The European Banking Authority (EBA) is an independent EU Authority responsible for developing binding, effective and consistent standards and guidelines for the European banking sector. The EBA also provides advice to the European Commission, Parliament and Council.
Following the COVID-19 pandemic, the EBA felt the need to develop a response to the growing need for remote customer onboarding that could still meet the stringent regulatory requirements for anti-money laundering (AML) and counter-financing of terrorism.
These guidelines included recommendations for using remote identification methods, including video verification and other measures that mitigate fraud risks during onboarding, as well as recommendations for ongoing monitoring after onboarding has been completed.
What Are The EBA Guidelines?
The EBA guidelines for the use of remote customer onboarding solutions sets out the steps financial institutions must take to ensure that customer onboarding practices are safe, effective and in line with acceptable AML/CT practices and the EU’s data protection framework.
The guidelines apply to all credit and financial institutions that fall under the scope of the Anti-money Laundering Directive (AMLD) and set out the steps that should be taken when implementing remote customer onboarding tools. While the Guidelines do not make any recommendations with regard to the technology companies should use, it does provide guidance for assessing the adequacy of these tools in meeting their AML/CFT obligations.
The Legal Basis for the Development of the EBA Guidelines
The EBA Guidelines were developed in response to the EU Commission’s request within the context of its Digital Finance Strategy, which was published in 2020 and are in line with the EBA mandate to coordinate, lead and monitor the financial sector in the EU’s fight against money laundering and terrorist financing.
The Anti-money Laundering Directive recommends a risk-based approach to AML/CFT obligations. It does not set out in detail what is or what is not allowed in a remote/digital context when onboarding new customers, which has created risks as regulatory expectations for remote onboarding were unclear. These challenges were exacerbated even further during the pandemic, which saw the demand for non-face-to-face interactions increase dramatically, a trend that shows no sign of slowing down.
What Are The EBA Guidelines for Remote Onboarding?
Remote onboarding rules will vary based on the jurisdiction. However, the aim is not to be prescriptive but to encourage financial institutions to implement remote onboarding methods that are still in line with AML and CFT controls and best practices. The recommendations by the European Banking Authority include the following:
1. Using remote identification methods
The EBA guidelines recommend using remote identification methods, including video verification, in order to verify the identity of new customers. This may involve using webcams to capture live images of the customer being onboarded, coupled with facial recognition technology that can match the customer’s face to government-issued identification documents.
2. Using a risk-based approach
The EBA recommends that financial institutions use conventional methods of risk assessment to determine the customer’s risk of money laundering and terrorist financing and implement mitigation measures accordingly.
3. Ongoing monitoring
EBA guidelines recommend that banks closely monitor customer relationships on an ongoing basis, even after customers have been onboarded, to determine whether or not there is any suspicious activity associated with the account.
4. Compliance with AML and CTF regulations
Financial institutions must comply with existing AML/CTF regulations, including customer due diligence (CDD) and Know Your Customer (KYC) requirements. Financial institutions must have strong internal controls in place to detect and prevent fraud and money laundering. This includes reporting suspicious activity to the relevant authorities in a timely manner whenever it’s detected.
The EBA recommends ensuring that staff are properly trained and fully aware of the risks that are associated with remote onboarding and how those risks can be successfully mitigated.
These guidelines are not comprehensive; all financial institutions must refer to the full guidelines for more information.
How Technology Can Assist Financial Institutions With the Implementation of EBA Guidelines
The right technology partner can assist financial institutions with implementing EBA guidelines by facilitating remote identification and verification of new customers in accordance with AML and KYC recommendations. Most companies will offer remote, electronic signatures and document management solutions that reduce in-person interactions while enabling the required audit trails and verification. They will also provide online training and testing to ensure that employees have the right knowledge to meet regulatory requirements, along with the means to securely exchange information during the onboarding process.
When evaluating tech solutions, companies should look for partners that can automate compliance checks, including sanctions screening, and provide a robust data and access management system that ensures that only authorized individuals have access to sensitive data during onboarding. The company should also offer automated reporting tools that can assist staff with generating required reports, including suspicious activity reports, in a timely manner and with greater accuracy.
If you have any questions about these guidelines, or about implementing a Sanctions / AML screening solution, get in touch with our team at sanctions.io for assistance.