- Business Relationship
- Key Aspects of Business Relationships
- 4th AMLD
- 5th AMLD
- German GwG
- BaFin-Interpretation and Application Guidance on the German GwG
The term „business relationship“ is one of the most commonly misunderstood terms in Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF) regulations.
In the realm of regulatory compliance, the term „business relationship“ holds significant importance across various sectors.
„Business relationship“ is defined as „any relationship which is directly connected with the commercial or professional activities of obliged entities and expected to have an element of duration“. This concept extends beyond the financial sector to include a variety of professions that require specific licensing or approval.
Obliged entities are those that engage in commercial or professional activities requiring licensure or approval due to inherent risks associated with their services. These include, but are not limited to:
- Financial Sector Entities: Such as banks, investment firms, and insurance companies offering services like asset management, investment advice, and proprietary trading.
- Legal Professionals: Lawyers and legal advisors who are members of a bar association, engaging in activities like legal representation, advice, or trust and company services.
- Accounting and Taxation Professionals: Public auditors, sworn auditors, tax advisers, and tax agents who handle sensitive financial information and transactions.
- Real Estate Agents: Professionals involved in buying, selling, leasing, or renting real estate on behalf of clients.
These obliged entities require licensing or approval as their services can be leveraged for activities like money laundering or terrorist financing. Compliance with regulations such as Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) is not just a financial sector issue but extends to any licensed professional offering services that could be misused for illicit purposes.
A business relationship in these sectors is established when a professional entity engages with a client in their field of licensed activity. This relationship is characterized by its expectation to last over time and involves a series of interactions or transactions.
Business relationships, in the context of AML and CTF, are multifaceted, encompassing various attributes such as purpose, regularity, duration, the nature of their conduct, and the means of communication. Each of these aspects plays a pivotal role in determining the level of risk and the necessary due diligence measures.
Key Aspects of Business Relationships
In the landscape of AML and CTF compliance, there are critical elements in understanding a business relationship. These components are essential in assessing the risk profile and in shaping the due diligence strategy for obliged entities.
Purpose of the Business Relationship
The purpose of a business relationship is fundamental in establishing the context for client interactions. It answers the question of why a client is engaging with a particular service. This understanding is crucial for obliged entities as it helps in identifying the potential risks involved. For instance, a client seeking investment advice for asset growth carries different risks compared to another client looking to transfer large funds internationally. Understanding the purpose enables the entity to anticipate and manage specific risks associated with the client’s goals.
Intended Nature of the Business Relationship
While the purpose of a business relationship provides insight into the client’s objectives, the intended nature of the relationship sheds light on how these objectives will be pursued. This involves understanding the types of transactions, services, or interactions expected within the relationship. Will the relationship involve regular high-value transactions, or will it be characterized by occasional, low-value interactions? The nature of the relationship can signal the level of monitoring and scrutiny required. In the financial sector, for example, a relationship involving frequent international transactions may warrant enhanced monitoring for cross-border risks.
Regularity of the Business Relationship
Regularity refers to how often transactions or interactions occur within the business relationship. A relationship with frequent transactions may require more intensive monitoring compared to one with sporadic interactions. In the financial sector, for instance, regular large transactions might necessitate enhanced scrutiny, whereas in legal services, the regularity of client consultations might dictate the level of ongoing monitoring.
Duration of the Business Relationship
The expected or actual duration of a business relationship also influences the AML/CTF approach. Longer-term relationships, where the client and entity interact over an extended period, typically require ongoing due diligence and monitoring, adapting to any changes in the client’s profile or business activities. In contrast, short-term interactions might warrant a more focused, though equally rigorous, due diligence process at the outset.
Business Relationships Conducted in Unusual Circumstances
Business relationships conducted under unusual circumstances are flagged as higher risk in AML and CTF frameworks. Unusual circumstances could include transactions that don’t fit the client’s regular pattern of activity, sudden changes in transaction volumes without clear explanation, or activities that seem to have no logical economic purpose. Identifying and investigating these anomalies are crucial for preventing illicit activities.
Non-Face-to-Face Business Relationships
The rise of digital platforms has led to an increase in non-face-to-face business relationships, which inherently carry a higher risk of fraud and identity theft. Obliged entities must employ robust electronic identification and verification processes, particularly in sectors like banking and finance, where remote transactions are commonplace. This might involve the use of secure, remote identification technologies or adherence to electronic identification standards as per relevant regulations.
The 4th Anti-Money Laundering Directive (Directive (EU) 2015/849) from the European Union provides specific guidelines and requirements around the concept of „business relationships“ in the context of anti-money laundering and customer due diligence.
- Definition of Business Relationship:
- A „business relationship“ is defined as a business, professional, or commercial relationship connected with the professional activities of an obliged entity (like banks, financial institutions, etc.).
- This relationship is expected to have an element of duration, meaning it’s not a one-time interaction but something that persists over time.
- Customer Due Diligence in Business Relationships:
- Obliged entities are required to apply customer due diligence measures when establishing a business relationship.
- This means that entities must identify and verify their clients‘ identities and understand the nature of their business to mitigate risks like money laundering or terrorist financing.
- Customer Due Diligence Measures:
- Customer due diligence includes assessing and obtaining information on the purpose and intended nature of the business relationship.
- It also involves ongoing monitoring of the business relationship, including scrutiny of transactions, to ensure consistency with the entity’s knowledge of the customer’s business and risk profile. This also involves verifying the source of funds and keeping information up-to-date.
- Risk Variables in Customer Due Diligence:
- The Directive provides a non-exhaustive list of risk variables for obliged entities to consider in applying customer due diligence measures. These include the purpose of an account or relationship, the level of assets deposited or the size of transactions, and the regularity or duration of the business relationship.
Annex III outlines factors indicating potentially higher risks in business relationships and transactions.
- Customer Risk Factors:
- A major factor indicating a potentially higher risk is if the business relationship is conducted under unusual circumstances.
- This might include situations where the nature of the relationship does not fit the typical pattern of a business or appears to have no clear economic or lawful purpose.
- The ambiguity or irregularity in how the relationship is conducted can signal potential risks for money laundering or other illegal activities.
- Product, Service, Transaction, or Delivery Channel Risk Factors:
- Non-face-to-face business relationships or transactions that lack certain safeguards are considered a higher risk.
- This risk is particularly pertinent in scenarios where modern technologies are used for transactions or interactions without adequate security measures, such as electronic signatures.
- The lack of face-to-face interaction can increase the risk of fraud, as it may be easier for individuals to misrepresent their identity or the nature of their business.
- The Directive implies that obliged entities should employ additional measures to verify the identity of the parties and the legitimacy of the transaction in non-face-to-face situations.
The 5th Anti-Money Laundering Directive (Directive (EU) 2018/843) introduces amendments to Directive (EU) 2015/849, with a specific focus on enhancing the regulatory framework around business relationships, especially in the context of non-face-to-face interactions.
- Amendment to Non-Face-to-Face Business Relationships:
- The 5th AMLD modifies the guidelines regarding non-face-to-face business relationships or transactions.
- The original directive pointed out the higher risk associated with these types of relationships or transactions, particularly when they lack certain safeguards.
- The 5th AMLD specifies what these safeguards should be, emphasizing the importance of electronic identification means and relevant trust services as defined in Regulation (EU) No 910/2014.
- Additionally, it includes any other secure, remote, or electronic identification processes that are regulated, recognized, approved, or accepted by the relevant national authorities.
- This change highlights the increasing importance of digital identification and verification methods in the financial sector, reflecting the growing trend of online and remote financial activities.
The German Anti-Money Laundering Act (Geldwäschegesetz – GwG) contains specific provisions regarding „business relationships“ in the context of anti-money laundering and customer due diligence. Here’s a summary of the key sections focusing on „business relationship“:
- Definition of Business Relationship:
- A „business relationship“ is defined as any relationship directly connected with the commercial or professional activities of obliged entities, expected to have an element of duration when the contact is established.
- This definition emphasizes the ongoing, rather than one-off, nature of the interactions under scrutiny.
- General Due Diligence Requirements:
- Obliged entities must obtain and evaluate information on the purpose and intended nature of the business relationship, unless this is already clear beyond doubt.
- This requirement ensures that the nature of the relationship is understood and monitored for potential risks.
- Continuous Monitoring of Business Relationships:
- There is a requirement for continuous monitoring of the business relationship, including all transactions.
- Monitoring should ensure consistency with available information about the contracting party or beneficial owner, their business activity, customer profile, and, where necessary, the source of wealth.
- Obliged entities must keep relevant documents, data, or information updated at appropriate intervals based on risk.
- Risk-Based Approach to Due Diligence:
- The extent of due diligence measures must align with the risk of money laundering or terrorist financing.
- Obliged entities should pay attention to risk factors specified in Annexes 1 and 2, and evaluate risks based on the purpose of the account or business relationship, the level of assets deposited by the customer or the size of transactions, and the regularity or duration of the business relationship.
- Obliged entities must demonstrate the adequacy of their measures in relation to the risk of money laundering and terrorist financing to competent authorities upon request.
- Factors Indicating Potentially Higher Risk:
- The Act lists factors that may indicate a higher risk, such as when the business relationship is conducted under unusual circumstances.
- This includes situations that deviate from the normal patterns of business and could suggest potential for illicit activities.
- Higher Risk in Non-Face-to-Face Relationships:
- Non-face-to-face business relationships or transactions without appropriate safeguards, such as electronic identification means, are considered higher risk.
- The Act emphasizes the importance of secure, remote, or electronic identification processes that are regulated, recognized, approved, or accepted by national authorities.
BaFin-Interpretation and Application Guidance on the German GwG
The BaFin Interpretation and Application Guidance on the German GwG provides detailed insights into customer due diligence obligations with a particular focus on „business relationship.“
- Triggers of General Due Diligence Obligations:
- General (standard), simplified, and enhanced customer-related due diligence obligations are outlined, with general obligations being the norm in the absence of particular circumstances.
- General due diligence obligations are triggered, in particular, at the establishment of a business relationship, as defined in Section 1 (4) of the GwG.
- A business relationship encompasses all services/products used by or available to the customer and includes both self-employed and commercial activities.
- Establishment of a Business Relationship:
- Business relationships are expected to have an element of duration from the time of initial contact.
- Key scenarios include opening an account or securities account. Changes like a new account holder indicate a new business relationship.
- Non-typical legal relationships, such as those for maintaining the business (e.g., with utility companies), do not constitute a business relationship under this definition.
- A permanent relationship is assessed based on initial evaluation, not subsequent inspection. Contracts for a specific period always entail a business relationship.
- Transactions Outside Existing Business Relationships:
- Due diligence obligations also apply to transactions outside existing business relationships (e.g., with „occasional customers“) in certain scenarios like funds transfers over €1,000, other transactions over €15,000, or crypto asset transfers equivalent to €1,000 or more.
- The obligations apply to the counterparty of the transaction, not the recipient.
- Customer-Related Due Diligence Obligations:
- Obliged entities must clarify the context of the business relationship, obtaining and assessing information on its intended nature and purpose.
- The purpose of the relationship is often evident from its nature (e.g., current accounts for payment transactions, investment products for asset protection, loan accounts).
- In cases where the purpose is not apparent, additional information should be obtained, especially for opaque and complex transactions.
- Directive (EU) 2015/849 https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32015L0849
- Directive (EU) 2018/843 https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32018L0843
- German Anti-Money Laundering Act (Geldwäschegesetz – GwG) https://www.bafin.de/SharedDocs/Downloads/EN/Aufsichtsrecht/dl_gwg_en.html
- BaFin-Interpretation and Application Guidance on the German Money Laundering Act (October 2021) https://www.bafin.de/SharedDocs/Downloads/EN/Auslegungsentscheidung/dl_ae_auas_gw2021_en.html