Namibia -- AML/CFT Compliance Regulatory Overview

**Financial Intelligence Act, 2012 (Act No. 13 of 2012) as amended by the Financial Intelligence Amendment Act, 2017 (Act No. 2 of 2017):** This is the cornerstone of Namibia's AML/CFT framework. It establishes the Financial Intelligence Centre (FIC), defines money laundering and terrorist financing offenses, sets out reporting obligations, and outlines due diligence requirements for accountable institutions.

**Financial Intelligence Regulations, 2017:** These regulations provide further details and procedures for implementing the Financial Intelligence Act.

**Prevention of Organised Crime Act, 2004 (Act No. 29 of 2004):** This Act provides for the prevention of organised crime, money laundering, and the recovery of the proceeds of unlawful activities.

**Identification and Verification of Customers:**

**Natural Persons:** Obtain full name, date of birth, residential address, nationality, identification number (e.g., national ID, passport). Verify identity using reliable, independent source documents, data, or information (e.g., government-issued ID, utility bills).

**Legal Persons/Arrangements (Companies, Trusts):** Obtain name, legal form, proof of existence, powers that regulate and bind the legal person/arrangement, and the names of relevant persons holding senior management positions.

**Beneficial Ownership:** Identify and verify the identity of the beneficial owner(s) of the customer, ensuring that VASPs understand the ownership and control structure of the customer. This involves identifying the natural person(s) who ultimately own or control the customer, and/or on whose behalf a transaction is being conducted.

**Purpose and Nature of Business Relationship:** Understand the purpose and intended nature of the business relationship or occasional transaction.

**Ongoing Monitoring:** Conduct ongoing due diligence on the business relationship and scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions are consistent with the VASP's knowledge of the customer, their business, and risk profile, including, where necessary, the source of funds.

**Enhanced Due Diligence (EDD):** Apply EDD in higher-risk situations, which typically include:

Customers from high-risk geographic areas (as identified by FATF or FIC).

Complex, unusually large transactions, or unusual patterns of transactions that have no apparent economic or lawful purpose.

Transactions involving new technologies or products that favor anonymity.

**Travel Rule:** Although specific regulations may be pending, consistent with FATF Recommendation 16 (the "Travel Rule"), VASPs should be prepared to obtain and transmit required originator and beneficiary information for virtual asset transfers above a certain threshold (typically EUR/USD 1,000 or equivalent).

**Reporting Threshold:** There is no monetary threshold for reporting suspicious transactions. Any transaction (or attempted transaction) that gives rise to a suspicion of money laundering or terrorist financing, regardless of the amount, must be reported.

**Content of Report:** The report must include all relevant information known to the VASP regarding the customer, the transaction, and the reasons for suspicion.

**"No Tipping-Off":** VASPs and their employees are strictly prohibited from disclosing to the customer or any third party that an STR has been, or will be, submitted.

**Customer Identification Records:** Copies of all documents used for customer identification and verification (e.g., ID cards, passports, utility bills, company registration documents).

**Transaction Records:** Details of all transactions conducted by the VASP, including amounts, types of virtual assets, dates, sender and recipient information, and any associated messages. This includes both successful and attempted transactions.

**Business Relationship Records:** Records pertaining to the establishment and duration of business relationships.

**Analysis and Decision Records:** Records of any internal analysis undertaken regarding suspicious activity, and decisions made regarding whether or not to file an STR.

**STRs Submitted:** Copies of all suspicious transaction reports filed with the FIC.

**Financial Intelligence Centre (FIC) Namibia**

**Role:** The FIC is an independent body established under the Financial Intelligence Act. It is responsible for receiving, analysing, and disseminating financial intelligence to combat money laundering and terrorist financing. It also provides guidance and supervision to accountable institutions on their AML/CFT obligations.

**Bank of Namibia (BoN):** The central bank responsible for monetary policy, financial stability, and oversight of the payment system. It has taken the lead in developing a regulatory framework for Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs).

**Financial Intelligence Centre (FIC):** Responsible for combating money laundering and terrorist financing. The FIC oversees AML/CFT compliance for "accountable institutions," which now include VASPs.

**Namibia Financial Institutions Supervisory Authority (NAMFISA):** Regulates non-banking financial institutions (e.g., pension funds, insurers, collective investment schemes). While not directly regulating crypto custodians currently, NAMFISA has a regulatory sandbox that could potentially involve innovative financial products, including those using distributed ledger technology.

**Current Status:** Namibia does not currently have a dedicated, fully enacted licensing regime specifically for digital asset custodians. However, the **Bank of Namibia (BoN)** has clearly indicated its intention to regulate VASPs, which include custodians, under a future framework.

**BoN Position Paper:** In a landmark move, the Bank of Namibia released its **Position Paper on Virtual Assets and Virtual Asset Service Providers (VAs and VASPs)** in May 2022. This paper outlines the BoN's stance and proposed approach to regulating VASPs.

It declares that VASPs, including those providing custody services, will be required to obtain authorization or licenses from the relevant regulatory authorities (likely the BoN itself or a designated authority).

The paper integrates VASPs into the national payment system and regulatory framework, categorizing them as "financial service providers" that will be subject to oversight.

**Reference:** Bank of Namibia Position Paper on Virtual Assets and Virtual Asset Service Providers (VAs and VASPs), May 2022. While a direct, permanent URL to the document on the BoN website can change, it is usually found under their "Publications" or "Policy Papers" section. A common way to access it is through news articles or financial updates referencing it, e.g., via Namibia Economist or similar financial news outlets which often link to the official PDF.

**AML/CFT Registration (FIC):** While not a full operational license, VASPs (including custodians) are subject to **AML/CFT obligations** under the **Financial Intelligence Act, 2012 (Act No. 13 of 2012)**, as amended. This means they are considered "accountable institutions" and must:

Implement robust AML/CFT programs (e.g., customer due diligence, suspicious transaction reporting).

**Reference:** Financial Intelligence Act, 2012 (Act No. 13 of 2012). Available on the FIC website or parliamentary legislation portal: https://fic.na/ (Navigate to "Legislation" or "Acts").

**Current Status:** While specific legislation explicitly mandating the segregation of client digital assets for custodians is not yet enacted, the **BoN Position Paper** (May 2022) highlights best practices and internationally recognized principles (such as those from FATF and IOSCO).

**Future Intent:** It is highly probable that future regulations will require VASPs offering custody services to segregate client assets from their operational assets to protect client funds in case of insolvency or operational failure. This is a fundamental principle in traditional financial custody and is expected to be adopted for digital assets. The BoN's emphasis on consumer protection points towards this.

**Current Status:** There are no specific, legislated insurance or bonding requirements for cryptocurrency custodians in Namibia at present.

**Current Status:** There are no specific legal mandates requiring crypto custodians to use cold storage for a certain percentage of client assets.

**Industry Practice vs. Regulation:** While cold storage is widely considered an industry best practice for securing a significant portion of digital assets (to mitigate online hacking risks), it is not a regulatory requirement in Namibia at this time. Future regulations might include technology-agnostic security requirements that implicitly encourage such practices, but a specific mandate is unlikely in the immediate future.

**Current Status:** There is no distinct legal definition for a "qualified custodian" specifically for digital assets in Namibia, separate from the broader definition of a VASP.

**BoN Definition of VASP:** The BoN Position Paper defines a VASP consistent with FATF guidelines, which includes entities that:

Exchange between VAs and fiat currencies.

Exchange between one or more forms of VAs.

**Safekeeping and/or administration of VAs or instruments enabling control over VAs.** (This is the key part for custody).

Participation in and provision of financial services related to an issuer’s offer and/or sale of a VA.

Therefore, any entity providing "safekeeping and/or administration of VAs" would fall under the VASP definition and would be subject to future VASP regulations.

**Bank of Namibia Framework:** The most significant pending legislation directly impacting custody is the framework being developed by the Bank of Namibia. The **BoN Position Paper (May 2022)** clearly states the intention to:

Introduce a comprehensive regulatory framework for VAs and VASPs, which will cover authorization/licensing, prudential requirements, conduct of business rules, and consumer protection.

Integrate VAs into the national payment system, potentially through amendments to the **Payment System Management Act, 2003** or a new, dedicated digital asset law.

The BoN has indicated a phased approach, starting with AML/CFT and then moving to broader prudential regulation.

**Regulatory Sandbox:** NAMFISA operates a regulatory sandbox for financial innovation. While not specific to custody, innovative custody solutions could potentially be tested within this sandbox before broader regulation is finalized.

**Reference:** NAMFISA Regulatory Sandbox information: https://www.namfisa.com.na/regulatory-sandbox