Saint Vincent and the Grenadines -- AML/CFT Compliance Regulatory Overview

Saint Vincent and the Grenadines (SVG) presents a unique landscape for cryptocurrency/virtual asset service providers (VASPs) concerning AML/KYC requirements. It's crucial to understand that SVG does not currently have a dedicated licensing or regulatory framework specifically for VASPs.

Despite the absence of specific crypto legislation and VASP licensing, entities conducting activities that fall under the broader definitions of financial services or designated non-financial businesses and professions (DNFBPs) are expected to comply with the country's general AML/CFT framework. This framework is largely aligned with the recommendations of the Financial Action Task Force (FATF), of which SVG is a member through the Caribbean Financial Action Task Force (CFATF).

Therefore, the requirements outlined below are based on how the general AML/CFT legislation in SVG would likely be interpreted and applied to VASPs, given the global standards.

AML/CFT Requirements for Cryptocurrency/Virtual Asset Service Providers in SVG

1. AML/CFT Legislation

The primary AML/CFT legislation in Saint Vincent and the Grenadines that would apply to entities engaged in virtual asset activities (to the extent they fall within the scope of these laws) includes:

• The Proceeds of Crime Act, 2013 (as amended): This act criminalizes money laundering and terrorist financing offenses and provides for the forfeiture of assets derived from criminal conduct.
• The Anti-Money Laundering and Combating the Financing of Terrorism Act, 2017 (as amended): This is the principal legislation outlining the obligations for financial institutions and DNFBPs to prevent and detect money laundering and terrorist financing. It defines key terms, outlines reporting obligations, and sets out penalties for non-compliance.
• The Anti-Money Laundering and Combating the Financing of Terrorism Regulations, 2018 (as amended): These regulations provide more detailed requirements and procedures for implementing the AML/CFT Act, including specific CDD measures, internal controls, and record-keeping.
• The Financial Intelligence Unit Act, 2001 (as amended): This act establishes the Financial Intelligence Unit (FIU) and defines its powers and functions, including receiving and analyzing suspicious transaction reports.
• The Terrorism Prevention Act, 2002 (as amended): This act provides for measures to prevent terrorism, including the freezing of terrorist assets.

Important Note: As of the latest information, there is no specific legislation in SVG defining or regulating "Virtual Asset Service Providers" (VASPs) as a distinct licensed entity, nor are there specific VASP-focused AML/CFT rules. However, the general AML/CFT laws are broad enough to capture entities facilitating financial transactions, which would include many VASP activities. The SVG Financial Services Authority (FSA) has previously issued warnings regarding unregulated crypto activities, indicating a cautious approach.

2. Customer Due Diligence (CDD) Requirements

Under the general AML/CFT framework, entities (including VASPs that would be deemed to be conducting relevant financial business) are required to:

• Identify and Verify Customer Identity:
  • For natural persons: Obtain full name, residential address, date of birth, nationality, and a unique identification number (e.g., passport, national ID card). Verification typically requires independent, reliable source documents.
  • For legal persons/entities: Obtain legal name, address of registered office and principal place of business, incorporation details (e.g., certificate of incorporation, articles of association), and identify beneficial owners (those who ultimately own or control 25% or more of the entity).
• Understand the Purpose and Intended Nature of the Business Relationship: Gather information about why the customer is seeking the services and how they intend to use them.
• Conduct Ongoing Monitoring: Regularly review the business relationship and transactions undertaken to ensure they are consistent with the entity's knowledge of the customer, their business, and risk profile, including (where necessary) the source of funds.
• Risk-Based Approach: Apply a risk-based approach to CDD.
  • Enhanced Due Diligence (EDD): Required for high-risk customers, such as Politically Exposed Persons (PEPs), customers from high-risk jurisdictions, or transactions involving complex structures or unusually large amounts. This involves more rigorous verification, deeper understanding of source of funds/wealth, and higher-level approval for establishing relationships.
  • Simplified Due Diligence (SDD): Permitted for low-risk customers, where sufficient information is available through public sources and the risk of ML/FT is assessed as low.

3. Suspicious Transaction Reporting (STR)

• Obligation to Report: All reporting entities (which would include VASPs if their activities are considered relevant financial business) have a legal obligation to report any transaction (or attempted transaction) where there are reasonable grounds to suspect that funds are the proceeds of criminal activity or are linked to terrorist financing.
• Recipient: Reports must be submitted to the Financial Intelligence Unit (FIU) of Saint Vincent and the Grenadines.
• Timeliness: STRs must be filed promptly, "without delay," upon forming the suspicion.
• No Tipping-Off: It is an offense to disclose to the customer or any third party that a suspicious transaction report has been or will be made.

4. Record-Keeping Obligations

Reporting entities must maintain records for a specified period to assist in investigations and to demonstrate compliance. This includes:

• Customer Identification Data: All documents used for CDD, including copies of identification documents and verification records.

• Transaction Records: Details of all transactions, including amounts, types of currency/virtual assets, dates, and parties involved.

• Business Correspondence: Records of communications with customers and third parties related to transactions and the business relationship.

• STRs and Internal Reports: Copies of all suspicious transaction reports filed and any internal reports or analyses leading to such reports.

• Retention Period: Records must generally be kept for a minimum of five (5) years after the business relationship has ended or after the date of the transaction.

5. Authority Overseeing Compliance

Given the current regulatory landscape:

• Financial Services Authority (FSA):

  • Role: The SVG FSA is the primary financial regulator in Saint Vincent and the Grenadines. While it does not license VASPs specifically, it is responsible for the oversight of other financial institutions and can take action against entities operating without proper authorization or in violation of financial laws. It would likely provide guidance or interpretation regarding the applicability of general AML/CFT laws to new financial activities.
  • Website: https://svgfsa.com/

• Financial Intelligence Unit (FIU):

  • Role: The FIU is the central national agency responsible for receiving, analyzing, and disseminating suspicious transaction reports to competent authorities for investigation and prosecution of money laundering and terrorist financing offenses. VASPs (as reporting entities) would directly interact with the FIU for STR submissions.
  • Website: https://www.fiu.gov.vc/

Conclusion and Disclaimer:

While SVG has a robust general AML/CFT framework, the lack of specific legislation or licensing for VASPs means that the application of these laws to cryptocurrency service providers can be complex and may be subject to interpretation by the authorities. VASPs operating or intending to operate in Saint Vincent and the Grenadines should be aware of this regulatory uncertainty and are strongly advised to:

1. Seek independent legal counsel specializing in SVG financial and AML law to ensure compliance with existing regulations and to understand potential future regulatory developments.
2. Proactively implement robust internal AML/KYC policies and procedures that meet international FATF standards, even in the absence of specific VASP regulations, to mitigate risks and demonstrate good faith compliance.