AML Compliance for Charities in Singapore: A Panoramic View

AML Compliance for Charities in Singapore: A Panoramic View

Charities are social institutions that offer invaluable services to humanitarian causes to complement governmental and international efforts. However, their noble work can be misused or exploited by illicit actors for raising or moving funds for the purpose of Money Laundering (ML), Terrorism Financing (TF), or Proliferation Financing (PF).

This blog discusses the AML compliance requirements for charities in Singapore and the corresponding regulatory framework while also highlighting the ML/TF/PF red flags commonly associated with charities.

It goes on to address the challenges in combatting ML/TF/PF risks and suggests best practices to overcome the challenges with the inclusion of evolving technologies.

Charities that are Subject to AML/CFT Compliance Obligations

Institutions such as Companies Limited by Guarantee, Body Corporates, Societies or Trusts operating under Singapore laws can register themselves as charities under the Charities Act 1994.

However, such institutions must fulfil the following criteria:

  1. The institution must have a charitable purpose as recognised by Singapore’s regulatory framework
  2. The institution must promote public benefit through its activities
  3. The institution must be wholly and exclusively charitable

Singapore laws recognise the following causes as charitable purposes:

  • Poverty alleviation or reduction
  • Development of education or religion
  • Other purposes that benefit the community at large, including the commonly recognised charitable purposes such as:
    • Awareness and assistance through health initiatives
    • Assistance with citizenship woes, community development, environmental protection, animal welfare
    • Aid for needy and destitute with severe illnesses, disability, financial difficulties, or disadvantage due to youth, age, or any other constraints
    • Encouragement of sports and physical activities that promote health
    • Promotion and awareness in the fields of science, arts, cultural heritage

Thus, all charities working for charitable purposes are subject to Anti-Money Laundering, Countering Financing of Terrorism, and Counter-Proliferation Financing (AML/CFT/CPF) compliance requirements.

Why Charities Must Adhere to AML/CFT Compliance Requirements

Charities are vulnerable to ML/TF/PF risks due to a variety of reasons, such as:

  • Higher public trust
  • Wide networks
  • Cross-border operations
  • Unregulated funding channels
  • Weak internal controls 

These factors are misused by charities through various means:

Means of Misuse of Charities

Charities may be abused by illicit actors for ML/TF/PF purposes through various means that can be classified into the following categories.

Funding through Charities

Criminals seek to exploit by raising funds in the name of a charity and then diverting such funds for terrorist activities or financial crime at the stage of collection or funds or transfer of funds between the stakeholders. Charities are also vulnerable to being used as a front by illicit actors for the movement of funds.

Misusing Resources Belonging to Charities

Charities are highly dependent on their human resources to execute their cause. However, this dependency makes them vulnerable to the risks of financial crime if a staff member or a board member exploits the charity’s resources to support terrorist activities or financial crime instead of providing for the charity’s beneficiaries.

Misusing the Name of a Legitimate Charity

Illicit actors often adopt a registered charity’s credentials, such as name, contact information and address, to mislead the donors and ultimately divert funds for ML/TF/PF purposes in the guise of charitable work.

Establishing Sham Charities

Instead of using a legitimate charity’s identity, criminals also resort to creating a sham institution altogether that functions like an ordinary registered charity, raising funds and promoting causes on paper to ultimately support ML/TF/PF activities.

Conducting Recruitments

The facilities used by charities and their activities are misused by terrorist organisations and illicit actors for carrying out recruitment for their activities.

Manipulating Charitable Programs

Parasitic use of legitimate charitable programs by illicit actors for carrying out illegal activities. For instance, shelters built by charities and used by beneficiaries may also be misused as a hub for ML/TF/PF activities.

Association with Terrorism Financing or Proliferation Financing Actors

Terrorist organisations may associate themselves with charities through a variety of means, including individual relationships with employees or senior management personnel or formally established partnerships with charities for furthering terrorism or proliferation-related activities.

Common Red Flags for Charities to Beware of

Charities must be aware of the following common red flags that can indicate ML/TF/PF activities:

  • If a donor insists on using the money for a specific purpose that is not related to the charity’s work domain.
  • If the amount of donations made does not match with the donor’s financial profile or their commercial activity.
  • If a donor makes donations using virtual assets but the charity is unable to determine that virtual asset’s ownership pattern.
  • If a donor relies on third parties to execute transactions without any apparent reason.
  • If a charity notes unusual behaviour on the part of a donor, such as requests for rerouting parts of donations to a third party that is not known to the charity and does not align with the charity’s purpose.

Criminals are constantly finding new ways of ML/TF/PF. Thus, charities must scrutinise any unusual behaviour or transactions beyond this non-exhaustive list of red flags.

AML Framework for Charities in Singapore

Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act, 1992 and the Terrorism (Suppression of Financing) Act, 2002, are the primary legislations combating money laundering and terrorism financing in Singapore.

In congruence with the recommendations of the Financial Action Task Force (FATF), preventing the abuse of Non-Profit Organisations (NPOs) and the overarching AML/CFT laws in Singapore, the Office of Commissioner of Charities (COC) sets out AML/CFT obligations for charities in Singapore.

We focus on Keeping You Compliant So You Can Focus on Saving the World

Stay updated with AML Regulations with AML Singapore

Schedule a Consultation Today!

AML Compliance Processes that Charities Need to Follow

AML Compliance for Charities needs to be built upon the foundation of a Risk-Based Approach

When managing the identified risks, charities must follow a risk-based approach, i.e. prioritising the management of critical risks by applying higher controls and resources and then moving on to lower risks. Charities can define the following risk management strategy:

The risk management strategy can help charities develop clear guidelines on avoidance, reduction, sharing, and acceptance of risk based on the risk level, quantification of loss, cost of mitigation and the burden of risk management.

The AML compliance process listed in this section guard charities against ML/TF/PF risks:

Charity Risk Assessment

Charities must be aware of the kinds of risks that they may be exposed to and identify the inherent ML/TF/PF risk factors affecting charity operations. These factors include:

Risks Associated with Donors, Beneficiaries, Partner Organisations, Employees, and Volunteers

Charities must determine the risks that arise out of their interaction with their donors, beneficiaries, partners, employees, or volunteers. For instance, charities must evaluate if they accept donations that come with specific requests, such as requests for utilising the donation for specific groups of individuals or organisations.

Risks Associated with Charity Operations

Charities must analyse if any potential illicit activities can arise out of their daily operations. For example, charities must analyse whether their funds are disbursed through non-regulated or high-risk financial channels.

Risks Associated with Geographical Locations

For charities conducting global operations, charities must determine if they are at a higher risk of ML/TF/PF threats if they work in high-risk jurisdictions or deal with donors or partners belonging to high-risk jurisdictions, such as FATF blacklist or grey list countries or conflict-affected zones. Charities having multi-jurisdiction operations are at a higher risk of ML/TF/PF threats arising out of geographical locations.

The above-mentioned risk factors would help charities determine the likelihood of ML/TF/PF risks and their impact when adopting a Risk-Based Approach.

Establishing Internal Policies, Procedures, and Controls (IPPC)

Based on risk identification and assessment exercise, charities must develop and periodically update a customised IPPC that addresses risk management, disbursements, utilisation of donations, monitoring the delivery of their programs and initiatives, and reporting of suspicious activities or transactions that come to notice during the course of their operations.

The IPPC must clearly define the control measures, from due diligence and risk profiling to record keeping, following a risk-based approach while also defining the role of employees and staff members, including all three lines of defence.

Additionally, charities must ensure a transparent AML governance framework with clear communication and commitment from the stakeholders in the implementation of risk mitigation measures.

Role of Governing Board Members and Key Officers in Ensuring AML Compliance

The governing board and the key officers of a charity are the persons who are ultimately responsible for implementing the compliance measures in accordance with the charity’s Internal Policies, Procedures, and Controls and ensuring that the ML/TF/PF risks to the charity are effectively mitigated.

Due Diligence

Charities must perform independent due diligence measures against a donor or beneficiary or other stakeholders such as representatives, partners, agents, contractors, employees, suppliers, vendors and volunteers.

Due diligence should be undertaken by charities in the following instances:

  • Before accepting funds from a donor, extending support to a beneficiary, or establishing a working relationship with a stakeholder
  • If the charity suspects a donor, beneficiary, or stakeholder is involved in ML/TF/PF activities
  • If there is any veracity in the documents or information shared by the donor, beneficiary, or stakeholder.

Know Your Donors, Beneficiaries, and Stakeholders

Charities are required to identify and verify the identities, credentials and good standing of their potential donors, beneficiaries, and stakeholders.

Charities are required to:

  • Obtain relevant information about not just the donors but also their agents, connected persons, or beneficial owners, and
  • Verify their background, reputation, financial stability, source of wealth and source of funds against independent and reliable information

When dealing with partner organisations, charities should have clear written agreements concerning the activities conducted and resources utilised under the charity’s name.

Sanctions Screening, PEP Screening and Adverse Media Screening

Charities must screen their donors, beneficiaries, partners, employees, and volunteers against the list of designated individuals and entities set forth by the United Nations Security Council (UNSC) and the Inter-Ministry Committee on Terrorist Designation (IMC-TD) and the Targeted Financial Sanctions imposed by Monetary Authority of Singapore.

If the sanctions screening results in a positive hit, charities are obligated to terminate onboarding of or collaboration with the donor, beneficiary, or stakeholder and file a Suspicious Transaction Report (STR).

Charities must also screen their donors, beneficiaries, and stakeholders to check if they, their agents, or their beneficial owners are Politically Exposed Persons (PEPs), immediate family members or close associates of a PEP.

Charities must screen the names of their donors against adverse media reports, internet records, and database subscriptions to check if there are any public concerns raised about the donor, such as to check if the donor has been declared insolvent.

Charities must also perform searches on the government register to determine if there have been any regulatory actions against the donor, beneficiary, partner, employee or volunteer.

Donor, Beneficiary and Stakeholder Risk Assessment

Charities must evaluate the risk posed by every potential donor, beneficiary and stakeholder and classify them into low, medium and high-risk. Such risk assessment can be made based on the following factors:

Donor, Beneficiary, and Stakeholder Risk:

  • PEP status of the donors, beneficiaries, or stakeholders and their agents, close associates, or family members
  • Existence of Adverse Media
  • Unusual ownership structure
  • Criminal convictions involving fraud.

Products and Services Risk

  • Understanding donor and stakeholder services, products, and activities vulnerable to ML/TF/PF risks.

Geographical Risk

Pertaining to the location where the stakeholder is placed or routes transactions or conducts most business with

  • If the jurisdiction is on FATF’s blacklist or grey list
  • If the jurisdiction is subject to UN sanctions
  • If the jurisdiction is infamous for significant levels of corruption.

Other Risk

  • Non-face-to-face relationships
  • Unusual involvement of third parties.

Based on the stakeholder risk assessment, the charity must classify its stakeholders as high-risk, medium-risk, and low-risk and apply adequate risk mitigation measures in accordance with a risk-based approach. For example, when dealing with high-risk stakeholders, charities must perform Enhanced Due Diligence.

We focus on Keeping You Compliant So You Can Focus on Saving the World

Stay updated with AML Regulations with AML Singapore

Schedule a Consultation Today!

Enhanced Due Diligence

If establishing a working relationship with a donor, beneficiary, or partner belonging to high-risk jurisdictions or high-risk stakeholders as per the criteria defined in the IPPC, charities must perform additional checks as a part of Enhanced Due Diligence (EDD). For instance,

  • Charities must seek to ascertain the legitimacy of the source of funds when receiving a substantial amount of donation from an unknown donor
  • Engagement or work relationship establishment with a high-risk donor, beneficiary or stakeholder must be conducted with the approval of the governing board members
  • Placing additional checks on the activities of the donor, beneficiary or stakeholder
  • Conducting enhanced ongoing monitoring of transactions by elevating the frequency and nature of transactions.

EDD helps in identifying and avoiding ML/TF/PF risks to a great extent.

Ongoing Monitoring of Projects and Transactions

For all the ongoing projects or programs under which charities conduct their activities, charities must put in place to ensure that their funds or services are delivered in accordance with the charity’s objectives. Charities must monitor the following aspects of a project in a structured, regular and ongoing way:

  • Conduct of the stakeholders involved in a project
  • Performance of the project stakeholders
  • Proper delivery of charity services
  • Expenditure is incurred for legitimate purposes
  • Transactions with the donors, beneficiaries, and stakeholders are in accordance with their respective financial profile.

Audit and Review

Charities must accomplish dual audit and review process:

  1. Audit and review of the financial records
  2. Audit and review of the AML program

The Charities Act 1994 and subsequent regulatory framework require charities to ensure independent audit or examination of their financial records in accordance with the relevant financial reporting standards. Hence, charities must ensure proper accounting of their funds, auditing of their services, and employee training to analyse the performance of their projects and activities.

Additionally, charities must review the quality and effectiveness of their AML controls to ensure that their AML program does not become irrelevant or outdated over time in comparison to the evolving criminal typologies and AML/CFT regulatory framework. There may be specific instances which trigger the need for reviewing risk mitigation measures:

Charities must accomplish dual audit and review process:

  1. Audit and review of the financial records
  2. Audit and review of the AML program

The Charities Act 1994 and subsequent regulatory framework require charities to ensure independent audit or examination of their financial records in accordance with the relevant financial reporting standards. Hence, charities must ensure proper accounting of their funds, auditing of their services, and employee training to analyse the performance of their projects and activities.

Additionally, charities must review the quality and effectiveness of their AML controls to ensure that their AML program does not become irrelevant or outdated over time in comparison to the evolving criminal typologies and AML/CFT regulatory framework. There may be specific instances which trigger the need for reviewing risk mitigation measures:

As and when required, charities must update their documents and information sources if:

  • There are any regulatory updates, e.g. updates in FATF lists or local or UN sanctions lists.
  • There are material changes in the working changes with a Donor, Beneficiary or Stakeholder.
  • Changes in the availability of resources.

Charities must determine the time and frequency of the audit and review process in accordance with their Internal Policies, Procedures, and Controls.

Protect Your Company with a well-defined Customer Acceptance & Exit Policy

AML Singapore Provides Risk-Sensitive Policy Framing Services to Protect Your Business from ML/TF/PF Risks

Contact Us Now

Reporting

If charities encounter suspicious activities or transactions in the course of their day-to-day operations, they are obligated to file a Suspicious Transaction Report (STR) with the Suspicious Transaction Reporting Office (STRO) using the STRO Online Notices and Reporting (SONAR) Platform as per the AML/CFT obligations set out in the Corruption, Drug Trafficking, and Other Serious Crimes (Confiscation of Benefits) Act and the Terrorism (Suppression of Financing) Act.

By implementing the above-mentioned compliance measures, charities can ensure that their activities and services are not misused by illicit actors for ML/TF/PF purposes.

In addition to filing STR, charities are also required to submit a governance evaluation checklist as a part of their annual submission to the COC. The governance compliance checklist explains the charity’s extent of compliance with the Code of Governance. It is to be filed through the charity portal within a period of six months from the end of each financial year through the Charity Portal.

Training

Charities must provide adequate training to governing board members, key officers, employees and representatives regarding AML topics and issues relating to their roles and functions to ensure proper implementation of the charity-specific ML/TF/PF risks.

In addition to role-specific training, a general overview of ML/TF/PF activities, AML/CFT laws applicable to the charity and consequences of non-compliance should also be included in the employee training and awareness component so that the employees, operations personnel, volunteers and other staff members become equipped in identifying ML/TF/PF red flags and filing STRs, and other regulatory reports.

Record-Keeping

Charities must record all relevant information concerning a project, donor, beneficiary, or stakeholder during the course of the working relationship and for a minimum period of five (5) years after the end of the working relationship. The records include but are not limited to:

  • Documents under in identification and verification of identities
  • Information regarding the purpose and nature of the working relationship
  • Charity’s findings about the PEP status and other high-risk factors in writing
  • Nature of EDD measures taken by the charity in relation to high-risk donors, beneficiaries or stakeholders
  • Any STRs filed or any ML/TF/PF suspicions raised before the governing board members
  • All written agreements relating to projects, ongoing monitoring of projects and transactions
  • All receipts or disbursement of funds
  • Any incidental matters prescribed in the charity’s internal policy
  • All AML training records
  • Outcome of charity risk assessment
  • All financial records

Conducting Due Diligence on Anonymous Donors

Charities often receive donations from persons who do not wish to reveal their identity in good faith. However, this guard of anonymity can also be used by criminals to circumvent due diligence checks.

Thus, it is important for charities to conduct due diligence and seek to identify any red flags associated with ML/TF/PF activities like involvement of third parties or unusual requests for refunds. However, it is also important for charities to be mindful of the donor’s confidentiality.

Don’t Risk Non-Compliance

Our cost-effective AML Services are tailored just for your compliance requirements

Get in touch!

Consequence of Non-Compliance with AML/CFT Obligations

The Corruption, Drug Trafficking and Other Serious Crimes Act, 1992, mandates every person to file an STR if the person knows or has reason to believe that any property may be connected to criminal activity. Failure to do so constitutes a criminal offence.

Exceptions: However, with regard to identification and verification requirements. Charities are allowed to accept funds from a donor, disburse funds to a beneficiary or establish working relationships with stakeholders even when they are unable to complete identity verification despite their best efforts, subject to the following conditions:

  • The activity is essential for not interrupting the day-to-day operations of the charity
  • The charity is in a position to effectively manage the ML/TF risks
  • The charity has specific criteria and risk management policies and procedures in order to back the charity’s decision, taking into consideration reputational and legal risks.
  • The charity must document the deliberation, decision, and rationale of its decision in writing

However, charities must consider if they should file an STR if they are unable to complete any of the due diligence measures.

Challenges in Ensuring Effective AML/CFT Compliance

  • In cases where a large donor who is known to the charity changes the pattern of donation, it may be challenging for charities to perform due diligence while maintaining cordial work relationships with such donors. In such scenarios, it is important for charities to really know their donor beyond the regulatory pen and paper requirement to circumvent frictions.
  • Charities operating at a small scale may not have adequate infrastructure to identify complex ML/TF/PF patterns
  • Inadequate AML training may lead to human error that can pose a significant risk to the charity’s operations.
  • Charities adhering to AML compliance regulations are required to maintain records of each compliance measure and incidental information and documents. Thus, charities are required to manage large volumes of data that can be difficult to process and analyse.

CharityTech as an Effective AML/CFT Solution for Charities

In the era of digitisation, charities have the option to rely on digital solutions to automate labour-intensive compliance tasks, such as regulatory reporting and record keeping, to reduce the manual workload and associated costs, allowing charities to focus on their core missions while ensuring compliance with AML regulations.

CharityTech relies on advanced statistical modelling, machine learning, and real-time data aggregation to enhance risk assessments. By employing techniques like fuzzy logic and text analytics, RegTech can identify potential risks and suspicious activities more effectively than traditional methods.

Digital solutions can thus help charities overcome logistical challenges and financial crunch problems.

Best Practices to Ensure a Foolproof Implementation of AML/CFT and CPF Program within Charitable Organisations

  • Creating a checklist for internal periodic review
  • Identifying personnel and designating them as risk owners to mitigate, manage, and monitor sources of risks in which they have relevant knowledge, expertise, and authority. For example, Treasurers of the charity, as risk owners, can be entrusted with the responsibility of managing risks associated with the disbursement of funds or designating a senior board member as a single point of contact for all AML-related matters.
  • Charities can create risk registers defining the likelihood of the occurrence of such risk, its impact, and risk mitigation action plans for effective risk management.
  • Reviewing the effectiveness of compliance measures regularly and periodically based on a risk-based approach (RBA), i.e., once a year for high-risk stakeholders and once every three years for stakeholders not assigned high-risk rating.
    • Through RBA: Once a year for high-risk stakeholders and once every three years for stakeholders not assigned high-risk rating
    • When Situation Warrants: Such as updates to Relevant Sanctions lists or watchlists, change in nature of relationship with stakeholder, when additional information required due to inadequacy in existing information, changes in ownership structure of stakeholder (legal entity or legal arrangement).
  • Subscribing to the MAS and IMC-TD mailing lists to stay updated with the lists of designated persons and entities.
  • Charities should be cautious about maintaining donors’ confidentiality when performing due diligence measures in alignment with applicable data privacy laws
  • Charities can rely on advanced technologies such as CharityTech to overcome the challenges of human error and data management.
  • Having in place, workflows and personnel to fulfil Regulatory Reporting Requirements such as:
    • STRs with STRO
    • Annual Report that includes Financial Statements and Governance Evaluation Checklist with the Commissioner of Charities (COC).

Conclusion

ML, TF, and PF risks to the charity sector have far-reaching impacts. Thus, it is important for charities to put in place effective AML/CFT controls and governance practices to prevent erosion of trust for legitimate institutions working for public benefit.

Frequently Asked Questions

Yes, Anti-Money Laundering (AML) regulations are applicable to charities in Singapore.

The Office of Commissioner of Charities (COC) is the regulatory authority for charities in Singapore and oversees the implementation of AML compliance measures by charities in Singapore.

Charities may be misused by illicit actors in the following ways:

  • Funding through Charities
  • Utilising Recourses Belonging to Charities
  • Misusing the Name of a Legitimate Charity
  • Establishing Charity Shams
  • Conducting Recruitments
  • Manipulating Charitable Programs

Charities in Singapore can report Money Laundering, Terrorism Financing, or Proliferation Financing (ML/TF/PF) activities by filing a Suspicious Transaction Report (STR) with the Suspicious Transaction Reporting Office (STRO) using the STRO Online Notices and Reporting (SONAR) Platform.

Take the First Step Towards Compliance

Pocket-friendly AML solutions to fit your needs

Reach out Now!

About the Author

Linkedin-in

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 7 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.