The Monetary Authority of Singapore (MAS) has completed a series of bank inspections targeted at 1MDB-related fund flows known to-date. The latest inspections of Credit Suisse and UOB revealed several breaches of anti-money laundering (AML) requirements and control lapses. These include weaknesses in conducting due diligence on customers and inadequate scrutiny of customers’ transactions and activities. MAS did not however detect pervasive control weaknesses within these banks.
MAS has imposed on Credit Suisse and UOB financial penalties amounting to S$0.7 million and S$0.9 million respectively for breaches of MAS Notice 626 - Prevention of Money Laundering and Countering the Financing of Terrorism. It has directed the banks to appoint independent parties to assess and confirm to MAS that rectification measures have been effectively implemented. MAS has also instructed the management of Credit Suisse and UOB to take disciplinary measures, where appropriate, against errant staff. The banks are currently taking measures to address the weaknesses identified and strengthen their AML controls.
MAS Notice 626 paragraph 12 provides guidance on "Record Keeping". It states that:
12.1 A bank shall, in relation to all data, documents and information that the bank is required to obtain or produce to meet the requirements under this Notice, prepare, maintain and retain records of such data, documents and information.
12.2 A bank shall perform the measures as required by paragraph 12.1 such that:-
(a) all requirements imposed by law (including this Notice) are met;
(b) any individual transaction undertaken by the bank can be reconstructed (including the amount and type of currency involved) so as to provide, if necessary, evidence for prosecution of criminal activity;
(c) the Authority or other relevant authorities in Singapore and the internal and external auditors of the bank are able to review the bank's business relations, transactions, records and CDD information and assess the level of compliance with this Notice; and
(d) the bank can satisfy, within a reasonable time or any more specific time period imposed by law or by the requesting authority, any enquiry or order from the relevant authorities in Singapore for information.
12.3 Subject to paragraph 12.5 and any other requirements imposed by law, a bank shall, for the purposes of record retention under paragraphs 12.1 and 12.2, and when setting its record retention policies, comply with the following record retention periods:-
(a) for CDD information relating to the business relations, wire transfers and transactions undertaken without an account being opened, as well as account files, business correspondence and results of any analysis undertaken, a period of at least 5 years following the termination of such business relations or completion of such wire transfers or transactions; and
(b) for data, documents and information relating to a transaction, including any information needed to explain and reconstruct the transaction, a period of at least 5 years following the completion of the transaction.
12.4 A bank may retain data, documents and information as originals or copies, in paper or electronic form or on microfilm, provided that they are admissible as evidence in a Singapore court of law.
12.5 A bank shall retain records of data, documents and information on all its business relations with or transactions for a customer pertaining to a matter which is under investigation or which has been the subject of an STR, in accordance with any request or order from STRO or other relevant authorities in Singapore.
If you are a Financial Institution that:
has deployed Microsoft Lync/Skype for Business or is considering to deploy Lync/Skype for Business and
has a requirement to be compliant with the requirements outlined in MAS Notice 626 paragraph 12,
We recommend the Verba Recording System (VRS) to meet your needs.
Verba offers a complete Collaboration and Compliance Recording solution for Skype for Business.
Here's how Verba Recording System ensures recording service availability and quality:-
The Verba High Availability design achieves loss-less recording including recording for mid call failover.
Trigger recording alarm notification for missing Media or Signaling processing: Media file cannot be open for writing, not supported codecs, missing RTP stream. API/SIP does not respond as expected, closes recording session prematurely and provides error reason.
Provides option for Call Blocking on Recording Failure. Fail-close behavior when recording is not possible (blocks calls to avoid compliance issues with not recorded conversations).
Lync/Skype for Business CDR reconciliation provides missed call recording reports by comparing with Lync/Skype for Business database.
Lync/Skype for Business Audio Announcement Service for inbound & outbound calls for PSTN, Federated; and Audio & IM Announcement Service for Conference Meetings.
Audio Quality Check with alert notification to identify poor quality recorded calls.
Storage Policy Monitoring to ensure all recorded calls have successfully been archived to external storage devices.
File Storage Verification Check to ensure that the archived media are well maintained with Verba Media inventory checks.
Comprehensive Reporting such as the following are available out-of-the-box.
Not Recorded and Incorrect Conversation Details
CDR Reconciliation Summary
Users CDR Reconciliation Summary
User Instant Messaging Details
Users Without Recording
And many more
Are you a financial institution considering to deploy Skype for Business but is concerned about meeting the Compliance Guidelines outlined by MAS? Drop us an email at firstname.lastname@example.org or call us at +65 3159 1122 to discuss about your requirements today.
We will be holding a webinar on this topic on 31 Oct 2017. Please reserve your seat now.