goaml PILOT STAKEHOLDER USER GUIDE REGISTRATION

(1)

goAML PILOT

STAKEHOLDER USER GUIDE –

REGISTRATION

(2)

Guideline for reporting entities on the registration process for testing purposes

Page 2 of 32 version 1.3

FINANCIAL INTELLIGENCE CENTRE REPUBLIC OF SOUTH AFRICA Private Bag X177, Centurion, 0046 https://goStage.fic.gov.za/goAMLWeb_UAT

www.fic.gov.za/Secure/Queries.aspx

Guideline for reporting entities on the registration process for testing purposes

Objective of this guideline

The objective of this guideline is to define and outline in detail the steps to be followed when registering with the Financial Intelligence Centre (the Centre). To access the registration web form, the reporter must first register with the Centre at https://goStage.fic.gov.za/goAMLWeb_UAT.

Legal Disclaimer

The FIC reserve the right to amend, modify or change the contents of this document during the testing.

Definitions

The guideline must be read in conjunction with the FIC Act and the Regulations for definitions of terms used in the guideline. In this guideline, unless the context indicates otherwise:

‘‘FIC Act’’ refers to the Financial Intelligence Centre Act, 2001 (Act No 38 of 2001), as amended.

“Regulations” refer to the Money Laundering and Terrorist Financing Control Regulations made in terms of section 77 of the FIC Act and promulgated in Government Notice 1595 of 20 December 2002 as amended.

A “Compliance Officer” (S43CO) refers to the person who is, in terms of section 43(b) of the FIC Act appointed by an accountable institution with the purpose of overseeing compliance with the FIC Act by the institution and its employees. In the registration process, the S43CO is tasked with the duty to ensure that the details of the accountable institutions are correctly submitted on the Centre’s website.

A “money laundering reporting officer” (MLRO) is envisaged to be a person, other than the S43CO, with the responsibility and authority to submit intelligence reports to the Centre on behalf of

(3)

“AI/RI” refers to Accountable and Reporting Institutions.

Important information to remember when registering on the Centre’s goAML system:

 An organisation must register one Compliance Officer (S43CO) only; there is no restriction on the number of money laundering reporting officers (MLRO’s) an institution can register;

 The first person to register on the entity’s behalf should be the Compliance Officer (S43CO);

 All fields with an asterisk (*) are mandatory and should be completed as part of the registration process;

 All registrations will have to be approved by the Centre prior to activation;

 The Compliance Officer (S43CO) will have to approve all MLRO registrations prior to the Centre’s final approval;

 Supporting documents such as an identity document and authorisation letter will have to be attached as part of the registration process.

 Every AI/RI must register in the prescribed manner as previously communicated in PCC 05

(4)

1. Introduction

goAML is an integrated software solution developed and maintained by the United Nations Office on Drugs and Crime (UNODC) specifically for use by Financial Intelligence Units (FIUs) around the world. The Centre has chosen goAML as its preferred IT platform to handle all its reporting, data collection, analysis, case management and secure communications required for the Centre’s daily operational functions and requirements. In terms of Section 43B of the FIC Act, Accountable Institutions and Reporting Institutions are required to register with the Centre.

1.1 Prerequisites

goAML runs within Internet Explorer version 9 and up, Firefox, Google Chrome but not on Safari. The URL https://goStage.fic.gov.za/goAMLWeb_UAT must be added to the trusted sites and pop ups must be enabled to avoid the site being blocked.

1.2 Adding goAML URL to the trusted sites

 Open Internet Explorer

 On the top Menu Bar, Select Tools > Internet Options

 Select the Security Tab

(6)

 Select the Local intranet Icon > Click on sites

 Add website to the zone > click on Add > click on Close

1.3 Enabling Pop Ups

 On the top Menu Bar > Select Tools > Internet Options

 Click the Privacy Tab > Click on the Settings button

 Add https://goStage.fic.gov.za/goAMLWeb_UAT to the Address of website to allow >

click on Add > click on Close

(7)

1.4 Adding goAML to Favourites

 Type in https://goStage.fic.gov.za/goAMLWeb_UAT web address box

 Click on the Menu bar > Favourites > “Add to Favourites”

 The Add Favourite pop up will display > click on the Add button and goAML will added to the Favourite list.

1.5 Add a Shortcut for goAML to Desktop

 On the Menu bar > Click Favourites > Right click goAML > Send To > Desktop (create shortcut)

 The goAML icon as shown will then be available from the desktop

(8)

1.6 goAML Web Icons

Icons Description

Add

Add the captured detail

Instructs goAML to cancel the capturing of the details

Close

Preview

Print

Remove the uploaded document

Refresh

Upload a document

Approve a registration

Reject a registration

Verify registration details

Finalise approval of the registration

Recall to reverse delegation

(9)

2. goAML Web

The goAML URL for the pilot testing is https://goStage.fic.gov.za/goAMLWeb_UAT. When you enter the URL into your Web browser window, the goAML stage page is launched.

If the user already has user credentials, the user can just log in with credentials. If not, the user must register in order to be able to use the application.

(10)

3. Registration on goAML

All AI/RI’s are required to register with the Centre in order to gain access to the system. The AI/RI is required to register their organisations and the associated users who need to access the goAML system.

3.1 Register An Organisation

Organisations are required to register on the goAML to gain access to the system and to acquire an organisational identity (goAML Org ID). An organisational ID will be used by an organisation as the unique identifier for that organisation and allows goAML users belonging to that particular organisation to have access to information relating to that organisation.

 On the Navigation bar > Hover (move) the mouse pointer on the Register link > Click Register As Organisation > The registration screen is loaded and displayed.

The “Register As Organisation” page will display with the Headings to be captured. The headings are

 Registration Type

 Registering Organisation

 Registering Person

 Attachments

(11)

3.2 Registration Type

The registration type gives the goAML users three entity types to select from; Users can select one of the following registration types:

 Reporting Entity – Accountable / Reporting Institutions such as banks, attorneys etc.

 Stakeholder – Entities such as Law Enforcement Agencies and other FIU’s

 Supervisory Bodies – Supervisory bodies such as South African Reserve Bank (SARB) and Financial Services Board (FSB)

3.3 Registering An Organisation Details

The registering organisation section is for completing the information of the organisation

(12)

3.3.1 Registering organisation details are added as follow

3.3.2 Phones – organisational phone numbers

 Contact Type – It can be Business, Operational, Private, Public, Unknown

 Country Prefix – e.g. +27

 Extension – Numeric (e.g. 5425)

 Organisation Business Type – List of business types (e.g. bank)

 Name – The name of the registered organisation

 Incorp./Reg. Number – Company Registration Number (CIPC)

 Incorporation City – e.g. Pretoria

 Incorporation Country – e.g. South Africa

 Contact Person – Full Name and Surname of the Compliance Officer (S43CO)

 URL - Organisational Website

 is financial – Is it a financial institution (banks, money remitters etc.)

 Trading As – If there is no acronym, re-enter organisation’s name

 Swift /Bic – Unique swift code, only mandatory for financial institutions

 Incorporation State / Province – Province

 Name of holding company – Only if associated with holding company

 E-mail – Preferably a group Email account which will be accessible by all authorised users of the goAML EE system or alternatively the Compliance Officer’s email address (S43CO)

 Comm. Type – It can be Landline, Mobile, Satellite,

 Number – Numeric, digits (e.g. 0128012556)

 Comments – if any

(13)

3.3.3 Address – The entity address

3.3.4 Reporting Obligation – select the relevant Supervisory Body for the registering AI/RI

Please Note: Only one reporting obligation per registration is allowed and should correspond with the business types as per Schedule 1 and Schedule 3 of the FIC Act.

 Type – It can be Business, Operational, Private, Public, Unknown

 Town – Name of town / district as part of a city

 Postal / Zip – The postal code of the city (e.g.

0122)

 Province / State – Name of the province (e.g. Gauteng)

 Address – Physical Address- details like street name, house number etc.

 City – Name of the city

 Country – Name of the country

 Comments – If any

(14)

3.4 Registering Person Details

The registration details of the Compliance Officer (S43CO) must be completed. This section registers the individual on the system and goAML saves the username and password during this phase.

 RSA Passport Number – South African passport number

 Non RSA ID/Passport? – If not a South African citizen / resident with RSA ID or Passport

 Foreign Passport / Foreign ID/ Permit/ Refugee / Residence number – Non South African passport / identity number

 Issuing Country – Country where non South African passport / ID document was issued

 User Name – Is for logging into the system, no duplicates allowed

 Password – Password must be between 5-10 characters, include capital alpha, alphanumeric and special characters (e.g. Goaml321#)

 Gender – Male / Female

 First Name – First name of the user

 Birth Date – Date of birth/ can be typed in from calendar in ccyy/mm/dd format

 Nationality - The status of belonging to a particular nation, whether by birth or naturalisation

 Email – Unique business Email of the user

 Confirm Password – Retype the password

 Title – e.g. Ms / Dr / Mrs

 Surname / Last Name – Surname of the user

 RSA ID Number – 13 digit South African ID Number (e.g. 7404080408069)

 Occupation – Official job title of the user, i.e.

Compliance Officer (S43CO), MLRO, Director etc.



(15)

Please Note: The contact details provided for the Entity and the Compliance Officer (S43CO) must be the business contact details.

3.5 Attachments

Users are required to attach an authorization letter from the entity and a certified copy of the applicable identity document (copy of ID document and/or passport document).

 To Upload a document > Click Browse button

 The Choose file to Upload window will display > Select the document to attach from the desired location and click Open

 The file name will be ready for upload > click Upload.

 To delete an already loaded document, click the X button.

(16)

Before submitting the request the user has to type the Captcha (sequence of digits that appears on the screen in this case) into the box without making any errors.

Please Note: Refresh the captcha code by clicking the arrow, if the registration screen has been opened for a long time amount of time.

 Type in the numbers as it appears > click Submit Request

 Once the registration form has been submitted, a notification email will be sent to the Compliance Officer (S43CO) informing them of the submitted registration request. The email is only confirmation of the registration, the compliance Officer (S43CO) will receive a second notification email once the FIC has approved the registration

3.6 Approving an Organisation

Once the request has been submitted the FIC will be responsible for authenticating and verifying the registration captured along with the required document attachments and approve/reject accordingly. The Compliance Officer (S43CO) will receive an email stating the approval or rejection of the registration. Once the registration has been approved, the Compliance Officer (S43CO) is required to communicate the Organisational ID to users within their own organisation who are permitted to use the system. These users (MLRO’s) will be required to register as a person, which is discussed next

(17)

4. Registering As A Person

Individuals (refers to all registering users on goAML) will be required to register to get access to goAML web. Users will be linked to organisation by using the organisation id.

 On the Navigation bar > Hover (move) the mouse pointer on the Register buttons > Click Register As Person > The registration screen is loaded and displayed.

The register as organisation page will display with the Headings to be captured. The headings are

 Registration Type

 Registering Person

 Attachments

(18)

4.1 Registration Type

 If a user is linked to an organisation that is not required to register with the Centre in terms of the FIC Act (i.e. an organisation that is not an AI/RI) but that user is required to submit a report in terms of Section 29 of the FIC Act (e.g. Suspicious Transaction Report (STR) or a Suspicious Activity Report (SAR), then that user must select the Individual User check box so that they can acquire login credentials to be able to report.

 If a user belongs to an AI/RI then that user must obtain the applicable goAML Org ID from their Compliance Officer (S43CO) and the goAML Org ID must be listed in the applicable field.

For Registering Person and Attachment refer to page 14 and 15

(19)

5. User Request Management (Register As A Person Approval)

 After logging in, the Compliance Officer (S43CO) will have goAML home page displayed on the information bar

 On the Menu bar click on the Admin > User Request Management from the drop down list

 The User Change Requests page will be displayed with the following field

(20)

User Change Requests fields can be searched using the dates fields > Click the Refresh button to load user request for the date specified

Requests View Type can be used to search by type of request

User Change Requests fields can be dragged by header to group by column

The icons, as displayed below, refer

 All – includes all requests irrespective of status; the different statuses are Active, Pending my actions and In progress

 Active – Active on the system

 Pending my action – Request waiting to be actioned

 In progress – Requests that are in progress

 Start Date – Initial date of the user change request

 End Date – End date of the user change request

 Change Request Ref – Used as a referral whilst requesting assistance to the FIC, the number is sent to users by a notification email

 Type – New User / Existing User

 Request Status – Options provided are Waiting for Verification / Activated / Rejected / Waiting for Supervisory Body Approval

 Org Name – Name of the organisation linked to the requester

 Org ID – Organisation ID linked to the requester

 User Name – Requester’s login user name

 Created On – Date of the request

Create new change request (available after activation) Preview used to populate the action page

(21)

 Clicking Preview > generates and displays the report form

 Click the Expand All link to display the complete report, or click the Collapse All link to see the abridged form

 The information diplayed on the report form must be verified, as well as the attachments (ID and authorisation letter)

 After verification action must be taken to either Reject / Verify / Approve / Finalize the request and ensure to add Comments

 The Compliance Officer (S43CO) will be able to Reject / Verify / Approve the request and must ensure to add Comments for each action

 After the Request has been finalised the user will receive an email informing them of the status of the request.

(22)

6. Email Notifications

Emails will be sent to users for different reasons during registration, users will receive notifications about received registration (refer to page 16) by FIC, acceptance and rejection of the registration.

 When the FIC is satisfied with the captured registration details and attached documents, the user will be notified by email about the acceptance of the registration and the goAML Org ID will be found on the mail

 When the FIC is not satisfied with the captured registration details and attached documents, the user will be notified by email about the rejected registration

Registrations will be rejected on goAML for the following reasons:

 If the reporting entity registers an account without linking a user to the account (i.e. IT reporting accounts)

 If there is more than one schedule item, as each schedule must be registered individually

 If the organisation provided incomplete registration forms, or complete the forms with inaccurate information

 No attachments required to verify registration are included

(23)

7. Logging onto goAML Web

Authentication will always be required before gaining access to goAML. The goAML support team is available at [email protected] should you need any assistance.

 Enter your user name in the standard format captured during registration

 Enter your password in the standard format of Case sensitive, Alpha Caps, Alphanumeric, numeric & Char e.g. Test12345@ and click Log In button to proceed.

7.1 Forgot Password

Before contacting the goAML support team for a password reset, the goAML system provides users with the Forgot Password link.

 Click Forgot Password link

 The Reset Password Request window populates, enter User Name > Email >Submit

(24)

 goAML user will receive an email with a link. Click on the link

 Reset Password Request page will populate

 Enter User Name / Email / New Password / Confirm New Password and Click Change Password. New password will be reset.

(25)

8. Delegation goAML Web

Delegation on goAML refers to delegating reporting and other compliance functions to another reporting entity. Delegation can be done in two methods namely, a branch/ business unit/ franchise handing over to the head office / group structure or registered organisation handing over their reporting and other compliance functions to another organisation

8.1 Create New Delegating Organisation

A large organisation that needs to register different branches/ business units / franchises in terms of PCC05 may opt to utilise the delegation functionality. The decision to delegate will be impacted by the decision of whether or not, the Compliance Officer (S43CO) and Money Laundering Officer (MLRO) will be registered at a head office / group structure level and report and manage compliance functions on behalf of multiple AI/RIs registered as per the FIC requirements. Though the system allows delegation from the head office/group structure, it is possible to register a different Compliance Officer (S43CO) and Money Laundering Reporting Officer (MLRO) at the head office/group level as well as at the respective AI/RI level

Please Note: The user must ensure that, they are logged in as the user for the main head office / group account already registered on goAML EE (hence the user needs to logon with the credentials from the first goAML registration which had been approved).

 After logging in, the Compliance Officer (S43CO) will have goAML home page displayed on the information bar

 On the Menu bar click on the Admin > Active Organisations from the drop down list

(26)

 The Active Organisations page will be displayed with the following field > click the Create New Delegating Organisation

Please Note: Create New Delegating Organisation is used to register reporting entities that are not registered already on goAML

(27)

 Registration Type window populates > complete the form for the respective reporting entity you wish to register > attach the necessary documents > the FIC will approve / reject the request > Email notification of the status of the request will be send to the user

Please Note: Use unique information for the following fields, Name, Trading As, Incorp. / Reg.

Number and Email. The fields may not have been used previously

(28)

8.2 Change Selected Delegating Organisation

A registered organisation on goAML can delegate to another registered organisation, both the delegated organisation and the delegating organisation will be able to report and manage the related compliance functions. This method of delegation will also be used for the following:

 A already registered branch/ business unit / franchise can delegate its reporting responsibility to the head office/ group organisation

 Branches/ business units / franchises that are linked to an organisation needs to be delegated to another organisation in the instance of a sale of business or merger for example

After logging in, the Compliance Officer (S43CO) will have goAML home page displayed on the information bar.

 On the Menu bar click on the Admin > Active Organisations from the drop down list

 The Active Organisations page will be displayed with the following field > click the Change Selected Delegating Organisation

(29)

Please Note: Change Selected Delegating Organisation is used to register reporting entities that are registered

 Registration Type window populates > select the Change Delegation Organisation ID by clicking the checkbox

The Change Delegation dialog box populate > click OK

(30)

 The Delegate Organisational ID is populated > Capture the Organisational ID > Attach the necessary documents > Submit Request > The FIC will approve / reject the request >

Email notification of the status of the request will be send to the user

8.3 Recall Delegation

After clicking the Submit Request button, the action window populates this window allows the user to recall the delegation > click Recall to reverse the delegation

(31)

9. Accountable / Reporting Institution Process Flow

Verify and Finalise Individual

Registered Individual User

FIC - Finalise the Organisation

Approve Individual

Verify Individual Register As Individual FIC - Approve the Organisation

FIC - Verify the Organisation

Register As Organisation

Accountable / Reporting

Institution

Compliance Officer

sends Org ID

Compliance Officer

(Super User )

FIC Official

Money Laundering

Reporting Official

(MLRO)

Compliance Officer

FIC Official

Provide group email address, letter of appointment and ID copy.

Verify and validate against third party

source

Verify and validate against third party

source

(32)

10. goAML Support

For goAML Support Contact us on:

e-mail: [email protected]

Log a web query: www.fic.gov.za

Compliance Contact Centre: +27 860 222 200

goaml PILOT STAKEHOLDER USER GUIDE REGISTRATION

goAML PILOT

STAKEHOLDER USER GUIDE –

REGISTRATION

Table of Contents

1. Introduction

1.1 Prerequisites

1.2 Adding goAML URL to the trusted sites

1.3 Enabling Pop Ups

1.4 Adding goAML to Favourites

1.5 Add a Shortcut for goAML to Desktop

1.6 goAML Web Icons

Icons Description

2. goAML Web

3. Registration on goAML

3.1 Register An Organisation

3.2 Registration Type

3.3 Registering An Organisation Details

3.4 Registering Person Details

3.5 Attachments

3.6 Approving an Organisation

4. Registering As A Person

4.1 Registration Type

5. User Request Management (Register As A Person Approval)

6. Email Notifications

7. Logging onto goAML Web

7.1 Forgot Password

8. Delegation goAML Web

8.1 Create New Delegating Organisation

8.2 Change Selected Delegating Organisation

8.3 Recall Delegation

9. Accountable / Reporting Institution Process Flow

Verify and Finalise Individual

Registered Individual User

Verify Individual Register As Individual FIC - Approve the Organisation

FIC - Verify the Organisation

Accountable / Reporting

Compliance Officer

Compliance Officer

(Super User )

FIC Official

Reporting Official

(MLRO)

Compliance Officer

10. goAML Support