Response to consultation on draft Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on customer due diligence and ML/TF risk factors
Go back
In paragraph 18.4 (customer risk factor) on page 132 of the Guidelines, the EBA describes the following situation as an increased client risk factor: when a customer transfers funds from different payment accounts to the same payee, and that aggregated amounts to a large sum without these funds having a clear rationale. This situation implies that the AISP should conduct transaction monitoring on transactions to accounts that are not linked to the AISP platform, otherwise the AISP can never detect this increased risk factor. In our view this implies a monitoring requirement that results in a disproportional obligation for AISPs, especially considering the lower risks of the payment service involved.
DNB suggests a ‘lighter’ version of transaction monitoring for AISPs; monitoring is only obligated for (aggregated) transaction (amounts) between accounts that are linked to the AISP platform. We emphasize that as a result of this suggestion, transactions to third parties will not be monitored and thus the increased risk factor identified by EBA in 18.4 cannot be detected.
For these reasons, we recommend that paragraph 18.4 on page 132 limit itself to an obligation to PISP’s only.
Question 1: Do you have any comments with the proposed changes to the Definitions section of the Guidelines?
NoQuestion 2: Do you have any comments on the proposed amendments to Guideline 1 on risk assessment?
NoQuestion 3: Do you have any comments on the proposed amendments to Guideline 2 on identifying ML/TF risk factors?
NoQuestion 4: Do you have any comments on the proposed amendments and additions in Guideline 4 on CCD measures to be applied by all firms?
NoQuestion 5: Do you have any comments on the amendments to Guideline 5 on record keeping?
NoQuestion 6: Do you have any comments on Guideline 6 on training?
NoQuestion 7: Do you have any comments on the amendments to Guideline 7 on reviewing effectiveness?
NoQuestion 8: Do you have any comments on the proposed amendments to Guideline 8 for correspondent banks?
NoQuestion 9: Do you have any comments on the proposed amendments to Guideline 9 for retail banks?
NoQuestion 10: Do you have any comments on the proposed amendments to Guideline 10 for electronic money issuers?
NoQuestion 11: Do you have any comments on the proposed amendments to Guideline 11 for money remitters?
NoQuestion 12: Do you have any comments on the proposed amendments to Guideline 12 for wealth management?
NoQuestion 13: Do you have any comments on the proposed amendments to Guideline 13 for trade finance providers?
NoQuestion 14: Do you have any comments on the proposed amendments to Guideline 14 for life insurance undertakings?
NoQuestion 15: Do you have any comments on the proposed amendments to Guideline 15 for investment firms?
NoQuestion 16: Do you have any comments on the proposed amendments to Guideline 16 for providers of investment funds and the definition of customer in this Guideline?
NoQuestion 17: Do you have any comments on the additional sector-specific Guideline 17 on crowdfunding platforms?
NoQuestion 18: Do you have any comments on the additional sector-specific Guideline 18 on account information and payment initiation service providers?
Yes:In paragraph 18.4 (customer risk factor) on page 132 of the Guidelines, the EBA describes the following situation as an increased client risk factor: when a customer transfers funds from different payment accounts to the same payee, and that aggregated amounts to a large sum without these funds having a clear rationale. This situation implies that the AISP should conduct transaction monitoring on transactions to accounts that are not linked to the AISP platform, otherwise the AISP can never detect this increased risk factor. In our view this implies a monitoring requirement that results in a disproportional obligation for AISPs, especially considering the lower risks of the payment service involved.
DNB suggests a ‘lighter’ version of transaction monitoring for AISPs; monitoring is only obligated for (aggregated) transaction (amounts) between accounts that are linked to the AISP platform. We emphasize that as a result of this suggestion, transactions to third parties will not be monitored and thus the increased risk factor identified by EBA in 18.4 cannot be detected.
For these reasons, we recommend that paragraph 18.4 on page 132 limit itself to an obligation to PISP’s only.