18th June 2020
7 Tips for Fintechs to Comply With Anti-Money Laundering in The Philippines
7 Tips for Fintechs to Comply With
The Asia-Pacific region has emerged as a hotspot for fintech innovation, and the Philippines is one of its most significant business destinations. The Philippines is fertile ground for fintech and financial services: with a GDP ranked 5th in the region behind Singapore and Malaysia, broad mobile network penetration and a relatively young population of 107 million, the country is attracting business interest and investment from around the world.
The Philippines’ status and influence as a fintech hub has also attracted the attention of criminals seeking to exploit the country’s financial system to launder money. With that in mind, the threat to the financial system has led the government to develop and bolster its AML/CFT regulatory framework. Accordingly, AML/CFT should be a significant concern for fintechs and other financial services firms setting up and operating in the Philippines.
To help your fintech manage its compliance obligations in the Philippines, browse our AML/CFT tips…
The Philippines Securities and Exchange Commission (SEC) and the Central Bank of the Philippines (BSP) act as the Philippines’ primary financial regulators. Collectively they are responsible for conducting the financial supervision of all banks and non-bank financial institutions in the country. The SEC is involved in policymaking and has the power to investigate any violations of securities laws.
The Philippines also maintains the Anti-Money Laundering Council (AMLC) as a dedicated AML/CFT authority, tasked with implementing the country’s main AML legislation: the Anti-Money Laundering Act (2001). The AMLC functions as regulator, financial intelligence unit and law enforcement agency. Its mandate includes protecting the Philippines’ financial system from criminal activities and extending cooperation to other international financial regulators engaged in money laundering investigations.
The Philippines’ primary data protection legislation is the Republic Act No.10173, also referred to as the Data Privacy Act. The legislation applies to all private, personal or otherwise sensitive data of natural and juridical persons in the Philippines. The Act sets out rules for the collection, processing and sharing of data, and the need for firms to obtain consent when doing so. The Act also includes a definition of the personal and sensitive data that is covered by its provisions.
While the Philippines has lagged behind other nations, both regionally and globally, in the application of cloud technology, it began the GovCloud initiative in 2013, a private cloud initiative for government agencies. GovCloud hosts a range of basic cloud applications, such as email services and payment gateways, and the Philippines government intends to use the initiative as a foundation to build a wider cloud ecosystem within the country.
The Anti-Money Laundering Act of 2001 (AMLA) is the primary AML/CFT law in the Philippines. The AMLA investigates money laundering and other financial crimes to protect financial institutions and deter criminals from making the Philippines a money laundering site for criminal proceeds.
As a member of the Asia/Pacific Group, the FATF-style body for the region, the Philippines is committed to implementing FATF’s Recommendations through the provisions set out in the Act. Accordingly, fintechs are required to develop and implement a risk-based AML program, conducting risk-assessments of their customers and deploying an AML/CFT response commensurate with that risk.
Following a number of high-profile money laundering incidents, anti-money laundering in the Philippines has been subject to increased international scrutiny. One particular incident saw the theft of almost US$1 billion from the Bangladesh Central Bank, which was transferred to bank accounts in the Philippines and laundered in the Philippines’ casino system. Responding to the theft, in 2019, Philippine President Rodrigo Duterte announced his support of revisions to the Anti-Money Laundering Act in order to give the authorities more powers and enforcement tools when investigating money laundering and enforcing legislation.
The Anti-Money Laundering Act 2001 generally requires fintechs and other obligated institutions to monitor customer transactions on an ongoing basis in order to detect suspicious activity and prevent money laundering. The monitoring process should enable fintechs to establish that a customer’s transaction activity is consistent with their known risk profile and allow them to issue suspicious activity reports as quickly as possible when potential money laundering is detected.
The transaction monitoring process mandated by the Anti-Money Laundering Act should focus on a range of specific characteristics, including:
- Suspicious transaction patterns (for example, a high frequency of transactions or multiple transactions over a short period of time).
- Unusually complex transactions that do not fit a customer’s usual financial behavior.
- Transactions deliberately structured to avoid reporting thresholds.
- Transactions involving high-risk countries.
- Transactions involving politically exposed persons (PEPs) or persons on sanctions/watch lists.
Under the Anti-Money Laundering Act, fintechs must screen customers and their transactions against international sanctions lists and watchlists to ensure that they are not involved in terrorism or connected to terrorist organizations.
The sanctions screening process should be conducted on an ongoing basis to ensure that fintechs respond to changes in their customers’ risk profiles. Firms should screen their customers against the sanctions list circulated by the BSP and the AMLC, along with lists issued by international authorities such as the Office of Foreign Assets Control (OFAC) and the United Nations.
AML in the Philippines requires fintechs to verify their customers’ identities and ensure they are being truthful about the nature of their business. In practice, this means that firms should implement suitable customer due diligence measures (CDD).
CDD checks in the Philippines should not only verify customers’ names and personal details, but monitor customers for changes in PEP status and for their involvement in adverse media stories. Under the risk-based approach, firms should implement an AML program with two tiers of CDD, using enhanced due diligence (EDD) measures for customers that present a higher level of AML/CFT risk.
How ComplyAdvantage Can Help
Complying with The Philippine’s anti-money laundering regulations involves significant administrative effort, especially if firms carry out the required screening processes manually. The complexity of regulations can also create costly efficiency drains, while human errors can hamper the process further, and even lead to compliance penalties.
ComplyAdvantage helps firms avoid those problems with automated AML solutions tailored to their unique risk profiles. Our solution takes advantage of smart technology to build speed and accuracy into your AML program while complementing the skills of compliance teams.