Directive regarding management of AML and CTF risks (Hebrew)​

Banking Supervision Department today published for public comment a revision to
Proper Conduct of Banking Business Directive #411 on the issue of “Anti- Money
Laundering and Prohibition on Terrorism Financing Risk Management”.


revision brings the new Directive in line with the most up to date
international standards on the issue of the Prohibition on Money Laundering and
Terrorism Financing, and is expected to assist in the State of Israel being
accepted as a full member of FATF.


existing directive, “Prevention of Money Laundering and Terrorism Financing,
and Customer Identification” was expanded and reorganized as a risk management
directive (hence the name was changed as well), and it includes operative
risk-management tools. Following are the main changes in the directive:

a.   Corporate Governance—The detailed list of roles of corporate governance functions was
expanded, and they were aligned with compliance risk management covered in
Proper Conduct of Banking Business Directive #308, “Compliance and the
Compliance Function in a Banking Corporation”. Likewise, the issues covered in Prohibition
on Money Laundering and Terrorism Financing policy were expanded, such as
decisions by the Sanctions Committee of the United Nations Security Council.

b.    Risk assessment—The
factors on which a banking corporation must base the execution of a risk
assessment were detailed, and the information base that a banking corporation
must collect from internal and external entities in order to formulate the risk
assessment was also detailed.

c.    Risk mitigation—When
establishing Know Your Customer policies and procedures, the banking corporation
must take into account the risk factors detailed in the Directive. Risk factors
are segmented by customers, countries and territories, and products, services
and distribution channels. Within this framework, a banking corporation is
required to assess, via a structured and automated questionnaire, the level of Prohibition
on Money Laundering and Terrorism Financing risk it is exposed to by activities
vis-à-vis customers, based on, among other things, the risk variables detailed
in the Directive, while weighting the risk factors. When a customer is
identified as being high risk, the banking corporation is required to take one
or more of the actions listed in the Directive, such as requiring additional
information, receiving references or approval from senior management.

d.    Risk activities—The new Directive consolidates in
one chapter all the risky activities that were in the previous directive and
that appeared in Supervisor Letters in the past. Emphasis was placed on the
issue of managing an account for domestic politically exposed persons and
senior officials in international organizations, in addition to the issue of
managing an account for foreign politically exposed persons, which appeared in
the existing Directive. Likewise, it was prohibited to open new numbered
accounts, and banking corporations are to work to switch numbered accounts to
regular accounts by December 31, 2017.

e.   Scope of activity (group risk management)—Requirements were detailed for formulating group
policies for banking corporations that conduct international activities through
subsidiaries or branches in jurisdictions outside of Israel. Among other
things, it was established that in a case in which a banking corporation is
required to implement the more stringent directives (between the local
requirements and those of this Directive), and they contradict the legal
directives of the host country, additional controls are to be set, and the
continued activity in that country should be considered.


The revisions to the Directive will go into effect on
January 1, 2018.​