Response to consultation on proposed RTS in the context of the EBA’s response to the European Commission’s Call for advice on new AMLA mandates
Question 1: Do you have any comments on the approach proposed by the EBA to assess and classify the risk profile of obliged entities?
EBA has proposed a series of new systems and methods in the field of AML and CFT to strengthen financial institutions' assessment and classification of relevant risks. The new systems and methods are based on previous lessons learned and keep pace with the times. Specifically as follows:
1. Systematic and comprehensive system
The AML and CFT system promoted by EBA emphasizes systematic and comprehensive nature. According to the new regulations, financial institutions need to conduct comprehensive due diligence on customers, identify customer identities, assess the risk level of the customer's region or the intended investment region, and review whether the customer's historical activity track involves illegal financing. In addition, financial institutions also need to improve the risk assessment mechanism of partners and identify suspicious transactions and abnormal financing behaviors through audit reports and financial information. This comprehensive due diligence requirement helps to identify and prevent money laundering and terrorist financing risks from multiple angles.
2. Scientific nature of risk classification
EBA requires financial institutions to classify inherent risk and residual risk conditions, and these classification methods will be included in the RTS. The scientific nature of this classification method is reflected in its ability to evaluate risk factors in multiple dimensions, such as customers, products, services, transactions, delivery channels and geographical areas. With this approach, financial institutions can more accurately identify high-risk entities and take corresponding risk management measures.
3. Unified and coordinated supervision
The AML and CFT system promoted by EBA emphasizes the unified and coordinated supervision within the EU. The new AMLA will be responsible for supervising the implementation of the new regulations and coordinating the actions of regulators in different EU countries. This unified regulatory framework helps reduce the possibility of regulatory arbitrage and ensures that all financial institutions follow consistent AML and CTF standards.
4. Strengthening data processing and analysis capabilities
The new system requires financial institutions to establish a reporting system for large-value suspicious transactions and install an automatic early warning system for suspicious transactions. This not only improves the ability of financial institutions to identify suspicious transactions, but also enhances data processing and analysis capabilities through technical means. Financial institutions need to set up dedicated personnel to conduct secondary reviews of large-value suspicious transactions to ensure that suspicious transaction behaviors are identified quickly and scientifically.
5. Challenges for financial institutions
Although the new system proposed by the EBA has many advantages, it also brings challenges to financial institutions. For example, financial institutions need to invest more resources in customer due diligence and data processing, especially for those institutions that operate across borders or involve high-risk businesses. In addition, financial institutions need to constantly update their knowledge and skills to adapt to new regulatory requirements.
6. Impact on the financial industry
The new AML and CTF system of the EBA will have a profound impact on the financial industry. On the one hand, it will help improve the risk management capabilities of financial institutions and reduce the threats of money laundering and terrorist financing activities to the financial system; on the other hand, it will also promote the construction of compliance culture in the financial industry and prompt financial institutions to pay more attention to AML and CTF.
Overall, the new AML and CTF system proposed by the EBA is of great significance in improving risk identification and management capabilities, and it also puts forward higher compliance requirements for financial institutions.
Question 2: Do you agree with the proposed relationship between inherent risk and residual risk, whereby residual risk can be lower, but never be higher, than inherent risk? Would you favour another approach instead, whereby the obliged entity’s residual risk score can be worse than its inherent risk score? If so, please set out your rationale and provide evidence of the impact the EBA’s proposal would have.
1. Yes, I agree with the relationship between inherent risk and residual risk, that is, the residual risk can be lower than the inherent risk, but never higher than the inherent risk. This relationship can be understood by the following logic: Inherent risk refers to the initial level of risk without taking any control measures. And residual risk refers to the risk that still exists after all possible control measures have been implemented. Furthermore, mathematical relationship: Residual risk = inherent risk - effectiveness of control measures. Therefore, as long as the control measures are effective, the residual risk must be lower than the inherent risk. Take a practical application as an example, a company faces the inherent risk of raw material price fluctuations. By establishing a professional procurement department and adopting hedging strategies, the residual risk can be reduced to a lower level.
2. Yes, I agree that the residual risk score of the obligated entity can be lower than its inherent risk score. The reasons are as follows:
• The goal of risk management: The core of risk management is to reduce risks to an acceptable level through effective control measures. If the control measures are appropriate, it is reasonable and in line with the expected goal of risk management for the residual risk score to be lower than the inherent risk score.
• Comprehensiveness of assessment: Assessing inherent risk and residual risk helps to fully understand the risk situation. Inherent risk assessment helps identify potential risks, while residual risk assessment is used to verify the effectiveness of control measures.
• Dynamic adjustment: Enterprises can adjust control measures based on the residual risk score to further optimize risk management.
3. If implemented, the proposal of the EBA may have the following impacts:
• Improve risk management level: Requiring obliged entities to assess inherent risk and residual risk will help improve the overall risk management level.
• Enhance compliance: By clarifying the assessment requirements for inherent risk and residual risk, obliged entities can better meet regulatory requirements.
• Promote financial inclusion: Reasonable risk assessment can help obliged entities identify low-risk scenarios, thereby promoting financial inclusion while ensuring compliance.
In summary, the relationship between inherent risk and residual risk is clear, it is reasonable for obliged entities' residual risk scores to be lower than inherent risk scores, and the EBA proposal will help improve risk management and compliance.
3a: What will be the impact, in terms of cost, for credit and financial institutions to provide this new set of data in the short, medium and long term?
In the short term, financial institutions providing the EBA with a list of new data points will incur high initial costs, including data collection, collation, technology upgrades, and compliance training. However, in the medium and long term, these investments will bring significant benefits, including improved data quality, optimized risk management, and enhanced market trust and competitiveness. Financial institutions can achieve a balance between cost and benefit and gain greater advantages in market competition by continuously improving their data management capabilities.
3b: Among the data points listed in the Annex I to this consultation paper, what are those that are not currently available to most credit and financial institutions?
For most credit and financial institutions in P.R.China, the data points that are currently unavailable include the following:
1.Custody of crypto assets:
Number of customers owning crypto-assets; Total amount (EUR) hosted on the custodian wallets
2. Exchange crypto-fiat:
Total amount (EUR) crypto-fiat in the previous year; Total number of transactions crypto-fiat in the previous year; Number of customers using this type of service in the previous year; Total number of transactions crypto-fiat to unhosted wallets in the previous year; Total number of transactions crypto-fiat from unhosted wallets in the previous year
3. Exchange fiat-crypto:
Total amount (EUR) fiat-crypto in the previous year; Total number of transactions fiat-crypto in the previous year; Number of customers using this type of service in the previous year; Total number of transactions fiat-crypto to unhosted wallets in the previous year; Total number of transactions fiat-crypto from unhosted wallets in the previous year
4. Transfer crypto-assets
Total amount (EUR) that customers transferred in the previous year; Number of customers using this type of service in the previous year; Total number of transactions to unhosted wallets in the previous year; Total number of transactions from unhosted wallets in the previous year.
3c: To what extent could the data points listed in Annex I to this Consultation Paper be provided by the non-financial sector?
NA
Question 4: Do you have any comments on the proposed frequency at which risk profiles would be reviewed (once per year for the normal frequency and once every three years for the reduced frequency)? What would be the difference in the cost of compliance between the normal and reduced frequency? Please provide evidence.
NA
Question 5: Do you agree with the proposed criteria for the application of the reduced frequency? What alternative criteria would you propose? Please provide evidence.
NA
Question 6: When assessing the geographical risks to which obliged entities are exposed, should crossborder transactions linked with EEA jurisdictions be assessed differently than transactions linked with third countries? Please set out your rationale and provide evidence.
When assessing the geographic risks faced by the obligated entity, cross-border transactions related to the EEA jurisdiction should indeed be treated differently from transactions related to third countries.
The reasons and relevant evidence are as follows:
1. Differences in regulatory framework and applicable laws
• Transactions within the EEA: Cross-border transactions within the EEA are generally subject to a unified legal framework and regulatory requirements. This means that within the EEA, the legal and regulatory environment for cross-border transactions is relatively consistent, reducing compliance risks.
• Transactions with third countries: Transactions with third countries may face different legal and regulatory environments. Third countries may not have similar legal frameworks or regulatory requirements as those in the EEA, or their laws may differ significantly from those in the EEA. For example, in terms of data protection, transactions within the EEA are subject to the General Data Protection Regulation (GDPR), and when transferring data to third countries, it is necessary to ensure that appropriate data transfer safeguards are in place.
2. Complexity of risk assessment
• Transactions within the EEA: Since the legal and regulatory environment within the EEA is relatively unified, the complexity of risk assessment is lower. Financial institutions can rely on existing compliance frameworks and internal processes to manage cross-border transaction risks.
• Transactions with third countries: Transactions with third countries require separate assessments of the laws, regulatory requirements and market environment of each country. This complexity increases compliance costs and the difficulty of risk assessment.
3. Differences in market and economic environments
• Transactions within the EEA: The market and economic environment within the EEA is relatively stable, and there are close economic ties and cooperation between member states. This stability helps reduce transaction risks.
• Transactions with third countries: The market and economic environment in third countries may be more diverse and unstable. For example, some third countries may face problems such as political instability, economic sanctions or trade barriers, all of which increase the risks of cross-border transactions.
All in all, when assessing the geographic risks faced by obligated entities, cross-border transactions related to EEA jurisdictions should be treated differently from transactions related to third countries. This differentiated treatment helps to more accurately assess risks, reduce compliance costs, and ensure the smooth conduct of cross-border transactions.
Question 1: Do you agree with the thresholds and provided in Article 1 of the draft RTS and their value? If you do not agree, which thresholds to assess the materiality of the activities exercised under the freedom to provide services should the EBA propose instead? Please explain your rationale and provide evidence of the impact the EBA’s proposal and your proposal would have.
Yes, I agree.
Question 2: What is your view on the possibility to lower the value of the thresholds that are set in article 1 of the draft RTS? What would be the possible impact of doing so? Please provide evidence.
The setting of thresholds in the draft RTS is an important part of the regulatory system, and its purpose is to ensure the effectiveness and consistency of supervision by clarifying risk assessment standards. The possible impact of lowering these thresholds are as follows:
1. Effectiveness of risk control:
• Challenges in risk control capabilities: Lowering the thresholds may lead to higher inherent and residual risks for some financial institutions or enterprises. If the risk control capabilities of these institutions are insufficient, it may lead to an increase in the frequency of risk events, posing a threat to the stability of the entire financial system.
• Regulatory arbitrage risk: Lowering the thresholds may provide some institutions with opportunities for regulatory arbitrage. For example, some institutions may use lower thresholds to engage in high-risk businesses and evade stricter regulatory requirements.
2. Market transparency and information quality:
• Information fragmentation risk: Lowering the thresholds may lead to more fragmented market information. For example, in ESG reports, if the thresholds are lowered, more companies may choose not to disclose key data, thereby affecting market transparency and investors' decisions.
• Decreased data quality: Lowering the thresholds may lead to a decline in the quality of data obtained by regulators. For example, if the threshold is lowered, more institutions may be included in the regulatory scope, but the data collection and reporting capabilities of these institutions may be uneven, thus affecting the accuracy of regulatory decisions.
3. Industry competition landscape:
• Shift of competitive advantage: Lowering the threshold may change the competitive landscape of the industry. For example, some small financial institutions may gain more business opportunities due to the reduction of the threshold, thus posing competitive pressure on large financial institutions.
• Changes in industry concentration: Lowering the threshold may lead to changes in industry concentration. If market access becomes easier after the threshold is lowered, it may attract more new entrants, thereby reducing the concentration of the industry.
In summary, the possibility of lowering the threshold value in the draft RTS and its impact require comprehensive consideration of multiple factors such as regulatory flexibility, risk control capabilities, market transparency and industry competition landscape. EBA needs to weigh the pros and cons when making adjustments and take corresponding supporting measures to ensure the achievement of regulatory objectives.
Question 3: Do you agree on having a single threshold on the number of customers, irrespective of whether they are retail or institutional customers? Alternatively, do you think a distinction should be made between these two categories? Please explain the rationale and provide evidence to support your view.
I disagree with setting a single threshold for the following reasons:
1. Differences in customer characteristics
Retail customers are usually individual investors who may have relatively small amounts of capital, and their investment decisions tend to rely more on personal intuition, limited information channels, and some simple investment tools. They may not have a professional financial knowledge background. Institutional customers have professional investment teams that can conduct in-depth market research and risk assessment. Because these two types of customers have huge differences in terms of capital scale, expertise, investment goals, and risk tolerance, they cannot be treated with a single customer quantity threshold.
2. Regulatory requirements and compliance considerations
Financial regulators in different countries and regions have different regulatory requirements for retail customers and institutional customers. For example, in the securities market, the protection measures for retail customers are more stringent, including information disclosure requirements, risk warnings, etc. This is because retail customers are relatively in a weak position. Due to their professionalism, the regulatory focus of institutional customers may be more on preventing market manipulation, insider trading, and other behaviors.
Setting a single threshold may lead to regulatory loopholes. If the threshold is too low, some entities that do not meet the requirements of institutional customers may enter the market, triggering systemic risks; if the threshold is too high, it may limit the opportunities for retail customers to enter the market, violating the principle of fair competition in the market.
3. Different market impacts
Individual retail customers have less influence on the market. Their trading behavior may be more to follow the market trend and play the role of market participants, but it is difficult to play a leading role in market trends. Due to the large amount of funds, the trading behavior of institutional customers has a more significant impact on the market. If a single threshold is set for institutional customers and retail customers without distinction, the potential huge impact of institutional customers on the market may be ignored, which is not conducive to the stable operation of the market.
Therefore, retail customers and institutional customers should be distinguished. The financial laws and regulations of many countries also distinguish between retail customers and institutional customers. For example, the European Union's Markets in Financial Instruments Directive (MiFID) clearly classifies retail customers and professional customers (including institutional customers) and stipulates different information disclosure and protection measures. The existence of this legal framework itself shows that distinguishing between the two types of customers is in line with market development and regulatory requirements.
Question 4: Do you agree that the methodology for selection provided in this RTS builds on the methodology laid down in the RTS under article 40(2)? If you do not agree, please provide your rationale and evidence of the impact the EBA’s proposal and your proposal would have.
Yes, I agree.
Question 5: Do you agree that the selection methodology should not allow the adjustment of the inherent risk score provided in article 2 of draft under article 40(2) AMLD6? If you do not agree, please provide the rationale and evidence of the impact the EBA’s proposal would have.
Yes, I agree.
Question 6: Do you agree with the methodology for the calculation of the group-wide score that is laid down in article 5 of the RTS? If you do not agree, please provide the rationale for it and provide evidence of the impact the EBA’s proposal and your proposal would have.
Yes, I agree.
Question 7: Do you have any concern with the identification of the group-wide perimeter? Please provide the rationale and the evidence to support your view on this.
GLEIF recommends that supervisors, particularly under AMLA, use the ISO 17442 Legal Entity Identifier (LEI) to identify all entities within a group.
By requesting that supervised entities keep their LEI records complete and up to date, supervisors gain access to verified key reference and hierarchy data, validated by accredited
LEI Issuers.
The LEI is already widely adopted across the EU, Asia, and North America, ensuring broad coverage for entities under direct supervision. This approach leverages existing public and private sector investments in LEI infrastructure, supporting transparent and standardized party identification. The LEI facilitates the instant, accurate identification of legal entities and their parent-child relationships, helping to clarify complex legal and organizational structures.
A practical example of LEI application was shared by Banque de France in its 27 January 2021 post “Unidentifiant pour caractériser les stratégies d’implantation des groupes”, showing how the LEI can be used to:
o Trace group structures
o Analyse use of offshore financial centres
o Monitor group-wide exposure and complexity
Question 8: Do you agree to give the same consideration to the parent company and the other entities of the group for the determination of the group-wide risk profile? Do you agree this would reliably assess the group-wide controls effectiveness even if the parent company has a low-relevant activity compared to the other entities?
1. Disagree. The parent company and other entities in the group cannot be given exactly the same considerations when determining the overall risk profile of the group. The reasons are as follows:
• Different business scope and complexity: The parent company is often the core of the group, and its business may focus on macro-level aspects such as strategic planning and resource allocation, while other entities in the group may involve specific diversified businesses such as production, sales, and services. The risks of the parent company are mainly concentrated in strategic decision-making errors and capital chain ruptures, while the subsidiaries may face risks such as interruptions in raw material supply and fluctuations in local market demand. The nature and sources of these risks vary greatly and cannot be generalized.
• Different scale and influence: The scale and influence of the parent company are usually greater than those of other entities in the group. The parent company plays a key role in determining the financial status and operating direction of the group. For example, in a large financial group, the parent company may control most of the group's financial assets and capital allocation rights. If there is a problem with the parent company, it may trigger systemic risks for the entire group, while the problems of a single subsidiary will also have an impact on the group, but this impact is relatively small. Therefore, when assessing the overall risk of the group, different weights should be given according to the different scales and influences of the parent company and other entities in the group.
• Different risk transmission mechanisms: The risk transmission mechanisms between the parent company and other entities in the group are also different. The risks faced by the parent company may be transmitted to other entities in the group through channels such as capital chain and strategic decision-making, while the risks of other entities in the group may need to go through multiple links to be transmitted to the parent company. For example, a subsidiary faces policy risks in a certain country, and this risk may need to accumulate for a certain period of time and a series of complex internal processes before it will affect the parent company. Therefore, the parent company and other entities in the group cannot be simply treated equally to determine the overall risk status of the group.
2. Disagree. Even if the parent company's business activities are less relevant to other entities, the effectiveness of the group's overall control cannot be reliably assessed. The reasons are as follows:
• The relevance of the group's overall control environment: The effectiveness of the group's overall control needs to consider the internal control environment of the parent company and other entities in the group. Although the parent company's business activities are less relevant to other entities, the parent company has an important influence on the group's governance structure, internal control system, etc. If the parent company cannot effectively monitor the implementation of these systems in other entities in the group, the effectiveness of the group's overall control cannot be guaranteed. Even if the parent company's business is relatively independent, it is still an important part of the group's overall control mechanism.
• The importance of information transmission and communication: Within the group, there needs to be a good information transmission and communication mechanism between the parent company and other entities in the group. Even if the parent company's business activities are less relevant to other entities, the parent company needs to obtain information from other entities in the group in a timely manner to make effective decisions and control. For example, the parent company needs to understand the operating conditions, financial data and other information of subsidiaries in different regions in order to adjust the overall strategy of the group. If the parent company cannot effectively obtain this information, the effectiveness of the group's overall control will be greatly reduced.
• Consideration of synergy: The ultimate goal of the group is to achieve overall synergy. Even if the parent company's business activities are less relevant to other entities, there are still potential synergy opportunities between them. If the parent company and other entities in the group are not considered comprehensively, it is impossible to accurately assess the degree of realization of such synergy, and thus it is impossible to reliably assess the effectiveness of the group's overall control.
In summary, when determining the overall risk status of the group, the parent company and other entities in the group cannot be given the same consideration; even if the parent company's business activities are less relevant to other entities, the effectiveness of the group's overall control cannot be reliably assessed.
Question 9: Do you agree with the transitional rules set out in Article 6 of this RTS? In case you don’t, please provide the rationale for it and provide evidence of the impact the EBA’s proposal and your proposal would have.
Yes, I agree.
Question 1: Do you agree with the proposals as set out in Section 1 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 2: Do you have any comments regarding Article 6 on the verification of the customer in a non face-to-face context? Do you think that the remote solutions, as described under Article 6 paragraphs 2-6 would provide the same level of protection against identity fraud as the electronic identification means described under Article 6 paragraph 1 (i.e. e-IDAS compliant solutions)? Do you think that the use of such remote solutions should be considered only temporary, until such time when e-IDAS-compliant solutions are made available? Please explain your reasoning.
NA
Question 3: Do you have any comments regarding Article 8 on virtual IBANS? If so, please explain your reasoning.
NA
Question 4: Do you agree with the proposals as set out in Section 2 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 5: Do you agree with the proposals as set out in Section 3 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 6: Do you agree with the proposals as set out in Section 4 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree. The inclusion of the ISO 17442 LEI in the draft RTS for customer due diligence (CDD) under Article 28(1) of the Anti-Money Laundering Regulation (AMLR) aligns with Article 22 of the Level 1 Regulation, which requires legal entities to disclose their LEI, where available, during onboarding.
Benefits of the LEI in AML/CFT Compliance including: Acts as a global, interoperable, and machine-readable identifier, which improving counterparty verification, reducing reliance on jurisdiction-specific identifiers and streamlining administrative procedures for cross-border businesses; Supports effective supervision and oversight by clearly identifying “Who is who” and “Who owns whom; Enhances the decryption of complex legal structures and group hierarchies.
The recommendations to improve the Draft RTS including:
§ Define "availability" as “the quality of being able to be obtained”, meaning:
o All legal entities should acquire an LEI to comply with CDD rules.
o In line with the ESRB recommendation (24 Sept 2020).
§ Ensure LEI compliance with ROC policy:
o LEIs should be renewed at least annually, and reference data kept current—even if
no changes occur.
§ Avoid duplication of data:
o Remove the requirement to report data (e.g., name, registered address) that is
already captured via the LEI.
o This would streamline reporting and reduce administrative burden.
Cost Efficiency and Digital Transformation:
§ The Global Digital Finance publication “LEI Reducing Cost of KYC/KYB”, which demonstrates:
o Significant cost savings to the financial industry
o The value of recognizing the LEI as a cornerstone of digital onboarding and due diligence
§ Clear references to the LEI in the RTS would help industry stakeholders confidently digitize
onboarding processes for legal entities.
Question 7: What are the specific sectors or financial products or services which, because they are associated with lower ML/TF risks, should benefit from specific sectoral simplified due diligence measures to be explicitly spelled out under Section 4 of the daft RTS? Please explain your rationale and provide evidence.
According to the relevant provisions of AML and CTF and the risk assessment principles, the following specific industries or financial products and services may benefit from simplified due diligence measures due to their low risk of money laundering/terrorist financing:
1. Inclusive financial related products and services
Inclusive financial products are usually targeted at low-income or underserved customer groups, providing limited and well-defined services, such as microfinance, basic savings accounts, etc. The transaction amount of these products and services is small, and the customer base is relatively fixed, so the possibility of money laundering or terrorist financing is low.
2. Interbank business
In some interbank financial business, both parties are regulated financial institutions, which are under strong regulatory environment and have low money laundering risk. For example, interbank business such as bond repurchase or foreign exchange derivative transactions in China's interbank market, since most of the parties are anti-money laundering obligated institutions, their money laundering and terrorist financing risks are relatively low.
In summary, these industries and products are considered to have low money laundering and terrorist financing risks due to their business nature, customer group characteristics or regulatory environment, and simplified due diligence measures can be applied.
Question 8: Do you agree with the proposals as set out in Section 5 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 9: Do you agree with the proposals as set out in Section 6 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 10: Do you agree with the proposals as set out in Section 7 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
Yes, I agree.
Question 11: Do you agree with the proposals as set out in Section 8 of the draft RTS (and in Annex I linked to it)? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
The enhanced use of the LEI is a proven cost-saving tool for: obliged entities, legal entities
and the supervisory community.
This is supported by the Global Digital Finance publication: “LEI Reducing Cost of KYC / KYB”
The draft RTS provides clarity on the expected conforming status of the LEI, offering certainty for financial institutions on when they can rely on the LEI for digital onboarding and ongoing due diligence.
GLEIF works with financial institutions as Validation Agents, enabling them to obtain and maintain LEIs for their clients in cooperation with accredited LEI Issuing Organizations.
Benefits of the Validation Agent model include faster and more efficient client onboarding, improved internal data management, accelerated digital transformation. Major institutions such as BNP Paribas and J.P. Morgan are already acting as Validation
Agents, demonstrating strong industry adoption.
Question 1: Do you any have comments or suggestions regarding the proposed list of indicators to classify the level of gravity of breaches sets out in Article 1 of the draft RTS? If so, please explain your reasoning.
No, a comprehensive list.
Question 2: Do you have any comments or suggestions on the proposed classification of the level of gravity of breaches sets out in Article 2 of the draft RTS? If so, please explain your reasoning.
No, an in-depth proposed classification.
Question 3: Do you have any comments or suggestions regarding the proposed list of criteria to be taken into account when setting up the level of pecuniary sanctions of Article 4 of the draft RTS? If so, please explain your reasoning.
Could the list of criteria for consideration be expanded to include:
1. The particularity of industries and fields
Different industries and fields have different tolerance and regulatory requirements for corruption. For example, in areas closely related to people's livelihood, such as finance, medical care, and education, corruption may cause greater damage to the public interest and should be subject to more severe economic sanctions.
2. International standards and cooperation
In the context of globalization, corruption may involve cross-border transactions and international interests. Therefore, economic sanctions standards should refer to international standards and coordinate with international anti-corruption cooperation to ensure the effectiveness and consistency of sanctions. The amendment to the "Supervision Law of the People's Republic of China" mentioned that the National Supervision Commission will work with relevant units to strengthen law enforcement and judicial cooperation and judicial assistance with relevant countries, regions, and international organizations in anti-corruption, such as extradition, transfer of convicted persons, repatriation, joint investigation, investigation and evidence collection, asset recovery, and information exchange. Referencing international standards and strengthening international cooperation will help ensure the rationality and effectiveness of economic sanctions.
Question 4: Do you have any comments or suggestions of addition regarding what needs to be taken into account as regards the financial strength of the legal or natural person held responsible (Article 4(5) and Article 4(6) of the draft RTS)? If so, please explain.
Regarding the consideration of the financial strength of the legal or natural person held accountable by the regulator when setting the level of economic penalties, these two recommendations themselves already cover the key elements in a relatively comprehensive manner. However, in order to further improve and refine these standards, in addition to the annual total turnover and financial statement information, comprehensive financial information such as the legal person's balance sheet, cash flow statement and income statement should also be considered to fully assess its financial health. Because relying solely on turnover or financial statements may not accurately reflect the legal person's true financial strength. For example, a company may have a high turnover, but tight cash flow or excessive debt, and excessive economic penalties may lead to its bankruptcy, which in turn affects employment and social stability. It is recommended to introduce financial ratio analysis (such as current ratio, debt-to-asset ratio, interest coverage ratio, etc.) to more comprehensively assess the legal person's debt-paying ability and financial stability.
5a: restrict or limit the business, operations or network of institutions comprising the obliged entity, or to require the divestment of activities as referred to in Article 56 (2) (e) of Directive (EU) 2024/1640?
NA
5b: withdrawal or suspension of an authorisation as referred to in Article 56 (2) (f) of Directive (EU) 2024/1640?
NA
5c: require changes in governance structure as referred to in Article 56 (2) (g) of Directive (EU) 2024/1640?
NA
Question 6: Which of these indicators and criteria could apply also to the non-financial sector? Which ones should not apply? Please explain your reasoning.
NA
Question 7: Do you think that the indicators and criteria set out in the draft RTS should be more detailed as regards the naturals persons that are not themselves obliged entities and in particular as regards the senior management as defined in AMLR? If so, please provide your suggestions.
For senior managers as defined in the Anti-Money Laundering Law, especially those natural persons who are not obligated entities themselves, the indicators and standards listed in the draft RTS (Anti-Money Laundering Regulatory Technical Standards) do need to be more detailed and specific. Senior managers play a key role in anti-money laundering compliance, and their actions and decisions directly affect the effectiveness of the obligated entities' anti-money laundering measures. Therefore, the regulatory standards for such persons should be stricter and clearer to ensure that they fulfill their anti-money laundering obligations.
The following are some suggestions for detailed indicators and standards for senior managers:
1. Clarify the definition and scope of senior managers
It is recommended that in the draft RTS, it should be clearly listed which positions belong to senior managers, such as company directors, general managers, compliance officers, financial officers, etc. At the same time, consideration should be given to including actual controllers or persons with significant influence in the scope of supervision. Clear definitions help avoid regulatory loopholes and ensure that all key decision makers are included in the anti-money laundering regulatory framework.
2. Strengthen the anti-money laundering responsibilities of senior managers
It is recommended to clearly define the specific responsibilities of senior managers in anti-money laundering compliance, such as regularly reviewing and updating anti-money laundering policies and procedures, supervising the implementation of anti-money laundering training programs, etc. The direct involvement of senior managers is key to ensuring the effective implementation of anti-money laundering measures. Clarifying their responsibilities can enhance their sense of responsibility and compliance awareness.
3. Increase due diligence requirements for senior managers
It is recommended to conduct detailed due diligence on the background of senior managers, including but not limited to criminal records and credit records, past anti-money laundering compliance records, and whether there are any bad behaviors related to money laundering or terrorist financing. The personal background of senior managers may affect their ability and integrity to perform their duties. Detailed due diligence helps identify potential risks.
4. Establish a continuous monitoring mechanism for senior managers
It is recommended that obligated entities establish a continuous monitoring mechanism for senior managers, including but not limited to regular assessments of their performance of anti-money laundering duties; monitoring their personal accounts and trading activities to prevent conflicts of interest or misconduct; and regularly reporting to regulators on the performance of senior managers' anti-money laundering duties. Continuous monitoring can promptly detect and correct improper behavior of senior managers and ensure that they always comply with anti-money laundering requirements.
5. Clarify the liability of senior managers for violations
It is recommended that the draft RTS clearly stipulate the legal consequences of senior managers violating anti-money laundering obligations, including but not limited to administrative penalties, such as fines, warnings, etc.; criminal liability, if their behavior constitutes a crime; professional ban, such as prohibiting them from serving as senior managers for a certain period of time. Clear legal responsibilities can enhance the compliance awareness of senior managers and prevent them from causing the failure of anti-money laundering measures due to negligence or intentional behavior.
The draft RTS can enhance its pertinence and effectiveness by making detailed provisions on the definition, responsibilities, due diligence, continuous monitoring, and liability for violations of senior managers. This will not only help to improve the anti-money laundering compliance awareness of senior managers, but also ensure that the anti-money laundering measures of the obligated entities are effectively implemented, thereby better preventing money laundering and terrorist financing risks.
Question 8: Do you think that the draft RTS should be more granular and develop more specific rules on factors and on the calculation of the amount of the periodic penalty payments and if yes, which factors should be included into the EU legislation and why?
NA
Question 9: Do you think that the draft RTS should create a more harmonised set of administrative rules for the imposition of periodic penalty payments, and if yes, which provisions of administrative rules would you prefer to be included into EU legislation compared to national legislation and why?
NA