|
Financial Institution Name: |
Capital One |
|---|---|
|
Location (Country): |
United States |
1. Entity & Ownership
|
Question |
Answer |
|---|---|
| 1. Full Legal Name | Capital One Financial Corporation |
|
2. Append a list of foreign branches which are covered by this questionnaire |
N/A |
|
3. Full Legal (Registered) Address |
1680 Capital One Drive, |
|
4. Full Primary Business Address (if different from above) |
N/A |
|
5. Date of Entity incorporation/establishment |
1994 |
|
6. Select type of ownership and append an ownership chart if available |
|
|
6 a. Publicly Traded (25% of shares publicly traded) |
Yes |
| 6 a1. If Y, indicate the exchange traded on and ticker symbol | New York Stock Exchange (NYSE) under ticker symbol 'COF' |
|
6 b. Member Owned/Mutual |
No |
|
6 c. Government or State Owned by 25% or more |
No |
|
6 d. Privately Owned |
No |
|
6 d1. If Y, indicate details of shareholders or ultimate beneficial owners with a holding of 10% or more |
N/A |
|
7. % of the Entity's total shares composed of bearer shares |
0 |
|
8. Does the Entity, or any of its branches, operate under an Offshore Banking License (OBL)? |
No |
|
8 a. If Y, provide the name of the relevant branch/es which operate under an OBL |
N/A |
| 9. Does the Bank have a Virtual Bank License or provide services only through online channels? | No |
| 10. Provide Legal Entity Identifier (LEI) if available | ZUE8T73ROZOF6FLBAR73 - Capital One Financial Corporation |
2. AML, CTF & Sanctions Programme
|
Question |
Answer |
|---|---|
|
11. Does the Entity have a programme that sets minimum AML, CTF and Sanctions standards regarding the following components: |
|
|
11a. Appointed Officer with sufficient experience / expertise |
Yes |
| 11b. Adverse Information Screening | Yes |
| 11c. Benefiical Ownership | Yes |
|
11d. Cash Reporting |
Yes
|
| 11e. CDD
|
Yes |
|
11f. EDD |
Yes |
|
11g. Independent Testing |
Yes |
|
11h. Periodic Review |
Yes |
|
11i. Policies and Procedures |
Yes |
| 11j. PEP Screening | Yes |
|
11k. Risk Assessment |
Yes |
|
11l. Sanctions |
Yes |
|
11m. Suspicious Activity Reporting |
Yes |
| 11n. Training and Education | Yes |
| 11o. Transaction Monitoring | Yes |
|
12. Is the Entity's AML, CTF & Sanctions policy approved at least annually by the Board or equivalent Senior Management Committee? |
Yes |
|
13. Does the Entity use third parties to carry out any components of its AML, CTF & Sanctions programme? |
Yes |
|
13a. If Y, provide further details |
Capital One employs third parties to assist in carrying out some of the functions of its AML program. It provides the same training to third parties as its full-time AML associates. |
| 14. Does the entity have a whistleblower policy? | Yes |
3. Anti bribery & corruption
|
Question |
Answer |
|---|---|
|
15. Has the Entity documented policies and procedures consistent with applicable ABC regulations and requirements to reasonably prevent, detect and report bribery and corruption? |
Yes |
|
16. Does the Entity's internal audit function or other independent third party cover ABC Policies and Procedures? |
Yes |
|
17. Does the Entity provide mandatory ABC training to: |
|
|
17a. Board and Senior Committee Management |
Yes |
|
17b. 1st Line of Defence |
Yes |
|
17c. 2nd Line of Defence |
Yes |
|
17d. 3rd Line of Defence |
Yes |
|
17e. Third parties to which specific compliance activities subject to ABC risk have been outsourced |
Yes |
|
17f. Non-employed workers as appropriate (contractors / consultants) |
Yes |
4. AML, CTF & sanctions policies & procedures
|
Question |
Answer |
|---|---|
|
18. Has the Entity documented policies and procedures consistent with applicable AML, CTF & Sanctions regulations and requirements to reasonably prevent, detect and report: |
|
|
18a. Money laundering |
Yes |
|
18b. Terrorist financing |
Yes
|
|
18c. Sanctions violations |
Yes |
|
19. Does the Entity have policies and procedures that: |
|
|
19a. Prohibit the opening and keeping of anonymous and fictitious named accounts |
Yes |
|
19b. Prohibit the opening and keeping of accounts for unlicensed banks and / or NBFIs |
Yes |
|
19c. Prohibit dealing with other entities that provide banking services to unlicensed banks |
Yes |
|
19d. Prohibit accounts / relationships with shell banks |
Yes |
|
19e. Prohibit dealing with another Entity that provides services to shell banks |
Yes |
|
19f. Prohibit opening and keeping of accounts for Section 311 designated entities |
Yes |
|
19g. Prohibit opening and keeping of accounts for any of unlicensed / unregulated remittance agents, exchanges houses, casa de cambio, bureaux de change or money transfer agents |
Yes |
|
19h. Assess the risks of relationships with domestic and foreign PEPs, including their family and close associates |
Yes |
|
19i. Define the processes for escalating financial crime risk issues/potentially suspicious activity identified by employees |
Yes |
|
19j. Outline the processes regarding screening for sanctions, PEPs and negative media |
Yes |
|
20. Has the Entity defined a risk tolerance statement or similar document which defines a risk boundary around their business? |
Yes |
|
21. Does the Entity have a record retention procedures that comply with applicable laws? |
Yes |
|
21a. If Y, what is the retention period? |
5 years or more |
5. KYC, CDD and EDD
|
Question |
Answer |
|---|---|
|
22. Does the Entity verify the identity of the customer? |
Yes |
|
23. Do the Entity's policies and procedures set out when CDD must be completed, e.g. at the time of onboarding or within 30 days? |
Yes |
|
24. Which of the following does the Entity gather and retain when conducting CDD? Select all that apply: |
|
|
24a. Customer identification |
Yes |
|
24b. Expected activity |
Yes |
|
24c. Nature of business / employment |
Yes |
|
24d. Ownership structure |
Yes |
|
24e. Product usage |
Yes |
|
24f. Purpose and nature of relationship |
Yes |
|
24g. Source of funds |
Yes |
|
24h. Source of wealth |
Yes |
|
25. Are each of the following identified: |
|
|
25a. Ultimate beneficial ownership |
Yes |
|
25a1. Are ultimate beneficial owners verified? |
Yes |
|
25b. Authorised signatories (where applicable) |
Yes |
|
25c. Key controllers |
Yes |
|
25d. Other relevant parties |
Yes |
|
26. Does the due diligence process result in customers receiving a risk classification? |
Yes |
|
27. Does the Entity have a risk based approach to screening customers and connected parties to determine whether they are PEPs, or controlled by PEPs? |
Yes |
|
28. Does the Entity have policies, procedures and processes to review and escalate potential matches from screening customers and connected parties to determine whether they are PEPs, or controlled by PEPs? |
Yes |
|
29. Is KYC renewed at defined frequencies based on risk rating (Periodic Reviews)? |
Yes |
|
29a. If yes, select all that apply: |
|
|
29a1. Less than one year |
No |
| 29a2. 1 - 2 years | Yes |
| 29a3. 3 - 4 years | No |
| 29a4. 5 years or more | No |
| 29a5. Trigger-based or perpetual mointoring reviews | Yes |
| 29a6. Other (please specify) | N/A |
| 30. From the list below, which categories of customers or industries are subject to EDD and/or are restricted, or prohibited by the Entity's FCC programme? | |
|
30a. Arms, Defence, Military |
EDD on a risk-based approach |
| 30b. Respondent Banks | EDD on a risk-based approach |
| 30b1. If EDD or EDD & restricted, does the EDD assessment contain the elements as set out in the Wolfsberg Correspondent Banking Principles 2022? | Yes |
| 30c. Embassies/Consulates | Restricted |
| 30d. Extractive industries | EDD on risk-based approach |
| 30e. Gambling customers | Restricted |
| 30f. General Trading Companies |
EDD on a risk-based approach |
|
30g. Marijuana-related Entities |
Prohibited |
| 30h. MSB/MVTS customers | Restricted |
| 30i. Non-account customers | Restricted |
| 30j. Non-Government Organisations | Restricted |
| 30k. Non-resident customers | EDD on risk-based approach |
| 30l. Nuclear power | EDD on risk-based approach |
| 30m. Payment Service Providers | Restricted |
|
30n. PEPs |
EDD on a risk-based approach |
|
30o. PEP Close Associate |
EDD on a risk-based approach |
|
30p. PEP Related |
EDD on a risk-based approach |
|
30q. Precious metals and stones |
Restricted |
| 30r. Red light business / Adult entertainment | Restricted |
|
30s. Regulated charities |
Restricted |
|
30t. Shell banks |
Prohibited |
|
30u. Travel and Tour Companies |
EDD on a risk based approach |
| 30v. Unregulated charities | Restricted |
| 30w. Used Car Dealers | EDD on a risk based approach |
|
30x. Virtual Asset Service Providers |
Restricted |
|
30y. Other (specify) |
N/A |
|
31. If restricted, provide details of the restriction |
Capital One has policies and procedures in place to determine the appropriate level of enhanced due diligence, monitoring, and restrictions for higher risk customers and/or transactions in line with relevant local regulatory requirements and restrictions. |
6. Monitoring & Reporting
|
Question |
Answer |
|---|---|
|
32. Does the Entity have risk based policies, procedures and monitoring processes for the identification and reporting of suspicious activity? |
Yes |
|
33. What is the method used by the Entity to monitor transactions for suspicious activities? |
Combination of automated and manual |
| 33a. If manual or combination selected, specify what type of transactions are monitored manually | Decline to respond - Capital One does not release confidential information about specific controls. |
|
34. Does the Entity have regulatory requirements to report suspicious transactions? |
Yes |
|
34a. If Y, does the Entity have policies, procedures and processes to comply with suspicious transactions reporting requirements? |
Yes |
|
35. Does the Entity have policies, procedures and processes to review and escalate matters arising from the monitoring of customer transactions and activity? |
Yes |
7. Payment Transparency
|
Question |
Answer |
|---|---|
|
36. Does the Entity adhere to the Wolfsberg Group Payment Transparency Standards?
|
Yes |
|
37. Does the Entity have policies, procedures and processes to comply with and have controls in place to ensure compliance with: |
|
|
37a. FATF Recommendation 16 |
Yes |
|
37b. Local Regulations |
Yes |
| 37b1. If Y, Specify the regulation
|
Capital One complies with all payment transparency regulations in all the jurisdictions in which it operates. |
|
37c. If N, explain |
8. Sanctions
|
Question |
Answer |
|---|---|
| 38. Does the Entity have a Sanctions Policy approved by management regarding compliance with sanctions law applicable to the Entity, including with respect to its business conducted with, or through accounts held at foreign financial institutions? | Yes |
|
39. Does the Entity have policies, procedures or other controls reasonably designed to prohibit and/or detect actions taken to evade applicable sanctions prohibitions, such as stripping, or the resubmission and/or masking, of sanctions relevant information in cross border transactions? |
Yes |
|
40. Does the Entity screen its customers, including beneficial ownership information collected by the Entity, during onboarding and regularly thereafter against Sanctions Lists?
|
Yes
|
|
41. Select the Sanctions Lists used by the Entity in its sanctions screening processes:
|
|
| 41a. Consolidated United Nations Security Council Sanctions List (UN)
|
Used for screening customers and beneficial owners and for filtering transactional data |
|
41b. United States Department of the Treasury's Office of Foreign Assets Control (OFAC) |
Used for screening customers and beneficial owners and for filtering transactional data |
|
41c. Office of Financial Sanctions Implementation HMT (OFSI) |
Used for screening customers and beneficial owners and for filtering transactional data |
|
41d. European Union Consolidated List (EU) |
Used for screening customers and beneficial owners (i.e. reference data) |
|
41e. Lists maintained by other G7 member countries |
Used for screening customers and beneficial owners and for filtering transactional data |
| 41f. Other (specify) | United Kingfrom (UK) HMT Office of the Superintendent of Financial Institutions (OSFI) Australia - Department of Foreign Affairs and Trade (DFAT) |
|
42. Does the Entity have a physical presence, e.g., branches, subsidiaries, or representative offices located in countries / regions against which UN, OFAC, OFSI, EU and G7 member countries have enacted comprehensive jurisdiction-based Sanctions? |
No |
9. Training & education
|
Question |
Answer |
|---|---|
|
43. Does the Entity provide mandatory training, which includes: |
|
|
43a. Identification and reporting of transactions to government authorities
|
Yes
|
|
43b. Examples of different forms of money laundering, terrorist financing and sanctions violations relevant for the types of products and services offered
|
Yes |
|
43c. Internal policies for controlling money laundering, terrorist financing and sanctions violations |
Yes |
|
43d. New issues that occur in the market, e.g. significant regulatory actions or new regulations |
Yes |
|
44. Is the above mandatory training provided to: |
|
|
44a. Board and Senior Committee Management |
Yes |
|
44b. 1st Line of Defence |
Yes |
|
44c. 2nd Line of Defence |
Yes |
|
44d. 3rd Line of Defence |
Yes |
|
44e. Third parties to which specific FCC activities have been outsourced |
Yes |
|
44f. Non-employed workers (contractors / consultants) |
Yes |
10. Audit
|
Question |
Answer |
|---|---|
|
45. In addition to inspections by the government supervisors / regulators, does the Entity have an internal audit function, a testing function or other independent third party, or both, that assesses FCC AML, CTF, ABC, Fraud and Sanctions policies and practices on a regular basis? |
Yes |