Privacy and Policy

INTRODUCTION

This policy is set up as a TML AML/CFT guideline on the implementation of TML e- Services and its related products.

Legal Provisions:

This document is issued pursuant to:

  1. Section 16, 18, 19, 66E and 83 of the Anti-Money Laundering, Anti- Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA); and
  2. Section 74 of the MSBA

Applicability

This document is applicable to TML Remittance Centre Sdn Bhd and all of its branches and designated persons which carry remittance services via e-services.

Relationship with Existing Policies

This document shall be read together with

  1. Anti-Money Laundering, Countering Financing of Terrorism, Countering Proliferation Financing (AML/CFT/CPF) Policy Document dated 5th February 2024.
  2. TML Internal AML/CFT Policies and Procedures
  3. Other documents issued by TML Remittance Centre Sdn Bhd relating to Compliance with AML/CFT requirements and Guidelines issued by BNM for Money Services Business

Definition and Interpretation

E-services. Refers to e-commerce transaction services for handling online orders, application hosting by application service providers (ASPs) and any processing capability that is obtainable on the Web such as Web Online, Mobile Applications, e-Wallet etc.

Application

  1. TML shall set and ensure effective implementation of appropriate policies and procedures to address any specific risk associated with the implementation of e-Services which include the implementation of enhanced monitoring and reporting mechanism to identify potential money laundering and terrorism financing (ML/TF) activities. TML shall adopt Risk Based Approach (RBA) for transactions monitoring based on TML risk assessment. While conducting the Risk Assessment, TML will take into consideration indicators such as geographical location, customer profile amount and volume of transactions according to TML risk appetite.
  2. TML must ensure and able to demonstrate on a continuing basis that appropriates measures for the identification and verification of a customer who use e-services are effective.
  3. TML shall comply with the CDD requirement as per BNM requirements to ensure TML can effectively identify, verify and monitor its customers and understand the risk pose by its customers. TML and its designated persons must:
    1. Identify the customers and verify customer’s identity using reliable documents, data and information.
    2. Identify beneficial owner and take reasonable measure to identify beneficial owner such that TML is satisfied that it knows who the Beneficial owner is
    3. Understand and obtain information of the purpose and intended nature of business relationship
    4. Conduct on going due diligence on High-Risk e-services customers and scrutinize transactions through the course of relationship to ensure that the business are consistent with TML knowledge of the customers including source of fun
  4. TML shall take measures including, but not limited to the following, to identify and verify a customer’s identity:
    1. Establish first time face to face contact with a customer
    2. Verify customer information using independent documents, data and information.
    3. Request, sight and maintain records of customer documents during on boarding process
    4. Clearly define parameters for higher risk customers that are not allowed to transact with reporting institution through e-Services. (refer TML e- Services Red Flags and Parameters)
  5. TML methods in identifying and verifying customer’s identity are, but not limited to, as follow:
    1. Conduct first time face to face over the counter process before setting up customer membership registration
    2. Communicate with customer verified residential or office address where such communication must be acknowledged by customer
    3. Verify customer information against database maintained by relevant authorities including sanction lists database maintained in REMITX System: or
    4. Request to sight additional documents
  6. TML must ensure that on-going due diligence are conducted on High-Risk Customers and ensure customer’s information are kept up to date.
  7. The degree and nature of monitoring by TML will depend on the ML/TF risks that TML faces based on identified risk associated with the customer such as product use, send country and the transactions conducted by the customer.
  8. TML must ensure the systems and technologies developed and used for the purpose of establishing business relationship using e-Services have proven capabilities to support an effective AML/CFT compliance program. This includes periodic review by TML on the system used.

Mobile Apps and Web Online: KYC Process

  1. TML shall ensure that the system use for e-Services are able to detect customer’s location such as ensure that Geo Locations on Mobile Apps are working as per BNM requirement and ensure TML are able to identify IP address for Web Online transactions and to have periodic review to identify customer’s location.
  2. TML shall define the monetary threshold within it system for e-Services products. The defined thresholds and the monitoring system used are require to be review periodically and to be update when require in order to increase its controls to manage the ML/TF risks.
  3. TML shall comply with the following requirements of monetary threshold for remittance transactions performed using e-Services:
    1. For remittance transactions performed by an individual (including an expatriate), a total transaction limit not exceeding an aggregate amount of RM30,000 per day shall be observed, unless otherwise approved by Bank Negara Malaysia as define and set by TML senior management shall be observed.
    2. For remittance transactions performed by an individual who is a foreign worker, a total transaction limit not exceeding an aggregate amount of RM5,000 per month shall be observed, unless otherwise approved by Bank Negara Malaysia.:
      • A daily transaction limit not exceeding an aggregate amount as defined and set by TML Senior Management shall be observed.
      • A monthly transaction limit as define and set by TML Senior Management per month shall be observed.
  4. TML shall have in place appropriate controls and procedures to manage customer request and to monitor changes on customer information.
  5. TML designated persons must ensure and verify that payment from customers are credited to designated TML account via bank transfer before making transactions. Whenever customer are unable to make transaction via bank transfer, the customer shall come to nearest TML branches. Staff should ensure that payment over the counter are made by customer or duly authorized by customer including identification and verification of the authorize persons and beneficial owner.
  6. TML shall comply with the record keeping requirement for e-Services transactions as prescribed under Money Services Business Act 2011 and Anti Money Laundering, Anti-Terrorism Financing, and Proceeds of Unlawful Activities Act 2001.
  7. TML designated persons shall conduct RBA to identity potential suspicious activities whether by using automated system or manually and submit Suspicious Transaction Reports (STR) if there is reasonable ground to suspect that the funds use for e-Services are proceeds of criminal activity or related to terrorist financing

TML e-Services Red Flags Parameters

E-Services Parameters

  1. Transactions Limit For Mobile Apps and Web Online for each Individual Customer is RM 3,000 per day and not more than RM 20,000 per month.
  2. Customer who are suspicious base on transactions pattern and transactions information shall be suspended from making transactions and are require to go to the nearest TML branches to conduct face to face transactions and continue to use TML e-Services if there is approval from Senior Management.
  3. Customer who uses e-Services transactions outside from Malaysia need to provide confirmation on the e-Services transactions they want to conduct via e-mail or phone call to verify that it is a legitimate transaction made by the customer. TML designated staff are required to conduct Enhanced Customer Due Diligence of this type of customer.
  4. Customer who is found out to have duplicate registration will be suspended from using TML e-Services.
  5. Transactions to High-Risk Country shall block and customer are require to go to nearest TML Branch to conduct transactions to complete ECDD process.
  6. Customers whose name are in Sanction List will be block from using TML Services. For Customers who are false-positive are able use the e-services after verification process is complete and approved by Senior Management at Head Office.

Standard Instruction Procedure

Mobile Apps and Web Online: KYC Process Guideline

Customer Register Using Mobile Apps /Web Online → Perform Face-To-Face CDD Process → Screen Customer Name Against OFAC / Blocklist → Approve Customer → Customer Can Start to Perform Transaction Using Mobile Apps / Web Online

Approving Guideline for New Customer

STEP 1: Customer Register via Mobile Apps / Web Online

  1. The Customer will register themselves using Mobile Apps and Web-Online.
  2. All the information needed will be fill in by customer.
  3. Customer can upload his own ID Photo using mobile apps or customer can choose later to upload the ID photo.
  4. Customer unable to perform transaction until the face-to-face KYC is conducted and activated.

STEP 2: Perform Face-To-Face CDD Process

  1. After registration via Mobile Apps / Web Online, TML staff is required to perform Face-to-Face KYC / Face-to-Face CDD Process. Please follow the procedure as follow:
    1. Check whether Customer ID has been uploaded in RemitX System.
    2. Check all information key in by customer is correct.
    3. Check Mobile No. and Phone Number - must start with ‘6’.
    4. Check Customer’s Email Address.

STEP 3: Screen Customer Name Against OFAC / Blocklist

  1. Staff are required to screen customer name.
  2. If match → consult Compliance Team.
  3. If not → proceed.

STEP 4: Record KYC Information

  1. Search Customer
  2. Select KYC Method
  3. Status: All
  4. Filter Date
  5. Untick filter
  6. Click Generate

Final Steps:

STEP 6: Customer Can Start Transactions

Approving Guideline for Existing Customer

  1. Customer informs branch
  2. Update customer info
  3. Record KYC
  4. Activate Web/App
  5. Customer logs in

Other Compliance Requirements

  1. Apps/Web users are Non-Face-to-Face customers
  2. Must conduct first face-to-face KYC
  3. Must have bank account
  4. RM 3,000/day limit
  5. RM 5,000/month for foreign workers
  6. Beneficiary must be pre-registered