AML Compliance Guidelines: Kuwait

Kuwait possesses the world’s sixth-largest oil reserves and highest-valued currency, making it one of the world’s richest countries. Heavily reliant on vast oil reserves, 90% of the government revenue is generated from oil exports. As a mostly export-oriented economy, it brings in the need for cross-border financial activities, which create opportunities for illicit transactions. Moreover, its proximity to conflict-prone regions increases the risk of funds being misused for terrorism financing. To address these vulnerabilities, Kuwait has implemented a strong anti-money laundering and combating the financing of terrorism (AML CFT) framework by incorporating international standards set by the Financial Actions Task Force (FATF).

What is money laundering in Kuwait?

As per section 2 of the AML Law in Kuwait, a person commits a money laundering offense if, knowing funds are proceeds of crime, they transfer, conceal, or disguise the funds’ illicit origin, aid in evading legal consequences, or possess such funds. A natural person convicted of a money laundering offense can face imprisonment for up to ten years and a fine equal to the value of the funds involved. Whereas a legal person convicted of an ML offense can be punished by a fine of up to 1 million Dinars.

What is terrorist financing in Kuwait?

Under Article 3 of the AML/CFT Law, a person who unlawfully and willfully collects or provides funds, knowing or intending they will support terrorist acts, organizations, or individuals, commits a terrorism financing offense. A person convicted of terrorist financing can face imprisonment for up to fifteen years and a fine up to twice the value of the funds involved.

Overview of AML Regulatory Framework

The Law No. (106) of 2013 is the primary legislation that lays out the framework of AML/CFT Compliance. This framework is overseen and enforced by the supervisory authorities including the Central Bank of Kuwait, the Capital Market Authority, and the Ministry of Commerce and Industry. Supervisory authorities are empowered to issue ministerial decisions and instructions to assist FIs and DNFBPs in ensuring compliance with their obligations.

Key AML Regulatory Bodies in Kuwait

Central Bank of Kuwait (CBK)

The Central Bank of Kuwait plays a significant role in regulating the country’s banking and financial sector. It issues AML regulations, guidelines, and directives for banks and financial institutions. CBK conducts regular inspections to ensure compliance with AML/CFT requirements. It supervises and licenses financial institutions and monitors their adherence to AML regulations in Kuwait.

Capital Markets Authority (CMA)

CMA oversees and regulates Kuwait’s securities and capital markets. It enforces AML and CFT regulations for entities under its jurisdiction, including investment companies and brokerages.

Kuwait Financial Intelligence Unit (KwFIU)

The KwFIU is responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) and other financial intelligence related to AML CFT compliance. It operates independently and collaborates with law enforcement agencies. It also publishes a list of high-risk countries and lists of suspicious activity indicators specific to each industry.

Kuwait Anti-Corruption Authority (Nazaha)

Nazaha is a government authority responsible for developing and implementing the national anti-corruption strategy of Kuwait. It mandates financial disclosure requirements for different public and private entities and collects reports of suspected corruption. While primarily focused on combating corruption, Nazaha may also have a role in AML efforts, especially in cases where corruption is linked to money laundering.

Anti-Money Laundering and Combating The Financing of Terrorism (AML/CFT) Law No. (106) of 2013

This is the primary legislation in Kuwait that sets out the framework for AML and CTF. It provides for the establishment of a financial intelligence unit, imposes obligations on financial institutions and non-financial businesses and professions to combat money laundering and terrorist financing, and sets out the penalties for non-compliance.

AML Obliged Sectors in Kuwait

Financial Institutions (FIs)

• Banks
• Credit Institutions
• Payment Service Providers
• Investment Companies
• Finance Companies
• Insurance Companies and Intermediaries
• Exchange Companies
• Brokers and Dealers in Securities
• Commodity Futures Trading
• Providers of Safe Deposit Boxes
• Leasing Companies

Designated Non-Financial Businesses and Professions (DNFBPs)

• Dealers in Gold, Precious Stones and Precious Metals (subject to certain cash transaction limits)
• Real Estate Agents
• Lawyers and Legal Professionals
• Accountants
• Trust and Company Service Providers

Key requirements under the AML/CFT Law

Risk Assessment

FI’s and DNFBPs are required to perform a risk assessment for money laundering and terrorism financing. This risk assessment process should take into account risk factors, including those related to customers, geographic areas and countries, products, services, transactions, and delivery channels. The risk assessment and any underlying information should be documented, kept up-to-date, and readily available for the supervisory authority to review.

Internal Controls and Procedures

Obliged entities should have written internal controls, policies, and procedures to combat money laundering and terrorism financing, approved by the senior management and updated on regular intervals to incorporate any new developments. An obliged entity should take into consideration its size, nature of activities, industry, and results of risk assessment when developing these policies and controls. An independent audit function should measure the effectiveness and firmwide compliance with the internal controls and policies.

Risk based approach (RBA)

The due diligence measures should be carried out in accordance with the risk assessment. FIs and DNFBPs should apply enhanced due diligence measures where the assessed risks of ML/TF are higher. Whereas simplified due diligence measures can be applied where the risks of money laundering and terrorism financing are lower.

Customer Due Diligence (CDD)

While complying in line with the Risk-Based Approach,  the FIs and DNFBPs are required to perform the following due diligence measures:

• Identify the identity of the customer, actual beneficiary, and politically exposed persons and verify their identity using reliable and independent source documents
• Assess and if required, obtain information on the purpose and intended nature of the business relationship.
• Understand the ownership and control structure of legal entities.
• Continuously monitor the business relationship to ensure activities and transactions match the institution’s knowledge of the customer, their risk profile, and source of funds, where applicable

The above-mentioned due diligence measures should be carried out:

• When opening an account or establishing a business relationship
• When carrying out an occasional transaction above a certain set limit
• Before carrying out a domestic or international wire transfer for a customer,
• Whenever there is a suspicion of money laundering or terrorism financing,
• Whenever doubts exist about the accuracy and adequacy of previously obtained customer IDs

Enhanced Due Diligence (EDD)

In addition to the situations where the ML/TF risks are identified as high, FIs and DNFBPs should perform enhanced due diligence measures for:

• Customer or Beneficial owner who is identified as a PEP
• Large and complex transactions that lack clear economic or visible lawful purposes or objectives
• Business relationships and transactions linked to high-risk countries as identified by the KwFIU

Enhanced due diligence measures should include:

• Obtaining information on sources of funds and wealth
• Obtaining information on the nature and purpose of a transaction
• Obtaining information on the customer (legal person) about the nature of the expected business relationship, volume/frequency of business, and latest available financial statements
• Obtaining senior management approval for establishing or continuing the business relationships
• Increasing the frequency and intensity of the ongoing monitoring
• Requiring first transfer from customer’s own account

Politically Exposed Persons (PEP)

FIs and DNFBPs should have appropriate procedures to determine whether the customer or the beneficial owner is a politically exposed person (PEP). Such procedures should include the following, at ma inimum:

• Obtaining a self-declaration from the customer
• Continuous follow-up to update customer information
• Use of electronic databases provided by specialized companies for PEPs in order to collect information and data.

In case the bank finds that the customer or the beneficial owner is a PEP, a family member, or a close associate of a PEP, the following additional measures shall be applied:

• Obtaining senior management approval to continue or establish a business relationship
• Taking appropriate measures to obtain a  source of funds and wealth
• Having appropriate procedures to determine how to handle PEP accounts, its periodic updates and required follow-ups for executed transactions.
• Intensified ongoing monitoring of the business relationship.

Reporting Requirements

FIs and DNFBPs are required to report to the KwFIU without delay if they’ve reasonable grounds to believe that a transaction, irrespective of the amount, whether executed or attempted, is linked to proceeds of crime or related to be used for money laundering or terrorism financing.

Note: Attorneys, lawyers, and accountants are not obliged to report a transaction if the relevant information was obtained in circumstances where they are subject to professional secrecy.

Record-Keeping Requirements

FIs and DNFBPs are required to retain records of due diligence activities, customer profiles, identity documents, and transactions for at least five years after the termination of the business relationship.

Compliance Officer and Training

Obliged entities should appoint a compliance officer at the senior management level responsible for ensuring compliance with the requirements of AML Laws. Obliged entities should have an ongoing training program to make their employees aware of any new developments in the regulatory landscape or enable them to carry out their responsibilities regarding AML/CFT compliance efficiently.

Prohibitions and Restrictions

• FIs and DNFBPs are prohibited from dealing with shell companies
• FIs are prohibited from opening or maintaining anonymous or fictitious accounts.
• If an FI or DNFBP is unable to perform required customer due diligence, it shall refrain from opening the account or commencing the business relationship or carrying out the transaction, or it shall terminate the business relationship and consider filing a report to the KwFIU.
• FIs, DNFBPs, their directors, and employees are prohibited from disclosing to a customer or any other person the fact that an STR report has been filed or any money laundering or terrorism financing investigation is underway.
• All persons in Kuwait are prohibited from trading or making payments using virtual assets/currencies.

Penalties for Non-Compliance

If an FI or DNFBP or any of its director, executive, or supervisory management members is found to have violated the provisions of AML/CFT law or any related regulations or instructions, the supervisory authority may apply one or more penalties like issuing warnings, revoking licenses to imposing fines up to 500,000 dirhams per violation.

Screening Solution for AML Compliance in Kuwait

Organizations can opt for reliable screening services to simplify and meet their regulatory obligations. Opting for a reliable PEP screening not only expedites the compliance operations it also fulfills regulatory obligations such as the requirement to consult electronic databases for PEP identification.

Despite having strong AML/CFT controls, extensive cross-border payments associated with large expat workers make Kuwait vulnerable to ML/TF risks. Adverse media screening can effectively manage these risks through background checks,w hich can flag any potentially relevant negative information associated with any such person abroad.

An efficient screening tool filters clients to uncover involvement in any criminal activities, law enforcement wanted lists, court records, or other official watchlists, enabling precise risk assessment and enhanced due diligence and ongoing monitoring. Information fetched by such AML solutions can assist in making informed decisions whether or not to establish a business relationship or execute a transaction.

Sanctions Compliance in Kuwait

Kuwait doesn’t have an autonomous sanctions regime. However, being a member of the United Nations, it implements the sanctions adopted in accordance with UN Security Council Resolutions under Chapter VII of the UN Charter. A national list is also published in accordance with UN Resolution 1373 by the local Committee of the Ministry of Foreign Affairs.

FIs and DNFBPs must have policies, procedures, and controls in place to implement freezing measures against the individuals and legal entities included in the UN lists and national list. Obliged entities should develop an automated sanctions screening tool to fully comply with the requirements related to sanctions, with the possibility to consider using commercial services for that purpose.

Obliged entities are prohibited from providing financial services or other related services to any of the individuals, entities or groups included in applicable sanctions lists.

Under section 15 of the AML Law, supervisory authorities are empowered to impose administrative penalties ranging from warnings, revoking/withdrawing licenses, or imposing fines up to 500,000 dirhams for each violation committed.