1. POLICY, PROCEDURES AND CONTROLS:
    1. As required under clause 4 (a) of the SECP AML/CFT Regulations, FSL (being the Security Broker) is required to:
    2. develop and implement policies, procedures and controls with the approval its Board of Directors for enabling FSL to effectively manage and mitigate the risk that are identified in the risk assessment of ML/TF or notified to it by the Commission;
    3. monitor the implementation of those policies, procedures and controls and enhance them if necessary;
    4. perform enhanced measures where higher risks are identified, to effectively manage and mitigate those higher risks; and 
    5. Have an independent audit function to test the system.
    6. The Policies, Procedures and Controls should contain a clear description for employees of their obligations and instructions as well as guidance on how to keep the activity of the reporting entity in compliance with the Regulations. There should be internal procedures for detecting, monitoring and reporting suspicious transactions.
  2. APPOINTMENT OF COMPLIANCE OFFICER AND HIS ROLE:
    1. FSL is required to appoint a management level officer as compliance officer (“CO”), who shall report directly, and periodically to the Board of Directors (“Board”) or to another equivalent executive position or committee. The CO must be a person who is fit and proper to assume the role and who:
    2. has sufficient skills and experience to develop and maintain systems and controls (including documented policies and procedures);
    3. has sufficient resources, including time and support staff;
    4. has access to all information necessary to perform the AML/CFT compliance function;
    5. ensure regular audit of the AML/CFT program;
    6. maintain various logs, as necessary, which should include logs with respect to declined business, politically exposed person (“PEPs”), and request from Commission, FMU and Law Enforcement Agencies (“LEAs”) particularly in relation to investigation ; and
    7. Respond promptly to requests for information by the SECP/LEAs.
  3. HOW TO COMMUNICATE THE POLICIES AND PROCEDURES TO EMPLOYEES AND STAFF AS WELL AS BRANCHES:
    1. As part of first line of defense, the CO of FSL shall clearly specify the Policies, Procedures and Controls duly approved by the Board in writing, and communicated to all employees including those employed at braches through Inter-Office Memo (“IOM”).
    2. The CO must have the authority and ability to oversee the effectiveness of FSL’s AML/CFT systems, compliance with applicable AML/CFT legislation and provide guidance in day-to-day operations of the AML/CFT Policies and Procedures especially at the branches.
  4. HOW TO REFLECT CHANGES TO AML/ATF LEGISLATIVE AND REGULATORY REQUIREMENTS:
    1. The CO shall update/amend the Policies, Procedures and Controls in line with the changes/amendments in SECP AM/CFT Regulations with the approval of the Board or Equivalent and communicate in writing to all relevant employees through IOM; and
    2. The CO shall provide amendments in the Policies, Procedures and Controls separately attached to amendment Policies, Procedure and Controls showing impact of such changes on AML/CFT Regime.
  5. HOW OFTEN TO UPDATE POLICIES, PROCEDURES AND CONTROLS:
    1. As and when any change/amendment is affected in AML/CFT legislation applicable to the FSL (Securities Broker), the CO shall immediately update the Policies, Procedures and Controls in line with the changes/amendment in legislatives.
    2. The CO will communicate in writing to all employees after getting Board’s approval on such changes.
    3. The CO will update the risk profile of the country to which FSL or its Customers are exposed to as and when it comes it his knowledge.
  6. HOW OFTEN TO CONDUCT AN INDEPENDENT AUDIT OF YOUR AML/ATF COMPLIANCE PROGRAM:
    1. FSL shall, on a regular basis, conduct an AML/CFT audit to independently evaluate the effectiveness of compliance with AML/CFT Policies and Procedures;
  1. The frequency of the audit shall at least be quarterly basis commensurate with the nature, size, complexity, and risks identified during the risk assessments by FSL. 
  2. The AML/CFT audits shall be conducted to assess the AML/CFT systems which include:
  3. to test the overall integrity and effectiveness of the AML/CFT systems and controls;
  4. to assess the adequacy of internal policies and procedures in addressing identified risks, including;
    1. CDD measures;
    2. Record keeping and retention;
    3. Third party reliance; and
    4. Transaction monitoring.
  5. to assess compliance with the relevant laws and regulations;
  6. to test transactions in all areas of FSL, with emphasis on high–risk areas, products and services;
  7. to assess employees’ knowledge of the laws, regulations, guidance, and policies & procedures and their effectiveness in implementing policies and procedures;
  8. to assess the adequacy, accuracy and completeness of  training programs;
  9. to assess the effectiveness of compliance oversight and quality control including parameters for automatic alerts (if any); and
  10. to assess the adequacy of FSL’s process of identifying suspicious activity including screening sanctions lists.