On 27 June 2020, Cambodia issued the new Law on Anti-Money Laundering and Combating the Financing of Terrorism (‘the 2020 AML/CFT Law’), that abrogates both the 2007 law of the same name and the 2013 sub-decree that accompanied the former law. All other laws relevant to AML will remain in effect. Jay Cohen, Sochanmalisphoung Vannavuth, and Robin Spiess, of Tilleke & Gibbins International Ltd., provide an overview of the 2020 AML/CFT Law, and how it differs from the 2007 in areas such as definitions and penalities.
The 2020 AML/CFT Law, comprised of nine chapters and 47 articles, aims to further prevent and combat money laundering and terrorist financing in Cambodia by increasing both the scope of the law’s reach and general deterrence measures.
In many ways identical to its predecessor, the 2020 AML/CFT Law differs in three major ways from the 2007 law. Firstly, it provides more specific definitions for terms used throughout the law. Secondly, it requires reporting entities to introduce enhanced due diligence measures in order to maintain compliance. And thirdly, it introduces increased penalties for non-compliance with the law. The changes to the 2020 AML/CFT Law are discussed further below.
Altered definitions of legal terms
The 2020 AML/CFT Law has changed several definitions to lend further clarity in the application, and increase the scope, of the law.
Financing of terrorism
The scope of the definition of ‘financing of terrorism’ has been expanded. The first half of the definition remains the same: ‘the willful provision of financial or other services with the intention that such services be used, or in the knowledge that they may be used, in full or in part, for the purpose of supporting terrorism, terrorist acts or terrorist organisations.’ However, the 2020 AML/CFT Law adds a list of examples of actions that could qualify as the financing of terrorism, including traveling or training with the intent to aid terrorists, as well as participating in or carrying out an act of terrorism.
Ultimate beneficial owner
The definition of an ‘ultimate beneficial owner’ has also been expanded. The first half of the definition remains the same: ‘a person who ultimately owns or controls a customer on whose behalf a transaction is being conducted, including those persons who exercise ultimate effective control over a legal person or arrangement.’ Additionally, the AML/CFT Law stipulates that if the ‘customer’ being controlled is a legal entity, then an ultimate beneficial owner also includes any person who exercises ultimate effective control over a legal person, through the holding of shares or voting rights. It is the duty of the reporting entity to determine who the ultimate beneficial owner is in any given situation, in accordance with the Cambodia Financial Intelligence Unit (‘CAFIU’) guidelines.
Further, the 2020 AML/CFT Law notes that, if CAFIU is unable to determine who holds the most shares or exercises the greatest voting rights, CAFIU will employ the use of ‘other means’ to determine who the ultimate beneficial owner is, though these means are not defined. The law does note that, when a reporting entity is required to identify its ultimate beneficial owner, the highest-ranking person in the organisation will qualify as such.
Politically exposed persons
Notably, the definition of ‘politically exposed persons’ has been broadened to include both local and foreign officials. Previously defined as ‘any individual who is or has been entrusted with prominent public functions in a foreign country,’ the scope of the definition has been extended to include those ‘entrusted with prominent public functions in Cambodia’ as well. In keeping with the 2007 law, the AML/CFT Law provides examples of politically exposed persons that include heads of state or government, senior politicians, senior government officials, judicial or military officials, senior executives of state-owned corporations, and important party officials.
So too has the 2020 AML/CFT Law added a third category of politically exposed persons: the ‘international politically exposed person,’ which is defined as any individual who has been entrusted with prominent public functions in an international organisation. Further clarity as to what qualifies as an ‘international organisation’ is not provided in the law. Examples of such prominence within an international organisation include membership of the senior management team, the Board of Directors, or other similar groups within the organisation.
This change ensures that reporting entities, which were previously not required to monitor Cambodian officials’ or international organisation members’ business activities, are now required to ‘pay special attention’ to transactions conducted by these politically exposed persons.
Adding to the list of reporting entities
In large part, the comprehensive list of ‘reporting entities’ outlined in the 2007 law remain the same in the 2020 AML/CFT Law: banks, financial institutions, brokerage firms, insurance companies, micro-finance institutions, credit cooperatives, leasing companies, investment funds and companies, exchange offices, money remittance services, real estate agents, dealers in precious metals and gems, post offices dealing in transactions, lawyers, notaries, accountants, auditors, investment advisors, asset managers, casinos and gambling institutions, non-government organisations, and foundations engaging in business activities and fundraising are all classified as reporting entities. Additionally, the catch-all provision that ‘any other institutions or professions designated by the CAFIU to fall within the scope of the law’ is included in both the 2020 AML/CFT Law and the 2007 version.
In keeping with the Law on Trusts, which went into effect on 2 January 2019 and provided the first legal means by which trusts could be established in Cambodia, the 2020 AML/CFT Law has added ‘trustees’ as a new category of reporting entities.
Customer due diligence measures
Reporting entities have long been required by law, both under the 2020 AML/CFT Law and the 2007 version, to exercise due diligence in their activities, including requesting and retaining specific information about customers. Under the 2020 AML/CFT Law, the burden on reporting entities has been increased, as more types of transactions and business relationships have been classified as ‘high risk.’ Reporting entities must thus deploy enhanced customer due diligence (‘CDD’) measures in a broader range of situations than was previously necessary. The provisions outlined in the 2020 AML/CFT Law apply to new and existing customers alike and reporting entities are expected to retroactively conduct enhanced due diligence on those customers who newly fall into the ‘high risk’ category.
Generally, where the risk of money laundering and terrorism of financing is deemed ‘high,’ reporting entities must take enhanced CDD measures in keeping with CAFIU guidelines. These enhanced CDD measures may include:
- obtaining additional information on the customers’ identification;
- obtaining information on the source of funds;
- obtaining information on the transaction purpose;
- obtaining information on the intended nature of the business relationship; and
- carrying out additional ongoing monitoring procedures on customers’ activities.
Under the 2020 AML/CFT Law, if a reporting entity believes that carrying out these additional CDD measures will result in a particular customer becoming aware of the entity’s suspicions of him or her, the entity is allowed to cease conducting these enhanced measures. However, the entity must report the customer and any activity that led to its initial suspicions to the CAFIU.
Under both the 2020 AML/CFT Law, as well as the 2007 law, a reporting entity must apply enhanced CDD measures when handling:
- any complex, unusual, or large transactions;
- any transactions that follow unusual patterns and/or are not obviously driven by an economic or lawful purpose;
- business relations and transactions with institutions or persons in jurisdictions that have insufficient systems to prevent or deter money laundering or financing of terrorism;
- wire transfers that do not contain the originator’s information;
- business relations and transactions with persons with whom the reporting entity has had no face-to-face contact during the implementation of identification procedure;
- business relations and transactions with politically exposed persons; and
- business relations and transactions conducted by means of cross-border correspondent banking or other similar relationships.
However, this list has been expanded upon in the 2020 AML/CFT Law. In addition to the above relations and transactions, the 2020 AML/CFT Law requires the reporting entity to additionally conduct enhanced CDD measures on:
- business relations and transactions with institutions or persons in jurisdictions that have a high risk of money laundering and/or financing terrorism;
- all business relations and transactions with ‘foreign politically exposed persons,’ as well as the family members and close associates of these exposed persons;
- business relations and transactions with international politically exposed persons and Cambodian politically exposed persons, as well as the family members and close associates of these exposed persons, but only in response to a transaction that is identified as high risk; and
- any and all other business relations or transactions that could be identified as having a high risk of being associated with money laundering and/or financing of terrorism.
Identical to its predecessor, the 2020 AML/CFT law requires reporting entities to report large cash transactions and other suspicious transactions that exceed the threshold established by the CAFIU. If a reporting entity has reasonable grounds to believe that these large transactions are the proceeds of some offence or are connected to the financing of terrorism, the entity must report the transaction within 24 hours.
Penalties for legal entities found to be in violation of the 2020 AML/CFT Law include warnings, fines, revocation of business licenses, and the removal of managers or officers from their positions. In general, the penalties outlined in the new law introduce higher fines and longer prison terms than were previously imposed under the 2007 law and its subsequent amendments.
Previously, for example, legal entities deemed criminally responsible for money laundering were subject to a maximum of KHR 500,000,000 (approx. $122,700) in fines, in addition to other sanctions under the Criminal Code of the Kingdom of Cambodia (‘the Criminal Code’). The penalty has now been doubled under the 2020 AML/CFT Law, with legal entities committing money-laundering crimes subject to up to KHR 1,000,000,000 (approx. $245,500) in fines. While natural persons who committed money-laundering crimes were previously subject to imprisonment of at most one year, these individuals are now subject to imprisonment from two to five years and an increased fine of between KHR 100,000,000 and KHR 500,000,000 (approx. $24,500 to $122,700).
A summary of the penalties prescribed in the 2020 AML/CFT Law are outlined below:
This article was originally published on the OneTrust DataGuidance website, and is republished here with permission and thanks.