Micronesia -- AML/CFT Compliance Regulatory Overview

**Anti-Money Laundering and Terrorist Financing Act 2017 (Title 27 of the FSM Code):** This act establishes the general framework for combating money laundering and terrorist financing, including obligations for financial institutions and designated non-financial businesses and professions (DNFBPs). While it may not explicitly mention "virtual assets" or "VASPs" as distinct regulated entities, the FSM, as an APG member, is expected to apply these requirements to VASPs in line with FATF Recommendation 15 (now Recommendation 16 in the context of the FATF's June 2019 Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers).

**FSM Banking Act 1980 (Title 29 of the FSM Code):** This act provides the general legal framework for banking and financial services. While it does not specifically regulate VASPs, any VASP that offers services resembling traditional financial services (e.g., custody of fiat currency, remittances) might fall under the purview or interpretation of this act or require specific licensing.

For **natural persons**: Obtaining and verifying identity using reliable, independent source documents, data, or information (e.g., government-issued ID, passport, driver's license).

For **legal entities**: Obtaining and verifying the legal name, form of organization, proof of existence, powers that regulate and bind the entity, and the names of relevant persons holding senior management positions.

**Beneficial Ownership:** Identifying and verifying the identity of the beneficial owner(s) of the customer, and taking reasonable measures to understand the ownership and control structure of legal persons and arrangements.

**Purpose and Intended Nature of Business Relationship:** Understanding the purpose and intended nature of the business relationship or transaction.

**Ongoing Monitoring:** Conducting ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions are consistent with the VASP's knowledge of the customer, their business, and risk profile.

**Risk-Based Approach:** Applying a risk-based approach to CDD, meaning enhanced CDD (EDD) measures must be applied to higher-risk customers (e.g., Politically Exposed Persons - PEPs, customers from high-risk jurisdictions, complex or unusually large transactions, or where the customer's identity verification poses higher risk) and simplified CDD (SCDD) may be applied to lower-risk customers.

Reporting any transaction (or attempted transaction) that gives rise to a reasonable suspicion that it may be related to money laundering, terrorist financing, or other criminal activity.

The obligation to report exists regardless of the amount or type of assets involved (fiat or virtual).

**No Tipping-Off:** Prohibitions against informing the customer or any third party that an STR has been filed or that an investigation is being conducted.

**Customer Identification Records:** All records obtained through CDD measures (e.g., copies of identification documents, verification data).

**Transaction Records:** Records of all transactions, including amounts, types of virtual assets, sending and receiving addresses/accounts, timestamps, and any other relevant transaction data.

**Business Correspondence:** All relevant business correspondence, including records of analysis performed.

**Financial Intelligence Unit (FIU) of the Federated States of Micronesia (FSM FIU)**

**Role:** The FSM FIU is the central national agency responsible for receiving, analyzing, and disseminating suspicious transaction reports and other financial intelligence. It provides guidance and oversight regarding AML/CFT compliance.

**Legal Basis:** The FSM enacted the **Anti-Money Laundering and Counter-Terrorist Financing Act 2011 (as amended 2020)**. The 2020 amendments were specifically introduced to address FATF Recommendations on VAs and VASPs, including the Travel Rule obligations. This amendment requires VASPs to register, be licensed, and comply with AML/CFT obligations.

Asia/Pacific Group on Money Laundering (APG) Enhanced Follow-Up Report & Technical Compliance Re-Rating - Federated States of Micronesia (July 2022). Specifically, pages 21-23 regarding Recommendations 15 (New Technologies) and 16 (Wire Transfers).

Link to APG Report (PDF) (Look for "Enhanced Follow-Up Report & Technical Compliance Re-Rating - Federated States of Micronesia (July 2022)")

**For cross-border transfers:** The Travel Rule information must be collected and transmitted for transactions equivalent to **USD 1,000 or more**.

**For domestic transfers:** The Travel Rule information must be collected and transmitted for transactions equivalent to **USD 3,000 or more**.

**Source:** APG Enhanced Follow-Up Report (July 2022), page 23.

Exchange between virtual assets and fiat currencies.

Exchange between one or more forms of virtual assets.

Safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets.

Participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.

**Originator Information:** VASPs must obtain and hold the originator's name, originator's account number (or unique transaction identifier), and the originator's physical address (or national identity number, customer identification number, or date and place of birth).

**Beneficiary Information:** VASPs must obtain and hold the beneficiary's name and the beneficiary's account number (or unique transaction identifier).

**Transmission:** Originating VASPs must transmit this information to the beneficiary VASP. Beneficiary VASPs must receive and hold this information.

**Record Keeping:** VASPs are required to keep records of this information for a specified period (typically 5 years).

**Lack of Specific Technical Mandates (Currently):** The FSM legislation likely mandates the *collection and transmission* of data but doesn't prescribe a specific technical solution (e.g., TRISA, Shyft, OpenVASP, etc.). VASPs are generally expected to use a secure and compliant method.

**Ongoing Development:** The APG report indicates that the FSM Banking Commission was in the process of developing a **VASP Code of Practice** at the time of the report (July 2022), which would further detail practical guidance for compliance.

**Fines:** Significant monetary penalties for institutions and individuals.

**Imprisonment:** For serious breaches or willful negligence/participation in money laundering/terrorist financing.

**License Revocation/Suspension:** VASPs failing to comply may have their registration or license suspended or revoked, effectively preventing them from operating.

**Supervisory Actions:** The FSM Banking Commission can impose various administrative sanctions and remedial actions.