KYC / CDC Policy
KYC AND CDD POLICY (AHSAM SEC.PVT.LTD.)
Know Your Customer (KYC) and Customer Due Diligence (CDD) Policies And Procedure
INTRODUCTION:
Know your customer (KYC) policy is an important step developed globally to prevent identity theft, financial fraud, money laundering and terrorist financing. The objective of KYC is to enable financial market to know and understand their customers better and help them manage their risks prudently.
KYC is a regulatory and legal requirement and KYC policies are framed by AHSAM Securities incorporating the key elements as prescribed the Pakistan Stock Exchange (PSX).
- Customer Identification
- Risk Assessment of Customer
- Circumstances where Enhanced Due Diligence is required
- Circumstances where simplified Due Diligence can be adopted
- Compliance function
- Data retention
- Training and employee screening
The revised KYC policy of the company incorporates the following four elements for the identification of the customer:
- Customer Acceptance Policy (CAP)
- Customer Identification Procedures (CIP)
- Monitoring of Transactions; and
- Risk Management
Main objectives to follow KYC by AHSAM SEC. PVT.LTD.
- Collection and analysis of basic identity information.
- Determination of the customer’s risk to commit money laundering, terrorist finance, or identity theft.
- Creation of an expectation of a customer’s transactional behavior
Customer Identification
Basic Requirements for Customer Identification: For individual’s accounts, the company requires the following information and documents under KYC.
- Legal name and any other change in names used.
- Correct permanent address
The individuals will have to provide the original document for verification and submit a copy to the AHSAM Securities (Pvt) Limited as a part of company’s record.
Identity Proof (any one of the following)
- Passport
- Driving license
- National Identity Card by NADRA
Address Proof (any one of the following)
- Utility bill
- Bank account statement received by mail / courier along with signature verification by the Banker manager/
Documents Required For KYC of Corporate Clients
For Accounts of Companies/Partnership Firms/Trusts & Foundation, a different set of documentation and information is required.
Account Holders are requested to furnish their recent passport size colored photograph along with the signed KYC submission format on the company’s request declaring the authorized person for representing the company and its his/her authorities while operating with the brokerage house. It is also important to note that there is a requirement for the periodic updating of KYC Information as and when called for by the company.
If the company is unable to apply appropriate KYC measures due to non-furnishing of information or non-cooperation by the customer, the company has the right to consider closing the account after issuing due notice to the customer explaining the reasons for taking such a decision.
Customer Acceptance policy
The following Customer Acceptance Policy indicating the criteria for acceptance of customers shall be followed in the company. The company accept customer strictly in accordance with the said policy:
(i). No account shall be opened in anonymous or fictitious/ benami names
(ii). Parameters of risk perception shall be clearly defined in terms of the nature of business activity, location of customer and his clients, mode of payments, volume of turnover, social and financial status etc., to enable categorization of customers into low, medium and high risk called Level I, Level II and Level III respectively; Customers requiring very high level of monitoring e.g., Politically Exposed Persons (PEPs) may be categorized as Level IV.
Company shall collect documents and other information from the customer depending on perceived risk and keeping in mind the requirements by Rule Book of PSX.
The risk to the customer shall be assigned on the following basis
- Low Risk (Level I):
Individuals (other than High Net Worth) and entities whose identities and sources of wealth can
be easily identified and transactions in whose accounts by and large conform to the known profile may be categorized as low risk. The illustrative examples of low risk customers could be salaried employees whose salary structures are well defined, people belonging to lower economic strata of the society whose accounts show small balances and low turnover, Government Departments and Government owned companies, regulators and statutory bodies etc. In such cases, only the basic requirements of verifying the identity and location of the customer shall be met.
- Medium Risk (Level II):
Customers that is likely to pose a higher than average risk to the bank may be categorized as
medium or high risk depending on customer’s background, nature and location of activity, country of origin, sources of funds and his client profile etc; such as:
- Persons in business/industry or trading activity where the area of his residence or place of business has a scope or history of unlawful trading/business activity.
- Where the client profile of the person/s opening the account, according to the perception of the branch is uncertain and/or doubtful/dubious.
iii. High Risk (Level III):
The company may apply enhanced due diligence measures based on the risk assessment, thereby requiring intensive ‘due diligence’ for higher risk customers, especially those for whom the sources of funds are not clear. The examples of customers requiring higher due diligence may include
- a) Non Resident Customers,
- b) High Net worth individuals
- c) Trusts, charities, NGOs and organizations receiving
Circumstances where enhanced Due Diligence is required
The company shall close an existing account or shall not open a new account where it is unable to apply appropriate customer due diligence measures or an enhanced Due Diligence is required. If company is unable to verify the identity or obtain documents required as per the risk categorization due to non-cooperation of the customer or non reliability of data/information furnished to the Company. The Company shall, however, ensure that these measures do not lead to the discomfort of the customer.
Operation Manager is fully authorized to close account by given a prior notice of at least 20 days wherein reasons for closure of his account should also be mentioned. Enhanced Due Diligence will always be required whenever there is an enhance risk involved or an indication of abnormal activity in accounts.
The company prepares a profile for each new customer based on risk categorization. The AHSAM Securities has devised a composite KYC Form as prescribe by PSX for recording and maintaining the profile of each new customer. Revised form is separate for Individuals, Joint Customers, Corporate and other legal entities or special accounts e.g., account in the name of brand names, domain names, etc. The nature and extent of due diligence shall depend on the risk perceived by the company. The company ensures continue to follow strictly the instructions issued by the PSX regarding secrecy of customer information. The company bear in mind that the adoption of customer acceptance policy and its implementation does not become too restrictive and should not result in denial of broker services to general public, especially to those, who are financially or socially disadvantaged.
Customer Identification Procedure (CIP)
Customer identification means identifying the person and verifying his/her identity by using reliable, independent source documents, data or information. The company obtains sufficient information necessary to establish, to their satisfaction, the identity of each new customer, whether regular or occasional, and the purpose of the intended nature of broker relationship.
Being satisfied means that the company is able to satisfy the competent authorities that due diligence was observed based on the risk profile of the customer in compliance of the extant guidelines in place. Besides risk perception, the nature of information/documents required would also depend on the type of customer (individual, corporate, etc). For customers that are natural persons, the company shall obtain sufficient identification data to verify the identity of the customer, his address/location, and also his recent photograph
Risk Management of customers
The company’s KYC policies and procedures cover management oversight, systems and controls, segregation of duties, training and other related matters. The Manager shall authorize the opening of all new accounts. The company prepares risk profiles of all their existing and new customers and applies Anti Money Laundering measures keeping in view the risks involved in a transaction, account or banking/business relationship.
For Risk Management of the customers that are legal persons or entities, the company shall
- Verify the legal status of the legal person/entity through proper and relevant documents.
- Verify that any person purporting to act on behalf of the legal person/entity is so authorized and identify and verify the identity of that person
- Understand the ownership and control structure of the customer and determine who are the natural persons who ultimately control the legal person
If the company decides to accept such accounts in terms of the customer acceptance policy, the company shall take reasonable measures to identify the beneficial owner(s) and verify his/her/their identity in a manner so that it is satisfied that it knows who is/are the beneficial owner(s).
Customer Identification Procedure
Features to be verified and documents that might be obtained from customers
Features | Documents |
ACCOUNTS OF INDIVIDUALS
· Legal name and any other names used
· Correct permanent address
|
· Passport
· Driving license · Identity card · Letter from a recognized public authority or public servant verifying the identity and residence of the customer to the satisfaction of company · Telephone bill · Bank account statement · Letter from the employer, (subject to the satisfaction of the company verification · Any other document (Declarations or Undertaking) |
ACCOUNTS OF COMPANIES
· Name of the company · Principal place of business · Mailing address of the company · Telephone/Fax Number |
Certificate of incorporation and
Memorandum & Articles of Association
1. Resolution of the Board of Directors to open an account and identification of those who have authority to operate the account 2. Power of Attorney granted to its managers, officers or employees to transact business on its behalf 3. Copy of PAN allotment letter 4. Copy of the telephone bill |
ACCOUNTS OF TRUSTS & FOUNDATIONS
· Names of trustees, settlers, beneficiaries and signatories · Names and addresses of the founder, the managers/directors and the beneficiaries · Telephone/fax numbers |
Certificate of registration, if registered
· Power of Attorney granted to transact business on its behalf · Any officially valid document to identify the trustees, settlers, beneficiaries and those holding Power of Attorney, founders/managers/ directors and their addresses. · Resolution of the managing body of the Foundation/association. · Telephone bill |
Compliance Function
The company’s internal audit and compliance functions have an important role in evaluating and ensuring adherence to the KYC policies and procedures. The compliance function shall provide an independent evaluation of the Company’s own policies and procedures, including legal and regulatory requirements. The company shall ensure that the audit machinery of the company is staffed adequately with individuals who are well versed in such policies and procedures. Concurrent/Internal Auditors shall specifically check and verify the application of KYC procedures at the office and comment on the lapses observed in this regard. The compliance in this regard shall be put up before the audit Committee of the Board on quarterly intervals.
Accounts of Politically Exposed Persons (PEPs)
Accounts of Politically Exposed Persons (PEPs) resident outside Pakistan Politically exposed persons are individuals who are or have been entrusted with prominent public functions in a foreign country, e.g., Heads of States or of Governments, senior politicians, senior government/judicial/military officers, senior executives of state-owned corporations, important political party officials, etc. Company gathers sufficient information on any person/customer of this category intending to establish a relationship and check all the information available on the person in the public domain. Company verifies the identity of the person and seeks information about the sources of funds before accepting the PEP as a customer. The company seeks prior approval of their Board of Directors before opening an account in the name of PEP.
Data Retention
All data relating to KYC/CDD guidelines & procedures have to be maintained for a minimum of five years, including identity of the customer(s), account files and correspondence exchanged with the customer(s). For this purpose Ahsam Securities (Pvt) Limited will save all the copies in hard and soft format from for a period of five years
Training and Employee Screening
Training encompassing applicable money laundering laws and recent trends in money laundering activity as well as the company’s policies and procedures to combat money laundering shall be provided to all the staff members of the company periodically in phases. The compliance department, management of the company shall determine the frequency of training and identify personnel to be trained.
The surveillance department shall be empowered to prescribe threshold limits for a particular group of accounts and the company shall pay particular attention to the transactions which exceed these limits. The threshold limits shall be reviewed annually and changes.
Ahsam Securities (Pvt) Limited has developed an on-going employee training program to ensure that the employees understand their duties and are able to perform the same on a satisfactory level by introducing fortnightly meeting of the new requirements of KYC & Due Diligence.
We have developed and implemented appropriate screening procedures to ensure high standards while hiring staff. However, the screening process must be an on-going exercise and must be applied consistently to ensure that employees, particularly those working at sensitive positions, meet and maintain high standards of integrity and professionalism. We must provide any information concerning clients and their transactions to the exchanges, Financial Monitoring Unit or the Commission as and when required.