The updated AML/CTF regime includes the Proceeds of Crime Law, as amended, (2017 Revision) (POCL), the Anti-Money Laundering Regulations, 2017, as amended, (AML Regulations), the Terrorism Law (2017 Revision), as amended, and the Guidance Notes on the Prevention and Detection of Money Laundering and Terrorist Financing in the Cayman Islands dated December 2017 (Guidance Notes). The Guidance Notes provide practical guidelines that represent best practice for the development of AML/CTF procedures in line with international standards.

Key Changes under anti-money laundering Regulations

  1. Relevant Financial Business

The scope of the AML/CTF regime is defined by reference to “relevant financial business”. This continues to be the case, however, the term is now defined by reference to the POCL instead of the AML Regulations, with the definition of “relevant financial business” now including: (i) “Otherwise investing, administering or managing funds or money on behalf of other persons” and (ii) “Underwriting and placement of life insurance and other investment related insurance”. While the expanded definition continues to cover the traditional financial service providers such as regulated mutual funds, trusts business and banking business, it now brings unregulated investment entities (specifically, private equity funds), insurance entities and finance vehicles such as CLOs within the scope of the AML Regulations.

  1. Additional Obligations

The requirements relating to maintaining client identification and verification procedures, reporting of suspicious activity, internal control procedures, staff training, appointing a Money Laundering Reporting Officer and Compliance Officer (now termed Anti-Money Laundering Compliance Officer) remain under the AML Regulations. However, the AML Regulations introduce the following additional requirements:

  • designating a Deputy Money Laundering Reporting Officer;
  • screening employees when hiring to ensure high standards;
  • adopting a risk-based approach (see below); and
  • checking against all applicable sanctions lists and observing the list of countries, published by any competent authority, which are non-compliant, or do not sufficiently comply with the FATF recommendations.
  1. Risk-Based Approach

The AML Regulations introduce a risk-based approach, including the requirement that a person carrying out relevant financial business conduct a business risk assessment of products, services, transactions, delivery channels or new or developing technology risks to identify, assess, and understand its money laundering and terrorist financing risks in relation to its customers and the country or geographic area in which the customer resides or operates. Risk assessments must be documented, monitored and kept current and must also incorporate policies and procedures approved by senior management which enable such person to manage and mitigate any risks identified.

The risk-based approach leads to simplified or enhanced customer due diligence (CDD) procedures being applicable depending on whether lower or higher risks, respectively, are identified.

  1. Simplified Due Diligence

On the application of a business risk assessment, where a customer relationship has been assessed as lower risk, persons conducting relevant financial business are permitted to apply simplified CDD procedures. Lower risk customers are required to be identified, but verification documents are not necessary.

Any assessment of lower risk by a financial service provider has to be consistent with the findings of the Anti-Money Laundering Steering Committee (being a body created under the POCL) or any other supervisory authority.

The types of customers to which simplified CDD may be applied include the following:

  • Cayman Islands entities that are financial service providers and subject to the AML Regulations;
  • government organisations, statutory bodies or government agencies of foreign countries and territories which are recognised by the Cayman Islands as having an equivalent AML/CTF regime (Approved Countries);
  • entities which are regulated in an Approved Country;
  • companies listed on a recognised stock exchange; and
  • customers introduced through an intermediary (Eligible Introducer), when such Eligible Introducer provides detailed written assurances with respect to CDD on the customers.

The commonly used exemption to CDD applicable to electronic payments (where a transaction is funded from a bank account in the name of the customer in an Approved Country) survives only partially under the AML Regulations. The AML Regulations now require basic customer details to be obtained upon receipt of payment, but verification of CDD to be obtained before onward payment.

  1. Enhanced Due Diligence

On the application of a business risk assessment, where a customer relationship has been assessed as higher risk, persons conducting relevant financial business are required to apply enhanced CDD procedures (i.e. beyond standard CDD).

Enhanced CDD must also be applied to politically exposed persons (PEPs) and their family members and close associates, or where a customer or an applicant for business is from a foreign country that has been identified by credible sources as having serious deficiencies in its AML/CTF regime or a prevalence of corruption.

Examples of enhanced CDD measures include, among other things, obtaining additional information on the customer, the intended nature of the business relationship and the source of funds and also updating such information more frequently.

  1. Beneficial Owners

The AML Regulations contain specific requirements to identify beneficial owners and legal arrangements and to apply a risk-based approach to conducting CDD on existing relationships.

  1. Approved Countries

The list of Approved Countries is no longer maintained as a schedule to the AML Regulations (previously referred to as Schedule 3), but is now approved by the Anti-Money Laundering Steering Committee and can therefore be amended without the need to pass formal legislation.

  1. Increase in AML Penalties

Any person who breaches the AML Regulations commits an offence and is liable on summary conviction to a fine of up to CI$500,000 (a substantial increase from CI$5,000 under the previous regulations) or on conviction on indictment to a fine (which is unlimited) and imprisonment for two years.

In addition, the Monetary Authority (Amendment) Law, 2016 and the Monetary Authority (Administrative Fines) Regulations, 2017 give the Cayman Islands Monetary Authority (CIMA) the power to impose administrative fines for non-compliance with the AML Regulations. The fines range from CI$5,000 for minor breaches to CI$100,000 (for individuals) and CI$1,000,000 (for entities) for very serious breaches. Fines for ongoing minor breaches can be applied on a continuous basis up to a maximum of CI$20,000. CIMA will have six months from becoming aware of a minor breach to impose a fine. The time limit is two years for breaches described as serious or very serious.

At first glance, the updated AML/CTF regime may cause one to think that the entire regime has been overhauled, however, this is not the case. Many of the changes, although now codified in the Cayman Islands, are not really new per se. The market trend in recent years has been to adopt a risk-based approach, apply enhanced CDD when appropriate, apply AML/CTF procedures to unregulated funds (even though they were out of scope) and conduct CDD on beneficial owners. In addition, a regulated investment fund continues to be able to comply with its AML/CTF obligations by delegation to and reliance on a suitable party (including the Anti-Money Laundering Compliance Officer, the Money Laundering Reporting Officer and the Deputy Money Laundering Reporting Officer). Therefore, many entities conducting relevant financial business will already be compliant with the AML Regulations.

Next Steps

Although changes may not be necessary, we would recommend that current AML/CTF policies and procedures or any delegation/reliance arrangements be reviewed to ensure that they are consistent with the new requirements.

Entities that are newly subject to the AML Regulations have until 31 May 2018 to implement appropriate AML procedures or to implement a delegation/reliance arrangement. There is no sector- specific guidance in the Guidance Notes for some businesses now caught by the AML Regulations, including unregulated investment funds and structured finance vehicles, but such guidance is currently being developed by CIMA and will be published in due course.

Twitter LinkedIn Email Save as PDF
More Publications
27 Sep 2023

De-SPACs back in favour?

With a noticeable uptick in new de-SPAC mandates, Appleby Cayman Islands partner Dean Bennett provid...

16 Aug 2023

Bondholder Litigation Under the Spotlight in the Offshore Jurisdictions

Can an ultimate beneficial owner of notes file a winding up petition against the issuer? In this ar...

2 Aug 2023

Reliance on the Merger Price in Cayman Appraisal Actions

Andrew Jackson, Damon Booth, Barry Isaacs KC and Toby Brown consider the use of the merger price to ...

25 Jul 2023

Loans & Secured Financing in the Cayman Islands 2023

A Q&A guide that provides a topical analysis of loans & secured financing in the Cayman Islands.

17 Jul 2023

Re HQP Corporation Limited (in Official Liquidation) – A Lifeline for Unredeemed Investors in Cases of Substantial Corporate Fraud

Given the Cayman Islands’ status as a leading offshore financial centre and home to a very signifi...

13 Jul 2023

Grand Court takes novel approach in crypto winding up proceedings brought by retail investors

On 7 July 2023, the Honourable Justice Kawaley issued a winding-up order in the Financial Services D...

18 May 2023

The 2023 Cayman Islands Real Estate Guide

The Real Estate 2023 guide provides the latest legal information on the impact of disruptive technol...

26 Apr 2023


Segregated portfolio companies (SPCs) are frequently used in Cayman Islands (re)insurance structures...