Jordan -- AML/CFT Compliance Regulatory Overview

Jordan, like many countries, is working to align its anti-money laundering (AML) and counter-financing of terrorism (CFT) framework with international standards set by the Financial Action Task Force (FATF), which now explicitly includes Virtual Asset Service Providers (VASPs).

However, it's crucial to understand Jordan's specific stance on cryptocurrencies. The Central Bank of Jordan (CBJ) has historically issued strong warnings against dealing with cryptocurrencies and has prohibited licensed banks and financial institutions from doing so. As of my last update, there is no specific licensing framework for domestic VASPs in Jordan. This means that operating a cryptocurrency exchange or similar VASP directly within Jordan in a licensed capacity is currently not possible.

Despite this, any entity dealing with virtual assets, whether internationally or involving Jordanian residents, would still be subject to the general AML/CFT laws if their activities fall under the scope of financial services or if they pose a risk to the financial system.

Here's a breakdown based on Jordan's existing AML/CFT framework, applied hypothetically to VASPs if a regulatory framework were to be established or in cases where the law's general provisions apply:

AML/CFT Legislation in Jordan

The primary legislation governing AML/CFT in Jordan is:

1. Anti-Money Laundering and Counter-Terrorist Financing Law No. 20 of 2021: This is the most recent comprehensive law that aligns Jordan's framework more closely with international standards, including FATF recommendations. While it doesn't explicitly detail VASP licensing, it broadens the scope of entities subject to AML/CFT obligations and strengthens preventative measures. It aims to cover all financial institutions and designated non-financial businesses and professions (DNFBPs) that might be exposed to ML/TF risks.

AML/KYC Requirements for Entities Dealing with Virtual Assets (as per general AML/CFT Law principles)

If VASPs were to be licensed or recognized, or if their activities were deemed to fall under the existing AML/CFT law, they would be expected to implement the following, consistent with FATF standards:

1. Customer Due Diligence (CDD) Requirements

VASPs would need to apply a risk-based approach to CDD, including:

• Identification and Verification of Customers:
  • For Individuals: Obtaining and verifying the customer's full name, date of birth, place of birth, nationality, permanent address, national identification number (e.g., national ID card, passport), and occupation. This often requires reliable, independent source documents (e.g., government-issued ID, utility bills).
  • For Legal Entities/Arrangements: Obtaining and verifying the legal entity's name, legal form, proof of existence (e.g., certificate of incorporation), address of registered office, names of directors/senior management, and provisions governing the power to bind the entity.
• Identification of Beneficial Ownership: For legal entities or arrangements, identifying and verifying the identity of the natural persons who ultimately own or control the customer, or the natural person on whose behalf a transaction is being conducted.
• Understanding the Purpose and Intended Nature of the Business Relationship: Collecting information on the customer's typical transaction patterns, the nature of their virtual asset activities, and the source of funds/wealth.
• Ongoing Monitoring: Continuously scrutinizing transactions undertaken by customers to ensure they are consistent with the VASP’s knowledge of the customer, their business, and risk profile, including (where necessary) the source of funds.
• Enhanced Due Diligence (EDD): Applying stricter measures for higher-risk situations, such as:
  • Transactions involving high-risk jurisdictions.
  • Business relationships with Politically Exposed Persons (PEPs).
  • Complex, unusually large transactions, or unusual patterns of transactions that have no apparent economic or lawful purpose.
  • Relationships with customers in sectors known for higher ML/TF risks.
• Simplified Due Diligence (SDD): Permitted only in low-risk scenarios identified through a comprehensive risk assessment.

2. Suspicious Transaction Reporting (STR)

VASPs would be obligated to:

• Report Suspicious Activities: Immediately report any suspicious transaction or activity (including attempted transactions) that they know, suspect, or have reasonable grounds to suspect involves money laundering or terrorist financing to the Financial Intelligence Unit (FIU-Jordan).
• No Tipping-Off: Prohibit the disclosure to the customer or any third party that a suspicious transaction report has been or will be submitted.
• Internal Mechanisms: Establish internal policies, procedures, and training for employees to identify and report suspicious activities.

3. Record-Keeping Obligations

VASPs would be required to maintain comprehensive records for a specified period:

• Customer Identification Data: All documents obtained through CDD measures (copies of identification documents, beneficial ownership information).
• Transaction Records: Details of all virtual asset transactions, including transaction amounts, types of virtual assets, addresses involved, timestamps, and any relevant metadata.
• Business Correspondence: Records of business correspondence with customers.
• STRs: Copies of all suspicious transaction reports submitted.
• Retention Period: Records must typically be kept for a minimum period of five (5) years after the business relationship has ended or after the date of an occasional transaction.

4. Internal Controls and Training

VASPs would need to establish robust internal programs, including:

• Designated AML/CFT Compliance Officer: Appointing a senior-level compliance officer responsible for overseeing the AML/CFT program.
• Internal Policies and Procedures: Developing and implementing comprehensive AML/CFT policies and procedures tailored to their specific risks and operations.
• Employee Training: Providing ongoing training to all relevant employees on AML/CFT laws, regulations, internal policies, and how to recognize and report suspicious activities.
• Independent Audit: Conducting regular independent audits of their AML/CFT programs to assess their effectiveness.

Which Authority Oversees Compliance?

Given the current regulatory landscape in Jordan:

1. Primary Financial Regulator (and likely future VASP licensing body):

   • The Central Bank of Jordan (CBJ)
   • URL: https://www.cbj.gov.jo/
   • The CBJ is responsible for regulating and supervising financial institutions in Jordan. While it has not yet established a VASP licensing regime, if one were to be introduced, the CBJ would be the most probable authority to issue licenses and oversee compliance. They also issue instructions and regulations complementing the AML/CFT law.

2. Financial Intelligence Unit (for STRs):

   • The Anti-Money Laundering and Counter-Terrorist Financing Unit (FIU-Jordan)
   • URL: https://www.fiu.gov.jo/
   • The FIU-Jordan is the central national authority responsible for receiving, analyzing, and disseminating suspicious transaction reports related to money laundering and terrorist financing to law enforcement agencies. Any entity, including a VASP, that has AML/CFT obligations would report STRs to the FIU-Jordan.

Important Note on Jordan's Stance

It is critical to reiterate that the Central Bank of Jordan has maintained a cautious and largely prohibitive stance on cryptocurrencies for licensed entities. While the Anti-Money Laundering and Counter-Terrorist Financing Law No. 20 of 2021 provides a general framework, specific regulations for the licensing, operation, and detailed AML/KYC obligations of VASPs are not yet in place.

Any individual or entity considering operating a virtual asset service provider (VASP) that targets or serves Jordanian residents should seek updated legal advice in Jordan to understand the evolving regulatory landscape and potential legal implications. The regulatory environment for virtual assets is rapidly developing globally, and Jordan is expected to continue to evolve its approach in line with FATF recommendations.