How Financial Institutions Can Navigate Challenges Faced in Enforcing the Anti Money Laundering Act
Money laundering is defined as a process of turning illegitimately obtained property into seemingly legitimate property. It includes concealing or disguising the nature, source, location, disposition or movement of the proceeds of crime and any activity which constitutes a crime under section 3 of the Anti- Money Laundering Act of Uganda.
In enforcing The Anti Money Laundering Act, it appoints accountable persons to include Advocates as defined by the Advocates Act, notaries licensed and certified under the Notaries Public Act, Accountants as defined in the Accountants Act, a board of executors or a trust company, Casinos (which include internet casinos), Real estate agents, Dealers in precious metals and gems, a Financial Institution as defined in the Financial Institutions Act, a Broker, dealer or investment advisor licensed under the Capital Markets Authority Act, an Insurance Company licensed under the Insurance Act, Registrars of Companies, Registrars of Land, the Uganda Investment Authority, all Licensing Authorities in Uganda, Non-Governmental Organisations and any other category that may be listed by amendment. All the accountable persons have obligations in enforcing the Act and ensuring that all cases suspected to be of Money laundering are reported to the various Government Agencies and the same investigated and effectively handled.
The Banking Industry is regulated by the Financial Institutions Act, 2004 (as amended) and it defines a bank to mean any company licensed to carry on financial institution business as its principal business, as specified in the second schedule of the Act and includes all offices and branches of the Company in Uganda. The universally acceptable definition of a Bank is obtained from the characteristics of the banking industry which include to accept money from and collect cheques for their customers and place them to their credit, to honor cheques or orders drawn on them by their customers when presented for payment and debit their customers accordingly and to keep accounts or something of that nature in their books in which credits and debits are entered. The above definition creates a relationship between the Bank and the customer, and that relationship comes with several obligations under which the enforcement of the Anti-Money Laundering Act may lead to the violation of some.
However, where there is a law, then all persons and institutions must enforce the same and the task ahead of the Banking industry and the Government agencies enforcing the Act ought to find a balance between the two conflicting issues of the obligation under the relationship and keeping law and order. The Banks are obligated to identify their customers, report suspicious transactions and to keep and maintain a clear record of transactions.
The bank is also expected to undertake further customer due diligence measures to verify the customer’s identity using the reliable, independent source documents, data or information, such as passports, birth certificates, driver’s license, identity cards, voters roll cards and utility bills. However, such verification should be accompanied by the accountable person verifying from the issuing authority on the authenticity of the same. The Bank is further obligated to conduct an ongoing due diligence on the business relationship and scrutinise transactions undertaken throughout the course of the relationship, to ensure that the transactions being conducted are consistent with the accountable persons knowledge of the customer and the customers business, including where necessary the source of funds. This puts the banks in a precarious situation of visiting earlier transactions and forming an opinion on its legality and authenticity and thus putting a lot of burden on the institution.
The Act further obligates the accountable persons to establish and maintain the information obtained about the identity of the person on whose behalf a business relationship has been initiated or a transaction is conducted. This requirement does not specify how such data should be stored and this may leave customers susceptible to persons having information about their financial records since the recording of the transactions are not based on a particular criterion. The requirement by the bank to report the complex and unusual transactions gives it a watchdog role.
This puts the institution in a position of both an investigator and enforcer, yet this may end up frustrating them. It is worthy to note that the relationship between the bank and customer is a fiduciary one and the moment suspicions sink in the banks may lose its customers. The Act further mandates the accountable person to disclose the customers information which overrides the confidentiality obligations of the Bank. This is a direct attack on the core principles of Banking since the only exceptions are; where compelled by law and public duty, the interests of the Banker and where the client has consented implicitly to disclosure.
I agree that the Act would fall under the exemptions since it’s the law, however, the same should not be a blanket directive to disclose such information and this should only remain with those accounts which are suspect or under investigations since there is also no guarantee on the safety of information as it may be misused by those who collect it except if they strictly follow the guidance of the Data Protection and Privacy Act of 2019.
The Act is relatively new and has not been put to much test but the financial institutions have had to make drastic changes to their systems so that they can cater for these obligations at a considerable cost. Banks’ major primary role is to maximise profits and not to necessarily do the role of enforcement. However, the argument that the enforcement of the Act should be done away with because of its negative implications is shortsighted since we live with terrorism and related activities and thus the need to fight Money laundering.
I recommend that the Banks should be left with a few roles like knowing their customer as opposed to investigating whether the customer is who they are. This role should be left to other agencies like National Identification and Regulatory Authority, Uganda Registration Services Bureau, the Directorate of Citizenship, and Immigration control among others. There should also be a safeguard on how confidential information is shared by the Bank to any other agency for example such information should be issued after a court order which would by implication require the receiving agent to report to court on a periodic basis how they are utilising the information. The Financial institutions should be relieved of storing this information and maybe a central depository be created where such information is stored.