Belize -- AML/CFT Compliance Regulatory Overview

**International Financial Services Commission (IFSC) Belize:** This is the primary regulator for VASPs. Their website often contains guidance and information on regulated entities.

**Role:** The IFSC is responsible for issuing licenses, setting regulatory standards, and overseeing compliance for entities offering international financial services, including virtual asset services.

**Financial Intelligence Unit (FIU) of Belize**

**Role:** The FIU is the central national agency responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) to law enforcement agencies.

**Virtual Asset Services Act, 2023 (VASA)**

This is the specific legislation that regulates virtual asset services in Belize. It defines VASPs and establishes the licensing and regulatory requirements, including the application of AML/CFT measures.

**Money Laundering and Terrorism (Prevention) Act (MLTPA) [Revised Edition 2011 & subsequent amendments]:**

This is Belize's overarching AML/CFT legislation. VASPs are designated as "reporting entities" under this Act, making them subject to its full range of obligations, including customer due diligence, record-keeping, and suspicious transaction reporting.

This Act establishes the FIU and outlines its functions and powers, including the process for reporting suspicious transactions.

Various statutory instruments and regulations issued under the MLTPA and VASA provide more detailed guidance on specific AML/CFT obligations.

Obtain and verify the customer's full name, date of birth, nationality, physical address, and government-issued identification number (e.g., passport, national ID card, driver's license).

Verify identity using reliable, independent source documents, data, or information (e.g., copies of ID, proof of address utility bills).

**Legal Persons/Arrangements (e.g., companies, trusts):**

Obtain and verify the legal entity's name, legal form, proof of existence (e.g., certificate of incorporation), physical address, and details of its directors/partners.

Understand the ownership and control structure of the legal person/arrangement.

Identify and verify the identity of the **beneficial owner(s)** – any natural person(s) who ultimately owns or controls the customer, directly or indirectly, through more than 25% of the shares or voting rights, or otherwise exercises control over the entity.

**Purpose and Intended Nature of Business Relationship:** Understand the purpose and intended nature of the business relationship (e.g., why the customer wants to use the VASP's services, expected transaction volumes and types).

**Source of Funds/Wealth:** For higher-risk customers or transactions, VASPs must take reasonable measures to establish the source of funds or source of wealth.

Continuously monitor the business relationship and transactions to ensure they are consistent with the VASP's knowledge of the customer, their business, and risk profile.

Regularly update customer information, especially for high-risk customers.

**Risk-Based Approach:** VASPs must apply a risk-based approach to CDD, meaning that the intensity and nature of CDD measures should be commensurate with the money laundering and terrorism financing risks identified. This involves:

**Simplified CDD (SCDD):** For lower-risk situations, if permitted by regulations.

**Enhanced CDD (ECDD):** For higher-risk situations, such as customers from high-risk jurisdictions, Politically Exposed Persons (PEPs), or complex transactions. This includes obtaining additional information, increased frequency of monitoring, and requiring senior management approval for establishing or continuing relationships.

**Sanctions Screening:** Screen customers and transactions against relevant international sanctions lists (e.g., UN, OFAC).

Belize has committed to adopting the FATF Travel Rule for virtual asset transfers by July 2026, but it is not yet implemented or in effect.

**Obligation to Report:** If a VASP knows, suspects, or has reasonable grounds to suspect that funds are the proceeds of a criminal activity, or are related to terrorism financing, it must promptly file an STR with the FIU.

**Timeliness:** Reports must be filed without delay, typically within a few business days of forming the suspicion.

**"No Tipping Off":** VASPs and their employees are prohibited from disclosing to the customer or any third party that an STR has been or will be filed.

**Internal Reporting:** VASPs must establish internal procedures for employees to report suspicious activities to a designated Money Laundering Reporting Officer (MLRO) within the VASP.

**CDD Records:** All documents and information obtained during the CDD process (e.g., identity documents, beneficial ownership information, risk assessments).

**Transaction Records:** Records of all transactions, including amounts, dates, types of virtual assets, sender and receiver information, and transaction hashes.

**Business Correspondence:** Records of communications with customers regarding their transactions and accounts.

**Internal Policies and Procedures:** Documentation of the VASP's AML/CFT policies, procedures, and internal controls.

**STRs:** Copies of all STRs filed and any related internal documentation.

**Duration:** Records must typically be retained for at least **five (5) years** from the date of the transaction or from the end of the business relationship, whichever is later.

**Designated Non-Financial Businesses and Professions Act, 2021:** https://www.fsc.gov.bz/wp-content/uploads/2021/04/Designated-Non-Financial-Businesses-and-Professions-Act-2021.pdf

**Anti-Money Laundering and Countering the Financing of Terrorism Regulations, 2022:** https://www.fsc.gov.bz/wp-content/uploads/2022/10/Anti-Money-Laundering-and-Countering-the-Financing-of-Terrorism-Regulations-2022.pdf

Exchange between virtual assets and fiat currencies is regulated under the Belize Digital Asset Services Licensing Regulations, 2025, which establishes a licensing regime for digital asset service providers, including such exchanges.

Exchange between one or more forms of virtual assets is a regulated activity in Belize, subject to licensing under the Digital Asset Services Licensing Regulations, 2025, which currently includes a licensing freeze.

**Custody** and/or administration of virtual assets or instruments enabling control over virtual assets.

**Participation in and provision of financial services related to an issuer's offer and/or sale of a virtual asset.**

**Exchanges:** Firms operating virtual asset exchanges (fiat-to-crypto, crypto-to-crypto) explicitly fall under points 1 and 2 and **require registration** as a VASP.

**Custody Providers:** Entities providing services for the custody or administration of virtual assets (e.g., wallet providers holding private keys for clients) explicitly fall under point 4 and **require registration** as a VASP.

**Payment Processors:** If a payment processor facilitates payments using virtual assets (e.g., processing payments in stablecoins or converting crypto to fiat for merchants), they would fall under "transfer of virtual assets" (point 3) or "exchange" (points 1 & 2) and therefore **require registration** as a VASP. If they only process fiat payments *for* crypto services without touching virtual assets themselves, they might not be a VASP, but general payment services might have separate regulations. For any involvement with VAs, VASP registration is necessary.

The VASP must be incorporated as a legal entity in Belize (e.g., an International Business Company - IBC).

The DNFBP Act **does not specify a fixed minimum capital requirement** for VASPs in the same way a banking license would.

However, applicants must demonstrate **sufficient financial resources** to operate effectively, maintain robust AML/CFT systems, meet operational expenses, and ensure the continuity of services. The FSC will assess the financial soundness, business plan, and projected expenditures to ensure the VASP can sustain its operations and comply with regulatory obligations.

**AML/CFT Program:** Implementation of a comprehensive AML/CFT program tailored to the VASP's specific risks, including policies, procedures, and internal controls.

**Money Laundering Reporting Officer (MLRO):** Appointment of a qualified and experienced MLRO based in Belize, responsible for overseeing AML/CFT compliance and reporting suspicious activities.

**Risk Assessment:** Conducting a comprehensive risk assessment of the VASP's business, customers, products/services, and geographic areas of operation.

**Customer Due Diligence (CDD):** Implementing robust CDD procedures for all customers, including:

Verification of identity (individuals and legal entities).

Understanding the nature and purpose of the business relationship.

Ongoing monitoring of business relationships.

**Enhanced Due Diligence (EDD):** Applying EDD measures for higher-risk customers, politically exposed persons (PEPs), and complex transactions.

**Record-Keeping:** Maintaining records of all transactions, CDD information, and other relevant data for a specified period (typically at least 5 years).

**Suspicious Transaction Reporting (STR):** Procedures for identifying and reporting suspicious transactions to the Financial Intelligence Unit (FIU) of Belize.

**Employee Training:** Regular AML/CFT training for all relevant employees.

**Internal Audit/Review:** Independent review of the AML/CFT program's effectiveness.

**Registered Office:** A physical registered office address in Belize is mandatory.

While not always strictly requiring local directors for all VASPs, having local management, compliance officers, and an MLRO with a demonstrable understanding of Belizean law is often expected and facilitates effective oversight.

**Robust Governance:** Clear organizational structure, lines of responsibility, and management oversight.

**Risk Management:** Comprehensive risk management framework addressing operational, technological, financial, and reputational risks.

**Technology and Security:** Secure and reliable IT systems, robust cybersecurity measures, data protection protocols, and business continuity plans appropriate for managing virtual assets.

**Audited Financials:** Submission of audited financial statements.

**Preliminary Consultation (Optional but Recommended):** Engaging with the FSC to discuss the proposed business model and clarify regulatory expectations.

Detailed business plan (including services offered, target market, operational procedures, technology infrastructure).

Comprehensive AML/CFT Policy and Procedures Manual.

Corporate governance documents (e.g., Memorandum and Articles of Association).

Due diligence documents for all directors, beneficial owners, and key management personnel (e.g., passports, utility bills, résumés, police certificates, professional references).

Any other information requested by the FSC.

**Submission of Application:** Formal submission of the complete application package to the FSC.

**FSC Review and Due Diligence:** The FSC will conduct a thorough review of the application, including background checks on all relevant individuals and an assessment of the proposed operations and AML/CFT framework.

**Information Requests/Interviews:** The FSC may request additional information or conduct interviews with key personnel.

**Approval or Refusal:** Upon satisfactory review, the FSC will issue a Certificate of Registration. If the application is deemed insufficient or non-compliant, it may be refused.

**Ongoing Compliance:** Once registered, VASPs are subject to ongoing reporting obligations, periodic audits, and continuous compliance with the DNFBP Act, AML/CFT Regulations, and any other directives issued by the FSC.

**Virtual Assets and Initial Token Offerings Act, 2021 (VAITO Act):**

**URL:** While the specific official government gazette link can be hard to find directly, the Act is published by the Belize National Assembly and is available through legal databases or via the IFSC. A key source for the intent and implementation is usually the regulator's pronouncements.

**Section 3:** Defines "virtual asset" and "virtual asset service provider" (VASP), bringing crypto entities under regulation.

**Section 19:** Mandates that a VASP (and applicants) must comply with the requirements of the Money Laundering and Terrorism (Prevention) Act (MLTPA).

**Section 20:** Requires VASPs to establish and maintain adequate internal controls, risk management systems, and other procedures for compliance with AML/CTF obligations, including sanctions.

**Section 21:** Grants the IFSC powers to issue directives, guidelines, and codes of practice to VASPs regarding AML/CTF compliance.

**URL:** A consolidated version can be hard to link directly, but the Act is foundational.

**Overall:** This is Belize's principal AML/CTF legislation. It establishes the framework for identifying, reporting, and preventing money laundering and terrorist financing.

**Terrorism Financing:** Crucially, it criminalizes terrorism financing and provides the legal basis for implementing UN Security Council Resolutions (UNSCRs) related to the freezing of assets of designated persons and entities.

**Obliged Entities:** While VASPs are specifically brought under its ambit by the VAITO Act, the MLTPA outlines the general duties for all financial institutions regarding suspicious transaction reporting, customer due diligence, and record-keeping.

**Financial Intelligence Unit (FIU) Belize:**

The FIU is the central agency responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) and other financial information to combat ML/TF. It also provides guidance and oversight for reporting entities.

**Direct Obligation:** Belize, as a UN member state, is legally bound to implement UNSCRs, particularly those related to terrorism financing (e.g., UNSCRs 1267, 1373, 1988) and other proliferation financing.

**Mechanism:** The MLTPA and related regulations provide the legal mechanism for giving effect to these resolutions in Belizean law, including the freezing of assets of individuals and entities designated by the UN Security Council.

**VASP Requirement:** VASPs in Belize are legally required to screen their customers and transactions against the **UN Security Council Consolidated List** (individuals and entities associated with ISIL (Da'esh) and Al-Qaida) and the **1988 Sanctions List** (Taliban), as well as any other persons or entities designated by the FIU or competent authority under the MLTPA in line with UNSCRs.

**OFAC/EU Sanctions Compliance (Indirect but Critical):**

**Extraterritorial Reach:** While Belizean law does not *directly* enforce OFAC (U.S. Department of the Treasury's Office of Foreign Assets Control) or EU sanctions lists as its own, compliance is a practical necessity for any VASP operating globally.

**Correspondent Banking/Interoperability:** Most fiat on/off-ramps for crypto, and many global blockchain service providers, are subject to U.S. or EU jurisdiction. Failure to comply with OFAC or EU sanctions by a Belizean VASP could lead to:

Loss of correspondent banking relationships.

Inability to access global crypto exchanges or liquidity providers.

Reputational damage and blacklisting by international partners.

Potential secondary sanctions if dealing with U.S. or EU designated persons/entities.

**VASP Best Practice:** Therefore, reputable Belizean VASPs adopt a best practice approach of screening against the **OFAC Specially Designated Nationals (SDN) and Blocked Persons List** and the **EU Consolidated List of Persons, Groups and Entities Subject to EU Financial Sanctions** in addition to the UN lists.

**Implement a Risk-Based Approach:** Develop and maintain a comprehensive AML/CTF program, including sanctions screening, proportional to their identified risks.

**Customer Due Diligence (CDD) / Enhanced Due Diligence (EDD):** Conduct thorough CDD on all customers, identifying beneficial owners. EDD is required for higher-risk customers and transactions.

**Mandatory:** Screen all customers (new and existing) and relevant parties to transactions against the **UN Security Council Consolidated List**.

**Highly Recommended (Industry Best Practice/Practical Necessity):** Screen against the **OFAC SDN List** and the **EU Consolidated List**, given the global nature of virtual asset transactions and the international financial system.

**Ongoing Monitoring:** Continuously monitor customer accounts and transactions for red flags, including potential links to sanctioned entities or high-risk jurisdictions.

**Freezing of Assets:** Immediately freeze any virtual assets (or fiat currency held by the VASP) belonging to a sanctioned person or entity identified on a UN sanctions list (or any other list as directed by the FIU/IFSC) and report the freeze to the FIU without delay.

**Risk Assessment:** Conduct thorough jurisdictional risk assessments.

**FATF High-Risk Jurisdictions:** Pay particular attention to countries identified by the FATF as "High-Risk Jurisdictions subject to a Call for Action" (e.g., North Korea, Iran) or "Jurisdictions under Increased Monitoring" (FATF grey list). Transactions involving these countries should trigger enhanced due diligence.

**OFAC/EU Sanctioned Countries:** Avoid facilitating transactions with, or offering services to, individuals or entities in comprehensively sanctioned jurisdictions (e.g., Cuba, Iran, North Korea, Syria, regions of Ukraine controlled by Russia, by OFAC standards) to prevent exposure to secondary sanctions.

**Internal Policies:** Implement internal policies to restrict or prohibit services to certain high-risk jurisdictions based on their own risk appetite and international obligations.

**Section 36:** Imposes administrative fines on VASPs for non-compliance with the Act or conditions of their license.

**Section 37:** Criminalizes operating as a VASP without a license, with penalties including fines (e.g., up to BZ$100,000 for an individual, BZ$500,000 for a body corporate) and/or imprisonment (up to 5 years).

**Section 38:** Specifies penalties for providing false information to the IFSC (fines up to BZ$50,000 or imprisonment up to 2 years).

**License Revocation:** The IFSC also has the power to suspend or revoke a VASP's license for serious or persistent non-compliance.

**Money Laundering and Terrorism (Prevention) Act:**

**Fines and Imprisonment:** Provides for substantial fines and terms of imprisonment for offenses related to money laundering, terrorist financing, and non-compliance with reporting or due diligence obligations. These can range from tens of thousands to hundreds of thousands of Belize dollars and several years of imprisonment, particularly for senior management and beneficial owners.

**Asset Forfeiture:** Assets involved in or derived from criminal activities, including ML/TF, are subject to forfeiture.

**UN Security Council Resolutions:** Belize domestically implements sanctions imposed by the UN Security Council (e.g., against individuals and entities linked to terrorism or proliferation). These lists are generally published and updated by the UN and then reflected in domestic directives or legislation.

**No Belizean Crypto-Specific List:** There is no separate Belizean list that specifically targets crypto addresses or individuals solely for crypto-related offenses. Sanctioned individuals or entities, regardless of how they transact, would fall under the general sanctions regime.

The IFSC was replaced by the Financial Services Commission (FSC) of Belize in 2011; the official regulatory authority for Belize's financial sector is now the FSC.

**Financial Intelligence Unit (FIU) Belize:** Provides AML/CTF guidance and handles STRs.

**URL:** FIU Belize Official Website

**UN Security Council Consolidated List:**

**URL:** UN Sanctions Committee Website

**OFAC Specially Designated Nationals (SDN) List:**

**EU Consolidated List of Persons, Groups and Entities Subject to EU Financial Sanctions:**

**URL:** EU Sanctions Map (Consolidated List)

**FATF Recommendations:** The global standard for AML/CTF, including for virtual assets.

**Yes, in principle, VASPs are covered by AML/CFT laws.** Belize has amended its primary AML/CFT legislation to include VASPs as reporting entities.

**International Financial Services Commission Act (IFSC Act) and relevant Regulations:** Amended to bring VASPs under the scope of licensing and supervision by the International Financial Services Commission (IFSC).

**However, specific Travel Rule implementation guidance is *not yet adopted*.** The FATF MER explicitly states that Belize has *not yet* issued specific guidance or regulations detailing how the Travel Rule should be implemented by VASPs.

The amendments to the MLTPA and IFSC Act to cover VASPs were put in place *prior* to the assessment period of the May 2023 FATF MER (i.e., before late 2022).

**There is no effective date for specific Travel Rule implementation guidance** because such guidance has not yet been issued.

**No specific threshold amounts for the Travel Rule have been established** in Belize.

Since detailed regulations or guidance for the Travel Rule's implementation are absent, there are no prescribed values (like the FATF's recommended €1,000 equivalent) for when VASP-to-VASP data sharing is required for virtual asset transfers.

General AML reporting thresholds for suspicious transactions would apply, but these are distinct from the Travel Rule.

VASPs, as broadly defined by the FATF (and presumably adopted into Belizean law via the MLTPA and IFSC Act), are covered as reporting entities. This typically includes entities that:

Exchange between virtual assets and fiat currencies.

Exchange between one or more forms of virtual assets.

Safeguard virtual assets or instruments enabling control over virtual assets.

Participate in and provide financial services related to an issuer's offer and/or sale of a virtual asset.

These entities are subject to licensing and supervision by the IFSC.

**None specifically issued for the Travel Rule.** The FATF MER highlights this as a major deficiency.

VASPs are generally expected to comply with standard AML/CFT requirements such as customer due diligence (CDD), record-keeping, and suspicious transaction reporting (STR). However, the specific technical requirements for collecting, storing, and transmitting originator and beneficiary information for virtual asset transfers (as per the Travel Rule) have not been detailed.

VASPs, as reporting entities, are subject to the general penalty provisions under the MLTPA and the IFSC Act for non-compliance with AML/CFT obligations.

Suspension or revocation of licenses issued by the IFSC.

Potential criminal prosecution for severe breaches, especially those related to money laundering or terrorism financing offenses.

**FATF Concern:** The MER noted that while the legal framework for penalties exists, the overall effectiveness of sanctions applied to reporting entities (including VASPs) for AML/CFT breaches has historically been low.

Since the Travel Rule's specific implementation is not yet regulated, there are no penalties directly tied to its non-adherence, but failure to adhere to general AML/CFT requirements (e.g., inadequate CDD for a transaction that would fall under Travel Rule if implemented) would be subject to existing penalties.

**FATF Rating:** Belize was rated **Partially Compliant** for Recommendation 15 (Virtual Assets and VASPs), indicating significant deficiencies.

**Major Deficiency:** The FATF specifically pointed out that "Belize has not yet issued specific guidance or regulations detailing the implementation of the Travel Rule for VASPs, including how to collect, store, and transmit required information."

**Recommendation:** The FATF urged Belize to "issue guidance for VASPs on the implementation of the Travel Rule."

**FATF Website - Belize Country Page:**

Navigate to the "Mutual Evaluation Report (May 2023)" for the full details.

**Financial Intelligence Unit (FIU) Belize:** (While not directly detailing Travel Rule, the FIU is the primary AML/CFT authority and would issue such guidance).