Phone: +55 11 3097-9991 |



(Original publish)

There is common ground requiring companies to have strong integrity programs, comply with laws and adopt strong internal controls. In relation to compliance, the Central Bank of Brazil determined under Circular no. 3865/2017 that payment institutions are to implement a compliance policy, a duty formerly applicable solely to financial institutions and other institutions authorized to operate by the Central Bank of Brazil under National Monetary Council Resolution no. 4595/2017.

The purpose of this article is however to address another important topic, a component of the greater matter that is to be in compliance with the law: the importance of adopting strict controls to identify clients, transactions and how to report information to authorities in view of something that is not ordinary.

Given Central Bank of Brazil Circular no. 3491/2009, as amended, payment institutions should comply with regulations to implement anti-money-laundering and anti-terrorism financing procedures.

These duties involve several actions: drafting policies and procedures, implementing client identification systems, including in case of politically exposed persons, preparing a transaction recording system and procedures to report unusual transactions to the Council for Control of Financial Activity – COAF.

One of the key points of Central Bank of Brazil Circular no. 3491/2009 is the implementation of a registration system for services provided to, and transactions entered into by, clients. Such system should allow the identification of transactions performed by the same person, conglomerate or group in excess of R$ 10,000.00 in the aggregate and transactions that as a matter of their frequency, amount or form characterize a deceptive method to circumvent identification, control and registration mechanisms.

Specifically for companies operating prepaid cards, the system should identify any issuance or top-up, considering one or more cards, in an aggregate amount equal to, or greater than R$ 50,000.00 or the equivalent amount in foreign currency, and the system should also be capable of identifying any circumstances that may contain indication of concealment or disguise of the nature, source, location, sale, transaction or ownership of assets, rights and money.

In view of the parties involved, amounts, frequency, form and instruments used, some transactions or circumstances may characterize indication of the criminal offense of money laundering. For example, one could list the following events: (i) use, initial or subsequent top-up of a payment card in an amount that is not consistent with the economic and financial capability, activity or profile of the user; (ii) several withdrawals using the card in automated tellers at locations that are both different and far from the place of purchase or top-up of the card; (iii) use of the card in a manner that is inconsistent with the profile of the client, including atypical transactions in other countries; (iv) use of several sources of money to buy and top up a card; (v) purchase or top-up of a card followed by withdrawals in automated tellers.

Several other circumstances may characterize indications of occurrence of criminal offenses and the regulations under Federal Law no. 9613/1998 also includes a number of other obligations.

As such, it is fundamental for companies that intermediate third party assets or use any electronic means allowing transfers of funds to register with the System for Control of Financial Activity – SISCOAF. This also applies to companies that are not subject to the Central Bank of Brazil’s authorization to operate.

It is also through SISCOAF that any reports and declarations applicable to activities that may indicate a suspicion of practice of the criminal offenses of money laundering and terrorism financing are made.

As shown, this topic involving the criminal offenses of money laundering and terrorism financing extends over a wide range of obligations and circumstances that cause market actors to need to be currently up to date and requires the implementation of strict transaction control mechanisms.