Cabo Verde -- AML/CFT Compliance Regulatory Overview

**Law No. 10/VIII/2011, of 23 May:** This is the foundational law on the Prevention and Combat of Money Laundering, Financing of Terrorism and Proliferation of Weapons of Mass Destruction. It establishes the general framework for AML/CFT obligations, including customer due diligence, suspicious transaction reporting, and record-keeping.

**Decree-Law No. 4/2015, of 19 January:** This decree-law approves the Regulation for the Implementation of Law No. 10/VIII/2011, providing more detailed guidance on how the AML/CFT obligations are to be met.

**Circulars and Regulations from the Central Bank of Cabo Verde (Banco de Cabo Verde - BCV):** The BCV issues specific instructions and guidelines to financial institutions under its supervision to ensure compliance with the AML/CFT framework. While there might not be explicit crypto-specific circulars yet, general AML/CFT circulars apply, and the BCV would interpret their scope to include relevant virtual asset activities.

**Individuals:** Obtain and verify identity using reliable, independent source documents, data, or information (e.g., full name, date of birth, nationality, physical address, unique identification number like a passport or national ID).

**Legal Persons/Entities:** Obtain and verify legal name, legal form, proof of existence, powers that regulate and bind the entity, and names of individuals holding senior management positions. Identify and verify the ultimate beneficial owner (UBO) – typically any natural person holding 25% or more of the shares or voting rights, or otherwise exercising control.

**Understanding Purpose and Nature of Business Relationship:** Obtain information on the purpose and intended nature of the business relationship or occasional transaction.

**Ongoing Monitoring:** Continuously monitor the business relationship and transactions to ensure they are consistent with the VASP's knowledge of the customer, their business, and risk profile. This includes reviewing customer records and updating information as needed.

**Risk-Based Approach:** Apply CDD measures on a risk-sensitive basis:

**Simplified Due Diligence (SDD):** May be permitted for lower-risk customers or transactions, provided the VASP can demonstrate the lower risk.

**Enhanced Due Diligence (EDD):** Required for higher-risk customers or transactions, including:

Customers from high-risk jurisdictions (as identified by FATF or local authorities)

Complex, unusually large transactions, or unusual patterns of transactions that have no apparent economic or lawful purpose.

Transactions involving new technologies or products that favor anonymity.

**Reporting Obligation:** Immediately report any transaction (or attempted transaction), regardless of the amount, that the VASP suspects to be related to money laundering, terrorist financing, or proliferation financing.

**No Tipping-Off:** Prohibit the disclosure to the customer or any third party that a suspicious transaction report is being or has been made, or that an AML/CFT investigation is being conducted.

**Reporting Timeline:** Reports must typically be made as soon as suspicion is formed, without delay.

**Transaction Records:** All necessary records regarding domestic and international transactions, sufficient to reconstruct individual transactions.

**Customer Identification Data:** Copies of all identification documents, account files, and business correspondence.

**CDD Analysis:** Documentation of all analyses undertaken regarding CDD, including the rationale for risk assessments.

**Retention Period:** Records must be retained for at least **five (5) years** after the business relationship ends or after the date of an occasional transaction. These records must be readily available to competent authorities upon request.

**Unidade de Informação Financeira (UIF) – Financial Intelligence Unit:**

**Role:** The UIF is the central national authority responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) and other financial intelligence to competent authorities for investigation and prosecution of money laundering, terrorist financing, and proliferation financing.

**Banco de Cabo Verde (BCV) – Central Bank of Cabo Verde:**

**Role:** The BCV is the supervisory authority for the financial sector. It is responsible for licensing, regulating, and supervising financial institutions, including banks, payment service providers, and potentially VASPs if they are brought explicitly under its regulatory purview (e.g., through specific VASP licensing frameworks). The BCV issues prudential regulations and conducts inspections to ensure compliance with AML/CFT obligations.

**Evolving Landscape:** The regulatory landscape for virtual assets is constantly evolving globally. While specific VASP licensing frameworks might not yet be fully formalized in Cabo Verde, VASPs are strongly advised to adhere to the existing general AML/CFT framework and follow FATF recommendations.

**Proactive Engagement:** VASPs should proactively engage with the BCV and UIF to understand current expectations and any forthcoming guidance or regulations.

**Legal Advice:** It is highly recommended for any VASP operating or planning to operate in Cabo Verde to seek independent legal advice from a local expert specializing in financial regulation to ensure full compliance with current and future requirements.

**Decree-Law No. 4/2020 of January 27, 2020** (Lei n.º 4/2020 de 27 de Janeiro) – *Regime de Prevenção e Combate ao Branqueamento de Capitais e ao Financiamento do Terrorismo (AML/CFT Law)*.

This law defines "virtual assets" and "Virtual Asset Service Providers (VASPs)" and subjects them to the same AML/CFT obligations as traditional financial institutions.

It mandates customer due diligence (CDD), suspicious transaction reporting (STR), record-keeping, and compliance with international sanctions.

**Legal Reference:** While a direct public URL for the *Boletim Oficial* can be challenging for older decrees, the law is officially published in **Boletim Oficial n.º 4, I Série, de 27 de janeiro de 2020**. The Banco de Cabo Verde (BCV) is the primary regulator and refers to this law.

**Reference Point (BCV Legal Framework):** Banco de Cabo Verde – Quadro Legal (Portuguese).

URL: https://www.bcv.cv/pt/publicacoes/Pages/quadro-legal.aspx (This page lists relevant legislation, including the AML/CFT law).

Cabo Verde, as a member state of the United Nations, is legally bound to implement the sanctions regimes adopted by the UN Security Council (UNSC).

Decree-Law No. 4/2020 obligates reporting entities (including VASPs) to comply with international obligations to combat terrorist financing, which includes implementing UNSC resolutions on asset freezes and prohibitions against designated individuals and entities.

VASPs must screen their customers and transactions against the **UN Security Council Consolidated List** (individuals and entities subject to asset freeze, travel ban, and arms embargoes).

**Legal Reference (UN Sanctions):** United Nations Security Council Sanctions Committees

While OFAC sanctions are not directly *Cabo Verdean law*, any VASP (regardless of location) that engages in transactions involving U.S. persons, U.S. dollar denominated transactions, or that has a U.S. nexus (e.g., using U.S.-based blockchain analytics tools, or U.S. payment rails) falls under OFAC's jurisdiction.

Cabo Verdean VASPs dealing with international partners or using widely adopted stablecoins (like USDT, USDC, which are USD-pegged) must de facto implement OFAC compliance measures to avoid secondary sanctions or being cut off from crucial financial infrastructure.

This requires screening against the **OFAC Specially Designated Nationals (SDN) and Blocked Persons List** and other OFAC sanctions lists.

**Legal Reference (OFAC):** U.S. Department of the Treasury – Office of Foreign Assets Control (OFAC)

Similar to OFAC, EU sanctions are not directly *Cabo Verdean law*. However, due to close ties with Europe, and if a VASP has any nexus to the EU (e.g., EU-based customers, partners, or operations), it would be subject to EU sanctions extraterritorial reach.

Compliance involves screening against the **EU Consolidated List of persons, groups and entities subject to EU financial sanctions**.

**Legal Reference (EU Sanctions):** European Union Sanctions Map

**Conduct Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD):** This includes identifying and verifying customers' identities and beneficial owners.

**Screen against Sanctions Lists:** Regularly screen all customers, beneficial owners, and transactional parties against relevant national and international sanctions lists (UN, OFAC, EU). This must be done at onboarding and on an ongoing basis.

**Identify Politically Exposed Persons (PEPs):** Apply enhanced scrutiny to transactions involving PEPs, as they carry higher corruption and illicit finance risks.

**Monitor Transactions:** Implement systems to monitor transactions for suspicious activity, including attempts to circumvent sanctions.

**Report Suspicious Transactions:** Immediately report any transactions involving sanctioned individuals or entities, or any attempt to evade sanctions, to the **Unidade de Informação Financeira (UIF)** – Cabo Verde's Financial Intelligence Unit.

**Legal Reference (UIF):** Unidade de Informação Financeira (UIF)

URL: https://www.uif.cv/ (Their website details their role and reporting obligations).

**Restricted Jurisdictions:** Transactions involving individuals or entities located in, or associated with, countries subject to comprehensive UN, OFAC, or EU sanctions (e.g., Iran, North Korea, Syria, Cuba, certain regions of Ukraine/Russia) would typically be prohibited or severely restricted.

**High-Risk Jurisdictions:** While not outright prohibited, transactions with jurisdictions identified by the FATF or other international bodies as high-risk for AML/CFT deficiencies may require enhanced due diligence.

**Legal Reference (FATF High-Risk Jurisdictions):** FATF - High-Risk Jurisdictions subject to a Call for Action

**Administrative Fines:** Significant monetary penalties can be imposed by the Banco de Cabo Verde or the UIF.

**Criminal Sanctions:** Individuals involved in money laundering or terrorist financing, or serious breaches of AML/CFT laws, can face imprisonment.

**License Revocation:** VASPs failing to comply may have their licenses or authorizations revoked by the regulatory authorities.

**Reputational Damage:** Non-compliance can lead to severe reputational harm, loss of business, and difficulties in accessing banking and other financial services.

**Extraterritorial Penalties:** For breaches of OFAC or EU sanctions, relevant entities or individuals could face penalties directly from U.S. or EU authorities, even if not physically located in those jurisdictions, if there's sufficient nexus.

**UN Security Council Consolidated List:** This is the primary list that Cabo Verdean law directly mandates compliance with for asset freezes related to terrorism and proliferation.

**OFAC SDN List and other OFAC lists:** Essential for any VASP dealing in USD or with a U.S. nexus.

**EU Consolidated List:** Important for VASPs with an EU nexus.