Prohibition of disclosure
Comments and recommendations by the NBB
Financial institutions should exercise the greatest discretion with regard to the information they submit to CTIF-CFI as well as to the ongoing or potential analyses of facts or transactions that could be linked to money laundering or terrorist financing.
1. Principle of the prohibition of disclosure
In accordance with Article 55 of the Anti-Money Laundering Law, financial institutions may under no circumstances provide the customer concerned or third parties with information that is being, will be or has been submitted to CTIF-CFI in accordance with Articles 47 (reporting of suspicions), 48 (additional information) and 54 (reportings concerning a transaction linked to a high-risk country) of the Anti-Money Laundering Law, or inform them that a money laundering or terrorist financing analysis is being, or may be carried out. The prohibition against informing the customer or third parties that a money laundering or terrorist financing analysis is ongoing or may be started, covers both the internal analyses performed by the obliged entity’s AMLCO to determine in particular if a reporting should be submitted to CTIF-CFI, and the external analyses performed by CTIF-CFI or the judicial authorities to determine whether there are serious indications of ML/FT.
The NBB expects financial institutions to comply strictly with this prohibition of disclosure in light of the objectives pursued by it. On the one hand, confidentiality of reportings of suspicious transactions is essential to enable the judicial authorities to apprehend and seize the assets of the perpetrators of the money laundering or terrorist financing offences. On the other hand, prohibiting the disclosure of information to third parties also aims to preserve the reputation of the persons concerned as long as no criminal sanction has been issued by the judicial authorities as a result of these reportings of suspicions. Moreover, a violation of this confidentiality obligation with the aim of enabling the perpetrator of the money laundering or terrorist financing offence to avoid the consequences of a reporting that has been or will be submitted, could, depending on the circumstances, constitute an act of complicity in money laundering or terrorist financing.
In practice, the prohibition of disclosure implies that where an atypical transaction has been detected, it is preferable to avoid, as far as possible, contacting the customer concerned, in order to avoid any risk of unintentional disclosure; contact with the customer should be limited to cases where the analysis of the transaction actually requires such contact in order to form an opinion as to the possible existence of a suspicion and may in no case reveal that the additional information requested aims to determine whether a suspicion should be reported to CTIF-CFI.
In accordance with Article 55, § 1, second paragraph, of the Anti-Money Laundering Law, read in conjunction with Article 56, § 2, 2°, of the same Law, the prohibition of disclosure also applies to communication of information or intelligence by Belgian financial institutions to their branches and subsidiaries established in third countries if no adequate measures have been taken to ensure that these branches or subsidiaries effectively apply a group policy in accordance with Directive 2015/849.
Given the importance of this prohibition of disclosure, the NBB expects financial institutions to specifically draw the attention of their managers and employees to the obligation to comply strictly with this prohibition and to limit access to this information to the persons who need it for the performance of their functions.
Furthermore, the NBB considers that if a financial institution finds that the prohibition of disclosure has been or might have been violated within the institution, it should examine the facts and their circumstances as quickly as possible in order to determine which proportionate and dissuasive measures should be taken against the person concerned. The NBB moreover expects these facts to be reported to itself and to CTIF-CFI without delay.
2.1. For competent authorities
In accordance with Article 56, § 1, of the Anti-Money Laundering Law, the prohibition of disclosure does not apply to notifications from the financial institutions to the NBB in its capacity as competent supervisory authority, nor to disclosures for law enforcement purposes.
For instance, when exercising its supervisory powers both on- and off-site, the NBB is authorised to ask financial institutions to provide it in particular with the reports of the analyses of atypical facts and transactions and the accompanying documents, a copy of their reportings of suspicions to CTIF-CFI, the content of these reportings and their follow-up, notably the new individual risk assessment and the decision taken on this basis in accordance with Article 22 of the Anti-Money Laundering Regulation.
Likewise, the reporting entity may not invoke the confidentiality attached to the reporting of suspicions to the CTIF-CFI to refuse cooperation in criminal investigations that potentially result from the reporting of suspicions and pertain to the persons who are the subject of this reporting or to their transactions.
2.2. Information sharing within groups
Pursuant to Article 56, § 2, 1°, of the Anti-Money Laundering Law, financial institutions are authorised to share information covered by the prohibition of disclosure mentioned in § 1 with other financial institutions belonging to the same group, including the branches of these financial institutions, that are established on the territory of the European Economic Area.
On the basis of Article 56, § 2, 2°, of the Anti-Money Laundering Law, the same information may only be shared with financial institutions’ branches or majority-owned subsidiaries that are located in third countries provided that those branches and subsidiaries fully comply with the group-wide policies and procedures, including procedures for sharing information within the group, in accordance with Article 45 of Directive 2015/849, and that the group-wide policies and procedures comply with the requirements laid down in this Directive.
These derogations from the prohibition on disclosing reportings of suspicious transactions aim to strengthen the effectiveness of the ML/FT prevention mechanisms within groups. The NBB therefore considers that financial institutions should make use of these derogations whenever that is useful and necessary for AML/CFT purposes to provide other entities belonging to the same group with relevant information on customers and their transactions, on potential indications of ML/FT, on the analysis of atypical transactions or on reportings of suspicious transactions. Conversely, financial institutions should also make use of the communication channels provided for in their group policies to request equivalent information held by other entities of the group when this information could strengthen the effectiveness of the detection or analysis of atypical transactions and of the reporting of suspicious transactions to CTIF-CFI. However, these exchanges of information should comply with strict procedures which should notably limit access to this information to the persons whose AML/CFT tasks and functions justify access. In this respect, please also refer to the page “Personal data processing and protection”.
2.3. Information sharing with another financial institution not belonging to the same group
Article 56, § 2, 3°, of the Anti-Money Laundering Law authorises financial institutions to inform other financial institutions not belonging to the same group that a transaction carried out by a customer has been the subject of a reporting of suspicions to CTIF-CFI or that a money laundering or terrorist financing analysis is being, or may be, carried out with respect to a particular customer, provided that the financial institution receiving this information is involved in the same transaction with the same customer.
This authorisation is conditional upon the recipient being subject to equivalent AML/CFT legislation and only using the information for this sole purpose, on the one hand, and on the recipient being subject to equivalent obligations of professional secrecy and personal data protection, on the other.
As with the authorisation to exchange information within groups (see above), the main objective of this provision is to promote the effectiveness of AML/CFT. However, taking into account that the exchange of information is, in this case, not regulated by a single group policy, the NBB considers that it falls upon the financial institution reporting to CTIF-CFI a suspicious transaction involving another financial institution, to decide on a case-by-case basis whether it would be useful in light of the objectives pursued to inform this other financial institution thereof, and whether this institution is able to provide sufficient guarantees that it will comply with the conditions mentioned above. This decision falls within the competence of the AMLCO.
2.4. Information sharing with tied and exclusive agents
Tied and exclusive agents of financial institutions subject to the supervision of the NBB exercise their professional activities within the framework of a mandate. Consequently, such agents cannot be considered as third parties vis-à-vis the obliged entity for which they carry out a mandate. The prohibition of disclosure laid down in Article 55 of the Anti-Money Laundering Law is therefore not applicable to financial institutions in their relationship with tied and exclusive agents.
This does not necessarily mean, however, that tied and exclusive agents have the right to be informed by the financial institution for which they carry out a mandate of all analyses or reportings to CTIF-CFI regarding transactions carried out by customers for whom these agents act on behalf of the financial institution, or of the precise reason for terminating a customer relationship or refusing a transaction.
In concrete terms, such information may only be transmitted by an obliged entity to its tied and exclusive agents if that is necessary for the proper implementation, by these agents, of the mandate entrusted to them to apply the internal AML/CFT procedures of the financial institution. Purely commercial considerations on the part of the agent (e.g. protection of his turnover) should therefore be regarded as insufficient justification for obtaining such information.
If this information were to be communicated to the agent, he would in any case be prohibited from transmitting it to the customer or to third parties, pursuant to Article 55 of the Anti-Money Laundering Law. Any violation of this prohibition should be considered as serious professional misconduct on the part of the agent.