Response to consultation on proposed RTS in the context of the EBA’s response to the European Commission’s Call for advice on new AMLA mandates
Question 1: Do you have any comments on the approach proposed by the EBA to assess and classify the risk profile of obliged entities?
NA
Question 2: Do you agree with the proposed relationship between inherent risk and residual risk, whereby residual risk can be lower, but never be higher, than inherent risk? Would you favour another approach instead, whereby the obliged entity’s residual risk score can be worse than its inherent risk score? If so, please set out your rationale and provide evidence of the impact the EBA’s proposal would have.
NA
3a: What will be the impact, in terms of cost, for credit and financial institutions to provide this new set of data in the short, medium and long term?
NA
3b: Among the data points listed in the Annex I to this consultation paper, what are those that are not currently available to most credit and financial institutions?
NA
3c: To what extent could the data points listed in Annex I to this Consultation Paper be provided by the non-financial sector?
NA
Question 4: Do you have any comments on the proposed frequency at which risk profiles would be reviewed (once per year for the normal frequency and once every three years for the reduced frequency)? What would be the difference in the cost of compliance between the normal and reduced frequency? Please provide evidence.
NA
Question 5: Do you agree with the proposed criteria for the application of the reduced frequency? What alternative criteria would you propose? Please provide evidence.
NA
Question 6: When assessing the geographical risks to which obliged entities are exposed, should crossborder transactions linked with EEA jurisdictions be assessed differently than transactions linked with third countries? Please set out your rationale and provide evidence.
NA
Question 1: Do you agree with the thresholds and provided in Article 1 of the draft RTS and their value? If you do not agree, which thresholds to assess the materiality of the activities exercised under the freedom to provide services should the EBA propose instead? Please explain your rationale and provide evidence of the impact the EBA’s proposal and your proposal would have.
NA
Question 2: What is your view on the possibility to lower the value of the thresholds that are set in article 1 of the draft RTS? What would be the possible impact of doing so? Please provide evidence.
NA
Question 3: Do you agree on having a single threshold on the number of customers, irrespective of whether they are retail or institutional customers? Alternatively, do you think a distinction should be made between these two categories? Please explain the rationale and provide evidence to support your view.
NA
Question 4: Do you agree that the methodology for selection provided in this RTS builds on the methodology laid down in the RTS under article 40(2)? If you do not agree, please provide your rationale and evidence of the impact the EBA’s proposal and your proposal would have.
NA
Question 5: Do you agree that the selection methodology should not allow the adjustment of the inherent risk score provided in article 2 of draft under article 40(2) AMLD6? If you do not agree, please provide the rationale and evidence of the impact the EBA’s proposal would have.
NA
Question 6: Do you agree with the methodology for the calculation of the group-wide score that is laid down in article 5 of the RTS? If you do not agree, please provide the rationale for it and provide evidence of the impact the EBA’s proposal and your proposal would have.
NA
Question 7: Do you have any concern with the identification of the group-wide perimeter? Please provide the rationale and the evidence to support your view on this.
The Global Legal Entity Identifier Foundation (GLEIF) would suggest the possibility for the supervisory community to use the ISO 17442 Legal Entity Identifier (LEI) as a tool to identify every entity in a group. By simply asking credit institutions, financial institutions, and groups for direct supervision by the European Anti-Money Laundering Authority (AMLA) whether their LEI record is complete and up to date, supervisors gain access to verified key reference and hierarchy data – validated by an accredited organization. Given that the LEI is widely used across the EU, Europe, Asia and North America, the entities for direct supervision will have high LEI coverage across their corporate entities. This approach leverages existing investments made by both private sector and regulators in infrastructure to facilitate transparent party identification with the LEI to strengthen EU’s AML/CFT supervisory framework.
The LEI can indeed facilitate the instant and precise identification of every legal entity and its relationship with parent and children undertakings. This can significantly improve transparency and help clarify complex legal and organizational structures.
A useful example of the how the LEI can help supervisors identify and analyse complex structures was presented by the Banque de France in its 27 January 2021 post “Un identifiant pour caractériser les stratégies d’implantation des groupes”, in which authors demonstrate how the LEI can be used to trace and analyze the use of offshore financial centres by international financial institutions, thereby highlighting its value in monitoring group-wide exposure and structural complexity.
Question 8: Do you agree to give the same consideration to the parent company and the other entities of the group for the determination of the group-wide risk profile? Do you agree this would reliably assess the group-wide controls effectiveness even if the parent company has a low-relevant activity compared to the other entities?
NA
Question 9: Do you agree with the transitional rules set out in Article 6 of this RTS? In case you don’t, please provide the rationale for it and provide evidence of the impact the EBA’s proposal and your proposal would have.
NA
Question 1: Do you agree with the proposals as set out in Section 1 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 2: Do you have any comments regarding Article 6 on the verification of the customer in a non face-to-face context? Do you think that the remote solutions, as described under Article 6 paragraphs 2-6 would provide the same level of protection against identity fraud as the electronic identification means described under Article 6 paragraph 1 (i.e. e-IDAS compliant solutions)? Do you think that the use of such remote solutions should be considered only temporary, until such time when e-IDAS-compliant solutions are made available? Please explain your reasoning.
NA
Question 3: Do you have any comments regarding Article 8 on virtual IBANS? If so, please explain your reasoning.
NA
Question 4: Do you agree with the proposals as set out in Section 2 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 5: Do you agree with the proposals as set out in Section 3 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 6: Do you agree with the proposals as set out in Section 4 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
The Global Legal Entity Identifier Foundation (GLEIF) welcomes the explicit inclusion of the ISO 17442 Legal Entity Identifier (LEI) as part of the information to be collected for customer due diligence purposes in the context of the draft RTS under Article 28(1) of the Anti-Money Laundering Regulation (AMLR).
The inclusion of the LEI in the draft RTS is fully aligned with Article 22 of the Level 1 Regulation, which requires legal entities to disclose their LEI, where available, during the customer onboarding process.
As a global, interoperable, machine-readable identifier, the LEI enhances counterparty verification mechanisms and reduces the reliance on multiple jurisdiction-specific identifiers. This in turn streamlines administrative processes for businesses operating across borders.
In addition, the design of the LEI supports more effective supervision and oversight, by providing a clear picture of ‘who is who’ and ‘who owns who’.Ultimately, the LEI can play a critical role in the decryption of more complex legal entity structures.
The LEI’s value in ensuring supervisory efficiency and interoperability in the financial sector has already been recognized across several key EU legislative texts, including:
- Transfer of Funds Regulation (TFR)
- Instant Payments Regulation (IPR)
- Markets in Crypto-Assets Regulation (MiCA)
- Markets in Financial Instruments Directive and Regulation (MiFID II)
- European Single Access Point Regulation (ESAP)
To ensure that the LEI can be leveraged in the most efficient manner, GLEIF would like to propose the following enhancements to the draft RTS:
- Define availability as “the quality of being able to be obtained” – meaning that all legal entities should acquire an LEI to abide by CDD rules, in line with the European Systemic Risk Board (ESRB) recommendation of 24 September 2020, which calls on “the relevant authorities (to) require or, where applicable, continue to require, all legal entities involved in financial transactions under their supervisory remit to have an LEI”.
- Specify that the entity’s LEI must conform with the Regulatory Oversight Committee (ROC) policy[1] – meaning that the LEI must be renewed at least annually and its associated reference data kept up to date, even in the absence of changes.
- Remove the requirement for entities that provide LEI to provide data points that overlap with data available through the LEI – e.g. the name and registered address. Removing such duplications would reduce administrative burdens and streamline reporting for entities.
GLEIF would like to highlight the Global Digital Finance publication “LEI REDUCING COST OF KYC / KYB” which demonstrates the important cost savings to the financial industry when the Global LEI System is recognized by regulatory authorities as a cornerstone of due diligence frameworks. By providing the additional clarity regarding the reference to the LEI in Article 22 of the Level 1 Regulation, the RTS would provide the financial industry clear guidelines when the LEI may be relied on to digitize onboarding protocols for legal entities.
[1] See the Regulatory Oversight Committee (ROC) charter here: https://www.leiroc.org/publications/gls/roc_20201001-1.pdf
Question 7: What are the specific sectors or financial products or services which, because they are associated with lower ML/TF risks, should benefit from specific sectoral simplified due diligence measures to be explicitly spelled out under Section 4 of the daft RTS? Please explain your rationale and provide evidence.
NA
Question 8: Do you agree with the proposals as set out in Section 5 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 9: Do you agree with the proposals as set out in Section 6 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 10: Do you agree with the proposals as set out in Section 7 of the draft RTS? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
NA
Question 11: Do you agree with the proposals as set out in Section 8 of the draft RTS (and in Annex I linked to it)? If you do not agree, please explain your rationale and provide evidence of the impact this section would have, including the cost of compliance, if adopted as such?
We believe that the enhanced use of the LEI would be a cost-saving tool for obliged entities, legal entities, and the supervisory community, as demonstrated in the Global Digital Finance publication “LEI REDUCING COST OF KYC / KYB”. By providing clarity on the expected conforming status of the LEI, the RTS provides certainty to the financial industry when they may rely on a LEI for digital onboarding and ongoing due diligence procedures
Regarding the cost of compliance, GLEIF collaborates with financial institutions within the Validation Agent framework. This role allows financial institutions and other organisations involved in identity verification and validation to obtain and maintain LEIs for their clients in cooperation with accredited LEI Issuing Organizations. This approach results in a faster and more efficient customer experience when onboarding clients and performing refresh updates, enhanced internal data management processes and accelerated digital transformation within the financial institution
Large financial institutions operating in the EU, such as BNP Paribas and JP Morgan, have already adopted this role and are now functioning as Validation Agents.
Question 1: Do you any have comments or suggestions regarding the proposed list of indicators to classify the level of gravity of breaches sets out in Article 1 of the draft RTS? If so, please explain your reasoning.
NA
Question 2: Do you have any comments or suggestions on the proposed classification of the level of gravity of breaches sets out in Article 2 of the draft RTS? If so, please explain your reasoning.
NA
Question 3: Do you have any comments or suggestions regarding the proposed list of criteria to be taken into account when setting up the level of pecuniary sanctions of Article 4 of the draft RTS? If so, please explain your reasoning.
NA
Question 4: Do you have any comments or suggestions of addition regarding what needs to be taken into account as regards the financial strength of the legal or natural person held responsible (Article 4(5) and Article 4(6) of the draft RTS)? If so, please explain.
NA
5a: restrict or limit the business, operations or network of institutions comprising the obliged entity, or to require the divestment of activities as referred to in Article 56 (2) (e) of Directive (EU) 2024/1640?
NA
5b: withdrawal or suspension of an authorisation as referred to in Article 56 (2) (f) of Directive (EU) 2024/1640?
NA
5c: require changes in governance structure as referred to in Article 56 (2) (g) of Directive (EU) 2024/1640?
NA
Question 6: Which of these indicators and criteria could apply also to the non-financial sector? Which ones should not apply? Please explain your reasoning.
NA
Question 7: Do you think that the indicators and criteria set out in the draft RTS should be more detailed as regards the naturals persons that are not themselves obliged entities and in particular as regards the senior management as defined in AMLR? If so, please provide your suggestions.
NA
Question 8: Do you think that the draft RTS should be more granular and develop more specific rules on factors and on the calculation of the amount of the periodic penalty payments and if yes, which factors should be included into the EU legislation and why?
NA
Question 9: Do you think that the draft RTS should create a more harmonised set of administrative rules for the imposition of periodic penalty payments, and if yes, which provisions of administrative rules would you prefer to be included into EU legislation compared to national legislation and why?
NA