Name
Global FinTech Guide
Country _ Name
Philippines
SectionTitle
KYC requirements
Body
The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

Republic Act No. 9160 or the Anti-Money Laundering Act of 2001 (AMLA), which took effect on 17 October 2001, is the primary anti-money laundering law in the Philippines. There were several laws which introduced amendments to the AMLA, the latest being Republic Act No. 11521 which took effect on 8 February 2021.

The 2018 Implementing Rules and Regulations of the AMLA (AMLA IRR) is the latest set of rules and regulations promulgated to provide the details of implementation of the AMLA, as well as to assist all covered persons, supervising authorities, law enforcement and other government agencies, and other stakeholders by prescribing the rules and regulations to combat money laundering, terrorism financing being a predicate offense to money laundering, and other associated unlawful activities.

National regulator or relevant authority for AML controls

The Anti-Money Laundering Council (AMLC) is the Philippines’ central AML authority and financial intelligence unit, which is the government instrumentality mandated to implement the AMLA. It is the primary policy-making body and lead agency with respect to the implementation of the AML controls in the Philippines and is also tasked to investigate and assist in the prosecution of money laundering offenses.

The AMLC is composed of the Governor of the Philippine Central Bank or the BSP as the Chairman, the Commissioner of the Insurance Commission (IC) and the Chairperson of the SEC as members.

Customer Due Diligence

Conduct of a typical KYC identification process

Under the AMLA IRR, customer identification process refers to the process of determining the identity of the of the customer vis-à-vis the valid and acceptable identification document submitted to, and/or presented before, the covered person. Covered persons must identify and record the true identity of their customers, whether permanent or occasional, and whether natural or juridical person, or legal arrangement, as a general requirement.

A typical KYC identification process involves (i) gathering of identification information (e.g. full name, date of birth, sex, citizenship, address, contact details and specimen signatures or biometric information, and (ii) presentation/submission by the customers of original and clear copy of at least one (1) identification document (ID), which refers to any evidence of identity specifically enumerated in the AMLA IRR (e.g. IDs issued by the Philippine government, including its political subdivisions, agencies and instrumentalities).

As a general requirement, covered persons must implement and maintain a system of verifying the true identity of their clients, including validating the truthfulness of the information and confirming the authenticity of the identification documents presented, submitted, and provided by the customer, using reliable and independent sources, documents, data, or information. Accordingly, covered persons are required to conduct face-to-face contact and/or personal interview at the commencement of customer relationship, as part of the customer verification process. Use of ICT in the conduct of face-to-face contact and/or personal interview is allowed.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

Yes, a covered person may rely on a third party in
conducting customer due diligence (CDD) as regards the following: (i) customer identification process; (ii) customer verification process; (iii) beneficial ownership verification; and (iv) determination of the purpose of the relationship, as well as record-keeping measures, provided that such third party is (a) a covered person, or (b) a financial institution or DNFBP operating outside the Philippines that is covered by equivalent CDD and record-keeping measures. When determining in which countries the third party that meets the conditions can be based, covered persons shall have regard to information available on the level of country risk.

Where the third party is a covered person (as defined under the AMLA), it is necessary that the said third party has conducted the prescribed customer identification procedures in accordance with the AMLA, AMLA IRR and other issuances, and its own money laundering and terrorist financing prevention program (MTPP), including the face-to-face contact requirement, to establish the existence of the ultimate customer and has in its custody all the minimum information and/or documents required to be obtained from the customer; and that the relying covered person must have the ability to obtain identification documents from the third party upon request without delay.

Notwithstanding the foregoing, the ultimate responsibility for CDD and record-keeping remains with the covered person relying on the third party.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

Yes, a covered person may, without prior approval, outsource to a counterparty, which may or may not be a covered person as defined under the AMLA, the customer identification and verification procedures, provided, that the ultimate responsibility for knowing the customer, keeping the identification documents, and managing attendant risks shall rest with the covered person and the following conditions are complied with:

    (a)There is a written service level agreement approved by the board of directors or senior management of the covered persons and its counterparty; and
    (b)The counterparty has a reliable and acceptable customer identification system and training program in place.

In addition if the counterparty is a non-covered person:

    (a)The covered person outsourcing the activity shall ensure that the employees or representatives of the counterparty gathering the required information and documents of, and/or conducting face-to-face contact with, the customer undergo equivalent training program as that of the covered person’s own employees undertaking a similar activity; and
    (b)The covered person shall monitor and conduct annual review of the performance of the counterparty to determine whether or not to continue with the arrangement.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence

Please refer to responses in item (e) above.

There is no license or registration required, however certain conditions must be complied with depending on whether the counterparty/third party is a covered person or not under the AMLA.

For both covered and non-covered persons, there must be an approved written service level agreement and the third party has a reliable and acceptable customer identification system and training program in place. In addition, for a non-covered third party, its employees or representatives must have undergone the prescribed training program and the covered person must monitor and conduct annual review of the third party’s performance.

Further questions

Entities that could be relied on specifically by law as a third party to comply with AML regulations (regardless of outsourcing)


Yes credit institutions
Yes financial institutions
No auditors, external accountants, and tax advisors
No notaries and other independent legal professionals
Yes other trust or company service providers
Yes estate agents
Yes other persons trading high-value goods
Yes providers of gambling services
Yes All other persons and their subsidiaries and affiliates supervised or regulated by the BSP


Authors

Close

Choose country