Response to consultation on draft Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on customer due diligence and ML/TF risk factors

Go back

Question 4: Do you have any comments on the proposed amendments and additions in Guideline 4 on CCD measures to be applied by all firms?

the reference to Regulation (EU) No. 910/2010 should be more accurate. On one hand, reference should be made only to identification electronic means that not only provide a high level of assurance but also have been notified as electronic identification scheme in accordance with art. 9 of the Regulation. On the other hand, it should be specified that even the use of an electronic signature based on a qualified certificate for electronic signatures does not of itself give rise to increased ML/TF risk. Indeed, qualified certificates can be issued only by Qualified Trust Service Providers (QTSPs) in accordance with art. 24 of the Regulation that provides the admissible identification methods at European level. Moreover, within the Guidelines it should be highlighted the importance of the use of the Legal Entity Identifiers (LEIs) for a standardized, consistent and unique identification for legal entities as part of the CDD.

Question 9: Do you have any comments on the proposed amendments to Guideline 9 for retail banks?

9.10 (a) clarification of “electronic signature” and “electronic identification certificates” is needed. Regulation (EU) No. 910/2010 refers both to qualified and non-qualified trust services. The main difference between these services is their level of trustworthiness. While electronic signatures (advanced or not) can be created very easily, a qualified certificate for electronic signatures can be issued only by a QTSP, has to pass the conformity assessment according to Regulation (EU) No. 910/2010, belongs under the supervision of the nationally designated supervisory and requires the Holder to be identified in accordance with art. 24 of the Regulation. In particular, as admissible identification methods for advanced electronic signatures aren’t provided at European level and national regulations are highly fragmented, it’s fundamental to clarify, that to be considered an adequate safeguard, the electronic signature must base on a qualified certificate (see definition article 3, no. 15, Regulation (EU) No. 910/2014). The text should therefore be amended as follows, by adding the relevant specification: a) non-face-to-face business relationships, where no adequate additional safeguards – for example qualified certificates for electronic signatures issued in accordance with Regulation EU (No) 910/2014 and antiimpersonation fraud checks – are in place.

Question 10: Do you have any comments on the proposed amendments to Guideline 10 for electronic money issuers?

10.8 (a) clarification of “electronic signature” and “electronic identification documents” is needed. The reference to “electronic signature” should be replaced by “qualified certificate for electronic signatures” for the same reasons as those listed in point 9.10. The reference to electronic identification “documents” seems inaccurate as Regulation (EU) No 910/2014 defines electronic identification “means” and not "documents". Reference should therefore be made only to identification electronic means that provide a high level of assurance and have also been notified as electronic identification scheme in accordance with art. 9 of the Regulation.

Question 14: Do you have any comments on the proposed amendments to Guideline 14 for life insurance undertakings?

14.10 clarification of “electronic signature” and “electronic identification documents” is needed. The reference to “electronic signature” should be replaced by “qualified certificate for electronic signatures” for the same reasons as those listed in point 9.10. The reference to electronic identification “documents” seems inaccurate as Regulation (EU) No 910/2014 defines electronic identification “means” and not "documents". Reference should therefore be made only to identification electronic means that provide a high level of assurance and have also been notified as electronic identification scheme in accordance with art. 9 of the Regulation.

Question 17: Do you have any comments on the additional sector-specific Guideline 17 on crowdfunding platforms?

17.7 (a) clarification of “electronic signature” and “electronic identification documents” is needed. The reference to “electronic signature” should be replaced by “qualified certificate for electronic signatures” for the same reasons as those listed in point 9.10. The reference to electronic identification “documents” seems inaccurate as Regulation (EU) No 910/2014 defines electronic identification “means” and not "documents". Reference should therefore be made only to identification electronic means that provide a high level of assurance and have also been notified as electronic identification scheme in accordance with art. 9 of the Regulation.

If you selected “Firms”, please specify the type:

Others

Name of the organization

InfoCert S.p.A.

Organisation and governance

Legal and policy framework

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre