Comoros -- AML/CFT Compliance Regulatory Overview

**Ordinance No. 19-001/PR of 26 July 2019 on the Fight Against Money Laundering and Terrorist Financing:** This is the most recent foundational AML/CFT law in Comoros. It replaced previous legislation (like Law No. 11-002/AF of 29 March 2011) and aims to align the Comorian framework with international standards set by FATF.

*Note:* While this Ordinance may not explicitly name "virtual assets" or "cryptocurrency," the broad definitions of "financial activity," "financial institutions," and "designated non-financial businesses and professions (DNFBPs)" are generally interpreted to encompass activities related to virtual assets and VASPs, especially given FATF Recommendation 15.

**Be subject to licensing or registration:** Depending on the specific interpretation and future regulations, VASPs are expected to be licensed or registered by the relevant authorities (e.g., the Central Bank).

**Implement AML/CFT requirements:** VASPs must comply with all AML/CFT obligations applicable to financial institutions, including customer due diligence, record-keeping, and suspicious transaction reporting.

**For natural persons:** Obtain and verify the customer's identity using reliable, independent source documents, data, or information (e.g., full name, address, date and place of birth, nationality, unique identification number from an official document like a passport or national ID card).

**For legal entities:** Obtain and verify the identity of the legal entity (e.g., name, legal form, address, directors, beneficial owners, proof of incorporation). Understand the ownership and control structure.

**Beneficial Ownership:** Identify and take reasonable measures to verify the identity of the beneficial owner(s) of the customer, including for legal persons and arrangements.

**Purpose and Intended Nature of Business Relationship:** Understand the purpose and intended nature of the business relationship or occasional transaction.

**Ongoing Monitoring:** Conduct ongoing due diligence on the business relationship and scrutinize transactions undertaken throughout the course of that relationship to ensure that the transactions are consistent with the obliged entity's knowledge of the customer, their business, and risk profile, including, where necessary, the source of funds.

**Enhanced Due Diligence (EDD):** Apply EDD measures to higher-risk situations, which may include:

Transactions involving complex or unusually large amounts.

Transactions involving new technologies and products (e.g., certain virtual assets).

**Source of Funds/Wealth:** For high-risk clients or transactions, VASPs should take reasonable measures to establish the source of funds or source of wealth.

**Obligation to Report:** VASPs are obligated to report any transaction (or attempted transaction), regardless of the amount, where there are reasonable grounds to suspect that the funds are the proceeds of a crime or are related to terrorist financing.

**Reporting Authority:** All STRs must be submitted to the **National Financial Information Processing Unit (Cellule Nationale de Traitement des Informations Financières - CNTIF)**, which is Comoros' Financial Intelligence Unit (FIU).

**No Tipping-Off:** VASPs and their employees are prohibited from disclosing to the customer or to third parties that an STR has been filed or that an investigation is underway.

**Customer Identification Data:** All documents and information used for CDD, including verification records.

**Account Files:** Records related to customer accounts and business relationships.

**Business Correspondence:** Relevant correspondence with customers.

**Transaction Records:** Records of all transactions (date, type, amount, currency, parties involved, payment methods, digital wallet addresses, transaction hashes).

**STRs and Internal Reports:** Copies of all STRs filed and any internal reports related to suspicious activities.

**Appoint an AML Compliance Officer:** A designated person responsible for overseeing the implementation of AML/CFT policies and procedures.

**Develop Internal Policies and Procedures:** Establish comprehensive internal policies, procedures, and controls to mitigate ML/TF risks, including risk assessment methodologies.

**Employee Training:** Provide ongoing AML/CFT training to relevant employees to ensure they understand their obligations and can identify suspicious activities.

**Independent Audit:** Implement an independent audit function to test the effectiveness of their AML/CFT programs.

**Central Bank of Comoros (Banque Centrale des Comores - BCC) Regulations:** The BCC may issue circulars or regulations that further elaborate on AML/CFT obligations for financial service providers, which could be extended to VASPs.

**Role:** The BCC is the main financial sector regulator and supervisor. It is responsible for licensing, prudential supervision, and ensuring compliance with AML/CFT regulations for entities under its purview, which would include VASPs once formally recognized and regulated.

**National Financial Information Processing Unit (Cellule Nationale de Traitement des Informations Financières - CNTIF):**

**Role:** This is Comoros' Financial Intelligence Unit (FIU). The CNTIF is the central national authority for receiving, analyzing, and disseminating financial intelligence concerning suspected proceeds of crime and terrorist financing. VASPs must report all suspicious transactions to the CNTIF.

**URL:** A dedicated official website for CNTIF is not readily available or publicly published, but it operates under the Ministry of Finance. Information about its operations is usually found via government portals or reports from international bodies like ESAAMLG.

**Law N° 08-013/AF of 2008 on Anti-Money Laundering and Combating the Financing of Terrorism:** This is the foundational AML/CFT law in Comoros, based on FATF recommendations. It mandates financial institutions (which would likely encompass regulated VASPs) to implement customer due diligence, suspicious transaction reporting, and compliance with international sanctions.

*Note:* While finding the direct URL for the specific, most recent version of this law in English from a Comorian government source can be challenging, its existence and purpose are consistently referenced by international bodies like the IMF and ESAAMLG.

**Reference (ESAAMLG mentioning Comoros' framework):** https://www.esaamlg.org/index.php/member-countries/comoros (Comoros is a member of the Eastern and Southern Africa Anti-Money Laundering Group).

**BCC Website:** https://www.banquecentrale.km/ (Check for official publications under "Publications" or "Textes Législatifs et Réglementaires").

**Cellule Nationale de Traitement des Informations Financières (CENTIF) - National Financial Information Processing Unit:** This is Comoros' Financial Intelligence Unit (FIU). It is responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) and other financial intelligence related to money laundering and terrorist financing.

VASPs (if covered by the AML/CFT law) would be obligated to report suspicious transactions, including those related to sanctions violations, to CENTIF.

**Yes, in principle, likely adopted as part of broader AML/CFT framework.** Comoros is an ESAAMLG member and is committed to implementing the FATF Recommendations. The FATF updated its Recommendations (specifically Recommendation 15 and 16, which underpin the Travel Rule) in June 2019 to explicitly cover VAs and VASPs.

Comoros enacted a new **Anti-Money Laundering and Counter-Terrorist Financing Law (Law No. 19-026/AU)** on **December 26, 2019**. This law is designed to align Comoros's AML/CFT framework with international standards, including FATF recommendations. It is highly probable that this law, or subsequent regulations under it, provides the legal basis for regulating VASPs and implementing the Travel Rule.

**Specific VASP-focused legislation and explicit Travel Rule mandates are harder to locate publicly.** Many jurisdictions pass a general AML/CFT law first and then issue detailed implementing regulations for specific sectors (like VAs) later.

The **Anti-Money Laundering and Counter-Terrorist Financing Law No. 19-026/AU** came into effect shortly after its promulgation in **December 2019**. This would be the *general* effective date for the overarching AML/CFT framework.

The *specific* effective date for obligations pertaining directly to the Travel Rule for VASPs would depend on the issuance of any dedicated VASP regulations or guidance, which are not readily available in public records.

Assuming Comoros aligns with the FATF standard for the Travel Rule (Recommendation 16), the threshold amount for collecting and transmitting originator and beneficiary information for VA transfers is:

**USD/EUR 1,000** or more (for transfers where the ordering VASP or beneficiary VASP is a financial institution).

**USD/EUR 0** (meaning all transactions, for transfers where *both* the ordering and beneficiary VASPs are not financial institutions, or where one side is an unhosted wallet). Many jurisdictions, however, focus on the USD/EUR 1,000 threshold initially.

Without specific Comorian VASP regulations, the FATF standard is the most likely reference.

Comoros is expected to adhere to the FATF definition of VASPs, which includes:

Exchanges between VAs and fiat currencies.

Exchanges between one or more forms of VAs.

Safekeeping and/or administration of VAs or instruments enabling control over VAs (custodian wallet providers).

Participation in and provision of financial services related to an issuer’s offer and/or sale of a VA.

Any entity conducting these activities as a business for or on behalf of another person would likely be subject to regulation.

The FATF does not prescribe a specific technical solution for Travel Rule compliance. It requires that the necessary originator and beneficiary information be collected, held, and transmitted between VASPs.

Comoros is unlikely to have issued specific technical requirements beyond the general obligation to comply with the Travel Rule's data transmission requirements. VASPs operating in Comoros would likely need to adopt an industry-standard technical solution (e.g., using TRISA, OpenVASP, Sygna, Travel Rule Protocol, etc.) to meet these obligations, much like in other jurisdictions.

**Fines:** Significant monetary penalties for institutions and individuals.

**Imprisonment:** For individuals found guilty of serious AML/CFT breaches.

**Suspension or Revocation of Licenses:** For regulated entities.

**Reputational Damage:** Though not a legal penalty, non-compliance can severely impact an entity's ability to operate.

The specific scale of penalties for VASP-related non-compliance would depend on detailed regulations, but they would generally align with those for other financial institutions.

**Anti-Money Laundering and Counter-Terrorist Financing Law No. 19-026/AU of December 26, 2019 (Comoros):** While a direct English or French version with a public URL is difficult to find, its existence and purpose are referenced in ESAAMLG documents and other legal analyses. It forms the backbone of Comoros's current AML/CFT framework.

**Eastern and Southern Africa Anti-Money Laundering Group (ESAAMLG):** Comoros is a member. ESAAMLG provides Mutual Evaluation Reports and follow-up reports that assess member states' compliance with FATF Recommendations.