What sources of documents, data or information are deemed as reliable? Can a company secretary seek SSM’s or BNM’s confirmation to determine the level of reliability? 哪些文件、数据或资料来源可被视为可靠来源(Reliable and Indepen
What sources of documents, data or information are deemed as reliable? Can a company secretary seek SSM’s or BNM’s confirmation to determine the level of reliability?
Answer:
Verification can be a combination of various data points that the financial institution deems to be “reliable and independent” which could cumulatively ensure the veracity of customer and beneficial owner’s identification data. Any measures adopted should be subjected to the company secretary’s internal governance process.
Generally, company secretaries would verify the identity through acceptable government issued documents with or without photograph (e.g. MyKad, MyKid, MyPR, OKU card, driving licence, birth certificate, marriage certificate), foreign passport, employee identification documents, etc.
Alternatively, subject to the company secretary’s assessment whether it is appropriate to mitigate the risks, company secretaries may accept scanned or copy documentation and apply additional measures which include:
(i) third party verification of identity from the client’s primary bank account provider, lawyer or accountant;
(ii) corroborative evidence from Jabatan Pendaftaran Negara, SSM and Central Credit Reference Information System (CCRIS) databases;
(iii) use of commercial providers who triangulate data sources to verify documentation provided;
(iv) use of new and robust technology solutions including but not limited to, biometric technologies which should be linked incontrovertibly to the customer;
(v) through non face-to-face mechanisms e.g. video conference with customers and submission of selfies to compare the physical identity of a customer with scanned or photographed copies of identification documents; and/or
(vi) other reliable and independent source.
Company secretaries are expected to undertake adequate and reasonable measures to mitigate risks arising from the adoption of any non face-to-face mechanisms.
哪些文件、数据或资料来源可被视为可靠来源(Reliable and Independent Source)?公司秘书是否可以向 SSM 或 Bank Negara Malaysia 确认某项资料来源是否足够可靠?
答案:
客户身份验证(Verification)可以通过多个被视为“可靠及独立”(Reliable and Independent)的资料来源进行交叉核实。
公司秘书可结合不同的数据点进行验证,以合理确认客户(Customer)及实益拥有人(Beneficial Owner)的身份资料真实性。
所有采用的验证措施均应符合公司秘书内部治理及风险管理程序,并应经过适当审批及记录。
一般可接受的身份证明文件
通常情况下,公司秘书可通过政府签发的身份证明文件核实客户身份,包括:
马来西亚政府签发文件
MyKad(大马身份证)
MyKid
MyPR(永久居民证)
OKU Card(残障人士证)
驾驶执照(Driving Licence)
出生证(Birth Certificate)
结婚证书(Marriage Certificate)
其他可接受文件
外国护照(Foreign Passport)
雇员身份证明文件(Employee Identification Documents)
其他政府签发的身份证明文件
替代验证方式(Alternative Verification Measures)
在适当情况下,若公司秘书认为相关风险已获得充分控制,则可接受:
扫描件(Scanned Copy)
文件副本(Copy Document)
但同时应配合额外验证措施。
(i)第三方身份验证
由以下专业人士或机构确认客户身份:
客户主要往来银行(Primary Bank)
律师(Lawyer)
会计师(Accountant)
(ii)政府及官方数据库核实
通过官方数据库进行交叉验证,例如:
国民登记局(Jabatan Pendaftaran Negara, JPN)
马来西亚公司委员会(SSM)
CCRIS(Central Credit Reference Information System)
(iii)商业数据验证平台
使用商业验证服务供应商,通过多个资料来源进行比对与验证(Data Triangulation)。
(iv)科技验证方案
采用先进及可靠的科技验证工具,例如:
生物识别技术(Biometric Technology)
面部识别系统(Facial Recognition)
身份认证平台
相关技术应能够明确及不可争议地与客户身份连接。
(v)非面对面验证方式(Non Face-to-Face Verification)
例如:
视频会议(Video Conference)
客户自拍照(Selfie Submission)
并将客户实时影像与身份证件扫描件或照片进行比对。
(vi)其他可靠及独立来源
公司秘书亦可采用其他合理及独立的信息来源作为辅助验证依据。
关于向 SSM 或 BNM 查询可靠性
一般而言:
❌ SSM 或 Bank Negara Malaysia 不会逐一确认某项文件或资料来源是否属于“可靠来源”。
公司秘书应根据:
风险为本方法(Risk-Based Approach)
自身业务性质
客户风险等级
内部 AML/CFT 政策
自行评估相关资料来源是否足够可靠及独立。
重要提醒
若采用非面对面方式进行客户身份验证,公司秘书应采取充分及合理措施降低相关风险,包括:
身份冒用风险;
文件伪造风险;
冒名开户风险;
远程验证风险。
并确保验证程序能够满足 AMLA、SSM 及 AML/CFT 的合规要求。
总结
公司秘书可通过政府签发文件、银行、律师、会计师、官方数据库、商业验证平台、生物识别技术及视频验证等方式确认客户身份。SSM 及 Bank Negara Malaysia 一般不会就个别资料来源提供可靠性确认,因此公司秘书应根据风险为本原则及内部治理程序,自行评估所采用资料来源是否属于“可靠及独立来源”,并采取适当措施降低非面对面验证所产生的风险。
Malaysia
