The European Banking Authority published the Guidelines on the role and responsibilities of the AML/CFT compliance officer (the “Guidelines”)
The CSSF would like to draw attention to the publication by the European Banking Authority (EBA) on 14 June 20221 of the Guidelines specifying the role, tasks and responsibilities of the AML/CFT compliance officer, the management body and senior manager in charge of AML/CFT compliance as well as internal policies, controls and procedures as referred to in Article 8, and Article 45 and Article 46 of Directive (EU) 2015/849.
These Guidelines apply to credit or financial institutions as defined in Article 3(1) and 3(2) of Directive (EU) 2015/849.
Important provisions set out in the Guidelines :
– Governance: clarification of the role of the management body in its management function and the role of the management body in its supervisory function;
– Proportionality: proportionality criteria for the appointment of a separate AML/CFT compliance officer;
– Assessment: assessment prior to the appointment, by the credit or financial institutions, of the suitability, skills and expertise that the AML/CFT compliance officer should possess;
– Tasks and responsibilities: clarification of expectations regarding the role, tasks and responsibilities of the AML/CFT compliance officer and management (including the member of the management body who will be responsible for implementing the AML/CFT obligations). In particular:
- Details of the AML/CFT’s reporting expectations (i.e. a list of information to be included in the AML/CFT compliance officer’s report);
- Information transmitted to the FIU (i.e. reporting of suspicious transactions);
- Training (i.e. including practical training to be provided to individuals exposed to different levels of ML/FT risks);
- Cooperation between the AML/CFT compliance function and other functions (e.g. risk and internal audit).
– Outsourcing: clarification of the list of strategic decisions to comply with AML/CFT obligations that should not be outsourced. The new Guidelines refer to the outsourcing process as defined in the ESAs Guidelines on outsourcing, in particular when outsourcing operational functions of the AML/CFT compliance officer;
– Group level: the organisation of the AML/CFT compliance function at group level with the appointment of a group AML/CFT compliance officer and the tasks and responsibilities assigned.
Date of application
The Guidelines will apply from 1 December 2022.
The CSSF is currently analysing the impact of these Guidelines on different regulatory texts currently in place.