Response to consultation on draft Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on customer due diligence and ML/TF risk factors
Go back
The following factors may contribute to increasing risk:
e. The product is not used for the purpose it was designed for, for example it is used overseas when it was designed as a shopping centre gift card.
Comment:
The example is confusing. In general, a shopping centre gift card is not legally classified as e-money. Such a card falls within the scope of the exemption of the so-called limited network or limited range products pursuant to Art. 3 (k) of the PSD2. Accordingly, the issuer is not an e-money issuer and has no money laundering obligations with regard to the issuance of this card. Even if such a card has been designed on the basis of the technical requirements of an international card scheme, its use is limited by appropriate coding. As a risk factor from the perspective of an authorised e-money issuer, this example is very unrealistic, as these entities usually do not issue shopping centre gift cards.
Chapter 10.18 states:
10.18. To the extent permitted by national legislation, examples of SDD measures firms may apply in low-risk situations include:
f) assuming the nature and intended purpose of the business relationship where this is obvious, for example in the case of certain gift cards that do not fall under the closed loop/closed network exemption;
Comment:
As far as we see, a “closed loop/closed network exemption” is not evident. If a gift card or other prepaid product exclusively is accepted as a payment instrument by the issuer himself (closed-loop), the product cannot be classified as e-money, lacking the criterion “which is accepted by a natural or legal person other than the electronic money issuer” of the legal e-money definition according art. 2 of the Directive 2009/110/EC. However, gift cards and other prepaid products could fall under the limited network/limited range exemption according art. 3 (k) of the PSD2 e.g. shopping centre gift cards, fuel cards, public transport cards etc. As explained above, these cards are not subject to any non-money laundering obligations, such as customer due diligence. Therefore gift cards issued in a closed loop environment or under the limited network/limited range exemption cannot be used as an example for the application of simplified customer due diligence.
Chapter 10.18 states:
10.18. To the extent permitted by national legislation, examples of SDD measures firms may apply in low-risk situations include:
a) postponing the verification of the customer’s or beneficial owner’s identity to a certain later date after the establishment of the relationship or until a certain (low) monetary threshold is exceeded (whichever occurs first). The monetary threshold should not exceed EUR 150 where the product is not reloadable or can be used in other jurisdictions or for cross-border transactions);
Comment:
A fixed threshold undermines the risk-based approach
The Risk Factor Guidelines lay down an absolute transaction threshold of EUR 150 for e-money issuers who wish to apply Simplified Customer Due Diligence in accordance with Article 15 of the Anti-Money Laundering Directive. Obliged entities may decide to postpone the verification of the customer’s identity, on the basis of a risk assessment and provided that the ML/TF risk is low. Since risk itself is variable in nature, and may be lowered due to mitigating measures, a comprehensive risk assessment has to take into account a whole range of different factors. A fixed threshold however ignores any other risk-mitigating measures and does not reflect the fact that the ML/TF risk that different products are exposed to may vary. This clearly undermines the risk-based approach.
When performing SDD, obliged entities must apply each of the customer due diligence requirements, they only may determine the extent of such measures on a risk-sensitive basis. A fixed threshold for the application of SDD, i.e. a “one-size-fits-it-all” approach, prevents e-money issuers from adjusting their CDD measures according to the level of ML/TF risk their products pose. This clearly goes against the intention of the level 1 text. In addition to that, e-money issuers carry out a sophisticated real-time transaction monitoring, which should be reflected in the sectoral guidance.
New business models rely on easy customer on-boarding
We believe that the threshold will negatively affect many business models in the financial sector, especially market entrants that use new digital technologies to promote innovative products. Overly burdensome on-boarding processes constitute a massive obstacle for financial institutions trying to attract new customers in order to grow and to get to scale. Therefore, AML and KYC requirements are of outstanding importance to the e-money and FinTech industry.
Companies offering financial services have to keep pace with rapid developments in technological innovation. This benefits consumers, investors, and new market players alike. A lot of innovative FinTechs base their business model on e-money because it’s a simple, fast and secure way to pay small amounts online. SDD offer the chance to let customers try new products and gain benefits without any long-term commitment in the very beginning. The likelihood of customers trying new products decreases significantly if the on-boarding process is onerous and causes friction.
We, therefore, strongly call on the European Supervisory Authorities to remove the fixed threshold from the Risk Factor Guidelines in line with the risk-based approach.
Question 10: Do you have any comments on the proposed amendments to Guideline 10 for electronic money issuers?
Chapter 10.6 states:The following factors may contribute to increasing risk:
e. The product is not used for the purpose it was designed for, for example it is used overseas when it was designed as a shopping centre gift card.
Comment:
The example is confusing. In general, a shopping centre gift card is not legally classified as e-money. Such a card falls within the scope of the exemption of the so-called limited network or limited range products pursuant to Art. 3 (k) of the PSD2. Accordingly, the issuer is not an e-money issuer and has no money laundering obligations with regard to the issuance of this card. Even if such a card has been designed on the basis of the technical requirements of an international card scheme, its use is limited by appropriate coding. As a risk factor from the perspective of an authorised e-money issuer, this example is very unrealistic, as these entities usually do not issue shopping centre gift cards.
Chapter 10.18 states:
10.18. To the extent permitted by national legislation, examples of SDD measures firms may apply in low-risk situations include:
f) assuming the nature and intended purpose of the business relationship where this is obvious, for example in the case of certain gift cards that do not fall under the closed loop/closed network exemption;
Comment:
As far as we see, a “closed loop/closed network exemption” is not evident. If a gift card or other prepaid product exclusively is accepted as a payment instrument by the issuer himself (closed-loop), the product cannot be classified as e-money, lacking the criterion “which is accepted by a natural or legal person other than the electronic money issuer” of the legal e-money definition according art. 2 of the Directive 2009/110/EC. However, gift cards and other prepaid products could fall under the limited network/limited range exemption according art. 3 (k) of the PSD2 e.g. shopping centre gift cards, fuel cards, public transport cards etc. As explained above, these cards are not subject to any non-money laundering obligations, such as customer due diligence. Therefore gift cards issued in a closed loop environment or under the limited network/limited range exemption cannot be used as an example for the application of simplified customer due diligence.
Chapter 10.18 states:
10.18. To the extent permitted by national legislation, examples of SDD measures firms may apply in low-risk situations include:
a) postponing the verification of the customer’s or beneficial owner’s identity to a certain later date after the establishment of the relationship or until a certain (low) monetary threshold is exceeded (whichever occurs first). The monetary threshold should not exceed EUR 150 where the product is not reloadable or can be used in other jurisdictions or for cross-border transactions);
Comment:
A fixed threshold undermines the risk-based approach
The Risk Factor Guidelines lay down an absolute transaction threshold of EUR 150 for e-money issuers who wish to apply Simplified Customer Due Diligence in accordance with Article 15 of the Anti-Money Laundering Directive. Obliged entities may decide to postpone the verification of the customer’s identity, on the basis of a risk assessment and provided that the ML/TF risk is low. Since risk itself is variable in nature, and may be lowered due to mitigating measures, a comprehensive risk assessment has to take into account a whole range of different factors. A fixed threshold however ignores any other risk-mitigating measures and does not reflect the fact that the ML/TF risk that different products are exposed to may vary. This clearly undermines the risk-based approach.
When performing SDD, obliged entities must apply each of the customer due diligence requirements, they only may determine the extent of such measures on a risk-sensitive basis. A fixed threshold for the application of SDD, i.e. a “one-size-fits-it-all” approach, prevents e-money issuers from adjusting their CDD measures according to the level of ML/TF risk their products pose. This clearly goes against the intention of the level 1 text. In addition to that, e-money issuers carry out a sophisticated real-time transaction monitoring, which should be reflected in the sectoral guidance.
New business models rely on easy customer on-boarding
We believe that the threshold will negatively affect many business models in the financial sector, especially market entrants that use new digital technologies to promote innovative products. Overly burdensome on-boarding processes constitute a massive obstacle for financial institutions trying to attract new customers in order to grow and to get to scale. Therefore, AML and KYC requirements are of outstanding importance to the e-money and FinTech industry.
Companies offering financial services have to keep pace with rapid developments in technological innovation. This benefits consumers, investors, and new market players alike. A lot of innovative FinTechs base their business model on e-money because it’s a simple, fast and secure way to pay small amounts online. SDD offer the chance to let customers try new products and gain benefits without any long-term commitment in the very beginning. The likelihood of customers trying new products decreases significantly if the on-boarding process is onerous and causes friction.
We, therefore, strongly call on the European Supervisory Authorities to remove the fixed threshold from the Risk Factor Guidelines in line with the risk-based approach.