The NBU has approved and published a new Regulation On Financial Monitoring by Banks (hereinafter – the Regulation). The Regulation has been drafted in connection with the entry into force on 28 April 2020 of new legislative requirements for financial monitoring. In keeping with its promise to allow the banks enough time to adapt to the changes, the central bank has given all banks until the end of 2020 to adjust their financial monitoring processes and procedures. In accordance with the approved Regulation, the banks will apply the new requirements:
1.For new clients – from the date the law takes effect (28 April 2020)
2. For existing customers – during the scheduled verification of their data (the KYC, or Know Your Client, procedure).
Introducing remote identification
The main advantage of the new law is the remote identification and verification of customers. From now on, a visit to a branch or a personal meeting with a bank representative is not required to open an account in a new bank. The NBU has approved full-fledged and simplified models (in case of compliance with the limits) of remote identification, as reported earlier. Full models: NBU BankID; qualified electronic signature (QES); video broadcast. Simplified models: NBU BankID; QES; payment from own account to a separate bank account; reading data from the chip of a biometric document (international passport or ID-card passport); verification of data from the credit bureau.
How will video verification take place in practice?
In effect, a bank employee can communicate with a client via a video link and check their documents: • for new passports (biometric passport or ID-card) – the bank will remotely read the data from the chip and check the identity. Another way is a visual assessment of the document, its security features, and logical verification of data. • for old-style (nonbiometric) passports – the bank will visually evaluate the document, check whether the person’s face matches the photograph, and conduct additional checks with the help of NBU BankID, QES, and other documents, and by reconciling the data with information from the credit bureau.
Updated requirements for identifying ultimate beneficial owners
As they identify and verify a legal entity, the banks must understand who the ultimate beneficial owner of this company is. Previously, the banks primarily used information from the Unified Register of Legal Entities, Sole Proprietors, and Public Associations. From this time onward, the banks must use information from both this register and other sources. New approaches in how the banks work with politically exposed persons (PEPs), their family members, and related parties The risk-based approach should be used when servicing PEPs who are national public figures. At the same time, it is not necessary to rate people in this category as high-risk. It all depends on the position of the person, the size and type of banking services, and the products the person receives. For instance, when servicing PEPs within a payroll project, a bank is not required to classify the client as high-risk. However, the banks must approach PEPs who are foreign and international public figures as high-risk.
Requirements for foreign financial institutions that are correspondents of Ukrainian banks
When establishing correspondent relations with Ukrainian banks in Ukraine, foreign financial institutions must comply with the same requirements that international financial institutions have established for Ukrainian banks. The list of these requirements has now been detailed, and Ukrainian standards are now in line with international requirements.
Detailed rules for remittances
The NBU has provided a detailed description of technical settings for remittances. These include only technological procedures and the use of the risk-based approach when monitoring remittances. Whistleblowing procedure to inform the banks about financial monitoring violations is now in effect The NBU has introduced the international practice of informing banks about financial monitoring violations. The banks should set up anonymous channels through which violations can be reported. This procedure can be used by any employee who has identified a violation and wants to notify the bank’s employee in charge of financial monitoring or the head of the bank. This procedure will also be introduced at the NBU itself. This channel can be used not only by bank employees, but also by third parties.
Other conceptual changes that have come with the new Regulation:
● three models for determining the person responsible for financial monitoring have been approved
● procedure for freezing/unfreezing the assets of persons from the list of terrorists has been established
● basic list of risk criteria and indicators of suspicious financial transactions has been compiled
● assignment procedure has been introduced, which is basically a tool that enables the banks to use the results of identification and verification by third parties and to entrust the identification and verification function to agents
● signs of inadequacy of a bank’s risk management system have been identified.