A few weeks ago, we published a short review regarding certain identification and disclosure obligations which were to apply to attorneys and accountants (“Business Services Providers”) while providing certain business services,[1] resulting from a recent amendment to the Israeli Prohibition on Money Laundering Law, 2000 (“the Amendment” and “the Law”, as applicable). As we elaborated there, the Amendment authorized the Israeli Minister of Justice to sign a special order, in which the said obligations were to be specified. Such order, the Prohibition on Money Laundering Order (Obligations of Identification, Reporting and Keeping Records of a Business Service Provider to Prevent Money Laundering and Terror Financing), 2014 (“the Order”) was recently signed.

The Order obligates Business Services Providers to take a number of measures in order to identify customers who might be executing money laundering or financing terror.

The first and main obligation set by the Order is to Know and Identify the Customer. According to this obligation, Business Services Providers must identify the customer, using specific identifying documents, and perform a Know Your Customer (“KYC”) process, in accordance with a designated form, attached to the Order (“KYC Form”). Such form includes, in addition to identifying details of the customer and the beneficiary of the business services, details of the requested business services, a declaration made by the customer (or its representative) as to the authenticity of the said details, and a confirmation given by the Business Services Provider, confirming its identification of the customer and its acting in accordance with the Order. Business Services Providers must keep records of KYC Forms and any other document supplied in connection therewith for a period of 5 years after the business services has ended. In addition, in the event that a Business Service Provider finds the details supplied by the customer in respect to its identity, or the identity of the beneficiary of the requested business services, as prima facie unlikely, he or she must clarify such details with the customer. However, this obligation does not apply in all cases. For example, when the customer is a Returning Customer (as such term is defined within the Order), or a Public Institution, the above-described KYC process is shortened or indeed not required.

In addition, Business Services Providers are obliged to study the details provided by their customers within the KYC Form, and assess the risk of money laundering or terror financing, considering the characteristics of the customer, the nature of business services being requested, the source for the financing of the business services, the likelihood of the details included in the KYC Form, and relevant information published by the Commissioner (see below) (“the Risk Assessment”). Part of the assessment is a list, setting out circumstances which are seen as indicating a high risk of the customer being involved in money laundering or terror financing. For example, a customer who performs transactions in large amounts of cash, with no explanation or business reason, or a customer who performs transactions with one of the countries in respect of which the FATF has published a reservation as to such country's compliance with the standards set by the organization regarding money laundering and terror financing. However, as we will further elaborate, the Risk Assessment is excluded from the information the Business Services Providers must provide to the Commissioner pursuant to the Order.

A third measure that Business Services Providers are required to take is to examine whether the identifying details of the customer, its majority shareholders, and the beneficiary of the business services provided appear in a list of declared terror organizations and of persons declared to be terrorists. The Business Services Provider is obligated to reexamine the said details and compare them to the updated list on a semi-annual basis.

In addition to the abovementioned obligations, the Amendment authorizes the Minister of Justice to appoint a Business Services Providers Commissioner (“the Commissioner”). According to the Order, the Commissioner is entitled to request Business Services Providers to provide the Commissioner with documents, information and explanations in respect to the fulfilment of their obligations under the Order (though as we have mentioned above, this information does not include the Risk Assessment). In addition, according to the Law, the Commissioner is entitled to request the Bar Association and the Accountants Council to provide him with contact information regarding Business Services Providers, and information regarding any suspension or revocation of their licenses. Furthermore, the Commissioner is also entitled to request that the Bar Association or the Accountants Council take disciplinary action against any of their respective members whom the Commissioner suspects have violated of any of the obligations imposed upon Business Services Providers under the Law, though this is subject to the enactment of an appropriate disciplinary regulation, which has not yet occurred with resepct to either such body.

Despite the different measures that Business Services Providers are obligated to take, aiming to help them identify customers which are high risk as to committing money laundering or terror financing, the Order includes neither an obligation to report to the relevant authorities the findings from such measures, nor a prohibition against providing business services to such customers.[1] As a result, the main contribution of the Amendment is to increase the awareness of Business Services Providers of the risk that their clients are involved in money laundering or terror financing activities and, by doing so – to decrease the involvement of Business Services Providers in such activities.

The Constitution, Law and Justice Committee approved the Order on November 18th 2014. The Order will enter into force nine months from the date of its publication in the official gazette (“Date of Entry into Force”). With regard to customers to whom business services had been provided before the Date of Entry into Force and continue to be provided thereafter, Business Services Providers have up to one year from the Date of Entry into Force to carry out the KYC process in respect thereto.