Back Custom print Link Text Only Rich Text Print

  • FC-1 FC-1 Customer Due Diligence Requirements

    • FC-1.1 FC-1.1 General Requirements

      • Verification of Identity and Source of Funds

        • FC-1.1.1

          Conventional bank licensees must establish effective systematic internal procedures for establishing and verifying the identity of their customers and the source of their funds. Such procedures must be set out in writing and approved by the licensee's senior management and must be strictly adhered to.

          Amended: January 2020
          Amended: October 2014
          October 07

        • FC-1.1.2

          Conventional bank licensees must implement the customer due diligence measures outlined in Chapters 1, 2 and 3 when:

          (a) Establishing business relations with a new or existing customer;
          (b) A change to the signatory or beneficiary of an existing account or business relationship is made;
          (c) A significant transaction takes place;
          (d) There is a material change in the way that the bank account is operated or in the manner in which the business relationship is conducted;
          (e) Customer documentation standards change substantially;
          (f) The conventional bank licensee has doubts about the veracity or adequacy of previously obtained customer due diligence information;
          (g) [This Sub-paragraph was deleted in July 2018];
          (h) Carrying out wire transfers irrespective of amount; or
          (i) There is a suspicion of money laundering or terrorist financing.
          Amended: July 2018
          October 07

        • FC-1.1.2A

          Conventional bank licensees must understand, and as appropriate, obtain information on the purpose and intended nature of the business relationship.

          Added: October 2014

        • FC-1.1.2B

          Conventional bank licensees must conduct ongoing due diligence on the business relationship, including:

          a) Scrutinizing transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the institution's knowledge of the customer, their business and risk profile, including, where necessary, the source of funds; and
          b) Ensuring that documents, data or information collected under the CDD process is kept up-to-date and relevant, by undertaking reviews of existing records, particularly for higher risk categories of customers.
          Amended: October 2017
          Added: October 2014

        • FC-1.1.2C

          A conventional bank licensee must also review and update the customers’ risk profile based on their level of ML/TF/PF risk upon onboarding and regularly throughout the life of the relationship. The risk management and mitigation measures implemented by a licensee must be commensurate with the risk profile of the customer or type of customer.

          Added: January 2022

        • FC-1.1.3

          For the purposes of this Module, 'customer' includes counterparties such as financial markets counterparties, except where financial institutions are acting as principals where simplified due diligence measures may sometimes apply. These simplified measures are set out in Section FC 1.11.

          October 07

        • FC-1.1.4

          The CBB's specific minimum standards to be followed with respect to verifying customer identity and source of funds are contained in Section FC-1.2. Enhanced requirements apply under certain high-risk situations: these requirements are contained in Sections FC-1.3 to FC-1.8 inclusive. Additional requirements apply where a conventional bank licensee is relying on a professional intermediary to perform certain parts of the customer due diligence process: these are detailed in Section FC-1.9. Simplified customer due diligence measures may apply in defined circumstances: these are set out in Section FC-1.11.

          October 07

      • Verification of Third Parties

        • FC-1.1.5

          Conventional bank licensees must obtain a signed statement, in hard copy or through digital means from all new customers confirming whether or not the customer is acting on his own behalf or not. This undertaking must be obtained prior to conducting any transactions with the customer concerned.

          Amended: January 2022
          October 07

        • FC-1.1.6

          Where a customer is acting on behalf of a third party, the conventional bank licensee must also obtain a signed statement from the third party, confirming they have given authority to the customer to act on their behalf. Where the third party is a legal person, the conventional bank licensee must have sight of the original Board resolution (or other applicable document) authorising the customer to act on the third party's behalf, and retain a certified copy.

          October 07

        • FC-1.1.7

          Conventional bank licensees must establish and verify the identity of the customer and (where applicable) the party/parties on whose behalf the customer is acting, including the Beneficial Owner of the funds. Verification must take place in accordance with the requirements specified in this Chapter.

          October 07

        • FC-1.1.8

          Where financial services are provided to a minor or other person lacking full legal capacity, the normal identification procedures as set out in this Chapter must be followed. In the case of minors, licensees must additionally verify the identity of the parent(s) or legal guardian(s). Where a third party on behalf of a person lacking full legal capacity wishes to open an account, the licensee must establish the identity of that third party as well as the intended account holder.

          October 07

      • Anonymous and Nominee Accounts

        • FC-1.1.9

          Conventional bank licensees must not establish or keep anonymous accounts or accounts in fictitious names. Where conventional bank licensees maintain a nominee account, which is controlled by or held for the benefit of another person, the identity of that person must be disclosed to the conventional bank licensee and verified by it in accordance with the requirements specified in this Chapter.

          October 07

      • Timing of Verification

        • FC-1.1.10

          Conventional bank licensees must not commence a business relationship or undertake a transaction with a customer before completion of the relevant customer due diligence measures specified in Chapters 1, 2 and 3. However, verification may be completed after receipt of funds in the case of: Bahrain companies under formation which are being registered with the Ministry of Industry and Commerce; or newly arrived persons in Bahrain who are taking up employment or residence.

          Amended: January 2024
          Amended: January 2022
          Amended: October 2014
          Amended: October 2013
          October 07

        • FC-1.1.10A

          Conventional bank licensees must ensure they adopt adequate risk management procedures and perform risk assessments with respect to the conditions under which a customer may utilise the business relationship prior to verification.

          Added: Jan 2024

      • Companies under Formation

        • FC-1.1.10B

          Conventional bank licensees may open a bank account for the purpose of injection of initial capital (bank account for depositing capital) for a company under formation. No transfers or disbursement of funds must take place from such bank account until all the CDD requirements have been fully met.

          Added: Jan 2024

        • FC-1.1.10C

          Conventional bank licensees should only deny a request for opening accounts due to serious reasons or in case of suspicions arising from AML/CFT risk assessments. An example of a serious reason includes the detection of the fact that one of the shareholders of the company under formation appears in local, regional or international sanction lists.

          Added: Jan 2024

        • FC-1.1.10D

          Conventional bank licensees may open a separate bank account for the purpose of payment of formation expenses under conditions to be agreed with the customer.

          Added: Jan 2024

        • FC-1.1.10E

          All bank accounts of the company under formation must be closed and funds returned (see Paragraph FC-1.1.11) or suspended if the final CR is not received and the customer has not completed the customer due diligence requirements within a period of six months from the date of opening the account. The six-month period may be extended subject to a bilateral arrangement between the licensee and the customer.

          Added: Jan 2024

        • FC-1.1.10F

          For the purposes of account mentioned in Paragraph FC-1.1.10Dconventional bank licensees should follow the guidance below:

          (a) Licensees should receive from the customer, information regarding the nature of transactions, volume and prospective vendors during the formation stages;
          (b) Licensees may agree with the customer a limit for maximum payments to be made out of this account;
          (c) Licensees should ensure that payments from such accounts are only through EFTS; and
          (d) Licensees should integrate their systems with Sijilat system of the Ministry of Industry and Commerce for real-time access to allow opening of accounts in a timely and efficient manner.
          Added: Jan 2024

      • New Arrivals

        • FC-1.1.10G

          In the case of newly arrived persons in Bahrain who are taking up employment or residence, an account may be opened after undertaking initial customer due diligence and obtaining and verifying the identity information of the customer. However, no transfers or disbursement of funds must take place from such bank account until all the CDD requirements have been fully met.

          Added: Jan 2024

        • FC-1.1.10H

          In complying with the requirements of Paragraph FC-1.1.10G, examples of serious reasons for denying the request for opening an account may include failure to provide a valid passport. It may also include instances where a potential customer’s conduct or activity appears suspicious, or the customer’s name appears in one of the local, regional or international sanction lists.

          Added: Jan 2024

      • Incomplete Customer Due Diligence

        • FC-1.1.11

          Where a conventional bank licensee is unable to comply with the requirements specified in Chapters 1, 2 and 3, it must consider whether: it should freeze any funds received and file a suspicious transaction report; or to terminate the relationship; or not proceed with the transaction; or to return the funds to the counterparty in the same method as received.

          Amended: October 2013
          October 07

        • FC-1.1.12

          See also Chapter FC-5, which covers the filing of suspicious transaction reports. Regarding the return of funds to the counterparty, if funds are received in cash, funds should be returned in cash. If funds are received by wire transfer, they should be returned by wire transfer.

          Amended: October 2013
          October 07

      • Non-Resident Accounts

        • FC-1.1.12A

          Conventional retail bank licensees that open bank accounts or otherwise transact or deal with non-resident customers must have documented criteria for acceptance of business from such persons. For non-resident customers, conventional retail bank licensees must ensure the following:

          (a) Ensure there is a viable economic reason for the business relationship;
          (b) Perform enhanced due diligence where required in accordance with Paragraph FC-1.1.17;
          (c) Obtain and document the country of residence for tax purposes where relevant;
          (d) Obtain evidence of banking relationships in the country of residence;
          (e) Obtain the reasons for dealing with licensee in Bahrain;
          (f) Obtain an indicative transaction volume and/or value of incoming funds; and
          (g) Test that the persons are contactable without unreasonable delays.
          Amended: October 2023
          Added: January 2022

        • FC-1.1.12B

          Conventional retail bank licensees that open bank accounts or otherwise transact or deal with non-resident customers must have documented approved policies in place setting out the products and services which will be offered to non-resident customers. Such policy document must take into account a comprehensive risk assessment covering all risks associated with the products and services offered to non-residents. The licensee must also have detailed procedures to address the risks associated with the dealings with non-resident customers including procedures and processes relating to authentication, genuineness of transactions and their purpose.

          Added: January 2022

        • FC-1.1.12C

          Conventional bank licensees must not accept non-residents customers from high risk jurisdictions subject to a call for action by FATF.

          Added: January 2022

        • FC-1.1.12D

          Conventional bank licensees must take adequate precautions and risk mitigation measures before onboarding non-resident customers from high risk jurisdictions. The licensees must establish detailed assessments and criteria that take into consideration FATF mutual evaluations, FATF guidance, the country national risk assessments (NRAs) and other available guidance on onboarding and retaining non-resident customers from the following high risk jurisdictions:

          (a) Jurisdictions under increased monitoring by FATF;
          (b) Countries upon which United Nations sanctions have been imposed except those referred to in Paragraph FC-1.1.12C; and
          (c) Countries that are the subject of any other sanctions.
          Added: January 2022

        • FC-1.1.12E

          [This Paragraph was deleted in October 2023].

          Added: January 2022
          Deleted: October 2023

        • FC-1.1.12F

          All conventional bank licensees must establish systems and measures that are proportional to the risk relevant to each jurisdiction and this must be documented. Such a document must show the risks, mitigation measures for each jurisdiction and for each non-resident customer.

          Added: January 2022

        • FC-1.1.12G

          All conventional bank licensees must establish a comprehensive documented policy and procedures describing also the tools, methodology and systems that support the licensee’s processes for:

          (a) The application of RBA;
          (b) Customer due diligence;
          (c) Ongoing transaction monitoring; and
          (d) Reporting in relation to their transactions or dealings with nonresident customers.
          Added: January 2022

        • FC-1.1.12H

          Conventional bank licensees must ensure that only official/government documents are accepted for the purpose of information in Subparagraphs FC-1.2.1 (a) to (f) in the case of non-resident customers.

          Added: January 2022

        • FC-1.1.13

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Amended: January 2022
          Amended: April 2014
          Added: October 2013

        • FC-1.1.13A

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: April 2014
           

        • FC-1.1.13B

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: April 2014
           

        • FC-1.1.13C

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: April 2014
           

        • FC-1.1.13D

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: October 2017
           

        • FC-1.1.13E

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: October 2017
           

        • FC-1.1.13F

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: October 2017

        • FC-1.1.13G

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: October 2017

        • FC-1.1.13H

          [This Paragraph was deleted in January 2024].

          Deleted: January 2024
          Added: October 2017

        • FC-1.1.14

          [This Paragraph was deleted in October 2023].

          Deleted: October 2023
          Amended: January 2023
          Amended: April 2021
          Amended: January 2021
          Added: October 2013

        • FC-1.1.14A

          [This Paragraph was deleted in October 2023].

          Added: July 2022
          Deleted: October 2023

        • FC-1.1.14B

          [This Paragraph was deleted in October 2023].

          Added: January 2023
          Deleted: October 2023

        • FC-1.1.15

          Where a non-resident account is opened, the customer must be informed by the conventional bank licensee of any services which may be restricted or otherwise limited, as a result of their non-resident status.

          Added: October 2013

        • FC-1.1.16

          For purposes of Paragraph FC-1.1.15, examples of limitations or restrictions for non-resident accounts may include limitations on banking services being offered including the granting of loans or other facilities, including credit cards or cheque books.

          Added: October 2013

        • FC-1.1.17

          Conventional bank licensees must follow the below CDD and customer onboarding requirements:

            Enhanced Due Diligence Digital Onboarding
          Bahrainis and GCC nationals (wherever they reside) and expatriates resident in Bahrain No Yes
          Others Yes Yes
          Added: October 2023

    • FC-1.2 FC-1.2 Face-to-face Business

      • Natural Persons

        • FC-1.2.1

          If the customer is a natural person, conventional bank licensees must identify the person’s identity and obtain the following information before providing financial services of any kind:

          (a) Full legal name and any other names used;
          (b) Full permanent address (i.e. the residential address of the customer; a post office box is insufficient);
          (c) Date of birth;
          (d) Nationality;
          (e) Passport number (if the customer is a passport holder);
          (f) Current CPR or Iqama number (for residents of Bahrain or GCC states) or government issued national identification proof;
          (g) Telephone/fax number and email address (where applicable);
          (h) Occupation or public position held (where applicable);
          (i) Employer's name and address (if self-employed, the nature of the self-employment);
          (j) Type of account, and nature and volume of anticipated business dealings with the conventional bank licensee;
          (k) Signature of the customer(s);
          (l) Source of funds;
          (m) Reason for opening the account; and
          (n) Place of birth.
          Amended: January 2024
          Amended: January 2022
          Amended: January 2020
          October 07

        • FC-1.2.1A

          Conventional bank licensees obtaining the information and customer signature electronically using digital applications must comply with the applicable laws governing the onboarding/business relationship including but not limited to the Electronic Transactions Law (Law No. 54 of 2018) for the purposes of obtaining signatures as required in Subparagraph FC-1.2.1 (k) above.

          Added: January 2022

        • FC-1.2.2

          See Part B, Volume 1 (Conventional Banks), for Guidance Notes on source of funds (FC-1.2.1 (1)) and requirements for residents of Bahrain (FC-1.2.1 (c) & (f)).

          October 07

        • FC-1.2.2A

          Conventional retail bank licensees must verify the information in Paragraph FC-1.2.1 (a) to (f) by the following methods; at least one of the copies of the identification documents mentioned in (a) and (b) below must include a clear photograph of the customer:

          (a) Confirmation of the date of birth and legal name, by use of the national E-KYC application and if this is not practical, obtaining a copy of a current valid official original identification document (e.g. birth certificate, passport, national identity card, CPR or Iqama); and
          (b) Confirmation of the permanent residential address by use of the national E-KYC application and if this is not practical, obtaining a copy of a recent utility bill, bank statement or similar statement from another licensee or financial institution, or some form of official correspondence or official documentation card, such as national identity card or CPR, from a public/governmental authority, or a tenancy agreement or record of home visit by an official of the conventional bank licensee.
          Added: January 2022

        • FC-1.2.3

          Conventional wholesale bank licensees must verify the information in Paragraph FC-1.2.1 (a) to (f) by the following methods below; at least one of the copies of the identification documents mentioned in (a) and (b) below must include a clear photograph of the customer:

          (a) Confirmation of the date of birth and legal name, by taking a copy of a current valid official original identification document (e.g. birth certificate, passport, national identity card, CPR or Iqama);
          (b) Confirmation of the permanent residential address by taking a copy of a recent utility bill, bank statement or similar statement from another licensee or financial institution, or some form of official correspondence or official documentation card, such as CPR, from a public/governmental authority, or a tenancy agreement or record of home visit by an official of the conventional bank licensee; and
          (c) Where appropriate, direct contact with the customer by phone, letter or email to confirm relevant information, such as residential address information.
          Amended: January 2022
          October 07

        • FC-1.2.4

          Any document copied or obtained for the purpose of identification verification in a face-to-face customer due diligence process must be an original. An authorised official of the licensee must certify the copy, by writing on it the words 'original sighted', together with the date and his signature. Equivalent measures must be taken for electronic copies.

          Amended: January 2022
          October 07

        • FC-1.2.5

          Identity documents which are not obtained by an authorised official of the licensee in original form (e.g. due to a customer sending a copy by post following an initial meeting) must instead be certified (as per FC-1.2.4) by one of the following from a GCC or FATF member state:

          (a) A lawyer;
          (b) A notary;
          (c) A chartered/certified accountant;
          (d) An official of a government ministry;
          (e) An official of an embassy or consulate; or
          (f) An official of another licensed financial institution or of an associate company of the licensee.
          October 07

        • FC-1.2.6

          The individual making the certification under FC-1.2.5 must give clear contact details (e.g. by attaching a business card or company stamp). The conventional bank licensee must verify the identity of the person providing the certification through checking membership of a professional organisation (for lawyers or accountants), or through checking against databases/websites, or by direct phone or email contact.

          October 07

      • Legal Entities or Legal Arrangements (such as trusts)

        • FC-1.2.7

          If the customer is a legal entity or a legal arrangement such as a trust, the conventional bank licensee must obtain and record the following information from original identification documents, databases or websites, in hard copy or electronic form, to identify the customer and to take reasonable measures to verify its identity, legal existence and structure:

          (a) The entity's full name and other trading names used;
          (b) Registration number (or equivalent);
          (c) Legal form and proof of existence;
          (d) Registered address and trading address (where applicable);
          (e) Type of business activity;
          (f) Date and place of incorporation or establishment;
          (g) Telephone, fax number and email address;
          (h) Regulatory body or listing body (for regulated activities such as financial services and listed companies);
          (hh) The names of the relevant persons having a senior management position in the legal entity or legal arrangement;
          (i) Name of external auditor (where applicable);
          (j) Type of account, and nature and volume of anticipated business dealings with the conventional bank licensee; and
          (k) Source of funds.
          Amended: October 2017
          October 07

        • FC-1.2.8

          The information provided under FC-1.2.7 must be verified by obtaining certified copies of the following documents, as applicable (depending on the legal form of the entity):

          (a) Certificate of incorporation and/or certificate of commercial registration or trust deed;
          (b) Memorandum of association;
          (c) Articles of association;
          (d) Partnership agreement;
          (e) Board resolution seeking the banking services (only necessary in the case of private or unlisted companies);
          (f) Identification documentation of the authorised signatories to the account (certification not necessary for companies listed in a GCC/FATF state);
          (g) Copy of the latest financial report and accounts, audited where possible (audited copies do not need to be certified); and
          (h) List of authorised signatories of the company for the account and a Board resolution (or other applicable document) authorising the named signatories or their agent to operate the account (resolution only necessary for private or unlisted companies).
          Amended: October 2014
          Amended: January 2012
          October 07

        • FC-1.2.8A

          For customers that are legal persons, conventional bank licensees must identify and take reasonable measures to verify the identity of beneficial owners through the following information:

          (a) The identity of the natural person(s) who ultimately have a controlling ownership interest in a legal person, and
          (b) To the extent that there is doubt under (a) as to whether the person(s) with the controlling ownership interest is the beneficial owner(s), or where no natural person exerts control of the legal person or arrangement through other means; and
          (c) Where no natural person is identified under (a) or (b) above, the identity of the relevant natural person who holds the position of senior managing official.
          Added: October 2017

        • FC-1.2.9

          Documents obtained to satisfy the requirements in FC-1.2.8 above must be certified in the manner specified in FC-1.2.4 to FC-1.2.6.

          October 07

        • FC-1.2.9A

          For the purpose of Paragraph FC-1.2.8(a), the requirement to obtain a certified copy of the commercial registration, may be satisfied by obtaining a commercial registration abstract printed directly from the Ministry of Industry, Commerce and Tourism's website, through "SIJILAT Commercial Registration Portal".

          Added: January 2017

        • FC-1.2.10

          The documentary requirements in FC-1.2.8 above do not apply in the case of FATF/GCC listed companies: see Section FC-1.11 below. Also, the documents listed in FC-1.2.8 above are not exhaustive: for customers from overseas jurisdictions, documents of an equivalent nature may be produced as satisfactory evidence of a customer's identity.

          October 07

        • FC-1.2.11

          Licensees must also obtain and document the following due diligence information. These due diligence requirements must be incorporated in the licensee's new business procedures:

          (a) Enquire as to the structure of the legal entity or trust sufficient to determine and verify the identity of the ultimate beneficial owner of the funds, the ultimate provider of funds (if different), and the ultimate controller of the funds (if different);
          (b) Ascertain whether the legal entity has been or is in the process of being wound up, dissolved, struck off or terminated;
          (c) Obtain the names, country of residence and nationality of Directors or partners (only necessary for private or unlisted companies);
          (d) Require, through new customer documentation or other transparent means, updates on significant changes to corporate ownership and/or legal structure;
          (e) Obtain and verify the identity of shareholders holding 20% or more of the issued capital (where applicable). The requirement to verify the identity of these shareholders does not apply in the case of FATF/GCC listed companies;
          (f) In the case of trusts or similar arrangements, establish the identity of the settlor(s), trustee(s), and beneficiaries (including making such reasonable enquiries as to ascertain the identity of any other potential beneficiary, in addition to the named beneficiaries of the trust); and
          (g) Where a licensee has reasonable grounds for questioning the authenticity of the information supplied by a customer, conduct additional due diligence to confirm the above information.
          October 07

        • FC-1.2.12

          For the purposes of Paragraph FC-1.2.11, acceptable means of undertaking such due diligence might include taking bank references; visiting or contacting the company by telephone; undertaking a company search or other commercial enquiries; accessing public and private databases (such as stock exchange lists); making enquiries through a business information service or credit bureau; confirming a company's status with an appropriate legal or accounting firm; or undertaking other enquiries that are commercially reasonable.

          October 07

        • FC-1.2.13

          Where a licensee is providing investment management services to a regulated mutual fund, and is not receiving investors' funds being paid into the fund, it may limit its CDD to confirming that the administrator of the fund is subject to FATF-equivalent customer due diligence measures (see FC-1.9 for applicable measures). Where there are reasonable grounds for believing that investors' funds being paid into the fund are not being adequately verified by the administrator, then the licensee should consider terminating its relationship with the fund.

          October 07

    • FC-1.3 FC-1.3 Enhanced Customer Due Diligence: General Requirements

      • FC-1.3.1

        Enhanced customer due diligence must be performed on those customers identified as having a higher risk profile, and additional inquiries made or information obtained in respect of those customers.

        October 07

      • FC-1.3.2

        Licensees should examine, as far as reasonably possible, the background and purpose of all complex, unusual large transactions, and all unusual patterns of transactions, which have no apparent economic or lawful purpose. Where the risks of money laundering or terrorist financing are higher, licensees should conduct enhanced CDD measures, consistent with the risks identified. In particular, they should increase the degree and nature of monitoring of the business relationship, in order to determine whether those transactions or activities appear unusual or suspicious. The additional inquiries or information referred to in Paragraph FC-1.3.1 include:

        (a) Obtaining additional information on the customer (e.g. occupation, volume of assets, information available through public databases, internet, etc.), and updating more regularly the identification data of customer and beneficial owner;
        (b) Obtaining additional information on the intended nature of the business relationship;
        (c) Obtaining information on the source of funds or source of wealth of the customer;
        (d) Obtaining information on the reasons for intended or performed transactions;
        (e) Obtaining the approval of senior management to commence or continue the business relationship;
        (f) Conducting enhanced monitoring of the business relationship, by increasing the number and timing of controls applied, and selecting patterns of transactions that need further examination;
        (g) Taking specific measures to identify the source of the first payment in this account and applying RBA to ensure that there is a plausible explanation in any case where the first payment was not received from the same customer’s account;
        (h) Obtaining evidence of a person's permanent address through the use of a credit reference agency search, or through independent governmental database or by home visit;
        (i) Obtaining a personal reference (e.g. by an existing customer of the conventional bank licensee);
        (j) Obtaining another licensed entity's reference and contact with the concerned licensee regarding the customer;
        (k) Obtaining documentation outlining the customer's source of wealth;
        (l) Obtaining additional documentation outlining the customer's source of income; and
        (m) Obtaining additional independent verification of employment or public position held.
        Amended: January 2022
        October 07

      • FC-1.3.3

        In addition to the general rule contained in Paragraph FC-1.3.1 above, special care is required in the circumstances specified in Sections FC-1.4 to FC-1.9 inclusive.

        October 07

      • FC-1.3.4

        Additional enhanced due diligence measures for non-resident account holders may include the following:

        (a) References provided by a regulated bank from a FATF country;
        (b) Certified copies of bank statements for a recent 3-month period; or
        (c) References provided by a known customer of the conventional bank licensee.
        Amended: October 2019
        Added: October 2013

    • FC-1.4 FC-1.4 Enhanced Customer Due Diligence: Non face-to-face Business and New Technologies

      • FC-1.4.1

        Conventional bank licensees must establish specific procedures for verifying customer identity where no face-to-face contact takes place.

        October 07

      • FC-1.4.2

        Where no face-to-face contact takes place, conventional bank licensees must take additional measures (to those specified in Section FC-1.2), in order to mitigate the potentially higher risk associated with such business. In particular, conventional bank licensees must take measures:

        (a) To ensure that the customer is the person they claim to be; and
        (b) To ensure that the address provided is genuinely the customer's.
        October 07

      • FC-1.4.3

        There are a number of checks that can provide a conventional bank licensee with a reasonable degree of assurance as to the authenticity of the applicant. They include:

        (a) Telephone contact with the applicant on an independently verified home or business number;
        (b) With the customer's consent, contacting an employer to confirm employment, via phone through a listed number or in writing;
        (c) Salary details appearing on recent bank statements;
        (d) Independent verification of employment (e.g.: through the use of a national E-KYC application, or public position held;
        (e) Carrying out additional searches (e.g. internet searches using independent and open sources) to better inform the customer risk profile;
        (f) Carrying out additional searches focused on financial crime risk indicator (i.e. negative news);
        (g) Evaluating the information provided with regard to the destination of fund and the reasons for the transaction;
        (h) Seeking and verifying additional information from the customer about the purpose and intended nature of the transaction or the business relationship; and
        (i) Increasing the frequency and intensity of transaction monitoring.
        Amended: January 2022
        October 07

      • FC-1.4.4

        Financial services provided using digital channels or internet pose greater challenges for customer identification and AML/CFT purposes. Conventional bank licensees must identify and assess the money laundering or terrorist financing risks relevant to any new technology or channel and establish procedures to prevent the misuse of technological developments in money laundering or terrorist financing schemes. Specifically, licensees which provide electronic and internet banking services to their customers, must establish systems or programmes to monitor, detect and highlight unusual transactions. The risk assessments must be consistent with the requirements in Section FC-C-2.

        Amended: January 2022
        October 07

      • FC-1.4.5

        Conventional bank licensees must identify and assess the money laundering or terrorist financing risks that may arise in relation to:

        (a) The development of new products and new business practices, including new delivery mechanisms; and
        (b) The use of new or developing technologies for both new and pre-existing products.
        Added: October 2014

      • FC-1.4.6

        For purposes of Paragraph FC-1.4.5, such a risk assessment consistent with the requirements in Section FC-C.2 and must take place prior to the launch of the new products, business practices or the use of new or developing technologies. Conventional bank licensees must take appropriate measures to manage and mitigate those risks.

        Amended: January 2022
        Added: October 2014

      • Enhanced Monitoring

        • FC-1.4.7

          Customers on boarded digitally must be subject to enhanced on-going account monitoring measures.

          Added: January 2022

        • FC-1.4.8

          The CBB may require a licensee to share the details of the enhanced monitoring and the on-going monitoring process for non face-to-face customer relationships.

          Added: January 2022

      • Licensee’s digital ID applications

        • FC-1.4.9

          Conventional bank licensees may use its digital ID applications that use secure audio-visual real time (live video conferencing/live photo selfies) communication means to identify the natural person.

          Added: January 2022

        • FC-1.4.10

          Conventional bank licensees must maintain a document available upon request for the use of its digital ID applications that includes all the following information:

          (a) A description of the nature of products and services for which the proprietary digital ID application is planned to be used with specific references to the rules in this Module for which it will be used;
          (b) A description of the systems and IT infrastructure that are planned to be used;
          (c) A description of the technology and applications that have the features for facial recognition or biometric recognition to authenticate independently and match the face and the customer identification information available with the licensee. The process and the features used in conjunction with video conferencing include, among others, face recognition, three-dimensional face matching techniques etc.;
          (d) “Liveness” checks created in the course of the identification process;
          (e) A description of the governance arrangements related to this activity including the availability of specially trained personnel with sufficient level of seniority; and
          (f) Record keeping arrangements for electronic records to be maintained and the relative audit.
          Added: January 2022

        • FC-1.4.11

          Conventional bank licensees that intend to use its digital ID application to identify the customer and verify identity information must meet the following additional requirements:

          (a) The digital ID application must make use of secure audio visual real time (live video conferencing /live photo selfies) technology to (i) identify the customer, (ii) verify his/her identity, and also (iii) ensure the data and documents provided are authentic;
          (b) The picture/sound quality must be adequate to facilitate unambiguous identification;
          (c) The digital ID application must include or be combined with capability to read and decrypt the information stored in the identification document’s machine readable zone (MRZ) for authenticity checks from independent and reliable sources;
          (d) Where the MRZ reader is with an outsourced provider, the licensee must ensure that such party is authorized to carry out such services and the information is current and up to date and readily available such that the licensee can check that the decrypted information matches the other information in the identification document;
          (e) The digital ID application has the features for allowing facial recognition or biometric recognition that can authenticate and match the face and the customer identification documents independently;
          (f) The digital ID solution has been tested by an independent expert covering the governance and control processes to ensure the integrity of the solution and underlying methodologies, technology and processes and risk mitigation. The report of the expert’s findings must be retained and available upon request;
          (g) The digital ID application must enable an ongoing process of retrieving and updating the digital files, identity attributes, or data fields which are subject to documented access rights and authorities for updating and changes; and
          (h) The digital ID application must have the geo-location features which must be used by the licensee to ensure that it is able to identify any suspicious locations and to make additional inquiries if the location from which a customer is completing the onboarding process does not match the location of the customer based on the information and documentation submitted.
          Added: January 2022

        • FC-1.4.12

          Conventional bank licensees using its digital ID application must establish and implement an approved policy which lays down the governance, control mechanisms, systems and procedures for the CDD which include:

          (a) A description of the nature of products and services for which customer due diligence may be conducted through video conferencing or equivalent electronic means;
          (b) A description of the systems, controls and IT infrastructure planned to be used;
          (c) Governance mechanism related to this activity;
          (d) Specially trained personnel with sufficient level of seniority; and
          (e) Record keeping arrangements for electronic records to be maintained and the relative audit trail.
          Added: January 2022

        • FC-1.4.13

          Conventional bank licensees must ensure that the information referred to in Paragraph FC-1.2.1 is collected in adherence to privacy laws and other applicable laws of the country of residence of the customer.

          Added: January 2022

        • FC-1.4.14

          Conventional bank licensees must ensure that the information referred to in Subparagraphs FC-1.2.1 (a) to (f) is obtained prior to commencing the digital verification such that:

          (a) The licensee can perform its due diligence prior to the digital interaction/communication and can raise targeted questions at such interaction/communication session; and
          (b) The licensee can verify the authenticity, validity and accuracy of such information through digital means (See Paragraph FC.1.4.16 below) or by use of the methods mentioned in Paragraph FC-1.2.3 and /or FC-1.4.3 as appropriate.
          Added: January 2022

        • FC-1.4.15

          The licensee must also obtain the customer’s explicit consent to record the session and capture images as may be needed.

          Added: January 2022

        • FC-1.4.16

          Conventional bank licensees must verify the information in Paragraph FC-1.2.1 (a) to (f) by the following methods below:

          (a) Confirmation of the date of birth and legal name by digital reading and authenticating current valid passport or other official original identification using machine readable zone (MRZ) or other technology which has been approved under paragraph FC-1.4.9, unless the information was verified using national E-KYC application;
          (b) Performing real time video calls with the applicant to identify the person and match the person’s face and /other features through facial recognition or bio-metric means with the office documentation, (e.g. passport, CPR);
          (c) Matching the official identification document, (e.g. passport, CPR) and related information provided with the document captured/displayed on the live video call; and
          (d) Confirmation of the permanent residential address by, unless the information was verified using national E-KYC application capturing live, the recent utility bill, bank statement or similar statement from another licensee or financial institution, or some form of official correspondence or official documentation card, such as national identity card or CPR, from a public/governmental authority, or a tenancy agreement or record of home visit by an official of the conventional bank licensee.
          Added: January 2022

        • FC-1.4.17

          For the purposes of Paragraph FC-1.4.16, actions taken for obtaining and verifying customer identity could include:

          (a) Collection: Present and collect identity attributes and evidence, either in person and/or online (e.g., by filling out an online form, sending a selfie photo, uploading photos of documents such as passport or driver’s license, etc.);
          (b) Certification: Digital or physical inspection to ensure the document is authentic and its data or information is accurate (for example, checking physical security features, expiration dates, and verifying attributes via other services);
          (c) De-duplication: Establish that the identity attributes and evidence relate to a unique person in the ID system (e.g., via duplicate record searches, biometric recognition and/or deduplication algorithms);
          (d) Verification: Link the individual to the identity evidence provided (e.g., using biometric solutions like facial recognition and liveness detection); and
          (e) Enrolment in identity account and binding: Create the identity account and issue and link one or more authenticators with the identity account (e.g., passwords, one-time code (OTC) generator on a smartphone, etc.). This process enables authentication.
          Added: January 2022

        • FC-1.4.18

          Not all elements of a digital ID system are necessarily digital. Some elements of identity proofing and enrolment can be either digital or physical (documentary), or a combination, but binding and authentication must be digital.

          Added: January 2022

        • FC-1.4.19

          Sufficient controls must be put in place to safeguard the data relating to customer information collected through the video conference and due regard must be paid to the requirements of the Personal Data Protection Law (PDPL). Additionally, controls must be put in place to minimize the increased impersonation fraud risk in such non face-to-face relationship where there is a chance that customer may not be who he claims he is.

          Added: January 2022

      • Overseas branches

        • FC-1.4.20

          Where conventional bank licensees intend to use a digital ID application in a foreign jurisdiction in which it operates, it must ensure that the digital ID application meets with the requirements under Paragraph FC-B.2.1.

          Added: January 2022

    • FC-1.5 FC-1.5 Enhanced Customer Due Diligence: Politically Exposed Persons ('PEPs')

      • FC-1.5.1

        Conventional bank licensees must have appropriate risk management systems to determine whether a customer or beneficial owner is a Politically Exposed Person ('PEP'), both at the time of establishing business relations and thereafter on a periodic basis. Conventional bank licensees must utilise publicly available databases and information to establish whether a customer is a PEP.

        Amended: July 2016
        Amended: October 2014
        October 07

      • FC-1.5.2

        Conventional bank licensees must establish a client acceptance policy with regard to PEPs, taking into account the reputational and other risks involved. Senior management approval must be obtained before a PEP is accepted as a customer. Licensees must not accept a non-Bahraini PEP as a customer based on customer due diligence undertaken using digital ID applications.

        Amended: January 2022
        Added: October 2007

      • FC-1.5.3

        Where an existing customer is a PEP, or subsequently becomes a PEP, enhanced monitoring and customer due diligence measures must include:

        (a) Analysis of complex financial structures, including trusts, foundations or international business corporations;
        (b) A written record in the customer file to establish that reasonable measures have been taken to establish both the source of wealth and the source of funds;
        (c) Development of a profile of anticipated customer activity, to be used in on-going monitoring;
        (d) Approval of senior management for allowing the customer relationship to continue; and
        (e) On-going account monitoring of the PEP's account by senior management (such as the MLRO).
        October 07

      • FC-1.5.3A

        In cases of higher risk business relationships with such persons, mentioned in Paragraph FC-1.5.1, conventional bank licensees must apply, at a minimum, the measures referred to in (b), (d) and (e) of Paragraph FC-1.5.3.

        Added: October 2014

      • FC-1.5.3B

        The requirements for all types of PEP must also apply to family or close associates of such PEPs.

        Added: October 2014

      • FC-1.5.3C

        For the purpose of Paragraph FC-1.5.3B, 'family' means spouse, father, mother, sons, daughters, sisters and brothers. 'Associates' are persons associated with a PEP whether such association is due to the person being an employee or partner of the PEP or of a firm represented or owned by the PEP, or family links or otherwise.

        Added: October 2014

      • FC-1.5.4

        [This Paragraph was deleted in July 2016 and the definition moved to the Glossary under Part B.]

        Deleted: July 2016
        Amended: October 2014
        October 07

    • FC-1.6 FC-1.6 Enhanced Due Diligence: Charities, Clubs and Other Societies

      • FC-1.6.1

        Financial services must not be provided to charitable funds and religious, sporting, social, cooperative and professional and other societies, until an original certificate authenticated by the relevant Ministry confirming the identities of those purporting to act on their behalf (and authorising them to obtain the said service) has been obtained.

        Amended: October 2014
        Amended: January 2013
        October 07

      • FC-1.6.1A

        For the purpose of Paragraph FC-1.6.1, for clubs and societies registered with the Ministry of Youth and Sport Affairs, conventional bank licensees must contact the Ministry to clarify whether the account may be opened in accordance with the rules of the Ministry. In addition, in the case of sport associations registered with the Bahrain Olympic Committee (BOC), conventional bank licensees must contact BOC to clarify whether the account may be opened in accordance with the rules of BOC.

        Amended: July 2019
        Added: January 2013

      • FC-1.6.2

        Conventional bank licensees are reminded that clubs and societies registered with the Ministry of Youth and Sport Affairs may only have one account with banks in Bahrain.

        Amended: July 2019
        Amended: January 2013
        October 07

      • FC-1.6.2A

        Pursuant to Article (20) of the Consolidated Financial Regulations for Sports Clubs issued in 2005, Conventional bank licensees must not change or open additional bank accounts for Clubs and Youth Centres without obtaining the prior approval of the Ministry of Youth and Sport Affairs.

        Added: July 2019

      • FC-1.6.3

        Charities should be subject to enhanced transaction monitoring by banks. Conventional bank licensees should develop a profile of anticipated account activity (in terms of payee countries and recipient organisations in particular).

        Amended: January 2013
        October 07

      • FC-1.6.4

        Conventional bank licensees must provide a monthly report of all payments and transfers of BD3,000 (or equivalent in foreign currencies) and above, from accounts held by charities registered in Bahrain. The report must be submitted to the CBB's Compliance Directorate Unit (see FC-5.3 for contact address), giving details of the amount transferred, account name, number and beneficiary name account and bank details. Conventional bank licensees must ensure that such transfers are in accordance with the spending plans of the charity (in terms of amount, recipient and country).

        Amended: January 2013
        Amended: January 2011
        October 07

      • FC-1.6.5

        Article 20 of Decree Law No. 21 of 1989 (issuing the Law of Social and Cultural Societies and Clubs and Private Organizations Operating in the Area of Youth and Sport and Private Institutions) provides that Conventional bank licensees must not accept or process any incoming or outgoing fund transfers in any form (wire transfer, cheques, etc.) from or to any foreign association on behalf of charity and non-profit organisations, societies and clubs licensed by the Ministry of Labour and Social Development or the Ministry of Youth and Sport Affairs without the prior approval of the relevant Ministry.

        Amended: July 2019
        Amended: October 2014
        Added July 09

      • FC-1.6.6

        The receipt of a Ministry letter mentioned in FC-1.6.5 above does not exempt the concerned bank from conducting normal CDD measures as outlined in other parts of this Module.

        Added July 09

    • FC-1.7 FC-1.7 Enhanced Due Diligence: 'Pooled Funds'

      • FC-1.7.1

        Where conventional bank licensees receive pooled funds managed by professional intermediaries (such as investment and pension fund managers, stockbrokers and lawyers or authorised money transferors), they must apply CDD measures contained in Section FC-1.9 to the professional intermediary. In addition, conventional bank licensees must verify the identity of the beneficial owners of the funds where required as shown in Paragraphs FC-1.7.2 or FC-1.7.3 below.

        October 07

      • FC-1.7.2

        Where funds pooled in an account are not co-mingled (i.e. where there are 'sub-accounts' attributable to each beneficiary), all beneficial owners must be identified by the conventional bank licensee, and their identity verified in accordance with the requirements in Section FC-1.2.

        Amended: October 2014
        October 07

      • FC-1.7.3

        For accounts held by intermediaries resident in Bahrain, where such funds are co-mingled, the conventional bank licensee must make a reasonable effort (in the context of the nature and amount of the funds received) to look beyond the intermediary and determine the identity of the beneficial owners or underlying clients, particularly where funds are banked and then transferred onward to other financial institutions (e.g. in the case of accounts held on behalf of authorised money transferors). Where, however, the intermediary is subject to equivalent regulatory and money laundering regulation and procedures (and, in particular, is subject to the same due diligence standards in respect of its client base) the CBB will not insist upon all beneficial owners being identified provided the conventional bank licensee has undertaken reasonable measures to determine that the intermediary has engaged in a sound customer due diligence process, consistent with the requirements in Section FC-1.8.

        Amended: October 2014
        October 07

      • FC-1.7.4

        For accounts held by intermediaries from foreign jurisdictions, the intermediary must be subject to requirements to combat money laundering and terrorist financing consistent with the FATF Recommendations and the intermediary must be supervised for compliance with those requirements. The bank must obtain documentary evidence to support the case for not carrying out customer due diligence measures beyond identifying the intermediary. The bank must satisfy itself that the intermediary has identified the underlying beneficiaries and has the systems and controls to allocate the assets in the pooled accounts to the relevant beneficiaries. The due diligence process contained in Section FC-1.8 must be followed.

        Amended: October 2014
        October 07

      • FC-1.7.5

        Where the intermediary is not empowered to provide the required information on beneficial owners (e.g. lawyers bound by professional confidentiality rules) or where the intermediary is not subject to the same due diligence standards referred to above, a bank must not permit the intermediary to open an account or allow the account to continue to operate, unless specific permission has been obtained in writing from the CBB.

        October 07

    • FC-1.8 FC-1.8 Enhanced Due Diligence for Correspondent Banking Relationships

      • FC-1.8.1

        Conventional bank licensees which intend to act as correspondent banks must gather sufficient information (e.g. through a questionnaire) about their respondent banks to understand the nature of the respondent's business. Factors to consider to provide assurance that satisfactory measures are in place at the respondent bank include:

        (a) Information about the respondent bank's ownership structure and management;
        (b) Major business activities of the respondent and its location (i.e. whether it is located in a FATF compliant jurisdiction) as well as the location of its parent (where applicable);
        (c) Where the customers of the respondent bank are located;
        (d) The respondent's AML/CFT controls;
        (e) The purpose for which the account will be opened;
        (f) Confirmation that the respondent bank has verified the identity of any third party entities that will have direct access to the correspondent banking services without reference to the respondent bank (e.g. in the case of 'payable through' accounts);
        (g) The extent to which the respondent bank performs on-going due diligence on customers with direct access to the account, and the condition of bank regulation and supervision in the respondent's country (e.g. from published FATF reports). Banks should take into account the country where the respondent bank is located and whether that country abides by the FATF Recommendations when establishing correspondent relationships with foreign banks. Banks should obtain where possible copies of the relevant laws and regulations concerning AML/CFT and satisfy themselves that respondent banks have effective customer due diligence measures consistent with the FATF Recommendations;
        (h) Confirmation that the respondent bank is able to provide relevant customer identification data on request to the correspondent bank; and
        (i) Whether the respondent bank has been subject to a money laundering or terrorist financing investigation.
        Amended: January 2018
        Amended: October 2014
        Amended: April 2011
        October 07

      • FC-1.8.2

        Conventional bank licensees must implement the following additional measures, prior to opening a correspondent banking relationship:

        (a) Complete a signed statement that outlines the respective responsibilities of each institution in relation to money laundering detection and monitoring responsibilities; and
        (b) Ensure that the correspondent banking relationship has the approval of senior management.
        Amended: April 2011
        October 07

      • FC-1.8.3

        Conventional bank licensees must refuse to enter into or continue a correspondent banking relationship with a bank incorporated in a jurisdiction in which it has no physical presence and which is unaffiliated with a regulated financial group (i.e. 'shell banks', see Section FC-1.10). Banks must pay particular attention when entering into or continuing relationships with respondent banks located in jurisdictions that have poor KYC standards or have been identified by the FATF as being 'non-cooperative' in the fight against money laundering/terrorist financing.

        October 07

    • FC-1.9 FC-1.9 Introduced Business from Professional Intermediaries

      • FC-1.9.1

        A conventional bank licensee may only accept customers introduced to it by other financial institutions or intermediaries, if it has satisfied itself that the financial institution or intermediary concerned is subject to FATF-equivalent measures and customer due diligence measures. Where conventional bank licensees delegate part of the customer due diligence measures to another financial institution or intermediary, the responsibility for meeting the requirements of Chapters 1 and 2 remains with the conventional bank licensee, not the third party.

        Amended: January 2018
        October 07

      • FC-1.9.2

        Conventional bank licensees may only accept introduced business if all of the following conditions are satisfied:

        (a) The customer due diligence measures applied by the introducer are consistent with those required by the FATF Recommendations;
        (b) A formal agreement is in place defining the respective roles of the licensee and the introducer in relation to customer due diligence measures. The agreement must specify that the customer due diligence measures of the introducer will comply with the FATF Recommendations;
        (c) The introducer immediately provides all necessary information required in Paragraph FC-1.2.1 or FC-1.2.7 and FC-1.1.2A pertaining to the customer's identity, the identity of the customer and beneficial owner of the funds (where different), the purpose of the relationship and, where applicable, the party/parties on whose behalf the customer is acting; also, the introducer has confirmed that the conventional bank licensee will be allowed to verify the customer due diligence measures undertaken by the introducer at any stage; and
        (d) Written confirmation is provided by the introducer confirming that all customer due diligence measures required by the FATF Recommendations have been followed and the customer's identity established and verified. In addition, the confirmation must state that any identification documents or other customer due diligence material can be accessed by the conventional bank licensee and that these documents will be kept for at least five years after the business relationship has ended.
        Amended: October 2014
        October 07

      • FC-1.9.3

        The conventional bank licensee must perform periodic reviews ensuring that any introducer on which it relies is in compliance with the FATF Recommendations. Where the introducer is resident in another jurisdiction, the conventional bank licensee must also perform periodic reviews to verify whether the jurisdiction is in compliance with the FATF Recommendations.

        Amended: October 2014
        October 07

      • FC-1.9.4

        Should the conventional bank licensee not be satisfied that the introducer is in compliance with the requirements of the FATF Recommendations, the licensee must conduct its own customer due diligence on introduced business, or not accept further introductions, or discontinue the business relationship with the introducer.

        Amended: October 2014
        October 07

    • FC-1.10 FC-1.10 Shell Banks

      • FC-1.10.1

        Conventional bank licensees must not establish business relations with banks, which have no physical presence or 'mind and management' in the jurisdiction in which they are licensed and which is unaffiliated with a regulated financial group ('shell banks'). Banks must not knowingly establish relations with banks that have relations with shell banks.

        October 07

      • FC-1.10.2

        Conventional bank licensees must make a suspicious transaction report to the Anti-Money Laundering Unit and the Compliance Directorate if they are approached by a shell bank or an institution they suspect of being a shell bank.

        October 07

    • FC-1.10A FC-1.10A Enhanced Due Diligence: Cross Border Cash Transactions by Courier

      Amended: July 2018

      • FC-1.10A.1

        The cross-border movement of cash funds warrants special attention under the FATF Recommendations where transactions are large in value (Recommendation 12), in addition to the general requirement under Recommendation 32 to verify monitor, declare and keep records of all cross-border transfers of cash. Cash shipments are therefore subject to inspection and investigation procedures by the Customs Directorate of the Kingdom of Bahrain. There are also certain specific legal measures mentioned below which are relevant to cross-border cash shipments. Under Article 4 of Decree Law No. 4 of 2001, licensees of the CBB are required to comply with the CBB's Rules and Regulations concerning the prevention and prohibition of money laundering, which include regulations concerning the cross-border movement of cash. Also, licensees' attention is drawn to the disclosure provisions of Decree Law No 54 of 2006 and Ministerial Order No 6 of 2008 with respect to cross-border transportation of funds (see Part B of the Rulebook for Decree Law No 54). Licensees are also reminded of the rules of the unified customs arrangements of the Gulf Cooperation Council as laid out in Decree Law No 10 of 2002. With respect to the above Law No. 4 of 2001 and the concerned parts of other legislation mentioned above, all money changers must implement the enhanced measures below in respect of all cash received from foreign countries or sold/transferred to foreign countries.

        Amended: October 2014
        Adopted: January 2011

      • FC-1.10A.2

        Cash coming into Bahrain via courier (whether a representative of a Bahrain money changer or a foreign institution) must be accompanied by original documentation stating the source of funds and identity of the originator of the funds. Furthermore, the documentation must state the full name and address of the beneficiary of the funds. This documentation must be signed in original by (a representative) of the originator of the cash. This means that where a courier is importing cash via any customs point of entry (e.g. via the Causeway or the Airport), the aforementioned courier must carry original documentation which clearly shows the source of funds and identity of the originator of the funds and the intended beneficiaries' names and address.

        Amended: July 2018
        Adopted: January 2011

      • FC-1.10A.3

        In the case of incoming cash, the courier must carry original documentation signed by the originator stating whether the cash shipment is for local use or for onward transmission.

        Adopted: January 2011

      • FC-1.10A.4

        If the imported cash is for onward transmission, the original documentation must provide the full name and address of the final beneficiaries, as well as the local recipient (e.g. the bank).

        Adopted: January 2011

      • FC-1.10A.5

        Failure to provide complete and detailed original signed documentation by the originator of the funds referred to in Paragraph FC-1.10A.2 may cause the cash shipment to be blocked, whereupon the blocking costs will be borne by the concerned money changer in Bahrain. Licensees are also reminded of the penalties and enforcement measures in Law No. 4 of 2001, Decree Law No. 54 of 2006, Ministerial Order No. 7 of 2001 issued by the Minister of Finance and National Economy, the rules of the unified customs arrangements of the Gulf Cooperation Council as laid out in Decree Law No. 10 of 2002 and the CBB Law No. 64 of 2006.

        Adopted: January 2011

    • FC-1.11 FC-1.11 Simplified Customer Due Diligence

      • FC-1.11.1

        Conventional bank licensees may apply simplified customer due diligence measures, as described in Paragraphs FC-1.11.2 to FC-1.11.7, if:

        (a) The customer is the Central Bank of Bahrain ('CBB'), the Bahrain Bourse ('BHB') or a licensee of the CBB;
        (b) The customer is a Ministry of a Gulf Cooperation Council ('GCC') or Financial Action Task Force ('FATF') member state government, a company in which a GCC or FATF government is a majority shareholder, or a company established by decree in the GCC;
        (c) The customer is a company listed on a GCC or FATF member state stock exchange (where the FATF state stock exchange has equivalent disclosure standards to those of the BHB);
        (d) The customer is a financial institution whose entire operations are subject to AML/CFT requirements consistent with the FATF Recommendations and it is supervised by a financial services supervisor in a FATF or GCC member state for compliance with those requirements;
        (e) The customer is a financial institution which is a subsidiary of a financial institution located in a FATF or GCC member state, and the AML/CFT requirements applied to its parent also apply to the subsidiary;
        (f) The customer is a borrower in a syndicated transaction where the agent bank is a financial institution whose entire operations are subject to AML/CFT requirements consistent with the FATF Recommendations and it is supervised by a financial services supervisor in a FATF or GCC member state for compliance with those requirements; or
        (g) [This sub-paragraph was deleted in January 2018].
        Amended: January 2019
        Amended: January 2018
        Amended: October 2014
        Amended: April 2013
        Amended: January 2013
        Amended: April 2008
        October 07

      • FC-1.11.2

        For customers falling under categories a-f specified in Paragraph FC-1.11.1, the information required under Paragraph FC-1.2.1 (for natural persons) or FC-1.2.7 (for legal entities or legal arrangements such as trusts) must be obtained. However, the verification and certification requirements in Paragraphs FC-1.2.3 and FC-1.2.8, and the due diligence requirements in Paragraph FC-1.2.11, may be dispensed with. Where the account is a correspondent banking relationship, enhanced due diligence applies. Refer to Section FC-1.8.

        October 07

      • FC-1.11.3

        [This Paragraph was deleted in July 2018.]

        Deleted: July 2018

      • FC-1.11.4

        Conventional bank licensees wishing to apply simplified due diligence measures as allowed for under Paragraph FC-1.11.1 must retain documentary evidence supporting their categorisation of the customer.

        October 07

      • FC-1.11.5

        Examples of such documentary evidence may include a printout from a regulator's website, confirming the licensed status of an institution, and internal papers attesting to a review of the AML/CFT measures applied in a jurisdiction.

        October 07

      • FC-1.11.6

        Conventional bank licensees may use authenticated SWIFT messages as a basis for confirmation of the identity of a financial institution under FC-1.11.1 (d) and (e) where it is dealing as principal. For customers coming under Paragraph FC-1.11.1 (d) and (e), conventional bank licensees must also obtain and retain a written statement from the parent institution of the subsidiary concerned, confirming that the subsidiary is subject to the same AML/CFT measures as its parent.

        October 07

      • FC-1.11.7

        Simplified customer due diligence measures must not be applied where a conventional bank licensee knows, suspects, or has reason to suspect, that the applicant is engaged in money laundering or terrorism financing or that the transaction is carried out on behalf of another person engaged in money laundering or terrorism financing.

        October 07

      • FC-1.11.7A

        Simplified customer due diligence measures must not be applied in situations where the licensee has identified high ML/TF/PF risks.

        Added: January 2022

      • FC-1.11.8

        [This Paragraph was deleted in July 2018.]

        Deleted: July 2018

    • FC-1.12 FC-1.12 [This Section has been deleted and moved to the CBB Regulatory Sandbox Framework in January 2022]

      • General Requirements

        • FC-1.12.1

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.2

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.3

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.4

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

      • Face to Face Business

        • FC-1.12.5

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.6

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.7

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.8

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.9

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.10

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Amended: July 2018
          Added: October 2017

        • FC-1.12.11

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

      • Non Face To Face Business and Technologies

        • FC-1.12.12

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.13

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

        • FC-1.12.14

          [This Paragraph was deleted in January 2022].

          Deleted: January 2022
          Added: October 2017

    • FC-1.13 Reliance on Third Parties for Customer Due Diligence

      • FC-1.13.1

        Licensees are permitted to rely on third parties to perform elements of CDD measures and recordkeeping requirements stipulated in Chapter FC-1 related to customer and beneficial owner identity, verification of their identity and information on the purpose and intended nature of the business relationship with the licensee, subject to complying with the below:

        (a) Licensees remain ultimately responsible for CDD measures;
        (b) Licensees immediately obtain the relevant CDD information from the third party upon onboarding clients;
        (c) There is an agreement with the third party for the arrangement with clear contractual terms on the obligations of the third party;
        (d) The third party without delay makes available the relevant documentation relating to the CDD requirements upon request;
        (e) Licensees ensure that the third party is a financial institution that is regulated and supervised for, and has measures in place for compliance with, CDD and recordkeeping requirements in line with FATF Recommendations 10 and 11; and
        (f) For third parties based abroad, licensees must consider the information available on the level of country risk.
        Added: October 2023

      • FC-1.13.2

        Where a licensee relies on a third-party that is part of the same financial group, the licensee can consider that:

        (a) The requirements under Subparagraphs FC-1.13.1 (d) and (e) are complied with through its group programme, provided the group satisfies the following conditions:
        (i) The group applies CDD and record keeping requirements consistent with FATF Recommendations 10, 11 and 12 and has in place internal controls in accordance with FATF Recommendation 18; and
        (ii) The implementation of CDD, record keeping and AML/CFT measures are supervised at a group level by a financial services regulatory authority for compliance with AML/CFT requirements consistent with standards set by the FATF.
        (b) The requirement under Subparagraph FC-1.13.1 (f) is complied with if the country risk is adequately mitigated by the group’s AML/CFT policies.
        Added: October 2023

      • FC-1.13.3

        This Section does not apply to outsourcing or agency arrangements in which the outsourced entity applies the CDD measures on behalf of the delegating licensee, in accordance with its procedures.

        Added: October 2023