31

The Malawi Gazette Supplement, dated 15th May, · 2020, coutatnmg

Regulations, Rules, etc. (No. 7A)

GOVERNMENTNOllCE NO. IO

FlNANCTAL CRIMES ACT

(CAP 7:07)
FINANCIAL CRIMES (MONEY LAUJ\ITIERIN-G) REGULATIONS, 2020
ARRANGEMENT OF REGULATIONS
11.EGULATlON

PART I-PRELIMINARY
l. Citation
2. Interpretation

PART 11--iDEl\.'TIFY!NG iNFORMATION

3. Risk-based Approach
4. Establishing ~dentity of Customer
S. Information concerning Malawian Citizens
6. Information concerning foreign nationals
7. lnformation concerning politically exposed persons
8. lnformation concerning legal persons
9. Information concerning foreign companies

PART Jll-VERIFYTNG IDENTITIES

l 0. Verification of identity of a customer
11. Verification of Malawian citizens and residents
12. Verification of foreign nationals
13. Verification of trusts
14. Verification of other legal arrangements other than a trust
15. Verification of foreign companies
16. Authority of an agent
17. Customer due diligence by casir.os

P/\.RT lV-OTHER 0BLJUATIONS OF REPORTING lNSTITUTIONS

18. Customer Acceptance Pol icy
19. Record keeping
20. '
Electronic funds transfer
21. Thresholds for reporting Electronic Funds Transfers
22. Correspondent and respondent institutions
23. Intermediaries
24. Monitoring transactions
32 15th May, 2020

REGULAT!ON
25. New technologies
26. Foreign Branches and subsidiaries

PART V-REPORTrNG REQUIREMENTS

27. Compliance Reports
28. Large currency transactions and other reports
29. Suspicious transaction' reporting.

PART VJ-COMPLIANCE PROGRA.MME

30. Additional responsibilities of a Compliance Officer
31. Elements of Compliance programme
32. Identification and verification requirement programme
33. Record keeping requirements of a compliance programme
34. Reporting suspicious or unusual transactions requirements in a
compliance programme
35. Access to information by compliance officer
36. Discipline process for noncompliance
37. Independent assessment of compliance programme

PART Vil-CROSS-BORDER DECLARATIONS

38. Cross border transactions

PART V1II-MONETARY PENALTIES

39. Administrative penalties
40. Offences

PART lX-M!SCELLf'.NEOW
4 l. Repeal and Savings
SCHEDULES
lN EXERCISE of the powers conferred by Section 144 of the Financial Crimes Act, L
JOSEPH MWANAMVEKA. Minister of Finance, Economic Planning and Development. make
the following Regularions->-
Citation I. These Regulations may be cited as the Financial Crimes (Money
Laundering) Regulations, 2020.
Interpretation 2 Jn these Regulations, unless the context otherwise requires->
"agent" means any person who provides money or value transfer
services under the direction of or by contract with a legally registered or
licensed remitter, or reporting institution;
"AML/CFT' stands for Anti-money laundering and Combating
Terrorist Financing:
15th May, 2020 33

"Authority" means the Financial Intelligence Authority, established

under section 3 of the Act;
"beneficiary" means an individual, institution, trustee, or estate
which receives or may become eligible to receive benefits under an
insurance policy, retirement pian, annuity, trust or 0L1er form of contract;
"beneficiary financial institution" means, in relation to wire
transfers, the financial institution which receives the wire transfer from
the ordering financial institution directly or through an intermediary
financial institution and makes the funds available to the beneficiary;
"casino" means a person licensed as such under section 14 of the
Gaming Act; Cap. 47:01

"competent court" for the purposes of these Regulations means a

court of the grade of Senior Resident Magistrate and above;
..
"compliance programme" means a programme which is established
by a reporting institution to ensure it is in compliance with the Act and
its subsidiary legislation;
"designated person" means a person or entity, legal or otherwise
designated by the United Nations Security Council Resolution 1267
(l 999) and its successor resolutions and UN Special Recommendation
1373 (2001) and includes persons designated under the Financial Crimes
(Terrorist Financing and Proliferation) Regulations of 2017;
"electronic banking" includes the provision of retail and wholesale
banking products and services through electronic channels;
"electronic funds transfer" means transmission of funds whether
domestic or cress border through any electronic, magnetic or optical
device, telephone instrument or computer;
"forcibly displaced persons" includes refugees, asylum seekers or
persons in similar situations;
"funds" refers to assets of every kind, whether corporeal or
incorporeal, tangible or intangible, moveable or immoveable, however
acquired, and legal documents and instruments in any form, including
electronic or digital, evidencing title to, or interest in, such assets,
whether situated in Malawi or elsewhere;
"host country" means a country in which a Malawian reporting
institution has a branch or a subsidiary:
"intermediary financial institution" means, in relation to a wire
transfer, a financial institution in a serial or cover payment chain that
receives and transmits a wire transfer on behalf of the ordering financial
institution and the beneficiary financial institution, or another
intermediary financial institution;
"international electronic funds transfer" means any electronic funds
transfer where the originator and beneficiary institutions are located in
different jurisdictions;
34 15th May, 2020

'legal arrangement" means an express trusts or other similar legal

arrangements capable of holding property, making investments or
establishing 1business relationship with a reporting institution;
"legal person" means any entities other than natural persons that can
establish a permanent customer relationship with a reporting or
otherwise- own property. This can include companies, corporates,
foundations, partnerships, or associations and other relevantly similar
entities;
"money or value transfer service" means a service that accepts cash,
cheques, or other monetary instruments or other stores of value in one
location and pays a corresponding sum in cash or other form to a
beneficiary in another location by means of communication, message,
and transfer or th.rougha clearing network to which the money or value
transfer service belongs;
'occasional transaction" means a transaction other than that
concluded in the course of a business relationship;
"originator" means an account holder, or where there is no account,
a person that places an order with the reporting institution to perform an
electronic funds transfer;
"source of funds" meansthe specific activity which has generated
the funds to establish the business relationship or to undertake a
transaction between a reporting institution and the customer;
"source of wealth" means the origin of the customer's overall
wealth and includes business, employment, inheritance, investments,
donations; and
"trustee" means a person having norminal title to property that he
holds for the benefit of one or more others known as beneficiaries and
includes a personal representative.
Risk based 3.-(]) Every reporting institution shall apply a risk-based approach in
approach identifying its customers in accordance with section 2 l of the Act.
(2) ln applying the requirements of sub-regulation (I), every reporting
institution shall ensure that the results of the risk assessment are consistent
with. national risk assessment of money laundering and terrorist financing or
other relevant assessments done by supervisory authorities.
(3) Where a reporting institution identifies lower risks, the reporting
institution may decide to allow simplified measures for customer due
diligence provided that enhanced due diligence shall be applied where there
is suspicion of money laundering, terrorist financing or other financial crime.
(4) Every reporting institution shall ensure that the results of the
institution's risk assessment are communicated to a!I departments or sections
of the institution.
Establishing 4.-(1) Subject to section l6( I) of the Act, a reporting institution shall
Identity of carry out customer due diligence when-
15th May, 2020 35

(a) establishing a continuing business relationship;

(b) in t~e absence of a continuing business relationship, conducts a
transaction the amount of two .rnillion and five hundred thousand
Kwancha (KQ, 500, 000);
(c) in the absence ofa continuing business relationship, carrying out
several transactions within fourteen days, which appear to be linked and
when consolidated, add up to the amount prescribed under Regulation 28
or more;
(d) carrying out foreign exchange transaction exceeding the
equivaient of the amou.nt prescribed under Regulation 28;
(e) carrying out a one-off domestic or international electronic funds
transfer for ~Y amount;
(() carnying cut a domestic transaction exceeding the amount
prescribed uhdcr Regulation 28;
(g) there is a suspicion of money laundering or terrorist financing,
irrespective_pf any exemptions or threshold that are referred to elsewhere
in these Regulations; and
(h) the reporting institution has doubts about the veracity or
adequacy of previously obtained customer identification data.
(2) Where a reporting institution discovers that a business relationship
has been established or a single transaction has been conducted using a
fictitious, false or incorrect name, the institution shall report the transaction to
the Authority for specific direction.
(3) Where a reporting institution is unable to carry out customer due
diligence, the reporting institution shall-
(a) not open the account, commence business relations or perform
the transaction;
(b) te,~are the business relationship;
three (~~:tt~~t a suspicious transaction report to the Authority within

(d) not proceed any further with the transaction. unless directed to
do so by the Authority.
(4) Where a reporting institution forms a suspicion of money laundering
or terrorist financing and reasonably believes that performing customer due
diligence will tip-off the customer, the reporting institution shall-
(a) not perform the required customer due diligence; and
(b) submit a suspicious transaction report to the Authority within
three working days.
5) A reporting institution may apply simplified customer identification
requirements for.-
(a} a lustomer that is identified as low risk in the national risk
assessment or risk assessments by supervisory authorities and competent
authorities;
36 15th May, 2020

( c) a customer that is identified as low risk by the reporting

institution; and
{d) other forms of low risk categories of customers, beneficial
owners, beneficiaries 0r business relationships as established through
risk assessments.
(6) Notwithstanding the provisions of sub-Regulation (5), a reporting
institution shall not apply simplified customer identification requirements
where there is a suspicion of ~oney laundering or terrorist financing.
(7) A reporting institution that established business relationship with a
customer before the Act came into force shall take reasonable measures using
a risk-based approach to identify the existing customer where=-
(a) a transaction takes place that involves a significant change from
normal transactions conducted by a customer;
(b) customer documentation standards change substantially:
(c) there is a material change in the way that the account is
operated; and
(d) the reporting institution becomes aware that it lacks sufficient
information about the existing customer.
(8) In the case of legal persons, legal arrangements and trusts, a
reporting institution shall rake reasonable measures to identify the beneficial
owner.
(9) For purposes of this Regulation, "customer due diligence" includes-
( a) identifying a customer and verifying the customer's identity on
the basis of documents, data or information obtained from a reliable and
independent source;
(b) identifying, where there is a beneficial owner who is not the
customer, the beneficial owner and taking adequate measures, on a
risk-based approach, to verify his identity so that the reporting institution
is satisfied that it knows who the beneficial owner is, including, in the
case of a legal person, trust or similar legal arrangement, measures to
understand the ownership and control structure of the legal person, trust
or le,gal arrangement; and
(c) obtaining information on the purpose and intended nature of a
business relationship.
Information 5.-(l) A reporting Institution shall identify a natural person who is a
concerning citizen of Malawi by obtaining from that person the following particulars-s-
citizens of
Malawi (a) full names;
(b) identity document;
(c) physical address including street names and plot numbers, or a
detailed description of the location named where the physical address is
not available;
(d) village, traditional authority and district of origin;
15th May, 2020 37

(e) postal address, e-mail address and telephone contacts

whichever is applicable;
if> occup!tion or source of fonds and wealth including, where
appropriate, a detailed description of the nature of business activities the
customer is involved in;
(g) expected level of monthly income;
(h) nature and detailed description of the location of business
activities orpitce of empioyment whichever is applicable; and
(i) purpo~e and intended nature of the business relationship.
(2) If the nahiral person referred to in sub-Regulation (I) is, for
whatever reason, acting on behalf of or assisting another person, the reporting
institution shall also obtain from, or in respect of that other person, the
particulars referred to in sub-Regulation ( l).
(3) For purposes of this Regulation, the identity document referred to in
sub-Regulation (l)(b) shall be prescribed by the Minister by notice published
in the Gazette.
6.-(1) A reporting institution shall identify a natural person who is a Information
citizen of another country by obtaining from that person the following concerning
foreign
particulars- nationals
(a) full names;
(b) nationality;
(c) passport details, such as passport number. date of birth, and
place of issuance, date of issuance and expiry date of the passport;
(a') physical address including street names, and plot numbers, or a
detaiied description of the iocation named in Malawi where the physical
address is not available;
(e) residential address and contact information of country of origin
or residence, whichever is applicable;
if> postj1 address, e-mail address and telephone contacts in Malawi,
whichever is applicable;
(g) ocJpation, source of funds and expected level of monthly and
annual income;
(h) nature and location of business activities, if any;
(i) nature of permit allowing them to reside in Malawi; and
U) purpose and indented nature of the business relationship.
(2) Where the person referred to in Sub-Regulation (]) is unable to
provide a permitlallcwing them to reside in Malawi, the reporting institution
may rely on any documentation issued by the authority responsible for
immigration matters provided that:
the person provides a permit within ninety (90) days after the
relationship is established.
38 15th May, 2020

(3) If the natural person referred to in sub-Regulation (1) is, for

whatever reason, acting on behalf of or assisting another person, the reporting
institution shall also obtain from, or in respect of that other person, the
particulars referred to in sub-Regulation (1).
'
(4) If the natural person referred to in sub-Regulation (1) is a forcibly
displaced person, for whatever reason, the reporting institution shall also
obtain the particulars referred to in sub-Regulation (1 ).
Information 7 .-(I) A reporting institution shal I have appropriate nsk management
concerning systems to determine whether a customer or beneficial owner is a politically
polirically
exposed person.
exposed
persons (2) ln addition to the requirements in sub-Regulation (l) as well as
Regulations (5) and (6), the reporting institution shall-
(a) obtain approval from senior management of the institution
before establishing or continuing the business relationship with the
customer or beneficial owner:
(b) conduct enhanced ongoing monitoring of the business
relationship;
(c) rake reasonable measures to establish the source of wealtb and
source of funds of the politically exposed person; and
(d) take reasonable measures to identify family members and close
associates of the politically exposed persons.
(3) Where au existing client or beneficiary is subsequently found 10 be or
becomes a politically exposed person, an authorised officer of the reporting
institution shall seek senior management approval to continue the business
relationship.
(4) For the purpose of deciding whether a person is a close associate of
a person referred to in sub-Regulation ( l ), a reporting institution need only
have regard ro information which is in its possession or is publicly known.
Information 8.-(1) A reporting institution shall obtain from a person or an agent
concerning acting or purporting to act on behalf of a legal person registered in Malawi
legal persons with which it is establishing a business relationship or concluding a single
transaction the following details=
(a) registered name of the legal entity;
(b) registration certificate bearing the stamp and signature of the
Registrar of Companies indicating the number which the legal entity is
I incorporated or registered;
(c) documents regulating the power to bind the entity;
(d~ registration certificate issued by an appropriate regulatory body;
(e) the registered address, including physical address of the legal
entity;
(j) names of persons having a senior management position in the
legal entity;
15th May, 2020 39

(g) the name under which the legal entity conducts business, if this
is different frorv its registered name;
(h) the address from which the legal entity operates, or if it operates
from multiple addresses, the address of the office seeking to establish a
business relationship or to enter into a single transaction with the
reporting institution;
(i) detailed description of the nature of business activities the legal
entity is involved in;
(i) intended purpose and nature of the business relationship·
(k) source and amount of capital used to establish the legal entity;
and
([) expected monthly and annual turnover.
(2) In addition to the requirements of sub-Regulation ( 1 ), in the case of
company, the reporting institution shall, pursuant to Regulations 5( l), 6, 7,
obtain the full particulars and details of-
(a) each natural person, partnership, company or trust who controls
ten percent (l 0%) or more of the voting rights at the general meeting of
the company;
(b) where the natural person referred to in Sub-Regulation (2)(a)
does not exert control through ownership interests, the natural persons
exercising co1trol of the legal person through other means;
(c) wher~ no natural person is identified under 8(2)(a) and (b),
senior management of the comp::my;
(d) each director of the company; and
(e) each natural person who purports to be authorised to establish
business relaeionship or to enter into a transaction with the reporting
institution on behalf of the company.
(3) In addition to the requirements of sub-Regulation (l ), in the case of
partnership, a reporting institution shall pursuant to Regulations 5(1), 6 and 7,
obtain the full particulars and details of-
(a) every partner:
(b) senior management; and
(c) each natural person who purports to be authorised to establish
business relationship or to enter into a transaction with the. reporting
institution on behalf of the partnership,
(4) In the qase of a trust, a reporting institution shall, pursuant to
Regulations 5(1 ), 16 and 7, obtain the full particulars and details of --
(al every trustee and settlor of the trust;
(b) senior management of' the trust;
(c) cac~ natural person who purports to be authorised to establish
business relationship or to enter into a transaction with the reporting
institution on behalf of the trust; and
40 15th May, 2020

(d) each beneficiary of the trust referred to by name in the trust deed
or other founding instruments in terms of which the trust is created and
details of how the beneficiaries of the trust are to be determined,
(5) ln the case of an entity registered under any other written law, a
reporting institution shall pursuant to Regulations 5(1 ), 6 and 7, obtain the full
particulars and details of-
(a) senior management of the entity:
(b) the person in whose name the entity is registered; and
(c) each natural person who purports to be authorised to establish
business relationship or to enter into a transaction with the reporting
institution on behalf of the entity.
(6) A reporting institution shall require a client to submit updates of such
changes in the particulars submitted under this regulation that occur in the
course of the business relationship.
Ir, formation 9. A reporting institution shall obtain from a natural person acting or
concerning purporting to act on behalf of a foreign company with which it is establishing
foreign a business relationship or conducting a single transaction, information on-
companies
(a) name under which the company is incorporated;
(b) certificate of incorporation or registration indicating the number
under which the company is incorporated;
(c) documents regulating the power to bind the entity;
(d) physical address under which it is incorporated;
l
(e) where applicable, the name under which the company conducts
business in the country where it is incorporated, if this is different from
the name under which it is incorporated;
(/) the address from which H operates in the country where it is
incorporated, or if it operates from multiple addresses, the address of its
head office;
(g) name under which the company conducts business in Malawi;
(h) the address from which the company operates in Malawi, or if it
operates from multiple addresses the address of the office seeking Lo
.establish a business relationship or to enter into a single transaction with
the reporting institution;
(1) source and amount of capital used to establish the company in.
Malawi;
(j) expected monthly and annual income including, a detailed
description of the nature of business activities the customer is involved
in:
(k) government authorisation al lowing the foreign company to
operate in Malawi;
(/) pursuant to Regulations 4(1 ), 5( I) and 6, obtain the full
particulars and details ot:._
. \

r·
15th May, 2020 41

(i) the head of the company in respect of its affairs in Malawi;

(ii) ~ach natural pe.rson who purports to be authorised to
establish a business relationship or to enter into a transaction with
the repor ing institution on behalf of the foreign company;
(iii) each legal person controlling ten per cent (10%) or more
of the voting rights in the foreign company; or
(iv) each natural person who is the ultimate beneficiary of the
legal entity controlling ten percent (1()%) or more of the. voting
rights of the foreign company;
(m) reference letter from the company's bankers in its country of
registration; and
(n) imcnJed purpose and nature of the business relationship.

PARTl!f-VERIFYING [DENTrfiES

IO.-- ( 1) A reporting institution shall verify the identity of a customer or Verification

beneficial owner, based on the identification documents submitted under part of identity of
customer
11 of these Regulations in accordance with a Notice issued by the Minister and
published in the Gazette, before or during the course of establishing a
bus mess relationship or conducting transactions for occasional customers:
Provided that the reporting institution keeps evidence of the original
identification document submitted.
(2) Where a reporting institution establishes a business relationship prior
to verification, it shall do so in line with a risk based approach which should
include a limitation on the number. type and amount of transactions that can.
be performed:
Provided that the transactions do not exceed the threshold prescribed by
Notice published in the Gazette and that high risk transactions shall not be
permitted.
(J) ln the a~since of a ri~k manag_ement sys_tem, ~ reporting i~st_itutior
shall not be permitted to enter into a business relationship before verifying the
identity of a customer or beneficial owner.
(4) A reporting institution shall not enter into business relationship with
any person or entity which it has verified to be a designated person.
I l .-(I) A reporting institution shall independently verify the particulars Verificaticn
and detai Is referred to in Regulation 5( i) and (2) in respect of a natural of Malawi
citizens and
person who is a citizen or a resident in Malawi as prescribed by the Minister residents
by notice published in the Gczeue.
(2) A reporting institution shall verify the source of fund of a customer
by obtaining-
(a) letter from his employers, stating the current monthly salary;
(b) curre~t payslip;
(c) auditJa financial statements;
42 15th May, 2020

(dJ tax returns; or

(e) customer business premises visitation report.
(3) A reporting institution shall verify proof of residency of a customer,
using a riskbased approach, by obtaining-
(a) current utility bills;
(b) current city rates biils;
(c) current lease agreement:
(d) current tenancy agreement, or
(e) customer business premises visitation report
Verification 12.-( I) A reporting institution shall independently verify particulars
of foreign and details referred to in Regulation 6(1) and (2) in respect of foreign
nationals
nationals by confirm ing the information given by the person, with the
individual's bank in his country of origin or residence.
{2) Where it is not practical to contact the person's bank in his country
of origin or residence, the reporting institution shall use any other information
obtained from any other independent and reliable sources, while taking into
account the risk posed by-
(a) the jurisdiction of origin or residence of the foreign national;
(b) nature ofbusiness of the foreign national; and
(c) products and services offered by the reporting institution to the
foreign national.
(3) Where it is not practical to contact an individual's bank in his
country of origin or residence, the reporting institution shall-
(a) establish a business relationship for a period of ninety (90) days
and shaii not allow international electronic funds transfers until a permit
granted by the authority responsible for immigration is submitted by the
individual; and
(h) pursuant to sub-regulation 3 (a). where a permit has not been
granted, the relationship shall be suspended until a permit is duly
granted by the authority responsible for immigration.
(4) In case of forcibly displaced persons, a reporting institution shall
require a government recognised identification document including a United
Nations High Comm issioner for Refugees (UN HCR) identity card.

1 13,-( l) A reporting institution shall verify particulars obtained in

Yeri ti cation
of trusts respect of a Trust in terms of Regulation 8 (l) and (4) by- '
(a) comparing the registration certificate, trust deed, the
c~p.s-03 incorporation certificate issued under the Trustees Incorporation Act. or
other founding document in terms of which the trust is created with
documents submitted to the office of the Registrar of Companies;
(b) independently verifying information with regard to the trustees,
founders, and beneficiaries or other persons who purport to be authorised
to establish a business relationship or enter into a transaction.with the
15th May, 2020 43

reporting institution on behalf of the legal entiry in line with Regulations

n and 12;
physically verifying the place of business of the trust and contact
information provided where this is applicable; and
(c) verifying with the bank where a foreign trust holds an account
as to the authenticity of registration documents.
(2) Where it is not practical to verify the particulars of a trust L, the
manner described iP, sub-Regulation (l ), a reporting institution shall use any
other information obtained from any other independent and reliable source
while taking into account the risk posed by the-
(a) jurisdiction where the trust is registered;
(b) nature and business of the trust; or
(r) products and services offered by the reporting institution to the
trust
l4.-(1) A reporting institution shall verify the particulars obtained in Verification
respect of a local legal entity other than a trust, in terms of Regulation 8( I), of other legal
arrangements
(2), t3) and (5) by--1. otner than a
(a) comparing the details on the registration certificate, and all other Trust
registration documents submitted by the legal entity with those held by
the Registrar of Companies;
(b) comparing the details on the registration certificate issued by an
appropriate regulatory body, and all other registration documents
submitted by the legal entity with those held by the regulatory body;
(c) physically verifying the head office or other place of business of
the entity and contact details provided; and
(d) independently verifying informarion with regard to beneficial
owners, directors, senior management, partners or other persons who
purport to be authorised to establish a business relationship or enter into
a transaction with the reporting institution on behalf of the legal entity in
line with Regulations i l and 12.
(2) Where it [s not practical to verify the particulars of a legal entity
according to sub-Regulation ( l ), a reporting institution shall use any other
information obtained from any other independent and reliable scurce, while
taking into account the risk posed by-·
(a) the nature and business of the legal entity; and
(b) products and services offered to the legal entity by the reporting
institution.
15.--(1) A reporting institution shall verify the particulars obtained in Verific?tion
respect of a foreign company in terms of Regulation 9 by- of foreign
companies
(a) verifying with a bank which holds an account of the company
the details about the incorporation or registration of the company;
(b) physically verifying the place of business in Malawi; and
44 15th May, 2020

(c) independently verifying information with regard to directors,

senior management, shareholders, partners or other persons who purport
to be authorized to establish a business relationship or enter into a
transaction with the reporting institution on behalf of the legal entity
under Regulation 9
(2) Where it is not practical to verify the particulars of the company in
the manner described in sub regulation (I), a reporting institution shall use
any other information obtained from any other independent and reliable
source, taking into account the risk posed by-
(a) the jurisdiction where the company is registered or
incorporated:
(b) nature of business of the foreign company; and
(c) products and services offered by the reporting institution to the
foreign company.
Authority ofan 16.--{l) When a natural person is seeking to establish relationship or to
agent conclude a single transaction with a reporting institution on behalf of another
natural person or legal person, a reporting institution shall. in addition to the
other steps as may be applicable under regulations 5 to 15. obtain information
which provides proof of' that person's authority to act in such a manner.
t2) A reporting institution shail verify the information obtained pursuant
to sub-Regulation (I), by comparing the particulars of the natural person or
legal person, partnership or trust referred to in sub-regulation (l) with
information obtained by the institution in accordance with regulations 11, 12,
13,14 or 15, as may be applicable.
Customer 17 .-(I) A casino shall establish and verify the identity of all
due c!il igence custorners->-
by casino!
(a) to whom a casino makes facilities for gaming available-
(i) before entry to any premises where such facilities ' are
provided: or
(ii) where the facilities are for remote gaming, before access is
given to such foci liries;
, tb) who. in the course of any period of24 hours->
(i) purchase from, or exchange with. the casino chips with a
total value equivalent to or exceeding MK2,000,000.00 (two
million kwacha);
(ii) pay the casino an amount equivalent to or exceeding
'1K2.000,000.00 (two million kwacha)for the use of gaming
machines; or
(iii) pay lo, or stake with, rhe casino an amount equivalent to
or exceeding MK2.000,000.00 (two million kwacha) in connection
with facilities for remote gaming.
(2) The identification and verification referred to in sub-: egulation (I)
shall be conducted in accordance with regulations 4, 5, 6, 1 J, and 112.
15th May, 2020 45

(3) A casino shall put in place appropriate procedures to monitor and

record-
I
. (a) total value of chips purchased from or exchanged with the
casmo:
(b) total money paid for the use of gaming machines; or
(c) total 1money paid or staked in connection with facilities for
remote gaming, by each customer.

PART JV-OTHER 0BLIGAT10NS OF REPORTfNG INSTITUTIONS

18.-( I) A Jporting institution shal I develop a written risk-based Customer

customer acceptanle policy for an ongoing business relationship or single Acceptance
transaction and update it on an annual basis or whenever there are new Policy
developments, whifhever comes earlier.
(2) The board of a reporting institution shall approve the customer
acceptance policy.
(3) A reporting institution shall have procedures and guidelines
explaining the cuJtomer acceptance policy which shall form part of the
training programme of the institution.
19.-(1) A reRorting institution shall keep original records specified in Record
section 22 (I) of the Act. keeping

(2) A reporting institution shall keep all records in soft or hard copy or
both soft and hard copy and it shall ensure that appropriate backup and
recovery proceduref are in place.
(3) Where a reporting institution keeps records in soft copy, it shall
ensure that it complies with section 15 of the Electronic Transactions and
Cyber Security Acti Cap. 74:02
(4) The period for keeping records shall be seven years beginning on-

Act, the date ~r

(a) in the case of .he records specified in section 22 (I) (a) of the
which-
(i) the occasional transaction is completed;
(ii) the business relationship ends; or
(iii) in the case of the records specified in section 22 (I) (b) of
the Act, Jhere the records relate to a particular transaction, the date
on which the transaction is completed;
(b) in the case of the records specified in Section 22 (I) (c) and (d)
of the Act, the date on which-
(i) the reports are filed with the Authority; or
(ii) the investigation is closed; and
(c) for all other records, the date on which the business relationship
ends.

\
46 15th May, 2020

(5) A reporting institution shall take reasonable steps, in respect of an

existing business relationship, to maintain the correctness of records obtained
in compliance with regulations 5 to 15 by undertaking--
(a) an annual review of the existing records for high risk categories
of customers or business relationships; and
(b) at most, three-year review of the existing records for all other
risk categories of customers or business relationships.
Electronic · 20.-( l ) A financial institution shall ensure implementation of exchange
Funds control requirements in the electronic transfer of funds.
transfer
(2) A financial institution shall include accurate and complete originator
· and beneficiary information and other related messages when conducting
domestic and international electronic funds transfers and such information
shall remain with the transferor related message through the payment chain.
(3) For purposes of this Regulation-
"originator information" includes name of the originator, address of
the originator, identity number. an account number of the originator or
unique transaction reference number and other related messages that are
sent; and
"beneficiary information" includes name of the beneficiary, address
of the beneficiary, an account number of the beneficiary, Society for
Worldwide International Financial Telecommunication code and other
related messages that are sem.
(4) For ail electronic funds transfers, a financial institution shall verify
the identity of the originator or beneficiary. whichever is applicable. in
accordance with regulations 5 to 15.
(5) An intermediary financial institution shall retain all originator and
beneficiary information that accompanies a wire transfer.
(6) l nterrnediary and beneficiary financial institutions shall use a
risk-based approach to deterrn ine when to execute, reject, or suspend a wire
transfer lacking required originator or required beneficiary information and to
determine appropriate follow-up action.
(7) Beneficiary financial institutions shall take reasonable measures,
which may include post-event monitoring or real-time monitoring where
feasible, to identify cross-border electronic funds transfers that lack the
required originator information or beneficiary information.
(8) ·A financial institution shall ensure that where several individual
cross-border wire transfers from a single originator are bundled in a batch file
for transmission ro beneficiaries, the batch file should contain complete and
accurate originator information, and full beneficiary information that is fully
traceable.
(9) A financial institution shall monitor and report to the Authority
electronic funds transfers which do nor contain complete originator and
. (

beneficiary information:
15th May, 2020 47

Provided that the financial institution shall not execute such electronic
funds transfers.
(I 0) A financial institution shall restrict or terminate a business
relationship with a financial institution that persistently faiis to include
comp!ete originator and beneficiary information in its electronic funds
transfer.
(1 i ) This Regulation shall apply to money or value transfer service
'providers.
21. A financjal institution shall report electronic funds transfers to the Thresholds
Authority in accordf nee with section 33 of the Act Provided that, in the case for reporting
of- electrcnic
funds
(a) )ocal mobile money transfer reports or any similar local transfers
transfers, only for each transfer in excess of three hundred thousand
Kwacha (K300,000.00) in accordance; .
(b) domestic electronic funds transfers by financial institutions;
and
(c) international funds transfers by financial institutions.
22.--(l) A fi~ancial institution shall, in relation to correspondent bank- Corresponde-
ing and other similar business relationships,-- nt and
· , -'-f d . respondent
( a) identi y an verify the correspondent institution or a respondent institutions
institution, wiichever is applicable;
(b) gather sufficient information about the nature of the business of
the correspondent institution or respondent institution:
(c) deterl1 ine from publ icly avai lab!e information, the reputation of
the institutio°> and the quality of supervision to which the correspondent
or a respondent institution is subject to;
(d) assess the adequacy and effectiveness of the anti-money
laundering a~d terrorist financing controls of the correspondent or a
respondent institution and document the findings;
(e) obtai~ the approval from the senior management of the financial
institution before establishing a new correspondent or a respondent
relationship;
(j) obtai~ documents or agreements signed by senior management
of the ,;;orrespondent and respondent institutions outlining respective
responsibilitif s of each institution; and
(g) obt1in certification from the correspondent or a respondent
institution certifying that-
(i) in line with Regulation 23( I), it carries due diligence on
other correspondent or respondent institutions it provides similar
service! to; or
(ii) the correspondent or a respondent institution does not
providejsirnilar services to shell banks.
(2) A reporting institution shall take into consideration the risk posed by
48 15th May, 2020

the jurisdiction in which a correspondent or respondent bank is located in

considering entering, into a business relationship.
intermediaries 23 .-( 1) Where a reporting institution chooses to rely on an
intermediary or a third party to undertskeobligations under Parts lJ and Ill of
these Regulations or to introduce business, the institution shall, in addition to
the requirements under Section 17 of the Act-
(a) enter into an agreement with the third party outlining the roles
and responsibilities of eacb party;
(b) immediately obtain the information and documents required
under Parts II and Ill of these Regulations;
(c) ensure that copies of identification and other relevant documents
required under Parts 11 and Ill of these Regulations are well kept and that
will be avaiiable to competent authorities or the Authority within a
reasonable time acceptable to the requesting authority;
(d) satisfy itself that the third party or intermediary is regulated and
supervised for, and has measures in place to comply with the
requirements set out in Parts II and 111 of these Regulations·
(e) in the case of third parties that are outside Malawi, a reporting
institution shall confirm whether countries in which such third parties are
domiciled have effective systems to deter money laundering and
terrorist financing; and
(/) reporting institutions which rely on third parties or
intermediaries shal I ultimately be responsible for customer identification
and verification.
(2) Notwithstanding the requirements in sub-regulation (I), a financial
institution shall not rely on the third party for ongoing monitoring of the
business relationship of its customers.
Monitoring 24.-( I) A reporting institution shall conduct ongoing monitoring on its
transaction- customers and develop risk based systems and procedures for purposes of
ongoing monitoring.
2) For purposes of this Regulation "ongoing monitoring of a business
relationsh)p" inciudes-
(a) scrutiny of transactions undertaken throughout the course of the
relationship including, where necessary, the source of funds, to ensure
that the transactions are consistent with the reporting institution's
r knowledge of the customer, his business and risk profile: and
(b) keeping the documents, data or information obtained for the
purpose of applying customer due diligence up-to-date.
(3) A reporting institution shall take reasonable measures to verify the
purpose of any financial transaction.
(4) A reporting institution shall have automated or manual system that
wil I trigger ace ion in the event that thresholds established by a reporting • I

institution for purposes of monitoring are exceeded.

15th May, 2020 49

25. Pursuant to the requirement under section 21 of the Act relating to New
putting in place measures to prevent or mitigate money laundering and technologies
terrorist financing commensurate with risks identified for products, service or
delivery channels, a reporting institution shall-
(a) take reasonable steps to prevent the use of new technologies,
new products and services or other systems being used for money
laundering or {en-orist fi.imncin& schemes;
(b) identity and assess the money laundering or terrorist financing
risks that may arise in relation to the development of new products and
business practices including new delivery mechanisms and the use of
new or developing technologies for both new and pre-existing products;
and
(c) take appropriate measures to manage and mitigate the risks in
Su b-paragrap)( b).
26.-(1) A r porting institution registered in Malawi which has Foreign
branches and subsic iaries outside Malawi shall- Branches and
subsidiaries
(a) ensure that its branches and subsidiaries observe anti-money
laundering measures consistent with the Act and these Regulations; and
(b) where, the minimum requirements of me host country are lower
than those applicable in Malawi, ensure that the branches and
subsidiaries aprly the higher standards.
(2) A reporting institution shall inform the Authority and supervisory
authorities when a branch or subsidiary outside Malawi is unable to observe
appropriate anti-money laundering measures.

PART V-REPORTING REQUIREMENTS

'27. A reporting institution shall submit to the Authority and supervisory Compliance
authority compliance reports by 3 I st January of each calendar year or as may Reports
be required by rhe Authority.
28.-( I) In accordance with section 33 of the Act, a reporting institution Large
shall submit to the 1uthority the following reports of which transactions value currency
or aggregate value ls at least five million Kwacha (K5,000,000)- transect ions
and other
(a) large currency transaction report in a format specified in the reports
First Schedule hereto;
(b) large Currency Transaction report (LCTR) in instances where
the Authority is requesting for more information in a format specified in
I
the Second Sc1edule hereto; and
(c) electronic funds transfer reports.
(2) The reports in sub-regulation (I) shall be submitted within such a
period as guided by the Authority.
29.-{I) A reporting institution shall submit a Suspicious Transaction Suspicious
Report (STR) to the Authority pursuant to section 23 of the Act, in a format transaction
specified in the Third Schedule hereto, and in· the case of designated reporting
non-financial businesses and professions, in accordance with the Fourth
Schedule hereto.
50 15th May, 2020

(2) A report made by a supervisory authority or external auditor under

section 37 of the Act shall contain such information as specified by the
Authority,
(3) In pursuance or' section 37 of the Act, a supervisory authority or
external auditor shall not investigate a matter after filing an STR with the
Authority unless otherwise directed by the Authority.

PART Vl,.:_COMPLIANCE
I
PROGRAMME

Additional 30.-{1) In addition to responsibilities under the Act, a compliance

responsibilities officer shall _
oh
compliance (a) take action on suspicious disclosures from officers and
officer employees of the reporting institution as soon as practicable so as not to
delay the reporting of such disclosures;
(b) apply internal risk management procedures on the disclosed
suspicious transaction;
(c) report the suspicious transactions upon applying the measures
in sub-paragraph (b) to the Authority; and
(d) allocate responsibilities and accountability to ensure that staff
duties related to the establishment and verification of identities are
complied with.
(2) The compliance officer shall have access Lo the requisite board
committee of the institution on AMLICFT compliance matters.
(3) A reporting institution shall subject the appointment of a compliance
officer to approval by the Authority or supervisory authority for reporting
institutions under their purview.
(4) A reporting institution shall within 7 days communicate thr removal
of a compliance officer and grounds for such removal to the Authorityand
supervisory authority.
(5) An internal auditor and a chief executive officer of a reporting
institution shall not qualify for appointment as a compliance officer.
,(6) 'The compliance officer shall carry out his functions independently
and shall be free from undue influence regarding reporting of suspicious
transactions.
Elements of
1
31.---{.1) Each reporting institution shall develop and implement internal
Compliance rules and other procedures to combat money laundering and terrorist
programme financing. ·
'
(2) The internal rules in sub-regulation (I) shall include provisions for-
(a) programmes to assess risks related to money laundering and
terrorist financing;
(b) the forrnulation of control policy on issues of-
(i) timing of reports;
(ii) degree of control;
15th May, 2020 51

(iii) areas co be controlled;

(iv) responsibilities;
(v) follow ups; or
(vi) administrative penalties to combat money laundering and
. "''
terrorist .
nnancmg;
(c) ongoing monitoring of a business relationship;
(d) enhanced due diligence with respect to persons carrying high
risk businesses·
(e) training of employees, including the anri-money laundering
reporting officer, in the recognition and handling of suspicious or
unusual transactions;
(j) independent audit of the compliance programme;
(g) other matters as guided by the Authority and Supervisory
authority; and
(h) management of the reporting institution in respect of
compliance with the Act, these Regulations and the internal rules on
record keeping.
32. A reporting institution shall develop internal rules related to the Identification
establishment and verification of identity which shall- and
ver i ti cat ion
(a) provide for the necessary processes and working methods which requirement
will cause the rfquired particulars related to the identities of parties to a programme
business relationship or single transaction to be obtained on each
occasion when a business relationship is established or a single
transaction is cbncluded with the institution,
(b) provide for steps ro be taken by the relevant staff members
aimed at the verification of the required particulars related to the
identity of parries to a business relationship or single transaction;
(c) provide for the responsibility of the management of the
reporting institution in respect of compliance with the Act, these
Regulations and the internal rules;
(c.i) allocate responsibilities and accountability to ensure that staff
duties related to the establishment and veri fication of identities are
complied with, and
(c) take into account any guidelines related to the verification of
identity which ray apply to that reporting institution.
33. Each re~orting institution shall make internal rules related to Reo.,rd
record keeping wh ch shall provide for systems, processes and working keeping
methods to ensure t at- requirements
of ll
(a) relevant staff members of the reporting institution obtain the ccrnptiance
information of which record shall be kept. on each occasion when a programme
business relationship is established or a transaction is concluded with the
reporting institution;
52 15th May, 2020

(b) accuracy and integrity of those records are maintained for the
entire period for which the records are to be kept
(c) access that n:iay be required or authorized under the Act by the
relevant staff members to those records can be obtained without
hindrance; and
(d) guidelines related to the keeping of records which may apply to
that reporting institution are taken into account.
Report of 34. Each reporting institution shall make internal rules related to
suspicious reporting of suspicious or unusual transactions which shall provide for-
or unusual
transacrions (a) systems, processes and working methods which will cause a
suspicious or an unusual transaction to be reported without delay;
(b) systems, processes and working methods to enable staff to
recognize potentially suspicious or unusual transactions;
(c) the responsibility of the management of the institution in respect
of compliance with the Act, these Regulations and the internal rules;
(d) allocate responsibility to ensure that staff duties related to the
reporting of suspicious or unusual transactions are complied with;
(e) take into account any directives related to reporting suspicious
or unusual transactions which may apply to that institution; and
(j) ensure that records of suspicious or unusual transactions which
must be retained for investigations are emphasized.
Access to 35. A reporting institution shall ensure that the compliance officer of
informati~n the reporting institution has access to all information that may be of assistance
byfficomplmnce to the compliance officer in the execution of his duties.
o teer

Discipline 36. A reporting institution shall-

process for (a) provide for disciplinary steps against the relevant staffrnernbers
noncomphance
for non-compliance with the Act, these Regulations and the internal
mies; and
(b) submit a report of the disciplinary action taken on the member
of staff for the non-compliance in Sub-regulation (a).
'
Independent 37. External auditors shall review and pt ovide independent
assessment of assessments of the AML/CFT compliance programmes of reporting institu-
compliance tions.
programme

PART VII-CROSS-BORDER DECLARATlONS

Cross border 38.-(l) ln accordance with section 55 of the Act, an authorized officer
transactions shall report ro the Authority, any cross-border currency transfer whether into
or out of Malawi amounting to at least USD 5,000.
(2) The report in sub-Regulation (l) shall be submitted without delay and
in any case within 12 hours. . ,'·
(3) The report in sub-Regulation (I) shall be submitted in a, format as
prescribed in the Authority. '
15th May, 2020 53

PARTVIII-MONETARY PENALTiES

39.-( l) In acc~rdance with sections 34 and 144 of the Act, the Authority Administra-
or supervisory authority may impose monetary penalties as provided in the tive
penalties
Fifth Schedule hereto, for breach of these Regulations of-
(a) up to one hundred million Kwacha (K 100,000,000) for
reporting irstit:.itions; and
(b) for natural persons who are members of the board of
directors dr senior management of reporting institution, up to ten
million Ki'acha (Kl0,000,000).
c::) When determining an appropriate monetary penalty, the Authority or
the supervisory authority shall consider the following factors-
(a) nature, duration, seriousness including breach of other relevant
laws and extent of the non-compliance;
(b) person who committed the violation;
(c) extent to which the violations occurred intentionally,
negligently or /ecklessly;
(d) extent to which the board -, executive or senior management
knew, or ought to have known, that a violation was occurring or would
occur;
(e) concealment of the violation;
(/) whether the person acted in good faith or cooperated with the
investigation of the violation;
(g) whetblr the reporting institution or person has previously failed
to comply with provisions of the Act;
(h) steps taken by the reporting institution or person to remedy the
breach and to prevent a recurrence of the non-compliance; and
(i) steps taken or to be taken against the reporting institution or
person by-
(i) arother supervisory body;
1,
(ii) self-regulatory body of which the reporting institution or
person is a member; or
(iii) any other relevant factor. including mitigating factors.
(3) Before imposing a monetary penalty, the Authority or supervisory
authority shall give the reporting institution or person reasonable notice of up
to ten working day~ in writing stating-
(a) natur~ of the alleged non-compliance;
(b) intention to impose a monetary penalty;
(c) amount or particulars of the intended monetary penalties; and
(cl) that the reporting institution or person may, i11 writing, within a
period specified in the notice, make representations as to why the
monetary penalties should not be imposed.
 ~~ ~--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

54 15th May, 2020

(4) After considering any representations and the factors referred to in

sub-regulation (2), the Authority or supervisory authority, may impose an
appropriate monetary penalty. ·
(5) The Authority 'or supervisory authority may still impose the
administrative sanctions under Section 34 of the Act if the respondent has
been charged with a criminal offence in respect of the same set of facts.
Offences 40. A person who makes or enters into any arrangements, whether oral
or in writing, for the purpose of, or which have the effect of, in any way,
whether directly or indirectly. prevent the operation of these Regulations
commits of an offence and shall on conviction, he liable to-
(o) a fine of twenty million Kwacha (K20,000,000.00) and to
imprisonment for six years ;
(b) in case of a natural person and in case of a legal person or body
corporate to a fine of one hundred million kwacha (K 100,000.000.00)
and to revocation of business licence.

PART IX-RE!'E.ALAND SAVlNG

Repeal and 41.-(l) The Money Laundering, Proceeds of Serious Crime and
Savings Terrorist Financing Regulations, 2011 are hereby revoked.
(2) Anything done in accordance with the Money Laundering, Proceeds
of Serious Crime and Terrorist Financing Regulations, 2011 prior to the
commencement of these Regulations and which may be done in accordance
with the provisions of these Regulations, shall be deemed to have been done
in accordance with these Regulations. .

FIRST SCHEDULE (Reg, 28(1 )(a))

LARGE CURRENCY TRANSACTION WEEKLY REPORT
Branch ! Account Number Account Nome I
Transoction Currency I Date Transaction Payments Narrative
Amount Reference 1 /Rece tpts
I
I
I I
I I I I
I I I
I
I
I
i
I

I '
I I \

I. l
I Ii II
I
I
I' II I li
I
I I I I

j•
15th May, 2020 59

PART C-!NFORMAT\ON OF PERSON OR ENTITY CONCERNING WHOM REPORTS IS MADE

Suspect Information Unavailable;

l, Surname or Name, of Entity:" 2. Initial:" .
3. Full Address:" ....•...................................................................................

4. Phone Number:" ! 5. Fax Number:* .

6. · Occupation:" .
7. Nations lity:* J :... 8, Country of Residence : .
9. Type of Identifi"I' passport. Driver's Licence....... National Identity Card .
Other (specify): , .

:~ :::::~: :::::,j,;I~~~o;~;p~,tli~~ cus;o,n,;/~h~~; ~;;: : : ~~.:. . . . .

lfyes please refef to Section H.

PART D INFORMATION OF PERSONCONDUCfiNG TRANSACTlON

If'transaction was colucted by person referred to in Part 8 - DO NOT COMPLETE PART .,

D) .

A person on behalf Jthe person or entity referred to in Part B- (COMPLETE PART D)

1. Surname:" J ......................•... 2. Initial:" .
3. Full Address:" , .

4. Phone Number:" 5. Fax Number:" .

6. Occupation:* ,.......................... 7. Nationality:" ., ..
8. Country of Residence: .
9. Type of Tdentifief * passport Driver's Licence National Identity Card .
Other (specify): .
10. Identity Number:" .

PART E.....-REPORTING INSTUTUT!ON .INFORMATION

I. Name of lnstitution :" .

2. Full Address:" ... r •...•.•...•.•..•..•...•.....•..•.....••....•.••.........•.....•......•.••...•.•...•••
...........................:, .. , , .
3. Phone Number.ti 4. Fax Number:" .
60 15th May) 2020

5. Branch Officers) where suspicious activity occurred:" .

6. Reporting Officer's Name:" .
Title:* , Signature:" .

PARTF-DETAfLS Of SUPICIOUS ACTIVITY

Please describe clearly and completely the events which led ro the: conclusion that the
particular activity is suspicious.

PART G-DETAILS OF ACTIONTAKEN

Please describe what action was taken by you as a result of the suspicious transaction(s).

PART H-CHECKL.IST

JOTE THAT THESE ARE DOCUMENTS THAT HAYE TO BE ATTACHED

AND ALSO FROM TO HAYE BEEN FILLED
Is the Form completed in full? (ail mandatory parts have been filled): .
Identity of subject; .
Bank statements of subject .
Account opening documentation (including but not limited to KYC/KYB documents) .
Details of Related parties to the subject (all details for related parties to the subject have to
be disclosed) .
Details of Impact of suspicious activity; .
Details of other reports made on the subject to Law Enforcement Agencies (if any); .
I
Detai Is of any other relationship of the client/ customer to reporting institution. Exampl
would be if subject is a Finance Director of the reporting institution .
Other Relevant Information .

FOURTH SCHEDULE Reg. 29(1)

Suspicious Transaction Report I DiXFBPs I
Report Number: Date of Report:
(dd-mm-yyyy)
Use this' form if you are a reporting entity or Send Completed Form by courier or
person and you have reason to suspect that a encrypted email to:
transaction is related to money laundering or
financing of terrorism
(WHEN COl\1PLETING THE FORM REFER The Director Genera!
TO THE. LATEST FIA STR GUlDELlNES) Financial intelligence Authority
Private Bag 8441 '
151h May, 2020 61

Capitai City
Lilongwe j
All fields of the report marked with an asterisk (*) MALAWI
MUST be completed. Email: [email protected]

PART H-SUSPIClOUS ACTIVITY INFORMATION

1. Description of transaction: D Money Laundering D Bribery D Fraud
D Counterfeit Cheque
(Please tick)* O Misuse of Position D Terrorist Financing [j Tax Evasion
D Identity Theft O Cyber Crime D Embezzlement
D Electronic Funds Transfer
D Other (specify) .
2. Date or Date range of suspicious activity: *
From ; · . TO (dd-mrn-yyyy) .
(dd-mm-yyyy)
3. Amount of money involved in the transaction (s) (in Kwacha value):* .
4. Branch/()ffice{Location (s) where suspicious activity occurred: .
' ~ " .
5. Purpose of transaction: , .
6. Name of ultimate beneficiary .
7. Identity of beneficiary (JD type & Number) .
8. Address of beneficiary .
9. Details of transaction: 0 Cash D Cheque O Property Swap (Please tick)
O Other (sreclfy) .
10. I-las the suspicious activity been reported to any law enforcement agency?
D Yes D Ni
If Yes, please tick contacted law enforcer below:
D Police O Anti-Corruption Bureau D Director of Public Prosecution
D Malawi Revenue Authority
D Other (spec\fy) . .. .. . . . . .. . .. . .
(Attach report made to the other agency)

11. Name of person contacted at the law enforcement agency .

12. Contacts of person contacted at the law enforcement agency: .

PART B-INFORMATION ABOUT HOW TH[: TR.AN~ACT!ON WAS lN!"nATED

62 15th May, 2020

1. Type of service offered: * 0 Cash out D Outgoing electronic funds transfer

D Purchase of Jewelry D Purchase of traveler's cheques D Conducted currency
exchange D Purchase of money order O Real estate purchase/deposit -
D Deposit to an account O Purchase of bank draft O Purchase of precious metals
O Purchase of precious stones O Purchase of diamonds D Securities purchase/
deposit O Lite insurance policy purchase/deposit
C Other (specify) - , .

DETAILS OF ASSET(S) INVOLVED TN THE TRANSACTION

2. Type of Asset(s):* D Pio D Dwelling House D Commercial Block O Farm
D Jewelry O Motor Vehicle
D Other (specify) _, - .

········-······················································-···········································································
3. Name of Title Holder: -, - - _ _ .
4. Registration number (If applicable): 5. Location of assetis): .
6. Brief description of assetts):" - _ _, .. ·-······· .. ········---···· .
7. Estimated value asserts):" - .. , - .

PART C-[NFORMATION ON PERSON INVOLVEDTN THE TRAN3ACTION

FOR SERVICES OTHER THAN PROPERTY TRANSACTIONS

I. Full Name: * - .. ·-····· _ , .. - .

2. Telephone Number:" - .
3. Address:* ·--·······--··-······ _ .
4. Occupation: .. - -·-····- .. ·····- .. ····-·-···....... '
5. Nationality:*·--·······························-···
6. Type of Identity;" 0 Passport D Drivers License O National ID
O Other (specify) - (Please tick)
7. Identity number: "'
].

2.
8.
9.

PART H--REPORTJNG lNSTITUTION iNFORMATION

13. Name of the lnstitution: * : _ .

J 4. Full Address: * ·-··········-··- ·····-·· ·-········· - .
15. Telephone Number:* - , .
1·
15th May, 2020 63

16. Fax:" .
17. Which one of the following types of reporting entities best describes you?:*
D Casino, Lottery or Gambling House DDealer in Precious Metals, Stones and
bullion D r,ccountant D Safe deposit or custody service provider
D Trust or company service provider 0 Legal practitioner D Notary
D Accountant O Estate Agent
18. Name of Reporting Officer:* .
19. Contact No. of Reporting Officer: Signature:" .

PART E-DE1AILS OF SUSPlC!OUS ACTIVITY

Please describe clearly and completely the events which led to the conclusion that the
particular activity is ?'Jspicious. i

PART H-DCTAJLS OF ACTION TAKEN

Please describe what action was taken by you as a result of the suspicious transaction/s)
64 15th May, 2020

PART G-CHECKLIST

Note that these are documents that have to be attached and also form to have been filled
O fs the form completed in full? (All mandatory parts have been filled)
O Identity of subject
D Copies of sale agreement
D Agent's receipts
O Details of individuals related to the subject. (A 11 details for related parties to the subject
have to be disclosed)
O Details of other reports made on the subject to Law Enforcement Agencies (if any)
O Details of other reports made on the subject to the FIA (if any)
O Other Relevant Information

FIFTH SCHEDULE (reg. 39)

PART H-MONETARY PENALTIES FOR OTHER FJNANClAL INSTITUTIONS

The following penalties shall apply to other financial institutions excluding banks and
insurers - ·
Categorization of Penaltie
Penalties for financial institutions have been divided into four categories lA, B, C, and D)
as follows..-

C.~TEGORY LEVEL I LF,VEL2 LEVEL 3 'avEL 4 \ iEVEl 5 LEVEL 6 LEVEL 7 \EVEL 8

FEN.4l7T PENALTY PENAL.Tl Ph,'NALTY PENALTY I PENALTY
(MK 000)
PENALTY !PENALTY
(MK'OOO) i(MK'OOO)
1MK'OOC) (MK'1100) tMK 000) (MK'OOO) JM/;'GOO)

A
-
I11,000 5,000
-
10,000 I :20,000 130,000 50,000 100,000
3,000 j8,000 15,000 25,000 40,000 l 00,000
B 1soo 1,000
c J250 · [soo 2,000 5,000 15,000 20,000 30.000 I 100,000
I

D 1.00 200 500 l,O(JO 2,500 5,000 7,500 10,000

I
The following guidelines have been used to determine the seriousness of offences and
therefore the category of penalties->
Category A: Violations by tbe Board;
Category B: Violations by Executive Officers or Senior Management Officials;
Category C: Violations by the financial institution at any a level ocher than the Board or
Senior Management; and
Category D: Violations by natural persons who are members of the Board or Senior
...... Management and will be charged in individual capacity.
15th May, 2020 65

For categories A, B and C, the penalties will be imposed on the institution.

Notwithstanding that the Act and the Regulaticns place all compliance obligations on the
reporting institution itself in deciding which category a violation falls under; the Authority
or supervisory authu/'itY shall determine the responsible person/authority for compliance
with the provision of the Act or Regulation.

GENERAL NOTES
l. Repeat violations will bear penalties at the next level. A violation will be considered a
repeat offence wren it meets the following conditions, among otherS-
(a) if it remains unresolved until next review, submission or after deadline as directed
by the Authority or supervisory authority; or
(b) if it is resolved and recurs within a period of 12 monrhs.
2. Multiple offences of the same provision within the Act or Regulation shall only be
penalised once.
3. The imposition bf penalties shall not preclude the Authority or supervisory authority
from taking or i~posing any other supervisory action as mandated by the law.
4. Repeat violation after maximum penalty in each category, shall attract other
enforcement actions as stipulated in the law.

PENALTIES PER PROVISION AND REGULATION

The table below shows penalties per provision and regulation.

Description of violation Provision Category/level I Penalty

K t
Failure by a financial institution to
I
comply with the requirements for
identification of a Malawian citizen Regulation 5 Cl 250,000 00
Failure by a financial institution to
comply with the regu irernenrs for
identification of a foreign national Regulation 6 C2 500,000 00
Failure by a financial institution to
comply with the requirements for
identification of a Politically Exposed
I I
Person Regulation 7 83 3,000,000 00
Failure by a financta l institution to
comply with the requirements for I
identification of a lbcal legal entity

+
or a legal arrangement Regulation 8 250,000

comply with the requirements for I

identification of a Local legal entity or
a legal arrangernenl other than a trust Regulation i I C2 500,000 00
66 15th May, 2020

Description of violation I Provision Category Penalty

/Level K t
Failure by a financial institution to
compiy with the requirements for
identification of a foreign company j F-egulation 9 I C2 500,000 00
Failure by a financial institution to
verify a designated person when a list
of designated persons is circulated or I
when opening an account or
conducting a trnnsaction I Regulation IO (4) C4 5,000,000 00
Failure by a financial institution to
comply with the requirements of
verification of the identity of a
Malawian citizen I Regulation 11 L
I C2 500,000 00
Failure by a financial institution to
comply with the requirements of
verification or the identity of a I
foreign national l Regulation 12 CJ 2,000.000 00
Failure by a financial institution to
comply with the requirements of I
verification of the identity of a Trust I Regulation 13 C3 · · 2,000,000 00
Failure by a financial institution to
verify rhe identity of a beneficial
owner Regulation I 0( l)(2) C3 2.000,000 00
Failure by insurance companies to
identify and verify beneficiaries ection 18(1) (2) (3) C2 500,000 00
Failure by insurance companies to
apply enhanced measures to identify
and verify identity of the beneficial
owner of higher risk legal entities ection 18(4) C3 2,000,000 00
Failure by a financial jnstirution to
comply with the requirement of
verification of the identity of a
foreign company .l Regulation 15 C3 2,000,000 00
Failure by a financial institution to
comply with the requirement of
identification and verification of a
I
person's authority to act on behalf of
_
another I
Regulation 16 I C2 I 500,000 00
Failure by a financial institution to 11
operate or maintain an account in true I
name of account hokier. Section 20(] ), (2) I C4 5,000,000 00
I

I ~~
 15th May, 2020 67

OTHER DUE DJLUIGENCE OBLIGATIONS

Description of violation 'Provision Category Penalty

/Level K t
Pai lure by a Financial institution to
maintain records for the minimum
period of 7 years Regulation l 9 83 3,000,000 00
Failure by a financial institution to
comply with the reqr·ement to
maintain records in manner that
enables Authority, law enforcement
agency, Supervisory Authorities or
Competent Authority to reconstruct
the transaction Section 22(1)(b) 83 3,000,000 00
:
Pai lure by a financial institution to
provide a record of a transaction or
any other infonnatil requested by
the Authority, law e forcernent agency,
Supervisory Authorives or Competent
Authority within the time specified by
the Authority or the Competent
Authority Section 22(5) 82 1,000,000 00
Failure by financial institution to
comply with the requirements relating
I
..
10 correspondent banking I Regulation 22 I B3 3,000,000 00
Failure by a financiatnstitution
comply with any oft1 e requirements
to
l I
relating Lo intermediaries or third
parties
I
Regulation 23 C2 500,000 00
failure by a financial institution to
comply with the requirements
relating to she! I banks Section 30 (2) 85 15,000,000 00
Failure by a financial institution to
comply with new tecrnology I
requirements I Regulation 25 82 1,000,000 00
Failure by a financial institution to
comply with the requirement of Regularion 28,
appointing a Compli~nce Officer I Section 27 (I )(a) A2 1,000,000 00
Fai lure by the financial institution to
-
train and make its employees aware
of policies, procedures, audit I I
systems relating to Section 27 (l)(h)(vii).I
money laundering Section 27 (l)(c) Bl 500,000 00
Failure by the financ\al institution to
screen persons before hiring them. Section 27 (l)(b)(viii Bl 1,000,000 00

I
I
68 15th May, 2020

Description of violation Provision Category Penalty

/Level K t
Failure by the financial institution to
establish an audit function to test
Anti Money Laundering procedures
and systems. Section 27 {l)(d) A2 1,000,000 00
Failure by the financial institution to
establish a customer acceptance pol icy. Regulation 18, A3 5,000,000 00
Failure by the financial institution to
conduct risk assessment and
develop risk based systems and Section 27 (l)(b)(i)
procedures Section 21 B2 l ,000,000 00
Failure by the financial institution to
ascertain the purpose of a transaction
and source of funds and their ultimate
destination. Regulation 24 Bl 500,000 00
Failure by the financial institution to
provide for disciplinary steps against
members of staff for noncom pl lance
with the Act, these regulations and
I
own internal rules. Regulation 36 Bi 500,000 00
Failure by the financial institution to I
ensure that the Compliance Officer
has access to all information that may
be of assistance in the execution of his I
duties. Regulation 35 82
-Failure by the financial institution to , 1.oo~.000 o~
establish procedure for conducting
enhanced due diligence on specified
and high risk customers. Regulation 32 83 3,000,000 00
Failure by the financial institutions to
establish programme to identify
persons on relevant sanctions list. Section 27(1) (b)(iJ BJ 3,000,000 00
Failure by the financial institution to
ensure that foreign branches or
subsidiaries observe minimum
requirements otimoney laundering '
measures of Malawi. Regulation 26 82 1,000,000 00
Failure by a financial institution to
identify or report a suspicious Regulation 29
transaction. Section 23 II BJ 3,000,000 00
Failure by a financial institution to
report large currency transactions, I
domestic and international electronic
funds transfers. I Section 33 Cl 250,000 00
15th May, 2020 69

Description of violation f Provision Category Penalty

/Levei K t
Failure by a financial institution to II

retain particulars of originator II

and beneficiary of tile electronic Regulation 20(2),
funds transfer transaction. Section 28 C2 500,000 00
failure by a financial institution to
freeze an account of a designated
person. Section 28 (5) I BS 15,000,000 00
Failure by a financial institution to I
I
submit a Compliance Report Regulation 27;
within the required period. Section 36(4)(c) Cl I I
250,000 oo
failure by a person to comply with
confidentiality requirements of
suspicious transaction reports and
other information.
Failure by a financial institution to
Section 24
I
I 04
j

I, .000,000 00

comply with confidentiality I I

requirements of suspicious
transaction reports and other
I I
information.
------·
Failure by a financial institution to
Section 2.4 ! C3 2,000,000 00

monitor transactions and

conduct on going due diligence on Regulation 24,
busi".~ss relationshi12s and transactions. Section 29 C3 2,000,000 00
Failure by a financial institution to
I
implement group wide programmes
of foreign branches, subsidiaries or
I I
head office against money laundering l
and terrorist financing and handling of
proceeds of crime. Section 31 A2 I 1,000,0000 oo
MONETARY PENALTIES FOR DESIGNATED NON-FINANCIAL BUSINESSES
AND PROFESSIONS (DNFBPs)
(Regulation 35)
Categorization of Penalties
The penalties have! been divided into four categories (A, B, C, and D). The penalties are
therefore defined as per table below:
I I ·~~~~~~~~~~~~~~~~~~~~~~
CA7F<,OIU I L€VEL ,1 !LEVEL 21 LEVEL J l.EVEL ./ LfiVHL 5 , W!'EL. 6 LIY'.:L 7 1LEVEL 8 LJ<:VEL 9 LEVEL JO
PEN4L7Y PENAJ.'i Y !'f;NAUY IJ'ENALTV l'ENA!,TY : PENA DY l'!iNALTY I PENALTY PENAL ff jrENALIT
(MK'0(/0) (MK'()(}(/) (MK'l!UO) (MK.000):(l.IK'OO{J) (MK·ooa,: l{MK·oou) l(MKYJOO) (.'vfK'OCO; (lvfK~0001

.:.___--f . I loo sso I i,\Joo '.,coo \ 10,oc,o. 20,000 J 30,ouo i so.ooo 110e.o~'.__
El
C
I ""
_ JOO
i "°
l5V
j "'
200
''°
500
J, ""'
?,000
'·""."_
5,000.
"·°'"
15,000
j ,S, 000
20,GOO
I "· 000
30,000
"', 000
, 100,000

D ! 50 75 I 100 WO • 500 1,000 ~.500 5,000 j 7,500 ! 10,000

70 15th May, 2020

The following guidelines have been used to determine the seriousness of offences and
therefore the category of penalties-
l , Category A: Violations by the Board;
2. Category B: Violations by Executive Officers or Senior Management Officials;
. .
3. Category C: Violations by the DNFBPs at any a level other than the Board or Senior
Management; and
4. Category D: Violations by natural persons who are members of the Board or Senior
Management and will be charged in individual capacity.
FOi categories A, B and C, the penalties will be imposed on the institution.
Notwithstanding that the Act and the Regulations place all compliance obligations on the
reporting institution itself, in deciding which category a violation falls under, the Authority
or supervisory authority shall determine the responsible person/authority for compliance
with the provision of the Act or Regulation.
General notes
1. Repeat violations will bear penalties at the next level. A violation will be considered a
repeat offence when it meets the following conditions, among others:
(a) if it remains unresolved until next review, submission or after deadline as
directed bythe Authority or supervisory authority; or
(b) if it is resolved and recurs within a period of 12 months.
2. Multiple offences of the same provision within the Act or Regulation shall only be
penalised once.
3. The imposition of penalties shall not preclude the Authority or supervisory authority
frorn taking or imposing any other supervisory action as mandated by the law.
4. Repeat violation after maximum penalty in each category, shall attract other
enforcement actions as stipulated in the law.

PENALTJES PER PROVISION AND REGULATION

The tabl~ below shows penalties per provision and regulation.
Description of violation Provision in the law Category Penalty (MK)
/Level
I
Failure by a financial institution to
comply with the requirements for '
identification of a Malawian citizen Regulation 5 Cl 250,000.00
I
Failure by a financial institution to
I
comply with the requirement of
identification of a foreign national I Regulation 6 I C2 500,000.00
Failure by a financial institution to
comply with the requirement of
identification of a Politically Exposed
Person Regulation 7 B3 3,000,000.00
15th May, 2020
71

Description of violation ! Provision in the law Category Penalty (MK)

/Level
Failure by a financial institution to
comply with the requirement of
identification of a local legal entity or a
legal arrangement
'
Failure by a financi~ institution to
Regulation 8 _JCI 250,000.00

comply with the req irement of . I

verification of a loct legal entity or a I
legal arrangement o er than a trust Regulation 11 C2 500,000.00
Faj lure by a financi~I institution to
comply with the reqtremcnt of
identification of a fo eign company Regulation 9 C2 500,000.00
Failure by a financial institution to verify
a designated person ~hen a list of ' I
designated persons it circulated or when
opening an account or conducting a I
I
transaction Regulation 10 (4) I C4 5,000,000.00
Failure by a Financial institution to
comply with the requirement of
identification of the identity of a
Malawian citizen Regulation 5 Cl 250,000.00
Failure by a Financial institution to
comply with the requirement of
verification of the identity of a Malawian I
citizen Regulation 1 l · C2 500,000.00
Failure by a Financial institution to
comply with the requirement of
verification of the identity of a foreign . I
national Regulation ! 2 C3 [z.ooo.ccn.oo
Failure by a Financidl institution to
comply with the reqiirement of
verification of the id r ntity of a Trust Regulation 13 C3 2,000,000.00
Failure by a financial institution to verify
the identity of a benclficial owner Regulation I 0(1 ),(2) C3 2,000.000.00
Failure by insurance rompanies to
identify and verify b neficiaries ! Section 18(1) (2) (3) C2 500,00U.00
apply I
verify I

risk legal entities

higher I Section l 8(4) cj
~~~~~·~~~- ,vvO.QQ
Failure by a Financial institution to
comply with the requirement of
verification of the idJmity of a foreign
company Regulation I'S C3 2,000,000.00
72 15th May, 2020

Description of violation I Provision in the law I CategorylPenalty

/Level
(.MK)

Failure by a Financial institution to

comply with the requirement of
identification and verification of a
person's authority to act on behalf of
another Regulation 16 500,000.00
I
Failure by a Financial institution to I
operate or maintain an account in true
name of account holder. Section 20( I), (2) j 5,000,000.00

OTHER DUE DiLLlGENCE OBLIGATIONS

Failure by a Financial institution to I I
I
maintain records for the minimum
period of7 years I
Regulation 19
I
s3I 3000,000.00
Failure by <1 Financial institution to I
comply with the requirement to maintain
records in a manner that enables
I
Authority, law enforcement agency,
I
Supervisory Authorities or Competent I

Authority to reconstruct the transaction Section 22(1 )( b) 83 3,000,000.00

Failure by a financial institution to
provide a record of a transaction or any
ocher information requested by the
Authority, !aw enforcement agency,
Supervisory Authorities or Competent I
Authority within the time specified by
the Authority or the Competent Authority, Section 22(5)
I B2
I
1,000,000.00
Failure by financial institution to comply \ I I

with the requirements relating to

correspondent banking l
Regulation 22 83 i 3,000,000.00
Failure by a Financial institution to I
comply with any of the requirements
relatin~ to intermediaries or third parties i Rezulation 23
I C2 500,000.00
Failure by a financial institution to \
comply with the requirements relating to \
shell banks . Section 30 (2) 85 15,000,000.00
Failure by a financial institution to
comp!y with new rechnofogy
I I
'

requirements j Regulation 25 82 ! ,000,000.00

Failure by a financial institution to
comply with the requirement of Regulation 28,
appointing a Compliance Officer Section 27 ( 1 )(a) A'?-/ Bl 1,000,000.0C
Failure by the financial Institution to • I.
train and make its employees aware of
policies, procedures, audit systems
reiating to money laundering.
Section 27 (I)( b)(vii),
Section 27(l)(c) Bl
I '·
,500,000.00
15th May, 2020 73

Description of violation I Provision in the law Category Penalty (MK)

Failure by the Financial institution to

I /Level

screen persons before hiring them. .Section 27 (!)(b)(viii~ Bl 500,000.0C

Failure by the Financial Institution to I
establish an audit function to test Anti I I
Money Laundering procedures and I
systems. ~ection 27(l)(d) A2 I B2 I 1,000,000.00
Failure by the Financial Institution 10 J

establish a customer acceptance policy. I Regulation 18 A3 I 82 5,000.000.00

Failure by the Financial Institution to I
conduct risk asses:1ment and develop riskll Section (27)(l)(b)(i)
based systems andjprocedures. Section 21 B2 l,000,000.00
.. --·

ascertain the purpose of a transaction andl I '

ource of funds and their ultimate
destination. I Regulation 24 Bl 500,000.00
Failure by the Financial Institution to
provide for disciplinary steps against I
members of staff for noncompliance withl
the Act, these regulations and own
internal rules. I Regulation 36 [ BI
II 500,000.00

3,000,000.00
Failure by the Financial Institution to
ensure that foreign branches or
subsidiaries observe minimum
requirements of money laundering
II
measures of Mala
_F_a_i l-u,--~-b-1··-a-f-in-.a-n....._pia-1 -in-s-ti-tu_t._io_n_r_o__
I Regulation 26
I. 82 1,000,000.00

identify or report suspicious a I Regulation 29,

transaction. I Section 23 83 3,000,000.00
Failure by a financial institution to
report large currency transactions,
domestic and inteJnational electronic I
funds transfers.
--------------L-lsection 33 I Cl 250,000.00
74 15th May, 2020

Description of violation 'Provision in the /awl CategoryjPenalty (MK)

Failure by financial institution to retain,

particulars of originator and beneficiary
of the electronic funds transfer
transaction.
f Regulation 20(2),
Section 28
I/Level
•
II
, C2
I
j
I
j 500,000.00
Failure by financial institution to freeze - --r
an account of :1 designated person. ! Section 28(5) I BS 15,000,000.00
Failure by financial institution to I !
submit a Compliance Report within I
:he required Regulation 27; period. j Section 36(4)(c) Cl 250,000.00
Failure by a person to comply with
confidentiality requirements of I I
suspicious transaction reports and other ! I I
information. I section 24 \ D4
·,
! 1,000,000.00

Failure by a financial institution to

implement group wide programmes of
foreign branches, subsidiaries or head
office against money laundering and
terrorist financing and handling of
lI II
proceeds of crime. [Section 3 l A2 / B2 11,ood,000.00

PART C-MONETARY PENALTIES FOR BANKS AND INSURERS

(!nsure,rs for underwruing all classes of Insurance business)
Categorization of Penalties
Penalties for banks and insurers have been divided into four categories (A, B, C, and D) as
follows-., ·

I ~EVEL/LEVEL I
LEVEL 4 I LEVEL 5 I LEV~L 6
CATEGOl?.Y
PENALTY FENAL7T
2 l LEVEL 3
PENALTY
I (MK· 000) (i'vlK' 000) (MK'OOO)
PENALTY
(MK'OOO)
I PENALTY
(MK'OOO)
PENALTY
(MK'OOOJ
A - 30,000 __µo.ooo 50,000 '60.000
160:000
100,000
B 10,000 20,000 I 30,000 45,000. 100,000
• I
c 10,000 20,000 30,000 45,000 60,000 100,000
D I 1,000 ,2,000 3,000 4,000 5,000 i0.'000 /·
15th May, 2020 75

The following guidelines have been used to determine the seriousness of offences and
therefore the categor of penalties-
Category A: Violations by the Board;
Category B: Violations by Executive Officers or Senior Management Officials;
Category C: Violations by the financial institution at any a level other than the Board or
Senior1Management; and
Category D: Violations by natural persons who are members of the Board or Senior
· Management and will be charged in individual capacity.
For categories A, B and C, the penalties will be imposed on the institution.
Notwithstanding thf the Act and the Regulations place all compliance obligations on the
reporting institution itself. in deciding which category a violation falls under. the Authority
or supervisory authority shall determine the responsible person/authority for compliance
with the provision ~(the Act or Regulation.
GENERAL NOTES
1. Repeat violations will bear penalties at the next level. A violation will be considered
a repeat offence when it meets the following conditions, among others.-
Cu) if it re+.ains unresolved until next review, submission or after deadline as
directed by the Authority or supervisory authority; or
(b) if it is r,solved and recurs within a period of 12 months.
2. Muitiple offences of the same provision within the Act or Regulation shall only be
penalised oner.
J. The imposition of penalties shall not preclude the Authority or supervisory authority
from taking or imposing any other supervisory action as mandated by the law.
4. Repeat violation after maximum penalty in each category, shall attract other
enforcement actions as stipulated in the law.

PENALTlES PER PROVISION A'f\.'D R.EGULATJO

The table below shows penalties per provision and regulation.

Description of vioration I Provision I Catego,y! Penalty (MK)

; /Level I
Failure by a financial institution to
comply with the requirements for
I
identification of a Malawian citizen J Regulation 5 I Cl 110,000,000 00
Failure bv a finanbial institution to I
I I
comply witb the ~~quiremems for I
__
identification
,. of a foreign national
Failure by a financial institution to
I
I Regulation 6
I
I
!
C2 [zc.coo.ooo oo
comply with the requirements for 1 I
j
identification of Politically Exposed j •
Person Regulation 7 I C3 130,000,000 00
I
76 15th May, 2020

Description of violation Provision Category Penalty (A,fK)

/Level
Failure by a financial institution to • ·1
comply with the requirements for
identification of a local legal. entity or a
legal arrangement Regulation 8 Cl l 0,000,000 00
Failure by a financial institution to
comply with the requirements for
identification of a local legal entity or a
legal arrangement other than a trust Regu iation 11 C2 20,000,000 00
Failure by a financial institution to
comply with the requirements for
identification of a foreign company Regulation 9 C2 20,000,000 00
Failure by a financial institution to verify
a designated person when a list of
designated persons is circulated or
l
when opening an account or conducting
a transaction Regulation 10 (4) P000,000 00
Failure by a financial institution to
comply with the requirements of
verification of the identity of a Malawian
citizen Regulation 11 I C2 20,000,000 00
Failure by a financial institution to
comply with the requirements of
verification of the identity of a foreign
!
l
national Regulation 12 IC3
i
30,000,000 00
Failure by a financial institution to i
comply with the requirements of
verification of the identity of a Trust Regulation 13 C3 I 30,000,000 00
Failure by a financial institution to verify
the identity of a beneficial owner Regulation 10( I ),(2) C3 I 30,000,000 00
Failure by insurance companies to
identify and verify beneficiaries Section 18(1)(2) (3) C2 20,000,000 00
Failure by insurance companies to apply
enhanced measures to identify and verify
identity of the beneficial owner of higher
risk legal entities Section 18(4) C3 30,000,000 00
- .. ~ • I • - _.• •...__ .L~ - -- ••• ~
'

ply witn tne req

verification of the identity of a foreign
company Regulation 15 I
t
C3 130,000,000 00
Failure by a financial institution to
comp!y with the requirement of
I
I
identification and verification of a
person's authority to act on behalf of
another I Regulation 16
I1c2 20,odo,000 oo ,
15th May, 2020 77

Description of violation !Provision Categoryl Penalty (MK)

/Level
Failure by a Financial institution to l
operate or maintain an account in true .
name of accour.t holder. l Section 20(1). (2) C4 145.000
l ' '
000 00

OTHER DUE DILLIGENCE OBUGATIONS

Failure by a financial institution to
maintain records for the minimum period]
of 7 ; ears Regulation 19 B3 bo.000,000 oo
i
Failure by a financia institution to
comply with the req~iren;ent to maintain
records in a manner \hat enables
I
I
Authority, law enforcement agency,
Supervisor) Authorities or Competent
1
I
I
Authority re reconstruct the trnnsact!On Sec.tion 22( l )(b) ! B3 130,000.000_ 00
Failure by a financial institution to I I
provide a record of a transaction or any
other information requested by the I
Authority, law enforcement agency,
Supervisory Authorities or Competent
Authority within the time specified by
the Authority or the Competent
Authority Section 22(5) B2 20,000,000 00
Failure by financial institution to comply
with the requirements relating to j
cotTesponJen, banking 22 B3 30,000,000 00
1Regulation

Failure by a financial institution to I

comply with any of the requirements I 30,000,000 00
relating_to intermediaries or third parties !Regulation 23
Failure by a financial institution to ']
comply with the requirements of the
FCA relating to shell banks !section 30 (2) 60,000,000 QO
Failure by a fmancial with new t
technology requirements institution to I
comply t Regulation 25 I 82 120,000,000 00
Failure by a financial institution to
comply wirh the requirement of
appointing a Compliance Officer I section 27( l )la) A3 40,000,000 00
Failure by the financial institution to
train and make its employees aware of
policies, procedures. audit systems Section 27 ( 1 )(b)(vii~,
relating to money laundering . Section 27 ~ l)tc) I
£32 120,000,000 00
Failure by the fiaapcia! .ir~stitution to \ . ..
screen persons before hiring them lSect1on 27 (l)(b)(vnfi Bl I 0,000,000 00
78 15th May, 2020

Description of violation Provision Category Penalty (MK)

/Level
Failure by the financial institution to ,
establish an audit function to test Anti
Money Laundering procedures and
systems. Section 27 (l)(d) A2. 30,000.000 00
I
Failure by the financial institution to I

establish a customer acceptance pol icy. Regulation ) 8 A3 140,000,000 00

r-r-
Failure by the financial institution to
conduct risk assessment and develop Section 27 (l)(b)(i) I
risk based systems and procedures Section 21
--L.Regulation 3 B3 130.000.000 00
Failure by the financial institution to
ascertain the purpose of a transaction
and source of fonds and their ultimate
destination. Regulation 24 83 30,000,000 00
Failure by the financial institution to
provide for disciplinary steps against
members of staff for noncompliance I
with the Act, these regulations and own
internaJ rules. Regulation 36 Bl I 0,000,000 00
Failure by the financial institution to
ensure that the Compliance Officer has
access to all information that may be of
assistance in the execution of his duties. Regulation 35
I
B2 20,000,000 00
Failure by the financial institution to
establish procedure for conducting
enhanced due diligence on specified and \
high risk customers. Regulation 32 83 30,000,000 00
Failure by the financial institutions to
establish programme to identify persons
l I
on relevant sanctions list. Section 271 (b)(ix) I 84 45,000,000 00
-
Failure by the financial institution to
ensure that foreign branches or !
subsidiaries observe minimum
requirements of money laundering
measures of MaJawi. Regulation 26 B2 20,000,000 po
Failure by a financial institution to
identifyor report a suspicious Regulation 29
transaction. Section 23 C3 30,000,000 00
Failure by a financial institution to
-
report large currency transactions, I
I
domestic and international electronic
funds transfers. Section 33 Cl 10,000,000 00
I
15th May, 2020 79

Description of violation Provision Category Penalty (MK)

/Level
Failure by financial institution ro retain

of the el_ectronic
transaction.
,ds
particulars of originator and beneficiary
transfer Regulation 20,
Section 28 C2 20,000,000 00
'T
Failure by financial institution to freeze
.an account of a designated person. Section 28 (5) BS 60,000,000 00
Failure by financial institution to submit I
a Compliance Report within the I
Regulation 27;
required period. I Section 36 (4)(c) Cl I 0,000,000 00
Failure by a person to comply with I
confidentiality requirements of
suspicious transaction reports and other I

information. Section 24 05 5,000.000 00

Failure by a financ~al institution to I
comply with confi entialiry requ1rementsl
of suspicious transaction reports and
other information. j Section 24 C3 30,000,000 00

I 24, I
relationships and transactions. Section 29 I C3 30,000,000 00
Failure by a financial institution to
implement group idc programmes of II
foreign branches, subsidiaries or head
office against monby laundering and
I
terrorist financing and handling of l
proceeds of crime. i Section 31 A2 30,000,000 00

Made this 28th day of February, 2020.

J. MWANAM.VEf-:HA
Minister of Finance. Economic
(FILE NO. HNDG02/07/208) Planning and Development

Printed and Published by THE GovERNMfl,r P•ill'l'l'l'J'., ~,:!ongwc,Malawi--6289-(Price K3,500.0IJ)