• Phone:
  •     | Email:
  •     |
  •     |

Latest Updates

Regulatory Update - February 2018

The current anti-money laundering regime in the Cayman Islands consists of the new Anti-Money Laundering Regulations, 2017 (the Regulations), the Proceeds of Crime Law (2017 Revision) (the PCL) and the Cayman Islands Monetary Authority Guidance Notes, each as amended from time to time (the AML Regime). The AML Regime must be read in line with the Financial Action Task Force Methodology (the FATF) which was updated November 2017 when the Regulations came into effect. The Regulations were introduced as part of the Cayman Islands on-going Anti-Money laundering/Counter Financing of Terrorism Strategy that seeks to address money laundering, terrorist financing and proliferation financing challenges. The Regulations impose obligations on relevant financial businesses (RFBs) to know whom they are providing services to. RFBs are now defined more broadly under the PCL. It includes, but is not limited to, the business of engaging in one or more of the following:

  • Banking and trust business who are licensee under the Banks and Trust Companies law
  • Acceptance by a building society of deposits made by any business
  • Business carried on by a co-operative society within the meaning of the Co-operative Societies Law
  • Insurance business and the business of an insurance manager, an insurance agent, an insurance sub-gent or an insurance broker within the meaning of the Insurance law
  • Mutual fund administration or the business of a regulated mutual fund as defined in the Mutual Funds Law.
  • The business of the company management as defined by the Companies Management Law.
  • Money broking, portfolio management advice, safe custody services, financial service providers, estate agency, legal and account services.

Key updates addressed in the Regulations include the following updates:

  • adoption of a risk-based approach in assessments (RBA);
  • simplified and enhanced customer due diligence (CDD);
  • Politically Exposed Persons (PEP);
  • Money laundering Reporting Officer (MLRO);
  • Money laundering Reporting Officers (DMLRO).

Key Updates

Risk Based Approach for Assessment

Under Regulation 8 there is an obligation to take a risk-based approach to assess and mitigate. RFBs are required to take steps appropriate to the nature and size of the business to identify, assess and understanding the money laundering and terrorist financing risks. This can be done by considering the following factors:

  • Products and services rating-how is the business rated i.e. is it a salon, pay day loan;
  • Client’s types rating-how deep are PEP families go;
  • Channels rating-means how you are dealing with the client i.e. face to face, unsolicited, account servicing;
  • Geographic ratings.

Under the FATF the financial business can calculate the overall risk by using these rate factors together with qualitative checks, such as the country risk rating, their overall risk rating. It is important to understand the risk the business undertakes in order to assess overall risk rating. The systematic approach taken by the business must be writing so that the approach is formalized.

Customer Due Diligence

Under the AML regulations, a person carrying out relevant financial business shall not keep anonymous

accounts or accounts in fictitious names.


The regulations impose an obligation to carry out enhanced customer due diligence where the risk is greater for terrorist financing or money laundering are greater. This includes where the customer is a PEP or they are from a foreign country identified by credible sources as having AML deficiencies. Where they are unable to obtain enhanced COD the RFBs are directed to not open the account and/or file a Suspicious Activity Report.


RFBs can now apply simplified customer due diligence measures where it is determined that the risks are low. The due diligence must be commensurate with the low risks involved and the assessment of the risk must be consistent with the findings of the Anti-Money Laundering Steering Group, CIMA or a body designated in writing by the Cabinet.

  • Equivalent jurisdiction customers – In the old AML regulations customers providing funds from an account from an equivalent jurisdiction to the Cayman could be exempted because that was considered to verify the identity. This exemption was captured by funds. The new regulation impost basic customer identification requirements once payment is made and that it must be verified before proceeding with further payments onto the customer or third parties.
  • Acceptable applicants - The Regulations identify Acceptable Applicants, which include the old exempted customer categories. This includes the government or statutory body of recognized foreign body, a company listed on a recognized stock exchange, and a regulated foreign entity. Acceptable Applicants are required to be identified but documents are not required.
  • Introducers - The Regulations still exempt eligible introducers but now impose the requirement of enhanced written assurances that copies of identification and verification data will be available on demand from the introducers.
Shell Banks

RFBs are not permitted to carry on a business relationship, or carry out a one-off transaction with a shell bank.


PEPs are considered to be high risk and must have enhanced customer due diligence imposed. In conducting business with PEPs senior approval within the business must be obtained and a procedure to determine the source of wealth must be put in place. The financial business must also conduct ongoing monitoring of the PEP customer. This includes, but is not limited to, using corruption indexes, bank lists and screening software. In the group of PEPs there are low and higher risk customers and the financial business must have in place a policy and practice of how the distinction can be made by its business.


Under the Law RFBs are required to designate a person at managerial level as the Money laundering Reporting Officer (MLRO) to ensure compliance with the requirements set out the Regulations. In addition to having MLRO, you must have a deputy MLRO to ensure there is always a compliance person present who understands the anti-money laundering procedures. There must be internal reporting procedures that can be following clearly by the employees of the business, which should be contained in their AML policies and procedures.

Delegation of Functions

RFBs are able to delegate their compliance function however, the responsibility to comply with the Regulation remains with the relevel financial business. The continued expectation around the delegation is that the RFBs must be able to answer questions about their policies and procedures including risk assessment process, delegated tasks, record keeping, and how compliance training is conducted including where the functions are delegated, which functions are maintained by the RFB, how those delegated functions are monitored or enforced, and the agreement(s) which detail such an arrangement together with the service providers own AML policies and procedure must be produced upon request by a competent authorities.

List of Equivalent Jurisdictions

The list of countries with equivalent AML regulations are now be maintained by the Anti-Money Laundering Steering Group to ensure that it has the list remains up to date. Click the name: List of Equivalent Jurisdictions

Record Keeping

RFBs are compliant with the Regulation if they keep records in the following manner:

  • Record of one-off transaction records which indicates the nature of the COD
  • Maintain a record of account files and business correspondence, and results of any analysis done for at least 5 years after the termination of the business relationship or the date of the one-off transaction.
  • Maintain a record containing details of all transactions carried out by the person conducting the relevant financial business, which should be sufficient to permit reconstruction of individual transaction in the event that it is needed as evidence for prosecution.
  • Ensure that all customer due diligence and transactions records must be available immediately when the competent authorities request for it.
Group wide programs

A financial group carrying out relevant financial business through a group arrangement must implement group-wide programs against ML and TF. This includes all applicable branches and majority owned subsidiaries of the group. Where there are foreign branches and majority owned subsidiaries they must have anti-money laundering and counter terrorist financing requirements consistent with the Cayman Islands, even where the foreign country standards are less strict.

The financial group programs must include:

  • implementation of systems preventing money laundering;
  • policies and procedure for sharing customer due diligence;
  • provisions at group level for compliance, audit and AML and CTF functions of customer, account, transaction information;
  • adequate safeguards on the confidentiality and use of information exchanged.

*CIMA guidance highlights the need for RFBs to be cautious of complex networks and arrangements that span across multiple jurisdictions that lack legitimate rationale in taking on new business and continuing existing relationships

Increase in Penalties

The penalties for contravening the Regulations are severe with liability of up to a fine of $500,000 for a summary conviction or imprisonment for two years. The court will take into account any supervisory or regulatory guidance that was issued that applies and take into account that relevant industry practices which the business operates.

A Note on Mutual Fund Risks

The CIMA Mutual Funds and Mutual Funds Administrator Sector Specific AML/CFT guidance notes highlight the key risk area that mutual funds must weigh carefully. They are as follows:

  • Country risk - Mutual funds typically have investors located in multiple international locations, which increases the risk. As such, they should be vigilant in dealing with investors who are PEPs of foreign jurisdictions or those from country sanctions.
  • Investor profile - In addition to the country of residency of the investors, the types of individuals/entities that are investors will increase the risks. Regulated bodies like large financial institutions and listed companies are less risky than, investors in the form of trusts, non-profit organization or high net worth individuals.
  • Source of Funds - Mutual funds with lower investment thresholds pose a greater risk of money laundering, especially if those funds are not coming from a regulated financial institution. The fund administrators and operators must remain aware of and have controls in place surrounding subscription and redemption activity in mutual funds.
  • Redemption terms - Mutual funds are susceptible to being used for layering transactions because of the movement of funds involved. As such, attention must be paid to liquidity structures, lock up periods and redemption restrictions.

The notes indicate that the special circumstances mutual funds are under, fund administrators and operators should make it good practice to obtain and maintain more than simplified COD or to at least ensure there are enough safeguards to ensure their obligations under the Regulations are met.

Actions to Take

The RFBs have an obligation to ensure that their written policies and procedures have the board's overall AML policy statement and their RBA based on their perception of risk for their business including the systematic evaluation method for the customer onboarding phase. They must also include how decisions will be documented. In addition, RFBs must ensure that the designated MLRO

  • is familiar with 104 of the FATF methodology
  • revises written procedures/policies
  • identifies, assesses, and understands AML/CTF risks having regard to the RBA
  • mitigate risks, high risk-enhanced COD
Useful Resources
  • The Anti-Money Laundering Regulations, 2017
  • The Proceeds of Crime Law (2017 Revision)
  • The Financial Action Task Force Methodology (updated November 2017)

Tri-Bridge will issue an update as soon as we are made aware of any changes to the industry approach and/or changes to the CIMA Guidance Notes.

Please contact Tri-Bridge Compliance Partners Ltd. if you would like to discuss this in further detail or how our boutique services can help you achieve your compliance needs around your product and services.

Tri-Bridge is here to help bridge the gap between regulations, product knowledge, and resources.


DISCLAIMER This document is intended to provide a brief overview and general information and should not be construed or relied upon as legal advice.