On approval of Requirements to the Rules of internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism for payment organizations

Invalidated Unofficial translation

Joint order of the Minister of Finance of the Republic of Kazakhstan dated October 4, 2016 № 532 and resolution of the Board of the National Bank of the Republic of Kazakhstan dated October 28, 2016 № 262. Registered in the Ministry of Justice of the Republic of Kazakhstan on December 2, 2016 № 14476. Abolished by the joint order of the Acting Chairman of the Agency for Financial Monitoring of the Republic of Kazakhstan dated 20.10.2022 No. 36 and Resolution of the Board of the National Bank of the Republic of Kazakhstan dated 20.10.2022 No. 90

      Unofficial translation

      Footnote. Abolished by the joint order of the Acting Chairman of the Agency for Financial Monitoring of the Republic of Kazakhstan dated 20.10.2022 No. 36 and Resolution of the Board of the National Bank of the Republic of Kazakhstan dated 20.10.2022 No. 90 (effective after ten calendar days after the date of their first official publication).

      In accordance with paragraph 3-2 of Article 11 of the Law of the Republic of Kazakhstan dated August 28, 2009 “On Counteraction to the Legalization (Laundering) of Proceeds from Crime and Financing of Terrorism”, the Minister of Finance of the Republic of Kazakhstan ORDERS and the Board of the National Bank of the Republic of Kazakhstan DECIDES:

      1. To approve the attached Requirements to the Rules of internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism for payment organizations.

      2. The Committee for financial monitoring of the Ministry of Finance of the Republic of Kazakhstan (A. Z. Mekebekov) in the manner, established by the legislation of the Republic of Kazakhstan, shall ensure:

      1) state registration of these order and resolution at the Ministry of Justice of the Republic of Kazakhstan;

      2) within ten calendar days after the state registration of these order and resolution in the Ministry of Justice of the Republic of Kazakhstan, sending them for official publication in periodicals and the legal information system "Adilet";

      3) within ten calendar days from the date of state registration of these order and resolution at the Ministry of Justice of the Republic of Kazakhstan, sending them to the republican state enterprise on the right of economic management "Republican center for legal information of the Ministry of Justice of the Republic of Kazakhstan" for placement in the Standard control bank of regulatory legal acts of the Republic of Kazakhstan;

      4) placement of these order and resolution on the official Internet resource of the Ministry of Finance of the Republic of Kazakhstan.

      3. These order and resolution shall be enforced upon expiry of ten calendar days after their first official publication.

      Minister of Finance
      of the Republic of Kazakhstan

      ________________ B. Sultanov

      October 4, 2016      Chairman

      of the National Bank

      of the Republic of Kazakhstan

      __________________ D. Akishev

      October 28, 2016

  Approved by
by the order of the
Minister of Finance
Republic of Kazakhstan
dated October 4, 2016 № 532
  and the resolution of the Board
of the National Bank of the
Republic of Kazakhstan
dated October 28, 2016 № 262

Requirements to the Rules of internal control for the purpose of counteraction to the
legalization (laundering) of proceeds from crime and financing
of terrorism for payment organizations
Chapter 1. General provisions

      1. These Requirements to the Rules of internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism for payment organizations (hereinafter- the Requirements) are developed in accordance with the Law of the Republic of Kazakhstan dated August 28, 2009 “On Counteraction to the Legalization (Laundering) of Proceeds from Crime and Financing of Terrorism”, (hereinafter- the Law on CLPFT) and apply to payment organizations (hereinafter - organizations).

      2. The concepts, used in the Requirements are used in the meanings, specified in the Law on CLPFT.

      For the purposes of the Requirements, the following concepts are used:

      1) unusual operation (transaction) - an operation (transaction), subject to compulsory study, in accordance with paragraph 4 of Article 4 of the Law on CLPFT, taking into account the Signs of determining suspicious operations, approved by the Government of the Republic of Kazakhstan dated November 23, 2012 № 1484 "On approval of the Rules for representation of data and information on operations, subject to financial monitoring and signs of determining a suspicious operation by the subjects of financial monitoring" (hereinafter – the Resolution № 1484) and developed by the organization itself;

      2) freezing operations with money and (or) other property - measures taken by an organization to suspend the transfer, transformation, alienation or movement of money and (or) other property belonging to the organization and (or) to an individual, included in the list of organizations and persons, associated with financing of terrorism and extremism, or of an organization whose beneficial owner is an individual, included in this list;

      3) one-time operation (transaction) - relations for the provision of services (products) by the organization:

      making cash payments by the client without opening a bank account;

      making a non-cash payment and (or) money transfer by the client without using a bank account;

      depositing money to a bank account using equipment (device) designed to receive cash;

      implementation of operations for the acquisition and use of electronic money by unidentified owners of electronic money-individuals.

      4) risks of legalization (laundering) of proceeds from crime and financing of terrorism - risks of intentional or unintentional involvement of an organization in the processes of legalization (laundering) of proceeds from crime and financing of terrorism or other criminal activities;

      5) risk management of legalization (laundering) of proceeds from crime and financing of terrorism - a set of measures taken by an organization on identification, assessment, monitoring of the risks of legalization (laundering) of proceeds from crime and financing of terrorism, as well as minimizing them (in relation to services, clients, as well as transactions performed by the clients);

      6) a threshold operation – an operation with money and (or) other property, subject to financial monitoring in accordance with Article 4 of the Law on CLPFT and is equal to or exceeds the threshold amount established by the Law on CLPFT.

      3. Internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism (hereinafter - CLPFT) shall be carried out by the organization in order to:

      1) ensuring the compliance of an organization with the requirements of the Law on CLPFT;

      2) maintaining the effectiveness of the internal control system at a level sufficient to manage the risks of legalization (laundering) of proceeds from crime and financing of terrorism and associated risks;

      3) exclusions of involvement of the organization and employees in the processes of legalization (laundering) of proceeds from crime and financing of terrorism.

      4. Within the framework of organization of internal control for the purposes of CLPFT, the rules of internal control are developed in the organization, including the requirements for conducting evaluation of effectiveness of internal control for the purposes of CLPFT by the internal audit service of the organization or another body, authorized to conduct internal audit.

      The Rules of internal control include the programs, provided for in Article 11 of the Law on CLPFT, which are independently developed by an organization in accordance with the Requirements and shall be an internal document of the organization or a combination of such documents.

      Organizations within thirty calendar days from the date of entry into force of amendments and (or) additions to the legislation of the Republic of Kazakhstan on CLPFT shall bring the rules of internal control into compliance with the amendments and (or) additions to the legislation of the Republic of Kazakhstan on CLPFT.

Chapter 2. Organization of internal system of CLPFT and the program
of organization of internal control for the purposes of CLPFT

      5. In accordance with the procedure, established by internal documents of the organization, an official responsible for monitoring compliance with the rules of internal control (hereinafter- a responsible employee) shall be appointed in the organization, as well as employees or a division of the organization, which competence includes issues of CLPFT (hereinafter - the division on CLPFT) shall also be determined.

      6. The program of organization of internal control for the purposes of CLPFT includes:

      1) description of functions of the division on CLPFT, including the procedure for interacting with other divisions and the personnel of the organization, branches when exercising internal control for the purposes of CLPFT, as well as functions and powers of a responsible employee, the procedure for interaction of the responsible employee with authorized bodies and officials of the organization;

      2) information about automated information systems and software, used for internal control for the purposes of CLPFT and transmission of messages to the authorized state body, carrying out financial monitoring and taking other measures on CLPFT in accordance with the Law on CLPFT (hereinafter- an authorized body for financial monitoring), including information about their developers;

      3) the procedure for recording information, as well as storing documents and information, obtained during implementation of internal control for the purposes of CLPFT;

      4) the procedure for informing by the employees of the organization, including the responsible employee, the authorized bodies and officials of the organization about the facts of violation of the Law on CLPFT which became known to them, as well as the rules of internal control, committed by the employees of the organization;

      5) description of requirements for CLPFT (if any), established by a legal entity that has control over the organization.

      It is allowed for an organization to include additional measures on organization internal control in the program for the purposes of CLPFT.

      7. The functions of the responsible employee and employees of the division on CLPFT in accordance with the program of organization of internal control for the purpose of CLPFT include:

      1) ensuring the availability of internal control rules developed and agreed with the executive body of the organization and (or) amendments (additions) to them, as well as monitoring their compliance in the organization;

      2) organization of submission and control over the submission of messages to the authorized body for financial monitoring in accordance with the legislation of the Republic of Kazakhstan on CLPFT;

      3) making decisions on recognition of operations of clients as suspicious and the need to send messages to the authorized body for financial monitoring in the manner, prescribed by internal documents of the organization;

      4) adoption or approval with the authorized body or official of the organization of decisions on refusal to conduct operations of clients in cases, stipulated by the Law on CLPFT, and in the manner provided for by internal documents of the organization;

      5) sending requests to the executive body of the organization for making a decision on establishing, continuing or terminating business relations with clients in the cases and in the manner, provided for by the Law on CLPFT and (or) internal documents of the organization;

      6) informing the authorized bodies and officials of the organization about detected violations of the rules of internal control in the manner, prescribed by internal documents of the organization;

      7) preparation and coordination with the executive body of the organization of information on the results of implementation of the rules of internal control and recommended measures on improving risk management and internal control systems for the purposes of CLPFT to generate reports to the authorized bodies of the organization.

      The organization may include additional functions of the responsible employee and employees of the division on CLPFT.

      8. To perform the assigned functions, the responsible employee and employees of the division on CLPFT shall be given the following powers, including:

      1) gaining access to all premises of the organization, information systems, telecommunications, documents and files, within the limits, allowing to carry out their functions in full, and in the manner provided for by internal documents of the organization;

      2) ensuring the confidentiality of information, obtained in carrying out their functions;

      3) ensuring the safety of documents and files, received from the divisions of organization.

      The organization may include additional powers of the responsible employee and employees of the division on CLPFT.

      9. If there are employees in the branches of the organization, who are fully or partially assigned the functions and powers, stipulated by paragraphs 7 and 8 of the Requirements, the coordination of activities of such employees shall be carried out by the responsible employee.

      10. The functions of the responsible employee, as well as the employees of the organization, who are assigned the functions, stipulated by paragraph 7 of the Requirements, are not combined with the functions of the internal audit service or other body, authorized to conduct internal audits, as well as with the functions of the divisions, carrying out operational (current) activities of the organization.

      11. The organization uses automated information systems, meeting the following requirements to automate processes on the issues of internal control for the purposes of CLPFT:

      1) possibility of maintaining dossiers (questionnaires) of clients, including the changes (additions) made to them;

      2) identification of threshold and suspicious operations according to predetermined criteria, taking into account the requirements of the legislation of the Republic of Kazakhstan on CLPFT, as well as the results of assessing the degree of exposure of the services of the organization to the risks of legalization (laundering) of proceeds from crime and financing of terrorism;

      3) lack of possibility to exclude information from the database on dossiers (questionnaires) of clients, operations conducted, messages sent to the authorized body for financial monitoring;

      4) availability of a backup system and information storage;

      5) maintaining a protocol of work of each user, protected from modification.

Chapter 3. Risk management program for legalization (laundering) of proceeds
from crime and financing of terrorism

      12. In order to organize the risk management of legalization (laundering) of proceeds from crime and financing of terrorism, the organization shall develop a risk management (risk assessment) program for legalization (laundering) of proceeds from crime and financing of terrorism.

      13. The organization on an annual basis shall carry out an assessment of the degree of exposure of the services (products) of the organization to the risks of legalization (laundering) of proceeds from crime and financing of terrorism, taking into account at least the following specific risk categories: risk by type of clients, country (geographical) risk, risk of the service (product) and (or) method of its provision.

      An assessment of the degree of exposure of the services (products) of the organization to the risks of legalization (laundering) of proceeds from crime and financing of terrorism shall be accompanied by a description of possible measures, aimed at minimizing the risks identified, including changing the procedures for identifying and monitoring clients’ operations, setting limits on operations, changing conditions for provision of services (products), refusal to provide services (products).

      14. Types of clients, whose status and (or) whose activities increase the risk of legalization (laundering) of proceeds from crime and financing of terrorism include:

      1) foreigners, including foreign public officials, their close relatives and representatives;

      2) foreign financial organizations;

      3) legal entities and individual entrepreneurs, whose activities are associated with intensive cash circulation, including:

      organizers of a gambling business, as well as persons providing services or receiving income from online casino activities outside the Republic of Kazakhstan;

      persons, providing travel services, as well as other services related to the intensive circulation of cash;

      4) insurance (reinsurance) organizations, insurance brokers, carrying out activities in the "life insurance" industry (with the exception of subsidiaries of the bank, that comply with the requirements on CLPFT, established by the bank);

      5) persons, carrying out activity as insurance agents;

      6) persons, carrying out intermediary activities for the purchase and sale of real estate;

      7) non-commercial organizations, in the organizational-legal form of foundations, religious associations;

      8) persons located (registered) in foreign countries, specified in paragraph 15 of the Requirements, as well as branches and representative offices of such persons, located in the Republic of Kazakhstan.

      The organization may include additional types of clients, whose status and (or) whose activities increase the risk of legalization (laundering) of proceeds from crime and financing of terrorism.

      15. The organization shall carry out assessment of the country (geographical) risk associated with the provision of services (products) to the clients from foreign states, specified in this paragraph and implementation of operations with money and (or) other property with the participation of such foreign states.

      Foreign states, operations with which increase the risk of legalization (laundering) of proceeds from crime and financing of terrorism shall be:

      1) foreign states (territories), included in the list of states (territories), that do not or comply or do not sufficiently comply with the recommendations of the Financial Action Task Force on Money Laundering (FATF), drawn up by the authorized body for financial monitoring;

      2) foreign states (territories) in respect of which international sanctions (embargoes) are applied, adopted by the resolutions of the Security Council of the United Nations;

      3) foreign states (territories), included in the list of offshore zones for the purposes of the Law on CLPFT, approved by the order of the acting Minister of Finance of the Republic of Kazakhstan dated February 10, 2010 № 52 “On approval of the List of offshore zones for the purposes of the Law of the Republic of Kazakhstan “On combating legalization (laundering) proceeds from crime and financing of terrorism”, registered in the Register of state registration of regulatory legal acts № 6058;

      4) foreign states (territories), identified by the organization as representing a high risk of legalization (laundering) of proceeds from crime and financing of terrorism on the basis of other factors (information on the level of corruption, illegal production, drug trafficking and (or) transit, information on support of international terrorism and others).

      16. Services (products, operations) of the organization, as well as ways of their provision, that are subject to a high risk of legalization (laundering) of proceeds from crime and financing of terrorism, include, but are not limited to:

      1) remote customer service, including service via electronic terminals;

      2) cash reception services for making payments without opening a bank account of the sender of money in an amount exceeding five hundred thousand tenge;

      3) services for the sale (distribution) of electronic money and payment cards;

      4) services for reception and processing of payments made using electronic money in excess of the amount equal to a hundred times the size of the monthly calculation index, established for the corresponding financial year by the Law on the republican budget;

      5) services for processing payments, initiated by the client in electronic form, and transferring the necessary information to the bank, the organization, carrying out certain types of banking operations, for making a payment and (or) transferring or accepting money for these payments.

      17. When assessing the degree of exposure of services (products) of the organization to the risks of legalization (laundering) of proceeds from crime and financing of terrorism in accordance with the categories and risk factors, specified in paragraphs 14, 15 and 16 of the Requirements, the organization shall take into account additional information, affecting the final degree risk, including but not limited to:

      1) the number of messages about suspicious operations of clients, sent by the organization to the authorized body for financial monitoring;

      2) the number of messages on threshold operations of clients with cash, sent by the organization to the authorized body for financial monitoring.

      18. As part of implementation of the risks management program (risks assessment) of legalization (laundering) of proceeds from crime and financing of terrorism, the organization shall take measures on classification of clients taking into account the categories and risk factors, specified in paragraphs 14, 15 and 16 of the Requirements, as well as other categories and risk factors, established by the organization.

      The risk level of the client (group of clients) shall be established by the organization, based on the analysis of information about the client (s), obtained as part of the procedures for identifying and monitoring clients’ operations, and evaluated on a scale for determining the level of risk, which consists of at least two levels.

      Revision of the risk level of a client (group of clients) shall be carried out by the organization as the information about the client (group of clients) is updated.

Chapter 4. Clients identification program

      19. In order to implement the requirements of the Law on CLPFT on proper client’s verification, the organization shall develop a program for identifying the clients (their representatives) and beneficial owners.

      The identification of the client (his/her representative) and the beneficial owner consists in conducting by the organization of activities on recording and verifying the authenticity of information about the client (his/her representative), identifying the beneficial owner and recording information about him/her, establishing and recording the intended purpose of business relations or a one-time operation (transaction), as well as receipt and recording of other information, provided for in the Requirements about the client (his/her representative) and the beneficial owner.

      Depending on the client’s risk level, the degree of activities, conducted by the organization is expressed in a simplified, standard or in-depth identification of the client, the beneficial owner.

      20. Taking into account the requirements of paragraph 2 of Article 5 of the Law on CLPFT, the organization shall conduct identification of the client (his/her representative) and the beneficial owner, as well as establish the intended purpose of business relations or a one-time operation (transaction) in the following cases:

      1) establishing business relations with a client, with the exception of the sale of electronic money in an amount not exceeding a hundred times the monthly calculation index, as well as distribution of payment cards, the amount of which does not exceed two hundred thousand tenge;

      2) making a one-time operation (transaction) by the client for the amount of:

      exceeding five hundred thousand tenge when accepting cash for crediting to the bank account of an individual by means of equipment (device) intended for accepting cash, including by performing several operations (transactions) in one calendar day);

      exceeding and (or) equal to a hundred times the size of the monthly calculation index when accepting payments, made using electronic money;

      exceeding two million tenge when accepting non-cash payments and (or) money transfers without using a bank account;

      exceeding two hundred thousand tenge when performing operation using a payment card that is not a means of access to a bank account;

      3) making a threshold operation (transaction) by the client;

      4) identifying a suspicious operation (transaction) of the client;

      5) existence of grounds for doubt in the reliability of previously obtained data on individuals and legal entities.

      21. Information received in accordance with paragraph 20 of the Requirements shall be entered (included) by the organization in the client’s dossier, which is stored in the organization throughout the entire period of business relations with the client and for at least five years from the date of their completion or making one-time operation (transaction).

      The minimum required information subject to be entered in the dossier of a client-individual, as well as to verification of authenticity during conducting standard, simplified or in-depth identification are established in Appendix 1 to the Requirements.

      The minimum required information subject to be entered in the dossier of a client-legal entity, as well as to verification of authenticity during conducting standard, simplified or in-depth identification are established in Appendix 2 to the Requirements.

      22. Simplified identification shall be carried out by the organization when establishing business relations with second-tier banks, insurance (reinsurance) organizations, professional participants in the securities market - residents of the Republic of Kazakhstan.

      23. In-depth identification shall be carried out by the organization:

      1) when assigning a high level of risk to a client;

      2) if a suspicious operation (transaction) or an attempt to perform it is detected during the monitoring and examination of the client’s operations, with the exception of situations in which in-depth identification will lead to its inadvertent informing about sending a message about such an operation to the authorized body for financial monitoring;

      3) when conducting operations for an amount, exceeding the threshold, established by paragraph 1 of Article 4 of the Law on CLPFT;

      4) if there is any doubts about reliability of the information provided by the client;

      5) in cases, established by internal documents of the organization, including by the decision of the responsible employee.

      24. In the process of identification a client (identifying the beneficial owner), the organization shall conduct the check for the presence of such a client (beneficial owner) in the list of persons and organizations, associated with financing of terrorism and extremism, obtained in accordance with Article 12 of the Law on CLPFT (hereinafter - the List).

      In respect of foreigners and other persons in respect of whom the organization has information about their citizenship of a foreign state, as well as stateless persons, the organization in the process of identification a client (identifying the beneficial owner) shall conduct check whether such a client (beneficial owner) belongs to a foreign public official.

      25. Documents, submitted by the client (his/her representative) in order to confirm information about the client (his/her representative) and the beneficial owner shall be checked for their validity.

      26. The identification program of a client (his/her representative) and the beneficial owner includes:

      1) the procedure for accepting clients for service, including the procedure and grounds for refusal in establishing business relations and (or) conducting operations, as well as termination of business relations;

      2) the procedure for identification a client (his/her representative) and the beneficial owner, including the features of simplified and in-depth identification procedures;

      3) description of measures, aimed at identifying foreign public officials among individuals being served or being accepted for service;

      4) the procedure for checking a client (his/her representative) and the beneficial owner for the presence in the List;

      5) identification features during the remote establishment of business relations (without the personal presence of a client or his/her representative);

      6) features of the exchange of information, obtained in the process of identification of a client (his/her representative) and the beneficial owner, in the framework of fulfilling the requirements on the CLPFT, established by a legal entity, that has control over the organization (if any);

      7) description of additional sources of information, including those provided by state bodies, in order to identify a client (his/her representative) and the beneficial owner;

      8) the procedure for verifying the authenticity of information about the client (his/her representative) and the beneficial owner;

      9) requirements for the form, content and procedure for maintaining the client’s dossier, updating the information, contained in the dossier, indicating the frequency of updating the information;

      10) the procedure for ensuring an access for organization employees to the information, obtained during conducting identification;

      11) the procedure for assessing the client’s risk level, the basis for assessing such a risk.

      The organization may include additional measures on identification a client (his/her representative) and the beneficial owner in the program.

      If an organization, in accordance with the Law on CLPFT, on the basis of a contract, has assigned another person to apply the measures, provided for in sub-paragraphs 1), 2), 2-1) and 4) of paragraph 3 of Article 5 of the Law on CLPFT to the clients of the organization, the organization shall develop rules for its interaction with such persons, which include:

      the procedure for concluding contracts with persons, who entrusted with conducting identification by the organization, as well as the list of officials of the organization, authorized to conclude such contracts;

      the procedure for identification a client-individual, his/her representative, beneficiary in accordance with the contracts between the organization and the persons, entrusted with conducting identification;

      procedure and terms for transferring information, obtained during conducting identification to the organization by the persons, entrusted with conducting identification;

      the procedure for carrying out by the organization of control over compliance with the identification requirements by the persons, entrusted with conducting identification, including the procedure, terms and completeness of transfer of the obtained information to the organization, as well as the measures, taken by the organization to eliminate identified violations;

      the grounds, procedure and terms of making a decision by the organization on unilateral refusal to fulfill the contract with the persons entrusted with conducting identification in case of non-compliance with the identification requirements, including the procedure, terms and completeness of the transfer of obtained information to the organization, as well as the list of officials of the organization, authorized to make such a decision;

      provisions on liability of persons, to whom the organization has entrusted identification for non-compliance with identification requirements, including the procedure, terms and completeness of the transfer of obtained information to the organization;

      the procedure of interaction of the organization with persons, entrusted with conducting the identification process on the issues of rendering methodological assistance to them in order to fulfill identification requirements.

      The organization may include additional conditions in the rules of interaction.

Chapter 5. Program for monitoring and studying operations of clients

      27. In order to implement the requirements of the Law on CLPFT on proper verification of the client, as well as on identification and sending messages about threshold and suspicious transactions to the authorized body for financial monitoring, the organization shall develop a program for monitoring and studying clients’ operations.

      28. As part of the program for monitoring and studying clients’ operations, the organization takes measures on updating and (or) obtaining additional information about the clients (their representatives) and beneficial owners, as well as on studying operations of the clients and identification threshold and suspicious operations.

      The results of monitoring and studying clients’ operations are used by the organization for annual assessment of the degree of exposure of the organization’s services to the risks of legalization (laundering) of proceeds from crime and financing of terrorism, as well as for reviewing risks levels of the clients.

      The information obtained as part of implementation of the program for monitoring and studying client’s operations shall be entered into the client’s dossier, provided for in paragraph 21 of the Requirements, and (or) stored in the organization throughout the entire period of business relations with the client and for at least five years from the date of their completion or one-time operation (transaction).

      29. The frequency of updating and (or) the need to obtain additional information about the client (his/her representative) and the beneficial owner shall be established by the organization taking into account the risk level of the client (group of clients) and (or) the degree of exposure of the organization’s services, that the client uses to the risks of legalization (laundering) of proceeds from crime and financing of terrorism.

      In the cases provided for in paragraph 23 of the Requirements, the organization shall carry out in-depth identification of the client.

      Updating of information about the client (his/her representative) and the beneficial owner with a high level of risk shall be carried out at least once a year.

      Checking for the presence of a client (beneficial owner) in the List (inclusion in the List) does not depend on the risk level of the client and shall be carried out as changes are made to the List (updating of the List).

      30. The program for monitoring and studying clients’ operations includes:

      1) a list of signs of unusual and suspicious operations, compiled on the basis of the Signs of determining suspicious operations, approved by the resolution № 1484, as well as ones developed independently by the organization;

      2) distribution of responsibilities between employees of the organization for updating previously obtained and (or) obtaining additional information about the client (his/her representative) and the beneficial owner in cases, provided for by the Requirements;

      3) distribution of responsibilities between employees of the organization on identification and transfer of information about threshold, unusual and suspicious operations between employees;

      4) description of the mechanism of interaction of divisions upon detection of threshold, unusual and suspicious operations;

      5) the procedure, grounds and term for making the decision on qualification of the client’s operation by the responsible employee;

      6) the procedure for interaction of employees to make a decision on refusal to conduct the client's operation (except for refusal due to the presence of the client, the beneficial owner in the List), as well as on termination of business relations with the client;

      7) the procedure for interaction between divisions (employees) of the organization on identification of clients and beneficial owners, being on the List, as well as on immediately freezing operations with money and (or) other property of such clients;

      8) the procedure for recording (including methods of frecoeding) and storing information about the results of studying unusual operations, as well as information about threshold and suspicious operations (including the operation amount, operation currency);

      9) the procedure for submitting messages about threshold and suspicious operations to the authorized body for financial monitoring;

      10) the procedure for informing (if necessary) the authorized bodies and officials of the organization about detection of a threshold and suspicious operation;

      11) the procedure for adoption and description of measures, taken in relation to the client and his/her operations in case that the client systematically and (or) in significant amounts carries out unusual and (or) suspicious operations.

      The organization may include additional measures for monitoring and studying clients’ operations in the program.

      31. If there are doubts regarding the legality of qualifying the operation as a threshold, as well as identifying an unusual or suspicious operation, the organization’s employee, who has identified the specified operation shall send a message about such operation to the responsible employee (to the division on CLPFT) in the manner, form and terms, established by internal documents of the organization.

      Information on several operations shall be allowed in one message.

      Messages about operations, specified in part one of this paragraph, as well as the results of their study, shall be kept by the organization for at least five years from the date of termination of business relations with the client or of a one-time operation (transaction).

Chapter 6. Program on training and education of employees on the issues of CLPFT

      32. The organization shall ensure compliance of the training and education program for employees on the issues of CLPFT with the requirements, approved by the order of the Minister of Finance of the Republic of Kazakhstan dated November 28, 2014 № 533 “On approval of requirements for the subjects of financial monitoring on training and education of employees”, registered in the Register of state registration of regulatory legal acts under № 10001.

  Appendix 1
to the Requirements to the Rules of internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism for payment organizations

Minimum required information subject to entering in the dossier of a client-individual,
as well as verification of authenticity during conducting standard, simplified or in-depth
identification

Information

Type of identification

Standard

Simplified

In-depth

1. General information about an individual

Surname, name, patronymic (if any)







Date and place of birth







Citizenship (if any)







Individual identification number (if any)







Type of identity document, number, series (if any)







Name of the body that issued an identity document, date of issue and validity







Address of place of residence (registration) or place of stay (state/jurisdiction, postal code, settlement, street/district, house number and, if available, apartment number)







Contact telephone number






Place of work, position






E-mail address (if any)






2. Additional information about an individual- entrepreneur

Number, date of issue of the document confirming the registration of an individual as an individual entrepreneur.






Business Identification Number (if any)






Type of entrepreneurial activity






Number, date of issue, validity period of the license (if the type of activity being carried out is licensed)






Address of carrying out an entrepreneurial activity (state/jurisdiction, postal code, settlement, street/district, building number)






3. Additional information about an individual-foreigner

Number, date of issue, validity of the visa (if submitted as an identity document, a foreign passport) (except for the citizens of states entering the Republic of Kazakhstan without a visa)







Number, date of issue, validity of the migration card (if submitted as an identity document, a foreign passport) (for the citizens of states entering the Republic of Kazakhstan without a visa)







Affiliation of a person to foreign public officials or related persons (family members)







4. Information about the representative of an individual

Surname(if any)







Date and place of birth







Citizenship (if any)







Individual identification number (if any)







Type of identity document, number, series (if any)







Name of the body, that issued the identity document, date of issue and validity







Address of place of residence (registration) or place of stay (state/jurisdiction, postal code, settlement, street/district, building number)







Contact telephone number







Number, date of issue (signing), validity (if any) of the document (power of attorney, contract, certificate of the guardian (trustee), other document) for the commission of legally significant actions on behalf of an individual (including opening an account, managing an account) or legal representation mark





✓✓


Surname, name, patronymic (if any) of the notary, who certified the client's signature on a power of attorney, issued to the representative of a client, number and date of issue of the license for notarial activity or name of the body, that issued the document







Number, date of issue, validity of the visa (if submitted as an identity document, a foreign passport) (except for the citizens of states entering the Republic of Kazakhstan without a visa)








Number, date of issue, validity of the migration card (if submitted as an identity document, a foreign passport)








5. Information on the beneficial owner


Surname, name, patronymic (if any) of an individual (s) in whose interests business relations are established (operations are performed), or a note that an individual who has established business relations (performing an operation) on his behalf acts in his own interests







Citizenship (if any) of the beneficial ownership







Individual identification number (if any) of the beneficial owner







Type of identity document, number, series (if any) of the beneficial owner







Name of the body, that issued the identity document of the beneficial owner, date of issue and validity







Contact telephone number (if any) of the beneficial owner







Affiliation of the beneficial owner - foreigner to foreign public officials or persons related to them (family members)







6. Results of operations monitoring and service information


A note on the location of the client, his/her beneficial owner in the list of persons associated with financing of terrorism and extremism








Services, used by an individual in an organization (concluded contracts)







Results of the last monitoring of operations, including measures to verify the reliability of the source of financing for operations







Risk level








Date of receipt (updating) information about the client







Explanation to the Requirements for the content of a client’s dossier:

      1. In accordance with the legislation of the Republic of Kazakhstan, identity documents on the basis of which civil- legal transactions can be made shall be:

      1.1. for the citizens of the Republic of Kazakhstan:     

      1) a passport of the citizen of the Republic of Kazakhstan;

      2) an identity card of a citizen of the Republic of Kazakhstan;

      1.2. for foreign citizens:

      1) a foreign passport (a passport of a citizen of a foreign state);

      2) a residence permit of a foreigner in the Republic of Kazakhstan;

      3) another document recognized in accordance with an international treaty ratified by the Republic of Kazakhstan as an identity document, on the basis of which civil-legal transactions are concluded on the territory of the Republic of Kazakhstan;

      1.3. for stateless persons, permanently residing on the territory of the Republic of Kazakhstan:

      certificate of a stateless person.

      2. Verification of accuracy of the submitted information shall be carried out by reconciliation with the data of originals or notarized copies of the relevant documents submitted by the client (his/her representative), reconciliation with data from available sources (databases), checking the information by other ways, including visiting the address. As part of verification of accuracy of the information necessary for identification, a visual comparison of the photo placed on the identity document with the client (representative of the client) is also made.

Designations:

      ✓– the need to record relevant information;

      ✓✓– the need to record relevant information and verification their accuracy.

  Appendix 2
to the Requirements to the Rules of internal control for the purpose of counteraction to the legalization (laundering) of proceeds from crime and financing of terrorism for payment organizations

Minimum required information subject to be entered in the dossier of a client-legal
entity, as well as verification of authenticity during conducting standard, simplified or in
depth identification

Information

Type of identification

Standard

Simplified

In-depth

1. General information about a legal entity

Full and, if available, abbreviated name, including organizational-legal form







Business Identification Number (if any)







Type of document, confirming registration, date of issue, number (if any)







Name of registration body, date and place of registration (re-registration)







Type (s) of carrying out activity and code of general classifier of types of economic activity (GCEA) (if any)







Number, date of issue, license validity period (if the type of activity, being carried out is licensed)







Name of the body, that issued a license







Address of location in accordance with the document, confirming registration (country, postal code, settlement, street/district, building number)







Address of actual location of the executive body (country, postal code, settlement, street/ district, building number)







Contact telephone number







E-mail address (if any)







2. Additional information about a foreign legal entity

Registration number (code), assigned by the authorized body in the state of registration







3. Information on the ownership and management structure

The structure and name of bodies (supreme body, executive body, other bodies) in accordance with constituent documents







Date of the latest edition of constituent documents, on the basis of which the structure of the bodies of a legal entity is established







3.1. Information about the personal composition of the supreme body

Surnames, names, patronymics (if any) of individuals and (or) full names of legal entities that are members of the supreme body






Citizenship (if any) of individuals and (or) state of registration of legal entities that are members of the supreme body






Individual identification numbers (if any) or numbers, series (if any), dates of issue and validity of identity documents of individuals that are members of the supreme body






Business identification numbers (if any) or registration numbers (codes), assigned by the authorized body in the state of registration for legal entities that are members of the supreme body






Date of the latest edition of constituent documents or the date of extract from the register of shareholders (participants) or another document on the basis of which the composition of the supreme body is established






3.2. Information on the personal composition of the executive body

Surname, name, patronymic (if any) of the person, carrying out the functions of the sole executive body, or surnames, names, patronymic (if any) of the head and members of the collegial executive body







Date and place of birth of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Citizenship (if any) of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Individual identification number (if any) of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Type of identity document, number, series (if any) of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Name of the body, that issued the identity document of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body, date of its issue and validity period






Address of place of residence (registration) and (or) place of stay (state/jurisdiction, postal code, settlement, street/district, house number and, if any, apartment number) of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Contact phone number of the person, carrying out the functions of the sole executive body, or the head and members of the collegial executive body






Number and date of the document (order, minutes of the general meeting, minutes of the board of directors, decisions of the sole shareholder (founder) or other similar document), on the basis of which the person, carries out the functions of the sole executive body or the head or member of the collegial executive body






3.3 Information on the personal composition of other management bodies (if any)

Surnames, names, patronymics (if any) of the head and members of the management body






Date and place of birth of the head and members of the management body






Citizenship (if any) of the head and members of the management body






Individual identification number (if any) of the head and members of the management body






Type of identity document, number, series (if any) of the head and members of the management body





Name of the body, that issued the identity document of the head and (or) members of the management body, date of issue and validity





Number and date of the document (minutes of the general meeting, decision of the sole shareholder (founder) or other similar document), on the basis of which the person carries out the functions of the head or member of the management body





4. Information about the representative of a legal entity

Surname, name, patronymic (if any) of a representative of a legal entity (including the head of a branch (representative office) of a legal entity)







Date and place of birth







Citizenship (if any)







Individual identification number (if any)







Type of identity document, number, series (if any)







Name of the body, that issued the identity document, date of issue and validity







Address of place of residence (registration) or place of stay (state/jurisdiction, postal code, settlement, street/district, house number and, if any, apartment number)







Contact telephone number







Number, date and validity (if any) of the document (order, power of attorney) giving the representative the right to perform legally significant actions on behalf of a legal entity (opening of an account, managing an account)







Surname, name, patronymic (if any) of the person who signed the document (order, power of attorney), giving the representative the right to perform legally significant actions on behalf of a legal entity (opening an account, managing an account)






Number, date of issue, validity of the visa (if submitted as an identity document, a foreign passport) (except for the citizens of states entering the Republic of Kazakhstan without a visa)







Number, date of issue, validity period of the migration card (if submitted as an identity document, a foreign passport)







5. Information on the beneficial owner

A note on the presence/absence of an individual (s) who directly or indirectly holds more than twenty-five percent of the shares in the authorized capital or placed (minus preferred and bought back by the company) shares of a legal entity






A note on the presence/absence of an individual (s), carrying out control over a legal entity on other grounds






A note on the presence/absence of an individual (s) in whose interests business relations are established (operations are performed) by a legal entity






Surname, name and, if any patronymic of the beneficial owner






Citizenship (if any) of the beneficial owner






Individual identification number (if any) of the beneficial owner






Type of identity document, number, series (if any) of the beneficial owner






Name of the body, that issued an identity document of the beneficial owner, date of issue and validity






Contact telephone number (if any) of the beneficial owner






Affiliation of the beneficial owner - foreigner to foreign public officials or persons related to them (family members)






6. Additional information about a branch (representative office) of a legal entity

Name of the branch (representative office)







Business Identification Number (if any)







Type of the document, confirming registration, date of issue, number (if any)







Name of the registering body and date of registration (re-registration)







Type (types) of carrying out activity and GCEA code (if any)







Number, date of issue, validity period of the license (if the type of activity being carried out is licensed)







Address of location of the branch (representative office) in accordance with the document confirming registration (country, postal code, settlement, street/district, building number)







Contact telephone number







E-mail address (if any







7. Results of operation monitoring and service information

A note on location of the client, his/her beneficial owner in the list of persons associated with financing of terrorism and extremism







Services used by the legal entity in the organization (concluded contracts)







Results of the latest monitoring of operations, including measures on verification reliability of the source of financing performed operations







Risk level







Date of receipt (updating) of information







Explanation to the Requirements for the content of a client’s dossier:

      1. In accordance with the legislation of the Republic of Kazakhstan, identity documents on the basis of which civil- legal transactions can be conclude shall be:

      1.1. For the citizens of the Republic of Kazakhstan:     

      1) a passport of the citizen of the Republic of Kazakhstan;

      2) an identity card of a citizen of the Republic of Kazakhstan;

      1.2. For foreign citizens:

      1) a foreign passport (a passport of a citizen of a foreign state);

      2) a residence permit of a foreigner in the Republic of Kazakhstan;

      3) another document recognized in accordance with an international treaty ratified by the Republic of Kazakhstan as an identity document, on the basis of which civil-legal transactions are concluded on the territory of the Republic of Kazakhstan;

      1.3. For stateless persons, permanently residing on the territory of the Republic of Kazakhstan:

      certificate of a stateless person.

      2. Verification of accuracy of the submitted information shall be carried out by reconciliation with the data of originals or notarized copies of the relevant documents submitted by the client (his/her representative), reconciliation with data from available sources (databases), checking the information by other ways, including visiting the address. As part of verification of accuracy of the information on identification, a visual comparison of the photo placed on the identity document with the client (representative of the client) is also made.

      3. Information relating to registration and availability of a license, relations of an international organization shall also be established, if contracts on establishing such an international organization and (or) the conditions for its stay in the territory of a state (states) do not provide for the implementation of their activities, respectively, without registration and (or) a license.

Designations:

      ✓– the need to record relevant information;

      ✓✓– the need to record relevant information and verification their accuracy.

If you found any error on the page, please highlight a word or a phrase and then press «Ctrl+Enter» key combination

 

On-page search

Enter text to search

Hint: Browser has internal on-page search. It works faster and is usually activated by pressing ctrl-F.