Central Bank Imposes Strict Controls on High-Risk Clients

Sudanhorizon – Hala Hamza

At the end of last April, the General Administration for the Development and Regulation of the Banking Sector at the Central Bank of Sudan issued new regulatory and supervisory controls aimed at combating money laundering, terrorism financing, and the financing of weapons proliferation. The directives were addressed to all institutions under its supervision.

The measures were issued in accordance with the Banking Regulation Act of 2026 and Article 44 of the Anti-Money Laundering and Counter-Terrorism Financing Act of 2014, in response to ongoing developments and changes in the financial sector.

The regulations instructed financial institutions to adopt a risk-based approach to identify, assess, monitor, and mitigate risks related to money laundering, terrorism financing, and proliferation financing. Institutions are required to ensure that the level of assessment corresponds to the size and nature of their operations, update risk assessments twice annually, and document all assessments and related information. They must also establish appropriate mechanisms to provide such information to relevant authorities.

The directives stressed that institutional risk assessments should align with the results of Sudan’s national assessment of money laundering and terrorism financing risks, along with any additional guidance issued by the Central Bank of Sudan.

The central bank also obligated banks to consider internal institutional changes when assessing risks, including changes in ownership structures, board membership, mergers and acquisitions, and major shifts in banking activities.

According to the circular, risk assessments must reflect both qualitative and quantitative elements related to the type, size, and number of transactions in order to determine risk levels. Institutions were instructed to develop and implement internal procedures and measures proportionate to identified risks based on their own assessments, with enhanced due diligence measures required for high-risk cases.

The circular allows simplified procedures in areas or activities classified by the central bank as low risk, according to specific implementation guidelines. Institutions were also instructed to consider customer-related risks, geographic risks, and risks associated with service delivery channels and products.

Banks are required to establish risk profiles classifying clients and transactions into high, medium, or low-risk categories. These profiles must include complete information about the customer and beneficial owner, where applicable, including the expected business relationship with the institution and the source of the customer’s funds and assets. Risk profiles must be updated periodically or whenever changes occur in customer information or transaction patterns.

The regulations further require enhanced due diligence for high-risk clients, taking into account all relevant risk factors before determining the overall risk level and the appropriate mitigation measures. Customer information must also be updated regularly.

The circular instructed institutions to document all risk assessment procedures by maintaining comprehensive records of customer classification, risk evaluation, and due diligence measures, while ensuring such records are available for internal audit and review.

In cases where institutions suspect money laundering, terrorism financing, or proliferation financing, and believe that completing due diligence procedures could alert the client, they are permitted to suspend those procedures, provided that a suspicious transaction report is submitted to the Financial Intelligence Unit.

The central bank also directed institutions to incorporate effective policies governing non-face-to-face business relationships, requiring stricter identity verification procedures. These include authenticated documentation issued by approved authorities, additional identity and source-of-funds verification documents, independent third-party recommendations, restrictions on account usage and transaction limits until verification is completed, and enhanced ongoing monitoring to ensure that customer transactions align with expected behavior and do not involve suspicious activity.

Finally, the bank prohibited institutions from opening or maintaining numbered accounts, anonymous accounts, or accounts under fictitious names. Banks were also required to verify that customers are not listed on delinquent or prohibited customer lists issued by the Central Bank of Sudan before establishing business relationships or carrying out transactions for transient customers included on such lists.

Shortlink: https://sudanhorizon.com/?p=13711