Anti-Money Laundering
Citi is committed to the fight against money laundering and leading the way in Responsible Finance.
Money laundering is the process by which the illegal origin of wealth is disguised to avoid the suspicion of law enforcement authorities. Money laundering undermines confidence in the international financial system.
As a company that operates in a wide variety of cultures, languages and legal systems; employs over 240,000 people; has a presence in more than 160 countries; and maintains more than 200 million customer accounts; Citi will always be a target of would-be money launderers.
Citi's Mission and Approach
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.
Consistent with this goal, Citi is committed to the fight against money laundering and leading the way in Responsible Finance – conduct that is transparent, prudent and dependable.
The following key principles govern Citi's approach to controlling Anti-Money Laundering (AML) risk:
Citi recognizes its obligation to cooperate with and support regulators and law enforcement agencies in their efforts to prevent, detect and control financial crime, and to comply with AML laws and regulation to close off the financial channels that money launderers and terrorist organizations use for illicit purposes. We have also worked to ensure that we have proper policies, processes and controls in place to deter money laundering and other financial crimes against the bank, our clients and stakeholders.
Citi's Global AML Program
Citi has established a comprehensive Global AML Program to help protect both our clients and our franchise from the risks of money laundering, terrorist financing and other financial crimes.
The foundation of this global program is Citi's Global Anti-Money Laundering Policy, which provides a globally consistent system of controls to identify and mitigate AML risks and comply with AML laws and regulations. These include:
Bank Secrecy Act (BSA) Officer
The Global AML Compliance Officer has been designated by Citi's Board of Directors as the BSA Officer responsible for overseeing Citi AML Program, including apprising the Board of Directors and senior management of AML compliance initiatives, any significant compliance deficiencies, and the reporting of suspicious activity;
Governance and Enterprise-wide controls
This control framework governs the overall program, including Global AML policies, processes, training and testing.
AML Control Lifecycle
Built on and guided by this foundation are the key Program elements that are executed throughout three phases of the AML Control Lifecycle: Prevention, Detection and Reporting:
Building and adhering to a robust Know Your Customer (KYC) program that focuses on the creation and administration of globally consistent standards/policies, customer risk scoring, on-boarding and maintenance of customer data housed in an enterprise-wide repository.
Global transaction monitoring to identify unusual or suspicious transactions or patterns of activity, as well as robust Global AML Investigations to provide holistic reviews of both new and existing clients across various businesses and regions.
Active creation, tracking and filing of Suspicious Activity Reports (SARs), Suspicious Transaction Reports (STRs) and Currency Transaction Reports (CTRs), as required in many countries.
AML Program Execution
Citi's risk management framework – including the AML Program – is based on three lines of defense:
- First Line of Defense (Business Management) - Each of Citi's Businesses, including in-Business risk personnel, owns and manages the risks, including compliance risks, inherent in or arising from the Business, and is responsible for having controls in place to mitigate key risks, performing manager assessments of internal controls, and promoting a culture of compliance and control.
- Second Line of Defense (Independent Control Functions) - Citi's independent control functions, including Compliance, Finance, Legal and Risk, set standards according to which Citi and its businesses are expected to manage and oversee risks, including compliance with applicable laws, regulatory requirements, policies, procedures, and standards of ethical conduct. In addition, the independent control functions provide advice and training to Citi's Businesses and establish tools, methodologies, processes and oversight of controls used by the Businesses to foster a culture of compliance and control and to satisfy those standards. AML Advisory and Coverage AML Compliance Officers (AMLCOs), support their respective Business by providing regulatory compliance expertise and guidance in an advisory capacity to Business Management. They are responsible for coordinating, monitoring and, where appropriate, overseeing day-to-day compliance with the Global AML Program.
- Third Line of Defense (Internal Audit) - Citi's Internal Audit function independently reviews activities of the first two lines of defense based on a risk-based audit plan and methodology approved by the Citigroup Board of Directors.
Our Continued Vigilance
Citi is fully committed to remaining vigilant to prevent the use of our products and services by those who seek to abuse them.
We continually seek to combat money laundering and terrorist financing through the prevention, detection and reporting of unusual or suspicious behavior. We actively work to prevent terrorist organizations from accessing our financial services, readily assist regulators and law enforcement agencies in their efforts, and promptly respond to inquiries.
We also continually evaluate the strength of our existing policies, procedures and technologies, and update them, as necessary, to address the changing environment. We also train our staff to assure that they are well versed in the evolving techniques that criminals use to infiltrate the system and are well-equipped to combat money laundering and other financial crimes.
The fight against money laundering is a constant and evolving process. At Citi, we recognize that preventing money laundering and identifying possible terrorist financing activities involves constant diligence and the ability to keep pace with the sophisticated schemes employed by criminals. We acknowledge that we must constantly work to identify and understand the potential risks of money laundering and terrorist financing, and implement appropriate processes to mitigate, and ultimately alleviate, such risks.
Due Diligence
Citi is a contributor and user of the Know Your Customer (“KYC”) information exchange platform SWIFT KYC Registry. The SWIFT KYC Registry is designed to increase transparency and enhance financial institutions’ capacity to maintain business relationships with key correspondents by exchanging KYC information simply and centrally. Third-party banks and vendors conducting KYC due diligence, including the Wolfsberg Group Correspondent Banking Due Diligence Questionnaire (CBDDQ), should first use this platform to collect information and documents. If additional information is required, please submit a request to Citi directly by emailing correspondentbanking@citi.com.
The Wolfsberg Group Financial Crimes Compliance Questionnaire (FCCQ) is a shorter version of the CBDDQ and contains a basic set of questions to address industry demand. Download the Citi Wolfsberg Financial Crimes Compliance Questionnaire.
Citi USA PATRIOT Act Certification
Pursuant to Section 313 of the USA PATRIOT Act and final rules issued by the U.S. Department of the Treasury, a U.S. bank or a U.S. broker-dealer in securities (a "Covered Financial Institution") is required to obtain certain information from any "Foreign Bank" that maintains a correspondent account with it. This information must be issued in the form of a Patriot Act Certification ("PAC") (also referred to as a Global Certification) which meets the minimum requirements set forth by Section 313. A PAC Template is available in the Citi Policy Directory.
A PAC is valid for three (3) years from the date of execution. On or before the end of the three (3) year period, a re-Certification must be issued and obtained regardless of whether all material facts such as full legal name, ownership, physical place of business, authorized agent, etc., remain the same. A PAC must also be updated and re-issued any time there is a material change. The date of expiration, however, remains three (3) years from date of original execution.
Requesting USA PATRIOT Act Certifications from Foreign Financial Institutions
U.S-based businesses of Citigroup, when providing any financial services to or conducting transactions on behalf of a non-U.S. bank, must comply with Section 313 of the USA PATRIOT Act. Therefore, a PAC must be obtained prior to any correspondent business being conducted with a foreign financial institution.
Procedures for Requesting a PAC are posted in the Citi Policy Directory, and further outline the requirements and exceptions to the PAC provision, as well as the procedure for requesting and recording the PAC once it is received. These procedures shall be followed by all U.S. relationship managers and other U.S. Citi personnel responsible for servicing foreign bank clients.
Providing USA PATRIOT Act Certifications of non-U.S. Citigroup affiliates and branches to Other U.S. Banks and Financial Institutions
Non-U.S. Citigroup affiliates and branches may be called upon by U.S. financial institutions to provide a PAC as required by the Act. As such, Citi has prepared a Global Certification.
The Certification may be provided to any financial institution that requests a USA PATRIOT Act Certification from a Citi entity.
Procedures for Providing a PAC are posted in the Citi Policy Directory. These procedures outline the requirements of a PAC as well as the responsibilities of all personnel responsible for updating and maintaining the PAC. These procedures shall also be followed when requesting an addition or change to the identifying information of entities or branches included on the Global Certification.