Cameroon -- AML/CFT Compliance Regulatory Overview

Cameroon, as a member of the Central African Economic and Monetary Community (CEMAC), adheres to the regional AML/CFT framework established by CEMAC, which has specific provisions for virtual assets and Virtual Asset Service Providers (VASPs).

Here's a breakdown of the AML/KYC requirements for cryptocurrency/virtual asset service providers in Cameroon:

1. AML/CFT Legislation

The primary AML/CFT framework governing VASPs in Cameroon is derived from regional CEMAC regulations and national laws:

• CEMAC Regulation No. 02/CEMAC/UMAC/CM/22 on the Fight Against Money Laundering and the Financing of Terrorism in the CEMAC Zone, with Specific Provisions for Virtual Assets: This is the most critical piece of legislation. Adopted in 2022, it explicitly defines "virtual assets" and "virtual asset service providers" and subjects VASPs to the same AML/CFT obligations as traditional financial institutions. It transposes the FATF Recommendations concerning virtual assets.
• Law No. 2016/007 of July 12, 2016, on the fight against money laundering and terrorist financing in Cameroon: This national law provides the general framework for AML/CFT in Cameroon, defining obliged entities, establishing the Financial Intelligence Unit (ANIF), and outlining sanctions. While it predates explicit VASP definitions, the CEMAC regulation extends its principles to VASPs.
• Other COBAC Regulations: The Central African Banking Commission (COBAC), the banking supervisor for CEMAC, issues regulations on prudential supervision which may eventually extend to certain aspects of VASPs, though the primary AML/CFT obligations flow from the CEMAC/national AML laws.

Key takeaway: VASPs in Cameroon are considered "obliged entities" under the AML/CFT framework, meaning they must comply with anti-money laundering and counter-terrorist financing requirements.

2. Customer Due Diligence (CDD) Requirements

VASPs in Cameroon must implement robust CDD measures, similar to traditional financial institutions. These include:

• Identification and Verification of Customers:
  • Collecting accurate and reliable identification data for natural persons (e.g., full name, date of birth, place of birth, nationality, residential address, unique identification number, source of funds/wealth).
  • Collecting accurate and reliable identification data for legal entities (e.g., name, legal form, registered address, registration number, articles of incorporation, beneficial ownership information).
  • Verifying identity using independent and reliable sources (e.g., government-issued ID documents, official registries).
  • Verifying identity before establishing a business relationship or conducting transactions above a certain threshold (often EUR 1,000 or equivalent).
• Identification of Beneficial Owners:
  • Taking reasonable measures to understand the ownership and control structure of legal entity customers.
  • Identifying the natural person(s) who ultimately own or control the customer (typically 25% ownership or more, or effective control).
  • Verifying the identity of beneficial owners.
• Understanding the Purpose and Nature of the Business Relationship:
  • Obtaining information on the intended purpose and nature of the business relationship or transaction.
  • Assessing the risk profile of the customer based on this information.
• Ongoing Monitoring:
  • Continuously monitoring business relationships and transactions to ensure they are consistent with the VASP's knowledge of the customer, their business, and their risk profile, including, where necessary, the source of funds.
  • Updating customer information and documentation regularly.
• Enhanced Due Diligence (EDD):
  • Applying EDD measures for high-risk situations, including:
    • Transactions involving high-risk countries or jurisdictions (e.g., those identified by FATF as high-risk or under increased monitoring).
    • Politically Exposed Persons (PEPs) and their family members/close associates.
    • Complex, unusually large transactions, or unusual patterns of transactions that have no apparent economic or lawful purpose.
    • Business relationships with non-face-to-face customers (where additional risk factors are present).
    • Any other situations identified by the VASP's risk assessment as presenting a higher risk of ML/TF.

3. Suspicious Transaction Reporting (STR)

VASPs are legally obliged to report suspicious transactions to the Financial Intelligence Unit (FIU).

• Reporting Obligation: VASPs must report any transaction (or attempted transaction) that they suspect, or have reasonable grounds to suspect, is related to money laundering or terrorist financing, regardless of the amount.
• Reporting Body: Reports must be made to the Agence Nationale d'Investigation Financière (ANIF), Cameroon's FIU.
• Timing: Reports must be submitted "without delay" once suspicion is formed.
• No Tipping-Off: VASPs and their employees are prohibited from disclosing to the customer or third parties that an STR has been or will be submitted.
• Immunity: VASPs and their employees are protected from civil or criminal liability for disclosing information in good faith to ANIF, even if they were unaware of the exact nature of the underlying criminal activity.

4. Record-Keeping Obligations

VASPs must maintain comprehensive records to facilitate investigations and demonstrate compliance:

• Retention Period: Records must generally be kept for a period of five (5) years after the termination of the business relationship or after the date of the occasional transaction.
• Types of Records:
  • Customer Identification Data: Copies of identity documents, verification records, beneficial ownership information, and CDD analyses.
  • Transaction Data: Records of all transactions, including amounts, currencies, dates, sender and recipient information, and any relevant messages.
  • Business Correspondence: Records of communications with customers regarding their transactions and business relationships.
  • STRs and Internal Reports: Copies of all suspicious transaction reports filed, as well as any internal reports or analyses leading to the suspicion.
  • Risk Assessments: Documentation of customer risk assessments and the rationale for their classification.

5. Oversight Authority

The primary authority overseeing AML/CFT compliance for VASPs in Cameroon is:

• Agence Nationale d'Investigation Financière (ANIF) – Cameroon's Financial Intelligence Unit.
  • Role: ANIF is responsible for receiving, analyzing, and disseminating suspicious transaction reports to competent authorities (e.g., law enforcement) for investigation. It also monitors the implementation of AML/CFT measures by obliged entities, including VASPs.
  • Website (if available): ANIF's official presence can sometimes be found via government portals, but a direct, stable public website specifically for ANIF with its regulations can be challenging to locate for some FIUs. However, it functions under the Ministry of Finance.
  • General Information & Contact (often via official government sources): Searches for "ANIF Cameroon" usually direct to government publications or news.
    • While a specific, standalone URL for ANIF's direct operations might not be widely published or stable, its existence and role are enshrined in Cameroonian law.

Note on Prudential Supervision: While ANIF handles the AML/CFT oversight, the broader regulatory landscape for VASPs, including potential licensing or prudential supervision (beyond AML/CFT) by the Central African Banking Commission (COBAC) or the Bank of Central African States (BEAC), is still evolving. Currently, the most concrete and direct regulatory requirements for VASPs relate to AML/CFT, primarily enforced by ANIF.

Important Considerations:

• FATF Recommendations: Cameroon, through CEMAC, is committed to implementing the Financial Action Task Force (FATF) Recommendations. VASPs should stay updated on FATF guidance, especially Recommendation 15 and its Interpretive Note, which specifically address virtual assets and VASPs.
• Evolving Landscape: The regulatory landscape for virtual assets is rapidly evolving globally and in CEMAC. VASPs should continuously monitor for updates to regional CEMAC regulations and national Cameroonian laws.
• Professional Advice: It is highly recommended that VASPs operating in Cameroon seek legal and compliance advice from professionals with expertise in Cameroonian and CEMAC AML/CFT laws.