Article 14
| No: 14525 | Date(g): 8/11/2017 | Date(h): 19/2/1439 | Status: In-Force |
| 1- | FIs and DNFBPs shall: | |||
| A- | Have in place and effectively implement internal policies, procedures and controls against money laundering aimed at managing and mitigating any risks identified as clarified in Article 5. The policies, procedures and controls shall be proportionate to the nature and size of the FI and DNFBP’s business and shall be approved by senior management. FI and DNFBP shall review and enhance them as needed. | |||
| B- | Apply its internal policies, procedures and controls said in (A) of this Article, to all of its branches and majority-owned subsidiaries. | |||
| 2- | The Implementing Regulation shall specify the matters that must be addressed in the internal policies, procedures and controls under (1/A) in this Article for Anti-Money Laundering. | |||
14/1
The policies, procedures and internal controls shall be proportionate to the nature and size of the financial institution or designated non-financial business and profession’s business and shall address the following:
| a. | Due diligence measures as required under this law and its Implementing Regulation, including risk management procedures for utilization of a business relationship prior to completion of the verification process; | |||
| b. | Transaction reporting procedures; | |||
| c. | Appropriate anti-money laundering compliance management arrangements, including appointment of an anti-money laundering compliance officer at the senior management level; | |||
| d. | Adequate screening procedures to ensure high standards when hiring employees; | |||
| e. | Ongoing employee training programs; and | |||
| f. | An independent audit function to test the effectiveness and adequacy of internal policies, controls and procedures. | |||
14/2
A financial group shall implement a group-wide program against money laundering, apply the internal policies, controls, procedures to all of its branches and majority-owned subsidiaries and ensure effective implementation thereof by all branches and majority-owned subsidiaries. In addition to the issues set out in subsection 14/1, a group level policy shall address also the sharing of information between all members of the group; the provision of customer, account and transaction information to group-level compliance, audit or anti-money laundering functions; and the safeguarding of confidentiality and use of the information exchanged.
14/3
Where the anti-money laundering requirements of a foreign country are less strict than those imposed under the Law and this Implementing Regulation, a financial institution or designated non-financial business and profession shall ensure that its branches and majority-owned subsidiaries operating in that foreign country apply measures consistent with the requirements under the Law and this Implementing Regulation. If the foreign country does not permit the proper implementation of such measures, the financial institution or designated non-financial business and profession shall inform the Saudi supervisory authority of this fact and take any additional measures necessary to appropriately manage and mitigate the money laundering risks associated with its operations abroad. The financial institution or designated non-financial business and profession shall comply with any instructions received from the supervisory authority in this regard.