|
|
Home
| Databases
| WorldLII
| Search
| Feedback
Cook Islands Sessional Legislation |
Contents
1 Title
2 Commencement
Part 1
Preliminary Matters
3 Purpose
4 Interpretation
5 Meaning of reporting institution
6 Meaning of financial transaction
7 Meaning of monitored transaction
8 Meaning of ultimate principal
9 Application of this Act to reporting institutions
10 Act binds the Crown
Part 2
Compliance and Risk Assessment
Subpart 1 - Internal Compliance Policies, Procedures and Controls
11 Application of this subpart
12 General requirement for internal compliance programme
13 Money Laundering Reporting Officer
14 Group policy
15 Testing and assessing compliance
16 New staff appointments
17 Training
Subpart 2 – Risk Assessment
18 Risk assessment of the reporting institution
19 Risk assessments by existing businesses
20 New technologies
21 Customer risk assessment
22 Exemption to requirements of this Part
Part 3
Customer Due Diligence and Record Keeping
23 Reliance on risk assessment when establishing level of risk
24 Basis for verification
Subpart 1 - Customer Due Diligence
25 Standard customer due diligence
26 Requirements for when due diligence cannot be undertaken
27 Simplified customer due diligence
28 Delay in verification of identity
29 Enhanced customer due diligence
30 Customer due diligence in suspicious circumstances
31 Politically exposed persons
32 Ongoing customer due diligence and monitoring
33 Existing customers
34 Reliance on third parties
Subpart 2 - Electronic funds transfers and correspondent banking due diligence requirements
35 Interpretation
36 Application of this subpart
Electronic funds transfers
37 Electronic funds transfers: due diligence requirements
38 Obligations of a reporting institution that is a beneficiary institution
39 Obligations of a reporting institution that is an intermediary institution
Correspondent banking due diligence
40 Correspondent banking due diligence
Subpart 3 - Record Keeping
41 Retaining information and records
42 Format and retrieval of information and records
43 Records of reports and enquiries
44 Information or records to be made available
Part 4
Financial Transactions Reporting
Obligation to report certain transactions
45 Obligation to report certain cash transactions
46 Obligation to report electronic funds transfers
Obligation to report suspicious activity
47 Duty to report suspicious activity
48 Suspicious activity by persons of interest
49 Supervisory body or auditor must report suspicious activity
50 Form and content of reports
51 Further monitoring and reporting
52 Additional information
53 Tipoff prohibited
Part 5
Miscellaneous Matters
Prohibitions and Offences
54 Prohibition on anonymous, fictitious and false accounts
55 Prohibition on dealing with shell banks
56 Concealing identity through nominee or trustee arrangements
57 Concealing scope and amount of financial transactions (structuring)
58 False or misleading information in connection with suspicious activity
Legal Status, Privilege, Protection and Liability
59 Primacy of this Act
60 Legal professional privilege
61 Protection for acts taken in compliance with this Act
62 Liability of directors or officers of legal person
63 Penalties for offences
Regulations and Practice Guidelines
64 Regulations
65 Practice guidelines
66 Status of practice guidelines
Transitional Provisions
67 Transitional arrangements
68 Repeal
69 Consequential amendments
Schedule 1
Amendments to Acts
An Act to help combat financial misconduct and the commission of serious offences by monitoring certain transactions.
(23 June 2017)
The Parliament of the Cook Islands enacts as follows—
This Act is the Financial Transactions Reporting Act 2017.
This Act comes into force on the day after the date on which it receives assent.
(1) This Act is concerned with transactions that relate to financial misconduct and other serious offences.
(2) The purpose of this Act is to assist in the prevention, detection, investigation, and prosecution of financial misconduct and other serious offences.
(3) The Act aims to achieve its purpose by requiring certain persons to do the following—
- (a) establish and maintain internal policies, procedures and controls to address their risks of financial misconduct; and
- (b) assess their risks relating to financial misconduct; and
- (c) ensure they undertake customer due diligence; and
- (d) keep records of customer due diligence information and transactions; and
- (e) report certain transactions and suspicious activity.
In this Act, unless the context otherwise requires—
account means a service that is provided by a reporting institution allowing a person to do 1 or more of the following—
(a) deposit currency:
(b) withdraw currency:
(c) pay cheques:
(d) collect cheques:
(e) store property with that institution:
(f) carry out financial transactions
activity means 1 or more acts or omissions undertaken by a person
by or under in relation to this Act means—
(a) by this Act or by an oversight Act:
(b) by regulations or other delegated legislation made under this Act or under an oversight Act:
(c) by any guideline or direction made under this Act or under an oversight Act:
(d) by an order of the Court made under this Act or under an oversight Act
cheque means a bearer negotiable instrument as defined in the Currency Declaration Act 2015-2016
competent authority means—
(a) the Public Expenditure and Review Committee and Audit:
(b) the Cook Islands Police:
(c) the FIU:
(d) the FSC:
(e) the Revenue Management Division of the Ministry of Finance and Economic Management
compliance programme means a reporting institution’s internal policies, procedures and controls that assist with the detection and prevention of financial misconduct and provide compliance with the requirements of this Act
compliance visit has the same meaning as in the Financial Intelligence Unit Act 2015
consolidated supervision, in relation to a financial services group, means supervision of the group by a regulatory body on the basis of the totality of its business, wherever conducted
Court means the High Court of the Cook Islands
Crown includes—
(a) every department, instrument, servant and agent of the Crown; and
(b) every body corporate or organisation that is wholly owned or controlled by the Crown
currency means—
(a) currency as defined in the Currency Declaration Act 2015-2016; and
(b) virtual currency
customer means a person with whom, or on behalf of whom, a reporting institution enters into a transaction and includes—
(a) each person in whose name an account is opened or maintained:
(b) each person in whose name a transaction is conducted:
(d) any person to whom an account or a transaction is assigned or transferred:
(e) any person on whose behalf the account or transaction is being conducted:
(f) any other person that may be prescribed
digital format has the same meaning as in the Digital Registers Act 2011
document means a record of information whether in digital format or hard copy format, and includes any—
(a) map:
(b) plan:
(c) graph drawing:
(d) photograph
deputy MLRO means a person appointed under section 13 to temporarily act on behalf of the MRLO in his or her absence or to assist the MLRO in undertaking their duties
electronic funds transfer means—
(a) a transaction carried out on behalf of a person (the originator) through a reporting institution by electronic means with a view to making an amount of money available to a beneficiary (who may also be the originator) at another reporting institution; and
(b) includes a transaction, or class of transactions prescribed for the purposes of the this Act; but
(c) excludes—
- (i) transfers and settlements between reporting institutions if both the originator and beneficiary are financial institutions acting on their own behalf; and
- (ii) credit and debit card transactions if the credit or debit card number accompanies the transaction; and
- (iii) any other transaction or class of transactions prescribed for the purposes of this Act
evidence of identity means evidence of identity obtained in accordance with the procedures in sections 25, 27 or 29
FIU means the Financial Intelligence Unit in accordance with section 6 of the Financial Intelligence Unit Act 2015
financial misconduct has the same meaning as in the Financial Intelligence Unit Act 2015
financial transaction has the meaning given in section 6
Financial Action Task Force or FATF means the international body of that name established by the G7 summit held in Paris in 1989
FSC means the Financial Supervisory Commission established under section 3 of the Financial Supervisory Commission Act 2003
group or financial services group means a group of 2 or more legal persons that consist of a parent company or other type of legal person which exercises control and coordinating functions over the rest of the group (including branches and subsidiaries) for the application of group policies and controls
hard copy format has the same meaning as in the Digital Registers Act 2011
Head means the Head of the FIU appointed under section 8 of the Financial Intelligence Unit Act 2015
isolated transaction means a transaction of the threshold amount or more (or its equivalent value in other currency, including foreign) that takes place outside an ongoing business relationship
lawyer means any barrister or solicitor or attorney
legal arrangement means —
(a) a trust:
(b) any other arrangement that has a similar legal effect (such as a fiducie, Treuhand or fideicomiso)
legal person means any entity not being a natural person or a legal arrangement, that can establish a customer relationship with a financial institution or otherwise own property and for the avoidance of doubt includes a foundation
licensed financial institution has the same meaning as in Financial Supervisory Commission Act 2003
List A means the list published by the FIU specifying jurisdictions which the FATF (or a FATF style regional body) has made a call on its members and other jurisdictions to apply countermeasures to protect the international financial system from the ongoing and substantial risks of money laundering and financing of terrorism emanating from the jurisdiction
List B means the list published by the FIU specifying jurisdictions with strategic money laundering and financing of terrorism deficiencies or those considered to pose a higher risk of money laundering and financing of terrorism
Minister means the Minister of Finance
Money laundering reporting officer or MLRO means the natural person appointed under section 13 to administer and maintain a reporting institutions compliance programme
monitored transaction has the meaning given in section 7
monitor means a person who has reporting obligations under this Act and includes—
(a) a reporting institution:
(b) the supervisory body of a reporting institution:
(c) the auditor of a reporting institution:
(d) the MLRO of a reporting institution
ongoing business relationship means a relationship between 2 or more parties in which—
(a) 1 party is a reporting institution; and
(b) the parties have an arrangement where the purpose of that arrangement is to facilitate the carrying on of business on a frequent, habitual, or regular basis
oversight Act
(a) means—
- (i) this Act;
- (ii) Mutual Assistance in Criminal Matters Act 2003;
- (iii) Proceed of Crimes Act 2003;
- (iv) Financial Intelligence Unit Act 2015;
- (v) Terrorism Suppression Act 2004;
- (vi) Currency Declaration Act 2015-2016; and
(b) includes any of the following made under an oversight act—
- (i) regulations:
- (ii) orders:
- (iii) delegated legislations:
- (iv) other legislative instruments
person means—
(a) a natural person:
(b) a legal person:
(c) a body of persons, whether corporate or unincorporated
person of interest means—
(a) a person who has been convicted of financial misconduct or a person whom a reporting institution has reasonable grounds to suspect has committed financial misconduct
physical presence means where a reporting institution has staff based in the Cook Islands who operate at a management level to be able to make meaningful decisions in respect of the functions and activities of the reporting institution
politically exposed person or PEP means a person, whether resident in the Cook Islands or elsewhere, who falls into 1 or more of the following categories—
(a) a natural person who is or, has in the previous 12 months been entrusted with, or is in a position which has, prominent public functions, including—
- (i) a head of state, head of government, minister, or deputy or assistant or associate minister:
- (ii) a senior government official who is the administrative head of a government or quasi government agency:
- (iii) a member of parliament:
- (iv) a senior politician:
- (v) an important political party official:
- (vi) a senior judicial official:
- (vii) a member of a court of auditors or the board of a central bank:
- (viii) an ambassador, chargé d’affaires or other high-ranking officer in a diplomatic service:
- (ix) a high ranking officer in an armed force:
- (x) a senior executive of a state-owned enterprise:
- (xi) an honorary consul:
(b) any of the following family members of a person mentioned in sub-paragraph (a)—
- (i) a spouse or partner considered by the law in which the person resides as equivalent to a spouse:
- (ii) a child, or spouse or partner of a child (including a feeding or fostered child):
- (iii) a sibling:
- (iv) a parent:
- (v) a grandchild:
(c) having regard to information that is public or readily available, any close associate of a person mentioned in sub-paragraph (a), who is a natural person and is one or more of following—
- (i) known to have joint beneficial ownership of a legal entity or legal arrangement, or any other close ongoing business relationships, with that person:
- (ii) who has sole beneficial ownership of a legal entity or legal arrangement known to have been set up for the benefit of that person:
- (iii) known to be beneficiary of a legal arrangement of which that person is a beneficial owner or beneficiary:
- (iv) known to be in a position to carry out substantial financial transactions on behalf of that person:
(d) in the case of a domestic politically exposed person means—
- (i) a person in (a) who is or has in the previous 12 months been entrusted with prominent public functions in the Cook Islands, and any family members or close associates of that person in (b) or (c), regardless of the location of those family members or close associates; and
- (ii) a member of senior management of an international entity or organisation regardless of their location and any family members or close associates of that person: and
(e) in the case of a foreign politically exposed person means a person in (a) who is or has in the previous 12 months been entrusted with prominent public functions in a foreign country and any family members or close associates of that person in (b) or (c), regardless of the location of those family members or close associates
prescribed means prescribed by regulations by or under this Act
property means—
(a) assets of every kind, whether corporeal or incorporeal, moveable or immoveable, tangible or intangible; and
(b) legal documents or instruments in any form, including digital format and hard copy format, evidencing title to, or interest in assets, including but not limited to—
- (i) bank securities:
- (ii) travellers cheques:
- (iii) bank cheques:
- (iv) money orders:
- (v) shares:
- (vi) securities:
- (vii) bonds:
- (viii) drafts; and
- (ix) letters of credit
published, in relation to anything to be published by the Head or the FIU by or under this Act means published and maintained on the public website of the FSC
recognised stock exchange means a stock exchange on the recognised stock exchange list published by the Head from time to time
reporting institution has the meaning given in section 5
senior management, in relation to a reporting institution means the directors, or key employees who are appointed to ensure that the reporting institution is effectively controlled on a day to day basis and who have responsibility for overseeing the reporting institution’s proper conduct
serious offence means—
(a) an offence against the law of the Cook Islands that is punishable by imprisonment for 12 months or more or the imposition of a fine of more than $5,000; and
(b) an offence against the law of another country that, had the acts or omissions constituting that offence occurred in the Cook Islands, they would have constituted an offence against the law of the Cook Islands of the sort referred to in paragraph (a)
service includes facility or arrangement
shell bank means a bank that—
(a) is incorporated or licensed in a country in which it has no physical presence; and
(b) is not affiliated with a financial services group that is subject to effective consolidated supervision
specified activity means an activity that is prescribed
specified entity means an entity or person listed under sections 5 and 6 of the Terrorism Suppression Act 2004
subsidiary means, in relation to a reporting institution, a legal person more than half of whose equity share capital is owned by the reporting institution
supervisory body means any institution or authority established in the Cook Islands to regulate or supervise any 1 or more reporting institutions
suspicious activity means any activity or information that—
(a) relates to 1 or more of the following—
- (i) an intended transaction:
- (ii) a transaction, whether or not complete:
- (iii) an ongoing business relationship; and
(b) is something that causes the monitor to—
- (i) know or suspect that financial misconduct or a serious offence is intended or has occurred; or
- (ii) have reasonable grounds to suspect that financial misconduct or a serious offence is intended or has occurred
suspicious activity report means a report made under sections 47, 48 or 49
threshold amount means $10,000 New Zealand dollars or equivalent value in foreign currency or other currency, or such other amount as may be prescribed
transaction means—
(a) a financial transaction, and includes an attempted financial transaction:
(b) a monitored transaction and includes an attempted monitored transaction
trust means a trust, whatever its governing law or registration status, that—
(a) has been settled; and
(b) the terms of which are reduced to writing by means of a trust deed, declaration of trust, or similar document
unusual activity means activity or information that—
(a) relates to 1 or more of the following—
- (i) a transaction:
- (ii) an ongoing business relationship; and
(b) has 1 or more of the following characteristics—
- (i) is a transaction that has no apparent economic or lawful purpose:
- (ii) is a transaction (or a number of transactions) that in relation to its stated purpose, is—
- (A) complex:
- (B) large:
- (C) of an unusual pattern; or
- (iii) is something that causes a monitor—
- (A) to doubt the identity of a person the reporting institution is obliged to identify under this Act:
- (B) to doubt the good faith of a person with whom the reporting institution is dealing in the course of an ongoing business relationship or a transaction
ultimate principal has the meaning given in section 8
virtual currency means a convertible currency that has no physical form and includes—
(a) crypto-currencies; and
(b) similar concepts where the concept is accepted by persons as 1 or more of the following—
- (i) a means of payment for goods or services:
- (ii) a unit of account:
- (iii) a store of value:
- (iv) a commodity
virtual currency business means a business that provides 1 or more of the following services in the case of a virtual currency—
(a) issuing:
(b) transmitting:
(c) transferring:
(d) providing safe custody:
(e) providing storage:
(f) administering:
(g) managing:
(h) lending:
(i) buying:
(j) selling:
(k) exchanging:
(l) trading in any other way
working day means any day other than Saturday, Sunday or a public holiday as provided in the Public Holidays Act 1999.
(1) Each of the following is a reporting institution—
- (a) a licensed financial institution:
- (b) a person who, in the course of carrying on business, enters into transactions with or on behalf of customers in respect of 1 or more specified activity:
- (c) any other person that may be prescribed.
(1) In any other case, a financial transaction is entered into by a reporting institution with or on behalf of a customer by way of 1 or more of the following—
- (a) deposit:
- (b) withdrawal:
- (c) exchange:
- (d) transfer:
- (e) payment or satisfaction of any obligation arising in law or in equity.
(2) A financial transaction may be in 1 or more of the following forms—
- (a) currency of any form:
- (b) cheque payment order or other financial instrument:
- (c) electronic or other non-physical means:
- (d) barter or other non-monetary exchange.
(1) A monitored transaction is a transaction carried out in the course of the business or profession of a reporting institution that enables a person either to carry out financial transactions or to avoid the carrying out of financial transactions and includes—
- (a) opening an account; and
- (b) actively maintaining an account; and
- (c) making available a safety deposit box or any other similar form of custody service or facility; and
- (d) entering into a trust, nominee or similar fiduciary relationship for the purposes of holding property; and
- (e) creating any form of company, incorporated society or other legal person; and
- (f) creating any form of trust; and
- (g) any other activity that may be prescribed.
(1) Ultimate principal means 1 or more natural persons who ultimately owns or effectively controls the customer or on whose behalf a transaction or activity is being conducted and includes—
- (a) in the case of a legal person, other than a company whose securities are listed on a recognised stock exchange, any natural person who ultimately owns or effectively controls (whether through direct or indirect ownership or control, including through bearer share holdings) 25% or more of the shares or voting rights in the legal person:
- (b) in the case of any legal person, any natural person who otherwise exercises effective control over the management of the legal person:
- (c) in the case of a legal arrangement or similar type of arrangement, the trustee, or any natural person who exercises effective control over the legal arrangement including through a chain of control or ownership.
This Act applies to a reporting institution only to the extent that—
(a) reporting institution’s ongoing business relationships and transactions that it has with or behalf of a customer that relate to a specified activity; or
(b) reporting institution is carrying out activities that may give rise to a risk of financial misconduct.
This Act binds the Crown.
Compliance and Risk Assessment
Subpart 1 - Internal Compliance Policies, Procedures and Controls
(1) This subpart does not apply to a natural person who, in the course of carrying on a specified activity, does not—
- (a) employ another person, except in a secretarial or other capacity unrelated to the specified activity carried on by that person; or
- (b) act in association with any other person.
(1) A reporting institution must establish, operate and maintain adequate internal procedures, policies and controls (known as a compliance programme), taking into consideration its risks related to financial misconduct and the size of its business, to assist with detecting and preventing financial misconduct.
(2) A reporting institution’s compliance programme must—
- (a) meet all the requirements of this Act; and
- (b) be communicated to its employees; and
- (c) be approved by senior management of the reporting institution.
(1) A reporting institution must appoint a natural person as a Money Laundering Reporting Officer (MLRO) to administer and maintain its compliance programme.
(2) The MLRO must—
- (a) be a member of senior management of the reporting institution or have appropriate work experience as may be prescribed; and
- (b) have a right of direct access to the directors or the managing board (as the case may be) of the reporting institution; and
- (c) have sufficient time and resources to properly discharge the responsibilities of the position, to be effective in the exercise of the MLRO functions.
(3) A reporting institution may appoint 1 or more deputy money laundering reporting officers to exercise the functions of the MLRO in the MLRO’s absence from work or to assist the MLRO in with their duties.
(4) Any person appointed under subsection (1) must be approved in writing by the Head.
(1) This section applies to a reporting institution in which the parent institution of a group is incorporated in the Cook Islands.
(2) A reporting institution must ensure that all the requirements of this Act extend to all of its branches and subsidiaries or measures are in place consistent with those requirements, to the extent permitted by the laws of the jurisdiction in which a branch or subsidiary operate.
(3) A reporting institution must inform the FIU when a branch or subsidiary is unable to meet any of the requirements of this Act or is unable to undertake any of the measures referred to in subsection (2) because it is prohibited by the laws of the jurisdiction in which it operates.
(1) A reporting institution must maintain appropriate procedures and adequate resources to, independently and periodically, test and assess the effectiveness of the reporting institution’s compliance programme and its’ compliance with the requirements of this Act.
(2) Despite subsection (1) a reporting institution is not required to undertake its procedures under subsection (1) in any 12 month period (or such other period prescribed) subsequent to the date of the first day of an onsite compliance visit undertaken by the FIU under section 21 of the FIU Act 2015.
A reporting institution must establish, maintain and operate appropriate procedures to enable the reporting institution to satisfy itself of the integrity of any new director, officer and any employee whose role involves overseeing or conducting duties related to obligations under this Act.
(1) A reporting institution must take all appropriate steps to ensure that its employees and officers are regularly and appropriately trained on—
- (a) the risks of financial misconduct as they apply in the circumstances of that reporting institution; and
- (b) the reporting institution’s compliance programme, including the requirements of this Act and in particular—
- (i) how to recognise suspicious activity; and
- (ii) how to report that suspicious activity.
- (c) new developments, methods and trends in financial misconduct.
(1) A reporting institution must carry out a business risk assessment as soon as reasonably practicable but no later than 3 months after the date on which the reporting institution commences business.
(2) A business risk assessment must have regard to all relevant risk factors including—
- (a) the nature, scale and complexity of the reporting institution’s activities:
- (b) the products and services provided by the reporting institution:
- (c) the persons to whom and the way in which those products and services are provided:
- (d) reliance on third parties for elements of the customer due diligence process; and
- (e) new technologies.
(3) The risk assessment must be—
- (a) regularly reviewed and kept up to date; and
- (b) documented in a way that demonstrates its basis.
(4) In this section and in section 19 a business risk assessment means an assessment that estimates the risk of financial misconduct on the part of the reporting institution’s business and customers.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) This section applies to a reporting institution that is carrying on business on the commencement of this Act.
(2) A reporting institution must carry out a business risk assessment in accordance with section 18 within 12 calendar months of the date this Act comes into force.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must identify and assess the risk of financial misconduct before—
- (a) implementing new—
- (i) products:
- (ii) business practices:
- (iii) delivery methods or systems:
- (b) using developing technologies for both new and pre-existing products and services.
(2) A reporting institution must take appropriate measures to manage and mitigate the risks identified.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must identify and assess a customer’s level of risk of financial misconduct (customer risk assessment)—
- (a) before or as soon as reasonably practicable after the establishment of an ongoing business relationship; or
- (b) before carrying out an isolated transaction for a customer who has not otherwise established an ongoing business relationship with the reporting institution; and
- (c) on a regular basis after a reporting institution establishes an ongoing business relationship to ensure the customer’s risk profile is up to date:
- (d) for existing customers, as soon as reasonably practicable but no longer than 12 months from the date of the commencement of this Act.
(2) A customer risk assessment must be documented in a way that demonstrates its basis.
(3) A customer risk assessment must have regard to all relevant risk factors, including—
- (a) the nature, scale, complexity and location of the customer and the customer’s activities; and
- (b) the manner in which the reporting institution deals with the customer.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) The Head, in agreement with the FSC, may exempt a reporting institution from the requirements of this Part where—
- (a) The reporting institution is not a licensed financial institution; and
- (b) The reporting institution has requested an exemption from a requirement under this Part; and
- (c) The reporting institution has documented the basis on which it cannot meet the requirement from which it seeks exemption; and
- (d) The Head is satisfied that the reporting institution has a low level of risk of financial misconduct.
(2) An exemption may only be granted for a maximum period of 3 years but may be renewed in accordance with subsection (1).
Customer Due Diligence and Record Keeping
When establishing the level of risk involved for the purposes of this Part, a reporting institution must rely on its risk assessments under Part 2 of this Act.
Verification of identity or information must be done on—
(a) the basis of documents, data, or information issued by a reliable and independent source; or
(b) any other basis applying to a specified situation, customer, product or service, ongoing business relationship or isolated transaction as may be prescribed.
Subpart 1 - Customer Due Diligence
(1) A reporting institution must establish, maintain and operate procedures to ensure it conducts customer due diligence before entering into an ongoing business relationship or an isolated transaction with or on behalf of a customer, on the following—
- (a) a customer; and
- (b) a person acting on behalf of a customer.
(2) The procedures referred to in subsection (1) must ensure that the reporting institution—
- (a) obtains identification information on the persons referred to in subsection (1); and
- (b) verifies that identification information using reliable independent source documents; and
- (c) obtains information on the nature and intended purpose of the ongoing business relationship or isolated transaction; and
- (d) where a customer is not a natural person, the reporting institution must—
- (i) identify and verify any ultimate principal of the customer; and
- (ii) verify the legal status of the customer, using relevant information obtained from a reliable independent source, and
- (iii) obtain sufficient information to understand the nature of the customer’s business and its ownership and control structure; and
- (iv) obtain information concerning the person(s) by whom, and the method by which, binding obligations may be imposed on the customer; and
- (e) where a person is acting on behalf of a customer, the reporting institution must verify the authorisation of that person to act on behalf of the customer; and
- (f) takes reasonable measures to establish source of funds; and
- (g) takes reasonable measures to determine whether a person referred to in subsection (1) is a specified entity.
(3) The types, kinds or categories of identity information to be obtained or verified under subsection (2) and any additional due diligence requirements may be prescribed.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) The procedures of the reporting institution must operate on the basis that if customer due diligence cannot be undertaken in accordance with this subpart and unless otherwise directed by a competent authority, the reporting institution must,—
- (a) terminate the ongoing business relationship or isolated transaction; and
- (b) consider whether to submit a suspicious activity report under section 47.
(2) Despite subsection (1) if the reporting institution reasonably believes that undertaking customer due diligence in accordance with this subpart or terminating the ongoing business relationship or isolated transaction may tip off that customer it must, within 24 hours submit a suspicious activity report in accordance with section 47.
(1) Subject to the requirements of this section a reporting institution may establish and operate procedures to conduct simplified customer due diligence on—
- (a) a customer, or
- (b) a person acting on behalf of a customer.
(2) The procedures referred to in subsection (1) must ensure that the reporting institution—
- (a) cannot undertaken simplified customer due diligence if—
- (i) 1 or more of the circumstances referred to in section 29 are present; or
- (ii) the customer is a legal arrangement or similar arrangement for holding personal assets; or
- (iii) the customer is a company with nominee shareholders or has shares in bearer form; or
- (iv) in any other circumstances that may be prescribed; and
- (b) is satisfied that the level of risk associated with the person or persons referred to in subsection (1) is low; and
- (c) obtains information on the nature and intended purpose of the ongoing business relationship or isolated transaction.
(3) The assessment of the low level of risk referred to in subsection (2) must—
- (a) be supported by an adequate analysis of the risks by the reporting institution; and
- (b) document the details of its risk assessment.
(4) A reporting institution may undertake simplified customer due diligence on a legal person whose securities are listed on a recognised stock exchange or any other person that may be prescribed.
(5) The types, kinds or categories of identity information to be obtained under subsection (1) may be prescribed.
(6) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) This section applies to an ongoing business relationship.
(2) Despite section 25, if a reporting institution considers it is essential in the circumstances to enter into a transaction so that the normal course of business is not interrupted, verification of identity may be completed after the ongoing business relationship has been established if —
- (a) the risks of financial misconduct are effectively managed through procedures of transaction limitations and account monitoring; and
- (b) the reporting institution has not identified any suspicious activity; and
- (c) a member of senior management of the reporting institution approves—
- (i) that delay in verifying the identity; and
- (ii) any subsequent activity until section 25 has been complied with; and
- (d) verification of identity is completed as soon as is possible once the business relationship has been established.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must establish, maintain and operate procedures to ensure enhanced customer due diligence is conducted in 1 or more of the following circumstances—
- (a) if the ongoing business relationship or isolated transaction is with a customer, or person acting on behalf of a customer—
- (i) from or in a jurisdiction on List A; or
- (ii) from or in a jurisdiction that is known to have inadequate systems in place to prevent or deter financial misconduct as determined by the reporting institution itself or on List B as notified generally by the Head; or
- (iii) who has been identified by the reporting institution as a person of interest:
- (b) if a customer seeks to conduct 1 or more transactions that the reporting institution identifies as unusual activity:
- (c) if the ongoing business relationship or isolated transaction involves a foreign PEP, or a domestic PEP, who has been identified as posing a higher risk of financial misconduct:
- (d) if the reporting institution considers that the level of risk involved is such that enhanced due diligence should be applied:
- (e) in any other circumstances that may be prescribed.
(2) Unless section 26 applies, if a reporting institution suspects that either an ongoing business relationship or a transaction is in any way connected with financial misconduct or a serious offence, it must—
- (a) examine, as far as reasonably practical, the background and purpose of the ongoing business relationship or transaction; and
- (b) consider whether to make a suspicious activity report under section 47.
(3) The types, kinds or categories of information to be obtained or verified under subsection (1) may be prescribed.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
Unless section 26(2) applies and despite any exemption or threshold for transactions provided under this Act, if a reporting institution has reasonable grounds to suspect a prospective customer or a proposed isolated transaction is connected with financial misconduct or a serious offence it must—
(a) undertake customer due diligence in accordance with section 25 and section 29; and
(b) submit a suspicious activity report under section 47.
(1) A reporting institution must maintain procedures and controls to determine whether any of the following is a PEP—
- (a) a customer:
- (b) a natural person who has power to direct the activities of a customer:
- (c) where a life insurance policy is to be paid out, the beneficiary of a life insurance policy (or an ultimate principal of a beneficiary).
(2) A reporting institution must maintain procedures and controls that require one or more members of senior management to approve any of the following—
- (a) establishing an ongoing business relationship with any foreign PEP or, a domestic PEP who has been identified as posing a higher risk of financial misconduct:
- (b) undertaking an isolated transaction with any foreign PEP or, a domestic PEP who has been identified as posing a higher risk of financial misconduct:
- (c) continuing an ongoing business relationship with any foreign PEP, or a domestic PEP who has been identified as posing a higher risk of financial misconduct.
(3) If a reporting institution determines a person referred to in subsection (1) is a foreign PEP or, a domestic PEP who has been identified as posing a higher risk of financial misconduct, the reporting institution must—
- (a) take reasonable measures to establish the source of wealth and the source of funds of that PEP; and
- (b) conduct enhanced ongoing monitoring where there is an ongoing business relationship with that PEP; and
- (c) where a life insurance policy is to be paid out—
- (i) inform senior management before the pay-out of the policy proceeds; and
- (ii) conduct enhanced scrutiny on the whole ongoing business relationship with the policyholder; and
- (iii) consider whether to make a suspicious activity report under section 47.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) This section applies to an ongoing business relationship.
(2) A reporting institution must carry out ongoing and effective monitoring, as may be prescribed, of any ongoing business relationship, including—
- (a) review of information held for the purpose of customer due diligence to ensure that it is up to date and appropriate; and
- (b) appropriate scrutiny of transactions and other activities, paying special attention to suspicious and unusual activity; and
- (c) appropriate scrutiny of transactions to ensure that they are consistent with the reporting institution’s knowledge of the customer, its business and level of risk, and where appropriate the source of funds.
(3) The reporting institution must make sure the extent and frequency of any monitoring under this section appropriately reflects—
- (a) the type of customer due diligence conducted when the ongoing business relationship with the customer was established; and
- (b) the customers level of risk, having particular regard to whether a customer poses a higher risk of financial misconduct.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
A reporting institution must undertake the procedures as required in sections 25 as well as section 29 where appropriate, in relation to its existing customers, based on its own assessment of materiality and risk, taking into account—
(a) any previous due diligence undertaken; and
(b) when that due diligence was last undertaken for existing customers; and
(c) the adequacy of the information, documents or data obtained.
(1) For the purposes of this section third party means—
- (a) a licensed financial institution; or
- (b) a member of a financial services group of which the reporting institution is also a member; or
- (c) a foreign reporting institution which is subject to and supervised by a foreign authority for compliance with combating money laundering, financing of terrorism and proliferation of weapons of mass destruction requirements consistent with standards set by the FATF if the customer is also a customer of the foreign reporting institution; or
- (d) any other person prescribed.
(2) Subject to subsection (3) a reporting institution may rely on a third party to undertake customer due diligence procedures as required by sections 25, 27 and 29 if the following requirements are met—
- (a) the reporting institution is satisfied that the third party it intends to rely upon is subject to and supervised for compliance with combating money laundering, financing of terrorism and proliferation of weapons of mass destruction consistent with the standards set by the FATF and has adequate measures in place to comply with those requirements; and
- (b) the reporting institution takes appropriate steps to identify, assess and understand the financial misconduct risks particular to the jurisdictions that the third party operates in; and
- (c) the third party is able and willing to provide, without delay, upon the reporting institution’s request any data, documents or information obtained by the third party with respect to the measures applied on the reporting institution’s customer, which the reporting institution would be required or would want to obtain.
(3) If a reporting institution relies on a third party to undertake customer due diligence procedures as required by this Act, it must—-
- (a) document the basis for its satisfaction that the requirements in subsection (2) have been met except where the third party is a licensed financial institution; and
- (b) obtain the necessary information required for the relevant level of customer due diligence before it enters into the ongoing business relationship or isolated transaction; and
- (c) ensure that copies of necessary information obtained in relation to the customer or transaction or both will be made available to it from the third party upon request without delay.
(4) Despite anything in subsections (1) to (3), the reporting institution relying on the third party to conduct the customer due diligence, and not the third party, is responsible for ensuring that customer due diligence is carried out in compliance with the requirements of this Act.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
Subpart 2 - Electronic funds transfers and correspondent banking due diligence requirements
For the purposes of this subpart, unless the context otherwise requires—
beneficiary means the person (natural or legal) who or legal arrangement which is identified by the originator as the receiver of the electronic funds transfer, funds
beneficiary institution means the reporting institution that receives the electronic funds transfer from the ordering institution, directly or through an intermediary institution, and makes the funds available to the beneficiary
correspondent services means banking, money or value transfer services and other similar relationships provided by a financial institution in one jurisdiction (the correspondent institution) to a financial institution in another jurisdiction (the respondent institution)
cover payment means an electronic funds transfer that combines a payment message sent directly by the ordering institution to the beneficiary institution with the routing of the funding instruction from the ordering institution to the beneficiary institution through one or more intermediary institutions
cross-border electronic funds transfer means an electronic funds transfer where the ordering institution and the beneficiary institution are located in different jurisdictions and also refers to any chain of electronic funds transfer in which at least one of the financial institutions involved is located in a different jurisdiction
domestic electronic funds transfer means an electronic funds transfer where the ordering institution, the intermediary institution and the beneficiary institution are all in the Cook Islands
intermediary institution means the reporting institution in a serial payment or cover payment chain that receives and transmits an electronic funds transfer on behalf of the ordering institution and the beneficiary institution, or another intermediary institution
ordering institution means the reporting institution that initiates the electronic funds transfer and transfers the funds upon receiving the request for an electronic funds transfer on behalf of the originator
originator means the account holder who allows the wire transfer from that account, or where there is no account the person (natural or legal) or legal arrangement that places the electronic funds transfer order with the reporting institution, that is the ordering institution to perform the electronic funds transfer
payable-through account means an account maintained by a correspondent institution that may be operated directly by a customer of the respondent institution
serial payment means a direct sequential chain of payment where the electronic funds transfer and accompanying payment message travel together from the ordering institution to the beneficiary institution, directly or through one or more intermediary institutions
straight-through processing means payment transactions that are conducted electronically without the need for manual intervention
EFT threshold amount means $1500 New Zealand dollars or the equivalent value in foreign currency or such other amount as may be prescribed
unique transaction reference means a combination of letters, numbers or symbols determined by the payment service provider in accordance with the protocols of the payment and settlement system or messaging system used for the electronic funds transfer and which permits traceability of the electronic funds transfer.
This subpart applies to a reporting institution that undertakes banking business, or money or value transfer services, or other similar arrangements.
(1) Before conducting an electronic funds transfer greater than the EFT threshold amount, every reporting institution that is an ordering institution must identify the originator and verify that identity if the reporting institution has not already done so in accordance with this Act.
(2) If a cross-border electronic funds transfer is for an amount equal to or less than the EFT threshold amount, a reporting institution that is an ordering institution must ensure it is accompanied with the following information—
- (a) the name of originator; and
- (b) the originator’s account number or unique transaction reference number if no account exists; and
- (c) the name of the beneficiary; and
- (d) the beneficiary’s account number or unique or unique transaction reference number if no account exists.
(3) If a cross-border electronic funds transfer is for an amount greater than the EFT threshold amount, a reporting institution that is an ordering institution must ensure it is accompanied with information referred to in subsection (2) in addition to any of the following information—
- (a) the originator’s address:
- (b) the originator’s national identification number:
- (c) the originator’s date and place of birth, or incorporation, or registration.
(4) If several individual electronic funds transfer from a single originator are bundled in a batch for transmission to beneficiaries, a reporting institution must ensure that the batched transfer contains—
- (a) the originator information as set out in subsections (2) and (3); and
- (b) the beneficiary information as set out in subsection (2) which are fully traceable within the beneficiary jurisdiction.
(5) However if an electronic funds transfer is a domestic electronic funds transfer a reporting institution that is an ordering institution may include only the originator’s account number or unique transaction reference if—
- (a) that information will permit the transaction to be traced back to the originator and beneficiary; and
- (b) the reporting institution must provide the originator information as set out in subsections (2) and (3) within 3 working days of a request being made by the beneficiary institution, or a competent authority:
- (c) the reporting institution must provide the originator information as set out in subsections (2) and (3) immediately upon request of a competent authority for law enforcement purposes.
(6) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must, in relation to all cross-border electronic funds transfers—
- (a) take reasonable measures, including post-event monitoring or real time monitoring where feasible, to identify electronic funds transfers that lack originator or beneficiary information as required by this subpart; and
- (b) for any electronic funds transfer over the EFT threshold amount, identify the beneficiary and verify that identity if the reporting institution has not already done so in accordance with section this Act.
(2) A beneficiary institution must implement appropriate internal risk based policies, procedures and controls for determining—
- (a) when to execute, reject or suspend an electronic funds transfer lacking required originator or beneficiary information; and
- (b) the appropriate follow-up action.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution that is an intermediary institution shall retain all the required originator and beneficiary information accompanying the electronic funds transfer.
(2) If technical limitations prevent the required originator and beneficiary information accompanying a cross-border electronic funds transfer from remaining with a related domestic electronic funds transfer, a record must be kept, for at least 6 years, by the receiving intermediary institution of all the information received from the ordering institution or another intermediary institution.
(3) An intermediary institution must take reasonable measures, which are consistent with straight-through processing, to identity cross-border electronic funds transfers that lack the required originator or beneficiary information.
(4) An intermediary institution must implement appropriate internal risk based policies, procedures and controls for determining—
- (a) when to execute, reject, or suspend an electronic funds transfer lacking the required originator or beneficiary information; and
- (b) the appropriate follow-up action.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
Correspondent banking due diligence
(1) Before entering into an ongoing business relationship or isolated transaction that involves correspondent services a reporting institution must—
- (a) assess the suitability of the respondent institution by taking the following steps—
- (i) obtaining sufficient information about the respondent institution to understand fully the nature of its business; and
- (ii) determine from publicly available information—
- (A) the reputation of the respondent institution; and
- (B) the quality of the supervision to which it is subject; and
- (C) whether it has been subject to investigation or regulatory action in respect of financial misconduct:
- (iii) assess the respondent institution’s financial misconduct controls and ascertain whether they are adequate and effective:
- (b) ensure that a member of senior management approves establishing the correspondent services relationship; and
- (c) clearly understand and document the respective responsibilities of each institution.
(2) If the correspondent services involve a payable-through account, the reporting institution must be satisfied that the respondent institution—
- (a) has taken measures that comply with the relevant customer due diligence requirements of this Act with respect to every customer having direct access to the account:
- (b) will provide the reporting institution with the relevant evidence of identity upon request.
(3) Subsection (4) does not apply if—
- (a) the respondent institution’s customer is a reporting institution and is subject to prudential supervision by the FIU or the FSC; or
- (b) the account is established as part of an existing ongoing business relationship with a person who has already produced to the reporting institution evidence of identity that complies with this subpart, and the financial transaction has no identifiable suspicious or unusual activity.
(4) A reporting institution must take appropriate measure to satisfy itself that its respondent institutions do not permit their accounts to be used by shell banks.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must retain—
- (a) a copy of evidence of identity obtained or produced under sections 25, 27 and 29, or information that enable a copy of such to be obtained without significant delay (no longer than 5 working days):
- (b) a record of all isolated transactions and transactions carried out in the course of an ongoing business relationship, including identification information, account files, business correspondence records and the results of any analysis undertaken (including risk assessments); and
- (c) such other records as are sufficient to permit the reconstruction of individual transactions and compliance with this Act to a standard that allows a competent authority to investigate and prosecute financial misconduct.
(2) The information and records under subsection (1) must be retained for 6 years in each of the following cases—
- (a) the completion of an isolated transaction:
- (b) the end of an ongoing business relationship:
- (c) in the absence of any formal end to an ongoing business relationship, the completion of the last transaction in that relationship.
(3) However the reporting institution must retain all relevant information and records until otherwise notified in writing by the FIU if—
- (a) a suspicious activity report has been made; and
- (b) the reporting institution knows or believes that the matter is under investigation by a competent authority; or
- (c) the reporting institution becomes aware that a request for information or an enquiry is underway by a competent authority.
(4) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) In the case of information and records that are required to be retained under this subpart, the reporting institution must ensure records—
- (a) be kept in the English language, or so as to enable the records to be readily accessible and translated into the English language; and
- (b) be kept in hard copy format or (if a paper copy can be readily produced) digital format; and
- (c) be kept with appropriate security, back-up and recovery procedures.
(2) If the information and records are kept outside the Cook Islands (whether in hard copy format or digital format), the reporting institution must ensure that copies can be sent to, or retrieved in or from the Cook Islands in no longer than 3 working days.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must establish and maintain a register that contains, or allows the reconstruction of the following—
- (a) a copy of every report submitted to the FIU (and all related records) of suspicious activity; and
- (b) a copy of every other report submitted to the FIU (and all related records) made under this Act; and
- (c) a copy of every enquiry made to it by a competent authority that relate to financial misconduct.
(2) The register must include details of—
- (a) the date on which the report is made; and
- (b) the person who made the report; and
- (c) information sufficient to identify the relevant records; and
- (d) in the case of any enquiry made—
- (i) the name of the agency; and
- (ii) the powers being exercised; and
- (iii) details of accounts or transactions involved.
(3) A reporting institution must keep the reports referred to in subsection (1) for a period of 6 years after the date on which the report or the enquiry was made.
(4) The register must be kept separate from all other records.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must make available to the FIU, if the FIU requests in writing, any records and information that the reporting institution must keep, under this Act that relate to a report, an investigation, or a request on behalf of a counterpart agency.
(2) The records and information must be made available to the FIU within the time specified in that notice.
(3) The FIU must specify a time that is reasonable in the circumstances of the request that it makes.
(4) If a reporting institution fails without reasonable excuse to comply with this section, the reporting institution commits an offence and is liable to the penalties in section 63.
Financial Transactions Reporting
Obligation to report certain transactions
(1) A reporting institution must report to the FIU—
- (a) any transaction that—
- (i) is for an amount equivalent to, or in excess of the threshold amount; and
- (ii) is conducted wholly or substantially using cash.
- (b) The report may be sent by way of hard copy, fax, electronic mail or other means and must—
- (i) be in the form stipulated in the practice guidelines; and
- (ii) be signed or otherwise authenticated by the reporting institution; and
- (iii) be submitted to the FIU within 3 working days after the cash transaction has been undertaken.
(2) The FIU may, on the application of a reporting institution, exempt in writing the reporting of transactions referred to in subsection (1)(a) if the transactions are deposits or withdrawals by an established customer of a reporting institution using an account of the customer with the reporting institution.
(3) A reporting institution that breaches this section commits an offence and is liable to the penalties under section 63.
(1) This section applies to a reporting institution that undertakes banking business, or money or value transfer services, or other similar arrangements.
(2) A reporting institution must report to the FIU—
- (i) all electronic or similar funds transfers out of the Cook Islands; and
- (ii) all electronic or similar funds transfers into the Cook Islands; and
(3) The report must be submitted electronically unless otherwise permitted in writing by the Head and must—
- (i) be in the form stipulated in the practice guidelines; and
- (ii) be authenticated by the reporting institution; and
- (iii) be submitted to the FIU within 5 working days after the transactions have been undertaken.
(4) Subsections (2) and (3) do not apply if both the person sending the funds and the person receiving them is a reporting institution supervised by the FSC and FIU.
(5) A reporting institution that breaches this section commits an offence and is liable to the penalties under section 63.
(6) Nothing in this section affects any other reporting requirement under this Act.
Obligation to report suspicious activity
(1) A reporting institution must report to the FIU any activity that it has reasonable grounds to suspect is suspicious activity.
(2) Except where section 48 applies the reporting institution must report the suspicious activity to the FIU as soon as possible but not later than 2 working days after it forms, or should have formed, that suspicion.
(3) If a reporting institution fails without reasonable excuse to comply with subsection (1), the reporting institution commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must report to the FIU any activity it has reasonable grounds to suspect is suspicious activity relevant to a person that has been identified by the reporting institution as a person of interest.
(2) The reporting institution must report the suspicious activity to the FIU as soon as possible but not later than 24 hours after it forms that suspicion.
(3) If a reporting institution fails without reasonable excuse to comply with this section, the reporting institution commits an offence and is liable to penalties under section 63.
(1) This section applies to every supervisory body and auditor of a reporting institution.
(2) If a supervisor or auditor forms a view that any activity, not reported by a reporting institution, is suspicious activity, that supervisor or auditor must—
- (a) report that activity as suspicious activity to the FIU; and
- (b) the report to the FIU must be made as soon as possible (and not later than 2 working days) after forming that view.
(3) If a person fails without reasonable excuse to comply with subsection (2), the person commits an offence and is liable to penalties under section 63.
(1) An oral report of suspicious activity may be made to the FIU either in person or by telephone, but a written report must follow within 24 hours of any oral report.
(2) A written report may be submitted by hand, mail, or electronic means and it must be—
- (a) in the form stipulated in the practice guidelines; and
- (b) be signed or authenticated by a monitor.
(1) If a report of suspicious activity has been made to the FIU, the monitor must keep all subsequent activity of the relevant person(s) under enhanced scrutiny and prepare and provide further, separate, reports of that subsequent activity—
- (a) as required by or under this Act; and
- (b) in respect of activity (even if it does not appear suspicious), as required by the FIU.
(2) The obligations imposed by subsection (1) continue until such time as the FIU, acting reasonably, advises in writing that the obligation under this section ceases to apply to that relevant person(s).
(3) If a person fails without reasonable excuse to comply with subsection (1), the person commits an offence and is liable to penalties under section 63.
(1) Every person who has supplied information for the purposes of making a report under this Part must, upon request from the FIU, provide any further information to which they have access or control of and which is relevant to further investigation of the suspicious activity identified in the report.
(2) If the person fails without reasonable excuse to comply with subsection (1) the person commits an offence and is liable to penalties under section 63.
(1) This section applies to—
- (a) a monitor:
- (b) an employee or agent of a monitor:
- (c) a director, officer or principal of a monitor.
(2) A person who knows of or suspects a suspicious activity must not, apart from complying with the reporting obligations of this Act, disclose to any other person any of the following—
- (a) that knowledge or suspicion:
- (b) that a report under this Act has been, or may be made to the FIU:
- (c) that other information required under this Act has been, or may be given to the FIU:
- (d) the contents or likely contents of any report under this Act relating to that suspicious activity:
- (e) information that might identify any person who has—
- (i) handled that suspicious activity; or
- (ii) prepared any report regarding that suspicious activity; or
- (iii) provided any information to the FIU regarding that suspicious activity.
(3) A person must not intentionally say or do anything that, by word or conduct, might allow another person to infer any of the circumstances set out in subsection (2).
(4) Subsection (2) does not apply to a disclosure made to—
- (a) a person who has made, or is required to make, a report or provide information under this Act for any purpose connected with the performance of that person's duties:
- (b) a lawyer for the purpose of obtaining legal advice or representation in relation to the disclosure:
- (c) the supervisory body or auditor of the relevant reporting institution:
- (d) the FIU or any person assisting the FIU in the performance of its duties:
- (e) any police officer engaged in the investigation of financial misconduct or any serious offence.
(5) A person who receives information under the exceptions contained in subsection (4) must keep that information confidential. However that person may disclose it to another person of the kind referred to in that subsection provided both are acting properly and in good faith.
(6) Nothing in this section prevents a person disclosing information to a Court if—
- (a) the person discloses the information for the purposes of, or in the course of, any proceedings before the Court; and
- (b) the Court is satisfied that it is necessary in the interests of justice for that person to disclose the information.
(7) A reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must not—
- (a) open or operate an anonymous account; or
- (b) knowingly or recklessly open or operate an account in a fictitious or a false name.
(2) A person must not deal with a reporting institution in a way that allows a person to knowingly or recklessly open or operate an account in a fictitious or a false name.
(3) A person or reporting institution who breaches this section commits an offence and is liable to the penalties in section 63.
(1) A reporting institution must not establish, continue or conduct a business relationship or isolated transaction with a shell bank.
(2) For the avoidance of doubt if a reporting institution undertakes banking business—
- (a) section 46 of the Banking Act 2011 applies; and
- (b) if there is a conflict between the provisions of this section and section 46 of the Banking Act 2011, the provisions of section 46 of the Banking Act 2011 prevails.
(3) A reporting institution who breaches this section commits an offence and is liable to the penalties in section 63.
(1) A person dealing with a reporting institution in a trustee or nominee capacity must disclose their trustee or nominee status to the reporting institution before establishing an ongoing business relationship or isolated transaction with a reporting institution.
(2) A person must not deal with a reporting institution in a way that—
- (a) avoids the requirements of this Act to identify another person and verify that identity; or
- (b) allows a person to undertake a transaction without the identity of the ultimate principal(s) being disclosed where such is required to be disclosed; or
- (c) allows a person to undertake a transaction for the purpose of facilitating financial misconduct or a serious offence.
(3) If a reporting institution has reasonable grounds to suspect a person is acting in breach of subsection (1) the reporting institution must—
- (a) conduct enhanced due diligence in accordance with section 29; or
- (b) if the reporting institution reasonably believes that undertaking enhanced due diligence may tip off that person section 26 applies.
(4) A person or reporting institution that breaches this section commits an offence and is liable to the penalties in section 63.
(1) This section applies if a person conducts 2 or more financial transactions with 1 or more reporting institutions; and those financial transactions are entered into in a way that—
- (a) avoids the need to undertake customer due diligence procedures under this Act or make a report under sections 45 or 46 for any 1 or more of those transactions; or
- (b) results in reports being made to multiple reporting institutions in a way that conceals the scope and amount of those financial transactions.
(2) A person commits an offence and is liable to the penalties in section 63, if that person acts in the way set out in subsection (1) and if the sole or main intention of that person is to ensure either—
- (a) that there is no report made in relation to the financial transactions; or
- (b) reports are made in a way that conceals the scope and amount of those financial transactions.
A person commits an offence and is liable to the penalties in section 63, who in making a report under sections 47, 48 or 49 supplying information in connection with that report,—
(a) makes any statement that the person knows is false or misleading in a material particular; or
(b) omits from any statement any matter or thing without which the person knows that the statement is false or misleading in a material particular.
Legal Status, Privilege, Protection and Liability
(1) Every reporting institution, and every officer, employee and agent of that reporting institution, must comply with the requirements of this Act.
(2) Subsection (1) applies despite any other obligation as to secrecy or other restriction on the disclosure of information that may be imposed, whether by any other law or otherwise.
(3) Unless expressly stated in this Act, if there is a conflict between the provisions of this Act and any other Acts, this Act prevails.
(1) For the purposes of this section lawyer means a person admitted in a jurisdiction to provide legal advice or legal representation.
(2) Nothing in this Act requires any lawyer to disclose information which is subject to legal professional privilege.
(3) For the purposes of this Act, a communication is subject to legal professional privilege if—
- (a) it is a confidential communication, whether orally or in writing between—
- (i) a lawyer acting in a legal professional capacity on behalf of a client and another lawyer in that capacity; or
- (ii) a lawyer acting in a legal professional capacity and that lawyer’s client, whether made directly or indirectly through an agent; and
- (b) it is made for the purpose of obtaining or giving legal advice or assistance; and
- (c) it is not made for the purpose of committing or furthering the commission of financial misconduct or a serious offence.
(1) This section applies to—
- (a) a reporting institution:
- (b) the supervisory body of a reporting institution:
- (c) the auditor of a reporting institution:
- (d) each officer, employee and independent contractor of the auditor or the supervisory body acting in the course of that person's work:
- (e) each officer, employee and independent contractor of the reporting institution acting in the course of that person's work.
(2) A person is not permitted to take civil, criminal or disciplinary proceedings against any person in relation to an act or omission undertaken by that person in good faith to comply—
- (a) with obligations imposed by or under this Act:
- (b) with a direction given by the FIU.
(3) Subsection (2) applies even if the person against whom the proceedings are brought—
- (a) did not know what underlying illegal activity gave rise to suspicious activity:
- (b) regardless of whether illegal activity actually occurred.
(4) Subsections (2) and (3) do not apply in respect of proceedings for an offence against this Act.
(1) A director or officer concerned in the management of the legal person is guilty of an offence under this Act and liable to conviction if that legal person commits an offence and—
- (a) it is proved that the act or omission constituting the offence took place with that director’s or officer’s—
- (i) actual knowledge or reckless disregard; and
- (ii) with that person, by act or omission, giving 1 or more of the following—
- (A) authority:
- (B) permission:
- (C) consent.
(2) For the avoidance of doubt criminal proceedings may be taken against a reporting institution for an offence under this Act without the directors or officers concerned in the management of the reporting institution being charged with an offence.
Unless otherwise providing for in this Act or by regulation, a person who commits an offence under this Act or regulations is liable on conviction,—
(a) in the case of an individual, to a fine not exceeding $250,000 or to imprisonment for a term not exceeding 5 years, or both; or
(b) in any other case, to a fine not exceeding $1,000,000.
Regulations and Practice Guidelines
(1) The Queen's Representative may, by Order in Executive Council, make regulations to prescribe for the following purposes—
- (a) providing for persons or classes of persons that may be included as reporting institutions and the extent the requirements of this Act apply those persons or classes of persons:
- (b) providing for persons or classes of persons that may be excluded as reporting institutions for the purposes of this Act:
- (c) providing for activities or transactions that may be included or excluded for the purposes of this Act:
- (d) for certain reporting institutions providing the extent of their compliance with a requirement of this Act:
- (e) for certain reporting institutions providing exemption(s) from a requirement of this Act:
- (f) providing for additional requirements under Part 2 and 3 of this Act that must be complied with:
- (g) providing for specific requirements that must be met by certain reporting institutions:
- (h) providing matters for which fees are payable and any exemption from fees, in whole or in part:
- (i) providing for administrative penalties of a maximum of $1000 for breaches of compliance with the requirements of this Act:
- (j) providing for the matters stipulated in this Act as being prescribed:
- (k) providing for amendment to the provisions of this Act but only in respect of typographical or formatting errors:
- (l) providing for any other matters provided or contemplated by or under this Act necessary for giving it full effect.
(2) The power to make regulations under subsection (1) must be exercised only on the advice of the Minister given in accordance with a recommendation of the FSC.
(1) The FIU, in consultation with the FSC, may publish practice guidelines to—
- (a) provide guidance to reporting institutions, their officers, employees, and agents as to their obligations under this Act:
- (b) provide guidance on internal policies to prevent money laundering, the financing of terrorism and the financing of the proliferation of weapons of mass destruction:
- (c) in matters concerning compliance with this Act, to provide guidance as to best practice for internal procedures and controls that a reporting institution should establish, maintain and operate:
- (d) provide reporting institutions with lists detailing the jurisdictions—
- (i) which the FATF, FATF-style regional body, or the Cook Islands has made a call to apply countermeasures; or
- (ii) which the FATF, FATF-style regional body, or the Cook Islands considered to have strategic money laundering and financing of terrorism deficiencies or to pose a higher risk of money laundering and financing of terrorism:
- (e) provide guidance on best practice in recognising and handling transactions and attempted transactions that may give rise to a suspicious activity report:
- (f) publicise new developments, including information on current techniques, methods and trends in all types of financial misconduct:
- (g) to detail appropriate procedures and controls to prevent the misuse of technological developments for the purposes of any sort of financial misconduct:
- (h) provide for forms for matters required to be submitted to the FIU:
- (i) to address any other matters contemplated by this Act, necessary for its full administration, or necessary for giving it full effect.
(2) A reporting institution must ensure it has regular access to the FSC website and that it reviews the information published by the FIU on a regular basis.
(3) If a reporting institution does not have regular access to the FSC website it must notify the Head as soon as reasonably possible.
(1) Any terms, explanations or guidance provided in the practice guidelines is persuasive and may be taken into account by a Court where the Court sees fit.
(2) An act done in accordance with a practice guideline is valid and complies with this Act.
(3) If a person fails to follow a practice guideline issued under this section, that is not, of itself, a breach of this Act.
(4) A failure under section 66(3) may be taken into account by a Court, or the FIU, or the FSC, as the case may be, in deciding whether that person or the relevant reporting institution has breached any obligation imposed by or under this Act.
(1) A reporting institution that is subject to the Financial Transactions Reporting Act 2004 immediately before the commencement of this Act must, from the date of commencement of this Act, comply with obligations set out in this Act.
(2) All proceedings and other matters under the Financial Transactions Reporting Act 2004 that have not been determined or completed at the commencement of this Act are to be determined or completed as if this Act had not been passed.
The Financial Transactions Reporting Act 2004 is repealed.
(1) The Acts listed in the schedule are amended as set out in that schedule.
(2) The Financial Transactions Reporting (Forms) Regulations 2004 are revoked.
s 69(1)
Amendments to Acts
Banking Act 2011
Section 4 of the Banking Act 2011 is amended by omitting from the definition of customer “section 2 of the Financial Transactions Reporting Act 2004” and substituting “section 5 of the Financial Transactions Reporting Act 2017”.
Section 54(6)(e) of the Banking Act 2011 is amended by omitting “section 2 of the Financial Transactions Reporting Act 2004” and substituting “sections 14, 17, 18, 19 and 21 of the Financial Transactions Reporting Act 2017”.
Captive Insurance Act 2013
Section 48 of the Captive Insurance Act 2013 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
Financial Intelligence Unit Act 2015
Section 4 is amended by—
(a) omitting from the definition of oversight act “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”:
(b) omitting from the definition of reporting institution “section 2 of the Financial Transactions Reporting Act 2004” and substituting “section 5 of the Financial Transactions Reporting Act 2017”:
(c) omitting from the definition of transaction “section 2 of the Financial Transactions Reporting Act 2004” and substituting “section 5 of the Financial Transactions Reporting Act 2017”:
(d) omitting from the definition of transaction report paragraph (b) and substituting the following paragraph—
“(b) a suspicious activity report within the meaning of section 5 of the Financial Transactions Reporting Act 2017”.
Section 23(c) is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
Section 31 is amended by—
(e) omitting from the section heading “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”:
(f) omitting from subsection (1) “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
Financial Supervisory Commission Act 2003
Schedule 1 of the Financial Supervisory Commission Act 2003 is amended by omitting “Financial Transactions Reporting Act 2003” and substituting “Financial Transactions Reporting Act 2017”.
Foundations Act 2012
Section 87(1)(b)(iii) of the Foundations Act 2012 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
International Companies Act 1981-82
Section 249(2) of the International Companies Act 1981-82 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
International Partnership Act 1984
Section 72(1) of the International Partnership Act 1984 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
International Trusts Act 1984
The Schedule of the International Trusts Act 1984 is amended by omitting “Financial Transactions Reporting Act 2003” and substituting “Financial Transactions Reporting Act 2017”.
Limited Liability Companies Act 2008
Schedule 1 of the Limited Liability Companies Act 2008 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
Proceeds of Crimes Act 2003
Section 3(1) is amended by—
(a) omitting from the definition of account “section 2 of the Financial Transactions Reporting Act 2003” and substituting “section 5 of the Financial Transactions Reporting Act 2017”:
(b) omitting from the definition of reporting institution “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
Trustee Companies Act 2014
Section 7(1)(b) of the Trustee Companies Act 2014 is amended by omitting “Financial Transactions Reporting Act 2004” and substituting “Financial Transactions Reporting Act 2017”.
This Act is administered by the Financial Supervisory Commission.
Printed under the authority of the Cook Islands Parliament—2017
PacLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.paclii.org/ck/legis/num_act/ftra2017335
