address these concerns, a new provision should be added to Section 47 that explicitly creates a tipping-off offence for SARs filed for any purpose, including the fact of filing and the information contained therein, without any linkage to investigations as under current law.

386. Additional Element – Confidentiality of Reporting Staff (c. 14.3): While there is no explicit provision in law or regulation to protect the confidentiality of names and other details relating to those who report; however, Section 58(1) of POCA provides that “no police officer shall disclose any information or matter which has been obtained by him in the performance of his duties or the exercise of his functions under this Act.” Under the POCA Amendments Act, Section 58(1) provides that “[e]xcept as provided in this section, no person who under or for purposes of this Act receives information from any person shall disclose it without the consent of the person to whom it relates (and if different) the person from whom it was obtained.” This is meant to apply to police officers and the proposed new FIA’s employees to restrict any information received by or for purposes of POCA, including information about SARs.

387. Consideration of Reporting of Currency Transactions Above a Threshold (c. 19.1): According to the authorities, consideration was given to a currency-based reporting system at the time that the POCA was drafted in 1997. No such reporting system was established.

388. Additional Element – Computerized Database for Currency Transactions Above a Threshold and Access by Competent Authorities (c. 19.2): N/A

389. Additional Element – Proper Use of Reports of Currency Transactions Above a Threshold (c. 19.3): N/A

390. Guidelines for Financial Institutions with respect to STR and other reporting (c. 25.1) [Note: guidelines with respect other aspects of compliance are analyzed in Section 3.10]: While the Guidance Notes provide guidelines for use by FIs in connection with the filing of SARs, preventive measures and internal controls, and examples of suspicious ML transactions, the do not provide descriptions of FT techniques, nor of any typologies or additional measures. FIU officials stated that they provide descriptions and typologies in regular training and awareness sessions for the financial sector as well as DNFBP and the business sector generally.

391. Feedback to Financial Institutions with respect to STR and other reporting (c. 25.2): Feedback is not required by law or regulation and is not formalized in any procedures, but may take several forms in Bermuda. First, a pro forma letter is sent to reporting institutions on the results of the investigation of the SAR. Second, the same result may be given verbally with more detail. Third, training and awareness sessions provide general feedback on SARs filed.

3.7.1 Recommendations and Comments
  • POCA should provide for an explicit requirement to file SARs for attempted transactions.

  • There is no requirement in the POC Regulations that the Reporting Officer actually files the SAR, only that procedures be in place to require him to do so, nor is there any offence created by the Reporting Officer’s failure to do so. This should be remedied by an explicit requirement in POCA or the POC Regulations that the Reporting Officer must file a SAR when he has suspicions of ML or FT, or, alternatively, that the failure by the Reporting Officer to do so should be an offense.

  • The requirement to file SARs for FT is overly complicated, with two different standards: All persons in a trade, profession, business or employment, other than regulated institutions, are required to file SARs with respect to terrorist financing where they have a belief or suspicion of FT. The same standard is used for voluntary SARs. FIs are required to file SARs when they know or suspect FT. It is not clear why there is a higher standard for FIs, when it is most likely that they would have the most sophisticated internal controls and monitoring systems in place to detect instances of terrorist financing. Having two different standards is confusing and should be remedied by amending the relevant sections of POCA and the ATFA to simplify these provisions.

  • FT-related SARs should be protected from tipping-off. Under current law, there are no explicit protections for disclosures of suspicions of FT as required under Section 9 and Schedule 1, Part 1, paragraph 1 of the ATFA. Nor are there any explicit protections against criminal liability for the making of such disclosures or for disclosures under POCA.

  • The tipping-off provisions of POCA raise two major concerns: First, under current law, there is no explicit prohibition against a person disclosing the fact that a SAR has been filed, or any information contained in that SAR, unless that disclosure also is likely to prejudice an investigation that might be conducted following the filing of a SAR. (emphasis added). Second, FT-related SARs are not protected from tipping-off.

  • In order to address these concerns, a new provision should be added to Section 47 that explicitly creates a tipping-off offence for SARs filed for any purpose, including the fact of filing and the information contained therein, without any linkage to investigations as under current law.

3.7.2 Compliance with Recommendations 13, 14, 19 and 25 (criteria 25.2), and Special Recommendation IV
article image

Internal controls and other measures

3.8 Internal controls, compliance, audit and foreign branches (R.15 & 22)
3.8.1 Description and Analysis

392. Legal Framework: There are procedures requirements but no explicit obligations in the Regulations that require FIs to formulate and implement AML/CFT policies, compliance and controls. The Regulations generally focus on the establishment and maintenance of procedures in certain areas as described below. It is important to impose a “policy” requirement to reflect the duties and responsibilities of the Board of Directors and senior management for the implementation of comprehensive AML/CFT systems. In addition, a policy requirement strengthens the basis for establishing clear lines of accountability and ownership at the top for the AML/CFT system, and supports good governance.

393. The financial and regulatory laws that require FIs to establish adequate systems of control for the prudent management of their business could usefully indicate in the minimum licensing criteria schedules that such systems include AML/CFT controls.

394. Establish and Maintain Internal Controls to Prevent ML and FT (c. 15.1, 15.1.1 & 15.1.2): Reg. 4 requires FIs to establish and maintain customer identification procedures, but not for the full range of CDD requirements, and Reg. 5 does not explicitly require FIs to establish and maintain procedures for recordkeeping purposes. The procedures requirement also extends to cases where an applicant for business may be acting on behalf of another person.

395. Reg. 6 requires FIs to institute and maintain internal reporting procedures for: (i) identifying a staff member (“reporting officer”) to whom employees report their knowledge or suspicion of ML; (ii) the reporting officer to analyze such internal report and make a determination as to whether it gives rise to such knowledge or suspicion; (c) allowing the reporting officer access to information for this purpose; and (d) the reporting officer to file an SAR with a police officer/FIU.

396. There is no requirement that the reporting officer be designated at the management level but in practice this appears to be the case in most FIs. The non-mandatory Guidance Notes (G16) also state that the reporting officer should have sufficient authority to ensure compliance with the Regulations. In practice, the reporting officers generally appear to have sufficient seniority within the FIs visited.

397. The regulatory duties of the reporting officer does not extend to other compliance functions over the AML/CFT system and are limited only to procedures for internal and external reporting of ML cases. Rec. 15 requires a “compliance management arrangement” of which the appointment of a compliance officer is only one element. The non-mandatory Guidance Notes provide general guidance to reinforce some those issues covered by the Regulations. In particular, G12 outlines the scope of these internal procedures and covers additional areas such as oversight of the internal auditing and compliance functions for AML.

398. Independent Audit of Internal Controls to Prevent ML and FT (c. 15.2): There are no requirements in the Regulations for maintaining an independent and adequately resourced internal audit function. As mentioned above, the G12 includes a general statement on internal auditing and compliance as part of the duty of vigilance by FIs.

399. There are, generally, no requirements in the financial and regulatory laws that impose an internal audit requirement (only external audit) on FIs.

400. Ongoing Employee Training on AML/CFT Matters (c. 15.3): Reg. 7 requires FIs to take measures to periodically train employees in the recognition and reporting of suspicious transactions, including for new employees soon after they are recruited. In addition, FIs are required to make “relevant employees” aware of the AML laws and of internal procedures established pursuant to the Regulations. There is no explicit provision requiring training on ML/FT developments, methods and trends.

401. Reg. 7(4) defines “relevant employees” covered by the training requirements as comprising only those persons who have/may have access to information which may be relevant in determining whether any person is engaged in ML. This constitutes a significant limitation as it could exclude key personnel who should be expected to play important roles in the AML/CFT systems, including for example product development and “back office” staff as well as the Board of Directors. It may also contribute to an inconsistent interpretation and implementation of this Regulation, and would make enforcement more difficult.

402. The Guidance Notes (G103 to G105) provide further direction on the training programs and refresher training that FIs are expected to implement, including for new employees and staff in specific positions e.g. cashiers and reporting officers, etc. They could usefully include a provision requiring FIs to formulate policies and procedures that require them to undertake additional or specialized training for staff that transfer to positions/functions within the organization that carry different or higher ML/FT risk.

403. Similar to the observation above with respect to recordkeeping, audit, and other controls, the financial and regulatory laws, and the Guidance Notes should, insofar as they can apply to training on AML/CFT, make explicit reference to the AML/CFT.

404. Employee Screening Procedures (c. 15.4): There are no provisions in the Regulations or Guidance Notes for screening employees to ensure high standards. The various regulatory laws (e.g. for licensing and prudent conduct requirements) contain strict fit and proper provisions for, inter alia, directors and other senior officers, but not for lower level employees. Most of these regulatory laws, however, refer to general issues competence and probity, protection of customers and the public, and to violations of laws relating to dishonesty, etc. While the interpretation of the existing provisions may be ’stretched” to include AML/CFT issues, it would be useful to make explicit reference where applicable in the regulatory laws to e.g. behavior or contraventions against AML/CFT laws and requirements.

405. Additional Element – Independence of Compliance Officer (c. 15.5): There are no requirements in the Regulations and only a reference in the Guidance Notes (G16) to the AML/CFT officer having “sufficient authority” to ensure compliance with the Regulations.

406. Application of AML/CFT Measures to Foreign Branches & Subsidiaries (c. 22.1, 22.1.1 & 22.1.2): There are no provisions in the Regulations that require FIs to ensure that their overseas branches and subsidiaries implement AML/CFT measures consistent with the Bermudian regime and the FATF Recommendations. The non-mandatory Guidance Note (G5) states, however, that FIs with branches, subsidiaries and representative offices in other jurisdictions should: (a) ensure that they observe the Bermudian Guidance Notes (not the Regulations or POCA) or adhere to local standards if those are at least equivalent; (b) keep all entities of the group informed of the group policy; and (c) ensure that each member identifies the local reporting FIU and is aware of the reporting procedures for filing SARs with the proper authorities.

407. Requirement to Inform Home Country Supervisor if Foreign Branches & Subsidiaries are Unable Implement AML/CFT Measures (c. 22.2): There are no requirements on FIs to inform the Bermudian authorities when their overseas operations cannot observe appropriate AML/CFT measures due to the laws, regulations or other measures in place in the countries where they operate.

408.Additional ElementConsistency of CDD Measures at Group Level (c. 22.3): There are no requirements for group level application of CDD measures, only an implicit provision in Guidance Note 5 as described above on the need to keep all members of the group informed of group policy. However, the BMA’s policy paper on its approach to consolidated supervision states that the BMA expects policies and procedures in place for the Bermudian FIs to be applied, mutatis mutandis, throughout a group subject to consolidated supervision. For banking institutions, the BMA should require FIs to implement the principles set out in the Basel Paper (October 2004) on the management (and supervision) of ML/FT risk on a group level.

3.8.2 Recommendations and Comments
  • Extend the procedures requirements in the Regulations to the full range CDD and recordkeeping requirements, and also require the formulation of AML/CFT policies, compliance and controls. Also consider specifying, in all cases, that the control systems requirements contained in the financial regulatory laws apply to AML/CFT.

  • Expand the role of the AML/CFT compliance function beyond suspicious activity reporting and include a requirement for an independent internal audit function that covers AML/CFT.

  • Extend the training requirements beyond those “relevant employees” defined in the Regulations to others who can play a role in implementing and monitoring compliance with institutional and legal AML/CFT requirements.

  • Include employee screening requirements in the AML Regulations to complement the fit and proper requirements for senior officials of FIs contained in the various financial regulatory laws.

  • Include in the Regulations an explicit obligation for FIs to implement AML/CFT measures in overseas branches and subsidiaries.

  • Require FIs to inform the Bermudian authorities when their overseas operations cannot observe appropriate AML/CFT measures.

3.8.3 Compliance with Recommendations 15 & 22
article image
article image
3.9 Shell banks (R.18)
3.9.1 Description and Analysis

409. Legal Framework: There are no prohibitions on the establishment of shell banks in Bermuda, nor are there provisions that require licensed FIs to have a substantive physical presence and/or mind and management in Bermuda. In practice, the BMA does not approve the establishment or licensing of shell banks, and there are no known shell banks operating in or from within Bermuda. These requirements could be easily incorporated in the various financial/regulatory laws especially in the schedules that establish the minimum criteria for licensing and registration.

410. Prohibition of Establishment Shell Banks (c. 18.1): Bermuda has not approved, and there are no known, shell banks operating in or from within Bermuda. In practice, implementation of the minimum licensing criteria would preclude the establishment of shell banks.

411. Prohibition of Correspondent Banking with Shell Banks (c. 18.2): There are no prohibitions against banking entities entering into or continuing correspondent banking relationships with shell banks. From meetings with banks, it appears that most do not provide correspondent facilities to other banks which, for purposes of implementation of c18.2, would make the shell bank issue of little consequence.

412. Requirement to Satisfy Respondent Financial Institutions Prohibit of Use of Accounts by Shell Banks (c. 18.3): There are no provisions that require banks to satisfy themselves that their respondent banks are no permitting their accounts to be used by shell banks. In practice the probability of this occurring is small given the small number of banks in Bermuda (4) and in view of the practice by most banks not to provide correspondent facilities to other banks.

3.9.2 Recommendations and Comments
  • Consider incorporating an explicit prohibition on the licensing of shell banks or requiring in the licensing criteria that licensees maintain a significant presence and mind and management in Bermuda, consistent with the Basel Paper on shell and parallel banks.

3.9.3 Compliance with Recommendation 18
article image

Regulation, supervision, guidance, monitoring and sanctions

3.10 The supervisory and oversight system - competent authorities and SROs. Role, functions, duties and powers (including sanctions) (R. 17, 23, 25, 29, 30 & 32)
3.10.1 Description and Analysis

413. Legal Framework: (Please see discussion under Rec. 29 below.) The AML Regulations do not identify a supervisory or regulatory as having specific duties to monitor, enforce and sanction FIs with respect to compliance with the AML legislation. General supervisory powers are contained in the Bermuda Monetary Authority Act and the financial regulatory laws as part of the BMA’s oversight responsibilities for FIs. The financial regulatory laws cover AML/CFT supervisory issues in a general manner mainly through obligations imposed on FIs to conduct their business affairs in a prudent manner, as part of the minimum licensing criteria established under these laws. Some of the prudent conduct requirements (minimum licensing criteria) contained in financial regulatory laws defines prudent conduct to include compliance only with the financial regulatory laws themselves. Others extend this requirement to compliance with “other” provisions of law which can encompass the AML legislation. It would be desirable to extend the prudent conduct requirements for FIs to compliance with the applicable AML/CFT legislation in all cases. The BMA Act, however, is more explicit in Sections 3 (b), (bc) and (f) that establish some of the principal objectives of the BMA to include in: 3(b) to supervise, regulate and inspect any FI which operates in or from within Bermuda; (bc) to assist with the detection and prevention of financial crime; and (f) to perform such function as may be necessary to fulfill such principal objects. (See discussion under Rec. 29 below.)

414. A recent Bill to amend the POCA (before Parliament at the time of the mission) will amend the BMA Act by adding an explicit AML/CFT compliance objective to the list of principal objectives of the BMA. This amendment states that one of the BMA’s principal objectives will be “…to monitor compliance with the reporting and other obligations of regulated persons under the Proceeds of Crime Act 1997, regulations and orders made thereunder, and the Anti–Terrorism (Financial and Other Measures) Act 2004, regulations and orders made thereunder.” This proposed amendment appears to be limited in scope in that it would not extend the BMA’s supervisory functions and authority to enforcement and sanctions for non-compliance with to the AML/CFT requirements.

415. Regulation and Supervision of Financial Institutions (c. 23.1): There has been no supervision for CFT risk issues with the current AML onsite inspections regime concentrating mainly on those areas covered by the existing Regulations. The BMA commenced AML onsite inspections for banks around 2000–2001 but for non-bank FIs, especially the insurance and mutual fund sector, the AML onsite inspection program is less developed. Development of an onsite inspection program for insurance companies subject to the AML Regulations only commenced in 2007, and at the time of the mission the BMA was just starting to implement it. Limited general onsite reviews have been conducted for a smaller number of insurers (e.g. Class 4) around 2005 but there was no specific focus on AML/CFT. The BMA has recently reviewed its insurance supervision arrangements and at the time of the mission was in process of extending such supervision to Class 3 insurers and captive managers. The BMA stated that onsite inspections of investment business firms for AML commenced around 2001 but there have been no AML inspections for mutual fund administrators because applications for licenses were only beginning to be processed in 2007 under new legislation.10 (See inspections chart below.)

416. As noted above at the time of the mission the BMA was in process of implementing an onsite inspection program for captive insurers. Up to that time no AML/CFT supervision of captives and their managers (even when they carry on long term/life business) was conducted and the BMA relied on insurance managers for oversight of their operations. The BMA states that examination of insurance managers can include reviewing the operations of the underlying captives. This should be done routinely especially for captive insurers that present a higher risk for ML/FT. Industry participants have indicated that certain operations of captives could present ML risks but to date no ML/FT vulnerability or risk assessment has been conducted by the authorities to ascertain the existence and significance of such risks.

417. The majority of insurance companies inspected to date were not regulated institutions for AML purposes as defined by the Regulations (the Regulations exclude life insurance). Limited onsite inspections only commenced around 2005 for Class 4 insurers (direct excess liability and/or property catastrophe insurance). Inspections for a limited number of Class 3 insurers, (making up the largest group in excess of 560 entities and engaging in 3rd party/captives/rent a-captive business) only commenced in 2007. At the time of the mission, the BMA had recently developed inspection procedures and had just begun implementing them.

418. Inspections of insurance managers, which administer most of the captive classes of insurers (about 1,320 entities involved in captive business), had still not commenced at the time of the mission, but preparations were being made to start preliminary onsite visits. Onsite examination procedures for insurance managers will be largely based on questionnaires and interviews. These procedures, as currently drafted, are not very clear and seem to cover AML/CFT issues on a very limited manner. While it contains a statement of “Review Objectives” to assess compliance with the requirements of POCA and the AML Regulations, there are virtually no detailed procedures as to how the assessment will be conducted. As expected, the Review Objectives specifically mention that the examination will be limited to insurance business covered by the AML Regulations which, as mentioned before, excludes life insurance. Focusing BMA’s evolving AML/CFT supervisory process too narrowly on a review of legal and regulatory compliance would not be ideal and should take on more of a risk-based. In addition, the examination procedures indicate that the sample selected for documentary review of the underlying clients (insurance companies administered by managers) will be selected by the managers and not the BMA staff (see Part C: Method of Inspection para. (3)). This would not be appropriate and is an indication of undue reliance on the industry for the discharge of supervisory functions. Post mission, the BMA indicated that its policy allows the supervisors to choose the review sample and that a separate process applies with respect follow up examinations for new licensees where the procedures allow for the sample is chosen by the licensees.

419. The BMA disputes this stating that the BMA will make the selection of the underlying captives for review. As mentioned above, the BMA’s own On-site Review Questionnaire Template under Part C above states under items 2) and 3) as follows: “2) financial records and minutes review of manager and captives inspected. 3) review of client files (sample selected by manager).” A separate draft Questionnaire Template (“BMA – New Start”) provided to the mission has removed the reference to the selection of client files by the manager (Part C: Method of Inspection). However, it has also excluded the assessment of compliance with the POCA and Regulations as part of review objectives (Part B: On-site Review Objectives). Hence, if implemented, coverage of AML/CFT issues under the draft procedures would be negligible.

420. The on-site inspections of the domestic insurance companies, which are subjected to AML/CFT procedures, have not been completed as yet and as a result the BMA was not able to confirm an average number of days/time spent on inspections. Average number of staff participating in each on-site visit is 4 (Director, Manager, Senior Analyst and Actuary). There are a total of 16 onsite examiners in the Insurance Department but as yet there is no dedicated specialized staff on AML/CFT issues. One staff member has been assigned AML responsibilities which are insufficient given the size and number of insurance entities in the system. The BMA states that it can supplement its staffing levels by outsourcing some of its supervisory activities to external firms.

421. BMA is commended for its efforts to address the need to develop AML/CFT supervisory/inspection procedures. However, basing such procedures on the current AML regulatory regime that will in the very near future change in a materially way with the introduction of new AML Regulations and Guidance Notes, runs the risk of implementing a process that would soon be outdated. A more comprehensive and consistent approach to developing appropriate (risk-based) supervisory policies and procedures for AML/CFT across all sectors, consistent with the proposed changes to the Regulations and Guidance Notes would appear more appropriate.

422. No sanctions have been applied for non-compliance with AML/CFT requirements as a result of onsite activities. There has been one instance in the investment services sector where the BMA took action to remove a director for, inter alia, AML issues. No similar cases have been reported for the insurance sector. The BMA has a range of powers to enforce or sanction for compliance with the regulatory requirements including the issue of supervisory letters requiring measures to be taken by FIs or threatening supervisory action. The general impression is that the BMA prefers a more informal approach to enforcement of compliance, and that FIs generally comply with BMA’s expectations. Consequently, this has contributed to the relative absence of more stringent sanctions for AML related issues.

423. The inspections conducted so far have largely been limited in scope but have in most cases focused on legal compliance relating to customer identification, suspicious activity monitoring and the role of AML/CFT compliance officers (MLROs). At the time of the mission, the BMA was still developing (risk-based) AML/CFT inspections procedures which are yet to be implemented throughout the sectors. Priority should be given to conducting full scope AML/CFT inspections of the higher risk areas of the insurance sectors, mainly those carrying on long-term business (both life and investment/annuity business.) There has been no ongoing supervision of insurance intermediaries (brokers, agents and salespersons) either directly or through the supervision of insurance companies. With regards to supervision of intermediaries, the BMA should review the contractual agreements and arrangements between the insurers and their intermediaries to ensure that adequate controls exist that would allow the insurance companies to fully comply with their AML/CFT obligations, including provisions for the identification and reporting of suspicion, and training requirements for intermediaries.

424. There is an FI that provides electronic/internet payments, check cashing and payment guarantee services that were brought under the AML Regulations in January 2007 following an amendment to the BMA Act in December 2006. In addition, the Money Services Regulations were also issued in January 2007 for the regulation of money transmission services, bureau de change firms, credit and debit card issuing firms, electronic and internet payment firms, dealing in traveler’s checks and money orders, and check cashing and guarantee services firms. At the time of the mission, a license had not been as the entity has a 12 month period to obtain a license under the Regulations, hence supervision had not commenced.

425. The BMA has conducted inspections of the credit union sector including a review of AML issues. This sector is not considered to present a high degree of ML/FT risk given the captive composition of its membership and the generally small size of account balances and volume. Nonetheless, the BMA should review the sector more regularly particularly focusing on high balance accounts, and services involving financial intermediation on behalf of its clients e.g. wire transfers, draft and check purchases conducted through banking institutions.

426. As part of the onsite inspection process, focused attention should be/continue to be given to the monitoring and suspicious activity reporting systems and controls in FIs. As part of its onsite procedures, BMA staff should routinely review of the sufficiency and quality of SARs filed with the FIU. To facilitate this work, the FIU can provide the BMA with information on the quality SARs filed by FIs, by institution and across sectors. Such information in critical in planning and risk-focusing the examination process, and for identifying and enforcing cases of non-compliance. In addition, the inspection process should emphasize the review of the adequacy of the internal audit and compliance functions with respect to these controls, and take account of the work of external auditors. In particular, they should review auditors’ management letters and meet with them to discuss, inter alia, their findings with respect to the adequacy of AML/CFT controls. Post mission, the BMA indicated that it reviews auditors’ management letters and meets with them to discuss material exceptions or concerns. However, the practice is indicated to the mission, is that auditors can convey their exceptions and concerns through management letters or orally including through formal presentations to the FIs’ management.

427. The BMA has not developed a systematic system for using off-site information as a planning tool for risk-focusing the AML/CFT onsite inspection process. The insurance supervision unit is in the early stages of developing such an approach which should be extended to the other supervisory units. The BMA should also review the availability and adequacy of its offsite data with a view to assessing its usefulness for both on and offsite AML/CFT supervision. For instance, the BMA’s statistics currently does not capture data on non-resident bank depositors which can provide useful information in developing institutional ML/FT risk profiles and for planning onsite inspections.

428. Onsite inspections completed by the BMA in the past 3 years, which generally include AML issues, are as follows:

BMA Inspections 2004–2006

article image

Note: At the time of the mission, Fund administrators had not been licensed under the Investment Funds Act 2006 because the Act provided a grace period of 12 months starting March 2007. There were about 58 firms providing fund administration services at the time of the mission (57 post-mission).

429. The BMA has also conducted such examinations of trust companies as follows:

article image

430. On site examinations conducted so far only include AML and not CFT elements. Prior to an inspection, FIs are sent a Proceeds of Crime pre-visit questionnaire to be completed and sent to the BMA prior to the on-site visit. The questionnaire is reviewed by the BMA, as well as their AML procedures and training data for staff and MLRO (AML compliance officer). Limited testing for compliance with the AML Regulations and observance of the provisions of the Guideline Notes is also conducted. The onsite process generally takes between 1 and 2 days depending on the type of institution and is conducted by examination teams averaging between 2 and 4 examiners. The inspection largely consists of interviews with senior management. Meetings with the compliance officer/MLRO generally last about 2–3 hours. Individual file testing normally involves another 2–4 hours. The BMA states that generally 1 person who participates in onsite visits has training in AML issues, and that a number of supervisors that participate in onsite work are currently in various stages of completion of the International Compliance Association (diploma in compliance) training program. The BMA acknowledges the need to strengthen the number of supervisors for AML/CFT supervision as well as their knowledge and skills in AML/CFT issues.

431. Note: Onsite procedures for banks seemed to be more developed than for other sectors. An extract from the BMA’s onsite banking manual provided to the mission during the visit indicates that the process used consisted of a review of compliance with the POCA and Regulations requirements, as well as a review of practices in accordance with the Guidance Notes. The process included a review of a questionnaire (BMA Form POC 10/00) prepared by the institution with respect to procedures for: (i) customer identification and verification (ii) recognition of suspicious transactions (iii) recordkeeping (iv) suspicious activity reporting (v) training and (vi) limited coverage of supplementary matters including hiring of staff, audit procedures, outsourcing, UN sanctions list. Attached to the questionnaire is a “Financial Services Commission: Focus Visit Work Programme – Anti-Money Laundering” form (last updated 10/07/03) to be used to document the inspectors’ findings. Bermuda does not have such a Commission and it does not appear that the references used in this working paper relate to the regulatory and other requirements of Bermuda. Post mission, the authorities indicated that this attachment has not been used in AML supervisory work and is therefore irrelevant.

432. Post-mission, the BMA provided a new organigram for the Banking, Trust and Investment Department with a total “approved” head count of 28, including the Director. In total, this new structure provides for 8 Senior Analysts and 7 Analysts of which there are 5 vacancies (3 Senior Analysts and 2 Analysts), responsible for general supervision. Under this new structure, there is a Financial Groups Team responsible for the supervision of financial groups that are connected to banks or other large organizations. There are 25 such entities/groups under this Team which currently consist of 5 professional supervisory staff: 1 Assistant Director, 2 Principals (under the Asst. Director), 1 Senior Analyst (plus 1 vacancy) and 1 Analyst (plus 1 vacancy). A Financial Institutions Team will supervise stand alone trust and investment companies and money service businesses when they are licensed. There are currently 60 companies under its supervision with a staff complement of 6 professional staff: 1 Assistant Director, 1 Principal, 2 Senior Analysts (plus 1 vacancy) and 2 Analysts (plus 1 vacancy). There is also an Investment Funds Team that will supervise investment funds and administrators when licensed during 2007/08, and there are no such entities currently supervised for AML. There are 3 currently on staff consisting of 1 Principal, 1 Senior Analyst (1 vacancy) and 1 Analyst. The BMA states that all staff members, up to the Director of the Department, are available to participate in onsite inspections.

433. The BMA also provided post-mission a copy of this Department’s On-site Examination Procedures AML/CFT manual which was completed just before the mission which documents and expands on precious procedures. These procedures provide brief procedures/guidance for the following examination areas:

  • i) Description of the supervisory objective

  • ii) Sources of information for onsite planning

  • iii) Preparation of a pre-examination report

  • iv) Development of institutional risk profile/risk assessment and

  • v) Development of an examination plan and scope memorandum.

434. The manual also provides procedures for the examiners to review the following areas:

  • i) AML policy in accordance with the POCA, Regulations and Guidance Notes (it mentions CFT but the Regulations and Guidance Notes currently do not address this issue)

  • ii) Detection, reporting and monitoring of suspicious activities

  • iii) Customer due diligence

  • iv) Management and control/audit systems, and

  • v) Employee awareness and integrity.

435. Additional review guidance and working papers for these examination areas are provided in Appendices along with the standard pre-examination questionnaire prepared by the institution. These new procedures do not distinguish in their application between banks, trust companies and investment businesses but seem more generally applicable to banks.

436. Because the new staff structure and onsite procedures was received after the mission, and were only recently developed and started to be implemented, the mission was not able to assess whether this new structure and procedures are effective. Nonetheless, the BMA will be faced with not too insignificant challenges of providing a sufficient number of staff to conduct ongoing offsite and onsite supervision for both prudential and AML/CFT purposes given the large number of licensees currently in operation, as well as future licensees particularly for mutual funds and administrators. In addition, there are plans to assign the BMA responsibility for the supervision of corporate services providers (CSPs) which will also have resource implications.

437. Designation of Competent Authority (c. 23.2): The BMA is the primary supervisory for all FIs licensed or registered and, as discussed above and under Rec. 29, its supervisory powers extend variably and in a general manner to AML/CFT issues. These mainly relate to the supervision of the minimum licensing/prudent conduct requirements for such FIs contained in the various financial regulatory laws. As noted above, the AML Regulations (and POCA) does not assign supervisory responsibility for monitoring and enforcing compliance with the AML/CFT requirements to the BMA. And the Bill to amend to the POCA now lists as one of BMA’s principal objectives monitoring of compliance with AML/CFT legal obligations but it does not extend to enforcement and the application of the existing administrative sanctions under the regulatory laws. A clearer and firmer legal basis is needed for the BMA to apply its enforcement and other regulatory powers for compliance with the AML/CFT obligations.

438. Fit and Proper criteria and Prevention of Criminals from Controlling Institutions (c. 23.3 & 23.3.1): The financial regulatory laws of Bermuda provide adequate provisions for licensing of FIs that should ensure, if strictly and consistently applied, that only fit and proper persons are allowed to own and controlling the affairs of FIs. Given the relatively large number of licensees and registrations in Bermuda, the licensing process constitutes an important pillar of the BMA’s supervisory regime. The following legal provisions and regulatory instruments apply:

439.Banks and other deposit taking institutions: (The Banks and Deposit Companies Act). Section 11 imposes a licensing requirement for deposit taking entities while Section 14 (1) imposes minimum licensing criteria (Second Schedule to the Act) as a condition for the grant of a license. The Schedule states that only fit and proper persons can be directors, controllers or senior executives of an FI. The basis for establishing fitness and propriety are probity, competence, soundness of judgment, diligence and the likely impact of their conduct and functions on the interest of depositors. The background of such persons is to be taken into account including inappropriate conduct and evidence of breaches of law (mainly relating to fraud and dishonesty). There is no mention about their breaches of AML/CFT legislation or association with entities that may have breached such laws in Bermuda or elsewhere. Such inclusion could be useful. In addition, the Schedule requires FIs to conduct their affairs with prudence, integrity and skill which should in principle discourage officers and directors to engage in ML/FT activities.

440. Section 25 of the Banks and Deposit Companies Act also requires notification to the BMA of increases in shareholder control or of anyone who becomes a principal shareholder of a deposit taking entity to which the BMA can object under Section 26. The BMA can also object to an existing shareholder controller under Section 27 of the Act. In this process the BMA can take into consideration fit and proper issues. There are appropriate sanctions for persons who breach the applicable requirement under Section 25 including sanctions under Section 29. Similar provisions are in place in Section 35 and 36 that require notification to the BMA of changes in directors, controllers and senior executives, and for the acquisition of significant shareholding.

441. Insurance companies: (Insurance Act). Section 3 of the Act imposes a registration requirement for persons wishing to carry on insurance business. Section 5 further requires the BMA to satisfy itself that minimum licensing criteria are fulfilled as set out in the Schedule to the Act (no specific reference to the Schedule is made in these Sections.) Sections 9 and 10 provide for the registration of insurance managers and other intermediaries (brokers, agents, salesmen) and Section 11 requires the BMA to take into account the minimum licensing criteria as set out in the Schedule which contains largely similar provisions as for bank and deposit taking entities. In addition, the BMA has issued Guidance Notes (e.g. Guidance Note 7) to inform the industry as to the issues it will take into account when establishing fit and proper criteria.

442. The Insurance Act also contains provisions in Sections 30D, 30E, 30F, and 30H that require the BMA to be notified of changes in controllers and shareholders, largely similar to those for bank deposit taking institutions. Directors, controllers, chief executives, officers and senior executives are defined in Section 1A of the Act. Sanctioning against controllers for contraventions of the above provisions is set out under Section 30G and 30I of the said Act.

443.Investment business services: (Investment Business Act). Section 12 to 17 establish the licensing requirements and other provisions for investment business services providers while Section 17 requires the BMA to satisfy itself that the minimum licensing criteria are satisfied as set out in the Second Schedule to the Act. As for banks, deposit taking and insurance business, this Schedule broadly sets out fit and proper criteria for controllers and officers. Section 7 defines directors, controllers, senior executives and associates.

444.Mutual funds and fund administrators: (Investment Funds Act). Section 11, 12, 13 and 14 establish the provisions for the BMA to authorize the various classes of mutual funds. Section 14(1)(d)(iii)(c) in particular requires that the operator of the funds and the proposed services providers (administrators, custodians, etc.) be fit and proper persons. Section 25 also requires the operator to notify the BMA of any changes to the fund including service providers, trustees, directors, general partners, as the case may be. Sections 41 to 43 deal with licensing requirements and procedures for fund administrators. Section 43 requires the BMA to take into account minimum licensing criteria in accordance with the Schedule to the Act which includes fit and proper criteria. Section 46 requires notification to the BMA of changes in directors, senior executives and controllers. The Schedule provides broadly similar fit and proper criteria for controllers and officers of fund administrators as for other FIs.

445. The BMA has generally applied strict licensing practices for the FIs it authorizes and supervises, including through controls applied by the BMA in their vetting role in company registrations. The experience appears that such controls have been generally effective in preventing criminals from owning or controlling FIs in Bermuda. BMA’s role as an integrated supervisor, including its responsibility for vetting the registration of companies, also provides it with a unique opportunity to implement proper screening procedures for owners, directors and controllers of proposed and existing FIs.

446. Nonetheless, the BMA could benefit from a review of its licensing policy and practice to identify where it can improve implementation of a more consistent and comprehensive approach that sufficiently reflects ML/FT risk and other financial abuse concerns. Such review could focus on the following areas: (a) a more stringent application of the ongoing licensing and prudent conduct requirements when there are known or suspected financial abuse and ML concerns with FIs, applicants and/or their affiliates; (b) more robust vetting and approval procedures when the underlying proponents or beneficiaries may be associated with high risk persons, ventures, countries or regions; (c) more robust vetting processes where business proposals are unusually complex, e.g. for certain types of investment funds; (d) in cases where the BMA is a consolidated supervisor, the licensing process should take into account fit and proper/prudent conduct/minimum licensing criteria on a group-wide basis which may require additional conditions or specific arrangements with overseas supervisors; and (e) review the appropriateness of procedures with respect to the degree of reliance placed on the due diligence by introducers of applicants, e.g. when conducted by professional firms and institutions. In cases where there are legal or other reputational concerns doubt a licensee’s affiliate(s) whether located in Bermuda or elsewhere, there should be an explicit policy and enhanced review processes for ascertaining the continuing fitness and propriety of the local FI, its owners, directors and controllers, as the case may be. In particular, the BMA should review its licensing and supervisory approach for any case where it has licensed or continued to allow the operation of FIs even when there were concerns about other members of the group or affiliates. This would include cases where the BMA refuses the grant of a new license to an applicant affiliated with an existing licensee that has given rise to supervisory concerns.

447. Licensing procedures and systems for the insurance sector could also benefit from a review to ensure that the full documentation requirements for ultimate beneficiaries of proposed insurers and managers are always met particularly with respect to information on the financial standing of underlying owners or principals of applicants. In addition, the review process for license application documentation submitted to the BMA could be enhanced to ensure that applicant declarations relating to competence and probity, are always consistent with the type of license being sought.

448. Application of Prudential Regulations to AML/CFT (c. 23.4): The BMA has issued a policy paper on its approach to Consolidated Supervision for banks which are expected to apply their policies and controls on a consolidated basis. However, the BMA has not as yet developed and implemented a comprehensive program for consolidated supervision across all financial groups and sectors, to review whether FIs with headquarters/parent companies in Bermuda have developed and are implementing group-wide AML/CFT policies, procedures and controls. This is particularly important considering that a number of financial groups are headquartered in Bermuda with significant operations overseas. The BMA states that it does consider AML issues on a group-wide basis with respect to supervision of banks, which have more overseas operations than they have in Bermuda as shown below:

article image

449. According to the BMA, it has been conducting on-site visits to foreign subsidiary operations of banks/FIs subject to consolidated supervision since 1990, largely consisting of discussions with the foreign FIs. It also indicated local regulators sometimes accompany BMA staff during such visits to the FIs, and that AML issues are discussed and FI files are reviewed. Post mission, the BMA provided the following summary statistics concerning its overseas visits during 2002–2005, which included AML issues and concentrated on two large banking groups and a trust company (1 visit) with headquarters in Bermuda.

article image

450. These statistics reflect a rapidly declining trend with no visits reported for 2006, and no similar visits outside the banking and trust sector. The date concerning the duration and staff assigned to such visits, which also cover non-AML issues, suggests a more high level approach to discussions of AML issues with limited testing of compliance. The BMA states that during such visits there may be confidentiality constraints on access to customer files but that it finds it increasingly more appropriate to deal with AML issues through ongoing dialogue with overseas supervisors that have conducted AML reviews. Also, the BMA can liaise with overseas regulators over AML/CFT issues, either through MOUs or through less formal arrangements. However, no significant formal exchanges of information have occurred in practice. Discussions with industry representatives also indicate that, in practice, not all Bermudian parent FIs implement a consolidated approach to AML/CFT and that subsidiaries operating in major overseas jurisdictions generally only apply their own procedures to comply with local requirements. The BMA should review such arrangements to ensure that FIs are able to comply with Rec. 22 of the FATF Recommendations, and to ensure that Bermudian requirements are applied where these are more stringent than those of the host country. In addition, the BMA should review whether adequate group-wide implementation and consolidated supervision is in place for FIs having branches, subsidiaries and affiliates in countries that are considered to have implemented effective AML and CFT measures.

451. The BMA also states that on-site supervision includes a discussion with internal audit staff about their review of AML/CFT procedures and controls. Discussion of AML/CFT issues with external auditors is not a routine part of BMA’s supervision, and AML/CFT control issues have not in practice been raised in the external auditor’s management letters, when issued. Auditors indicate that while management letters are generally issued in the context of their audits, they can convey their findings on systems and controls verbally and/or through PowerPoint presentations. Post mission, the BMA indicated that supervisors review management letters when these are available, and that its staff can meet jointly with auditors and FIs to discuss material exceptions or concerns including AML.

452. Licensing or Registration of Value Transfer/Exchange Services (c. 23.5): Until December 1006/January 2007, Bermuda did not have a legal framework for licensing or registering money services business. In the past there has been only one international money remittance firm operating in Bermuda. That firm provided a remittance facility under the aegis of a licensed FI, carrying on business from within the FI’s premises via separately labeled counters, but subject to the controls and compliance maintained by the FI. The facility ceased operations in 2002. A new licensing regime was introduced in December 2006 through an amendment to the BMA Act (Section 20AA) and the subsequent issue of the Money Service Business Regulations on 16 January 2007. As of the date of the mission, only one application for a license under these Regulations was being considered. A 12–month transition period was granted for existing services providers to apply for a license.

453. Monitoring and Supervision of Value Transfer/Exchange Services (c. 23.6): Simultaneously with the issue of the Money Service Business Regulations in January 2007, the authorities amended the AML Regulations to cover money service businesses to be licensed under the new money services regulations. Once money service businesses are licensed, they will be subject to the supervision of the BMA.

454. Licensing and AML/CFT Supervision of other Financial Institutions (c. 23.7): Except for one electronic payments (and check cashing/guarantee) company, the authorities are not aware of any other financial activity other than those already subject to BMA’s supervision that should be brought under the AML/CFT regime in compliance with the FATF definition of FIs. The electronic payments n and check cashing/guarantee company is now covered under the BMA Act and the new Money Service Business Regulations, is expected to be licensed soon, and will be subject to the new draft AML Regulations under consideration.

455. The authorities/BMA should also consider undertaking a review of the financial system to ascertain whether there are any other FIs that should be covered by the AML/CFT regime as required by FATF Recommendations. One possibility to explore is the possible existence of non-consumer based financial leasing operations, including through structured financing operations.

456. Guidelines for Financial Institutions (c. 25.1): The BMA states that it has no authority to issue guidelines on AML/CFT and has not issued any to assist FIs in complying with their AML/CFT obligations.12 It is, however, a member of the National Anti-Money Laundering Committee which has issued non-mandatory AML Guidance Notes in 1998 (Amended in 2004) to give practical guidance to FIs subject to the AML Regulations. Assessors agree that this may be the preferred approach rather than separate authorities issuing separate and potentially conflicting guidelines. However, the current Guidance Notes are outdated and in a number of instances lack clarity of application, and contains provisions which if strictly followed may dilute the effectiveness of implementation, and create ML/FT vulnerabilities in the system. (e.g. see exemptions discussed above with respect to customer identification for the insurance and investment business sectors.)

457. No guidance has been issued specifically on CFT issues, including pursuant to para. 1(6) of Schedule 1 of the Anti-Terrorism (Financial and Other Measures) Act, 2004 which states that for purposes of establishing whether a person committed the offence of failure to report knowledge or suspicion of FT, a court “must consider whether he followed any relevant guidance …”

458. Power for Supervisors to Monitor AML/CFT Requirement (c. 29.1): (See discussion under c29.2 below of the legal provisions contained under the sector specific regulatory laws with respect to the authority to monitor and supervise for compliance by FIs with AML/CFT requirements.).</