CySEC AML Certification - Comprehensive Study Notes

Chapter 1: Introductory Provisions

  • 1.1 References used in the manual

    • AML/CFT Law ( Prevention and Suppression of Money Laundering and Terrorist Financing Law) of 2007-, as amended

    • CySEC Directive: Prevention and Suppression of Money Laundering and Terrorist Financing

    • EBA Guidelines (EBA/GL/2021/02) on ML/TF risk factors for customer due diligence

    • FATF Risk-Based Approach Guidance for the Securities Sector

    • Cyprus NRA (National Assessment of Money Laundering and Terrorist Financing Risks)

    • Directive (EU) 2015/849 (4th EU Directive) and 2018/843 (5th EU Directive) amendments

    • ASP Law (Law regulating companies providing administrative services)

    • Terrorism Law (Law 75(I)/2019) as amended

    • UNSC resolutions and EU Restrictive Measures (Sanctions Law) 2016 (58(I)/2016)

    • Directive for the register of Crypto Asset Service Providers (CASPs)

  • 1.2 The Cyprus Securities & Exchange Commission (CySEC)

    • Independent public supervisory authority for the Cyprus securities market

    • Supervises investment services, collective investment and asset management, admin services, and CASPs

    • CySEC publishes AML/CFT-related directives and maintains AML/CFT registers

    • Mission: investor protection, integrity, fairness, transparency; support safe securities market growth

  • 1.3 Becoming an AML certified Compliance Officer (AMLCO)

    • AMLCO appointment required under AML/CFT Law Art. 69; AMLCO must be certified and registered in CySEC’s AMLCO register

    • AMLCO role defined in CySEC’s Directive for the Prevention and Suppression of Money Laundering and Terrorist Financing

    • The certification process ensures candidates have the knowledge and competence for AMLCO duties

    • Global AML challenges drive demand for qualified AML professionals

  • 1.4 The objectives of the CySEC AML Certification

    • Provide AML professionals with knowledge, expertise and competence to detect, prevent and control ML/TF activities as AMLCO

    • Sets standard for AMLCOs in CySEC-regulated entities

    • All AMLCOs must be registered before appointment; ongoing annual professional trainings required to keep knowledge updated

  • 1.5 Workbook for the AML Certification Examination

    • Purpose: learning and revision tool; first point of study; aids revision chapter-by-chapter

    • Structure: Preface, core study areas, sample questions, definitions and abbreviations

Chapter 2: Understanding Money Laundering, Terrorist Financing and Sanctions

  • 2. Understanding ML, TF and Sanctions

  • 2.1 What is Money Laundering (ML)?

    • ML: process of concealing or disguising illicit origin, movement or use of illicit funds to appear legitimate

    • Core ML model typically three stages: Placement, Layering, Integration

  • 2.2 The 3 stages of ML

    • Stage 1 – Placement Phase

    • Introduce dirty money into the financial system (cash, cash-intensive businesses, etc.)

    • Structuring: deposit cash below reporting thresholds to avoid detection; deposits split across days and banks

    • Examples: €50,000 deposited in parts (e.g., €8k, €9.5k, etc.)

    • Smurfing: multiple agents (smurfs) deposit across many accounts/banks to seed ML

    • Other placement methods: mixing illicit funds with legitimate funds, loan repayments with laundered cash, cross-border currency smuggling, purchases of FX with illegal funds, shell companies, reverse flips in real estate, etc.

    • Stage 2 – Layering Phase

    • Distancing funds from their illicit source via complex structures to conceal audit trail

    • Techniques: wire transfers across banks/countries, converting cash to monetary instruments, rapid trading of securities, creating shell companies

    • Electronic transfers as a fast layering method (ATM, mobile, etc.)

    • Offshore structures and PICs to conceal UBOs

    • Stage 3 – Integration Phase

    • Re-enter funds into economy as apparently legitimate; difficult to distinguish between legal and dirty money

    • Examples: real estate, luxury purchases, cash-intensive businesses, joint ventures

  • 2.3 ML threats and vulnerabilities (NRA-based, risk factors by sector)

    • Domestic ML threat level in Cyprus: medium

    • Vulnerable sectors:

    • Banking sector

    • Securities sector

    • Insurance sector

    • Other obliged entities (DNFBP)

    • Designated non-financial businesses and professions (DNFBP)

    • 2.3.1 The banking sector

    • High exposure due to international activities; risk factors include unclear activity, lack of physical presence, tax transparency concerns, few employees, etc.

    • Regulatory and supervisory framework of CBC provides defence; internal controls bolster defenses

    • 2.3.2 The securities sector

    • CIFs and Fund Managers dominate; most transactions abroad or OTC; risks mainly in layering/integration rather than placement due to non-cash dominance

    • ML threat: medium-low overall due to licensing and compliance focus; higher risk from international criminals

    • Risk profiles by player: CIFs (online brokers) medium-high due to non-face-to-face customers; traditional CIFs high net worth exposure; fund managers medium ML vulnerability

    • 2.3.3 The insurance sector

    • Life/Investment components increase ML risk; products with long maturities and tax benefits attract ML/TF concerns

    • 2.3.4 Other Obliged Entities

    • Money remittance, card issuing/acquiring, EMIs, digital currencies, DNFBPs; overall ML risk medium-low due to sector size

    • Specific risks by sub-sector: MTBs, EMIs, digital currencies, etc.

    • 2.3.4.1 Money Remittance Business (MTBs)

    • Agent networks; international cash transfers; biggest TF threat globally; examples include Western Union, MoneyGram

    • 2.3.4.2 Card issuing/acquiring

    • Card fraud, identity misuse; potential use of cards in layering/integration; cross-border implications

    • 2.3.4.3 Electronic money services (EMIs)

    • Non-face-to-face risks; low regulatory limits; AML/CFT requirements under Electronic Money Law; AML concerns with anonymity and large transfers

    • 2.3.4.4 Digital currencies, E-money, Virtual currencies

    • Virtual currencies are digital representations of value; high anonymity and cross-border misuse risks; not same as electronic money; transactions are often untraceable

    • 2.3.5 DNFBPs

    • Trust/Company Service Providers (TCSPs), Non-profit organizations (NPOs) as high-risk; supervision by CySEC, CBA, ICPAC; NPOs used in TF financing historically

  • 2.4 Terrorist Financing (TF) and TF Criminalization

    • TF history and FATF special recommendations post-9/11; Cyprus actions; authorities involved in TF control (Ministries, Police, MOKAS, DCE, etc.)

    • TF defined under Terrorism Law; criminal acts include providing support or financing to terrorist groups

    • 2.4.1 Differences and similarities between TF and ML

    • Differences: origins of funds, motivation (profit vs ideology), nature of funds (large, structured vs small, unstructured), group structures vs non-group patterns

    • Similarities: same or similar methods (structuring, monetary instrument purchases, wire transfers, debit/credit cards); terrorists exploit AML/CFT weaknesses; global AML/CFT regimes influence TF activities

  • 2.5 Sanctions

    • Sanctions concept: EU or UN policy to intervene in crises; targets include governments, entities, groups, individuals

    • Reasons for sanctions: peace, security, human rights, democracy, rule of law

    • Cyprus sanctions landscape: EU and UN sanctions; design and enforcement obligations for obliged entities; risk management to detect sanctions breaches

    • Financial sanctions related to TF

    • EU sanctions lists are list-based: prohibition on funds/financial resources to sanctioned individuals/entities; applies within the EU, to EU nationals, and entities established or operating in the union

    • Obliged Entity responsibilities under sanctions law

    • Identify acts in breach, document measures, seek approvals from UIS/SEOK for fund releases

    • SEOK (Advisory Committee on Economic Sanctions) for fund release recommendations to the Minister of Finance

    • UIS (Unit for the Implementation of Sanctions in the Financial Sector) responsibilities

    • Public access to sanctions information; requirement to consult UN/EU lists for customer due diligence and suspicious transaction reporting

  • End-of-Chapter Knowledge Check (high-level: ML stages, bank/non-bank methods; TF vs ML; sanctions)

Chapter 3: Legal and Regulatory Requirements

  • 3. The Prevention and Suppression of Money Laundering Activities Laws of 2007 to 2023

  • 3.1 Unit for Combating Money Laundering and Financial Intelligence Unit of Cyprus (MOKAS)

    • 3.1.1 The Unit (MOKAS)

    • Established under AML/CFT Law Art. 54; independent operation; composition includes the Attorney General, Chief of Police, and Director of DCE

    • Functions: FIU for gathering, evaluating suspicious transactions; investigations; cooperation with other authorities and FIUs; issue directives; suspend transactions; provide guidance to Obliged Entities; request information; publish annual report

    • 3.1.2 Functions of the Unit

    • Autonomy; powers include gathering, evaluating, and analyzing information; may request supplementary information; notify and cooperate with other FIUs; issue administrative orders for suspension; protect privacy; annual report

  • 3.2 The Supervisory Authority (CySEC)

    • 3.2.1 CySEC’s remit: ML/TF prevention within CySEC-supervised entities (CIFs, fund managers, ASPs, etc.)

    • 3.2.2 Powers of CySEC: binding directives, on-site and off-site supervision; risk-based supervision; sanctions (administrative fines up to EUR 1,000,000; up to 10% of turnover; other sanctions); public reporting of sanctions; liability of legal persons; other enforcement features

  • 3.3 Main provisions of AML/CFT Law: criminal liability, offences and penalties

    • 3.3.1 Prescribed offences: ML offences and predicate offences

    • 3.3.2 Who may be prosecuted and penalties for ML offences (e.g., for those who know: up to 14 years imprisonment or up to €500,000 penalties; for those who ought to have known: up to 5 years imprisonment or up to €50,000 penalties)

    • 3.3.3 Other offences associated with ML/TF: disclosure delays; tipping-off; penalties

    • 3.3.4 Privileged information (e.g., privileged communications between lawyers and clients)

    • 3.3.5 Orders of disclosure by court; duty to notify changes post-disclosure

    • 3.3.6 Tipping-off offences; penalties; prohibition on tipping-off during investigations

    • 3.3.7 Exemptions from information disclosure under specified circumstances

    • 3.3.8 False/misleading evidence or forged documents; penalties

  • 3.4 European Directives

    • Six EU Directives implemented by Cyprus as of 2022; ML/TF risk factors; cross-border cooperation

  • 3.5 FATF

    • FATF: international standard-setter; 40+9 Recommendations; ongoing typology reports; FATF Plenary meetings; EU Commission involvement

  • 3.6 High-Risk Third Countries

    • EU risk-based approach to identify high-risk third countries; delegated acts after assessment; example Cayman Islands and Jordan in 2024 derogation list updates

  • 3.7 MONEYVAL

    • Council of Europe body; mutual/self-evaluations; improvements and recommendations in respect of FATF standards

  • 3.8 Law 75(I)/2019 (Fight against Terrorism) as amended

    • Terrorism prevention, investigation and prosecution; life imprisonment for TF offences; list of TF-related offences (threats, recruitment, financing, etc.)

  • 3.9 UNSC Resolutions and EU Sanctions Law 2016 (58(I)/2016)

    • CySEC role in enforcing UN/EU sanctions; penalties for breaches; appointment and functioning of UIS/SEOK

  • End-of-Chapter Knowledge Check: topics to know (ML stages; bank, non-bank and non-financial ML methods; TF differences; sanctions)

Chapter 4: The AML Compliance Culture

  • 4 The AML compliance culture

  • 4.1 Basic elements of a strong compliance culture

    • Leadership commitment; compliance as a core value; avoid prioritizing profit over AML obligations

    • Components: internal policies, risk-based controls; appointment of AMLCO; ongoing training; independent internal audit

  • 4.2 Internal Policies, Controls and Procedures

    • Policies aligned to AML/CFT framework; risk appetite; board/SM approval; rolled out across lines of business; regular reviews and updates

  • 4.3 The Role of the Board (BoD)

    • BoD responsibilities: approve policies; appoint AMLCO and alternates; ensure access to necessary data; establish reporting lines; ensure resources and board awareness; oversee risk management manual

  • 4.4 The role and duties of the AML Compliance Officer (AMLCO), Alternate AMLCO and Assistants

    • AMLCO duties: design and implement internal controls; customer acceptance policy; risk management manual; monitor compliance; evaluate suspicious reports; liaise with MOKAS; annual reporting; maintain customer risk registers

    • Alternate AMLCO: stand-in; can be outsourced; appointment documented; assistants may be appointed for large or dispersed operations

    • Immediate reporting to CySEC and maintaining staff lists for AML roles

  • 4.5 The establishment and role of an Internal Audit Department

    • Independent audit function to annually assess AML policies, controls and procedures; findings reported to BoD; CySEC notified

  • 4.6 Employees obligations, education and training

    • Obligation to report suspicious activity; training program mandatory; tailored training by role; evaluation of training effectiveness; BOD-specific training required; training materials aligned with AML/CFT laws and EU directives

  • End-of-Chapter Knowledge Check: summarize key elements (4.1-4.6) and their interrelations

Chapter 5: Assessing and Managing Risks

  • 5. Assessing and Managing Risks

  • 5.1 Risk-Based Approach (RBA)

    • Identify ML/TF risks considering customers, countries/geography, products/services, transactions and delivery channels

    • Proportionate measures; resources focused where risk is higher; EU-wide coordination via EBA risk-factor guidelines

    • RBA helps prioritise controls and monitoring; implement proportionate controls

  • 5.2 Identifying ML/TF risks

    • Process comprises two steps: risk identification and risk assessment for particular customers, products, services and geographies

    • Initial CDD measures include: verify identity; verify beneficial owner; establish purpose and nature of business relationship

    • Obtain holistic view; ongoing monitoring

  • 5.2.1 Sources of information for risk identification

    • Use internal knowledge and external sources (FATF, MONEYVAL, UN sanctions lists, IMF, EU CFSP, etc.)

    • Other sources: national risk assessments, regulators, FIUs, credible open sources, media, academia

  • 5.3 Factors to determine risks

    • Primary indicators: customer risk, country/geography risk, product/service/transaction risk, delivery channel risk

    • Sector-specific risk factors by Wealth Management, Investment Firms, Investment Funds, Securities Sector (see detailed subsections 5.3.1–5.3.4)

  • 5.4 Assessing ML/TF Risks

    • Categorize relationships and transactions into risk levels: High, Medium (Normal), Low

    • High risk requires Enhanced Due Diligence (EDD); EDD cannot substitute for regular CDD

    • Even with a low risk assessment, some high-risk scenarios require EDD (e.g., PEPs, high-risk third countries)

    • Weighting risk factors should be done carefully; avoid over-reliance on a single factor and avoid misaligned incentives

  • 5.5 On-going monitoring of the risk assessment and record keeping

    • Keep risk assessments updated; monitor effectiveness of controls; review risk factors for individual relationships; adjust CDD accordingly

    • Maintain records (risk assessments, updates, etc.) for regulatory inspection; use automated MIS to track customer and transaction data; implement monitoring thresholds and alerts; ensure timely information sharing with BoD and AMLCO

  • End-of-Chapter Knowledge Check: review risk-based approach concepts and risk levels; 5.5 summary on ongoing monitoring and record-keeping

Chapter 6: Know Your Customer (KYC) and Customer Due Diligence (CDD)

  • 6 Know Your Customer (KYC) and Customer Due Diligence (CDD)

  • 6.1 Procedures for the prevention of ML/TF

    • Article 58 AML/CFT Law: Policies to mitigate ML/TF risks including CDD, record-keeping, internal reporting, and external reporting

  • 6.2 Customer Identification and Due Diligence Requirements

    • 6.2.1 When to apply CDD: establishing business relationships, occasional transactions above thresholds, suspicion of ML/TF, doubts about veracity of data, gaming services thresholds (€2,000), cash transactions in goods (€10,000), crypto asset services (€1,000)

    • 6.2.2 Identification procedures and CDD measures: verify identity from reliable sources; verify beneficial owner; assess purpose; ongoing monitoring; third-party verification when applicable; ensure proportionality to risk

    • 6.2.3 Identification procedures for individuals: Cypriot residents; required data; acceptable documents (ID, passport); address verification via visit or utility bill; keep copies certified true copies

    • 6.2.3.2 Non-residents: obtain PEP information, foreign documents; ensure sanction-list integration with identity data; include passport data

    • 6.2.4 Identification for unions, societies, clubs, provident funds and charities: verify legitimacy and board/management details

    • 6.2.5 Identification for legal entities: understand ownership/control structure; obtain documents (certificate of incorporation, good standing, directors, etc.); require copies of financial statements if available; verify outside-Cyprus entities similarly

    • 6.2.6 Constructing a customer economic profile: gather data to understand ownership, business activities, expected transactions; maintain separate forms/files

    • 6.2.7 Timing of CDD: verify identity before establishing relationship or completing a transaction; derogations allowed in limited cases to avoid interrupting business; beneficiaries’ identity must be verified at payout or assignment in life insurance contexts

  • 6.3 Simplified Customer Due Diligence (SDD)

    • May apply when business risk is low; SDD is not exemption from CDD; monitoring must be sufficient to detect anomalies; conditional factors for lower risk (Annex II) include public entities, pension schemes, banks, etc.

    • SDD indicators include adjusting timing, amount of information, sources of funds, frequency of reviews, etc.; SDD must still support risk assessment

  • 6.4 Enhanced Customer Due Diligence (EDD)

    • Applied to higher-risk customers (natural or legal with high-risk jurisdictions, cross-border correspondents, PEPs, etc.)

    • EDD requirements include more information on identity, source of funds/wealth, purpose, senior management approval, enhanced monitoring, etc.

    • For cross-border correspondent relations: evaluate respondent’s AML/CFT controls; obtain senior management approval; document responsibilities; ensure payee-through data if applicable

    • PEP-related measures: SM approval; source of funds/wealth verification; ongoing enhanced monitoring; continue risk management for 12 months after public function ends

    • For payout/assignment of life policies where beneficiary is a PEP: perform enhanced checks at payout/assignment time

    • For beneficiaries in life/insurance: verify beneficiary identity and provide information at payout if named; if class-based, provide information about beneficiaries; monitor life-insurance policy payouts

  • 6.4.2 High-risk indicators for EDD (Annex III): list of higher risk factors across customer, product/service/transaction and geographical domains

  • 6.4.3 Type of EDD measures: examples include more intense identification, additional information about customer/beneficiary, source of funds verification, enhanced monitoring, senior management approvals, etc.; SDD where risk is low and intermediary-level checks acceptable

  • 6.5 Sectoral guidelines for application of CDD measures

    • 6.5.1 Wealth Management: high-value, private banking risk; aims for enhanced due diligence; verify source of wealth; increased monitoring; ensure funds origin is legitimate; ongoing enhanced monitoring of high-risk clients; maintain a robust internal review and management approvals

    • 6.5.2 Investment Firms: risk driven by client base; adherence to EDD guidelines; potential use of third-party intermediaries; verify underlying investors if unregulated intermediaries; open to SDD where permitted

    • 6.5.3 Investment Funds: fund structure and distribution channels create detection needs; risk-sensitive CDD; for funds with intermediaries, ensure robust CDD for intermediaries and underlying investors; for complex fund arrangements EDD

    • 6.5.4 Securities Sector: complex, fast-paced, high liquidity; risk factors include bearer shares, disclosure gaps, anonymous entities; apply enhanced due diligence

  • 6.6 Ongoing Monitoring

    • CySEC directives require ongoing monitoring of KYC/CDD and transactions

  • 6.6.1 Review of KYC/CDD requirements; 6.6.1.1 Ensure records updated; 6.6.1.2 Regular checks; 6.6.1.3 Update timing; 6.6.1.4 Documentation of review outcomes

  • 6.7 Beneficial Ownership information

    • 6.7.1 Central Registry for Corporate or Other Legal Entities (Corporate Central Registry): Cypriot corporates must hold current beneficial ownership information; accessible to competent authorities, MOKAS, Tax Authorities, Police; CBC operates automated access

    • 6.7.2 Central Registry for Trusts and similar arrangements: trusts must hold beneficial ownership information for settlor, trustee, protector, beneficiaries; access by competent authorities; penalties for non-compliance

  • 6.8 Reliance on third parties

    • You may rely on third parties to meet CDD requirements; ultimate responsibility remains with the relying entity; request copies of verification data; third-country reliance not allowed if from high-risk jurisdictions unless certain conditions apply

  • 6.9 CDD in case of networking (group) structures

    • Group-wide policies and data-sharing procedures; ensure compliance in branches/subsidiaries across jurisdictions; ensure cross-border compliance with local law; data protection considerations

  • 6.10 Prohibition of shell banks cooperation

    • Do not engage with shell banks; ensure risk controls for anonymity-facilitating products and technologies

  • 6.11 Processing of personal data

    • Personal data processing must comply with Personal Data Processing Act; data processing only for AML/CFT purposes; provide required privacy notices to customers; respect data subject rights; restrictions on data use

  • End-of-Chapter Knowledge Check: links to Know-Your-Customer, CDD, SDD, EDD, sector-specific guidelines, ongoing monitoring, and shell-bank prohibition

Chapter 7: Transaction Monitoring & Suspicious Reporting

  • 7 Transaction Monitoring & Suspicious Reporting

  • 7.1 Internal reporting procedures and external reporting to MOKAS

    • Pre-reporting information collection: ML/TF definitions broad; red flags and indicators; maintain comprehensive customer information to identify suspicious activity

    • Internal reporting process: appoint an AML Compliance Officer; internal suspicion reports; evaluate information; access to data; if suspicion exists, report to MOKAS via GoAML; monitor affected accounts; investigate transactions; explain if no report is filed

    • 7.1.2 Internal reporting steps: internal suspicion report; internal evaluation report; if decide to report, file via GoAML; monitor accounts; if not reporting, document rationale; AMLCO acts as first point of contact during investigations

    • 7.1.3 Disclosure in good faith (protection)

    • 7.1.4 Protection of a person submitting internal/GoAML reports from threats/hostility; statutory protections

    • 7.1.5 Avoidance of tipping-off before filing a report; restrictions on disclosure during investigations; exceptions for professional activities (e.g., auditors) depending on context

    • 7.1.6 Non-execution or late execution of transactions: if data is insufficient or funds may be ML/TF, delayed execution may be allowed; not a breach if due to data gaps

  • 7.2 Examples of suspicious transactions and activities (ML/TF indicators)

    • Suspicious customer behavior: evasive, non-responsive, threats, bribes to avoid reporting

    • Suspicious transactions/activities: unusual/complex transactions; large volumes; cash-intensive patterns; cross-border or high-risk activity; rapid movement of funds; unusual settlement patterns; bearer instruments; cross-border transfers

    • Suspicious customer identification circumstances: intermediaries with inadequate documentation; unusual IDs; reluctance to provide information; offshore or bearer features; aggressive secrecy

    • Suspicious investment activity: unusual investment patterns; rapid redemption; unusual holdings; cross-border or offshore features; complex structures

    • Suspicious activity in securities sector: undisclosed principals; multiple accounts; unusual cross-account transfers; large/wide wire activity; bearer instruments; offshore connections

    • Additional subcategories for cash, non-cash deposits, wire transfers, employee activity, etc.

  • End-of-Chapter Knowledge Check: internal reporting procedures; when to report; examples of suspicious activity; sanctions and protection rules

Chapter 8: Crypto Asset Service Providers (CASPs)

  • 8 Crypto Asset Service Providers

  • 8.1 Registration Procedure

    • Obligation to register CASPs under Art. 61E; CASPs must be registered if operating in Cyprus or planning to provide services from Cyprus

    • 8.1.1 Obligations to register

    • CASPs established in Cyprus or intending to provide crypto-asset services from Cyprus must be registered

    • 8.1.2 CASP Register: publicly accessible; information on CASP name, address, services, website

    • 8.1.3 Application for registration: include CASP data, crypto-asset addresses, services offered, client types, geographic jurisdiction, whether registered/supervised elsewhere

    • 8.1.4-8.1.7 Material changes, deregistration, suspension and notifications: timelines and conditions for updates and changes; regulatory actions and requirements

  • 8.2 Organizational and Operating Requirements for CASPs

    • CASPs must adopt organizational/operational requirements per the CASP Directive; registration conditions include governance, capital, controls, data protection, and information security

    • 8.2.1 Conditions for registration: honest and competent management; board composition; independence; strong governance; risk management; data protection; cybersecurity; internal controls; anti-money laundering measures; adequate funds; staff integrity

    • 8.2.2 CASP information for clients/ potential clients; marketing clear and non-misleading; cost and risk disclosures; information presentation; standardised formats

    • 8.2.3 Penalties for breach of CASP registration: up to EUR 350,000 prison; or fines; or both

  • 8.3 AML/CFT Obligations of CASPs

    • CASPs are Obliged Entities under AML/CFT Law; must perform KYC and CDD measures; constructive economic profiling; source of funds/wealth verification; ongoing monitoring; report suspicious transactions; risk assessment and proportionate controls; CASPs are subject to the full AML/CFT framework

  • End-of-Chapter Knowledge Check: CASP registration, governance, and AML/CFT obligations

Chapter 9: Abbreviations & Definitions

  • Abbreviations (selected):

    • AML, AML/CFT, AI: various regulatory bodies (CySEC, MOKAS, CBC, ICPAC, CBA), FIU, NRA, DNFBP, PEP, KYC, CDD, SDD, EDD, CASP, UIS, SEOK, DO, etc.

  • Definitions (selected):

    • Beneficial Owner: natural person who ultimately owns or controls the customer; detailed criteria for corporate and trust structures

    • ML: Money Laundering; TF: Terrorist Financing; Proceeds; Designated non-financial businesses and professions (DNFBPs); shell bank; PEP; etc.

    • Central Registry concepts: Corporate Central Registry; Trust Central Registry

    • Other key terms: “Obliged Entities,” “Third Parties,” “Respondent Bank,” etc.

Chapter 10: Examination Practice Questions

  • 10.1 Sample questions and answers (selected) to illustrate exam style

    • Q1: Three stages of ML? Answer: Placement, Layering, Integration

    • Q2: Three customer factors increasing risk in Wealth Management? See 6.5; factors include high-risk sectors, high confidentiality expectations, high-profile/PEP status

    • Q3: Example of a placement activity? Answer: Mixing of illegitimate funds with legitimate cash-intensive funds; structuring; smurfing

    • Q4: True statement about ML/TF? (ML vs TF basics)

    • Q5: Basic difference ML vs TF? About origin of funds and motivations

    • Q6: Stage where laundered funds used to buy high-value assets? Integration

    • Q7: Threshold for CDD for goods traders in occasional cash transactions? €10,000

    • Q8–40: Additional practice questions on training, governance, sanctions, PEPs, CASPs, etc.

  • End-of-Examination: Answers sheet provided to validate responses

General notes and cross-cutting themes

  • The CySEC AML Certification aims to standardize knowledge across AML professionals and ensure consistent, high-standard AML governance in CySEC-regulated firms.

  • The AML/CFT framework emphasizes an integrated approach: regulatory requirements, risk-based supervision, ongoing monitoring, and robust governance.

  • Thresholds and sanctions are central to practical compliance (e.g., CDD/EDD triggers, reporting thresholds, suspension periods for transactions, penalties, and reporting obligations).

  • The framework strongly emphasizes non-financial sectors (DNFBPs), cross-border risks, and emerging risk areas such as CASPs and digital/virtual assets.

  • The material emphasizes the interdependence of institutions: BoD governance, AMLCO, internal audit, MOKAS, CySEC, and the UIS/SEOK bodies all play complementary roles in AML/CFT enforcement.

*Notes: Where figures are given in the material, they are reproduced here with LaTeX formatting where applicable, e.g. thresholds and penalties: 15,000€15{,}000; 1,000,000€1{,}000{,}000 fines; 50,000€50{,}000 penalties; setup/suspension durations: 7 business days; 30 business days; retention: 55 years; TF life-imprisonment: up to life (depending on law); PEP monitoring: 12 months post-public function; etc.