The Financial Reporting Centre (FRC) is Kenya’s financial intelligence unit established under the Proceeds of Crime and Anti-Money Laundering Act 2009 (POCAMLA). The FRC receives, analyses, and disseminates financial intelligence to combat money laundering and terrorist financing in Kenya. A wide range of businesses and professions are required to register with the FRC as Reporting Institutions and to comply with extensive AML/CFT obligations including customer due diligence, transaction monitoring, and suspicious transaction reporting. Non-compliance with FRC reporting obligations exposes businesses to criminal penalties, reputational damage, and regulatory sanctions.

Who Must Register with the FRC

The Second Schedule to POCAMLA lists the entities that are Reporting Institutions required to register with the FRC. These include: banks, microfinance institutions, and other financial institutions regulated by the CBK; insurance companies, brokers, and agents regulated by the IRA; CMA-licensed dealers, investment advisers, and fund managers; real estate agents and developers; lawyers and legal professionals handling client funds or property transactions; accountants and tax advisers; dealers in high-value goods including motor vehicles, precious metals, and gemstones; and trust and company service providers.

Core AML/CFT Obligations for Reporting Institutions

Customer Due Diligence (CDD)

Reporting Institutions must conduct Customer Due Diligence (CDD) on all customers and beneficial owners at the commencement of a business relationship and on an ongoing basis. Standard CDD requires: identifying the customer by name, address, nationality, and date of birth; verifying identity using official identification documents; identifying the beneficial owner where the customer is a legal entity; understanding the nature and purpose of the business relationship; and conducting enhanced due diligence (EDD) on higher-risk customers including Politically Exposed Persons (PEPs) and customers from high-risk jurisdictions.

Suspicious Transaction Reports (STRs)

Reporting Institutions are required to file Suspicious Transaction Reports (STRs) with the FRC where they know, suspect, or have reasonable grounds to suspect that a transaction or funds are connected to money laundering, terrorist financing, or proceeds of crime. STRs must be filed within three business days of forming the suspicion. Tipping off the customer that an STR has been filed is a criminal offence under POCAMLA.

Cash Transaction Reports (CTRs)

Reporting Institutions that deal in cash must file Cash Transaction Reports (CTRs) with the FRC for all cash transactions of KES 1,000,000 or more, or multiple transactions that appear to be structured to avoid the reporting threshold. CTRs must be filed within five business days of the transaction.

Record Keeping Requirements

Reporting Institutions must maintain records of all customer due diligence documentation and transaction records for a minimum of seven years after the conclusion of the business relationship or the completion of the transaction. Records must be maintained in a form that enables the FRC to reconstruct the transaction history and the identity of the parties involved.

The Money Laundering Reporting Officer (MLRO)

Every Reporting Institution must appoint a Money Laundering Reporting Officer (MLRO) who is responsible for receiving internal reports of suspicious activity from staff, reviewing those reports, and determining whether an STR should be filed with the FRC. The MLRO must be a senior officer with appropriate authority and must receive regular AML/CFT training. In small entities such as law firms and sole practitioner accountants, the principal or managing partner typically serves as the MLRO.

FRC Inspections and Enforcement

The FRC conducts inspections of Reporting Institutions to assess AML/CFT compliance. Inspections may be routine (scheduled) or triggered by specific intelligence. A finding of non-compliance at an FRC inspection can result in: written directions requiring remedial action; imposition of administrative penalties; referral to the relevant sectoral regulator for licensing action; and in serious cases, criminal prosecution of the institution and its responsible officers. Penalties under POCAMLA include fines of up to KES 5 million per breach and imprisonment of up to five years for responsible persons.

As a Reporting Institution itself, Clay & Associates Advocates has direct experience operating under FRC compliance requirements. Our regulatory compliance practice provides AML programme design and implementation advisory services to businesses across all DNFBP categories. For financial services clients with the most intensive AML obligations, our team delivers comprehensive compliance frameworks. More information is available at the Financial Reporting Centre website.