Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Effective from 2019-11-17 - Nov 16 2019 To view other versions open the versions tab on the right
The principles in this Guide have been developed in accordance with the regulatory requirements provided for in the Anti-Money Laundering Law, the Law on Combating Terrorism Crimes and Financing, and their Implementing Regulations, which aim to establish effective requirements, guidelines, and procedures to prevent the use of Saudi Arabia’s financial system for purposes of ML/TF. These principles fall under the following headings:
Based on the above requirements, a financial institution shall prepare and adopt a risk-based approach commensurate with the nature and size of its business. Such approach shall be prepared according to the following steps:
•
First Step: Identifying the inherent risks of business and business relationships as well as any other risks.
•
Second Step: Determining the financial institution’s risk appetite.
•
Third Step: Developing preventive measures to mitigate risks based on the results of risk assessment.
•
Fourth Step: Reviewing residual risks after developing the preventive measures.
•
Fifth Step: Implementing the preventive measures to mitigate risks.
•
Sixth Step: Reviewing and updating the risk-based approach.
Risks to which a financial institution is exposed are variable and changing over time as new products, business practices, or means of providing services, products, or transactions are developed. Therefore, the risk-based approach shall be regularly reassessed and updated when the risk factors associated with the financial institution change. The financial institution shall ensure that the risk-based approach is updated once every two years at a minimum or when risk factors change.
