Anti-Money Laundering and Combating Financial terrorism, bribery & corruption and Sanctions Policy Statement

BBAC S.A.L, including the members of the Board, senior management, and all employees at its local and foreign branches and representative office, is committed to play an effective role in the global effort in fighting financial crimes by maintaining sound anti-money laundering, anti-terrorism financing, combating bribery and corruption and sanctions standards.

BBAC Board of Directors had set a comprehensive AML/CFT, Sanctions and Combating bribery and Corruption Policy, which fully comply with the requirements and recommendations that are communicated by local and international regulatory and intergovernmental bodies and supervisory authorities.

The Board of Directors created a Board AML/CFT Compliance Committee to oversee the Bank’s compliance with all internal policies and applied local and international “AML/CFT, Sanctions, and Combating Bribery and Corruption” laws, regulations and guidelines, where it follows up on all the findings reported by the Compliance Department, or the Audit Department

The Compliance Department has an independent function from other business units within the bank and plays a major role in overseeing the Bank’s overall implementation of the Compliance program and in reporting noted risks along with the related mitigating controls to the Board AML/CFT Committee.

The Bank has assigned AML/CFT Compliance officers in each branch who are responsible for coordinating and overseeing the AML framework at the branch and who report directly to the Head of AML/CFT within the Compliance Department.

The Bank’s AML/CFT, Sanction, and Combating Bribery and Corruption policies, being part of the BBAC’s Compliance programs, are designed, implemented, and maintained, in a way to ensure the Bank’s compliance with the requirements and recommendations communicated by the local and International regulatory/intergovernmental bodies and supervisory authorities. AML/CFT, Sanction and Combating Bribery and Corruption policy is subjected to periodical review (at least annually or ad hoc in case of any reported changes in the applied regulations) in order to account for any require amendment.

It is the core responsibility of all BBAC staff across all its branches in Lebanon and abroad, to abide by the Bank’s Combating Money Laundering, Terrorism Financing, Bribery, Corruption and Sanction policies in order to ensure that the Bank’s products and services are not used to process illicit activities. Furthermore, the bank expects all its employees to conduct themselves in accordance with the highest standards of personal and professional integrity and to comply with all applicable laws, rules, regulations, the code of ethics and Business conduct of the bank, and the bank’s various policies and procedures related to anti-bribery and corruption.

In summary, the AML/CFT, Sanctions and Combating Bribery and Corruption program covers, the following areas:

Customer Acceptance policy:

In order to prevent and identify Money Laundering, Terrorist Financing, sanctions, bribery and corruption Risks associated with any potential customer, the bank has set the following customer onboarding guidelines:

• Implement customer identification and validation due diligence measures that include assessing the ML/TF, sanction, bribery and corruption risks that could be posed by the customer.
• Refrain from dealing with specific type of customers including, but not limited to: Shell bank, anonymous and walk-in customers, sanctioned parties, and customers dealing with sanctioned parties or operating in sanction countries, individuals operating a business illegally without a valid license, arm dealers, gambling, companies with bearer shares, accounts associated with nesting or down streaming activities or payable through accounts, and virtual currencies.
• Implement the necessary Identification and Validation due diligence measures on the account holder, the ultimate beneficial right owner (BRO) of the account (if different that the account holder), holder of power of attorney, guardians, in addition to the main shareholder and authorized signatories for entity accounts.
• Understand and verify the customer’s business occupation, financial status and expected account turnover in order to identify, assess and mitigate noted ML/TF, bribery, corruption and sanctions risks.
• Implement an automatic screen for direct/indirect customers (BRO, Shareholders, Proxy holder, authorized signatories, other controlling parties, and other parties dealing with our customers such as their major clients and suppliers) against local (where the bank is licensed to operate) and international sanction lists and adverse media including OFAC, EU, HMT and UN sanction lists.
• Implementing Enhanced Due diligence measures, that could include acquiring prior compliance clearance, on high risk customers covering the collection of addition information with respect to the customer’s occupation, financial activities, parties and other activities involved in expected account activity.
• Acquiring senior management approval concerning specific high risk customers.

Sanctions and Embargo

The Bank has set a sound Sanction Compliance policy based on the sanction programs issued by the local regulators, where the Bank operates, in addition to those issued by the international bodies including OFAC, EU, UN and HMT. BBAC S.A.L is committed to implement the following measures across all its local and foreign branches in addition to the representative offices:

• Refrain from dealing with parties (countries, entities, individuals) sanctioned by the above mentioned bodies.
• Refrain from processing any transaction that involve directly or indirectly (on behalf of) parties subject to local or international sanctions.
• Screen all potential and existing direct/indirect (UBO, guardian, procurators, authorized signatories, shareholders,…) customers before on-boarding and on an on-going basis in order to ensure that the Bank is not dealing with customers who are sanctioned, associated or acting on behalf of sanctioned parties.
• Screen all payments on the above mentioned sanction list.

Implement enhanced due diligence measures in order to ensure that none of the Bank’s customers are processing transactions associated with a sanctioned activity or are acting on behalf of a sanctioned party.

Combating Corruption and Bribery

An effective financial crime risk assessment is considered as one of the main pillars to establish a sound combating financial crime compliance program as it provide guidance on the required amendments to the existing controls by highlighting up-coming threats and allowing institution to take the necessary measures in order  to avoid these risks at early stages
Prior to the end of 2021, and in a step to account for one of the main risks identified in the national and the bank’s financial crime risk assessments, the  board of directors of BBAC bank took a leading step by becoming the first bank in Lebanon to establish an independent section dedicated for combating bribery and corruption knowing that this measure was subsequently enforced by the Central Bank of Lebanon under circular 692 dated 15/02/2024 being one of the required measures highlighted during the mutual evaluation that was done on Lebanon during July/August 2022. In this respect, The Bank has established an anti-bribery and corruption framework to ensure having in place and implementing adequate procedures that will prevent exposing the institution to Corruption and bribery risks while ensuring commitment to high behavioral standards and integrity when conducting day-to-day operations.
BBAC prohibits all kinds of bribery and corruption acts. In this respect, all BBAC staff (whether in Lebanon or abroad) and third party service providers are prohibited from:

• Offering or suggesting a bribe, or authorizing the offer or suggestion of any form of bribe (financial or non-financial);
• Paying bribes;
• Asking for or accepting a bribe to influence a decision, to obtain unauthorized access to confidential information, or to commit or omit to do an act, whether or not the outcome would have been the same without the bribe;
• Performing all facilitation payments;
• Using another party to conduct any of the above;
• Dealing with vendors or suppliers having low standards on bribery and corruption;
• Processing or dealing with funds known to be, or reasonably suspected of being, the  result of bribery or corruption actions;
• Processing transactions suspected to be associated with corruption activity.

In order to ensure sound implementation of the Anti-Bribery and Corruption framework, the Bank implements the following measures:

• Conduct a periodic Corruption and bribery risk assessment in order to identify the Corruption and Bribery risks that the Bank is vulnerable and exposed to including the type of customers that are highly exposed to corruption and bribery risks.
• Perform periodic review on the implemented controls addressing Corruption and bribery risks in order to set the necessary controls needed to mitigate the new threats identified in the Corruption and Bribery risk assessment.
• Enforce a sound Anti-bribery and Anti-Corruption (ABC) policy
• Spread the culture of integrity in the departments and branches of the bank, in Lebanon and abroad, through annual Anti-Bribery and Anti-Corruption trainings provided for the employees covering the most prominent indicators of corruption and bribery that should be tackled.
• Subject the category of customers identified to be highly exposed to Corruption and bribery risk to:

 Senior management approval in order to initiate or maintain a relationship with them;
 On-going enhanced transaction monitoring.

Complying with exchange of Tax Information and Combating tax evasion

The Bank complies with the exchange of tax information regulations (FATCA and CRS) and related guidelines as issued by the regulatory entities where the Bank operates. In this respect, the Bank complies with BDL circulars 138 and 139 with respect to the procedure required in order to comply with the Common Reporting Standards and in responding to the received tax information enquiries where such request are communicated in compliance with the recommendations issued by the Global Forum on Transparency and Exchange of Information for Tax Purposes and by the OECD, and according to the regulatory guidelines by the supervisory authorities.
Finally, BBAC is a participating FFI (Foreign Financial Institution) under Global Internal Identification Number (GIIN) 3NB1BF.99999.SL.422 and is committed on implemented all the necessary due diligence measures to identify and report on an annual basis, as per the FATCA policy, all reportable US person accounts.
In an attempt to combat tax evasion, and in compliance with BDL circular 147, BBAC S.A.L shall not accept processing any commercial transaction on personal account unless a copy of the certificate of registration with the ministry of finance is presented by the account holder. Furthermore, transactions identified to be associated with tax evasion red flags are subject to enhanced due diligence measures prior to execution where those determined to be highly associated with tax evasion are immediately reported to the local FIU by filling an STR.

Risk Based Approach

BBAC S.A.L implements an effective risk based approach methodology in order to identify money laundering, terrorist financing, sanctions, bribery and corruption risks associated with the customers or their related transactions. Accordingly, the Bank applies the following measures:

• Rate the Risk of all customers at the time of on-boarding, and update periodically, in order to determine the necessary required due diligence measures addressing the identified risk.
• Customer risk rating is determined taking into account several risk factors including the following:
  - Country risk.
  - Products and services risk.
  - Business risk.
  - Other risks (such as delivery channels, complexity in the ownership or the controlling/BRO structure, adverse media on the account holder and related parties, expected account/account turnover…).

Based on the above factors, the customer’s final risk score will be calculated to be as either high, medium or low where those classified as high risk will required an on-going EDD measures while those deemed to be of low risk will require a simplified one.

• Customers such as politically exposed persons, Non-profit organization/Non-governmental organizations, Money Service businesses, trust and foundation accounts, client accounts, car dealer, Petroleum or oil trading companies, Customers from countries which inadequately apply FATF’s recommendation or of high financial crime risks, Offshore companies, Brokerage companies, Foreign Exchange Companies and other type of financial institutions, contractors with major income from governmental projects will be automatically classified as high risk and will require a clearance from the Compliance Department and/or Senior management prior to account opening.
• Perform regular review of the money laundering, terrorist financing, sanction, bribery and corruption risks associated with the Bank’s customers and provided products and services.
• Increase the level and nature of monitoring of the business relationship with the customer based on its risk score in order to detect and investigate unusual ones and report those deemed to be suspicious.
• Perform periodical review of the relationship with customers classified as high risk, to be at least annually or immediately upon any change in the customer profile or account activity.
• Perform a review of the relationship with customers classified as medium and low risks every two years and three years respectively or immediately upon any change in the customer’s KYC profile or account activity.

On-going monitoring:

The Bank implements on-going monitoring on its customers to ensure that they are not involved in illegal or illicit activities that could expose the bank to Money Laundering, Terrorist Financing, Sanction, bribery or corruption risks. Customer monitoring includes but not limited to the following:

• Implement a post-transaction monitoring system to detect, and investigate unusual transactions.
• Perform regular monitoring on the customers and their transactions according to their risk rating or based on any noted alerts or risk indicators.
• Report suspicious transactions to the local regulatory authorities where the Bank operates.
• Maintain all customers and transaction-related documents for at least 5 years after ending the business relationship or performing the transaction.

KYC Quality Assurance:

Maintain accurate Customer information is considered as one main elements of a sound combating financial crime compliance program due to its impact on the customer’s risk scoring and the reported monitoring alert leading to a failure in implementing the required EDD measures. In this respect, a KYC quality assurance section was launched during January 2024 as an independent function under the compliance department in order to:

• Subject the customers files, whether related to new customers or existing ones, to a risk based approach quality review in order to ensure that the collected information  is accurate and up-to-date.
• Verify that the BRO information for all required customers was properly collected and maintained under the BRO register in compliance with BDL circular 83.
• Verify that the due diligence measures required for specific high risk accounts. Was properly implemented.
• Follow up on a timely manner with all branches on the status of their KYC updating project in order to ensure compliance with the set updating policy.
• Report noted discrepancies to their respective branches and follow with them until they are rectified or resolved.
• Ensure that the customers’ parameters associated with RBA risk matrix were properly defined and follow up with the respective branches on the reported discrepancies until resolved.
• Provide the board AML/CFT compliance committee with quarterly reports covering the identified discrepancies, set corrective measures and current status (whether resolved or pending). 
• Suggest process improvements to enhance the efficiency and effectiveness of KYC procedures.
• Design, based on the identified discrepancies a training program for front line employees covering common mistakes and their impact on the Bank’s applied combating financial crime compliance program.

Record Retention

BBAC S.A.L retains information on the customers (KYC, account opening forms, due diligence reports and related supporting documents) for a period of at least five years after closing the account or terminating the business relation. Furthermore, the Bank retains copies of all operations-related documents, for at least five years following the date of the transaction.

Training:

In order to ensure proper communication and implementation of the Bank’s AML/CFT, Sanction and combating bribery and corruption policy, the Bank has developed an enhanced training program that includes:

• Providing AML/CFT, sanction and combating bribery and corruption training to all new employees joining BBAC S.A.L.
• Providing periodical (at least quarterly) trainings and workshops to all the Branch Compliance Officers covering the latest changes in the applied fighting Money Laundering, Terrorist Financing, bribery and corruption or sanction regulations and their related implemented controls in addition to new emerging financial crimes risks.
• Attending all external trainings addressing financial crimes organized by the regulatory bodies where BBAC operate.
• Holding regular workshops for customer relationship managers in order to discuss latest AML/CFT, Sanction and bribery and corruption risks and the required mitigating controls adopted by the Bank.
• Providing a specialized annual AML/CFT, Sanction and combating bribery and corruption trainings for employees (other than those stated above) occupying jobs perceived as the first line of defense at the Bank covering financial crime risks that they need to account for.

In order to ensure proper communication of the training material, the Bank includes real life examples as a reference to the discussed subjects. Furthermore, all attendees are required to sit for an assessment exam at the end of the training session to ensure that the training has met its purpose.

In addition to above detailed employee training, the bank ensure to spread compliance culture to its customers and raise their awareness on latest AML/CFT and sanctions risks through the following:

1. Acquire their signature on AML/CFT and sanctions attestation highlighting the bank’s commitment to comply with local and international sanctions especially those issued by the Special Investigation Commission (SIC), the United Nations, the European Union, the US Treasury – OFAC, or Her Majesty Treasury (HMT), or any other control authority/body, including the sanctions issued against individuals, organizations, systems and countries.
2. Ensure that the client has verified the beneficiary account instructions of any first time supplier through phone to avoid any fraudulent attempts risks related to email communications.

Independent Audit:

The AML/CFT, sanction, and combating bribery and corruption Compliance program is subject to regular independent audit from the Bank’s internal and external auditors in addition to periodical assessment from the supervisory authorities where the Bank is licensed to operate in order to ensure that the procedures in place are in compliance with the applied national and international regulations.

General Provisions

BBAC S.A.L staff is prohibited from:

• Tipping-off the customer about any on-going ML/TF, sanction, bribery and corruption investigation case done on his/her account whether internal within the Bank or externally by the supervisory authority.
• Providing customers with guidelines in order to avoid the reporting thresholds.

Furthermore, BBAC staff shall exercise their ethical duty to report any kind of wrongdoings, unethical behaviors, and fraudulent activities even if the foregoing were committed by their supervisor or colleague.
Any employee violating the terms stated under this section shall be subjected to disciplinary action, as stated in the “Bank’s Disciplinary Action Policy”, up to the discharge from the employment.