Why is it mandatory to collect Customers data/ information?

- To enable a reporting entity to meet its legal and compliance obligations under AML/ CFT Law/ Ministerial orders.

- To manage and mitigate risks of potential Money laundering & Terrorism financing cases.

- To be able to detect source of funds

- Verify ownership, record keeping and verify the Ultimate beneficiary from the transaction.

- Increase the level of security and to avoid any suspicious cases.

How will it Benefit CR Holders?

- It will enable sufficient and effective controls and procedures to detect any suspicious transactions.

- Develop and apply procedures based on risk-based approach

- To maintain internal control systems to perform customer due diligence and obtain information from reliable and up to date sources.

-  Avoid risks of dealing with restricted / sanctioned individual's organizations.

Natural Person(s) information
- Full information of Identity card
- Permanent place of residence
- Profession
- Full information of passport
- Contact number(s)

Registered Person Duties

- Obtain further information to establish client's identity and ultimate beneficiary.

-Pay Attention to the purpose of the transaction

- Continuously monitor client's transactions and has full responsibility on ending any business relationship if found suspicious or extraordinary (report immediately).

Compliance Officer Duties:

- ensure effectiveness of internal control, policy, procedures to identity customers.

According to Ministerial Order no 103 of 2021:
 

Article (3)
Obligations of licensee

The licensee must abide by the following:
1. Apply all the procedures and controls provided for by law, and those established by the Ministry to ensure that no separate process or business relationship associated with the work of the decision-maker and its clients is exploited for the purposes of money laundering, terrorist financing or the illegal transfer of funds across borders.
2. Compliance with all instructions, circulars, regulations and evidence issued by the relevant unit of the Ministry.
3. To warn his employees not to violate obligations relating to measures to ban and combat money laundering, terrorist financing and the illegal transfer of funds across borders.
4. Pay Special attention should be paid to all types of work relationships and separate processes associated with his work, and background and purposes of such relationships and processes need to be examined.
5. Require its affiliates or mostly foreign-owned subsidiaries to apply anti money laundering and terrorist financing measures in accordance with the recommendations of the Financial Action Task Force (FATF), direct them to apply the provisions of this resolution to the extent permitted by the regulations and laws in force in those states in which they operate, especially if they are in high-risk States or in States that do not comply with or comply with the resolution and are obliged to inform the implementing unit. The relevant unit of the Ministry in the event that the laws of the states in which those branches operate impede the application of the provisions of this resolution.
6. Implementation of all recommendations issued by the Financial Action Task Force (FATF).
7. Establish adequate controls and procedures for the immediate implementation of Security Council resolutions concerning persons and entities on the national sanctions and terrorism lists.
8. Develop and apply systems and procedures in accordance with the risk assessment approach, apply the results of the risk report at the national level and reverse its results to processes and internal risk-based procedures and update those procedures whenever the NATIONAL RISK ASSESSMENT REPORT is updated.
9. Develop internal control systems to obtain due diligence information towards the client from reliable and up-to-date sources.
10. not to receive cash amounts exceeding BD 3,000 or its equivalent in other currencies for gold and jewellery sales.
11. To hand over periodic and regular reports whenever asked to do so about all suspicious and unusual transactions or to attempt to deal with them, in accordance with the model prepared by the Ministry.
12. Appoint a person to be a general official at the management level for all related to the application of the provisions of this decision and the circulars or instructions issued by the Ministry under it, so that the level of appointment is not less than the owner, one of the partners or one of the senior officials of the administration - as the circumstances are subject to, provided that the competent unit of the ministry agrees to this appointment.
13. Develop internal procedures to enable the obligation officer or his deputy, as the circumstances may be, to apply his obligations under this resolution.
14. Submit audited financial reports annually to the relevant unit of the Ministry no later than six months after the end of the fiscal year.
15. Provide any documents, information or reports specified by the relevant unit of the Ministry, whether specific or periodic reports, and submit electronically according to the required content.
16. Identify and assess the risks of money laundering and terrorist financing that may arise in relation to the development of professional practices, including new means of service delivery and those arising from the use of modern or under development techniques, conduct a risk assessment before launching or using practices or techniques, take appropriate measures to manage and reduce those risks, retain the results of that assessment for five years and make that information available to the Ministry's relevant unit upon request.

Article (4)
Additional auditor obligations
In addition to the obligations contained in article (3) of this order, auditors registered with the Ministry during the audit of all their clients are obliged to verify the following:
1- The existence of internal control systems and procedures with the client to monitor and report suspicious or unusual operations or attempt to deal with them.
2- The adequacy of internal regulations and procedures to verify the identity of the customer's customers.
3- There are no suspicious or unusual operations or attempts to deal with them with their clients, and if they are exposed to suspicious or unusual operations or an attempt to deal with them, the auditors must send a report to the implementing unit and the relevant unit of the Ministry. 

If the client is among the institutions provided for by law, the auditors, in addition to the first paragraph of this article, must verify the following:
1- The customer reports or attempts to deal with all suspicious or unusual transactions to the executing unit and the relevant unit of the Ministry.
2- The client or his obligation officer shall not violate any of their obligations provided for in the decisions governing their work or any decisions made by law.
3- Ensure that there is no relationship of any kind, nature or value with the client with any of the persons or entities on the national sanctions list and terrorist lists, and if the auditors reveal the existence of suspicious or unusual operations or attempt to deal with them, they must report them to the executing unit and the relevant unit of the Ministry. 

Auditors must prove this in professional opinion about their financial statements or solvency letters, for all their clients except those licensed by the Central Bank of Bahrain.

Article (5)
Regular and enhanced due diligence towards customers
With the exception of payment made through the banking system, the licensees apply normal and enhanced due diligence procedures to customers as follows:

First: Customer ID:
A. Prior to any separate business relationship or process associated with its work, the licensee is obliged to verify the identity of the client, as well as to follow reasonable and sufficient procedures to verify the source of the funds by any possible means of proof.
B. The licensee must establish appropriate procedures that require any client wishing to establish a separate working or process relationship with him or her to prove his identity, and provide sufficient evidence to do so.
C. When merged with each other, the merged entity is not required to establish the identity of clients subject to the merged decision in accordance with the provisions of this resolution, if:
1. The subject to the merged decision had applied the procedures for keeping documents and records provided for in article (6) of this decision.
2. The thorough investigation did not result in any doubts about the conformity of the procedures of the subject of the integrated decision to the requirements of the law.
 

Second: Regular due diligence towards the client:
A. The licensee must apply normal due diligence procedures in each separate process associated with its actions submitted to the client, in addition to the general obligations provided for in article (3) of this decision, in the following cases:
1. If the client is a natural person and a politically exposed person and not a risk representative.
2- If the client is a wholly state-owned trading company, or a financial institution licensed by the Central Bank of Bahrain.
3. In the event that the client is not on the sanctions list or on the national terrorist lists.
4. If the client is a public figure who is a risk representative, and the actions of the licensee required of him are focused on matters that do not include the transfer or handling of funds.
5- If the actions of the licensee required of the client do not fall within the scope or attempt to deal with suspicious or unusual operations, are not linked to a high-risk State, and do not fall within the scope of a Business Relationship.
B- In applying normal due diligence procedures, the licensee must require clients to attach their requests in any separate process associated with his work to documents indicating the following statements:
1- Customer data if he is a natural person, namely:
a) Name.
b) A copy of the ID card or passport.
c) The start date, type, amount, currency and details of the separate process.
In addition to the data mentioned in the client's data if he is a natural person, when dealing with public figures, risk representatives must take reasonable action to verify the legality of the source of their funds by available means.
Customer data if he is a legal person, namely:
a) Commerce name.
b) A copy of the registration or license certificate, as the circumstances may be.
c) Customer data on behalf of the customer with a copy of the ID card or passport, and proof of his or her behalf of the customer.
d) The start date, type, amount, currency and details of the separate process.
C. The licensee is obliged to take new copies of the documents referred to as soon as any modification is made upon any new process or the completion of an existing process, and the electronic methods and means adopted to receive identities may be relied upon, applying all recommendations of the Financial Action Task Force (FATF) on digital identity, and informing the implementing unit of any questionable data.

Third: conditions requiring enhanced due diligence:
In any of the following circumstances, the licensee requires the application of enhanced due diligence procedures and more effective measures towards clients in each of the actions of the licensee submitted to the client:
1- If the client is a politically exposed person who is a risk representative.
2- In the event that the client is on the sanctions list or on the national terrorist lists.
3- If the work submitted to the client falls within the scope of a business relationship.
4- If the actions of the licensee submitted to the client are linked to or conducted as a high-risk State, or if the source or fate of the funds from those States.
5- In general, if the decision-maker finds that the separate process requested by the client or if it is found by assessing the levels of risk through which it unfolds, it carries a high risk or high probability of the crime of money laundering, financing terrorism or the illegal transfer of funds across borders, even if none of the items from (1) to (5) of (iii) of this article have been verified.
 

Fourth: Enhanced due diligence rules:
In addition to the normal due diligence procedures provided for in (II) of this article, the licensee when verifying any of the cases specified in (iii) of this article must apply the following enhanced due diligence procedures towards the client, and notify the obligation officer or his deputy, as circumstances may be, as soon as they are initiated:
1- Obtain more information to identify the client, and may rely on the electronic methods and means adopted to receive identities with the application of all recommendations issued by the Financial Action Task Force (FATF) on digital identity and inform the implementing unit and notify the relevant unit of the Ministry of any questionable data.
2- Check the appropriateness of the separate business or process relationship associated with the work of the decision-maker to the nature of the client's activity.
3- Verify by available means the source of funds and the purpose of the separate business or process relationship associated with the actions of the licensee submitted to the client, in particular the Politically Exposed Persons.
4- Request clarification of complex or unusual processes and their purpose when this is unclear.
5- Any other or more effective measures commensurate with the nature of the separate working or practical relationship associated with the actions of the decision-maker.

Fifth: Exchange of due diligence information towards customers:
Due diligence information may be exchanged with customers at the business group level provided confidentiality is adhered to, and the decision-maker must notify the relevant unit of the Ministry of any exchange of information.