The Anti-Money Laundering Guidelines for the Provision of Mobile Payment Services [The Guidelines] were formulated by the Central Bank of Kenya by virtue of powers conferred by Section 3(1) of the National Payment System Act 2011. The guidelines provide guidance to mobile payment services providers on monitoring and reporting of suspected money laundering activities on their platforms, and they are applicable to mobile payment services providers licensed in Kenya and all mobile payment transfers within Kenya.
Who is a mobile payment services provider?
A mobile payment services provider is a telecommunications service provider licensed under Kenya Information and Communications Act and authorized by the Central Bank of Kenya to provide payment services. Examples of mobile payment services providers in Kenya include:
- Mpesa
- Pesapal
- ipay
- Jambopay
- Pesalink
The guidelines provide guidance on:
- How to reduce the risk of money laundering or terrorist financing.
Mobile payment services providers are required to adhere to a number of set requirements in order to reduce the risk of money laundering and terrorist financing on their platforms. These requirements are that the mobile payment services providers should:
- Set transaction account limits for users.
Mobile payment services providers are required to have daily or monthly account limits for transactions on their platforms. Where there is a high value and frequency of transactions and a high payment account limit, there lies a greater risk for money laundering and terrorist financing. As an example, Mpesa daily transaction limit for an individual is currently set at Ksh.300,000.
The guidelines provide that where an account registers a daily turnover exceeding Ksh.100,000 or where a personal account transacts more than Ksh.300,000 per week, investigations on the account user should be carried out.
- Take measures to get the true identity of persons carrying out transactions on their platforms.
Any person who wishes to use a mobile payment services provider’s platform for transactions must produce an official record which can reasonably establish their true identity. These records could include: a national identity card, a driver’s license, a birth certificate, KRA Pin certificate or any other official means of identification.
- Ensure only valid identification documents are used to open mobile payment accounts.
Where any person seeks to open a payment account with the mobile payment services providers, the person has to provide valid identification documents. This reduces the risk of money laundering or terrorist financing by ensuring that multiple accounts held by one person are linked and records of their transactions in all accounts are kept.
- How to control money laundering risks.
The guidelines provide measures to be put in place in order to control money laundering risks to which the mobile payment services providers could be exposed. The measures include:
- Laid down procedures and controls.
In order to manage operational risks, mobile payment services providers have to ensure that they have laid down procedures and controls to; enforce monitoring and reporting of suspected money laundering activities, verification of customer records and establishment of internal reporting procedures.
- Operational procedures to handle customer complaints.
The guidelines require that all mobile payment services providers should put in place efficient operational procedures to handle any complaints by their customers. This includes recording sufficient details of transactions and keeping them for a minimum period of Seven (7) years from the date of the transaction.
- Clear accountability for actions of agents.
The guidelines provide that through signing agent agreements, mobile payment services providers are able to clearly spell out the roles and obligations of the service providers and their agents to prevent money laundering and terrorism funding. The service providers are supposed to regularly verify compliance with the policies and procedures set out in the agreements.
- Reporting suspicious transactions to Financial Reporting Centre.
Where a mobile payment services provider or their agent becomes aware of suspicious transactions which indicate possible money laundering or terrorism financing, they are to report the transactions to the Financial Reporting Centre immediately or within Seven (7) days of the date of the suspicious transaction.
- Mandatory disclosure of information.
The guidelines give mobile payment service providers the obligation to submit a monthly report to the Central Bank of Kenya. Further, they are to submit information relating to mobile payment system whenever required by the Central Bank of Kenya, necessary to protect the integrity effectiveness of security of the payment system, and when required by law.
How do these guidelines affect you?
The guidelines prescribe a number of offences, penalties, and exceptions for mobile payment service providers or their agents in relation to the provisions thereunder:
- Knowingly transmitting transfers, receiving or attempting to receive/transmit/transfer a monetary instrument or anything of value to another person with intention to commit an offence;
- Entering into an arrangement with knowledge or suspicion that it facilitates the acquisition/retention/use/control of criminal property by or on behalf of another person.
The exceptions to these two offences include:
- Someone lacked knowledge or did not suspect that they were dealing with proceeds of crime; or
- They made an authorized disclosure before the act subject to the offence and got consent to transact; or
- They intended to disclose the information but had reasonable excuse not to do so; or
- The action was done pursuant to enforcing any provision of the National Payment System Act or any other Act or legislation relating to criminal conducts or benefit from criminal conduct.
- Failing to put in place effective procedures and controls to address risks of money laundering and terrorism financing.
- Failing to keep records of clients’ identity and details of transactions.
- Failing to retain the records of transactions for a minimum period of Seven (7) years from the date of the transactions.
- Failing to report suspicious transactions to the Financial Reporting Centre according to the Proceeds of Crime and Anti-Money Laundering Act.
- Failing to disclose information they know or suspect or reasonably suspects to be engaged in money laundering activities. The exception to this disclosure is when the information was provided by privileged circumstances like Advocate-client relationship, with no intention of furthering a criminal purpose.
- Knowingly tipping off a user whose transactions are suspected of money laundering or terrorist financing, or disclosing false information or concealing information to prevent an investigation into transactions.
All the offences are punishable and provided for under section 16 of the Proceeds of Crime and Anti-Money Laundering Act,2009.
