Response to consultation on effective management of ML/TF risks when providing access to financial services
Go back
• Level 1 deposit accounts can be opened in person or remotely only for natural persons, requires minimum identification data (full name and date of birth), and has a maximum account balance and monthly transactions.
• Level 2 deposit accounts can be opened in person or remotely only for natural persons, requires basic identification, and has maximum monthly transactions.
• Data (In person): full name, without abbreviations, date of birth and address obtained from a current supporting identification document. Banks may accept other types of ID documents to open accounts for Mexican teenagers, repatriated Mexican citizens, and refugees.
• Data (Remote): full name without abbreviations, gender, entity of birth, date of birth, as well as their address.
• Level 3 deposit accounts can be opened only in person for natural or legal persons, require full identification data obtained from current supporting documentation, and have a maximum monthly transaction and account balance.
We recommend the EBA to consider following a similar approach.
Additional comments on section “Accompanying documents” can be read in the attachment.
1. Do you have any comments on the annex that covers NPO customers?
No comment.2. Do you have any comments on the section ‘Subject matter, scope and definitions’? If you do not agree, please set out why you do not agree and if possible, provide evidence of the adverse impact provisions in this section would have.
No comment.3. Do you have any comments on the section titled ‘General requirements’?
Para. 10: A great example is Mexico’s AML/CFT regulation for banks which establishes low risk deposit accounts with a risk-based approach to simplify due diligence requirements. These accounts are classified into three levels of operation with variations in service restrictions. They are subject to certain safeguards and use simplified due diligence to increase financial access for excluded groups, especially Level 1 and 2 basic bank deposit accounts.• Level 1 deposit accounts can be opened in person or remotely only for natural persons, requires minimum identification data (full name and date of birth), and has a maximum account balance and monthly transactions.
• Level 2 deposit accounts can be opened in person or remotely only for natural persons, requires basic identification, and has maximum monthly transactions.
• Data (In person): full name, without abbreviations, date of birth and address obtained from a current supporting identification document. Banks may accept other types of ID documents to open accounts for Mexican teenagers, repatriated Mexican citizens, and refugees.
• Data (Remote): full name without abbreviations, gender, entity of birth, date of birth, as well as their address.
• Level 3 deposit accounts can be opened only in person for natural or legal persons, require full identification data obtained from current supporting documentation, and have a maximum monthly transaction and account balance.
We recommend the EBA to consider following a similar approach.
4. Do you have any comments on the section titled ‘adjusting monitoring’?
Para. 18 (b): it is stipulated that “To effectively manage ML/TF risk associated with a customer, monitoring should at least include […] ensuring that the customer’s account is reviewed regularly to understand whether changes to the customer’s risk profile are justified.” While a regular risk-based update of customer data is sensible, the requirement for a regular review of the account should be deleted. Account reviews of vulnerable customers should only be conducted within the framework of risk-based transaction monitoring and when specific transaction alerts are present. Otherwise, the opening of accounts for vulnerable populations would always be accompanied by an abstract review requirement, which would place additional burdens (of time and effort) on financial institutions and increase personnel costs. Such additional burdens are precisely why financial institutions take de-risking decisions in the first place.5. Do you have any comments on the section titled ‘applying restrictions to services or products’?
Para. 21: In addition to the risk mitigating measures listed, we suggest that accounts be opened that only allow deposits by a specific counterpart, i.e., the social service agency that disburses aid to refugees.6. Do you have any comments on the section titled ‘Complaint mechanisms’?
No comment.Additional comments on section “Accompanying documents” can be read in the attachment.