What are the Regulations of the 'Japanese Act on Prevention of Transfer of Criminal Proceeds' in Non-Face-to-Face Transactions such as Receiving Mail?
It has become a given that businesses must pay attention to compliance in their operations. Among these, the ‘Japanese Act on Prevention of Transfer of Criminal Proceeds’ is garnering attention. As the name suggests, the Act aims to ‘prevent’ the ‘transfer’ of ‘proceeds’ obtained from ‘crime’. Under this law, businesses are required to verify the identity of their customers for certain high-risk transactions that could be used for money laundering. For example, the requirement to present identification documents when opening an account at a financial institution is a measure based on the Act on Prevention of Transfer of Criminal Proceeds.
While this law may seem irrelevant to many, that’s not necessarily the case. Even if you’re not directly involved in criminal activities, you could unknowingly become involved in money laundering through actions such as buying and selling accounts. Therefore, the transfer, receipt, delivery, and provision of passbooks, cash cards, etc., are prohibited (Article 28 of the Japanese Act on Prevention of Transfer of Criminal Proceeds).
As money laundering becomes more international and sophisticated, not only those involved in financial institutions but also general business people need to fully understand the regulations of the Act on Prevention of Transfer of Criminal Proceeds.
Beyond financial transactions, services such as mail receipt services are also subject to the Act on Prevention of Transfer of Criminal Proceeds. Private mailbox businesses, rental offices, and virtual offices may fall under the category of mail receipt services.
Moreover, with the increase in transactions being completed online, how to conduct identity verification based on the Act on Prevention of Transfer of Criminal Proceeds in non-face-to-face transactions has become an issue.
Therefore, we will explain the regulations under the Act on Prevention of Transfer of Criminal Proceeds and identity verification in non-face-to-face transactions for businesses providing services such as mail receipt services.
The Act on Prevention of Transfer of Criminal Proceeds (Japanese Act on Prevention of Transfer of Criminal Proceeds) and Mail Receiving Services
The Act on Prevention of Transfer of Criminal Proceeds (Japanese Act on Prevention of Transfer of Criminal Proceeds), also known as the Anti-Money Laundering Act, imposes obligations such as identity verification at the time of transactions on “specified business operators” defined by the Act, based on international requests to prevent money laundering and terrorist financing.
One of the “specified business operators” under the Act on Prevention of Transfer of Criminal Proceeds is the mail receiving service industry. Specifically, it refers to businesses that provide services that meet the following requirements:
- They allow customers to use their residence or office location as the receiving location for mail.
- They receive mail addressed to customers on their behalf.
- They hand over the received mail to the customers.
For example, in the case of rental office or virtual office businesses that provide services to receive mail addressed to the contractee on their behalf, they are subject to the Act on Prevention of Transfer of Criminal Proceeds as a mail receiving service business.
In addition, there are services where rental boxes are installed inside supermarkets or convenience stores, allowing shoppers to receive parcels addressed to them. Such services may also fall under the category of mail receiving service businesses.
As such, the scope of application of the Act on Prevention of Transfer of Criminal Proceeds is quite broad. Therefore, it is important to properly determine whether your company’s services are subject to the Act on Prevention of Transfer of Criminal Proceeds.
What is Personal Identification in the Japanese Act on Prevention of Transfer of Criminal Proceeds?
Specific business operators engaged in businesses subject to the Japanese Act on Prevention of Transfer of Criminal Proceeds are required to verify the identity of their customers at the time of transactions. The items to be confirmed when a specific business operator transacts with a customer are as follows:
- Personal identification information (name, location of head office or main business office)
- Personal identification information of representatives (name, address, date of birth)
- Transaction authority of representatives
- Purpose of the transaction
- Business content (occupation in the case of individuals)
- If there is a substantial controller, the personal identification information of the substantial controller
- If it is a high-risk transaction, assets and income
The term “representatives, etc.” refers to corporate representatives, transaction handlers, agents, etc.
Also, “high-risk transactions” refer to the following transactions:
- Transactions with customers who were verified in past contracts
- Transactions suspected of being impersonated by representatives, etc.
- Transactions with customers who are suspected of having lied during the verification at the time of past contracts
- Transactions with individuals residing or located in Iran or North Korea
- Transactions with foreign PEPs (foreign dignitaries, their families, or corporations substantially controlled by such dignitaries or their families)
Cases Where Identity Verification is Reduced
If the customer who is the transaction partner falls under the category of “State, etc.”, the obligation for identity verification is reduced. The following are considered as “State, etc.” according to the Act on Prevention of Transfer of Criminal Proceeds (Article 4, Paragraph 5).
- State
- Local public entity
- Associations or organizations without personality
- Listed companies, etc.
It is important to note that listed companies, etc. may not seem to be included in the legal term “State”. When dealing with the above corporations or organizations, the following identity verification is sufficient.
Customer | Items to be confirmed |
---|---|
State | ・Identification of representative, etc. ・Transaction authority |
Local public entity | |
Listed companies, etc. | |
Associations or foundations without personality | ・Identification of representative, etc. ・Purpose of the transaction ・Business content |
Verification Methods in Non-Face-to-Face Transactions
In non-face-to-face transactions where contracts are concluded online, there is the issue of how to perform identity verification under the Japanese Act on Prevention of Transfer of Criminal Proceeds.
There are several methods, but in particular, we will introduce verification methods that can be completed online, which are recommended for IT companies.
Verification of Corporate Identity
One of the items to be verified in transactions with general customers is the identification of the corporation. An online method for verifying the identity of a corporation is to use an electronic certificate based on the Japanese Electronic Signature Act.
Specifically, you can receive the transmission of information related to specific transactions, etc., which has been electronically signed and verified by the electronic certificate, from the representative of the customer corporation. Electronic certificates under the electronic authentication system based on commercial registration are created by the registrar at the registration office.
Reference: Ministry of Justice | Guide to Obtaining Electronic Certificates
Verification of Identity of Representatives
To verify the identity of representatives, which is one of the items to be confirmed in transactions with customers, online, there are two procedures:
- Using an electronic certificate issued by a certified authentication service provider based on the Electronic Signature Act
- App-reception type (transmission of facial image capture + image capture of identification document)
Generally, the app-reception type of verification method is easier to use when the customer is an individual. Specifically, the verification is done in the following steps:
- Have the customer use the software provided by the specific business operator
- Have the customer take photos of both their own face and the photo on their identification document
- Have these image information sent immediately to your company or the contractor
- At your company or the contractor, verify that the identification document is genuine and that the received photo is not a photo of a past appearance or a photo of the identification document
It should be noted that in the app-reception type of verification method, it is necessary to use the software provided by the specific business operator to send the photos. In other words, it is not permissible to send photos taken by the customer by email, etc.
Also, in verifying that the identification document is genuine, it is necessary to check for any unnatural points in the shape, etc., that can be detected from the image of the identification document.
To verify that the received photo is not a photo of a past appearance or a photo of the identification document, for example, you can show the customer a random number, etc., at the time of verifying the identity, and have the customer take a photo of their face and identification document with a paper with the number, etc., written on it and receive the transmission immediately.
It should be noted that when receiving and storing identification documents online, great care must be taken to prevent information leakage. We have detailed explanations about actual cases of information leakage and how to deal with them in the following article.
Related article: Learning Crisis Management and the Role of Lawyers from Capcom’s Information Leakage
Transaction Authority of Representatives
Traditionally, it was common to confirm the transaction authority of representatives by verifying that the representative was registered as an officer with the authority to represent the customer through a certificate of registered matters.
However, recently, even in business-to-business transactions, contracts are increasingly being concluded online. A method to confirm the transaction authority of representatives without generating paper exchanges is to confirm by phone, fax, email, etc., that the representative is in charge of the transaction on behalf of the customer at the customer’s head office or sales office.
Transaction Purpose
The purpose of the transaction can be confirmed by interviewing by phone or email, etc.
Business Content
Confirmation of business content by phone or email, etc., is not permitted. Normally, the business content is confirmed by obtaining the customer’s certificate of registered matters.
Identification of the Actual Controller
The actual controller refers to a natural person who actually controls the customer corporation. For example, in the case where the customer is a corporation, a natural person who holds more than 25% of the total voting rights is, in principle, considered the actual controller.
If there is an actual controller, the identification of the actual controller, such as the name, address, and date of birth, is confirmed by receiving a declaration from the representative.
Unless it falls under high-risk transactions, it is not necessary to confirm the identification of the actual controller using the actual controller’s own identification document, and a declaration from the representative is sufficient.
Summary: Regulations of the Japanese Act on Prevention of Transfer of Criminal Proceeds in Non-Face-to-Face Transactions
The Japanese Act on Prevention of Transfer of Criminal Proceeds is frequently amended, and the scope of its regulations is expanding. The National Police Agency is in charge of this law, as its purpose is to deter crime, and it requires very strict operation.
On the other hand, the obligation to verify the identity of individuals under the Japanese Act on Prevention of Transfer of Criminal Proceeds is complex and can be difficult to understand accurately. If the interpretation of the law is incorrect and the necessary identity verification is not carried out, it poses a significant risk of scandal for the company.
Therefore, when it is necessary to verify the identity of individuals based on the Japanese Act on Prevention of Transfer of Criminal Proceeds, we recommend consulting with a lawyer who is knowledgeable in the IT field about what kind of system needs to be built.
Introduction to Our Firm’s Measures
Monolith Law Office is a legal office with high expertise in both IT, particularly the internet, and law. In recent years, the Japanese Act on Prevention of Transfer of Criminal Proceeds has been attracting attention, and the need for legal checks is increasingly growing. Our firm provides solutions related to the Act on Prevention of Transfer of Criminal Proceeds. Details are described in the article below.
Category: IT
Tag: CybercrimeIT