16.18.1The Licensed Person must continuously monitor transactions on a risk-sensitive basis which must consist of the following:
a)Scrutinizing the transactions concluded by a customer to ensure that transactions are consistent with the Licensed Person’s knowledge of the customer, the customer’s business, risk profile, the source of funds and where necessary, source of the customer’s wealth; and
b)Reviewing the records of a customer to ensure that documents and information collected using KYC measures and ongoing monitoring for the customer are kept up-to-date and relevant.
16.18.2The Licensed Person must introduce automated systems and tools to support transaction monitoring appropriate to the nature, size and complexity of its business;
16.18.3The monitoring systems must be configured to identify abnormal/unusual transactions, patterns of activities or behaviours of customers by defining sufficient number of rules and parameters within the system. Special attention must be given to third party transactions while defining rules and parameters;
16.18.4Information related to the expected annual activity collected at the time of customer onboarding process must be used to assess any deviations or unusual behaviours/patterns;
16.18.5All abnormal/unusual transactions must be investigated and supporting records must be retained for the minimum retention period as per Paragraph 16.24 of this Chapter; and
16.18.6After investigation of abnormal/unusual transactions, if reasonable grounds are established to suspect money laundering, terrorist financing and/or financing of illicit organizations, such transactions must be reported to the FID immediately. Please refer to Paragraph 16.21.2 of this Chapter for further information.