Anti-Money Laundering (AML) and Data Protection Webinar

Bystian.andreassen@wakandi.com

In this compliance webinar, Compliance Manager Grace Ntambi explains essential updates on regulatory requirements covering KYC, AML, and data protection.

The session outlines what SACCOs and financial providers must do to remain compliant, highlighting key obligations under Tanzanian law, the role of the FIU, and how Wakandi helps ensure secure and lawful operations.

Presented by: Grace Ntambi (Compliance Manager)
Moderator: Samoan Timchuma
Date: May 7, 2025

Main Themes:

  1. Compliance Awareness
  2. Anti-Money Laundering (AML)
  3. Data Protection
  4. Roles and Obligations of Financial Providers

Key Points by Topic

1. Importance of Compliance

  • Ensures legal operations and prevents fraud.
  • Builds trust with stakeholders, including customers and regulators.
  • Required for maintaining licenses (e.g. PSP, Application Services, Data Controller).

2. Regulatory Bodies Involved

  • Bank of Tanzania (Central Bank)
  • TCRA (Communications Authority)
  • TCDC (Cooperative Regulator)
  • FIU (Financial Intelligence Unit)

3. KYC (Know Your Customer) Procedures

  • Mandatory for all financial service providers.
  • Collect and verify IDs (NIN, Passport) of board members, managers, and anyone handling funds.
  • KYC must be updated annually due to new leadership elected at AGMs.

4. AML (Anti-Money Laundering) Obligations

  • Appoint a Money Laundering Reporting Officer (MLRO).
  • Monitor and flag suspicious transactions via the FIU portal.
  • Conduct enhanced due diligence on Politically Exposed Persons (PEPs).
  • Failure to report can result in:
    • Penalties (minimum TZS 500 million)
    • License suspension or revocation

5. Data Protection

  • Wakandi is licensed as a Data Controller since August 2024.
  • No third-party data sharing without consent.
  • All member data and financial data are securely managed.
  • Consent and security protocols are strictly enforced.

6. Record Keeping and Reporting

  • Maintain all financial transaction data for up to 10 years.
  • Submit required reports to regulators (suspicious activity reports, financial returns, etc.).

7. Training & Awareness

  • Ignorance is not a legal defence — continuous training is essential.
  • Staff must be trained in AML, compliance, and data protection.