The Financial Intelligence Analysis Unit (FIAU) would like to notify subject persons that the European Banking Authority (EBA) has recently published the following documents:
1. EBA consultation paper on amendments to the Guidelines on the AML/CFT Risk-Based Supervision to include crypto-asset service providers.
On 20 July 2021, the EU issued an AML/CFT legislative package of four proposals to strengthen the EU’s institutional and legal AML/CFT framework. One of these four proposals is a recast of Regulation (EU) 2015/847 on information accompanying transfers of funds and repealing Regulation (EC) No 1781/2006. This Recast of the Regulation extends the scope of the rules to crypto-assets transfers, regarding the information on payers and payees, required to support the transfers of funds.
Through the ‘Provisional Agreement Resulting from Interinstitutional Negotiations’ dated 5th October 2022, the EBA is envisioning the development of guidelines on the AML/CFT risk-based supervision approach applied by competent authorities in the context of crypto-asset service providers. In the meantime, the EBA is inviting all relevant stakeholders to provide their contributions on this revised Risk-Based Supervision Guidelines. Amongst other policies and controls, the revised guidelines stress the importance of cooperation between the relevant stakeholders in the fight against ML/FT. In the context of multiple competent authorities responsible for the AML/CFT supervision, there needs to be a consistent approach when establishing supervisory expectancies. Guidance and training are also highlighted within these revised guidelines, so that competent authorities have the technical skills and expertise to execute their supervisory functions.
The EBA is inviting interested parties to put forward any comments on the Consultation Paper, particularly on the specific questions summarised in Section 5.2 of the document.
The deadline is the 29th of June 2023. Kindly click on the following link for further information on the submission of responses.
2. Guidelines for effective ML/FT risk management and safeguard access to financial services by vulnerable customers.
On 31 March 2023, the EBA issued two sets of guidelines related to de-risking. De-risking is defined by the EBA as ‘a refusal to enter into or a decision to terminate business relationships with individual customers or categories of customers associated with higher ML/TF risk, or to refuse to carry out higher ML/TF risk transactions.’
In the beginning of last year, the EBA published an opinion on de-risking promoting financial inclusion of groups of customers that are particularly affected by unnecessary de-risking. Through this opinion, the EBA also reiterated the need to create conditions to provide access to financial services to legitimate customers which nurtures their involvement in the internal market. Following this opinion, the European Commission asked the EBA to issue guidelines addressed to the institutions to assist certain categories of customers vulnerable to unnecessary de-risking to access financial services.
Consequently, the EBA has issued the following two sets of Guidelines with the purpose of clarifying regulatory expectations, and tackle unwarranted de-risking:
a).Guidelines amending the ML/FT Risk Factors Guidelines in relation to NPO
Through the first set of guidelines, the EBA added an Annex to the ML/FT Risk Factors Guidelines. The Annex establishes a set of criteria which are to be applied when a customer is a Not-For-Profit organisation (NPO).
When evaluating such prospective customers` risk profile, subject persons are to establish a good understanding of the NPO’s governance and control, funding, activities, the jurisdiction/s in which it operates and who the beneficiaries are on a risk-sensitive basis. The Annex also provides a number of risk factors which need to be considered when identifying the risks associated with these particular customers. The risk factors include governance and exertion of control, reputation/adverse media findings, funding methods, operations in jurisdictions associated with higher ML/FT risks and high-risk third countries. These guidelines provide subject persons with further knowledge on the operations of each particular NPO.
b). Guidelines on effective ML/FT Risk Management and access to Financial Services
This second set of guidelines complements the EBA’s ML/FT Risk Factors Guidelines and is wider in nature when compared to the first set of guidelines mentioned above. These guidelines establish the steps that subject persons should take before determining whether to refuse or end a business relationship with a customer, based on ML/FT risk or AML/CFT compliance obligations. The guidelines delve into the risk assessment obligations, CDD measures, reporting obligations, record-keeping obligations and provisions in relation to the right of access to a payment account with basic features. It also explains how to calibrate the monitoring measures based on the product and services features available to a customer according to the risk of ML/FT.
A draft of these two sets of guidelines was published for a consultation process which took place between the 6 December 2022 and 6 February 2023.These Guidelines will enter into force 3 months after the publication in all EU official languages. Subject persons can access the document on the FIAU website, or the EBA website.