In the world of financial regulation, keeping up with evolving standards and requirements is critical. One such regulatory tool that institutions in Germany must pay close attention to is the "Auslegungs- und Anwendungshinweise" (AuA), issued by the Federal Financial Supervisory Authority (BaFin). These interpretative and application notes are essential as they provide binding guidance on how to implement internal security measures and fulfill due diligence obligations under the Money Laundering Act (GwG).
Recently, BaFin released a consultation draft of updated AuA, which introduces several important changes. Financial institutions and other obligated entities under BaFin's supervision should take note of these updates to ensure compliance.
Key Changes in the New AuA
1. Anti-Money Laundering Obligations for Insurance Holding Companies:
The new draft extends anti-money laundering (AML) obligations to insurance holding companies and specific other entities in the insurance sector. These companies are now required to register with BaFin and adhere to AML obligations related to their role, particularly when holding stakes in entities subject to AML laws. This change anticipates legislative updates at both national and EU levels, aiming to bring insurance holding companies into the fold of obligated entities under the GwG.
2. Adverse Media Screening:
A significant emphasis in the new AuA is placed on the need for institutions to incorporate insights from media reports, especially adverse media, into their risk assessments. Although there is no explicit legal obligation to conduct Adverse Media Screening, BaFin expects institutions to consider such information when assessing customer risk. This aligns with broader trends in AML compliance, where monitoring media reports is becoming a standard practice.
3. Revised Update Cycles for Customer Data:
The update cycles for reviewing customer data gathered during initial identification processes have been tightened:
- Low Risk: From up to 15 years to intervals based on the specific risk level.
- Medium Risk: From up to 10 years to up to 5 years.
- High Risk: From up to 2 years to annual reviews.
A transitional period is allowed until the EU Anti-Money Laundering Regulation (AML-R) comes into force.
4. Specific Requirements for Factoring, Payment, and Crypto Institutions:
Factoring institutions are required to monitor all incoming and outgoing payments, regardless of whether there is a direct business relationship with the sender.
- Payment institutions must provide services only for websites specified in their contracts.
- Crypto institutions are now obligated to use blockchain analysis software and implement specific transaction monitoring
systems for the exchange of cryptocurrencies with fiat currencies.
What’s Next?
The draft AuA is currently open for public consultation until August 9, 2024. After reviewing the feedback, BaFin will finalize the document, with the new guidelines expected to become binding from January 2025. Given the binding nature of the AuA, financial institutions and other obligated entities need to assess how these changes will impact their current processes and take steps to ensure compliance. Preparing in advance is crucial, as no transitional periods are provided, except where explicitly noted.
How Bersch Consulting Can Help
Navigating the complexities of financial regulation can be challenging, especially with the constant updates to requirements like the AuA. Bersch Consulting offers a range of services designed to help your organization stay compliant with evolving AML regulations. From risk assessment and compliance strategy development to training and implementation support, we ensure that your processes align with the latest regulatory expectations.
Contact us today to learn how we can assist your organization in staying ahead of regulatory changes.
