Circular. - all credit institutions, including European and non-european branches;

Similar documents
Periodic questionnaire on combating money laundering and terrorist financing

Communication. Brussels, 14 September 2017

Circular. Brussels, 8 May 2017

NBB_2017_15 Page 1 of 15

Decree No. 67/2018 Coll.

Circular. Brussels, 20 November 2017

NBB_2017_15 Page 1 of 16

Annex 2 to circular NBB_2017_20

AMF Position-recommendation

JC/GL/2017/ September Final Guidelines

Decision of the Board of Directors 1/506/

JC/GL/2017/16 16/01/2018. Final Guidelines

FINAL DRAFT RTS UNDER ARTICLE 45(6) OF DIRECTIVE (EU) 2015/849 JC /12/2017. Final Report

COMMISSION DELEGATED REGULATION (EU) /... of

X/N scheme NBB-SSS. Buyer. Seller. N-Account. N-Account 3. X-Account. Tax administration. 1a 1b pays WT* to. 4b pays WT* to.

JC /05/2017. Final Report

THE EUROPEAN SYSTEMIC RISK BOARD

COMMISSION DELEGATED REGULATION (EU) No /.. of

Circular CBFA_2010_03 of 12/01/2010

EBA/CP/2015/ November Consultation Paper

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 291 thereof,

Council of the European Union Brussels, 4 December 2018 (OR. en) Anti-Money Laundering Action Plan - Council Conclusions (4 December 2018)

CLIENTS ACCEPTANCE POLICY

EBA FINAL draft implementing technical standards

Memorandum on application for authorisation by an insurance or reinsurance company under Belgian law

CENTRAL BANK OF CYPRUS EUROSYSTEM

Council of the European Union Brussels, 23 November 2018 (OR. en)

Report on Internal Control

4th Anti-Money Laundering Directive and 2d Fund Transfers Regulation- General overview and impact on payments

1. The Powers of the Supervisory Authorities

The Governor of the Bank of Greece, having regard to:

To whom it may concern. Implementation of the 4th EU Anti Money Laundering Directive

Act 3 Anti-Money Laundering (Amendment) Act 2017

Guidelines for Anti-Money Laundering and Combating the Financing of Terrorism

PREVENTION OF MONEY LAUNDERING & TERRORIST FINANCING MANUAL

Final Report. Implementing Technical Standards

MONEY-LAUNDERING AND TERRORISM FINANCING PREVENTION SANTANDER GROUP GLOBAL POLICY

The Romanian Government adopts this decision.

Gazette of. paragraph DECISION. and implementat. and terrorist financing; laundering. financing. appointing and audit.

CLIENT ACCEPTANCE POLICY

Standard 2.4. Customer due diligence - Prevention of money laundering and terrorist financing. Regulations and guidelines

Note on the application of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017

THE THIRD EU DIRECTIVE ON MONEY LAUNDERING AND TERRORIST FINANCING

DIRECTIVES. COUNCIL DIRECTIVE 2014/48/EU of 24 March 2014 amending Directive 2003/48/EC on taxation of savings income in the form of interest payments

DECISION ON RISK MANAGEMENT BY BANKS

GENERAL SCHEME OF A CRIMINAL JUSTICE (MONEY LAUNDERING AND TERRORIST FINANCING) (AMENDMENT) BILL

Settlement Agreement between the Central Bank of Ireland and Intesa Sanpaolo Life dac

Redline (4AMLD 5AMLD)

Annex 2 - Template for the chapter on Governance system of the RSR

Funded Risk Sharing Financial Instrument, Call for EoI No. JER-001/2012/1

the National Bank of Belgium (hereinafter "the Bank"), located in Boulevard de Berlaimont 14, 1000 Brussels, represented by Luc COENE, Governor, and;

DIRECTIVE DΙ OF THE CYPRUS SECURITIES AND EXCHANGE COMMISSION FOR THE PREVENTION OF MONEY LAUNDERING AND TERRORIST FINANCING

Basel Committee on Banking Supervision. Consultative Document. Guidelines. Revised annex on correspondent banking

Anti-Money Laundering, counter Terrorist Financing and sanctions Procedure

Policy on Anti Money Laundering and Countering Terrorist Financing

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. on information accompanying transfers of funds. (Text with EEA relevance)

Attachment: References for formulating a list of countries/regions with higher risks of money

COMMISSION DELEGATED REGULATION (EU) /... of

JOINT RESOLUTION OF THE GOVERNOR OF BANK OF MONGOLIA AND CHAIR OF THE FINANCIAL REGULATORY COMMISSION

T H E D E P O S I T G U A R A N T E E S C H E M E A C T ( T H E Z S J V ) 1. GENERAL PROVISIONS. Article 1 (Subject matter of the Act)

(Information) EUROPEAN COMMISSION. MONETARY AGREEMENT between the European Union and the Principality of Andorra (2011/C 369/01)

THE FRAMEWORK OF SUPERVISION FOR FINANCIAL INSTITUTIONS

Law. on the Recovery and Resolution of Credit Institutions and Investment Firms * Chapter One GENERAL PROVISIONS.

REQUEST TO EIOPA FOR TECHNICAL ADVICE ON THE REVIEW OF THE SOLVENCY II DIRECTIVE (DIRECTIVE 2009/138/EC)

CONSULTATION DOCUMENT ON THE REGULATION OF RELATED PARTY TRANSACTIONS ( * ) 3 August 2009

CYPRUS BAR ASSOCIATION

Brussels, ~352JS3c

FSMA_2012_19 of 3/12/2012

MORATORIUM ON THE DISTRIBUTION OF PARTICULARLY COMPLEX STRUCTURED PRODUCTS

THE CENTRAL BANK OF CYPRUS LAWS OF 2002 TO (No.3) Unofficial translation of Directive issued by virtue of sections 16 and 36

Ordinance of the Swiss Federal Banking Commission Concerning the Prevention of Money Laundering

COUNCIL OF THE EUROPEAN UNION. Brussels, 4 June /14 Interinstitutional File: 2013/0340 (NLE) ATO 45

EAA issues guidelines on compliance of anti-money laundering and counter-terrorist financing requirements for the estate agency sector

CENTRALE BANK VAN ARUBA

Ministerial Regulation on Customer Due Diligence B.E (2013)

European Investment Bank. EIB Policy towards weakly regulated, non-transparent and uncooperative jurisdictions

Consultation Paper. Draft Regulatory Technical Standards

Report on the annual accounts of the European Schools for the financial year together with the Schools replies

BY GRACE OF THE GOD ALMIGHTY THE GOVERNOR OF BANK INDONESIA,

INSURANCE ACT 1986 INSURANCE (ANTI-MONEY LAUNDERING) REGULATIONS 2008

SWEDEN. Mutual Evaluation Fourth Follow-Up Report - annexes. Anti-Money Laundering and Combating the Financing of Terrorism

Law of 19 April 2014 on alternative investment funds and their managers: questions and answers on the entry into force of the AIFM Law

Having regard to the Treaty establishing the European Atomic Energy Community, and in particular Articles 31 and 32 thereof,

EBA FINAL draft regulatory technical standards

Transposition of Directive 2004/39/EC on Markets in Financial Instruments

ANNEX. Country annex BELGIUM. to the REPORT FROM THE COMMISSION

CEIOPS-DOC-61/10 January Former Consultation Paper 65

Guidelines Governing Anti-Money Laundering and Countering Terrorism Financing of Securities Firms

Eurofinas is entered into the European Transparency Register of Interest Representatives with ID n

SUBSIDIARY LEGISLATION PREVENTION OF MONEY LAUNDERING AND FUNDING OF TERRORISM REGULATIONS

(Revised: 7 December 2016)

Risk Management and Procedures Manual regarding Money Laundering and Terrorist Financing

ANNEX III Sector-Specific Guidance Notes for Investment Business Providers, Investment Funds and Fund Administrators

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

APPLICATION PAPER ON COMBATING MONEY LAUNDERING AND TERRORIST FINANCING

Official Journal of the European Union. (Non-legislative acts) REGULATIONS

EUROPEAN UNION. Brussels, 4 April 2014 (OR. en) 2011/0359 (COD) PE-CONS 5/14 DRS 2 CODEC 36

Regulation on the implementation of the European Economic Area (EEA) Financial Mechanism

3: Equivalent markets

Slovenia. Anti-money laundering and counter-terrorist financing measures. F o l l o w - u p r e p o r t

Transcription:

Boulevard de Berlaimont 14 BE-1000 Brussels Phone +32 2 221 24 33 fax +32 2 221 31 04 Company number: 0203.201.340 RPM (Trade Register) Brussels www.nbb.be Circular Brussels, 24 January 2018 Reference: NBB_2018_02 Contact person: Catherine Terrier Phone +32 2 221 45 32 fax +32 2 221 31 04 catherine.terrier@nbb.be Overall assessment of money laundering and terrorist financing risks Scope All companies subject to supervision by the National Bank of Belgium that fall within the scope of the Law of 18 September 2017 on the prevention of money laundering and terrorist financing and on the restriction of the use of cash, including: - all credit institutions, including European and non-european branches; - all stockbroking firms, including European and non-european branches; - all insurance companies authorised to conduct life insurance business, including European and non-european branches; - all payment institutions and electronic money institutions governed by Belgian law, including branches established in Belgium of European and non-european institutions, and payment institutions and electronic money institutions authorised in another European Economic Area country which are required to designate a central contact point in Belgium; - all settlement institutions falling within the scope of the Law of 18 September 2017. Summary/Objectives In this circular, the National Bank of Belgium (hereinafter "the Bank") on the one hand provides information on its expectations regarding the overall risk assessment to be carried out by the financial institutions under Articles 16 and 17 of the Law of 18 September 2017 on the prevention of money laundering and terrorist financing and on the restriction of the use of cash (hereinafter the ML/FT Law ). On the other hand, the Bank also requests certain information from the financial institutions through this circular, in order for it to be able to monitor compliance with this obligation in a targeted manner. NBB_2018_02 24 January 2018 Circular P. 1/6

Structure 1. Introduction 2. Background 3. Governance 4. Process 5. Communication to the Bank Dear Sir, Dear Madam, This circular aims to clarify the Bank's expectations regarding the overall assessment of money laundering and terrorist financing (hereinafter ML/FT ) risks to be carried out by the financial institutions, and contains two annexes that you are requested to fill in and return to the Bank, in order to give us an overview of the way in which this process has been implemented in practice by your institution. 1. Introduction On 16 October 2017, the ML/FT Law 1 entered into force. Article 16 of this Law requires the obliged entities to take measures that are appropriate and commensurate with their nature and their size to identify and assess the ML/FT risks to which they are exposed. In doing so, they should take into account the characteristics of their customers, the products, services or transactions offered, the countries or geographical areas concerned and the distribution channels used. Article 17 of the ML/FT Law provides that this overall risk assessment should be documented, updated and kept at the disposal of the Bank. Furthermore, the financial institutions should be able to demonstrate to the Bank that the policies, procedures and internal control measures developed by them in accordance with Article 8 of the ML/FT Law, including, where appropriate, their customer acceptance policies, are appropriate in view of the ML/FT risks they have identified. Updating the overall risk assessment implies, where appropriate, also updating the individual risk assessments referred to in Article 19, 2, first paragraph of the ML/FT Law. 2. Background The obligation to adopt a risk-based approach for the prevention of ML/FT is one of the key elements in the 2012 FATF Recommendations and the European ML/FT Directive 2015/849 of 20 May 2015. At the Belgian level, this obligation was laid down, inter alia, in Articles 16 and 17 of the ML/FT Law and in Title 2 of the Bank's Regulation of 21 November 2017 on the prevention of money laundering and terrorist financing 2 (hereinafter the "ML/FT Regulation"). The overall risk assessment to be carried out by the financial institutions in this context should enable them to identify the inherent ML/FT risks to which they are exposed and to manage these risks in an appropriate manner or, where necessary, to mitigate them. The risk-based approach allows institutions to take less far-reaching measures in situations which present a low ML/FT risk, and to use the resources thus freed for the compulsory application of enhanced measures in situations where the risks are higher. Thus, the allocation of available resources can be optimised. 1 2 Law of 18 September 2017 on the prevention of money laundering and terrorist financing and on the restriction of the use of cash, see the Bank s website www.nbb.be. Regulation of the National Bank of Belgium of 21 November 2017 on the prevention of money laundering and terrorist financing, available on the Bank's website www.nbb.be. NBB_2018_02 24 January 2018 Circular P. 2/6

It follows from the above that an appropriate risk-based approach starts with acquiring thorough and up-to-date knowledge of the ML/FT risks to which the institution is exposed and understanding these risks. In accordance with Article 3 of the ML/FT Regulation, the overall risk assessment should cover all activities of the institution established in Belgium which is subject to the ML/FT legislation, including its cross-border activities conducted under the freedom to provide services. If the institution operates through a group, Article 6 of the ML/FT Regulation stipulates that all its branches and subsidiaries should submit their overall risk assessment to the institution, so that the latter can take it into account when determining the general risk policy at the level of the group. In this context, the ML/FT Regulation stipulates that payment institutions and institutions for electronic money must also ensure that an overall risk assessment is carried out of the ML/FT risks associated with the activities conducted by them in another Member State or third country through one or more persons established in that member state or third country and representing the institution concerned (e.g. network of agents, etc.). As far as relevant for their sector, the financial institutions should take into account at least the following elements in the aforementioned overall risk assessment 3 : the variables set out in Annex I of the ML/FT Law; the factors that are indicative of a potentially higher risk, as referred to in Annex III of the ML/FT Law; the Joint Opinion on the risks of ML/FT affecting the Union s financial sector 4 issued by the ESAs under Article 6(5) of Directive 2015/849, and the guidelines published by the ESAs on the factors that are indicative of a lower risk (pursuant to Article 17 of the Directive) and the factors that are indicative of a higher risk (pursuant to Article 18(4) of the Directive) 5, the relevant conclusions of the report drawn up by the European Commission pursuant to Article 6 of Directive 2015/849 6 ; the report drawn up by the coordinating bodies pursuant to Article 68 of the ML/FT Law 7, each in its own ambit, and all other relevant information at their disposal. In addition, the Law also provides the possibility to take account in the aforementioned assessment of the factors listed in Annex II (potentially lower risk). The overall ML/FT risk assessment should be carried out under the responsibility of the AMLCO 8 approved by the senior management. and 3 4 5 6 7 8 See also the explanatory statement to the ML/FT Law, Parl. Doc., Chamber, 2016-2017, Doc. 54, 2566/001, p. 79-81. Joint Opinion on the risks of money laundering and terrorist financing affecting the Union s financial sector of 20 February 2017, reference JC 2017/07, see the website of the Joint Committee of ESAs, https://esas-joint-committee.europa.eu. Joint Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on simplified and enhanced customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions of 26 June 2017, reference JC 2017 37. This text is available on the website of the Joint Committee of the ESAs, https://esas-joint-committee.europa.eu. The French and Dutch translations will soon be available on the website of the ESAs (cf. supra) and on that of the Bank www.nbb.be. Report from the Commission to the European Parliament and the Council on the assessment of the risks of money laundering and terrorist financing affecting the internal market and relating to cross-border activities of 26 June 2017, ref.com(2017) 340 final, available on the European Commission s website, http://ec.europa.eu. As soon as this report is published. The person/persons who has/have been designated in accordance with Article 9, 2, of the ML/FT Law. NBB_2018_02 24 January 2018 Circular P. 3/6

Article 17 of the ML/FT Law also provides that the overall risk assessment should be documented, updated and kept at the disposal of the Bank. In this respect, the institutions should be able to demonstrate to the Bank that the policies, procedures and internal control measures developed by them in accordance with Article 8 of the ML/FT Law, including, where appropriate, their customer acceptance policies, are appropriate in view of the ML/FT risks they have identified. Updating the overall risk assessment implies, where appropriate, also updating the individual risk assessments referred to in Article 19, 2, first paragraph of the ML/FT Law. Finally, it should be noted that the overall risk assessment to be carried out by the institutions under Article 16 of the ML/FT Law is not a one-off exercise but a continuous process. This risk assessment - and, where appropriate, also the individual risk assessment - should be updated whenever one or more events occur that could have a significant impact on the risks, such as changes in the business model, launch of new products alongside the current product range, expansion of the activities to new geographical areas, emergence of new ML/FT risks following national or international events, etc. 3. Governance As mentioned above, the overall risk assessment should be presented in a written document (in paper or electronic form) that is kept available to the Bank. This document should also contain a description of the process used to perform the overall risk assessment, including: the methodology used to perform the overall risk assessment, which is expected to include at least the key elements referred to in point 4 of this circular; the manner in which this process has been integrated into the institution s broader risk management system and in its corporate governance, including the manner in which the group dimension, if any, has been incorporated in the assessment; a description of the procedures for monitoring and timely updating the risk assessment process in order to ensure its permanent accuracy; a description of the extent to which the AMLCO, the compliance officer, senior management, and any other parties have been involved in the identification and analysis of the risks, the development of the actual risk assessment and any related measures, or the acknowledgement and validation of the process as a whole. 4. Process The overall risk assessment should be carried out in three successive phases: identification and analysis of risks associated with money laundering and terrorist financing and compliance with the rules on international sanctions, embargoes and other restrictive measures, to which the institution is exposed ("risk identification phase"); analysis and assessment of the adequacy of the existing relevant risk management measures ("gap analysis"); if necessary, taking new or additional risk management measures to control the risks that are not or not adequately covered ("adjustment phase"). The way in which the institution applies and implements this process, as well as the degree of granularity, must be proportionate to its nature and size. NBB_2018_02 24 January 2018 Circular P. 4/6

4.1 Risk identification phase As mentioned above, a good overall risk assessment requires, in the first instance, a thorough knowledge and understanding of all ML/FT risks to which the institution is exposed. The institution will therefore have to identify all relevant ML/FT risks and to classify them into categories/subcategories, based on one or more characteristics as defined in Article 16 of the ML/FT Law. Besides the characteristics of Article 16, the institution should also take into account any other additional characteristics that might apply to its specific situation, such as specific risks that might arise from intra-bank relationships with other group entities, risks associated with activities conducted on the institution s own account (for example, the dealing room), etc. Once the institution has identified and classified the various risks, it must analyse the extent to which it is exposed to these risks. In doing so, the institution should take into account the minimum variables and factors listed in point 2 of this circular, and any other variables and factors that might be appropriate to its specific situation. The final analysis and corresponding risk score per risk category should also take into account all other elements that may influence this assessment. For example, an activity that presents only a slightly increased risk, but represents 80% of the business model of the institution, might have a reinforcing effect and thus lead to a higher risk ranking. 4.2 Gap analysis In a second phase, the institution should make an inventory of the risk management measures 9 it currently applies to manage or limit the various risks identified. This inventory of the risk management measures should also include compliance with the new legal framework laid down in the ML/FT Law and the ML/FT Regulation (i.e. control of the compliance risk, see in particular Article 8 of the ML/FT Law). Next, the institution must assess whether these measures are sufficient. In doing so, account must also be taken of the way in which these risk management measures are actually applied and observed in practice. Furthermore, the institution should also consider, inter alia, the risk management measures that are recommended in: the Joint Opinion on the ML/FT risks affecting the Union s financial sector issued by the ESAs under Article 6(5) of Directive 2015/849, and the guidelines published by the ESAs on the factors that are indicative of a lower risk (pursuant to Article 17 of the Directive) and the factors that are indicative of a higher risk (pursuant to Article 18(4) of the Directive); the report drawn up by the European Commission pursuant to Article 6 of Directive 2015/849; the report drawn up by the coordinating bodies pursuant to Article 68 of the ML/FT Law; any other relevant best practices in this area (for example, guidelines issued by the sector, the FATF, the Basel Committee, etc.). 4.3 Adjustment phase If, at the end of the second phase, the existing risk management measures appear to be insufficient, the institutions should define new or additional measures to adequately manage or mitigate the risk. An appropriate deadline should also be set for the concrete implementation of these measures and the necessary means should be provided to this effect. For the purpose of determining these two elements, account must be taken, inter alia, of the extent, seriousness and impact of the uncovered risk on the one hand, and of the extent and complexity of the remedial measures to be taken, on the other hand. For example, in case of uncovered risks with a large impact, which require only limited remedial measures, adjustments should be made quickly. The required remedial measures which have been identified as a result of this first overall risk assessment should in any case be 9 These risk management measures cover all due diligence and reporting obligations, and can therefore relate to one or more of the following elements: the identification and verification obligation, the constant due diligence obligation, the analysis of atypical transactions and the reporting of suspicions and additional information to the Financial Intelligence Processing Unit. NBB_2018_02 24 January 2018 Circular P. 5/6

implemented by 1 July 2019 at the latest. Institutions that consider themselves unable to implement certain remedial measures within that period, must submit a duly reasoned request for postponement to the Bank by 31 May 2019 at the latest. In such cases, the Bank may - depending on the actual circumstances and insofar as justified in view of the risk - decide to extend the remediation period until 1 January 2020 at the latest. 5. Communication to the Bank Article 17 of the ML/FT Law stipulates that the overall risk assessment must be documented, updated and made available to the Bank. This Article already entered into force on 16 October 2017, but as performing a thorough overall risk assessment - in light of the nature and activities of the institutions involved - may be a complex task, the Bank will monitor the concrete implementation of this obligation in two phases, spread over time. This circular contains two annexes that must be completed by the institutions and returned to the Bank. The first annex contains a summary table that provides a global overview - in abridged and simplified form - of the overall risk assessment carried out by the institution. In order to illustrate what is expected, a sample is provided by way of example. The second annex contains a number of specific questions relating to the way in which the overall risk assessment process has been conducted. The institutions are asked to provide the Bank with a first version of both annexes by 1 April 2018 at the latest. This first version, which is primarily intended to allow the Bank to monitor the timely progress of the assessment work, should reflect the state of progress of the overall risk assessment on that date. The final version of these annexes, which should reflect the full and finalised risk assessment, in accordance with the provisions of Articles 16 and 17 of the ML/FT Law, should be submitted to the Bank by 15 July 2018 at the latest. The institutions that have access to ecorporate should submit the duly completed annexes through ecorporate. The institutions that do not have access to ecorporate should send the duly completed annexes to the following e-mail address: supervision.ta.aml@nbb.be. Finally, it is recalled that the overall risk assessment process is a continuous exercise and that the Bank will continue to monitor this process afterwards. We therefore ask the institutions to also update these annexes each time the overall risk assessment is adjusted, and to submit the new updated version to the Bank - simultaneously with the annual activity report referred to in Article 7 of the ML/FT Regulation - through ecorporate (or using the above-mentioned mailbox, in the absence of access to ecorporate). A copy of this circular is being sent to the auditor(s) of your company or institution. Yours faithfully, Jan Smets Governor Annexes (3) available only via www.nbb.be: Summary of risk analysis - Summary table Summary of risk analysis - Sample of completed table Questionnaire NBB_2018_02 24 January 2018 Circular P. 6/6

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback