Bangladesh -- AML/CFT Compliance Regulatory Overview

It is crucial to understand that cryptocurrencies and virtual assets are currently not recognized as legal tender or permitted for transactions in Bangladesh. The Bangladesh Bank (BB), the central bank of Bangladesh, has repeatedly issued circulars warning against the use, holding, and trading of cryptocurrencies, citing their unregulated nature, volatility, and potential for money laundering and terrorist financing.

Therefore, there is no specific, dedicated AML/KYC regulatory framework for licensed cryptocurrency/virtual asset service providers (VASPs) in Bangladesh, as such entities are not permitted to operate legally.

However, if, at some point in the future, Bangladesh were to regulate virtual assets, any VASP would fall under the broader anti-money laundering and counter-financing of terrorism (AML/CFT) framework that applies to financial institutions and designated non-financial businesses and professions (DNFBPs). The principles would likely align with international standards set by the Financial Action Task Force (FATF).

Below, I will outline the general AML/CFT framework in Bangladesh, which would apply if VASPs were ever legalized and regulated, or to any entity suspected of engaging in financial crime, including illicit crypto activities.

AML/KYC Requirements for (Hypothetically Licensed) Cryptocurrency/Virtual Asset Service Providers in Bangladesh

1. AML/CFT Legislation:

Bangladesh has a robust general AML/CFT framework, primarily guided by:

• Anti-Money Laundering Act, 2012 (AMLA 2012): This is the principal legislation against money laundering. It defines money laundering, predicate offenses, outlines the responsibilities of reporting entities, and grants powers to the Bangladesh Financial Intelligence Unit (BFIU). It has been amended multiple times (e.g., in 2015).
• Anti-Terrorism Act, 2009 (ATA 2009): This Act addresses terrorism financing, outlining offenses and penalties related to financing terrorist acts. It has also been amended (e.g., in 2013).
• Relevant Rules and Guidelines: The Bangladesh Bank and BFIU issue various circulars, rules, and guidelines to implement the AMLA and ATA, detailing procedures for customer due diligence, suspicious transaction reporting, and record-keeping.

Note: These current laws and guidelines do not specifically mention "virtual assets" or "cryptocurrencies" as regulated financial instruments or services under their scope, reflecting their current prohibited status.

2. Customer Due Diligence (CDD) Requirements:

Based on the general AMLA 2012 framework, if VASPs were regulated, they would be subject to CDD requirements similar to traditional financial institutions. These would include:

• Identification and Verification:
  • Obtaining and verifying the identity of the customer (individual or legal entity) using reliable, independent source documents (e.g., National ID card, passport for individuals; incorporation documents for companies).
  • Identifying and verifying the identity of beneficial owners (those ultimately owning or controlling the customer).
• Understanding the Purpose and Nature of the Relationship: Obtaining information on the purpose and intended nature of the business relationship.
• Ongoing Monitoring:
  • Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship.
  • Ensuring that the transactions are consistent with the reporting entity’s knowledge of the customer, their business, and risk profile, including, where necessary, the source of funds.
• Enhanced Due Diligence (EDD):
  • Applying EDD measures for higher-risk customers, business relationships, or transactions. This includes:
    • Politically Exposed Persons (PEPs).
    • Customers from high-risk geographic areas.
    • Complex or unusually large transactions.
    • Transactions involving new or developing technologies (which would likely include virtual assets if they were regulated).
    • Requiring information on the source of funds or source of wealth.
    • Obtaining senior management approval for establishing or continuing relationships.

3. Suspicious Transaction Reporting (STR) / Suspicious Activity Reporting (SAR):

Reporting entities (which would include VASPs if regulated) are obligated to report any suspicious transactions or activities to the BFIU.

• Definition of Suspicion: Any transaction or attempted transaction, regardless of the amount, that gives rise to a reasonable suspicion that it may involve proceeds of crime or be linked to money laundering or terrorist financing.
• Reporting Mechanism: STRs must be submitted to the BFIU promptly, typically through a secure electronic platform (e.g., the goAML system if adopted/used by BFIU or a similar secure portal).
• No Tipping-Off: Reporting entities and their employees are prohibited from disclosing to the customer or any third party that an STR has been filed or that an AML/CFT investigation is underway.

4. Record-Keeping Obligations:

Reporting entities are required to maintain comprehensive records for a specified period to support AML/CFT investigations.

• Customer Identification Data: All identification documents, verification records, and CDD information.
• Transaction Records: All details of domestic and international transactions, including amount, currency, date, parties involved, and nature of the transaction.
• STRs: Copies of all suspicious transaction reports filed.
• Duration: Records must typically be retained for at least five (5) years after the business relationship is terminated or after the date of the transaction.

5. Overseeing Authority:

The primary authority responsible for overseeing AML/CFT compliance in Bangladesh is:

• Bangladesh Financial Intelligence Unit (BFIU): Operating under the Bangladesh Bank, the BFIU is the central agency for receiving, analyzing, and disseminating financial intelligence related to money laundering and terrorist financing. It issues guidelines, supervises compliance, and collaborates with domestic and international agencies.

  • Regulatory Body URL: Bangladesh Financial Intelligence Unit (BFIU) page on Bangladesh Bank website: https://www.bb.org.bd/bfiu/bfiu.php

Current Status and Conclusion:

Given the current prohibition, any entity attempting to operate as a VASP in Bangladesh would be doing so illegally and would be subject to penalties under existing laws for engaging in unauthorized financial activities and potentially for money laundering. Bangladesh's stance is aligned with a cautious approach to new financial technologies that lack robust regulatory oversight.

Should Bangladesh decide to regulate virtual assets in the future, it would likely issue specific regulations that incorporate FATF Recommendation 15 (New Technologies) and the FATF's guidance for a risk-based approach to virtual assets and VASPs. This would entail licensing requirements, specific VASP-tailored CDD, transaction monitoring, and reporting obligations.