Transactions. obliged entities must carry out customer due diligence (CDD) where specified in Article 11 as follows:
Electronic money products and anonymous pre paid cards (Article 12).
The use of electronic money products is increasingly considered to be a substitute for bank accounts. Accordingly the derogations for electronic money products in Article 12(1) are very limited and not applicable in the case of redemption in cash or cash withdrawal of the monetary value of the electronic money where the amount redeemed exceeds €50, or in the case of remote payment transactions as defined in Article 4(6) of the Directive (EU) 2015/2366 where the amount paid exceeds €50 per transaction (Article 12 (2)).
Anonymous prepaid cards (Article 12)
Credit institutions and financial institutions acting as acquirers must only accept payments carried out with anonymous prepaid cards issued in third countries where such cards meet requirements equivalent to those set out in Articles 12(1) and 12(2). Member States can decide not to accept on their territory, payments carried out by using anonymous prepaid cards (Article 12(3)).
What CDD comprises (Article 13)
Obliged entities shall take into account at least the variables set out in Annex I to MLD4 when assessing the risks of money laundering and terrorist financing (Article 13(3)). CDD comprises:
identifying the customer and verifying the customer’s identity on the basis of documents, data or information obtained from a reliable and independent source, including, where available, electronic identification means, relevant trust services as set out in the eIDAS Regulation (EU) No 910/2014 or any other secure, remote or electronic identification process regulated, recognised, approved or accepted by the relevant national authorities;
identifying the beneficial owner (as defined) including verify that person's identity, whether a natural or legal person, trust, company, or foundation and similar legal arrangement, and take reasonable measures to understand the ownership and control structure of the customer;
assessing and, as appropriate, obtaining information on the purpose and intended nature of the business relationship;
conducting ongoing monitoring of the business relationship as specified;
verifying that any person purporting to act on behalf of the customer is so authorised and identify and verify the identity of that person (Article 13(1)).
evidencing that the measures are appropriate. obliged entities must be able to demonstrate to competent authorities or self-regulatory bodies that the measures are appropriate in view of the risks of money laundering and terrorist financing that have been identified (Article 13(4)).
For life or other investment-related insurance business, credit institutions and financial institutions must establish and verify identity as set out in Articles 13(5).
In the case of beneficiaries of trusts or of similar legal arrangements that are designated by particular characteristics or class, an obliged entity must obtain sufficient information concerning the beneficiary to satisfy the obliged entity that it will be able to establish the identity of the beneficiary at the time of the payout or at the time of the exercise by the beneficiary of its vested rights (Article 13(6)).
When identity verification must take place (Article 13 and Article 14)
In addition to Articles 13(5) and 13(6), Article 14 in part contains rules on when identity must be verified.
Article 14(5) of MLD4 provides that obliged
entities must apply CDD measures, at appropriate
times, to existing customers on a risk-sensitive basis (i) When the relevant
circumstances of a customer change; (ii) When the firm has any legal duty in
the course of the relevant calendar year to contact the customer for the
purpose of reviewing any relevant information relating to any beneficial
owners; (iii) if the firm has had this duty under Council Directive 2011/16/EU
(which provides for the mandatory automatic exchange of information in the
field of taxation).
Unable to verify identity (Article 14.4)
If a firm is not able to identify and verify the identity of a customer or the customer’s beneficial owner, or to assess and obtain information on the purpose and intended nature of the business relationship it must: (i) not carry out a transaction through a bank account; (ii) not establish a business relationship or carry out a transaction; (iii) terminate the business relationship; (iv) consider making a suspicious transaction report relating to the customer to the relevant FIU in accordance with Article 33 (Article 14(4), MLD4).
Member States shall not apply the first
subparagraph to notaries, other independent legal professionals, auditors,
external accountants and tax advisors only to the strict extent that those
persons ascertain the legal position of their client, or perform the task of
defending or representing that client in, or concerning, judicial proceedings,
including providing advice on instituting or avoiding such proceedings (Article
14(4) second paragraph).