Notice under section 182 for tax year 2020
December 18, 2020
AML CFT Sanctions Rules 2020
January 28, 2021
Show all

Rules for DNFBPs for Anti Money Laundering and Countering Financing of Terrorism

Rules for DNFBPs for Anti Money Laundering and Countering Financing of Terrorism

S.R.0 924(1)/2020.— In exercise of powers conferred under section 6A of the Anti-Money Laundering Act, 2010 (VII of 2010) read with clause 1(iii) of Schedule IV to  the  said  Act,   Federal  Board  of  Revenue  is  pleased  to  make  the  following Regulations     in     respect    of    the     Designated     Non-Financial    Businesses    and Professions(DNFBPs), namely Rules for DNFBPs for Anti Money Laundering and Countering Financing of Terrorism

Short title application and commencement.—(1) These regulations may be called the Federal Board of Revenue Anti Money Laundering and Countering Financing of Terrorism Regulations for DNFBPs, 2020.

(2)       These  Regulations  shall  apply  to  real  estate  agents,  jewelers  and Accountants.

(3)       They shall come into force at once.

Definitions.— (1)   In   these   regulations,   unless   there   is   anything repugnant in the subject or the context—

(a)     “Accountants”  means,  other than  those  regulated  by  Institute  of Chartered Accountants of Pakistan (ICAP) and Institute of Cost and Management Accountants of Pakistan (ICMAP), sole practitioners, partners or employed professionals within professional firms when they carry out the activities as specified in the AML Act in section 2, in clause (xii) in sub clause (c) or (d) ;

Explanation.- The term “Accountants” is not meant to refer to ‘internal’ professionals that are employees of other types of businesses, nor to professionals working for government agencies, who may already be subject to AML/CFT measures;

(b)    AML Act” means the Anti-money Laundering Act, 2010 (VII of 2010);

(c)     “AML/CFT” means Anti-Money Laundering and Countering Financing of Terrorism;

(d)      “AML/CFT Regulatory Authority” for purposes of these regulations means the Federal Board of Revenue or FBR;

(e)       “close associate” of a PEP means-

(i)          an individual known to have joint beneficial ownership of a legal person or a legal arrangement or any other close business relations with the PEP;

(ii)        an individual who has sole beneficial ownership of a legal person or a legal arrangement which  is known to have been set up for the benefit of the PEP;

(iii)       an individual who is reasonably found or believed to be closely connected with the PEP for any other reason, either socially or professionally.

(f)   “Customer or client” means any natural person, legal person  or legal arrangement engaging a Real Estate Agent, Jeweler or Accountant for the purposes of requesting, acquiring, or using any services or carrying out any transaction or business with a Real Estate Agent, Jeweler or Accountant;

(g) “DNFBP” for purposes of these regulations, means real estate agents, jewelers and accountants as defined in these regulations.

(h) “Enhanced Due Diligence” or “EDD” means taking additional CDD and may include the steps to be taken as given in these regulations;

(i)   ”  Family Member” family member of a  politically exposed  person includes-

(i)         a spouse of the PEP;

(ii)        lineal ascendants and descendants and  siblings of the PEP;

(j)   Federal Board of Revenue” means the Federal Board of Revenue (FBR) established under the Federal Board of Revenue Act, 2007;

  • (k) “Jeweler” means a person who is a bullion dealer or engaged in sale of jewelry, precious stones and metals including all articles made wholly or mainly  of gold,  platinum,  diamonds  of all  kinds,  precious  or semiprecious stones,  pearls whether or not mounted,  set or strung  and articles set or mounted with diamonds, precious or semi-precious stones or pearls, when they engage in a cash transaction with a customer of a value equivalent to two Million rupees or more.

(I)   ” ML” means money laundering;

(in)      “Politically Exposed Persons” or “PEPs” means any individual who is or   has   been   entrusted  with   a   prominent  public  function   either domestically or by a foreign country, or in an international organization and includes but is not limited to:

(i)    for  foreign   PEPs,   Head   of  state  or  of  government,   senior politicians, senior government officials, judicial or military officials, senior executives of state owned corporations and political party officials; for domestic PEPs,  Heads of State or of government,  senior politicians, senior government officials, judicial or military officials, senior executives  of state owned  corporations,  political  party officials; and

(iii) for   international   organizations    PEPs, members   of   senior management  or  individuals  who  have  been  entrusted  with equivalent functions;

(n) “Real Estate Agent” includes builders,  real estate developers and property brokers and dealers when execute a purchase and sale of a real property, participate in a real estate transaction capacity and are exercising   professional  transactional   activity  for  undertaking   real property transfer;

(o) “reasonable  measures”  means  appropriate  measures  which  are commensurate with the money laundering or terrorist financing risks;

(p) “Senior  Managing  Official”  means  an  officer  or employee  of the reporting entity or DNFBP with sufficient knowledge of the reporting entity’s risk exposure, and of sufficient authority, to take decisions affecting its risk management and mitigation, including chief executive officer   or   managing   director,   deputy   managing   director,    chief operating  officer,  company  secretary,  chief financial  officer,  chief compliance officer and chief regulatory officer and any holder of such positions by whatever name called;

(q) “Simplified  due  diligence”  or “SDD”  means  taking  reduced  CDD measures and may include the measures set out in these Regulations.

(r) “STR” means the report on suspicious transaction specified under Section 7 of the AML Act; and

(s) “TF” means financing of terrorism.

(2)     All other expressions used but not defined in these regulations shall have the meaning assigned thereto under the AML Act and the Income Tax Ordinance, 2001 (XLIX of 2001).

Registration and market entry control of DNFBPs.- (1) Every DNFBP shall be registered with the Board.

(2) The DNFBP shall provide any information or documentation that may be required  by the  Board  for the  purposes  of  registration  or  keeping  the  DNFBP registration up to date,  including but not limited to criminal records of the senior management and beneficial owners

(3)    The DNFBP shall notify the Board if it ceases operations as a DNFBP within thirty business days after ceasing operations, in the form and manner that may be required by the Board, and the Board shall deregister the DNFBP if the appropriate information is provided.


Risk assessment and mitigation by DNFBPs.- (1)The DNFBPs shall take appropriate steps in accordance with section 7F of the AML Act to identify, assess, and understand their risks for customers, countries or geographic areas, and products, services, transactions or delivery channels. This includes being required to-

(a) document their risk assessment

(b)   consider all the relevant risk factors before determining what is the level of overall risk and the appropriate level and type of mitigation to be applied;

(c)   keep the assessment up to date

(d)   have appropriate mechanisms to provide risk assessment information to Board.

(2)       The DNFBPs shall:

(a)        have policies, controls and procedures, which are approved by senior management, to enable them to manage and mitigate risks that have been identified in its own risk assessment and any other risk assessment publicly available or provided by FBR;

(b)        monitor the implementation of those controls and to enhance them if necessary; and

(c)        take  enhanced  measures  to  manage  and  mitigate  the  risks where higher risks are identified.

(3)       the DNFBP may take simplified measures to manage and mitigate risks, if lower risks have been identified. Simplified measures shall not be permitted whenever there is a suspicion of ML/TF.

New products, practices and technologies.- (1) The DNFBP shall-

(a)     identify and assess the ML and  TF  risk that may arise  in the development of new products, businesses and practices, including new delivery mechanism,  and the  use of new and pre-existent technology; and

(b)      prior to the launch or use of product, practice or technology, DNFBP shall    undertake   the   risk   assessment   and   take   appropriate measures to manage and mitigate the risks.


Record keeping by DNFBPs.— (1) The records maintained by DNFBPs as set out in section 7C of the AML Act shall be sufficient to permit reconstruction of individual transactions including the nature and date of the transaction, the type and amount of currency involved and the customer involved in the transaction so as to provide, when necessary, evidence for prosecution of criminal activity.

(2)        The  record  may  be  maintained  in  paper or electronic  form  or on microfilm.

(3)       The records of identifications data obtained through CDD, including EDD process, including copies of identification documents, application forms, verification documents and other documents along with business correspondence, and results of any analysis undertaken shall be maintained for a minimum period of five years after the business relationship is terminated.

(4)        The  DNFBPs  shall  retain  such  records  till  disposal  of case  where transactions, customers or instruments are involved in litigation or the same are required by a court of law or other competent authority, the DNFBP shall retain such records until such time as the litigation is  resolved or until the court of law or competent authority indicates that the records no longer need to be retained

(5)      The DNFBP shall satisfy promptly any enquiry or order from Board, designated law enforcement Agencies and FMU, for supply of ODD information and transaction records as per the relevant provisions of AML Act.

(6)        Copies of documents mentioned in sub-regulation (1) of this Regulation shall  be  stamped  “Original  seen”  by  the  Real  Estate  Agents,  Jewelers  and Accountants after viewing the original documents.

(7)       The Real Estate Agents, Jewelers and Accountants shall keep a list of all such customers where the business transaction was refused or needed to be closed  either  on  account  of failure  of the  customer  to  provide  the  relevant documents under sub-regulation (1) of this regulation or the original document for viewing as required under sub-regulation (2) of this regulation.

Compliance program.- (1) In order to implement compliance programs as set out in section 7G of the AML Act, the regulated person shall implement the following internal policies, procedures and control, namely:-

(a)      compliance management arrangements, including the appointment of a compliance officer at the management level, as the individual responsible for the regulated person compliance with these Regulations, the AML Act and other directions and guidelines issued  under the aforementioned regulations and laws;

(b)        screening procedures when hiring employees to ensure the integrity and conduct,  skills,  and  expertise  of such  employees  to  carry  out their functions effectively;

(c)        an ongoing employee training program; and

(d)        an independent audit function to test the system.

(2)        For purposes of sub-regulation (1)(d) testing the system includes an assessment  of  the  adequacy  and  effectiveness  of  the  policies,   controls  and procedures adopted by the regulated person to comply with the requirements of these regulations; and to make recommendations in relation to those policies, controls and procedures.

(3)         For  purposes  of  (a)  the  regulated   person  shall  ensure  that  the compliance officer shall –

(a)        reports directly to the board of directors or chief executive officer or committee;

(b)         has timely access to all customer records and other relevant information which they may require to discharge their functions, as well as any other persons appointed to assist the compliance officer;

(c)        be responsible for the areas including, but not limited to-

(i)         ensuring that the internal policies,  procedures and controls for prevention of MUTF are approved by the board of directors of the regulated person and are effectively implemented;

(ii)        monitoring, reviewing and updating AML/CFT policies and procedures, of the regulated person;

(iii)       providing  assistance  in  compliance to other departments and branches of the regulated person;

(iv)      timely submission of accurate data/ returns as required under the applicable laws;

(v)        monitoring and timely reporting of Suspicious and Currency Transactions to FMU; and

(vi)       such other responsibilities as the regulated person may deem necessary in order to ensure compliance with these regulations.

  1. In the   case   of  a   corporate  group,   in   addition  to  the  obligations established in these regulation, the regulated person shall implement –

(a)        policies and procedures for sharing information required for the purposes of CDD and risk management;

(b)        the provision,  at group-level  compliance,  audit,  and/or AML & CFT functions,   of  customer,   account,   and  transaction   information  from branches and subsidiaries when necessary for AML & CFT purposes; and

(c)        adequate  safeguards  on  the  confidentiality  and  use  of  information exchanged, including safeguards to prevent tipping-off.

  1. The DNFBP shall ensure that their foreign branches and majority-owned subsidiaries apply AML & CFT measures consistent with Pakistan requirements where the minimum AML & CFT requirements are less strict than Pakistan, to the extent that host country laws. If the foreign country does not permit the proper implementation of AML/CFT measures consistent with that of Pakistan requirements, financial groups should to apply appropriate additional measures to manage the risks, and inform the Commission.


Customer Due Diligence (CDD) and Beneficial  Ownership.—            (1) DNFBPs shall conduct CDD in the circumstances and matters set out in section 7A(1) of the AML Act when they engage in the following activities, namely:-

(a)        Real Estate Agents- when they are involved in transactions for a client concerning the buying and selling of real estate;

(b)        Jewelers and Dealers in precious metals and stones – when they engage in any cash transaction with a customer or client equal to or above Rs. 2 Million; and

(c)        Accountants when they prepare for, or carry out, transactions for their clients concerning the activities described in section 2(xii)(c) and (d)  of the AML Act.

(2)        The DNFBP shall identify the customer whether entering into a business relationship or conducting an occasional transaction, and whether natural or legal person  or  legal  arrangement  and  verify  that  customers  identity  using  reliable, independent  sources  documents,  data  or  information  as  required   under  these regulations.

(3)       The DNFBP shall  identify the beneficial owner and take reasonable measure to verify the identity of the beneficial owner by using reliable and independent document, data or sources of information as set out in these Regulations, such that the DNFBP is satisfied that it knows who the beneficial owner is.

(4)        Where   the   customer   is   represented   by   an   authorized   agent  or representative, the DNFBP shall –

(a)        Identify every person who acts on behalf of the customer,

(b)         Verify   the   identity   of  that   person   by   using   reliable   and independent documents, data or information as set out in these regulations; and

(c)         Verify the  authority  of that  person  to  act  on  behalf  of the customer.

(5)        The  DNFBP shall understand and  as appropriate obtain information on the purpose and intended nature of the business relationship.

(6)        The  DNFBPs  shall  conduct ongoing due diligence on the business relationship, including—

(a) scrutinizing  transactions  undertaken  throughout  the  course  of that relationship  to  ensure  that  the  transaction   being   conducted   are consistent with the DNFBPs knowledge of the customer, their business and risk profiles, including where necessary, the source of funds; and

(b) ensuring that documents, data, or information collected under the CDD process  is kept up-to-date and  relevant,  by undertaking  reviews  of existing records, particularly for higher risk categories of customers.

(7)      For customers that are legal persons or legal arrangements, the DNFBP shall understand the nature of the customer’s business and its ownership and control structure.

(8)   For customers  that are  legal  persons  and  legal  arrangements,  the DNFBPs shall identify the customer and verify its identity by obtaining the following information in addition to the information required under sub-regulation (4):

(a) name, legal form and proof of existence;

(b) the powers that regulate and bind the legal persons or arrangement, as  well  as  the  names  of the  relevant persons  having  a  senior management position in the legal person or arrangement; and

(c) the address of the registered office and, if different, a principal place of business.

(9)         For customers that are legal persons, the DNFBP shall identify and take reasonable  measures to verify the  identity of the  beneficial  owners through  the following information using reliable and independent documents data or information as set out in sub section 12:

(a)   Identifying the natural person if any who ultimately has a controlling ownership interests as defined under relevant laws in a legal persons; and

(b)  to the extent that there is doubt under clause (a) as to whether the person with the controlling ownership interest is the beneficial owner or where no natural persons exerts control through ownership interest, identity of the natural person if any exercising  control  of the  legal  persons or arrangements through other means; and

(c) where no natural person is identified under (a) or (b) above, the identity of the relevant natural person who holds the position of senior managing official,

(10)      For customers that are legal arrangements, the DNFBPs shall identify and take reasonable measures to verify the identity of beneficial owners through the following information using reliable and independent documents data or information as set out in sub —regulation 12, namely:-

(a) for trust, the identity of the settler, the trustee(s), the protector (if any), the beneficiaries or class of beneficiaries, and any other natural persons exercising ultimate effective control over the trust (including through a chain of control/ownership);

(b) for Waqf and other types of legal arrangements, the identity of persons in equivalent or similar positions as specified in (a); and

(c) Where any of the persons specified in clause (a) or (b) is a legal person or arrangement, the identity of the beneficial owner of that legal person or arrangement shall be identified.

(11)      For the purposes of verification  of identity of customer or beneficial owner in these regulations, reliable and independent document, data or sources of information includes –

(a) for a natural person, copy of –

(i)      Computerized   National   Identity   Card    (CNIC)   issued   by NADRA; OR

(ii)      National identity card for overseas Pakistanis (NICOP) and/or duly  issued  machine  readable  passport  for  non-resident/overseas Pakistanis    or   those   who    have    dual nationalities; or

(iii)         copy  of  Pakistan  origin  card (POC)  issued  by  NADRA; and/or passport for Pakistanis who have given up Pakistan nationality; or

(iv)          Form B or smart/juvenile card issued by NADRA to children under age of 18 years; or

(v)         Where the natural person is a foreign national, either Alien Registration     Card    (ARC)     issued     by     National    Aliens Registration   Authority     (NARA),    Ministry   of   Interior   or Passport having valid visa on it or any other proof of legal stay along with the passport;

(b) For a legal person, certified copy of –

(i)  Resolution  of board  of directors for opening  of account specifying the person authorized to open and operate the account (not applicable for single member company);

(ii) Memorandum of Association;

(iii) Articles of Associations, wherever applicable;

(iv) Certificate of incorporation;

(v) Securities and Exchange Commission of Pakistan (SECP) registered declaration for commencement of business as required under the Companies Act, 2017 (XIX of 2017), as applicable;

(vi)      List of directors required to be filed under the Companies Act, 2017 ( XIX of 2017), as applicable;

(vii)   Identity documents as per sub-clause (a) of all the directors, beneficial   owners   and   person  authorized  to  open   and operate the account; and

(viii) any other documents as deemed necessary including its annual accounts and financial statements or disclosures in any form  which  may  help  to  ascertain  the  detail  of its activities, sources and usage of funds in order to assess the risk profile of the prospective customers

(c)     For a legal arrangement, certified copies of –

(i)   The instrument creating the legal arrangement;

(ii)       Registration documents and certificates;

(iii)       The Legal arrangement’s  by laws, rules and regulations;

(iv)       Documentation   authorizing   any   person   to   open   and operate the account;

(v)       Identity document as per sub clause  (a)  above of the authorized persons, beneficial owners and of the members of  governing   bodies,   board   of  trustees   or   executive committee,  if it is ultimate governing body,  of the legal arrangement; and

(vi)      Any other document as deemed necessary including its annual accounts and financial statements or disclosures in any form which may help to ascertain the subject of the truth, the detail of its activities, sources and usage of funds in  order to  assess  the  risk  profile  of the  prospective customers;

(d)        In respect of Government institutions and entities not covered here in above:

(i) CNICs of the authorized persons; and

(ii) Letter of authorization from the authority concerned.

(12)      The DNFBP shall verify the identity of the customer and beneficial owner before establishing a business relationship or conducting an occasional transactions.

(13)     The DNFBPs may complete verification after the establishment of the business relationship, provided that:-

(a) this occurs as soon as reasonably practicable;

(b) this is essential not to interrupt the normal conduct of business; and

(c) the risks are effectively managed.

(14)     The DNFBPs shall adopt risk management procedures concerning the conditions under which a customer may utilize the business relationship prior to verification.

(15)   The  DNFBPs shall conduct on going due diligence on the business relationship, including:

(a)        scrutinizing transactions  undertaken  throughout the course of

that relationship to ensure that the transaction being conducted are consistent with DNFBPs knowledge of the customer, there business and risk profile, including where necessary, the source of funds; and

(b)        Undertaking   reviews   of  existing   records   and   ensuring   that documents, data or information collected for the CDD purposes is kept up to date and relevant, particularly for higher risk categories of customers.

(16)   The DNFBPs shall apply CDD requirements to existing customers on the basis  of  materiality  and  risk,  and  to  conduct  due  diligence  on  such  existing relationships  at appropriate times,  taking  into account whether and when  CDD measures have previously been undertaken and the adequacy of data obtained.

(2)  EDD  measures  may  include  but shall  not be  limited  to  the following measures:

(a)   Obtaining additional information on the customer (e.g. volume of assets, information  available  through  public  databases,  internet,  etc.),  and updating more regularly the identification data of customer and beneficial owner;

(b)   Obtaining additional information on the intended nature of the business relationship;

(c)    Obtaining information on the source of funds or source of wealth of the customer;

(d)   Obtaining   information   on  the   reasons  for  intended   or  performed transactions.

(e)   Obtaining the approval of senior management to commence or continue the business relationship;

(f)     Conducting  enhanced  monitoring  of the  business  relationship,  by increasing the number and timing of controls applied,  and  selecting patterns of transactions that need further examination;

(3)      In relation to Sub Regulation 1 (c) above, the DNFBPs shall:

(a) implement appropriate risk management systems to determine if a customer or beneficial owner is a PEP or a close associate or a family member of a PEP, both prior to establishing a business relationship or conducting a transaction, and periodically throughout the course of the business relationship;

(b)  Apply at minimum the following EDD measures:

(i)   obtain approval from senior management to establish or continue a business relations where the customer or a beneficial  owner  is  a  PEP,  close  associate  or  family member of a PEP or subsequently becomes a PEP, close associate and family member of PEP;

(ii)   take reasonable measure to establish the source of wealth and  the  source  of funds  of customers  and  beneficial owners  identified  as  a  PEP,  close  associate  or family member of a PEP;

(iii) conduct enhanced ongoing monitoring of business relations with the customer or beneficial owner identified as PEP. Close associate and family member of a PEP; and

(iv)   establish, by appropriate means, the sources of wealth or beneficial ownership of funds as specified in the relevant Schedule under the head source of funds.

Simplified Due Diligence (SDD).- (1) The DNFBPs may apply SDD, when identifying and verifying the identity of a customer or beneficial owner, only where lower risks have been identified through an adequate analysis through its own risk assessment and any other risk assessments publically available or provided by FBR or in accordance with these regulations and commensurate with the lower risk factors.

(2) SDD  measures  may include but shall  not be  limited to the following measures, namely:-

(a)  verifying the identity of the customer and the beneficial owner after the establishment of the business relationship;

(b)    Reducing   the    degree    of   on-going    monitoring    and    scrutinizing transactions.

(c)    Not collecting specific information or carrying out specific measures to understand   the    purpose    and    intended    nature   of  the   business relationship,  but  inferring the  purpose  and  nature from  the type of transactions or business relationship established.

(3)    DNFBP shall not apply any SDD whenever there is a suspicion of money laundering or terrorist financing.

Counter Measures against high risk countries.  — (1)  Regulated persons  shall  apply the  countermeasures  indicated  by  the  Federal  Government, pursuant  to   recommendations  by  the   National   Executive  Committee,  whenever required.

Reliance on Third Parties.- (1)  The DNFBPs may rely on a third party for identification of customer and CDD as set out in this Regulation, provided relying DNFBP;

(a)     will  remain  liable for any failure to apply such  indicated CDD measures above;

(b)   immediately obtain from the third party the required information concerning CDD as set out in these Regulations;

(c)  the reporting entity shall keep those copies of identification as set out in Regulation 6; and

(d)   satisfy itself that the Third Party is supervised by an AML/CFT regulatory Authority or an equivalent foreign authority and has measures in place for compliance with AML Act obligation of CDD and record keeping.

(2)    Where a DNFBP relies on a third party that is part of the same corporate group, the DNFBP may deem the requirement of sub-regulation (1) of 12 to be met if –

(a)     the    corporate    group    applies    CDD    and     record    keeping requirements in accordance with AML Act and regulations made their under;

(b)   the implementations of requirements in paragraph (a) above is supervised by an AML/CFT regulatory authority or an equivalent foreign authority; and

(c) the corporate group has adequate, measures in place to mitigate any higher country risks.

(3)  subject to Regulation 11, when determining in which country a third party may be based, the DNFBP shall have regard to available information on the level of country risk.

Targeting Financial Sanctions (TFS).—(1) Pursuant to section 7H of the AML Act, in order to comply with TFS, the DNFBP shall:-

(a)   Develop mechanism, processes and procedures for screening and monitoring   customers   and   potential   customers   to  detect   any matches or potential matches with the stated designated/proscribed person – or if beneficial owners of the designated/proscribed person

Explanation.-  For the purposes of this section the expression  associates means persons and entities acting on behalf of, or at the direction, or for the benefit,  of proscribed  or designated  entities  and  individuals  that  may  be determined on the basis of appropriate screening of sanctions lists, disclosed nominee/beneficiary information, publicly known information, Government or regulatory sources or reliable media information, etc.

Reporting of STR and CTR.—(1) The DNFBP shall file STR and CTR to FMU, as per requirements prescribed by FMU as required under section 7 of AN_ Act.

Monitoring and compliance.— (1) The record to be maintained and

furnished by the Accountants, Real Estate Agents and Jewelers under these rules and as required by AML Act shall be subject to  inspection by FBR, as laid down in section 6A(2)(f) of AML Act, who may be assisted by other law enforcement agencies.

Sanctions.—(1) Any violation of any provision of these regulations shall be subject to sanctions issued under the AML Act.

Waheed Ensari
Waheed Ensari
Waheed focuses on modern techniques in order to management of businesses through finances, learning & development, IT.Its his appetite which draws his attention & energy in helping people (business owners/entrepreneurs) – to get the crystal aspects of the business.

Comments are closed.

WhatsApp WhatsApp us