New EBA requirements for the MLRO: The European Banking Authority (EBA) has launched a public consultation on new guidelines on the role, tasks and responsibilities of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) Officers. The guidelines contain provisions on broader AML/CFT governance, including at group level. Once adopted, these guidelines will apply to all financial sector actors falling within the scope of the AML Directive. This consultation will run until 2 November 2021.
#1 New EBA requirements for the MLRO
The draft guidelines comprehensively address the entire AML/CFT governance regime for the first time at EU level. They set clear expectations on the role, tasks and responsibilities of the AML/CFT compliance officer and the management body and how they interact, including at group level. AML/CFT compliance officers must have sufficient seniority. This means that they are empowered to propose, on their own initiative, any necessary or appropriate measures to the management body in its supervisory and management function to ensure compliance with and effectiveness of internal anti-money laundering and counter-terrorist financing measures.
#2 Rights and duties of the MLRO
Para 24. The AML/CFT Officer referred to in Article 8(4)(a) of Directive (EU) 2015/849 should be appointed at a level that includes the power to propose, on his or her own initiative, any necessary or appropriate measures to ensure compliance with and effectiveness of the internal anti-money laundering and counter-terrorist financing measures function.
Para 25. Where the management body appoints an AML/CFT officer in accordance with paragraph 16, the management body should decide, taking into account the size and complexity of the business and its ML/TF risk,
# whether the AML/CFT compliance officer role is to be performed on a full-time basis, or
# whether this role can be performed by an employee or manager in addition to his/her existing functions within the financial services provider.
Such a decision should be based on the principle of proportionality, taking into account, inter alia, the factors set out below.
Point 26: Where the tasks of the anti-money laundering and counter-terrorist financing compliance officer are to be assigned to an employee who already has other tasks or functions within the financial services provider, the management body should consider possible conflicts of interest and take the necessary measures to avoid them. The management body should ensure that this person can devote sufficient time to the tasks of the AML/CFT officer.
Para 27. The AML/CFT compliance officer should normally work in the country of establishment of the financial services provider.
country of establishment of the financial services provider.
Point 28. In some cases, where it is appropriate to the ML/TF risk of the financial services provider and permitted under national law, the AML/CFT officer may be
be located in another country. In such cases, management should appoint the AML/CFT compliance officer under the financial services provider’s governance arrangements.
The financial undertaking should have the necessary systems and controls in place to ensure that the AML/CFT officer has the necessary knowledge of local anti-money laundering and counter-terrorist financing laws and regulations and can perform his or her duties in an equally effective and independent manner.
The financial undertaking should ensure that the AML/CFT compliance officer has access to all internal documents and systems necessary for the performance of his or her duties.
Point 29. The AML/CFT Officer should be able to delegate his duties to other employees acting under his direction and supervision. This delegation is subject to the condition that the ultimate responsibility for the effective performance of these tasks remains with the AML/CFT Officer.
Point 30. In order to ensure the independence of the AML/CFT Officer, the new EBA requirements for the AML/CFT Officer provide for the following requirements:
(a) Notwithstanding the overall responsibility of the members of the management body for the financial undertaking, the AML/CFT Officer should not report to a person who is responsible for the management of any of the activities that the AML/CFT Compliance Officer oversees.
(b) The financial undertaking shall have procedures in place to ensure that the AML/CFT Compliance Officer has full and direct access at all times to all information necessary for the performance of his function. The decision as to what information he/she needs to have access to in this regard should be made solely by the AML/CFT Compliance Officer.
(c) The AML/CFT officer should have an independent reporting line to the management body Management body, if a management body exists in the structure of the financial services provider.
Without prejudice to the general and collective responsibility of the management body, the draft guidelines also set out the tasks and role of the board member or senior manager, where there is no board, responsible for AML/CFT as a whole, and the role of the group AML/CFT officer.
As the information reaching the management body needs to be sufficiently comprehensive to allow for informed decision-making, the new EBA requirements for the money laundering officer specify what information should be included at least in the AML/CFT officer’s activity report to the management body.
#5 Parent company to appoint MLRO at group level
Where a financial services business is part of a group, the new EBA requirements for the Money Laundering Officer provide that a group-level AML/CFT compliance officer should be appointed in the parent company to ensure the establishment and implementation of effective group-wide AML/CFT policies and procedures and to ensure that any deficiencies affecting the whole or a large part of the group are effectively addressed.
The provisions of the new EBA requirements for the Money Laundering Officer are also consistent with existing ESA guidance, in particular the revised guidelines on internal governance under the Capital Requirements Directive (CRD), the revised joint ESMA-EBA guidelines on the assessment of the suitability of members of the management body, the draft guidelines on the authorisation of credit institutions and the draft guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP) and supervisory stress testing.
Wir benötigen Ihre Zustimmung, bevor Sie unsere Website weiter besuchen können.Wenn Sie unter 16 Jahre alt sind und Ihre Zustimmung zu freiwilligen Diensten geben möchten, müssen Sie Ihre Erziehungsberechtigten um Erlaubnis bitten.Wir verwenden Cookies und andere Technologien auf unserer Website. Einige von ihnen sind essenziell, während andere uns helfen, diese Website und Ihre Erfahrung zu verbessern.Personenbezogene Daten können verarbeitet werden (z. B. IP-Adressen), z. B. für personalisierte Anzeigen und Inhalte oder Anzeigen- und Inhaltsmessung.Weitere Informationen über die Verwendung Ihrer Daten finden Sie in unserer Datenschutzerklärung.Sie können Ihre Auswahl jederzeit unter Einstellungen widerrufen oder anpassen.Einige Services verarbeiten personenbezogene Daten in den USA. Mit Ihrer Einwilligung zur Nutzung dieser Services stimmen Sie auch der Verarbeitung Ihrer Daten in den USA gemäß Art. 49 (1) lit. a DSGVO zu. Das EuGH stuft die USA als Land mit unzureichendem Datenschutz nach EU-Standards ein. So besteht etwa das Risiko, dass US-Behörden personenbezogene Daten in Überwachungsprogrammen verarbeiten, ohne bestehende Klagemöglichkeit für Europäer.
Wenn Sie unter 16 Jahre alt sind und Ihre Zustimmung zu freiwilligen Diensten geben möchten, müssen Sie Ihre Erziehungsberechtigten um Erlaubnis bitten.Wir verwenden Cookies und andere Technologien auf unserer Website. Einige von ihnen sind essenziell, während andere uns helfen, diese Website und Ihre Erfahrung zu verbessern.Personenbezogene Daten können verarbeitet werden (z. B. IP-Adressen), z. B. für personalisierte Anzeigen und Inhalte oder Anzeigen- und Inhaltsmessung.Weitere Informationen über die Verwendung Ihrer Daten finden Sie in unserer Datenschutzerklärung.Einige Services verarbeiten personenbezogene Daten in den USA. Mit Ihrer Einwilligung zur Nutzung dieser Services stimmen Sie auch der Verarbeitung Ihrer Daten in den USA gemäß Art. 49 (1) lit. a DSGVO zu. Das EuGH stuft die USA als Land mit unzureichendem Datenschutz nach EU-Standards ein. So besteht etwa das Risiko, dass US-Behörden personenbezogene Daten in Überwachungsprogrammen verarbeiten, ohne bestehende Klagemöglichkeit für Europäer.Hier finden Sie eine Übersicht über alle verwendeten Cookies. Sie können Ihre Einwilligung zu ganzen Kategorien geben oder sich weitere Informationen anzeigen lassen und so nur bestimmte Cookies auswählen.