Brych Experts Advisory

Accounting firm in Monaco — Audit, company formation and strategic advisory for over 40 years.

← Blog

compliance

AMSF — AML/CFT Guidelines for Monaco

AMSF - AML/CFT Guidelines and Guidance for Monaco

Introduction

The Autorité Monégasque de Sécurité Financière (AMSF) is the supervisory and financial intelligence authority of the Principality of Monaco. It integrates the functions formerly assigned to SICCFIN (Service d'Information et de Contrôle sur les Circuits Financiers). The AMSF supervises the compliance of obliged entities with the framework for combating money laundering, terrorism financing, proliferation of weapons of mass destruction and corruption (AML/CFT-P-C), based on Law No. 1.362 of 3 August 2009, as amended and its Sovereign Ordinance No. 2.318, as amended. The AMSF publishes generic guidelines as well as thematic practical guides to assist obliged professionals in implementing their obligations. The reference texts are informational; only the legislative and regulatory texts are authoritative.

1. Generic AML/CFT-C Guidelines

Document: Generic Guidelines for Monegasque professionals Version: V.1 – 22 July 2021

Monaco has been committed to AML/CFT since the 1990s, with Law No. 1.162 of 1993 and the creation of SICCFIN in 1994. The major overhaul took place in 2009 (Law No. 1.362 and Sovereign Ordinance No. 2.318), followed by two significant updates: - 2018: Law No. 1.462 and Sovereign Ordinance No. 7.065 (alignment with the 4th European Directive) - 2020: Law No. 1.503 and Sovereign Ordinance No. 8.634 (alignment with the 5th European Directive)

Monaco has been a member of the Council of Europe since 2004 and is evaluated by MONEYVAL. The framework is aligned with the 40 Recommendations of the FATF.

Definitions of offences

  • Money Laundering: Concealing the origin of illegally acquired money to give it a legitimate appearance. Three phases: placement, layering, integration (art. 218-219 Monegasque Criminal Code).
  • Terrorism Financing: Providing, collecting or managing funds intended for a terrorist, a terrorist organisation or for the commission of terrorist acts, regardless of the origin of the funds (licit or illicit) (art. 2 Sovereign Ordinance No. 15.320).
  • Corruption: Soliciting, agreeing to or accepting a gift/advantage to perform, delay or omit an act within the scope of one's duties. Includes active and passive corruption, public and private (art. 113-122 Criminal Code).
  • WMD Proliferation: Transfer and export of nuclear, chemical or biological weapons, their delivery systems and related materials.

Scope of application (art. 1 and 2 Law No. 1.362)

The following are obliged entities, in particular: - Credit institutions, payment institutions, electronic money institutions - Financial companies and asset managers (financial activities Law No. 1.338) - Life insurance companies and insurance intermediaries (investments) - Trustees and trust or company service providers (TCSP) - Domiciliation companies / creation and management of legal entities - Gaming houses (thresholds: winnings ≥ 2,000 EUR or stake or transaction ≥ 2,000 EUR) - Manual currency exchangers, fund transmitters - Real estate agents (transactions where monthly rent ≥ 10,000 EUR) - Dealers in goods, auditors, tax advisors, chartered accountants - Legal advisors (for specific financial/real estate transactions) - Dealers in goods accepting cash (≥ 10,000 EUR) - Art dealers and intermediaries (≥ 10,000 EUR) - Safe deposit box providers, pawnbroking concession holders - Multi family offices (MFO) - Digital/virtual asset service providers (VASP/CASP) - Sports agents, crowdfunding advisors - Dealers in high-value goods (watches, jewellery, vehicles, etc.)

Also subject to obligations under certain conditions: notaries, bailiffs, avocats-défenseurs, lawyers, trainee lawyers (supervised by the Procureur Général and the President of the Bar Association).

Part 1: Risk-Based Approach — Global Risk Assessment (GRA)

The GRA is a tool for identifying, assessing and managing ML/TF-P-C risks. It forms the foundation of any AML/CFT-P-C framework. Two levels of assessment: 1. At the entity level (GRA) 2. At the individual client level (individual risk assessment)

Risk factors to consider (art. 3 Law No. 1.362): - Nature of the products and services offered - Conditions of the transactions proposed - Distribution channels used - Client characteristics - Countries and geographical areas

Formalisation: Written document, approved by management, updated annually or upon notable events. To be communicated to SICCFIN/AMSF as an annex to the annual activity report.

Part 2: Customer due diligence obligations

Three levels of due diligence:

Simplified due diligence — applicable when: - The assessed risk is low - The client is an entity referred to in art. 21 paragraph 2 of Sovereign Ordinance No. 2.318 (e.g.: regulated credit institution, company listed on a regulated market)

Standard due diligence — general case, includes: - Identification and verification of the client's identity (and agent) - Identification of ultimate beneficial owners - Gathering information on the socio-economic background - Understanding the purpose and nature of the business relationship

Enhanced due diligence — mandatory in particular when: - The assessed risk is high - The relationship is established remotely (non face-to-face) - The client/UBO is a Politically Exposed Person (PEP) - The relationship or transaction involves an HTSC (High-Threat State or Country)

Ongoing due diligence during the relationship: - Continuous monitoring of transactions - Periodic updating of client files (frequency according to risk level: 1 year for high risk, 2 years for medium risk, 3 years for low risk) - Ad hoc review upon notable changes (negative information, new UBO, etc.) - Particular examination for any complex transaction, unusually high amount, unusual pattern, without apparent economic purpose, or involving an HTSC/Non-Cooperative Country

Mandatory screening (filtering): - Against the Monegasque national list of asset freezing measures (published by the Budget and Treasury Department) - Against international sanctions lists - For all onboarding and on an ongoing basis

Thresholds triggering due diligence obligations: - Business relationship: from inception - Occasional transaction ≥ 15,000 EUR (or fund transfer) - Gaming sector: ≥ 2,000 EUR (winnings or stake or transaction) - Dealers in goods accepting cash: ≥ 10,000 EUR - Suspicion of ML/TF-P-C: always, regardless of amount

Part 3: Internal organisation obligations

AML/CFT-P-C Compliance Officer: - Mandatory appointment, must hold a senior hierarchical position - Duties: define, update, implement and monitor procedures; train staff - To be notified to the AMSF

Internal procedures: - Mandatory, written, in French - Approved by management, transmitted to the AMSF upon production or revision - Proportionate to the nature and size of the institution - Must cover all legal obligations in an operational manner

Internal control: - Permanent control (1st and 2nd levels) - Periodic control (internal audit or external consultant)

Staff training: - Continuous and regular training - Awareness for all staff - Documentation of training (register)

Internal reporting mechanism: - Internal channels to escalate suspicions to the AML/CFT-P-C Compliance Officer

Intra-group organisation: - Institutions belonging to a group must carry out their own specific GRA - Application of group standards adapted to Monegasque specificities

Part 4: Data retention

  • Retention period: 5 years from the end of the business relationship or transaction
  • Possible extension of up to 5 additional years:
  • At the initiative of the obliged entity
  • At the request of the AMSF
  • At the request of the Procureur Général / investigating judge

Part 5: Cooperation obligations with the AMSF

Annual activity report: to be submitted within 3 months following the close of the financial year (including GRA results and internal control)

Annual questionnaire: to be returned before 28 February each year

On-site and off-site inspections: The AMSF may carry out inspections at any time

Part 6: Miscellaneous provisions

  • Cash payments: specific thresholds, mandatory reporting of significant cash transactions
  • Cross-border transport of cash: mandatory declaration (≥ 10,000 EUR)
  • Precious metals and manual currency exchange: specific rules

Part 7: Registers

  • Register of Ultimate Beneficial Owners: obliged entities must identify UBOs and consult the register maintained by the State
  • Register of Trusts: specific obligations for trusts
  • Register of bank accounts and safe deposit boxes: maintained by credit institutions, accessible to the AMSF

Part 8: Sanctions

Administrative sanctions: warning, reprimand, compliance order, publication of the decision, withdrawal of authorisation, administrative fines

Criminal sanctions: applicable for failure to file a report, breach of confidentiality, failure to retain records

2. Practical Guide #3 — Suspicious Transaction Reports (STR)

Document: Practical Guide #3 – Suspicious Transaction Report Applicable regulation: as of 30 September 2023

Context

The suspicious transaction report (STR) is the "raw material" on which the Financial Intelligence Unit (FIU) of the AMSF works. It enables the initiation of criminal proceedings and contributes to international cooperation.

Three types of reports

1. ML/TF-P-C Report (art. 36 and 39 Law No. 1.362) - Trigger: suspicion or reasonable grounds to suspect, or knowledge, that a transaction involves funds linked to an offence - The term "funds" is understood broadly: proceeds of any offence punishable by imprisonment > 1 year - Attempted transactions must also be reported - Refusal of a transaction due to the client's behaviour triggers the obligation to report

2. Automatic "non-cooperative countries" report (art. 41) - Automatically triggered when a transaction involves a natural or legal person domiciled, registered or established in a country on the list of non-cooperative countries - The nationality of the person is irrelevant - Attempted transactions also trigger the automatic report - Note: to be distinguished from the HTSC list (which requires enhanced due diligence, not an automatic report)

3. Automatic "targeted financial sanctions" report (art. 42) - Automatically triggered when a transaction involves a person subject to an asset freezing measure - Prior obligation to screen all onboarding against the national asset freezing list

Persons concerned by the report

  • Potential client (prospect) and existing client
  • Natural person, legal person and ultimate beneficial owner
  • Agent
  • Client's counterparty
  • Even if the business relationship is refused

Timing of the report

Principle: before the transaction, without delay, so as not to deprive the FIU of its right of opposition.

Exception: after the transaction, only in two limited cases: 1. Postponing the transaction is not possible 2. Postponement would risk preventing the pursuit of the beneficiaries

The obliged entity must then state in the report the reason for the delay.

Transmission method: GoAML (mandatory since 1 January 2024)

  • Any report transmitted through another channel (registered letter, email, etc.) is deemed not to have been filed
  • Incomplete report or one not complying with formalities: rejected
  • The declarant is the AML/CFT-P-C Compliance Officer

Content of the report

  • The facts and indicators on which the suspicion is based
  • The timeframe within which the transaction must be executed
  • Overview of the relationship (nature, date of onboarding, PEP status if applicable, ownership structure if legal person)
  • Operation of the relationship (transactions, account activity)
  • Description and analysis of the suspicion (origin of the alert, detailed facts, analysis)

Obligations of the obliged entity

Confidentiality: Do not disclose the existence, content or follow-up of a report, even between obliged entities (except under strict exceptions between professionals of the same category or for the same client/transaction). Violation = criminal sanctions.

Supplementary report: If new information related to an already submitted STR is obtained, a supplementary STR must be submitted without delay. Failure to submit = failure to report.

Response to FIU requests: Without delay, even in the absence of an STR.

Retention: 5 years, including analyses carried out (all formalised).

FIU right of opposition: The FIU may oppose any transaction for a maximum of 5 business days from notification. Do not close an account during an ongoing STR.

Protection of the declarant

An obliged entity that files an STR in good faith benefits from immunity: - Criminal: no prosecution for malicious denunciation or breach of professional secrecy (art. 44 Law No. 1.362) - Civil: no civil liability action - Disciplinary: no professional sanction - This protection applies even if the reported facts are not proven or resulted in a dismissal

3. Practical Guide #2 — Global Risk Assessment (GRA)

Document: Practical Guide #2 – Global Risk Assessment Version: 30 September 2023 Co-published by: AMSF and the Bar Association Council

Definition and obligation

The GRA is the process by which obliged entities identify the threats and vulnerabilities to which they are exposed, and assess the likelihood and impact of ML/TF-P-C risks on their business. It is mandatory under art. 3 of Law No. 1.362, as amended.

Basic formula:

Inherent risks – Mitigation measures = Residual risks

Formal requirements

  • Documented and written (paper or digital)
  • Methodology explained and justified
  • Concluded by a result (overall risk level)
  • Approved by a senior manager (signed document or recorded in a dedicated meeting)
  • Available to the AMSF / Bar Association Council upon request
  • Specific to the entity (a generic non-adapted GRA does not meet the requirements)
  • Entities belonging to a group must carry out their own local GRA

The 5 steps of the GRA

A. Analysis of inherent risks

Five categories of factors to be analysed mandatorily (art. 3 Law No. 1.362):

Category Examples of increased risk factors
Clients PEPs, complex legal entities, trusts, remote clients, NPOs, clients in high-risk sectors (arms, extractive, construction, gaming), resistance to providing information
Products/services Cash, virtual assets, fund transfers, fiduciary products, omnibus accounts, loans secured by offshore assets, discretionary management
Geographical areas HTSCs, Non-Cooperative Countries, countries on the FATF blacklist/greylist, countries with high corruption rates, countries under embargo, offshore jurisdictions non-compliant with tax requirements
Distribution channels Remote relationships (non face-to-face), unregulated intermediaries, business introducers, mobile banking, hold mail
Transactions High amounts, abnormal frequencies, multi-jurisdictional transactions, cash, cryptocurrencies, unusual patterns

Complementary factors: new products/technologies, outsourcing, size and form of the structure.

B. Analysis of mitigation measures

Assess the effectiveness of policies, procedures and controls in place against the identified inherent risks.

C. Readjustment (action plan)

  • Calculate residual risks
  • Verify adequacy with the entity's risk appetite
  • Define corrective measures: increase in resources, new controls, modification of client risk classification

D. Adoption

  • Formalise in a written document
  • Approval by management
  • Communicate results to all staff

E. Continuous monitoring and review

  • Minimum annual review
  • Ad hoc review upon: new threats, changes to the business model, new regulations, modification of activity, launch of a new product, new client country, new technology

Weighting and scoring

  • No standardised method imposed
  • Avoid overweighting one factor, underestimating high-risk factors, influence of commercial considerations on weighting
  • If using an external automated tool: ensure understanding of the provider's methodology and its compliance with Monegasque regulations

4. Practical Guide #4 — Internal Procedures

Document: Practical Guide #4 – Internal Procedures Version: 1 January 2025

Obligation and format

All obliged entities (art. 1 and 2 Law No. 1.362) must produce and implement internal procedures. These procedures must be: - Operational (not theoretical) and applicable in practice - In French - Proportionate to the nature and size of the institution - Approved by a member at a senior level of the hierarchy (date + signature or recorded decision) - Transmitted to the AMSF upon production or revision (acknowledgment of receipt within 1 month). Failure to transmit = risk of administrative sanction - A history of updates must be maintained

Mandatory content of procedures

Scope of the AML/CFT-P-C framework:

  1. Global risk assessment: form, methodology, responsible person, approval and update procedures

  2. Internal organisation: identification of the AML/CFT-P-C Compliance Officer, their duties, hierarchical level, autonomy

  3. Internal control: organisation of control levels (permanent and periodic), coordination between departments

  4. Training and awareness: responsible person, materials, frequency, persons concerned, participation tracking

  5. Scope of application: determination of cases triggering due diligence obligations, applicable thresholds by activity

Implementation of the framework:

  1. Risk-based/client approach: method for assigning risk level (low/medium/high), based on the GRA

  2. Due diligence levels: detailed diligence by level (simplified, standard, enhanced)

  3. Client identity identification and verification: documents collected, reliable sources (PRADO, RCI...), handling of agents

  4. Ultimate beneficial owner identification: definitions by type of vehicle (legal entity, trust, association, foundation), documents collected, verification

  5. Client knowledge: formalisation (summary sheet, grid, IT tool), information sources, analysis

  6. PEP: definitions, legal criteria (art. 17-17-3 Law No. 1.362, art. 24 Sovereign Ordinance No. 2.318), identification procedures at onboarding and during the relationship, loss of PEP status

  7. High-risk countries (HTSC/Non-Cooperative Countries): list updates, frequency, assessment of client links to high-risk countries

  8. Remote identification: acceptance or non-acceptance policy, specific diligence, means and tools, applicable enhanced due diligence measures

  9. Particular examination: definition, triggering criteria (complex transaction, unusually high amount, unusual pattern, without economic purpose, involving HTSC/Non-Cooperative Countries), formalisation and validation procedures

  10. Specific examination: acceptance policy for high-risk clients, formalisation of approval by a senior member of the hierarchy (PEP, remote identification, HTSC/Non-Cooperative Countries)

  11. Ongoing due diligence: review frequency by risk level (e.g. low = 3 years, medium = 2 years, high = 1 year), triggers for ad hoc review, transaction monitoring, formalisation

  12. Targeted financial sanctions (freezing): screening process at onboarding and during the relationship, frequency of list updates

  13. Suspicious transaction report: internal escalation procedure, role of the AML/CFT-P-C Compliance Officer, transmission via GoAML, supplementary reports, confidentiality obligation

  14. Data retention: retention period (5 years), retention arrangements

Recurring errors identified by the AMSF

On form: - Procedures not transmitted to the AMSF - Absence of formalised approval or update history - Procedures not written in French - Copy-pasted procedures without adaptation to the institution's context

On substance: - Theoretical procedures not reflecting actual practice - Absence of UBO definition for all types of legal structures - Absence of specific PEP procedures - Procedures not distinguishing between ML and TF - Absence of clear methodology for assigning client risk level - Ongoing due diligence not defined (frequency, triggers) - Procedures not updated following legislative changes

5. Thematic Guide — Politically Exposed Persons (PEP)

Document: Thematic Guide – Politically Exposed Persons Version: 10 July 2024

A PEP is a person who holds or has held prominent public functions, in particular: - Heads of State - Members of governments - Members of parliamentary assemblies - Members of supreme courts, constitutional courts or other high-level judicial bodies - Leaders and senior officials of political parties - Members of courts of auditors and central bank boards - Ambassadors, chargés d'affaires, senior officers of the armed forces - Members of the administrative/management bodies of state-owned enterprises - Directors, deputy directors and members of the board of an international organisation

Important: The list is not exhaustive. Assessment on a case-by-case basis (e.g.: a mayor may be classified as a PEP depending on their level of power and the budget controlled). The regime applies to both domestic and foreign PEPs.

PEP status indicates an increased risk, not a reprehensible act in itself.

Family members (art. 24 Sovereign Ordinance)

  • Spouse or person living in a marital relationship with the PEP
  • Partner linked by a civil partnership or cohabitation agreement
  • Direct ascendants and descendants, as well as their spouse/partner

Close associates

  • Persons identified as joint UBOs with the PEP in a legal entity, FCP, trust or legal arrangement
  • Business partners or associates notoriously known to share beneficial ownership or linked to the board of directors
  • Sole beneficial owners of a legal entity/trust known to have been established for the benefit of the PEP

Risks of family members and close associates: - The PEP may use these persons to carry out illicit transactions on their behalf, to conceal their involvement - Illicit actors may target close associates to influence the PEP

Duration of PEP status

A PEP who leaves office does not automatically lose their status. The obliged entity assesses residual risks taking into account: - The level of influence still exercised - The seniority of the position - The corruption potential of the previous role - Links between past and current functions - The nature of the relationship with the client (e.g.: former separated associates)

This post-PEP period must be assessed individually.

Obligations towards PEPs

Step 1: Identification and analysis - Implement procedures to identify whether a client, UBO or agent is a PEP (at onboarding and during the relationship) - Information sources: public/private databases, specialised providers (PEP screening) - Manual or automated mechanisms depending on the size of the clientele - Verification during the relationship as part of ongoing due diligence

Step 2: Origin of wealth and funds - Take adequate measures to establish the origin of wealth (Wealth of Origin): activities that constituted the total assets (inheritances, investments, income, business ownership) - Establish the source of funds (Source of Funds): direct source of the funds used in the business relationship - These two concepts are distinct and must be documented separately - In case of high risk: request supporting documents (financial statements, court decisions, documents issued by authorities, documents from regulated providers)

Step 3: Approval by a senior member of the hierarchy - Mandatory before entering into a relationship with a new PEP - Mandatory when an existing client becomes or is newly identified as a PEP - The approving member must have sufficient competence and decision-making authority (not necessarily a board member) - Formalise the approval in the decision-making process

Step 4: Ongoing enhanced due diligence - More frequent review of the client file (e.g. every 6 months or annually) - Updating identification information - Transaction monitoring (manual or automated)

Special case: life insurance policies - Before paying out sums or exercising any rights under the contract, verify whether the beneficiary or their UBO is a PEP - If PEP identified: inform a senior member of the hierarchy and consider whether an STR should be filed

Training: AML/CFT training programmes must cover PEP management.

PEP status does not automatically trigger an STR — suspicion assessment is required.

PEP red flags (non-exhaustive indicators)

  • Declared wealth disproportionate to the function held or known legitimate income
  • Transactions without economic justification or inconsistent with the declared profile
  • Use of opaque structures (offshore trusts, shell companies) without apparent economic reason
  • Attempt to conceal the PEP's identity (use of nominees)
  • Unusual payments to family members or close associates
  • Resistance to providing documents on the origin of funds/wealth
  • Transactions to/from jurisdictions with high corruption risk
  • Negative media information
  • Countries with high levels of corruption according to Transparency International
  • Countries with a history of public fund embezzlement
  • Countries under sanctions or embargoes
  • Countries whose legislation on public officials' assets is insufficient

6. Guide — Private Banking and Wealth Management

Document: Guide – Private Banking and Wealth Management Version: 10 July 2024

Context and sector risks

Private banking and wealth management services expose institutions to specific ML/TF risks due to: - Culture of confidentiality: attractive to potential money launderers - Complex structures: offshore trusts, shell companies, multi-jurisdictions - Product complexity: discretionary management, offshore funds, loans secured by foreign assets - High-value transactions: large and rapid international wire transfers - Multi-jurisdictional involvement: high proportion of non-resident clients (MC risk = foreign clients) - PEPs and corruption risks: Monaco is an international financial centre oriented towards HNWIs

Vulnerabilities identified in Monaco: - High percentage of foreign nationals among private banking clients - High volume of international wire transfers

AMSF expectations for private banking

  • GRA adapted to the specific private banking/asset management profile
  • Assessment of inherent client risks
  • Policies and procedures aligned with AML/CFT obligations
  • Rigorous CDD including identification/verification of UBOs and complex structures
  • EDD for high-risk clients
  • Continuous transaction monitoring with adapted systems (differentiated thresholds by risk level)
  • Specialised AML/CFT training for private bankers

GRA risk factors specific to private banking

Category High-risk factors
Products/services Significant cash transactions, international wire transfers, offshore funds, loans secured by foreign assets
Clients HNWIs, PEPs, clients with complex structures, multi-jurisdictional, bearer shares, nominee directors/shareholders, agents, high-risk sectors (arms, extractive), virtual assets
Channels Internet banking, hold mail, mobile banking, business introducers/intermediaries, remote onboarding
Geography Countries under sanctions (TF/PF), FATF blacklist/greylist, offshore jurisdictions, tax non-compliance, corruption, organised crime
Transactions Loans to foreign jurisdictions, multiple intermediaries, virtual assets, movements to/from high-risk areas

Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)

CDD includes: - Know Your Customer (KYC) - Client and UBO screening - Client risk assessment - Ongoing due diligence

EDD (for high-risk clients) — key elements: - Additional client information - Nature and reasons for planned transactions - Origin of wealth (Wealth of Origin): the complete history of the client's assets - Source of funds (Source of Funds): origin of the specific funds in the business relationship - Enhanced monitoring (increased frequency of controls) - Approval by a senior level of the hierarchy

These two concepts are distinct and must be requested separately.

Review of client self-declaration: No automatic acceptance of vague responses such as "employment" or "salary" — request details and supporting documents proportionate to the risk.

Periodic CDD review for high-risk clients: at least once per year.

PEP management in private banking

  • Risk management systems to detect PEPs (clients and UBOs)
  • PEP screening at onboarding and on an ongoing basis
  • Automatic classification of PEP clients as high risk
  • Onboarding subject to approval by a senior level of the hierarchy
  • EDD applicable to family members and close associates of PEPs

Complex structures

  • Systematic in-depth analysis for any complex structure
  • Understanding the complete ownership chain
  • Assessment of the legitimacy of the structure (particularly multi-level offshore)
  • For trusts: identification of the settlor, trustee(s), beneficiaries, protector

Red Flags (alert indicators) for private banking

  • Wealth predominantly originating from unregulated virtual assets
  • Account opened with no connection to the Principality
  • Non-resident accounts without documentary evidence of the origin of wealth
  • Account with power of attorney in favour of a third party for an HNWI
  • Multi-level structures without economic justification
  • Offshore entities in opaque jurisdictions
  • Structures not subject to CRS/FATCA reporting obligations
  • Use of structures in jurisdictions different from the UBO's tax residence
  • Transactions to high-risk jurisdictions without justification
  • Repeated marketing fees or services that are difficult to verify
  • Intensive use of cash
  • No interest in return on investment

7. Guide — Terrorism Financing (TF)

Document: Awareness Guide on Terrorism Financing for the private sector Version: 30 September 2023

Monegasque context

Monaco conducted a National Risk Assessment related to TF in 2021 (updated 2023). The overall TF risk in Monaco is moderately low. The risk of transit of terrorism-related funds is moderately high (increased exposure of Monaco as an international financial centre).

Identified risk scenarios (NRA TF 2023):

Scenario Inherent risk Residual risk
Transfers to/from high-risk jurisdictions Moderately high Low
Clients/UBOs financing terrorism High Low
Terrorism financiers as UBOs of legal entities Moderately low Low
Cash and traveller's cheques for terrorist purposes Moderately high Moderately low
Correspondent banking Low Low
Donations to foreign NPOs Moderate Low
High-value goods for terrorist purposes Moderately high Low
Terrorist infrastructure in the Principality Low Low

Definition of Terrorism Financing

Art. 2 Sovereign Ordinance No. 15.320 and art. 391-7 Criminal Code: Providing, collecting or managing funds intentionally and directly or indirectly, knowing or intending that they will be used by a terrorist, a terrorist organisation or to commit acts of terrorism.

Key difference from ML: - ML: focuses on the origin of funds (always illicit) - TF: focuses on the use of funds (origin may be licit or illicit) - TF is a linear process (Collection → Retention → Movement → Use); ML is circular

Terrorism financing process

Collection: Direct donations (individuals, NPOs, companies, States), criminal activities (drug trafficking, fraud, cybercrime), diverted legitimate income, natural resources in controlled areas

Retention: Bank accounts, prepaid cards, cash, high-value goods (art, antiques, precious metals, vehicles), virtual assets

Movement: Banking sector, fund transfers (MSB), informal systems (hawala), exchange offices, clandestine transport, virtual assets, cryptocurrencies

Use: Weapons, equipment, travel, training, recruitment, communication/propaganda, accommodation, family financing

ML/TF similarities and differences

Criterion Money Laundering Terrorism Financing
Origin of funds Illicit Licit or illicit
Objective Legitimise funds Finance activities
Process Circular Linear
Concealment Required Not always necessary
Amounts Often high Can be very modest

Red flags: - Fundraising through NPOs (anonymous donations) - ML methods used to move funds - Purchases inconsistent with the person's profile - Fund movements to/from conflict zones or neighbouring regions - Transactions linked to individuals known for radical sympathies - Income from legitimate sources but transferred to third parties without justification

AMSF expectations regarding TF

  • GRA expressly distinguishing ML risk and TF risk
  • Internal policies and procedures specific to TF
  • Training and awareness specific to TF
  • Assessment of inherent client risks (including TF)
  • Onboarding checks and transaction monitoring (TF)
  • Transaction monitoring systems detecting TF signals
  • Controls for risks related to TF/Proliferation Financing (PF)/Targeted Financial Sanctions (TFS)
  • Statistics on TF-specific alerts, particular examinations and TF-related STRs

8. Practical Guide #5 — Ultimate Beneficial Owners and Complex Structures

Document: Practical Guide #5 – Ultimate Beneficial Owners and Complex Structures Date of publication: May 2025

Context

The 2023 Legal Persons Risk Assessment confirms a moderately high residual risk level for legal persons in Monaco. Approximately 22,000 legal persons registered. Civil companies, SARLs and SAs are the most at risk. Complex structures are a frequent technique used by criminal groups to: - Conceal the identity of the true UBOs - Hide assets - Collect and retain the proceeds of crime - Transfer those proceeds to other jurisdictions

Definition of Ultimate Beneficial Owner (art. 21 Law No. 1.362)

The UBO is: - a) The natural person(s) who ultimately own(s) or control(s) the client - b) The natural person(s) on whose behalf a transaction is carried out - c) The natural person(s) who ultimately exercise(s) effective control over a legal person or legal arrangement

The UBO is always a natural person, never a legal person.

UBO identification by type of structure

Legal persons (SARL, SCI, SAM, SCS, SNC, SCA...):

  1. Primary criterion (25% threshold): Natural person holding directly or indirectly ≥ 25% of the share capital or voting rights

  2. In case of doubt or absence of a 25% holder: Natural person effectively exercising control by any other means (management bodies, direction, administration or general meeting)

  3. As a last resort (no identifiable UBO + no suspicion): Principal manager (managing director, delegated administrator, CEO) or equivalent under foreign law

Nominee shareholder or director: Is NEVER the beneficial owner of the legal entity by virtue of shares held or functions exercised as nominee.

Trusts and legal arrangements (art. 15 Sovereign Ordinance No. 2.318): - Settlor: owner of the assets transferred - Trustee(s): holds and administers the assets - Beneficiary(ies): persons in whose interest the trust is managed - Protector (if applicable): person exercising control over the trustee - Any other natural person exercising effective control

Monegasque foundations: Identification of board members + founders + beneficiaries

Associations: Board members, presidents, treasurers, beneficial owners of donations/assets

Complex structures

Operational definition adopted by the AMSF: - Structure with 3 or more levels of ownership between the account holder and the UBO - OR structure with fewer than 3 levels but where it is difficult to determine the UBO due to its opacity (non-public information, lack of transparency, foreign company or trust, foreign cooperation required, registered owner is a professional)

Red flags for complex structures: - Complex configuration without economic justification - Use of shell companies in opaque jurisdictions - Use of nominees (nominee directors/shareholders) - Multi-level structures involving multiple jurisdictions - Limited accessibility of ownership information - Shareholder or director is itself a legal entity or trust - Refusal to provide information on the ownership chain

Monegasque law allows the creation of: - Commercial companies: SARL, SCS, SNC, SCA, SAM - Civil companies: SCI, SCP, SAM with civil purpose - Economic interest groupings (GIE) - Foundations (Law No. 56 of 29/11/1922) - Associations and federations of associations (Law No. 1.355 of 23/12/2008)

Trusts cannot be established in Monaco but may be transferred to or used in Monaco (asset management).

Main obligations (art. 4-1, 4-3, 5, Section V Law No. 1.362; Chapters II-III Sovereign Ordinance No. 2.318)

  1. Understand the ownership structure of the client (complete chain)
  2. Identify the legal person: name, legal form, registered office, registration number, legal representative
  3. Verify the information (RCI extract, articles of association, deeds, list of shareholders and directors)
  4. Identify the UBO(s) in accordance with the rules for each type of entity
  5. Verify the identity of the UBO (same as for a natural person: photo ID + proof of address)
  6. TFS screening: all UBOs, directors, agents must be screened against sanctions lists
  7. Update ownership data and UBOs during the relationship
  8. Internal procedures explicitly covering UBO and complex structure issues
  9. Retention of information and documents (5 years)
  10. Suspicious transaction report if unable to identify the UBO or in case of suspicion

If the UBO cannot be identified or verified: do not establish or maintain the business relationship. If the relationship already exists: consider terminating the relationship and filing an STR.

9. Presentation — Ultimate Beneficial Owners and Complex Structures

Document: Presentation of Practical Guide on UBOs and Complex Structures Date: 26 June 2025

Main points of the presentation

Applicable texts: art. 4-1, 4-3, 5, Section V Law No. 1.362, as amended, and Chapters II-III Sovereign Ordinance No. 2.318, as amended.

Inspection context: Since 2023, the UBO and complex structures theme has been a recurring topic in AMSF inspection missions following the 2023 Legal Persons NRA. Residual risk: moderately high.

Objectives of Practical Guide #5: - Summarise AML/CFT-P-C obligations relating to UBOs - Develop practical reflexes - Provide multiple examples and alert indicators

Guide structure: 1. Risks related to UBOs and complex structures 2. Concepts of UBO and complex structure 3. Applicable legal and regulatory framework 4. Risk indicators and illustrations by type of entity

AMSF findings during inspections: - Shortcomings in the exhaustive identification of an ownership or control chain - Difficulties in identifying the true UBO (behind nominees, screens, etc.) - Incomplete or non-operational procedures on UBO matters

Recommended practical identification steps: 1. Identify the type of client structure/entity 2. Apply the UBO identification rules specific to that type 3. Collect relevant documents to verify the structure 4. Identify and verify the UBO(s) (same treatment as natural persons) 5. Apply TFS controls to all stakeholders 6. Formalise in the client file 7. Update upon changes