Response to consultation on Guidelines to prevent transfers of funds can be abused for ML and TF
Go back
On page 9 in the consultation paper is ”Sending PSP” defined as meaning ”the PSP sending the transfer and can be either the PSP of the payer or the last intermediary PSP in the payment chain”.
Swedish Bankers’ Association questions this defintion. It is quite normal that there are more than the sending PSP, an intermediary PSP and the receiving PSP involved in a transaction. Thus, there can be more than just one intermediary PSP involved in the payment chain.
DEFINITION OF ”MEANINGLESS INFORMATION”.
What is ”meaningless information” in this context? We cannot see that this concept is included in regulation 847. Is this pehaps an over-interpretation on the ESA:s part? Could it be article 7.3 this is coming from? If that is the case, the Swedish banks has taken as a starting point that they validate account numbers and check against reliable independent source".
Moreover, in the definition of ”meaningless information” is stated the following, that it ”means information that makes no obvious sense such as strings of random characters (e.g. ‘xxxxx’, or ‘ABCDEFG’) or clearly meaningless designations (e.g. ‘An Other’, or ‘My Customer’)”
As a payers bank, the banks CAN detect and take care of this. By contrast, as a PAYEE bank it is impossible for a bank to detect the information, or check the accuracy of the data, that is put in the different message fields. Therefore, the banks can only detect that information actually IS THERE, not detect, and act, if it says ”Donald Duck”. Any mandatory rules requireing the systems the possibility to read/detect ”xxxx” or ”ABCDE” will drive very high costs. To show the scope of the complexity of having checking/validating controls of ”XXX” and ”ABC” see below.
For example, by searching at ”www.allabolag.se” (”All Companies”; a Swedish search engine), you will get 259 hits for ”ABC” and 15 hits on ”XXX”, not to mention if you search on Google or another search engine.
DEFINITION OF ”MISSING INFORMATION”.
See above views as regards meaningless information. The concept of ”missing information” is built upon what is meaningless information, and the latter has to be taken care of first."
In several places in the document is stated that real-time monitoring could/should be performed. We questions these statements since regulation 2015/847 clearly admits ex-post monitoring.
LINKED TRANSACTIONS
We think that six months is a too long time-frame. We suggest one month instead.
HEADLINE ”DETECTION OF ADMISSABLE CHARACTERS…”
We believe that ”admissable charcters” should be defined. However, we understand that the ”source” for this statement can be found in article 7 (1) in the regulation. As long as the banks conform to Swift standards this wording causes no problems for the banks. However, please clarify!
POINT 23
Here is stated that ”obviously meaningless information…”. We have the same comment as above. What should ” obviously” mean in this context? Can it be interpreted in a different way, more extended, than above as regards meaningless information”.
POINT 27
Second bullit-point – replace ”of” with ”or”.
MISCELLANEOUS – TIMEING OF THESE GUIDELINES
The basis for these guidelines comes from a regulation that have been published since almost two years ago and now are some additional rules about to complement the regulation. The current draft guidelines from ESA was published way too a short a time-frame in order for the banks to do a thorough review of the proposals. The consultation should have been made at least six months earlier.
Question 1: Do you agree with the general considerations in Chapter 1? In particular, do you agree that these are necessary to ensure an effective, risk-based and proportionate approach to complying with Regulation (EU) 2015/847? If you do not agree, clearly set out your rationale and provide supporting evidence where available. Please also set out what you consider to be the common principles that apply to both, the PSP of the payee and the intermediary PSP, and why.
TITLE I – SUBJECT MATTER, SCOPE AND DEFINITIONSOn page 9 in the consultation paper is ”Sending PSP” defined as meaning ”the PSP sending the transfer and can be either the PSP of the payer or the last intermediary PSP in the payment chain”.
Swedish Bankers’ Association questions this defintion. It is quite normal that there are more than the sending PSP, an intermediary PSP and the receiving PSP involved in a transaction. Thus, there can be more than just one intermediary PSP involved in the payment chain.
DEFINITION OF ”MEANINGLESS INFORMATION”.
What is ”meaningless information” in this context? We cannot see that this concept is included in regulation 847. Is this pehaps an over-interpretation on the ESA:s part? Could it be article 7.3 this is coming from? If that is the case, the Swedish banks has taken as a starting point that they validate account numbers and check against reliable independent source".
Moreover, in the definition of ”meaningless information” is stated the following, that it ”means information that makes no obvious sense such as strings of random characters (e.g. ‘xxxxx’, or ‘ABCDEFG’) or clearly meaningless designations (e.g. ‘An Other’, or ‘My Customer’)”
As a payers bank, the banks CAN detect and take care of this. By contrast, as a PAYEE bank it is impossible for a bank to detect the information, or check the accuracy of the data, that is put in the different message fields. Therefore, the banks can only detect that information actually IS THERE, not detect, and act, if it says ”Donald Duck”. Any mandatory rules requireing the systems the possibility to read/detect ”xxxx” or ”ABCDE” will drive very high costs. To show the scope of the complexity of having checking/validating controls of ”XXX” and ”ABC” see below.
For example, by searching at ”www.allabolag.se” (”All Companies”; a Swedish search engine), you will get 259 hits for ”ABC” and 15 hits on ”XXX”, not to mention if you search on Google or another search engine.
DEFINITION OF ”MISSING INFORMATION”.
See above views as regards meaningless information. The concept of ”missing information” is built upon what is meaningless information, and the latter has to be taken care of first."
Question 2: Do you agree that the expectations on intermediary PSPs and PSPs of the payee in Chapter II are proportionate and necessary to both comply with Regulation (EU) 2015/847 and ensure a level playing field? In particular, do you agree with: • The steps PSPs should take to detect and manage transfers of funds with missing information of inadmissible characters or inputs? • The steps PSPs should take to detect and manage PSPs that are repeatedly failing to provide the required information? If you do not agree, clearly set out your rationale and provide supporting evidence where available. Please also set out at what you believe PSPs should do instead, and why.
TITLE II - REQUIREMENTS REGARDING THE MEASURES TAKEN BY PSPS IN THE DETECTION OF MISSING INFORMATION AND THE TRANSFERS OF FUND WITHOUT THIS INFORMATIONIn several places in the document is stated that real-time monitoring could/should be performed. We questions these statements since regulation 2015/847 clearly admits ex-post monitoring.
LINKED TRANSACTIONS
We think that six months is a too long time-frame. We suggest one month instead.
HEADLINE ”DETECTION OF ADMISSABLE CHARACTERS…”
We believe that ”admissable charcters” should be defined. However, we understand that the ”source” for this statement can be found in article 7 (1) in the regulation. As long as the banks conform to Swift standards this wording causes no problems for the banks. However, please clarify!
POINT 23
Here is stated that ”obviously meaningless information…”. We have the same comment as above. What should ” obviously” mean in this context? Can it be interpreted in a different way, more extended, than above as regards meaningless information”.
POINT 27
Second bullit-point – replace ”of” with ”or”.
MISCELLANEOUS – TIMEING OF THESE GUIDELINES
The basis for these guidelines comes from a regulation that have been published since almost two years ago and now are some additional rules about to complement the regulation. The current draft guidelines from ESA was published way too a short a time-frame in order for the banks to do a thorough review of the proposals. The consultation should have been made at least six months earlier.