Object of the identification and identity verification: Comments and recommendations

Introduction: the risk-based approach in performing the obligations to identify and verify the identity of the persons involved in a business relationship or occasional transaction

The previous AML/CFT regulations detailed the manner in which the obligations to identify and verify the identity of customers, agents and beneficial owners should be performed, without requiring that the level of ML/FT risk associated with the business relationship or occasional transaction concerned be taken into account. By contrast, the Anti-Money Laundering Law extends the principles of the risk-based approach to all due diligence obligations, including the obligation to identify and verify the identity of the persons involved. Articles 26 and 27 of the Law (i) define the objectives to be achieved when performing these obligations, (ii) establish the level of requirements in cases of “standard risk”, (iii) require these requirements to be strengthened in high-risk situations and (iv) allow them to be relaxed in low-risk situations. However, the exemption from the identification and identity verification obligations in certain cases (when the customer or his beneficial owner is a Belgian or European financial institution, a public authority, etc.), which was previously set out in Article 11 of the Law of 11 January 1993, has been removed as this legal presumption of low risk is contrary to the risk-based approach. It should also be noted that neither the Anti-Money Laundering Law nor the Anti-Money Laundering Regulation of the NBB lists the supporting documents or the reliable and independent sources of information that can or should be used to fulfil the obligation to verify the identity of the persons involved.

Consequently, each obliged financial institution is required to incorporate in its ML/FT risk management policy an appropriate reference framework for the application of the risk-based approach implemented by it with regard to the identification and verification of the identity of the persons involved. This reference framework should be established taking full account of the financial institution’s overall risk analysis and risk classification. This framework should subsequently serve as the basis for the establishment of the financial institution’s internal procedures on the subject.

For this purpose, as noted on the page “Policies, procedures, processes and internal control measures”, the NBB recommends that the procedure relating to the customer and transaction due diligence measures (the part on “identification and verification of the identity of customers, agents and beneficial owners”) include a correlation table of the supporting documents accepted for each risk class, as well as a list of the circumstances in which certain supporting documents need not be submitted.

As regards the latter point, documents with low probative value could for instance be accepted if one of the following ML/FT risk reducing measures applies in the context of a business relationship posing a low ML/FT risk:

  • excluding any transaction involving the handling of cash,
  • excluding cross-border transfers of funds
  • only authorising flows of funds to or from a single account opened in the name of the same customer with a Belgian or European credit institution,
  • capping the amount of the flows of funds authorised per period of time and/or per transaction,
  • significantly limiting the offer of payment instruments linked to the account,
  • etc.

Additionally, the legislation on basic banking services also provides for restrictive measures (Chapter 8 of Title 3 of Book VII of the Code of Economic Law).

It should also be recalled that, pursuant to Article 17, paragraph 2, of the Anti-Money Laundering Law, financial institutions should be able to demonstrate to the NBB that their reference framework and the procedures established on that basis are appropriate in view of the ML/FT risk identified through their overall risk assessments. In this respect, see the page “Policies, procedures, processes and internal control measures”. Moreover, in accordance with Article 19, § 2, paragraph 3, of the Anti-Money Laundering Law, financial institutions should be able to demonstrate to the NBB that the due diligence measures effectively implemented, by applying these procedures, in the context of each of their business relationships with customers or each of the occasional transactions they perform for them are appropriate in view of the ML/FT risk identified through the individual risk assessment.

The NBB considers that the internal procedures based on this reference framework should be binding for the entire staff of the financial institution, regardless of whether they are employees, agents or distributors. It follows in particular that, without prejudice to the consequences of a reclassification justified on the basis of the individual risk assessment, the obligations to identify and verify the identity of the persons involved may in no way be relaxed in individual cases because of low ML/FT risk if the extent and the terms of this relaxation are not authorised and specified in the internal procedures.  

1. Objectives of the obligations to identify and verify the identity of the persons involved

It should be recalled, in accordance with Articles 26, § 1, and 27, § 1, of the Anti-Money Laundering Law, that fulfilling the obligations to identify and verify the identity of the persons involved requires (i) collecting relevant information on these persons that enables them to be distinguished from any other person with reasonable certainty, as well as (ii) checking all or part of the identification data collected against one or more supporting documents or reliable and independent sources of information which enable this data to be confirmed, in order to have a sufficient degree of certainty regarding the identity of the persons involved.

These objectives should be pursued regardless of the level of ML/FT risk associated with the business relationship or transaction concerned, but the degree of certainty to be achieved is determined according to the risk level assigned on the basis of the individual risk assessment.

2. Cases of “standard risk”

2.1. Notion of “standard risk”

“Standard risk” here refers to all situations that are not recognised as presenting a high risk in the context of the individual risk assessment referred to in Article 19, § 2, of the Anti-Money Laundering Law.

Situations that only present a low ML/FT risk can only be excluded from the notion of “standard risk” if they have been specifically identified as low-risk situations by the overall risk assessment referred to in Article 16 of the Anti-Money Laundering Law and if the financial institution’s internal AML/CFTP procedures explicitly specify the relaxed due diligence measures that can be applied when the individual risk assessment leads to the conclusion that the risk level is low.

2.2 Identification data

For the list of the data to be collected on the person concerned for the purposes of his identification, see Article 26, § 2, of the Anti-Money Laundering Law.

The identification data relating to the address of natural persons and to the place and date of birth of beneficial owners need only be collected “to the extent possible”. The NBB considers that each financial institution’s internal AML/CFT procedures should specify the measures to be taken by its staff when data cannot be collected using regular data collection measures, in order to be able to document, where appropriate, the inability to include the data in the identification of the person concerned.

It should also be stressed that the European Regulation on transfers of funds (Article 4(1)) requires transfers of funds to be accompanied by specific identification information, namely (i) the payer’s name, (ii) the payer’s payment account number, and (iii) one of the following additional information elements: the payer’s address, official personal document number, customer identification number or date and place of birth. For further information, see the page “Transfers of funds”.  

2.3. Identity verification

2.3.1. Identification data to be verified

In accordance with Article 27, § 2, of the Anti-Money Laundering Law, all identification data collected on the person concerned should be checked against supporting documents or reliable and independent sources of information to confirm their accuracy.

It should also be noted that the European Regulation on transfers of funds requires the customer’s address or date and place of birth, if the payment service of the payer chooses this information to accompany a transfer of funds (see Article 4(1) of the aforementioned Regulation and point 2.2 above), to be verified by the payment service of the payer before being sent together with the funds to the payment service of the payee, in the same way as the payer’s last name, first name and account number (see Article 4(4) of the aforementioned Regulation). However, if this identification information has already been verified in the context of the due diligence obligations pursuant to Article 27, § 2, of the Law (e.g. at the start of the business relationship) and if the information obtained during this verification has been kept in accordance with legal requirements (see the page "Retention and protection of data and documents") and updated in accordance with the legal obligations (see point 5 below), it is not necessary to verify this information again for every transfer of funds (Article 4(5) of the aforementioned Regulation). On the other hand, if the customer’s last and first name, account number, address or date and place of birth have not been verified before the transfer of funds (e.g. if this information has not been verified at the start of the business relationship because it was considered to pose low ML/FT risk), it should therefore, like all other identification information, be verified before being sent with the transfer of funds concerned. For further information, see the page “Transfers of funds”.

2.3.2. Supporting documents and reliable and independent sources of information

Neither the Anti-Money Laundering Law nor the Anti-Money Laundering Regulation of the NBB lists the supporting documents or the reliable sources of information that may be used to verify the identification data of the person concerned. Consequently, each financial institution should include this list in its internal procedures relating to the identification and verification of the identity of the persons concerned.

This list should be based on an assessment of the level of reliability of each supporting document or source of information, to ensure that this level is sufficient to achieve the objective set out in Article 27, § 1, of the Anti-Money Laundering Law. Where appropriate, the level of reliability required may be the result of the combined use of two or more supporting documents. For example, the NBB does not consider the identification data accompanying an initial transfer of funds carried out from a bank account opened in the name of the same person with another credit institution to be a “supporting document or reliable source of information” as such that can be sufficient to fulfil the obligation to verify the customer’s identity. However, verifying identification data through the information accompanying such an initial transfer of funds can be useful to corroborate the result of the verification of this data through another supporting document or source of information and thus increase the level of reliability of the verification performed.

As regards address verification, the NBB considers that financial institutions’ internal procedures should determine the measures to be taken to fulfil this legal obligation in a sufficiently precise manner. When the supporting document used to verify the customer’s identity provides relevant information on the customer’s address, this document should logically also be considered as the source of relevant information on his address. When this is not possible (in particular if the supporting document does not mention the customer’s address), the internal procedures should determine how this information can be obtained. In these cases, a simple declaration signed by the customer, agent or beneficial owner concerning his address generally suffices if the customer, business relationship or transaction does not present a high ML/FT risk.

Additionally, the NBB recommends taking into account the remarks below.

a) Verification of the identity of natural persons

§ 1. Identity card and passport

If the person to be identified is a natural person subject to a face-to-face identification, the NBB recommends that his identity generally be verified using his valid official identity documents such as his identity card or, where appropriate, his passport. It should be noted that these supporting documents should include a photograph of their legitimate holder and thus enable a visual check to reduce the risk of identity theft.

This measure appears particularly relevant for persons domiciled in Belgium that are holders of an identity card issued by the Belgian authorities. In case of doubt regarding the legitimacy of an identity card presented, it is however recommended to verify that it has not been registered as stolen or lost in the ad hoc database of the FPS Home Affairs (see https://www.checkdoc.be).

When financial institutions verify the customer’s identity by electronically reading the data registered on the microprocessor of his identity card, there should also be a simultaneous electronic verification to ensure that the data included on the chip was signed electronically by the National Register. In this respect, it is recommended to design the IT procedures in such a way that this verification takes place systematically and automatically without requiring the employee or agent who performs the identification to intervene and without enabling him to deactivate this check. To detect potential falsifications, it could moreover be useful to check the compliance of the data registered on the chip with the data legible on the identity card. Finally, it should be ensured that the certificate has not been revoked by the National Register.

If the verification is carried out through the customer’s passport, appropriate measures should be prescribed to ensure that this document meets the specifications for passports issued by the foreign country concerned. There should also be a check which allows to conclude reasonably that the passport presented has not been forged or falsified.

Identification data can also be verified remotely through the information registered on the microprocessor of the Belgian electronic identity card. However, it should be noted that this verification may be less reliable than a face-to-face verification as it does not allow for a visual check using the photograph included in the supporting document to ensure that the person using it is indeed its legitimate holder. It could therefore be necessary to systematically verify the legitimacy of the document presented by consulting https://www.checkdoc.be. Furthermore, a financial institution using this method of verifying the identity of the persons involved should implement measures that enable it to ensure that the objective set out in Article 27, § 1, of the Anti-Money Laundering Law will be met notwithstanding the lack of a visual check, where appropriate by implementing an additional verification measure. 

§ 2. Other official documents

In specific cases listed in the internal procedures, for example when awaiting the issuance of the customer’s identity card or passport, other documents issued by Belgian or foreign authorities can be accepted as supporting documents until the verification can subsequently be performed using the customer’s identity card.

If the customer is a child below the age of 12 who is not yet required to hold an identity card (“Kids ID”), and until his identity can be verified upon his 12th birthday using his identity card, which he will receive at that time, the use of other official documents is recommended, such as his certificate of registration in the population register of his place of residence, a copy of his birth certificate or his parents’ marriage certificate.

The identity of foreign nationals residing in Belgium who do not hold an identity card or a passport may be verified in a valid manner using the document issued to them by Belgian authorities according to their status on Belgian territory, particularly their certificate of registration in the register of foreigners and the other documents included in the annexes to the Royal Decree of 8 October 1981 on access to the territory, residence, settlement and removal of foreign nationals. It should be noted in this regard that, although a residence permit issued by the Belgian State can be considered sufficient, the other documents referred to in the Annexes to the Royal Decree of 8 October 1981 on access to the territory, residence, settlement and removal of foreign nationals could be considered less reliable. Such documents cannot be accepted as supporting documents in standard-risk situations unless they are corroborated by other supporting documents, without prejudice to the measures governing the business relationship or transaction based on which they can be considered to pose a low risk (see below).

§ 3. The “electronic identification means” within the meaning of Regulation (EU) No 910/2014 of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market

Taking into account the provisions of Regulation (EU) No 910/2014 of 23 July 2014 and of Commission Implementing Regulation (EU) 2015/1502 of 8 September 2015 on setting out minimum technical specifications and procedures for assurance levels for electronic identification means pursuant to Article 8(3) of the aforementioned Regulation (EU) No 910/2014, financial institutions can, in standard-risk situations, verify the identity of the persons concerned using electronic identification means referred to in these European regulations. Institutions that authorise the use of these instruments are required to fix the terms and conditions for their use based on an analysis of the level of reliability of these instruments with regard to the objective set out in Article 27, § 1, of the Anti-Money Laundering Law, taking particular account of the conditions relating to the identification of the person concerned upon the creation of the electronic identification means, of the specific qualities of the service provider who issued the electronic instrument concerned, of the instrument’s “assurance level” and of any other relevant element.

§ 4. Use of other innovative technological instruments

If a financial institution intends to make use of innovative technology to verify the identity of the persons involved in business relationships or occasional transactions, it is required to comply with Article 12, 1°, paragraph 2, of the Anti-Money Laundering Regulation of the NBB, which stipulates that the acceptance of new technologies as instruments for verifying the identity of these persons must be based on a prior analysis conducted by the financial institution itself of the reliability of these new instruments with regard to the objective set out in Article 27, § 1, of the Anti-Money Laundering Law. The NBB expects this analysis to be correctly documented and retained so that it can be transmitted to it at its request.

The NBB moreover recommends taking full account of the Opinion of the ESAs dated 23 January 2018 on the use of innovative solutions.

§ 5. Copies of supporting documents and consultation of the National Register

A photocopy or electronic image of a supporting document (particularly the identity card or passport) of the person concerned is obviously not as reliable as the original supporting document itself and therefore cannot be accepted as such as a sufficiently reliable supporting document in standard-risk situations.

However, by producing both a simple copy or electronic image of the identity card or passport of the person concerned and another supporting document, the reliability of the verification could be increased. In that case, the financial institution providing for such a dual method for verifying the identity of the persons concerned should be able to demonstrate that it has obtained an adequate overall level of reliability of the verification in this manner. 

Furthermore, Article 28 of the Anti-Money Laundering Law grants financial institutions the right to indirectly access the National Register to corroborate a copy of a supporting document and to verify the identity of the persons concerned (i.e. customers, their agents and their beneficial owners) where these persons are not physically present during their identification. This is the case when establishing business relationships with or carrying out transactions for a customer remotely, when identifying and verifying the customer’s beneficial owners or when updating the identification data of customers or beneficial owners that are not present at the time of the update.

However, it should be noted in these situations that, if there is no visual contact with the person providing the copy of the supporting document, the financial institution cannot use the photograph included in the supporting document to ensure that the person using it is its legitimate holder. As is the case when an electronic identity card is used to remotely verify the identity of a person involved, a financial institution providing for the verification of the identity of persons involved through a copy of a supporting document that is corroborated by consulting the National Register, should ensure and be able to demonstrate that the objective set out in Article 27, § 1, of the Anti-Money Laundering Law is nevertheless met or should, where appropriate, require the application of an additional verification measure to reach the level of reliability required.

The access to data from the National Register granted by the Law to financial institutions is indirect and requires the involvement of the professional associations designated by the King or of the institutions created by them for that purpose. The aim of the parallelism with the legal provisions on dormant accounts, safe deposit boxes and insurance contracts is to provide financial institutions with the same tools and procedures as those implemented by the professional associations in order to allow them to fulfil their obligations regardless of the legislative context.

It should however be stressed that the data that can be consulted in the National Register, can differ depending on the legislation. This procedure for consulting data in the National Register can only be used in the aforementioned circumstances for the verification of identification data required by or pursuant to the Anti-Money Laundering Law. Furthermore, the indirect access to the data of the National Register to verify the identity of customers or their agents or beneficial owners in accordance with the Anti-Money Laundering Law remains otherwise subject to the provisions of the Law of 8 August 1983 establishing a National Register of natural persons and to the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC). For these legislations to be implemented correctly, please refer to the relevant decisions, opinions and recommendations from the Commission for the Protection of Privacy (CPP). It should be stressed, in particular, that the CCP deems it preferable, whenever possible, to perform the remote identity check by using the functions of the electronic identity card rather than by consulting the National Register.

§ 6. Consultation of the register of beneficial owners

Article 73 et seq. of the Anti-Money Laundering Law create a central register of beneficial owners (the “UBO register”) with the aim of providing useful assistance to the different AML/CFT stakeholders, including the obliged entities, for the identification and the verification of the identity of the beneficial owners of companies and legal arrangements. However, it should be noted that Article 29 of the Anti-Money Laundering Law does not allow obliged entities to rely solely on the consultation of this register to identify and verify the identity of beneficial owners, but requires them to take additional measures to corroborate the data obtained by consulting the register. In standard-risk situations, the NBB recommends that these additional measures at least include obtaining supporting documents from the customer regarding the identity of his beneficial owners and/or consulting information published on the internet or any other publicly available information.

b) Verification of the identity of companies and legal persons

In standard-risk situations, the NBB generally recommends verifying the identification data of companies and legal arrangements governed by Belgian law using documents that are generally accepted in Belgian law as proof of their existence, such as the latest coordinated statutes or the updated statutes of the company or legal person that have been lodged with the Commercial Court or published in the annexes of the Belgian Official Gazette.

As regards the list of directors of companies and legal persons governed by Belgian Law, financial institutions should make use of the publication of their appointment in the Belgian Official Gazette. Other documents can also be accepted, such as the publication in the Belgian Official Gazette of notarial deeds in which these persons are mentioned as directors, or the annual accounts filed with the NBB.

The provisions governing the power to make binding agreements on behalf of the company or legal person governed by Belgian law should be established using the latest publication of the representational powers of this company or legal person in the Belgian Official Gazette.

To verify the identity of companies and legal persons governed by Belgian law, financial institutions should use supporting documents equivalent to those listed above that are provided for in accordance with the national legislation applicable to these companies and legal persons. Where appropriate, these supporting documents should be completed by a reliable translation of these documents into one of the national languages or into English.

These supporting documents can be obtained from the customer himself, from official sources such as the Belgian Official Gazette or any other sources of information that can be considered reliable such as the Crossroads Bank for Enterprises established by the Law of 16 January 2003, or from other sources of the same nature created by the Member States governing the foreign companies and legal persons.

Financial institutions can also use the “electronic identification means” issued to companies and legal persons in accordance with Regulation (EU) No 910/2014 of 23 July 214 and with Commission Implementing Regulation (EU) 2015/1502 of 8 September 2015 on setting out minimum technical specifications and procedures for assurance levels for electronic identification means pursuant to Article 8(3) of the aforementioned Regulation (EU) No 910/2014. As is the case for the verification of the identity of natural persons, the NBB expects institutions that authorise the use of these instruments to fix the terms and conditions for their use based on an analysis of the level of reliability of these instruments with regard to the objective set out in Article 27, § 1, of the Anti-Money Laundering Law, taking particular account of the conditions relating to the identification of the person concerned upon the creation of the electronic identification means, of the specific qualities of the service provider who issued the electronic instrument concerned, of the instrument’s “assurance level” and of any other relevant element.

c) Verification of the identity of legal arrangements

Financial institutions should verify identification data of legal arrangements such as trusts using documents that have probative value in the legislation applicable to this trust or legal arrangements. The relevant rules should be specified in the financial institution’s internal procedures.

 

3. Cases of “high risk”

3.1. Notion of “high risk”

“High risk” here refers to all situations that are identified as such by the individual risk assessment required by Article 19, § 2, of the Anti-Money Laundering Law. These situations include those in which enhanced due diligence measures are required by Articles 37 to 41 of the Anti-Money Laundering Law.

3.2. Identification data

Pursuant to Article 26, § 4, of the Anti-Money Laundering Law, if the individual risk assessment performed in accordance with Article 19, § 2, paragraph 1, of the Law establishes that there is a high risk associated with the customer and with the business relationship or transaction, financial institutions should take particular care to ensure that the identification data required in standard-risk situations is sufficient to distinguish, in a manner that leaves no room for doubt, the person concerned from any other person. If this is insufficiently the case, financial institutions should collect additional information to achieve the desired result.

Where the persons concerned are natural persons, the additional information to be collected may for instance pertain to their professional activity, their nationality, their gender, etc. The internal procedure could also provide for an extension of the address verification obligation by stipulating that this information, which in a standard-risk situation need only legally be collected “to the extent possible”, must be collected in all high-risk cases. The additional identification data provided for by the internal procedures could also include the expiry date of the supporting document used to verify the identity of the person concerned. It should be noted that, if the financial institution includes this information in the list of identification data required, it should update the identification and verification of the identity of the person concerned when the validity of the supporting document expires.

For legal persons, the additional identification data could include their company number or, where appropriate, their Legal Entity Identifier if they have such a unique identification code, their line of business, the number of their places of business apart from their registered office and/or the countries in which these places are established, their trade names, if any, etc.

3.3. Identity verification

3.3.1. Identification data to be verified

Pursuant to Article 27, § 4, of the Anti-Money Laundering Law, all identification data collected should be verified using particularly reliable means of verification.

3.3.2. Supporting documents and reliable and independent sources of information

In high-risk situations, the internal procedures should only authorise the use of the supporting documents accepted in standard-risk situations (see above) that are deemed the most reliable or, where appropriate, require the use of a combination of these supporting documents.

When verifying the identity of natural persons, it is recommended to only use supporting documents including a photograph of the person to be identified, and to require a visual check in order to ensure that the person presenting the supporting document is its legitimate holder.

When the financial institution authorises the use of “electronic identification means” issued in accordance with European legislation on the subject (see above) in high-risk situations, the NBB expects it to tighten the terms and conditions for the application of this authorisation.

In any case, the financial institution should establish its list of supporting documents or sources of information that are accepted to verify the identity of the persons involved in high-risk situations based on a thorough analysis of the reliability of these verification tools that enables it to demonstrate that their high level of reliability is appropriate in view of the high level and the nature of the ML/FT risk incurred.

The NBB notes that it is even more important to know the customer’s address with a sufficient degree of certainty when there is a high ML/FT risk, particularly if this risk materialises. It therefore deems it necessary to implement enhanced due diligence measures to confirm the accuracy of the address provided by the customer. These measures could include sending a letter to the address specified by the customer stating that the relationship can only enter into force or the transaction can only be performed after the customer has sent back the acknowledgement of receipt attached to the letter.

4. Cases of “low risk”

4.1. Notion of “low risk”

In order to benefit from the legally authorised relaxed identification and identity verification obligations with regard to persons involved in business relationships or occasional transactions posing a low ML/FT risk, the financial institution must choose, in its ML/FT risk management policy, to make use of and determine the terms of this possibility in its internal procedures. Moreover, the low risk level should be duly recognised in the overall risk assessment required by Article 16 of the Anti-Money Laundering Law and, in each specific case where relaxed obligations are being considered, in the individual risk assessment required by Article 19, § 2, of the Law. In this regard, please refer to the introduction of this page for existing measures to reduce the level of ML/FT risk, particularly in the legislation on basic banking services.

4.2. Identification data

In accordance with Article 26, § 3, of the Anti-Money Laundering Law, financial institutions’ internal procedures may reduce the amount of identification data that should be collected for the identification of persons involved in low-risk situations compared to the data required by the Law in standard-risk situations. However, the information collected should remain sufficient to enable the person concerned to be distinguished from any other person with reasonable certainty. For instance, the last and first name of a legal person or the corporate name of a legal person cannot reasonably be considered information that need not be collected. As this identification data alone does not suffice to eliminate an increased risk of homonymy, the NBB considers that, even in situations with low ML/FT risk, financial institutions should collect at least one additional item of identification data in order to reduce this risk of homonymy. Furthermore, the NBB expects financial institutions wishing to make use of the possibility to relax the identification obligation in low-risk situations to include in their internal procedures a detailed list of identification data that should in any case be collected.

4.3. Identity verification

4.3.1. Identification data to be verified

If the individual risk assessment required by Article 19, § 2, of the Anti-Money Laundering Law shows a case of low ML/FT risk, financial institutions are authorised to verify a smaller amount of the information collected. The amount of information verified should, however, remain sufficient to enable the obliged entity to have a sufficient degree of certainty as to its knowledge of the person concerned. The NBB therefore expects financial institutions making use of the possibility to relax the obligation to verify the identity of persons involved in the business relationship or transaction, to specify in their internal procedures the information for which verification remains obligatory.

4.3.2. Supporting documents and reliable and independent sources of information

Naturally, all supporting documents and reliable and independent sources of information which the financial identification has identified as eligible for verifying the identity of persons involved in a standard-risk business relationship or occasional relationship (see above) are also eligible in low-risk situations.

However, if the individual ML/FT risk assessment concludes that the level of ML/FT risk is low, financial institutions may choose to accept certain documents that they consider to have insufficient probative value to be accepted in standard-risk situations and even more so in high-risk situations. 

When, for example, foreign nationals are established in Belgium without having an identity card or a certificate of registration in the register of foreigners, and taking into account the need to avoid excluding persons in precarious situations on the Belgian territory from access to financial services, the NBB considers that their identity may be verified using one of the documents referred to in the different annexes to the Royal Decree of 8 October 1981 on access to the territory, residence, settlement and removal of foreign nationals, which would be considered as having low reliability, if the level of associated ML/FT risk can be reduced using appropriate measures governing the intended business relationship or transaction. In this respect, see the Opinion of the European Banking Authority (EBA) on the application of customer due diligence measures to customers who are asylum seekers from higher-risk third countries or territories (EBA-Op-2016-07) as regards the situation of asylum seekers. Although a simple copy or electronic image of a supporting document is insufficiently reliable in itself to be accepted as a supporting document in standard-risk situations without being verified through the National Register as stipulated in Article 28 of the Anti-Money Laundering Law, it could be accepted in certain circumstances as the relationship is subject to strict limitations that can drastically reduce ML/FT risk. As regards the restrictive measures to reduce the level of ML/FT risk associated with these business relationships, please refer to the introduction of this page, which states, in particular, that financial institutions are expected to include, in their procedure relating to customer and transaction due diligence measures, a correlation table of the supporting documents required for each risk class, as well as a list of the circumstances in which certain supporting documents need not be submitted.

5. Update of the identification and verification of the identity of the persons involved

Article 35, § 1, 2°, of the Anti-Money Laundering Law stipulates that obliged entities should update the identification data held by them, particularly in case of changes to items that are relevant to the individual risk assessment referred to in Article 19, § 2, of the Law. In this respect, see the page “Ongoing due diligence and detection of atypical transactions”.

This update requirement also implies that, in case of a transfer of funds, any identification data received and verified beforehand over the course of a business relationship should be subject to another verification for the transfer of funds concerned if any information relevant to the individual risk assessment has been modified.

6. Inability to fulfil the obligations to identify and verify the identity of the persons involved

Article 33 of the Anti-Money Laundering Law provides that, if obliged entities cannot fulfil their obligations to identify and verify the identity of a customer, his agents or his beneficial owners within the time limits required, they may neither establish a business relationship with or carry out a transaction for that customer. In this respect, see the page “Non-compliance with the identification and identity verification obligation”.

Disclaimer: This English text is an unofficial translation and may not be used as a basis for solving any dispute

Disclaimer: The content of this page is currently being reviewed and may be modified following the entry into force of the Law of 20 July 2020 containing various provisions on the prevention of money laundering and terrorist financing and on the restriction of the use of cash.