COMMISSION STAFF WORKING PAPER on Anti-money laundering supervision of and reporting by payment institutions in various cross-border situations - Hoofdinhoud
Contents
| Documentdatum | 07-10-2011 |
|---|---|
| Publicatiedatum | 22-01-2013 |
| Kenmerk | 15288/11 |
| Van | Secretary-General of the European Commission, signed by Mr Jordi AYET PUIGARNAU, Director |
| Aan | Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union |
| Externe link | originele PDF |
| Originele document in PDF |  |
COUNCIL OF Brussels, 7 October 2011 THE EUROPEAN UNION
15288/11
EF 135 ECOFIN 670 CRIMORG 180
COVER NOTE from: Secretary-General of the European Commission,
signed by Mr Jordi AYET PUIGARNAU, Director
date of receipt: 3 October 2011 to: Mr Uwe CORSEPIUS, Secretary-General of the Council of the European
Union
No Cion doc.: SEC(2011) 1178 final
Subject: COMMISSION STAFF WORKING PAPER
on Anti-money laundering supervision of and reporting by payment institutions
in various cross-border situations
Delegations will find attached Commission document SEC(2011) 1178 final.
________________________
Encl.: SEC(2011) 1178 final
EUROPEAN COMMISSION
Brussels, 4.10.2011 SEC(2011) 1178 final
COMMISSION STAFF WORKING PAPER
on Anti-money laundering supervision of and reporting by payment institutions in various cross-border situations
This document is a working document of the services of the Commission. It does not represent or prejudice any position the Commission have taken or will take in the future, on any of the issues covered.
Introduction
The purpose of this working document is to provide guidance to EU supervisors and private stakeholders as regards the interaction of the Payment Services Directive (2007/64/EC, hereafter "the PSD") and the Anti-Money Laundering Directive (2005/60/EC, hereafter "the AMLD") with respect to the supervision of payment institutions and their reporting obligations under the AMLD in various cross-border situations.
In general terms, it should be observed that, once authorised in its home Member State, a payment institution (hereafter, a "PI") can conduct business in any other Member State through free provision of services or freedom of establishment without the need to obtain additional authorisations in the host Member State (Article 10§9) of the PSD). Article 20§4 of the PSD places the authorisation and prudential supervision duty of the payment institution (Title II of the PSD) within the responsibility of the "home Member State" (as defined in its Article 4§1).
Concerning the transparency and information rules and the conduct of business rules (Title III and IV of the PSD), in relation to payment services, payment institutions should respect, at least vis-à-vis consumers, the rules of the Member State in which they are providing the payment service. Therefore, although licensed in a Member State A, the terms and conditions of a payment institution for operating in the market of a Member State B are regulated by the domestic law implementing the PSD in Member State B.
As regards infringements to Titles III and IV of the PSD, the competent authorities, in cases where the PI works with agents and branches, are those of the host Member State (Article 82§2 of the PSD).
Article 4§2 of the PSD defines the "host Member State" as being the "Member State where the payment service provider has an agent or a branch or provides payment services…"
The AMLD follows a territorial approach. It requires Member States to impose preventive obligations on, inter alia, the payment institutions established on their territory (Article 34 of the AMLD). Contrary to the PSD, the AMLD is a minimum harmonisation directive which thus allows Member States to "adopt or retain in force stricter provisions" (Article 5 of the AMLD).
It stems from a combined reading of both PSD and AMLD that PIs have to respect, as regards their branches or agents, the AMLD rules of the host country and are subject to the AML supervision of the host country performed in close cooperation with the home country authorities. Prudential supervision per se is still the responsibility of the home country, but cooperation with host authorities remains indispensable.
Against this background, the scope of this working document is limited to two scenarios:
-
-a payment institution authorised in Member State A (the 'home country') has an agent or several agents in Member State B (the 'host country');
-
-a PI authorised in Member State A has a branch in Member State B;
In both scenarios, questions arise as to the legal rules to be applied to PIs agents and branches, the allocation of AML supervisory powers between the home and the host authorities and the national Financial Intelligence Units (FIU) competent for receiving the reporting of suspicious transactions.
The European Commission services are aware of the fact that similar legal questions will - or already do - arise with regard to the situation of agents of e-money institutions as well as e-money distributors. The European Commission services have already launched some discussions on these issues with all relevant stakeholders in order to assess whether some future legal clarifications would be needed. At this stage, however, the Commission services consider that given the fact that the e-money directive came only recently into force (on 30 April 2011), more information, feedback and data are needed before any such clarifications can be envisaged. But as regards the situation of e-money agents it seems already clear that a substantial part of the present working document could be applicable by analogy to them. Distributors do, however, give rise to quite different legal questions - potentially requiring different legal answers - given their legal status vis-à-vis e-money issuers and the nature of activities that they perform. But again more experience must be gathered before assessing whether any interpretative work proves justified.
This document is without prejudice to the rules applicable to the processing of personal data which would be carried out in the pursuit of their activities by PIs subject to Directive 95/46/EC i (Data Protection Directive). Article 4 of this Directive sets out the law applicable to processing activities carried out in the Member States and should be taken into account in order to determine the law applicable to the PI in the situations referred to in this
document. 1
1) A payment institution authorised in Member State A works with agents in Member State B
The use of agents is widespread and ranges from several hundred in some jurisdictions to thousands in others. The services they offer may pose terrorist financing and money laundering risks, as large amounts of cash can be handled through payment services such as money remittance.
As regards occasional transactions (which is normally the rule for money remittance services), customer due diligence (CDD) must in principle only be performed for transactions amounting to 15.000 EUR (in a single operation or in several operations which appear to be linked) or, below such amount, where there is a suspicion of money laundering or terrorist financing (Article 7 of the AMLD) or if the occasional transaction is a transfer of funds covered by Regulation (EC) No. 1781/2006 i. It could be reasonably questioned whether transfer of funds above 15.000 EUR would often be performed through retail agents. But, even below this threshold vigilance is required and CDD must be performed in suspicious cases. Moreover, in cases of transfer of funds, information on the payer has to be verified by the payment service provider of the payer where the amount exceeds 1000 EUR.
a) Are agents "financial institutions" ?
For the purposes of the AMLD, branches of payment institutions are assimilated to financial institutions and are therefore individually subject to the AMLD obligations (see Article 3§2 (f) of the AMLD) as if they were separate financial institutions.
Unlike branches, agents of payment (or other financial) institutions are not
considered by the AMLD as being financial institutions themselves, 2 nor do
they explicitly fall within any of the other categories of institutions/persons
1 See in this regard the Opinion 8/2010 on applicable law of the Article 29 Data Protection Working
Party (doc WP179) available at: http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp179_en.pdf
2 Insurance intermediaries which act as agents of an insurance company however fall under the definition
of "financial institution" (cf. Article 3 (2) (e) AMLD). In this respect, it seems opportune to assess
whether, in a possible revision of the AMLD, all agents could be considered as 'financial institutions'.
covered by Article 2§1 of the AMLD. If however, by their nature, some agents were to fall within any of these categories (e.g. a PI has, as agent in Member State B, a credit institution, a branch of a credit institution, or any other financial institution such as a bureau de change) then they would be directly subject to the AMLD obligations.
b) Are agents a form of establishment ?
During discussions held by the Commission services in preparation of this working document, reference was often made to some ECJ judgements identified in the Commission's Interpretative Communication of 26 June
1997 3 on the "Freedom to provide services and the general good in the
Second Banking Directive".
Since this Communication was adopted, more recent case law is available. In particular, in its judgement of 11 June 2003 (case C-243/01, Gambelli) the ECJ held:
"45. It must be remembered that restrictions on the freedom of establishment for nationals of a Member State in the territory of another Member State, including restrictions on the setting-up of agencies, branches or subsidiaries, are prohibited by Article 43 EC.
46. Where a company established in a Member State (such as Stanley) pursues the activity of collecting bets through the intermediary of an organisation of agencies established in another Member State (such as the defendants in the main proceedings), any restrictions on the activities of those agencies constitute obstacles to the freedom of establishment. "
The Court's position on this issue was in line with the Advocate General's opinion, which stated that:
"80. Under the broad definition which the Court gave to the scope of freedom of establishment in Commission v Germany [judgement of 4 December 1986, case C-205/84], an undertaking which maintains a permanent presence in another Member State is covered by the provisions of the Treaty on the right of establishment, 'even if that presence does not take the form of a branch or agency, but consists merely of an office managed by the undertaking's own staff or by a person who is independent but authorised to act on a permanent basis for the undertaking, as would be the case with an agency".
4
This has been confirmed and clarified by the Court in two subsequent judgements of 8 September 2010 in joined cases C-316/07, C-358/07 to C- 360/07, C-409/07 and C-410/07, Markus Stob and others, and in case C- 409/06, Winner Wetten where it held (in paragraph 46) that:
"the concept of establishment is a very broad one, allowing a Community national to participate, on a stable and continuous basis, in the economic life of a Member State other than his State of origin and to profit therefrom, so contributing to economic and social interpenetration within the European Community in the sphere of activities as self-employed persons (see, in particular, Case C-55/94 Gebhard [1995] ECR1-4165, paragraph 25). Thus, the maintenance of a permanent presence in a Member State by an undertaking established in another Member State may fall within the provisions of the Treaty on the freedom of establishment even if that presence does not take the form of a branch or agency, but consists merely of an office managed by a person who is independent but authorised to act on a permanent basis for that undertaking, as would be the case "with an agency (see Case 205/84 Commission v Germany [1986] ECR 3755, paragraph 21)"
If follows that, by analogy with this case law, if the PI maintains a permanent presence in another Member State, even if that presence consists merely of an office managed by an agent who is independent but authorised to act on a permanent basis for the undertaking, it has to be considered as having, through its agents, a form of establishment in the host country.
This case law was primarily meant to distinguish cross-border provision of services from 'right of establishment' situations, since both situations do not entail the same legal consequences in terms of compliance with host country rules.
It could however be a useful source in cases where it is necessary to identify criteria to assess whether the agent can be considered as a 'form of establishment' with a view to distinguishing situations where the PI provides cross-border services from those where it falls under the right of establishment regime. But the fact that such 'form of establishment' could not be legally assimilated to a 'branch' of the Payment Institution prevents any automatic extension to the 'agents' of the legal regime applicable to 'branches'.
c) Allocation of supervisory powers between home and host authorities
The European Commission services consider that the supervisory authorities of both home and host Member States must closely cooperate for the purpose of monitoring and enforcing compliance by the PI – as well as its agents providing services under its responsibility- with both the PSD and the AMLD obligations.
This could prove a challenging task for both home and host authorities in cases where a given PI works with hundreds of agents in Member State B. On-site inspections of such high numbers of agents by the home country authorities would, in particular, prove quite a daunting task for the home country authorities' resources and, for that reason, the PSD provides (at Article 25§3) that such on-site inspections may be delegated to the host Member State. On-site inspection of a large number of agents is a challenge to the resources of host country authorities too, a fact that the home country authority should take carefully into account when approving the registration of agents by a PI.
Proper cooperation between both authorities is therefore all the more important. But cooperation is not only important, it is also a legal obligation expressly provided for in Article 25§2 of the PSD and further mentioned in Article 25§4 which states that it is the obligation of home and host authorities to:
"(…) provide each other with all essential and/or relevant information, in particular in the case of infringements or suspected infringements by an agent, a branch or an entity to which activities are outsourced. In this regard, the competent authorities shall communicate, upon request, all relevant information and, on their own initiative, all essential
information."
The PSD, in spite of its full harmonisation nature, leaves some room for manoeuvre to competent authorities to flesh out in more detail their cooperation and, in particular, the nature of the information they wish to exchange between themselves. Such cooperation could be subject to bilateral or, ideally, multilateral agreements between competent authorities of the Member States, with a view to organising, on a day-to-day and practical basis, the details and modalities of the cooperation. In this context, the European Commission services support the useful work which is already underway in the context of the AML sub-committee (AMLC) of the Joint Committee of the European Supervisory Authorities with a view to concluding such a cooperation agreement which would, of course, have to be in conformity with the rights and duties provided for by both the PSD and the AMLD.
Preventative powers
Under Article 17§1 of the PSD, the home Member State's competent authority has a crucial preventative role to play, in particular in verifying the accuracy of the information which the payment institution wishing to work with agents has to communicate before commencing its activities, especially a "description of the internal control mechanisms that will be used by the agents in order to comply with the obligations in relation to money laundering and terrorist financing" (17§1b)) and the "identity of directors and persons responsible for the management of the agent (…) and evidence that they are fit and proper persons" (17§1c)).
It is however clear that such verifications being operated by the home authorities on a remote and distant basis and concerning agents which are located in the host country, cannot be fully efficient without proper involvement of the host authorities. This indispensable cooperation is clearly stated at Article 17§5 and 6 (pre-notification stage) and 25§2 (postnotification stage) of the PSD.
The host Member State authorities have substantial preventative powers. Before the agent is registered by the home country, they can express an "opinion" which could dissuade the home Member State authorities to register the agent (Article 17§5). They can also inform the home Member State authorities that the engagement of agents could in their view increase the risk of money laundering (Article 17§6). This could for example happen in situations where the host Member State considers that using local retail agents which are not, themselves, designated professions under the AMLD, increases the risk of money laundering as such retailers might not be trained and equipped to effectively comply with obligations under the AMLD (Customer Due Diligence, special attention, reporting to FIUs, record keeping, internal controls, risk assessments, employee training programs etc.).
The host country authorities should not, however, unduly restrict the exercise of the PI's rights by, for example, disproportionately delaying their own verification and control duties once they have received a notification.
The home Member State authorities may refuse to register the agent(s). However, it is clear from the whole economy of the system that the nonbinding opinion of the host authorities, which have far better means of appreciating and verifying the actual AML fit and proper nature of the agents who are located in their own territory, should be taken with utmost consideration by the home authorities which, while they may in theory depart from the host authorities' opinion, should at least be able to provide a convincing justification for doing so ('comply or explain' approach).
Repressive powers
Once the agent's activities have started, home and host authorities shall cooperate on the basis of Articles 24, 25§2, 25§3, 25§4 and 17§6 of the PSD, and significant powers are, again, granted to both home and host authorities.
The home country's competent authorities can take a series of prudential measures listed in Article 21 of the PSD (on-site inspections, information requests, withdrawal of the PI's authorisation). Under Article 17§6 of the PSD, they may withdraw the agent's registration if money laundering or terrorist financing is or has taken place in the host country.
Article 17§6 of the PSD provides for the following procedure:
"If the competent authorities of the host Member State have reasonable grounds to suspect that, in connection with the intended engagement of the agent or establishment of the branch, money laundering or terrorist financing within the meaning of Directive 2005/60/EC i is taking place, has taken place or been attempted, or that the engagement of such agent or establishment of such branch could increase the risk of money laundering or terrorist financing, they shall so inform the competent authorities of the home Member State, which may refuse to register the agent or branch, or may withdraw the registration, if already made, of the agent or branch. "
In cases covered by Article 17§6 of the PSD, even after the commencing of the operations - and without prejudice to enforcing their own AML legislation - it is possible for the host Member State authorities to express serious concerns to the home Member State authorities about the agent's respect of the host country's AML obligations. The home authorities, once alerted, may withdraw the agent's registration. Such final withdrawal decision is also, formally, the responsibility of the home Member State. But as in the case of the initial registration, it seems very desirable, for the sake of good cooperation between supervisors and maximum AML efficiency, that utmost consideration be granted by the home Member State to the opinion of the host authorities in that matter, and where the home Member State decides to disregard the host's opinion it provides proper explanation for doing so ('comply or explain').
d) Do agents have to comply with AMLD requirements ?
Article 17§1b) of the PSD requires the home supervisor to assess, inter alia, "the internal control mechanisms that will be used by the agents in order to comply with the obligations in relation to money laundering and terrorist financing (emphasis added)."
Although it is not explicitly stated, the territorial nature of the AMLD implies that agents themselves, acting on behalf of the PI, have to comply with AMLD requirements of the host country. But agents' AML obligations would not find their source directly in the AMLD itself, but rather by way of the contract that they have signed with the PI, which is responsible for the oversight of its agents and is, therefore, liable for all possible breaches of AML requirements by its agents. This is confirmed in recital 28 of the AMLD:
"In the case of agency or outsourcing relationships on a contractual basis between institutions or persons covered by this Directive and external natural or legal persons not covered hereby, any anti-money laundering and anti-terrorist financing obligations for those agents or outsourcing service providers as part of the institutions or persons covered by this Directive, may only arise from contract and not from this Directive. The responsibility for complying with this Directive should remain with the institution or person covered hereby."
In cases where agents are, themselves, an entity (e.g. a bank branch or a bureau de change) covered by the AMLD, their compliance with AMLD obligations derives directly from the directives.
PIs' different business models
PIs working with retail agents who are not entities covered by the AMLD are faced with different options:
– To rely, by contract, on the agents to perform the AMLD obligations (CDD, vigilance, reporting etc.) on behalf of the payment institution itself. This scenario implies that the PI has devoted adequate resources so that the agent is seriously trained and equipped in order to perform CDD and file suspicious transactions in accordance with the host state legislation, and that adequate internal controls, within the meaning of Article 17§1b) of the PSD, are in place.
– To consider that it is not opportune that retail agents perform AML checks and file suspicious transaction reports and that, therefore, retail agents should simply perform book entry and execute the payment services. AML requirements, including the reporting of suspicious transactions, would then have to be performed by the PI itself either on a remote basis from the home country or by a representative of the PI situated in Member State B who would be tasked with compliance and reporting duties. It seems to the Commission services, on the basis of information gathered from some market players in the money remittance area, that this latter option is the one favoured and applied by 'main street' players. However, it cannot be excluded that some other market players in the money remittance business already/will choose to rely on the retail agents themselves to perform the AML requirements (CDD, reporting etc.). The Commission services are also aware of business models where compliance and reporting duties are carried out from a 'hub' in a Member State C.
When assessing the business model of a PI and, in particular, the adequacy of the PI's internal controls, home and host authorities must assess whether the fact that AML duties might be performed by retail agents themselves may imply some threats in AML policy terms.
It seems to many AML supervisors (but not to all) that - even with appropriate training and adequate internal control mechanisms - retail agents such as grocery shops and petrol stations would be inadequately suited to perform efficient due diligence, to identify possible suspicious activities or to prepare meaningful suspicious transaction reports (STRs). As regards the specific reporting obligation, Article 22§2 of the AMLD would tend to confirm this assessment, stating that: "(…) The person or persons designated in accordance with the procedures provided for in Article 34 shall normally forward the information."
If they reached such conclusions, home authorities (granting utmost consideration to the opinion expressed by the host authorities) may refuse ex-ante (Article 17§4 of the PSD) or withdraw, after commencement of activities, the agent's registration (Article 17§6 of the PSD).
e) To whose FIU shall suspicious transaction reports be forwarded?
Article 22§2 of the AMLD states that:
"The information referred to in paragraph 1 shall be forwarded to the FIU of the Member State in whose territory the institution or person forwarding the information is situated (…)."
It seems desirable, in the whole economy of the AMLD, that the reporting of suspicious transactions be done to the country B's FIU. The reported information would indeed best benefit the FIU in country B which, being the FIU of the country where the suspicion was raised, is best placed to appreciate what to do with the report and subsequently proceed with any appropriate follow-up.
Different interpretations of Article 22§2 of the AMLD have been presented to the Commission services. Some argued that the reporting has to be done to Member State A's FIU, considering that it is the country where the PI is 'situated'. However, based on the Gambelli case law described above, it can be argued that, through its agents, the PI is established ('situated') in Member State B, within the meaning of Article 22§2. It can therefore be argued that the PI itself (or, in some cases, its agents) should report suspicious transactions to Member State B's FIU. Reporting from the PI (situated in Member State A) to Member State B's FIU would raise clear questions in terms of language, format and content of STR, which differ from one country to the other.
In order to ensure a level playing field, to seek maximum legal certainty and to obtain the best operational benefits, the European Commission services are currently assessing whether to:
-
-consider a future legislative clarification of the directive on this precise issue, by introducing an explicit requirement that reporting be done to the host country FIU and,
-
-rely on FIUs' future work in order to facilitate the smooth cross-border transmission and exploitation of suspicious transaction reports. Such work should take into account, in particular, Council Decision of 17 October 2000 concerning arrangements for cooperation between financial intelligence units of the Member States in respect of exchanging information. Consideration must also be given to work on STR sharing
carried out by the EGMONT Group of Financial Intelligence Units. 4
f) Can the host country impose a certain form of establishment ?
The European Commission services are aware of the fact that, in order to simplify and clarify the issues of compliance, supervision and reporting, some Member States authorities are tempted to impose on PIs certain forms of establishment or permanent structures within their territory. In particular the latter are inclined to require that the PI establish a fully-fledged branch within their territory or, at least, that it establish a central point of contact in order to, inter alia, streamline the collection and the transfer of AML
11
compliance related information with a view to facilitating the supervisory tasks of the host country authorities.
Such a requirement has to be examined in the context of the fact that the AMLD is a minimum harmonisation directive and that Article 25§5 of the PSD states that paragraphs 1 to 4 of Article 25 of the PSD are "without prejudice to the obligation of competent authorities under Directive 2005/60/EC and Regulation (EC) o 1781/2006 i, in particular under Article 37(1) of Directive 2005/60/EC i and Article 15(3) of Regulation (EC) o 1781/2006 to supervise or monitor the compliance with the requirements
laid down in those instruments ."
If such a permanent structure is not created by the PI on its own initiative, a scenario which is already observed in the market place since it facilitates in fine the PI's activities, any possible requirement imposed by either home or host authorities to set one up would have to be carefully assessed in light of both PSD and AMLD objectives and provisions, and of the Treaty rules on the right of establishment and the freedom to provide services.
This assessment may differ depending on the PI's business model and the potential requirements imposed by the supervisory authorities:
• If the PI wishes to work on a 'pure' cross-border basis, i.e. without any
establishment of any form (which seems unlikely as far as the activity of money remittance is concerned since a presence seems necessary at the transmitting/receiving end to send or deliver the money), the very fact of requiring any form of establishment would constitute a restriction to the freedom to provide services, guaranteed by Article 56 of the Treaty, which would have to be thoroughly justified as being indispensable to achieve a public-interest objective. In its judgement of 20 May 1992 in
Case C-106/91, Ramrath, 5 the Court held that the host Member State's
requirements relating to the existence of an infrastructure within the national territory and the service provider's actual presence appeared to be justified in order to safeguard the public interest relating to the integrity and independence of auditors. In this respect it could be observed that, a fortiori, the fight against money laundering and terrorist
financing could be considered as a sufficient public interest objective.
• In the case of an imposed limit to the form of secondary establishment,
e.g. a requirement to set up a fully-fledged branch instead of (or in
12
addition to) only having local agents, such a requirement could constitute a restriction of Article 49§1 of the Treaty which, in accordance with the
ECJ's case law, would have to be carefully justified. 6
• As to a possible requirement from the host (or the home) country to set
up a 'super-agent'/'central contact point for agents, or to have a 'compliance officer' on their territory, its proportionality has to be carefully examined. In terms of necessity, it seems obvious that such structures could play a useful role in AML compliance and supervision terms for the benefit of both home and host authorities. In particular, in situations where a PI has a high number of retail agents in the host country, having one of these agents - or a representative of the PI - play an interface role with both home and host authorities may increase the efficiency of the whole system. It could also help the PI itself to satisfy its AMLD requirements. By analogy, one could see a precedent
in Article 38 and 39 of Directive 2008/118/EC i 7 on the general
arrangements for excise duty and Article 204 of Directive 2006/112/EC i 8
on the common system of value added tax which accept, under some conditions, the presence of a 'tax representative' in the host country.
The European Commission services would therefore, a priori, not oppose such a requirement, but subject to the respect of the proportionality condition. In other words, the costs of having such a centralised structure on top of the existing agents should not outweigh the intended benefits.
g) PIs' liability
In accordance with Article 18 of the PSD, payment institutions are fully liable for any acts of, among others, "any agent, branch or entity to which activities are outsourced".
6 ECJ, C-270/83, Commission vs. France. See also case C-106-/91, Ramrath .
7 OJ L 9/12, 14.01.2009, p. 1.
13
2) A payment institution from Member State A has a branch in Member State B
a) Whose competent authority supervises the branch ?
Allocation of responsibilities
Article 37§1 of the AMLD requires the competent authorities to "effectively monitor and to take the necessary measures with a view to ensuring compliance with the requirements of this Directive by all the institutions and persons covered by this Directive".
Article 37§2 of the AMLD states that:
"Member States shall ensure that the competent authorities have adequate powers, including the power to compel the production of any information that is relevant to monitoring compliance and perform checks, and have adequate resources to perform their functions."
The territorial nature of the AMLD attributes a prominent supervisory role to the host country, being understood as the Member State where the branch is established. However, formally, there is no exclusive allocation of supervisory responsibility, as regards compliance by a branch of a payment institution with the AMLD obligations to either home or host Member State authorities.
As a result, as already explained in the European Commission's Staff Working paper on Compliance with the AMLD by cross-border banking
groups at group level: 9
"…in all Member States, locally established subsidiaries or branches of credit and financial institutions from other Member States (as well as from third countries) are subject to local AML supervision like the local credit and financial institutions. At the same time, despite the absence of a clear framework in the AML Directive regarding supervision on AML compliance by groups, in almost all Member States (if not all), AML supervision carried out by the supervisory authority of the parent institution encompasses the branches and subsidiaries located in other EU Member States. In some Member States, such as FR or DE, this is an explicit legal requirement, while in other Member States, such as IE, it is the result of supervisory guidance. In other Member States, such as BE, EL, L or the
14
UK, the focus of the supervisory authority is on the head office and its senior management responsible for ensuring that their foreign branches and subsidiaries are complying with the group AML standard. The obvious result is that more than one national supervisor may intervene for the same group in different countries, thus making duplications (and potentially divergences) possible."
The European Commission services consider that the supervisory authorities of both home and host Member States have to be involved in monitoring and enforcing compliance of the branch with the AMLD. Since the branch is, legally speaking, a payment institution subject in full to the AMLD obligations (Customer Due Diligence and reporting obligations, in particular), it is obvious that the AMLD supervisory authorities of the country where the branch is situated must ensure that it complies with local AML rules. But the home country, i.e. that where the PI is authorised, also has an important role to play, not only from a prudential viewpoint but also, in cooperation with the host country authorities, in supervising the branch's compliance with the AMLD through, for instance, on-site inspections (see Article 25§2 of the PSD).
Cooperation
This joint involvement is without prejudice to the prudential cooperation between the supervisory authorities of the host Member State (presumably both the prudential supervisor and the AMLD supervisor) and of the home Member State, which could even lead to a refusal//withdrawal of the registration of agents or branches or of the authorisation of payment institutions. Such formal decisions can however only be made by the home Member State even if the irregular conduct takes place in the host Member State. But, as for agents, it seems very desirable, for the sake of a good cooperation between supervisors, that utmost consideration be granted by the home Member State to the opinion of the host authorities in that matter, and where the home Member State decides to disregard the host's opinion it provides proper explanation for doing so ('comply or explain').
It should be noted that the "supervisory authorities" within the meaning of the AMLD and the PSD may not be the same. But Article 24§2c) of the PSD facilitates their cooperation by obliging Member States to allow the exchange of information between the different categories of supervisory authorities, in particular between the PSD and the AMLD supervisory authorities.
b) To whose Financial intelligence unit (FIU) is the branch supposed to report suspicious transactions?
The AMLD states in Article 22§1 that "Member States shall require the institutions […] covered by this Directive […]" to file suspicious transaction reports with the FIU. Paragraph 2 of the same Article states that the information "shall be forwarded to the FIU of the Member State in whose territory the institution or person forwarding the information is situated."
As stated above, Article 3§2 f) of the AMLD includes the "branches of financial institutions" within the definition of "financial institutions". The branch is therefore, itself, an institution subject to the AMLD reporting obligations. In light of the fact that the branch shall be considered, for the purposes of the AMLD, as a separate entity subject to reporting obligations, it is the European Commission services' opinion that the reporting must be made by the branch to the FIU of the country where it is situated, i.e. that of Member State B. This FIU of Member State B may then inform the FIU of Member State A if this is relevant for the investigation, in accordance with
existing rules governing the cooperation of FIUs. 10
16