Central Bank of the Philippines reiterates AML and merchant due diligence obligations for payment activities and QR Ph services

The Central Bank of the Philippines has issued a memorandum reminding all BSP-supervised institutions to strictly apply existing anti-money laundering and countering terrorism and proliferation financing controls across payment activities. The reminder covers account onboarding, ongoing account monitoring, and merchant payment acceptance, and makes clear that institutions must keep controls effective and risk-based to prevent accounts and payment channels from being misused for money laundering, terrorist financing, proliferation financing, related predicate offences, or other unlawful activity. The memorandum reiterates compliance with the applicable AML/CTPF rules in the banking and non-bank manuals and with merchant due diligence requirements in the Manual of Regulations for Payment Systems. For merchant payment acceptance, institutions remain primarily responsible for AML/CTPF compliance when they provide accounts, access to payment rails, or settlement services, even when payment aggregators or similar intermediaries are involved. Aggregators also carry their own responsibilities for onboarding, monitoring, risk mitigation and suspicious transaction reporting, but supervised institutions must maintain adequate visibility over underlying merchants and payment activity, including access to sub-merchant information, transaction-level data and merchant risk profiles, risk-based onboarding and monitoring criteria, and periodic reviews with triggers to restrict or terminate high-risk or non-compliant relationships. The central bank also reminds institutions to distinguish merchant accounts from personal accounts, maintain effective ongoing merchant monitoring, implement measures against mule merchants and QR code misuse, and apply commensurate end-user due diligence, transaction monitoring and other controls for QR-enabled services under QR Ph.