الهيئة العامة للرقابة المالية

• FRA has approved the consolidation of the AML/CTF compliance and operational roles within non-banking financial institution.
• Most reports now required on an annual basis. Only statistical reports will continue to be submitted semi-annually
• These changes are in response to recent amendments to the Executive Regulations of AML/CTF Law, issued by the Prime Minister

FRA has issued Decree No. 161 of 2024 to update AML/CTF regulations for non-bank financial institutions. This decree aims to streamline procedures for licensed entities while ensuring compliance with AML/CTF Regulations.

The new controls apply to Egyptian exchanges, financial institutions, and natural persons licensed to engage in non-bank financial activities. These regulations are in addition to the provisions of the Anti-Money Laundering Law and its implementing regulations.

FRA has approved the consolidation of the AML/CTF compliance and operational roles within non-banking financial institution, provided that this does not compromise the effectiveness of either function.

This decree aims to streamline the administrative structure of non-banking financial institutions and mitigate their financial burdens. FRA approved this authorization, considering the functional similarities between the two roles and upon the approval of the Egyptian Money Laundering and Terrorist Financing Combating Unit (EMLCU), as it aligns with international standards in this regard.

In addition, the said decree reduces the frequency of the internal auditor’s report on AML/CTF compliance officer’s work from semi-annually to annually. The annual report, due by January 15^th , must be submitted to the Authority within 45 days of board approval. The frequency of reporting will vary based on the entity’s size, activities, customer base, products and services, ensuring ongoing compliance with relevant regulations. The internal auditor is required to promptly notify both FRA and the entity’s board of directors of any potential breaches of AML/CTF regulations.

To facilitate compliance, the new regulation allows financial institutions to submit annual AML/CTF reports in January, covering the preceding year.

Entities stated in the decree are required to immediately freeze all funds, securities, financial instruments and other assets belonging to designated persons and entities, as specified in relevant sanctions lists. Additionally, they must not engage in any direct or indirect transactions with individuals or entities on the sanctions lists. They are also prohibited from providing any financial or related services, including funds, securities, or other assets, to those listed on sanctions lists.

The decree requires non-banking financial institutions to adhere to specific guidelines for identifying suspicious transactions, including general indicators and activity-specific indicators.

FRA decree is issued in response to recent amendments to the Executive Regulations of AML/CTF Law promulgated by Prime Minister decree no.3331 of 2023. It reflects the ongoing cooperation between FRA and the Egyptian Money Laundering and Terrorist Financing Combating Unit (EMLCU) and emphasizes the importance of financial institutions adhering to the findings of the National ML/TF Risk Assessment.

Additionally, the decree requires entities to establish and maintain robust internal manual to mitigate money laundering and terrorist financing risks. This manual must include systems and procedures to ensure the proper implementation of related rules and regulations. This includes specifying mechanisms for verifying compliance with the internal system, outlining the requirements for managing money laundering and terrorist financing risks, and defining procedures for identifying all customers, beneficial owners, and other relevant parties. The manual also addresses the risk-based classification of customers.

The decree requires entities providing non-banking financial services to promptly report any suspected money laundering or terrorist financing activities to the EMLCU, in accordance with the timelines specified in the relevant regulations. Moreover, these entities must promptly provide the Unit with any information that could confirm or refute previous suspicions, along with supporting documentation.

Entities subjected to this decree must also adopt a risk-based approach to AML/CTF, as outlined in the law and its executive regulations. This includes identifying, assessing, and understanding the potential risks, particularly those associated with the use of new technologies. Entities must establish clear policies and procedures and ensure that their staff are adequately trained and competent.