Key takeaways on the Anti-Money Laundering Act revision at a glance.
Revised Anti-Money Laundering Act enters into force
The revised Anti-Money Laundering Act (AMLA) requires financial intermediaries to comply with stricter due diligence duties as of 1 January 2023, particularly in the areas of beneficial ownership and updating of client data.
Main focus of the revision is to ensure compliance with the recommendations of the FATF.
Below we listed the key changes that will enter in force in 2023.
Overview of the most important changes as of 1 January 2023
Verification of the identity of beneficial owners
What will change?
The revised AMLA now explicitly requires financial intermediaries not only to identify the BO, but to additionally verify – besides establishing – the identity of the beneficial owners or controlling parties in every case. In particular, it will be necessary to critically verify whether the persons indicated by the contracting party are the actual beneficial owners of the assets or the persons controlling them.
What are the main challenges?
In many situations a plausibility check based on own knowledge of the client may be considered sufficient. However, depending on the risk situation of a specific case, financial intermediaries should consider additional appropriate sources such as public information and, if necessary, information from an external body, especially regarding the form and the extent of the mentioned verification.
The stated new duties will apply for business relationships opened as of 1 January 2023. For already existing business relationships, the revised requirements will only apply in connection with the periodic review and updating of client data.
Periodic review and updating of client data
What will change?
With the entry into force of the revised AMLA, all business relationships – regardless of events and risk classification – will need to be periodically reviewed and updated with regards to client data and supporting documents. This includes all information collected about the client and the business relationship within the due diligence process when creating a client profile. I.e., not only personal data but also, for example, information on the origin of assets, on the purpose of the business relationship or on the beneficial owners/controlling persons.
What are the main challenges?
For financial intermediaries, the periodic review and updating of client data for all business relationships will entail, among others, the following additional challenges:
- Determination of the periodicity and depth of the data review on a risk-based approach;
- Review/updating of the client data in accordance with the requirements in force at the time of the review;
- Implementation of systematic processes to efficiently obtain up-to-date information, especially for low-risk clients where client contact may be very infrequent;
- Review of current risk classification (and if necessary, introduction of additional risk classifications).
As no transitional period is foreseen in the revised AMLA, the new requirements will need to be fulfilled as of 1 January 2023.
Next steps
To ensure compliance with the new due diligence duties according to the revised AMLA as of 1 January 2023 and to minimize workload financial intermediaries have to address the following questions:
- Are internal directives/policies/work instructions up-to-date and do they contain the required specifications?
- Does the currently implemented risk classification allow for an effective risk-based approach and is the current organization operationally capable to review and update the client information in the specified periodicity?
- Are there processes, which can be newly introduced, digitalized, optimized and/or standardized to efficiently obtain the required information?
- How shall all affected employees of the new requirements be instructed and how shall adequate controls to monitor that the rules are adhered to be implemented?