Know Your Ongoing Bermuda AML/ATF Compliance Requirements

Oct 2024

Continued compliance with Bermuda’s anti-money laundering (AML) and anti-terrorist financing (ATF) legislation remains a hot topic for Bermuda regulated entities, especially those brought recently into scope by the Investment Business Act 2022 (the “IBA”). Under this newly amended legislation, a number of entities previously exempt (or minimally impacted) are now required to be formally registered or licensed – and this requirement brings with it new compliance obligations.

Compliance with Bermuda’s AML/ATF legal and regulatory framework requires registrants to adopt policies and procedures designed to prevent and detect money laundering and financing of terrorism and, where applicable, to report any suspicious activities and dealings with sanctioned persons. To demonstrate compliance, registrants must adopt policies and procedures addressing matters related to:

1. customer due diligence and client verification processes,
2. on-going monitoring procedures,
3. risk assessment methodology,
4. screening processes,
5. appropriate AML/ATF and sanctions training methods, and
6. record keeping.

Registrants must:

1. complete and document annual AML/ATF and sanctions training by all employees and personnel,
2. have an annual independent audit undertaken by a qualified independent third party, assessing compliance with AML/ATF and sanction requirements,
3. review AML/ATF policies and procedures on a regular basis, whenever there are legislative changes, and whenever results of national AML assessments are issued, and
4. maintain evidence of all of the above, making available for review at the request of the regulator.

Conyers recommends that clients review and assess their AML/ATF policies and procedures and annual compliance obligations to ensure they remain appropriate. We have seen significant growth in the team charged with regulatory oversight of the Bermuda AML/ATF Regime at the BMA, and a corresponding rise in onsite reviews and requests for information.

The expectation of the Authority is that all current and newly registered/licensed entities under the IBA will be fully compliant with the Bermuda AML/ATF Regime at all times. As such, clients should engage an appropriately qualified but independent individual within their group (such as an internal auditor) or a qualified independent third party (such as Conyers Regulatory Services) to undertake the required annual audit and ensure any gaps in policy or procedures are addressed. If you have not yet fully adopted or implemented AML/ATF Policies and Procedures, this should be urgently addressed to avoid the BMA restricting business activity and/or levying financial penalties.

Contact your usual Conyers contact or Conyers Regulatory Services if you have any questions or require assistance with AML/ATF Policies and Procedures.

These requirements are set out in the Proceeds of Crime Act 1997, as amended, (the “POCA”) and the Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing) Regulations 2008, as amended (together, the “POCA Regulations”).