Wolfsberg AML Principles

The following principles as important global guidance for sound business conduct in international private banking^[1]

Preamble

The following guidelines are understood to be appropriate for private banking relationships. Guidelines for other market segments may differ. It is recognized that the establishment of policies and procedures to adhere to these guidelines is the responsibility of management.

1. Client acceptance: general guidelines

1.1 General

Bank policy will be to prevent the use of its worldwide operations for criminal purposes. The bank will endeavor to accept only those clients whose source of wealth and funds can be reasonably established to be legitimate. The primary responsibility for this lies with the private banker who sponsors the client for acceptance. Mere fulfillment of internal review procedures does not relieve the private banker of this basic responsibility.

1.2 Identification

The bank will take reasonable measures to establish the identity of its clients and beneficial owners and will only accept clients when this process has been completed.

1.2.1 Client

-  Natural persons: identity will be established to the bank's satisfaction by reference to official identity papers or such other evidence as may be appropriate under the circumstances.

-  Corporations, partnerships, foundations: the bank will receive documentary evidence of the due organization and existence.

-  Trusts: the bank will receive appropriate evidence of formation and existence along with identity of the trustees.

-   Identification documents must be current at the time of opening.

1.2.2 Beneficial owner

Beneficial ownership must be established for all accounts. Due diligence must be done on all principal beneficial owners identified in accordance with the following principles:

-   Natural persons: when the account is in the name of an individual, the private banker must establish whether the client is acting on his/her own behalf. If doubt exists, the bank will establish the capacity in which and on whose behalf the accountholder is acting.

-   Legal entities: where the client is a company, such as a private investment company, the private banker will understand the structure of the company sufficiently to determine the provider of funds, principal owner(s) of the shares and those who have control over the funds, e.g. the directors and those with the power to give direction to the directors of the company. With regard to other shareholders the private banker will make a reasonable judgement as to the need for further due diligence. This principle applies regardless of whether the share capital is in registered or bearer form.

-   Trusts: where the client is a trustee, the private banker will understand the structure of the trust sufficiently to determine the provider of funds (e.g. settlor) those who have control over the funds (e.g. trustees) and any persons or entities who have the power to remove the trustees. The private banker will make a reasonable judgement as to the need for further due diligence.

-  Unincorporated associations: the above principles apply to unincorporated associations.

1.2.3 Accounts held in the name of money managers and similar intermediaries

The private banker will perform due diligence on the intermediary and establish that the intermediary has a due diligence process for its clients, or a regulatory obligation to conduct such due diligence, that is satisfactory to the bank.

1.2.4 Powers of attorney/Authorized signers

Where the holder of a power of attorney or another authorized signer is appointed by a client, it is generally sufficient to do due diligence on the client.

1.2.5 Practices for walk-in clients and electronic banking relationships

A bank will determine whether walk-in clients or relationships initiated through electronic channels require a higher degree of due diligence prior to account opening.

1.3 Due diligence

It is essential to collect and record information covering the following categories:

-  Purpose and reasons for opening the account.

-  Anticipated account activity.

- Source of wealth (description of the economic activity which has generated the net worth).

-  Estimated net worth.

- Source of funds (description of the origin and the means of transfer for monies that are accepted for the account opening).

-  References or other sources to corroborate reputation information where available.

Unless other measures reasonably suffice to do the due diligence on a client (e.g. favorable and reliable references), a client will be met prior to account opening.

1.4 Oversight responsibility

There will be a requirement that all new clients and new accounts be approved by at least one person other than the private banker.

2. Client acceptance: situations requiring additional diligence / attention

2.1 Numbered or alternate name accounts

Numbered or alternate name accounts will only be accepted if the bank has established the identity of the client and the beneficial owner.

2.2 High-risk countries

The bank will apply heightened scrutiny to clients and beneficial owners resident in and funds sourced from countries identified by credible sources as having inadequate anti-money-laundering standards or representing high-risk for crime and corruption.

2.3 Offshore jurisdictions

Risks associated with entities organized in offshore jurisdictions are covered by due diligence procedures laid out in these guidelines.

2.4 High-risk activities

Clients and beneficial owners whose source of wealth emanates from activities known to be susceptible to money laundering will be subject to heightened scrutiny.

2.5 Public officials

Individuals who have or have had positions of public trust such as government officials, senior executives of government corporations, politicians, important political party officials, etc. and their families and close associates require heightened scrutiny.

3. Updating client files

The private banker is responsible for updating the client file on a defined basis and/or when there are major changes. The private banker's supervisor or an independent control person will review relevant portions of client files on a regular basis to ensure consistency and completeness. The frequency of the reviews depends on the size, complexity and risk posed of the relationship.

4. Practices when identifying unusual or suspicious activities

4.1 Definition of unusual or suspicious activities

The bank will have a written policy on the identification of and follow-up on unusual or suspicious activities. This policy will include a definition of what is considered to be suspicious or unusual and give examples thereof.

Unusual or suspicious activities may include:

-  Account transactions or other activities which are not consistent with the due diligence file

-   Cash transactions over a certain amount

-   Pass-through / in-and-out-transactions.

4.2 Identification of unusual or suspicious activities

Unusual or suspicious activities can be identified through:

-  Monitoring of transactions

-  Client contacts (meetings, discussions, in-country visits etc.)

-  Third party information (e.g. newspapers, Reuters, internet)

- Private banker's / internal knowledge of the client's environment (e.g. political situation in his/her country).

4.3 Follow-up on unusual or suspicious activities

The private banker, management and/or the control function will carry out an analysis of the background of any unusual or suspicious activity. If there is no plausible explanation a decision will be made involving the control function:

-  To continue the business relationship with increased monitoring

-  To cancel the business relationship

-  To report the business relationship to the authorities.

The report to the authorities is made by the control function and senior management may need to be notified (e.g. Senior Compliance Officer, CEO, Chief Auditor, General Counsel). As required by local laws and regulations the assets may be blocked and transactions may be subject to approval by the control function.

5. Monitoring

A sufficient monitoring program must be in place. The primary responsibility for monitoring account activities lies with the private banker. The private banker will be familiar with significant transactions and increased activity in the account and will be especially aware of unusual or suspicious activities (see 4.1). The bank will decide to what extent fulfillment of these responsibilities will need to be supported through the use of automated systems or other means.

6. Control responsibilities

A written control policy will be in place establishing standard control procedures to be undertaken by the various "control layers" (private banker, independent operations unit, Compliance, Internal Audit). The control policy will cover issues of timing, degree of control, areas to be controlled, responsibilities and follow-up, etc.

7. Reporting

There will be regular management reporting established on money laundering issues (e.g. number of reports to authorities, monitoring tools, changes in applicable laws and regulations, the number and scope of training sessions provided to employees).

8. Education, training and information

The bank will establish a training program on the identification and prevention of money laundering for employees who have client contact and for Compliance personnel. Regular training (e.g. annually) will also include how to identify and follow-up on unusual or suspicious activities. In addition, employees will be informed about any major changes in anti-money- laundering laws and regulations.

All new employees will be provided with guidelines on the anti-money-laundering procedures.

9. Record retention requirements

The bank will establish record retention requirements for all anti-money-laundering related documents. The documents must be kept for a minimum of five years.

10. Exceptions and deviations

The bank will establish an exception and deviation procedure that requires risk assessment and approval by an independent unit.

11. Anti-money-laundering organization

The bank will establish an adequately staffed and independent department responsible for the prevention of money laundering (e.g. Compliance, independent control unit, Legal).

Notes and References:

The banks collaborated with a team from Transparency International² who invited two international experts to participate, Stanley Morris³ and Prof. Mark Pieth⁴. Transparency International and the experts regard the principles as an important step in the fight against money laundering, corruption and other related serious crimes.

⁽¹⁾ Wolfsberg is the location in Switzerland where an important working session to formulate the guidelines was held.

⁽²⁾ Transparency International (TI) is a Berlin based non-governmental organization, dedicated to increasing government accountability and curbing both international and national corruption. TI is active in more than 70 countries. TI was represented by its founder and chairman of the Board, Peter Eigen and the chairman of their US chapter, Fritz Heimann.

⁽³⁾ Stanley E. Morris is an international Consultant on Anti Money Laundering issues. He was head of FinCEN and a member of the Financial Action Task Force on Money Laundering (FATF).

⁽⁴⁾ Prof. Mark Pieth is a law professor in Basel, Switzerland. He is Chairman of the OECD Working Group on Bribery and Corruption and a former member of the Financial Action Task Force on Money Laundering (FATF).