Response to consultation on draft Guidelines on the role, tasks and responsibilities AML/CFT compliance officers
Go back
• "v) number of requests for information received from the FIU" and "vi) number of judicial requests/subpoenas received" should be combined into a single item which should read:
"v) requests for information from the FIU, courts and law enforcement agencies".
Reasoning:
In practice, it is not feasible, especially in standardised retail business, to differentiate according to which requests for information have been received from the FIU and which requests have been received from courts or law enforcement agencies. In addition, a high volume of requests for information is not always an indicator of a higher money laundering risk of the institution surveyed: For example, Bausparkassen regularly have a very large number of requests for information, even though the money laundering risk of their products is very low. The reason for this is the wide spread of Bauspar savings among the population and a comprehensible "investigation in all directions" by the authority taking action, especially in the initial stage. A differentiation according to the source of the request for information would, in our view, result in a not inconsiderable bureaucratic effort without offering any added value for the work of the AML/CFT compliance officer.
• The cases described in 52. 1) e) viii) in the statistics to be compiled by AML/CTF compliance officer are not intended to be exhaustive and can be extended to the case constellations occurring in practice by the ARC. There are also cases where the suspicion of money laundering is not confirmed after the SAR has been submitted. It should also be possible to report this in a differentiated manner in the ARC's report.
• 52. 1) e) ix) should be deleted.
Reasoning:
The summary of statistical data or key risk indicators relating to ML/FT risks relevant to the respective credit institution is covered in the risk assessment anyway and is therefore already part of 52. 1) b). A duplication of contents in the annual activity report on the one hand and in the risk analysis on the other hand should be avoided for reasons of efficiency and better clarity.
We propose the following additional clarification to 57.:
“In accordance with the financial sector operator’s obligation under Article 46(1) of Directive (EU) 2015/849, the AML/CFT compliance officer should duly inform the staff working in ML/TF relevant processes about the ML/TF risks to which the financial sector operator is exposed, taking into account the broader national and international environment in which it operates, and about the reasons why it is necessary to reduce these ML/TF risks. This information may take various forms, such as company letters, intranet, meetings. The training should be designed in a reasonable way to keep staff informed of the risks, including ML/TF methods, trends, and typologies, as well as of the risk-based approach implemented by the financial sector operator to reduce and manage these risks. The AML/CFT compliance officer should further contribute to promote the adoption of the right ethical approach within the financial sector operator
Reasoning:
The obligation to provide training should not be extended to employees whose activities as such may not be likely to increase the ML/TF. In particular, it should be possible to exempt from training, for example, cleaning services, cooks, service staff or gardeners. In addition, staff training should not be extensive and detailed, but should only provide appropriate information on the application of the risk-based approach to reducing and managing these risks, to prevent too much information from identifying and circumventing money launderers' safeguards.
"coordinate the activities of the various local AML/CFT officers in the group’s operational entities in order to ensure that they work consistently while following the risk-based approach in the respective group member institution operating on its own responsibility;"
Reasoning:
Even within a financial conglomerate, it must be possible for subsidiaries belonging to a different industry (e.g., insurance companies or special credit institutions such as mortgage banks or Bausparkassen) to apply a risk-based approach tailored to the respective business model. The activities of the respective AML/CFT compliance officers of group member institutions, which each have a different business model and therefore also a different level of risk, should therefore not be uniform, but should be able to be designed taking into account the risk level of the respective individual institution without taking into account any deviating risks of the individual group member institutions. This is in line with the idea of a risk-based clustering for similar institutions of an industry according to the consulted amendments to the EBA Guidelines on Risk-Based Supervision of credit and financial institutions’ compliance with anti-money laundering and countering the financing of terrorism (AML/CFT) obligations (EBA/CP/2021/11).
3. Do you have any comments on Guideline 4.2 ‘Role and responsibilities of the AML/CFT compliance officer’?
We propose the following amendments to 52. 1) e):• "v) number of requests for information received from the FIU" and "vi) number of judicial requests/subpoenas received" should be combined into a single item which should read:
"v) requests for information from the FIU, courts and law enforcement agencies".
Reasoning:
In practice, it is not feasible, especially in standardised retail business, to differentiate according to which requests for information have been received from the FIU and which requests have been received from courts or law enforcement agencies. In addition, a high volume of requests for information is not always an indicator of a higher money laundering risk of the institution surveyed: For example, Bausparkassen regularly have a very large number of requests for information, even though the money laundering risk of their products is very low. The reason for this is the wide spread of Bauspar savings among the population and a comprehensible "investigation in all directions" by the authority taking action, especially in the initial stage. A differentiation according to the source of the request for information would, in our view, result in a not inconsiderable bureaucratic effort without offering any added value for the work of the AML/CFT compliance officer.
• The cases described in 52. 1) e) viii) in the statistics to be compiled by AML/CTF compliance officer are not intended to be exhaustive and can be extended to the case constellations occurring in practice by the ARC. There are also cases where the suspicion of money laundering is not confirmed after the SAR has been submitted. It should also be possible to report this in a differentiated manner in the ARC's report.
• 52. 1) e) ix) should be deleted.
Reasoning:
The summary of statistical data or key risk indicators relating to ML/FT risks relevant to the respective credit institution is covered in the risk assessment anyway and is therefore already part of 52. 1) b). A duplication of contents in the annual activity report on the one hand and in the risk analysis on the other hand should be avoided for reasons of efficiency and better clarity.
We propose the following additional clarification to 57.:
“In accordance with the financial sector operator’s obligation under Article 46(1) of Directive (EU) 2015/849, the AML/CFT compliance officer should duly inform the staff working in ML/TF relevant processes about the ML/TF risks to which the financial sector operator is exposed, taking into account the broader national and international environment in which it operates, and about the reasons why it is necessary to reduce these ML/TF risks. This information may take various forms, such as company letters, intranet, meetings. The training should be designed in a reasonable way to keep staff informed of the risks, including ML/TF methods, trends, and typologies, as well as of the risk-based approach implemented by the financial sector operator to reduce and manage these risks. The AML/CFT compliance officer should further contribute to promote the adoption of the right ethical approach within the financial sector operator
Reasoning:
The obligation to provide training should not be extended to employees whose activities as such may not be likely to increase the ML/TF. In particular, it should be possible to exempt from training, for example, cleaning services, cooks, service staff or gardeners. In addition, staff training should not be extensive and detailed, but should only provide appropriate information on the application of the risk-based approach to reducing and managing these risks, to prevent too much information from identifying and circumventing money launderers' safeguards.
4. Do you have any comments on Guideline 4.3 ‘Organisation of the AML/CFT compliance function at group level’?
We propose the following supplementary clarification to 84. d):"coordinate the activities of the various local AML/CFT officers in the group’s operational entities in order to ensure that they work consistently while following the risk-based approach in the respective group member institution operating on its own responsibility;"
Reasoning:
Even within a financial conglomerate, it must be possible for subsidiaries belonging to a different industry (e.g., insurance companies or special credit institutions such as mortgage banks or Bausparkassen) to apply a risk-based approach tailored to the respective business model. The activities of the respective AML/CFT compliance officers of group member institutions, which each have a different business model and therefore also a different level of risk, should therefore not be uniform, but should be able to be designed taking into account the risk level of the respective individual institution without taking into account any deviating risks of the individual group member institutions. This is in line with the idea of a risk-based clustering for similar institutions of an industry according to the consulted amendments to the EBA Guidelines on Risk-Based Supervision of credit and financial institutions’ compliance with anti-money laundering and countering the financing of terrorism (AML/CFT) obligations (EBA/CP/2021/11).