Overview of the Compliance officer’s liability under Law 44 of 2015

Boards of directors have grown accustomed to treating the compliance function as an operational matter. They see it as a technical department managed by specialists, insulated from governance discussions at the top. That posture carries legal and institutional risks that are insufficiently understood at the level where they ultimately matter.

Law 44 of 2015 on combating money laundering and terrorist financing, which remains the operative AML/CFT instrument in Lebanon, is the starting point, but it is not the whole picture. Understanding the compliance officer’s regulatory exposure requires reading Law 44 accurately, not as it is sometimes characterized.

Provisions of Law 44/2015

Article 13 of Law 44 is the primary sanctions provision. It imposes criminal sanctions: imprisonment of two months to one year and/or a fine not exceeding one hundred million Lebanese pounds - to date, these statutory ceilings have not been revalued and this is a recognized weakness of the current AML enforcement architecture - on any party that violates the following legal obligations:

• The obligations under Article 4: CDD on permanent and transient customers, beneficial owner identification, record retention, ongoing monitoring and the use of ML/TF indicators,

• The obligations under Article 5: insurance companies, casinos, real estate dealers and agents, dealers in valuables, and — within the activities specified — certified accountants, notaries, and lawyers subject to the bar mechanism,

• The STR reporting obligation under Article 7,

• The obligation to produce documents to the Special Investigation Commission (“SIC”) under Article 10,

• The tipping-off prohibition under Article 11.

The law addresses these obligations to reporting entities as institutions. It does not, by its text, single out the compliance officer by title or function as individually criminally liable for institutional CDD or STR failures.

There is one provision where individual exposure within the institution is explicit: Article 11, read together with Article 13. Article 11 prohibits reporting entities and specifically their board members, officers, and employees from disclosing or insinuating to any person that a suspicious transaction report or other relevant information has been or is intended to be submitted to the SIC, or that the SIC is inquiring about customers or auditing their operations or accounts. Violations of this tipping-off prohibition are directly sanctioned under Article 13. An officer or employee who tips off a customer, regardless of institutional instruction or pressure, carries personal criminal exposure that is unambiguously grounded in the statute.

Equally important, and frequently overlooked, is Article 12. The law grants immunity from civil and criminal liability to reporting entities, their staff, the supervisors of the Banking Control Commission of Lebanon (“BCCL”), and auditors in performing their duties under the provisions of Law 44 or according to the decisions of the SIC, particularly when they report in good faith to the SIC the details of operations suspected to be related to money laundering or terrorist financing. This protection is meaningful: a compliance officer who files a report in circumstances where the underlying suspicion later proves unfounded is statutorily protected, provided the good-faith standard is met.

Administrative and regulatory exposure

The more probable enforcement pathway against individual officers in practice is administrative rather than criminal. Article 13 itself establishes a graduated administrative mechanism. The SIC may address a warning to parties in violation of the regulations issued for the implementation of Law 44, and may request from these parties periodic reports on the measures taken to rectify their situation. In case of violation, the SIC may refer parties falling under Article 4 (BDL-supervised institutions) to the Higher Banking Commission (“HBC”), and may correspond with the supervisory or oversight authorities concerning Article 5 parties (DNFBPs). The HBC may, in turn, impose on parties referred to it fines for non-compliance with the regulations issued for the implementation of Law 44, capped at two hundred times the official minimum wage, with fines collected to the benefit of Banque du Liban.

Article 13 of Law 44 expressly preserves the application of Article 208 of the Code of Money and Credit on the parties referred to in Article 4: enforcement under Law 44 does not preclude the enforcement of the administrative penalties stipulated in Article 208 of the CMC. Whether Article 208 itself reaches officers and staff individually is a question of CMC interpretation that lies outside Law 44’s text. BDL’s circular framework, principally Basic Circular 83, imposes detailed operational obligations whose breach can result in BCCL findings that name responsible individuals, with consequences that range from formal reprimand to removal and referral for prosecution. In practice, a BCCL enforcement outcome that identifies compliance deficiencies attributable to an officer’s conduct can effectively close the Lebanese financial sector to that individual, regardless of whether criminal charges are ever filed.

The tipping-off risk in context

The tipping-off prohibition warrants more attention at the board level than it typically receives. The obligation of confidentiality surrounding STR filings is absolute under Article 11, and the pressure to which compliance officers may be subjected, from senior management, from relationship officers, and/or from clients, to disclose or signal the filing of a report, creates a structural vulnerability that the institution must address through governance controls, not through individual officer judgment under pressure. Where that governance is absent, the board has created a condition in which the compliance officer either breaches the law or faces internal pressure to do so. The liability in either scenario does not remain confined to the officer.

The post-2019 environment

The financial crisis that began in 2019 has materially complicated the compliance environment. Institutional resources have contracted, correspondent relationships have been severed or placed under heightened scrutiny, and several banks are operating under conditions that make full adherence to BDL circular requirements structurally difficult. None of this should constitute a defense for institutional or individual non-compliance especially that economic stress does not create a force majeure defense under Law 44 or under BDL Circular 83. International scrutiny of Lebanese banks has intensified in direct proportion to the sector’s fragility. The risk of enforcement, whether domestic through the BCCL or reputational through correspondent de-risking, has not diminished alongside institutional capacity.

The governance implication

For boards, the analytical question is not whether the compliance officer is professionally capable. It is whether the institution has provided the legal framework, operational resources, documented procedures, and governance oversight necessary for that officer to discharge obligations that carry both institutional and, in specific circumstances, individual legal consequences. Where those conditions are absent, the board is not managing a compliance deficiency. It is managing undisclosed liability.

Sources: FATF. ACAMS. Law 44/2015. Code of Money an Credit. BDL Basic Circular 83.