AML Compliance Guidelines: Vietnam

The economy of Vietnam has witnessed a remarkable transformation over the past two decades, evolving from one of the poorest countries in the world to a lower middle-income status. This rapid growth and surge in the adoption of new payment technologies shifted its economic model from a largely centralized to an open and globally connected one, expanding trade and investment with the region. While this increased connectivity has unlocked opportunities for growth, it has also introduced vulnerabilities, particularly in the realm of money laundering and terrorism financing. The rise in cross-border transactions, especially with countries having weak AML controls, has heightened the risks of money laundering and other financial crimes, requiring a strong Anti-Money Laundering and Countering Terrorism Financing (AML/CTF) regulatory framework.

What Constitutes A Money Laundering Offense in Vietnam?

With the enactment of the AML Law of 2022, Vietnam has expanded the definition of money laundering to include acts of individuals and organizations seeking to legitimize the origin of property obtained from illegal sources. Pre 2022 the focus was more on the banking sector and other financial institutions, leaving the loopholes of laundering activities in non-financial sectors such as real estate, accounting, and legal services.

Key Legislation

Anti-Money Laundering (AML) Law of 2022 (Law No. 14/2022/QH15)

The Anti-Money Laundering (AML) Law of 2022, effective as of March 2023, introduced significant changes to Vietnam’s regulatory framework, broadening AML obligations across both financial and non-financial sectors. Under this law, the scope of compliance was extended beyond traditional financial institutions to non-financial entities like real estate firms, legal and accounting professionals, and dealers in precious metals and stones. Significant highlights of this law include customer due diligence (CDD), record-keeping, and reporting requirements.

Financial Sector

SBV Regulated Financial Institutions

The State Bank of Vietnam (SBV) is the central authority responsible for regulating anti-money laundering (AML) efforts in Vietnam. Key responsibilities of SBV include leading and cooperating with national risk assessment, formulating and advising the government on legislation regarding AML, and coordinating and implementing international efforts to combat money laundering. SBV also compiles a “Warning List” or gray list of individuals and entities to warn about the high risk of money laundering.

SBV is also the primary authority to monitor and supervise the reporting requirements of the AML-regulated entities. The AML Department of the SBV assumes the role of the Financial Intelligence Unit of Vietnam. This newly established department will be functional from January 5, 2025. Additionally, SBV regulates financial institutions including banks, money transmitters, payment intermediaries, and money exchanges to ensure their compliance with money laundering regulations.

Securities Sector

Securities brokers and dealers providing services such as underwriting, portfolio management, investment fund management, investment consulting, etc. are obliged to have an AML compliance program under the money laundering regulations. The securities sector is regulated and supervised by the State Securities Commission (SSC), administratively under the Ministry of Finance.

Life Insurance Industry

Life insurance companies in Vietnam are obliged to apply CDD measures and report suspicious and large transactions to the AML Department. The Insurance Supervisory Authority is the regulatory and supervisory authority for the Life Insurance Industry, under the Ministry of Finance.

Designated Non-Financial Business and Professions (DNFBPs)

Real Estate Sector

The Ministry of Construction is responsible for the supervision and regulation of the real estate sector to enforce measures required by AML Law. Real estate agencies and brokers, except those providing leasing and consulting services, are obligated to conduct customer due diligence (CDD), record-keeping, and reporting suspicious and large cash transactions to the AML Department of the SBV.

Legal Sector

Solicitors, attorneys, legal practice groups, notaries, and notary public offices are regulated and supervised by the Ministry of Justice to ensure their compliance with requirements under the AML Laws.

Accounting Sector

Independent accounting professionals and accounting firms are required to apply CDD measures and report suspicious and large cash transactions to the AML Department of the SBV. The accounting sector is regulated and supervised by the Department of Accounting and Auditing Regulations of the Ministry of Finance.

Dealers in Precious Metal and Stones

The trading of precious metals and gemstones except for gold bars and gold jewelry and fine arts trading is obliged to apply CDD measures, maintain records, and report suspicious transactions to the AML Department of SBV. The Ministry of Industry and Trade is the regulatory and supervisory authority for the DPMS.

Gambling Industry

The Ministry of Finance supervises the business of electronic games with prizes, casinos, lotteries, and betting companies to ensure their compliance with CDD measures, record-keeping, and reporting requirements under the AML law.

Online Gaming

The Ministry of Information and Communications supervises and regulates telecommunications network-based and Internet-based games to ensure they meet their obligation mentioned in the AML Law.

Non Profit Organizations

The Ministry of Home Affairs regulates and supervises the work of associations, social funds, charity funds, and religious organizations to combat money laundering and particularly prevent terrorist financing through these organizations.

Key AML/CTF Requirements

Risk assessment

Reporting entities must conduct a money laundering (ML) risk assessment on an annual basis, aimed at developing a risk management system that can classify customers into low, medium, or high-risk categories based on different factors that measure ML risks. Such risk assessment should consider ML risk in the industry, country, and territory of operations determined by a national risk assessment of that country and internally determined by the reporting entity. Risks associated with a customer should be measured by the nature of the client (such as PEP or legal entity), products and services sought, delivery channel used, and jurisdictional connections of the customer.

Customer Due Diligence (CDD)

Financial institutions and DNFBPs must apply customer due diligence measures in certain circumstances including when establishing a business relationship with a client/opening an account or conducting an occasional transaction. These due diligence measures should include:

• Identifying customers and beneficial owners
• Verifying the identity of the customers and beneficial owners
• Obtaining the information on nature and purpose of the business relationship

Reporting entities should develop and implement robust policies, procedures, and controls to fulfill these obligations for CDD. Article 17 of the AML Law in Vietnam requires identifying foreign PEPs.

When establishing a business relationship or conducting a transaction, reporting entities must be aware of the key watchlists maintained by Vietnamese authorities, to ensure compliance with their AML obligations. These watchlists include Blacklist, Warning list/Grey list, and  PEP list. It’s important to identify if any customer, beneficial owner, or counter-party falls under any watchlist, as each list calls for a different set of actions as briefly explained below:

• A transaction found to be linked to a person on the Blacklist would be immediately frozen and reported to the authorities.
• A transaction linked to a person on the Warning list would require enhanced monitoring and be reported to SBV in a suspicious transaction report.
• Lastly, a person identified as a foreign PEP or on the PEP list of SBV would require management approval to establish a business relationship, collection of source of funds, application of enhanced CDD measures, and more frequent ongoing monitoring.

FIs and DNFBPs must have robust risk management systems in place to check customers, beneficial owners, and counter-parties against relevant watchlists. Relying on manual checks for these processes, including searching through public information and cross-referencing multiple watchlists, is labor-intensive, time-consuming, and prone to human error. Automated systems streamline this process, ensuring more accurate and timely compliance with AML regulations while freeing up resources for other critical compliance tasks.

Risk Based Approach (RBA)

Vietnam’s AML framework requires the application of a risk-based approach (RBA) that aligns with international standards set by FATF. This approach requires allocating AML efforts relative to the specific risk levels posed by customers, transactions, and services. This method prioritizes resources and compliance measures where the risk of money laundering is highest, reducing unnecessary burdens on low-risk areas. Consequently, the law requires the application of enhanced CDD measures such as enhanced customer identification and increased ongoing monitoring where money laundering risk is high. Similarly, where the risk of ML is low, a reduced level of customer identification and verification is followed by less frequent ongoing monitoring.

Reporting Suspicious and Large Transaction

All regulated entities are required to report suspicious and large-value transactions to the Anti-Money Laundering Department of the State Bank of Vietnam. Under Decision No. 11/2023/QD-TTg, any transaction that equals or exceeds VND 400 million is reportable as a large-value transaction to SBV. AML Law provides a list of general factors as well as sector-specific indicators that can imply or suggest suspicious activity. Additionally, AML Law states that any transaction that is directly or indirectly linked to an accused, defendant or convicted person must be reported to the SBV.

Record-Keeping

Records of customer identification, documents obtained for verification, and due diligence activities should be maintained for up to 5 years after terminating such a business relationship. Moreover, records of transactions including value, parties in the transaction, and other relevant details, shall be maintained for up to five years after conducting such a transaction (completed or attempted).

Penalties for non-compliance

Legal entities and individuals may face administrative sanctions, penalties, and criminal prosecutions based on the nature and degree of the violation of the AML Law.

Adverse Media Screening

Article 26(a) of the AML Law requires identifying and reporting transactions that are conducted by, or involve property linked to a suspect, defendant, or convicted individual, as notified by the competent authorities. This legal provision underscores the importance of implementing a comprehensive adverse media screening process.

Such a process must extend beyond official notifications from government sources to include publicly available information, which might highlight suspicious activities or associations not yet flagged by authorities. By doing so, regulated entities can proactively detect potential risks and ensure compliance with AML obligations, minimizing exposure to reputational and regulatory penalties.

Sanctions Compliance Using Screening Tools

All entities and individuals in Vietnam are obliged to apply countermeasures in relation to sanctions implemented pursuant to UN Resolutions, including local terrorist designations. These lists, collectively referred to as Blacklist, are maintained by the Ministry of Public Security and the Ministry of Defence of Vietnam.

The Ministry of Public Security maintains lists of individuals and entities designated pursuant to UN Security Council Resolutions as well as local designations. The Ministry of Defence oversees targeted financial sanctions (TFS) to counter proliferation financing (PF) and weapons of mass destruction (WMD) implemented pursuant to UN Resolutions.

Financial institutions (FIs), designated non-financial businesses and professions (DNFBPs), and payment intermediaries in Vietnam are obliged to screen their customers, beneficial owners, and counter-parties in any transactions against all applicable sanctions and terrorist lists.

In case a customer, beneficial owner, or counterparty in any transaction is directly or indirectly linked to any entity on the blacklist, reporting entities must take countermeasures such as freezing any asset/transaction involved and reporting to the competing authorities.

State Bank Circular No. 09/2023/TT-NHNN requires that reporting entities authorized to conduct electronic funds transfers must establish suitable information technology systems to enable electronic reporting and implement software solutions for screening and filtering against blacklists, greylists, and politically exposed persons (PEPs).

Future of AML Compliance in Vietnam

Vietnam being on the Financial Action Task Force’s list of jurisdictions under increased monitoring (commonly referred to as the gray list) is expected to further reform its existing AML laws, and their implementation and extend the AML obligations to the other sectors to align it with international standards set by FATF and Asia Pacific Group on Money Laundering (APG). For example, as of 2024, virtual assets service providers (VASPs) are not regulated under the AML Laws in Vietnam, however, there exists a clear plan to develop a legal framework for regulation by May 2025. A good approach would be proactively adopting international standards on CDD set by FATF for VASP or cryptocurrency companies to enable a smooth transition.

Using a reliable AML compliance software with a global proprietary database of politically exposed persons , sanctions, and watchlists, having due regard to local laws not only helps in ensuring compliance with local regulations but also reduces the need for a separate solution when scaling operations on an international level. For example, AML Watcher’s global PeP database allows businesses to efficiently screen Foreign PEPs to meet regulatory requirements in Vietnam.