Response to consultation on draft Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on customer due diligence and ML/TF risk factors

Go back

Question 1: Do you have any comments with the proposed changes to the Definitions section of the Guidelines?

NFU fully supports the work against money laundering and terrorist financing and recognizes the significant role of employees at financial institutions in discovering possible money laundering, given the scope of employees´ daily operations and insight.
In connection to the definition of ´risk appetite´, we find that an even more precise formulation would be to include the types of risks, the containment of risk within the institutions´ risk capacity, as well as the goal – the achievement of the firm´s long-term strategy. Therefore, the definition would read ´the level and type of risk a firm is prepared to accept within its risk capacity in order to achieve its strategic objectives´.

Question 2: Do you have any comments on the proposed amendments to Guideline 1 on risk assessment?

With regards to 1.17 (b), we are pleased to see that the responsibility of firms in taking steps to ensure that employees understand the business-wide risk assessment and its effects is mentioned. We suggest to, also in line with Article 46 from Directive 2015/849, that the guideline highlights the need for instructions for staff on how they should proceed in such cases. Being aware of the risk assessment is important, but it should be complemented with staff being provided with enough time and resources to obtain knowledge of risks, sufficient instructions and carry out procedures in case risks materialize, in order to ensure full extent of implementation.
Furthermore, on 1.28. it could be useful to look for coherence within the GDRP and AMLD in terms of retention of personal data.

Question 3: Do you have any comments on the proposed amendments to Guideline 2 on identifying ML/TF risk factors?

N/A

Question 4: Do you have any comments on the proposed amendments and additions in Guideline 4 on CCD measures to be applied by all firms?

With regards to 4.33, the scope of risks should be expanded to include a wider consideration of cyber risks, having in mind the variety of platforms through which the identification and verification means may operate.
On a general note, we support the risk-based approach to customer due dilligence. We however want to stress the higher demands the AML rules places on employees, especially in the current context where a significant number of transactions are carried out through digital means, from a distance, in higher volume and using various platforms. The COVID-19 measures, including several policies on aiding the economy, need to be administered with the help of financial institutions, hence increasing the resources needed to ensure compliance.
In relation to the work on the prevention of money laundering and terrorist financing, three segments are important from an employee perspective – firstly, ensuring one safe and reliable reporting mechanisms / whistle-blowing structures that help Member States and Supervisory Authorities to prevent, detect and address breaches to, among else, anti-money laundering and terroist financing rules. Employees play a central role in these processes.
Secondly, the protection against threats and other hostile consequences is still needed. Despite the introduction of protection provisions in the AMLD, the problem has not been solved. Incidents with threats against employees involved in reporting suspicious transactions are still noted.
In connection to this, thirdly, anonymity and protection of employees who report breaches need to be ensured throughout the process of further handling by institutions. The reports on suspected money laundering must be safeguarded, ensuring to the fullest extent possible and no reported or unauthorized person should be informed or have access to them, respectively.

Question 5: Do you have any comments on the amendments to Guideline 5 on record keeping?

N/A

Question 6: Do you have any comments on Guideline 6 on training?

NFU welcomes the inclusion on Guideline 6 concerning training. Continuous training and competence development for employees is essential both for better understanding their tasks, company policies and procedures, as well as to take up the role of ´watchdog´ that has wider implications for society as a whole.
In addition to being provided training, which should be ongoing, taking place during working hours, and employer-financed, it is essential that employees are given enough time and resources to implement the gained knowledge to correct and appropriate carryout of their tasks. Training initatives should also be updated continuously i.e. in accordance with legal and regulatory changes. Attention should be paid though to ensure that eduation/upskilling and certification is not confounded. If an employee is required by law to update their certifications on a regular basis, the time spent in preparing for and taking these tests should not be counted among the hours allocated for training, which unfortunately is the case in many companies so far in Europe. This leaves employees with preciously few hours available to learn actual new skills, in cases where certification must be updated every 6 months.
To ensure full alignment with Article 46 (1) from Directive 2015/849, we would suggest including training on relevant data protection requirements.

Question 7: Do you have any comments on the amendments to Guideline 7 on reviewing effectiveness?

N/A

Question 8: Do you have any comments on the proposed amendments to Guideline 8 for correspondent banks?

N/A

Question 9: Do you have any comments on the proposed amendments to Guideline 9 for retail banks?

N/A

Question 10: Do you have any comments on the proposed amendments to Guideline 10 for electronic money issuers?

N/A

Question 11: Do you have any comments on the proposed amendments to Guideline 11 for money remitters?

N/A

Question 12: Do you have any comments on the proposed amendments to Guideline 12 for wealth management?

N/A

Question 13: Do you have any comments on the proposed amendments to Guideline 13 for trade finance providers?

N/A

Question 14: Do you have any comments on the proposed amendments to Guideline 14 for life insurance undertakings?

N/A

Question 15: Do you have any comments on the proposed amendments to Guideline 15 for investment firms?

N/A

Question 16: Do you have any comments on the proposed amendments to Guideline 16 for providers of investment funds and the definition of customer in this Guideline?

N/A

Question 17: Do you have any comments on the additional sector-specific Guideline 17 on crowdfunding platforms?

N/A

Question 18: Do you have any comments on the additional sector-specific Guideline 18 on account information and payment initiation service providers?

N/A

Question 19: Do you have any comments on the additional sector-specific Guideline 19 on currency exchanges?

N/A

Question 20: Do you have any comments on the additional sector-specific Guideline 20 on corporate finance?

N/A

Name of the organization

NFU - Nordic Financial Unions