ESAs consult on technical standards to strengthen group-wide money laundering and terrorist financing risk management

31 May 2017

The ESAs' public consultation specify how credit and financial institutions should manage ML/TF risks where a third country's law prevents the implementation in their branches or majority-owned subsidiaries of group-wide policies and procedures on AML/CFT.‎

Credit and financial institutions have to put in place and maintain anti-money laundering and countering the financing of terrorism (AML/CFT) policies and procedures to assess and manage effectively the money laundering and terrorist financing (ML/TF) risks to which they are exposed. Where they are part of a group, these AML/CFT policies and procedures have to be applied at group-level. This can be challenging where branches or majority-owned subsidiaries are located in a third country, outside of the European Economic Area (EEA), with less stringent AML/CFT requirements.  

Most third countries' legal systems will not prevent groups from implementing group-wide AML/CFT policies and procedures that are stricter than national legislation requires. However,  the implementation of a third country's law may at times not permit the application of some or all parts of a group's AML/CFT policies and procedures. This can be the case, for example, when the sharing of customer-specific information within the group conflicts with local data protection or banking secrecy requirements and limits a credit or financial institution's ability to understand who their customers are. Restrictions on obtaining and processing customer data can also facilitate tax crimes, as highlighted in the context of the ‘Panama Papers'.   

In such cases, credit and financial institutions must take effective steps to handle the resultant ML/TF risk.  These include obtaining consent from customers to overcome restrictions on the ability to share and process customer data, carrying out enhanced reviews to be satisfied that branches and majority-owned subsidiaries in those jurisdictions are able to adequately assess and manage ML/TF risk and restricting the ability of other entities in the same group to rely on customer due diligence measures carried out by a branch or majority-owned subsidiary in those jurisdictions.

Comments to the draft RTS can be sent by 11 July 2017. The ESAs will hold a public hearing on the draft RTS, which will take place at the EBA premises in London on 23 June 2017 from 10:30 to 12:30 UK time.

Press release

Consultation paper


© EBA