Governance: Comments and recommendations

The Anti-Money Laundering Law contains specific provisions on governance. For instance, to ensure the efficiency of the AML/CFTP policy, financial institutions should at least appoint the following persons:

  • on the one hand, among the members of their management committee (or their senior management), a senior officer responsible for AML/CFTP who is specifically tasked with ensuring the adoption of organisational measures relating to AML/CFTP (see point 1 below); and,
  • on the other hand, among the members of their compliance function, a person responsible for implementing the AML/CFTP policy (the so-called “AMLCO”) who is tasked with the concrete steering of the AML/CFTP policy (see point 2 below).

However, the AMLCO’s tasks can be outsourced in part or in full (see point 4 below). Furthermore, the NBB can accept deviating arrangements by applying the principle of proportionality. In accordance with Article 9, § 3, of the Anti-Money Laundering Law, it is for example possible to have the functions of senior officer responsible for AML/CFTP and of AMLCO performed by the same person and/or to outsource the AMLCO’s tasks (see point 5 below).

The governance requirements relating to AML/CFTP are also expected to be integrated harmoniously into all prudential governance rules included in the different sectoral supervisory laws (see point 6 below).

1. Appointment of the senior officer responsible for AML/CFTP

The obligation to appoint a senior officer responsible for AML/CFTP arises from the transposition of Directive 2015/849 into national law and primarily aims to enhance the involvement of the highest hierarchical level of the financial institutions in ML/FT risk management.

1.1. Terms and conditions for the appointment of the senior officer responsible for AMLC/CFTP

1.1.1. Senior officer responsible for AML/CFTP in financial institutions governed by Belgian law

§1. Position in the organisational chart

Article 9, § 1, of the Anti-Money Laundering Law stipulates that financial institutions should “appoint, among the members of their statutory governing body or, where appropriate, of their senior management, the person responsible, at the highest level, for supervising the implementation of and compliance with the provisions of this Law [...]”. The comment on this provision in the explanatory memorandum of the Law specifies that “Where the obliged entity has a body tasked with senior management, such as a management committee, this senior officer must be chosen from its members". For financial institutions falling under the NBB’s supervision, the sectoral prudential rules stipulate that a management committee or senior management should be established to ensure that there is a clear distinction, at the highest level, between business management (which is conferred upon the management committee or the senior management) and the supervision of this management (which is conferred upon the board of directors, which consists of a majority of non-executive directors). In this respect, the senior officer responsible for AML/CFTP must be appointed among the members of the financial institution’s management committee (the senior officer responsible for AML/CFTP therefore may not be a permanent guest of the management committee who does not have voting rights in the said committee). This person is generally the member of the management committee who is hierarchically responsible for the compliance function. If the financial institution is established in a form other than that of a public limited company, or if it is managed by a senior management because it does not have a management committee, the senior officer responsible for AML/CFTP should be a member of this senior management.

§2. Fit & proper-screening

The senior officer responsible for AML/CFTP is expected to act with integrity and to possess general AML/CFTP-related knowledge so as to be able to critically review the measures taken by the AMLCO and to ensure compliance with the provisions of the Anti-Money Laundering Law. 

For instance, the NBB expects financial institutions to perform fit & proper checks. Moreover, as member of the management committee (or member of the senior management), the senior officer is subjected to an expertise and integrity review (fit & proper screening). This review, which is not specifically AML/CFTP oriented, is performed by either the NBB or the European Central Bank (depending on the divisions of powers laid down in or pursuant to the SSM Regulation with regard to the supervision of credit institutions). The integrity and expertise requirements and the procedure for this screening are specified in Circular NBB_2018_25 (for credit institutions subject to the direct prudential supervision of the ECB, this circular should be read in conjunction with the SSM guide to fit and proper assessments). When financial institutions submit the fit & proper form “New appointment” for a candidate member of the management committee who is to perform the function of senior officer responsible for AML/CFTP, this should be explicitly mentioned, and the AML/CFTP-related knowledge of the person concerned should be specified.  Where appropriate, the NBB may organise an interview. For current managers who have been appointed “senior officer responsible for AML/CFTP”, an e-mail notification sent to “supervision.ta.aml@nbb.be” suffices.

§3. Absence of conflicts of interest

When appointing the senior officer responsible for AML/CFTP, financial institutions should avoid candidates who, as a result of any other responsibilities, could be affected by conflicts of interest that could jeopardise their AML/CFTP-related tasks. The NBB therefore recommends ensuring that the senior officer responsible for AML/CFTP does not combine this task with other ML/FT risk-generating tasks (such as the commercial function).  

1.1.2. Senior officer responsible for AML/CFTP in branches established in Belgium by financial institutions governed by foreign law

§1. Position in the organisational chart

For branches established in Belgium by financial institutions governed by foreign law (by the law of an EEA country or of a third country), the senior officer is appointed among the branch’s managers. It should be recalled that, pursuant to prudential regulations, branches are required to have their own management and organisation structure on the Belgian territory.

§2. Fit & proper screening and absence of conflicts of interest

As with a financial institution governed by Belgian law, the senior officer responsible for AML/CFTP of a branch should act with integrity and have adequate expertise in the area of AML/CFTP. When appointing such an officer, financial institutions should also avoid candidates who could be affected by conflicts of interest as a result of their other responsibilities. Since the NBB does not perform a fit & proper screening of a branch manager (as this screening is conducted by the Home Country Controller) in the context of its prudential supervision, the branch is expected to demonstrate, at the NBB’s first request, that it has taken measures to ensure that the person concerned has the expertise required and is not exposed to potential conflicts of interest.

1.2. Tasks

The legal obligation to appoint a senior officer responsible for AML/CFTP is meant to enhance the involvement of the highest hierarchical level of the financial institutions in the prevention of ML/FT risk. The NBB therefore expects the senior officer responsible for AML/CFTP to raise awareness, among the entire management committee or senior management, of the importance of this prevention and, in particular, to perform at least the following two tasks:

  1. ensure that the AML/CFTP policies, procedures and internal control measures are adequate and proportionate, taking into account the characteristics of the financial institution and the ML/FT risks facing the financial institution. In this respect, the senior officer responsible for AML/CFTP is expected to pay particular attention (i) to the coherence between the AML/CFTP procedures and the more operational procedures for each activity, and (ii) to the coherence between the AML/CFTP policy and the policy implemented within the group; and
  2. ensure that the person responsible for implementing the AML/CFTP policy (“AMLCO”) (i) has access to all the information necessary to perform his tasks, (ii) has sufficient human and technical resources and tools to be able to adequately perform the tasks assigned to him, and (iii) is well-informed of the AML/CFTP-related incidents brought to light by the internal control systems and of the shortcomings found by the national and foreign supervisory authorities while implementing the AML/CFTP provisions.

2. Appointment of the AMLCO

2.1. General principles

Article 9, § 2, of the Anti-Money Laundering Law stipulates that financial institutions should appoint one or more persons tasked with implementing and steering the AML/CFTP policy (“AMLCO”). In practice, this means that financial institutions should generally appoint an AMLCO who, depending on the nature or size of the financial institution and on its ML/FT risk profile, will head an “AML unit” or work alone.

Although the NBB recommends appointing a single person to perform the function of AMLCO within the compliance function (centralised model), this function can, when justified by the financial institution's organisation structures (e.g. due to an activity-based organisation), be assigned to multiple persons, each having their own area of competence (decentralised model). In that case, the following conditions should be met:

  1. each AMLCO appointed meets the conditions set out in Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law, and particularly those relating to the independence and autonomy of the AMLCO function (which specifically means that the AMLCO cannot depend hierarchically on an operational unit or function) as well as those relating to the position in the organisational chart and to fit & proper included in point 2.2 below; and
  2. efficient coordination structures have been introduced to ensure the overall coherence of the AML/CFTP policy within the financial institution.

In this regard, the Bank has found that certain financial institutions have appointed AML correspondents in their commercial departments with whom the AMLCO collaborates to perform certain tasks in order to ensure that all measures to prevent ML/FTP are implemented effectively and adequately. Such an organisation could be appropriate for financial institutions with certain specific characteristics. However, the NBB stresses that the AMLCO function itself may not be split between a member of the compliance function and these “AML correspondents”, who are part of the commercial department and depend hierarchically on the person responsible for that department. Indeed, this hierarchical connection prevents these persons from complying with the conditions relating to the independence and the autonomy of the AMLCO function set out in Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law, even though they are subject to dual reporting lines: on the one hand to the Compliance officer for the performance of their AML/CFTP-related tasks and on the other hand to the person responsible for the commercial department for their other tasks and functions. When such an organisation is chosen, the AMLCO should therefore remain fully responsible for the entire function, including the associated tasks for which he calls on these AML correspondents.

2.2. Terms and conditions for the appointment of the AMLCO

Article 9, § 2, third paragraph, of the Anti-Money Laundering Law stipulates that the AMLCO function should be effective, independent and autonomous, and that the person tasked with this function should have:

  1. the professional integrity needed,
  2. adequate expertise, including knowledge of the Belgian legal and regulatory AML/CFTP framework,
  3. the availability, and
  4. the hierarchical level and the powers within the institution to be able to propose, on his own initiative, all necessary or useful measures to guarantee the compliance and efficiency of the internal AML/CFTP measures to the board of directors and to the management committee
2.2.1. AMLCO in financial institutions governed by Belgian law

§ 1. Position in the organisational chart

The AMLCO should be appointed within the compliance function and this choice should be made  by the financial institution’s management committee or, in the absence of a management committee, its senior management. The AMLCO can be either the person responsible for the compliance function (“N-1”) or, in medium or large companies, an employee of the compliance function (“N-2”). 

Due to the territorial scope of the Anti-Money Laundering Law, the compliance with which the AMLCO is tasked with ensuring, on the one hand, and owing to the requirement set out in Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law, which stipulates that the AMLCO should, in particular, possess the knowledge of the Belgian legal and regulatory framework and the availability needed to perform his functions effectively, independently and autonomously, and subject to the application of the principle of proportionality (see point 5 below), the AMLCO should be appointed among the employees of the financial institution who are physically located in Belgium.

However, the Bank draws attention to the fact that the conditions relating to the independence and autonomy of the AMLCO function set out in Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law prevent this function from being conferred upon these AML correspondents, as they are subject to dual reporting lines: on the one hand to the Compliance officer for the performance of their AML/CFTP-related tasks and on the other hand to the person responsible for the commercial department for their other functions. 

§2. Fit & proper-screening

  • AMLCO who is responsible for the compliance function

    The terms and conditions for the appointment of the AMLCO are specified in Article 9, § 2, of the Anti-Money Laundering Law. Where the AMLCO is the person responsible for the financial institution’s compliance function, he is subjected to the fit & proper screening performed by either the NBB or the ECB (depending on the divisions of powers laid down in or pursuant to the SSM Regulation with regard to the supervision of credit institutions). The integrity and expertise requirements applicable are specified in Circular NBB_2018_25 (for credit institutions subject to the direct prudential supervision of the ECB, this circular should be read in conjunction with the SSM guide to fit and proper assessments). For new appointments, the NBB asks financial institutions to explicitly mention in the “New appointment” form that the candidate is to perform the function of AMLCO.

    Additionally, as regards credit institutions governed by Belgium law, stockbroking firms governed by Belgium law and insurance companies governed by Belgium law, it should be noted that, from 1 June 2018 onwards, the appointment of the person responsible for the compliance function will be conditional upon the successful completion of a qualifying exam conducted by the NBB/FSMA covering the area of AML/CFTP in particular. For instance, if a candidate for the function of person responsible for the compliance function is considered “fit” by the NBB on the basis of, in particular, having successfully completed the qualifying exam, the NBB deems this success to also be sufficient proof of the candidate’s knowledge of the Belgian legal and regulatory AML/CFTP framework, which is required to take on the function of AMLCO
       

  • AMLCO who is an employee of the compliance function
    For medium or large financial institutions where the compliance function comprises multiple persons, the AMLCO can be appointed among the employees of the compliance team (“N-2"). The terms and conditions for the appointment, which are specified in Article 9, § 2, of the Anti-Money Laundering Law, also apply in this case. However, the fit & proper screening by the NBB and the aforementioned qualifying exam are generally not performed as, in accordance with the prudential supervisory laws, these are only required for the appointment of the persons responsible for the independent control functions. As a result, the financial institution concerned is expected to be able to demonstrate, at the NBB’s first request, the measures it has taken to ensure compliance with Article 9, § 2, of the Anti-Money Laundering Law and, among other things, to ensure that the person concerned meets the conditions relating to integrity, expertise and knowledge of the Belgian legal and regulatory AML/CFTP framework, and to ensure that he has direct access to the board of directors and/or its subcommittees and has the right of initiative with regard to the aforementioned management bodies

§3. Availability

The AMLCO should have sufficient time to perform his tasks correctly.

In large financial institutions and/or in institutions with a high ML/FT risk profile, the AMLCO is generally at the head of an AML unit comprising multiple members. 

In medium-sized financial institutions and/or institutions with a standard ML/FT risk profile, the AMLCO to be appointed can work alone. In that case, the AMLCO function is a full-fledged function that cannot be combined with other functions (apart from the compliance function). 

However, in small financial institutions and/or institutions with a low ML/FT risk profile, it may be disproportionate to entrust the AMLCO function to a person who performs it full-time. Please refer in this respect to point 4.5 below on the functions that can be combined by the AMLCO for reasons of proportionality.

2.2.2. AMLCO in the branches established in Belgium by financial institutions governed by foreign law

For branches established in Belgium by financial institutions governed by foreign law (by the law of another EEA country or of a third country), the Bank considers, as specified above, that taking into account the territorial scope of the Anti-Money Laundering Law and the legal requirements to have knowledge of the Belgian legal and regulatory framework and to have the availability required, and subject to the application of the principle of proportionality (see point 5 below), the AMLCOs of these branches should be appointed among the employees who are physically located in the branch concerned (and not among the employees who are physically located in the parent company).

It should also be ensured that the AMLCO to be appointed acts with integrity and has adequate expertise in the area of AML/CFTP. In this regard, the branch is expected to be able to demonstrate, at the NBB’s first request, the measures it has taken to ensure compliance with Article 9, § 2, of the Anti-Money Laundering Law and, among other things, to ensure that the person concerned meets the conditions relating to integrity, expertise and knowledge of the Belgian legal and regulatory AML/CFTP framework, and to ensure that he has direct contact with the branch’s managers as well as the right of initiative with regard to these managers.

2.3. Tasks

The AMLCO is responsible for the concrete steering of the AML/CFTP policy in the financial institution. He is charged, in particular, with the following tasks:

  1. effectively implementing the organisational measures listed in Article 8 of the Law;
  2. analysing atypical transactions and situations in which the due diligence obligations could not be fulfilled (in accordance with Articles 45 and 46 of the Law);
  3. deciding to report, if necessary, suspicions to CTIF-CFI (in accordance with Article 47 of the Law and the provisions adopted in implementation of Article 54 of the Law). In this regard, the AMLCO makes the autonomous decision to report to CTIF-CFI without submitting his decision to the senior officer;
  4. responding to requests for additional information addressed to the financial institution by CTIF-CFI (in accordance with Articles 48 and 49 of the Law);
  5. educating and training the staff and, where applicable, the agents and distributors of the financial institution on AML/CFTP-related matters;
  6. developing an annual AML/CFTP monitoring programme covering, in particular, the application of the required measures to prevent ML/FTP by the employees, agents and distributors who are in contact with customers, and implementing this programme;
  7. ensuring a proper flow of AML/CFTP-related information within the financial institution and guaranteeing feedback to the management bodies (board of directors and management committee/senior management) and to the supervisory authorities. In this regard, the AMLCO should establish an activity report and send it to the management committee (or to the senior management if there is no management committee) and to the board of directors at least once a year (see point 2.4 below).

2.4. Organisation

2.4.1. Adequacy of human and technical resources

Financial institutions’ management bodies (board of directors and management committee or senior management) should ensure that the AMLCO at all times has adequate human and material resources that enable him to comply effectively with the legal and regulatory AML/CFTP obligations. The resources allocated to AML/CFTP should be proportionate to the ML/FT risks.

2.4.2. Organisation of an “AML unit” or AMLCO working alone

As mentioned above, the AMLCO may, depending on the financial institution’s nature or size and ML/FT risk profile, either lead an AML unit established within the compliance function or only perform the function of AMLCO.

§1. AML unit

In large financial institutions or institutions with a high ML/FT risk profile, the NBB recommends creating an AML unit within the compliance function, dedicated to ensuring compliance with the obligations set out in the Anti-Money Laundering Law. This unit, which is headed by the AMLCO, is comprised of persons acting with integrity who have expertise in the area of AML/CFTP. In this respect, the NBB recommends involving the AMLCO in the procedures relating to the recruitment and assignment of employees who will be part of the AML unit to be led by him. Where such a unit has been created, it is recommended for the AMLCO to coordinate the work relating to AML/CFTP and to play a central role for the most important decisions (e.g. reporting to CTIF-CFI). The AMLCO may combine his task with that of person responsible for the compliance function, provided that the AML unit led by him is comprised of one or more persons assigned exclusively to the management of AML/CFTP-related aspects.

§2. AMLCO working alone

In smaller financial institutions and/or institutions with a low ML/FT risk profile, the AMLCO may be the only person in charge of all AML/CFTP-related tasks. In that case, the AMLCO constitutes a full-fledged function which, in principle, may not be combined with other functions. However, derogations are possible pursuant to the principle of proportionality (see point 5.5. below).

2.4.3. Interactions with AML correspondents who are in direct contact with customers

To properly fulfil the customer and transaction due diligence obligations, it could be necessary for the AMLCO to appoint AML correspondents within the financial institution’s departments or among its external distributors who will act as intermediaries for all AML/CFTP-related questions. In this respect, the AMLCO should recruit persons with the most appropriate profile and ensure that they receive, upon recruitment and subsequently on an ongoing basis, useful training that is specifically adapted to the tasks expected of them with regard to due diligence (see also point 2.1.1, § 1 above).

2.5. Activity report by the AMLCO

Article 7 of the Anti-Money Laundering Regulation of the NBB requires the AMLCO to establish an activity report and send it to the management committee (or to the senior management if there is no management committee) and to the board of directors at least once a year. A copy of this report should be sent to the NBB (see the page “Reporting by financial institutions”).

This report is an important document for the management bodies, as it allows them to properly perform their tasks. The objective is to periodically inform these bodies at the highest level of the obliged financial institution of the nature and intensity of the ML/FT risks to which it is exposed, and of the measures taken or recommended by the AMLCO to reduce and effectively manage these risks. Notwithstanding the great importance of AML/CFTP to prudential supervision (from the perspective of the compliance function), the objectives set out in the Anti-Money Laundering Law also aim to combat crime, which justifies AML/CFTP receiving a specific treatment and special attention. The NBB therefore asks that the annual report by the AMLCO is established separately from the annual activity report of the compliance function.

The NBB recommends that the annual report by the AMLCO contains at least the following information:

  1. an explicit statement of whether or not a review of the overall risk assessment imposed by Article 16 of the Anti-Money Laundering Law was required for the reporting year as well as a justification of the decision taken;
  2. the main conclusions of the update of the overall risk assessment required on the basis of Article 16 of the Anti-Money Laundering Law, where such an update has been performed in the past year;
  3. a brief description of the AML/CFTP organisation structure and, where appropriate, of any significant changes made in the past year and of the underlying reasoning, distinguishing in particular between the organisation of the supervision by the persons who are in direct contact with customers or instructed with carrying out their transactions, and the organisation of the functions of the AMLCO;

    This description should include a brief description of the human and technical resources allocated to AML/CFTP by the financial institution, and the confirmation that these resources appear sufficient or, if that is not the case, an assessment of the additional resources that are deemed necessary to enable the financial institution to meet its AML/CFTP obligations; 

    Where the financial institution has tasked its senior officer responsible for AML/CFTP with performing the functions of AMLCO in accordance with Article 9, § 3, of the Anti-Money Laundering Law, the annual report contains the confirmation that the circumstances justifying this decision have remained unchanged or, if that is not the case, a description of the measures that the institution has taken or will take as a result of the changing circumstances;

    Where the financial institution has decided to outsource all or some of the tasks of the AMLCO function to a third party or to another entity of the group, the annual report of the AMLCO mentions the checks performed with regard to the performance of the service provider as well as any significant incidents that have occurred in the past year in the context of the outsourcing, and contains an assessment of the completeness, timeliness and quality of the performance of the subcontractor and, where appropriate, a description of the measures taken or proposed to take full account of this assessment;

  4. a brief description of any changes made to the risk-based approach implemented and to the policies, procedures, implementation processes and AML/CFTP-related internal control measures, as well as the reasoning behind these changes;
  5. a structured overview of the work carried out by the AMLCO in the past year, including information on:
    1. the nature, number and amount of the atypical transactions detected and transmitted to the AMLCO for analysis,
    2. the nature, number and amount of the atypical transactions effectively analysed by or under the authority of the AMLCO,
    3. the nature, number and amount of the reports of suspicious transactions to the CTIF-CFI,
    4. the nature and number of the monitoring missions carried out with regard to the employees, agents and distributors who are in contact with customers,
    5. the nature and amount of the trainings provided and of the awareness-raising actions undertaken, and
    6. a description of any other measures adopted by the AMLCO;
  6. an analysis of any AML/CFTP-related developments or trends and specific methods and means found with regard to, in particular, the type of customers, the type of transactions, the currencies concerned, or all other relevant information; and
  7. all other useful information on the operation of the AMLCO function and the measures to prevent ML/FT.

Where appropriate, it could be useful for the annual report by the AMLCO to be based on the responses provided by the financial institution to the periodic or thematic questionnaires established by the NBB and completed by the institution in the past year. In this respect, see the page “Reporting by financial institutions”.

The principle of proportionality should be applied when establishing the annual report. The level of information to be included in it may vary depending on the scale and diversity of the ML/FT risks to which the financial institution is exposed. For instance, the NBB expects the annual activity report by the AMLCO to be much more detailed in case of a financial institution carrying out diversified and large-scale activities, including high-risk activities, than in case of a financial institution that offers a more limited range of products and services associated with lower risks on a smaller scale. In any case, however, the annual report should contain sufficient information to enable the financial institution’s senior management to form a view of the nature and intensity of the ML/FT risks to which it is exposed, as well as of the adequacy and efficiency of the ML/FT prevention mechanisms implemented in the institution and, where appropriate, of the improvements to be made to them.

3. Communication of the identity of the responsible persons to the NBB

The NBB expects to be notified without delay of any change in the identity of the senior officer responsible for AML/CFTP or of the AMLCO by e-mail to supervision.ta.aml@nbb.be. This e-mail should include an organisational chart that shows the position of the respective function(s) within the financial institution and which reflects the hierarchical and functional lines of the function(s) concerned;

The notification should also mention the effective date of appointment and the contact information (phone, e-mail) of the person concerned.

In addition to the above, more specifically for the appointment of a new senior officer responsible for AML/CFTP, the notification of this appointment should also include the following:

  • the curriculum vitae of this person; and
  • if the new senior officer responsible for AML/CFTP also performs another function which could give rise to a conflict of interest for that person, a description of the measures taken by the financial institution to prevent such a conflict from occurring.

In addition to the above, more specifically for the appointment of a new AMLCO, the notification of this appointment should also include the following:

  • the curriculum vitae of this person;
  • a justification of the appointment in the light of the conditions listed in § 2 of Article 9 of the Anti-Money Laundering Law; and
  • if the AMLCO performs other functions or carries out other tasks within the financial institution or within the group to which it belongs, an estimate of the time actually spent on AML/CFTP tasks and an assessment of any conflicts of interest this combination of functions or tasks could give rise to.

4. Outsourcing of tasks of the AMLCO function

Insofar as the financial institution remains fully responsible for the AMLCO function, it could be permitted, pursuant to the principle of proportionality and/or for reasons of efficiency, to outsource the executive tasks of the AMLCO function that are assigned to it by the Anti-Money Laundering Law and the Anti-Money Laundering Regulation of the NBB, in full or in part to a third party or to another entity belonging to the same group.

For more information on the principles and concrete arrangements such an outsourcing should comply with, see the page “Performance of obligations by third parties”.

5. Application of the principle of proportionality

On the basis of the principle of proportionality, the governance obligations set out above may be nuanced in certain financial institutions governed by Belgian law or establishments in Belgium of financial institutions governed by foreign law (branches or agents/distributors of payment or electronic money institutions) that are small or medium sized and/or that fall within the scope ratione personae of the Anti-Money Laundering Law, but do not conduct activities in Belgium and/or are not (or only to a very limited extent) exposed to ML/FT risks in Belgium.

This can be illustrated by two specific and non-exhaustive examples:

  • A credit institution or stockbroking firm governed by foreign law opens a branch in Belgium where the employees are tasked solely with finding potential customers in Belgium. However, the Belgian branch does not enter into business relationships with these customers, does not open accounts for these customers in Belgium, nor is it involved in providing financial services to these customers. Its task stops as soon as the interested potential customers have been directed to the financial institution’s registered office in its country of origin (possibly through its website), which will establish the business relationship and carry out the transactions. Moreover, the Belgian branch in no way intervenes in the implementation of the measures taken by the foreign institution to comply with the anti-money laundering legislation applicable in its country of origin (customer due diligence measures, customer acceptance, transaction monitoring, etc.), unless, where appropriate, solely to collect information on the new Belgian customers of the foreign financial institution, in accordance with the latter’s instructions, and only to submit this information to it (generally through its IT system). The business relationship is established and the AML/CFT measures are implemented directly between the foreign institution and the Belgian customers, pursuant to the national anti-money laundering legislation and regulations applicable to it in its country of establishment.

  • A foreign supervisory authority notifies the NBB that a foreign payment institution will be offering financial services in Belgium through agents established there. On the basis of the notification received, the NBB should normally register the foreign payment institution on the official list of European payment institutions carrying out their activities in Belgium. Pursuant to the European Anti-Money Laundering Regulation and the Belgian Anti-Money Laundering Law, the payment institution will fall within the scope ratione personae of the Belgian Anti-Money Laundering Law and will be subject to the NBB’s supervision. Where appropriate, this European payment institution will be required to establish a “central contact point” in Belgium (see the page dedicated to central contact points. However, further investigation by the NBB shows that the Belgian agent of the foreign payment institution is tasked only with providing technical support to the foreign institution’s Belgian customers (e.g. installing and repairing payment terminals) and that the Belgian agent therefore in no way intervenes in providing financial services to these customers nor is responsible for the correct implementation of the anti-money laundering legislation. It is also possible that the Belgian agent does intervene in collecting customer information for new Belgian customers of the foreign payment institution for the sole purpose of transmitting that information to the payment institution (generally through its IT system), but that further customer due diligence measures, the decision to accept the customer and the adoption of ongoing due diligence measures are left completely to the foreign institution’s registered office.

In the cases described above, the NBB considers that the activities carried out by these foreign institutions in Belgium are not (or only to a very limited extent) exposed to any ML/FT risk, given that the financial services are exclusively or primarily provided from abroad and strongly resemble financial services offered from abroad under the freedom to provide services without a physical establishment in Belgium.

The NBB therefore considers that institutions which are subject ratione personae to the Belgian anti-money laundering legislation but which are small or medium sized and/or conduct activities in Belgium – through their establishment – that are not (or only to a very limited extent) exposed to specific ML/FT risks, can apply the principle of proportionality, in particular:

  • by combining the functions of senior AML/CFTP officer and AMLCO; 
  • by outsourcing all or certain tasks of the AMLCO function;
  • by simultaneously combining the functions of senior officer responsible for AML/CFTP and AMLCO and outsourcing all or part of the AMLCO’s tasks;
  • by submitting a request for derogation from certain reporting obligations to the NBB (for more information on the reporting obligations and the request for derogation, see the page “Reporting by financial institutions”).

5.1. Assessment of the principle of proportionality in AML/CFTP

The NBB verifies whether the conditions for the application of the principle of proportionality in AML/CFTP are met, particularly on the basis of the following indicative criteria:

a) the nature of the institution, taking into account its prudential status, its legal form, whether or not it belongs to a group, and its business model;

b) the size of the institution, taking into account its balance sheet total, its turnover, the number of its full-time equivalent employees and its management structure; 

c) the nature and complexity of its transactions from the perspective of the ML/FT risks to which it is exposed; and

d) in the case of an establishment in Belgium of a financial institution governed by foreign law (of another EEA country or of a third country), the reasons for creating the Belgian establishment and the functions and tasks assigned to it, particularly in the context of the implementation of the institution’s AML/CFT policies and procedures.

In any case, a financial institution intending to make use of this possibility should be able to demonstrate to the NBB that its intended proportionate terms for the implementation of its obligations are appropriate in view of, in particular, the criteria above.

5.2. Combination of the functions of senior officer responsible for AML/CFTP and AMLCO

On the basis of the principle of proportionality, Article 9, § 3, of the Anti-Money Laundering Law enables financial institutions to have the function of senior officer responsible for AML/CFTP and of AMLCO performed by the same person, where justified by the nature or size of the obliged entity. 

If a financial institution wishes to make use of this possibility, it is expected to compile a dossier in which (i) it demonstrates that this choice meets the proportionality criteria set out in point 5.1 above and (ii) it specifies why it wishes to apply Article 9, § 3, of the Law. This dossier should be available for submission to the NBB at its first request. Furthermore, the institution should regularly reassess whether the circumstances which justified the application of Article 9, § 3, of the Anti-Money Laundering Law still apply. If not, the financial institution should take the measures necessary for the separate appointment of a senior officer responsible for AML/CFTP in accordance with Article 9, § 1, of the Anti-Money Laundering Law, on the one hand, and of an AMLCO in accordance with Article 9, § 2, of the Anti-Money Laundering Law, on the other. In addition, the financial institution should immediately notify the NBB.

If the possibility to combine functions as laid down in Article 9, § 3, of the Anti-Money Laundering Law is used, the senior officer acting as AMLCO should be appointed among the members of the financial institution’s management committee or its senior management, or among the branch’s managers. A fit & proper screening should be performed and it should be ensured that the senior officer acting as AMLCO cannot be affected by conflicts of interest as a result of any other responsibilities. The rules set out in point 1.1 above regarding the senior officer responsible for AML/CFTP apply by analogy.

The senior officer acting as AMLCO should perform the tasks referred to in points 1.2 and 2.2 above.

5.3. Outsourcing

Pursuant to the principle of proportionality and/or for reasons of efficiency, financial institutions may be authorised to use outsourcing. Please refer to point 4 above and to the page “Performance of obligations by third parties”.

5.4. Simultaneous use of the possibility to (i) combine the functions of senior officer responsible for AML/CFTP and AMLCO and (ii) outsource all or part of the AMLCO’s tasks

Financial institutions governed by Belgian law or branches established in Belgium of a very small size that have a low ML/FT risk profile may make simultaneous use of the possibilities specified in points 5.2 and 5.3 above on the basis of the principle of proportionality.

In that case, the financial institutions concerned (governed by Belgian law or branches) should compile a dossier in which they demonstrate that the conditions set out in points 5.2. and 5.3. are met. This dossier should be available for submission to the NBB at its first request.

In that case, the senior officer acting as AMLCO (member of the management committee or of the senior management) within the financial institution or the branch should have the ultimate responsibility for all important AML/CFTP-related decisions, in addition to its task to monitor the quality of the outsourced services).

5.5. Combination of functions by the AMLCO

As mentioned above, in large financial institutions and/or in institutions with a high ML/FT risk profile, the AMLCO is generally at the head of an AML unit comprised of multiple members.  In that case, the AMLCO function can only be combined with the function of person responsible for the compliance function. 

For medium-sized financial institutions and/or institutions with a standard ML/FT risk profile, the AMLCO to be appointed may work alone. In that case, the AMLCO function is a full-fledged function that cannot be combined with other functions (apart from the compliance function). 

However, in financial institutions governed by Belgian law or branches established in Belgium by  foreign financial institutions of a small size and/or institutions with a low ML/FT risk profile, it may be disproportionate to entrust the AMLCO function to a person who performs it on a full-time basis. In that case, it may be appropriate to attribute this function to a person who only performs it part-time, in combination with other functions in the Belgian entity concerned or in other entities of the same group. The NBB considers that such governance rules, which are applied on the basis of the principle of proportionality, require that the following conditions, which result from the nature of the AMLCO function and from the application of Article 9, § 2, of the Anti-Money Laundering Law, be met:

  1. These governance rules meet the proportionality criteria set out in point 5.1. above;
  2. The other functions performed by the person concerned in the same entity or in another entity of the same group are not such as to expose them to conflicts of interest; from this viewpoint, the functions of AMLCO or of person responsible for the compliance function in another entity of the same group may be considered compatible with the function of AMLCO of the Belgian entity;
  3. The person concerned should spend sufficient time performing the AMLCO function in the Belgian entity in order to meet the availability condition set out in Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law;
  4. If the person concerned does not usually perform his AMLCO function in the Belgian entity, this geographic distance is without prejudice to the effective performance of this function, to the availability and to the knowledge of the Belgian legal and regulatory ML/FTP prevention framework, which are required by Article 9, § 2, third paragraph, 2°, of the Anti-Money Laundering Law.

A financial institution wishing to apply these governance rules should compile a dossier demonstrating that all these conditions are met. This dossier should be available for submission to the NBB at its first request.

5.6. Senior officer responsible for AML/CFTP and AMLCO in European financial institutions providing services in Belgium solely through (tied) agents or distributors

For

  • European credit institutions and stockbroking firms that use a tied agent established in Belgium to perform investment services and/or activities there,
  • European credit institutions that use an agent established in Belgium to provide services there consisting of receiving deposits or other repayable funds, and
  • European payment institutions or electronic money institutions respectively providing payment services or distributing electronic money in Belgium solely through agents or distributors,

the obligations to appoint a senior officer responsible for AML/CFTP and an AMLCO as laid down in Article 9 of the Anti-Money Laundering Law should be interpreted taking into account the specific characteristics of the presence of these financial institutions on the Belgian territory as well as the principle of proportionality. 

The NBB should in any case be informed of the identity and the function of the persons who, at the head office of each of these institutions and in accordance with the law applicable in their country of origin:

  • are responsible at the highest level for ensuring that the provisions of the Anti-Money Laundering Law and the other legal and regulatory provisions referred to in Article 9, § 1, first paragraph, of the Law are implemented and complied with in Belgium;
  • perform the function of AMLCO, pursuant to Article 9, § 2, of the Law.

With regard to the obligation to designate a central contact point (see Article 15 of the Law), please refer to the page dedicated to central contact points.

5.7. Reporting to the NBB

For the possibility of requesting a derogation from certain reporting obligations to the NBB, see the page “Reporting by financial institutions”.

6. Other governance requirements

The specific AML/CFTP-related governance requirements should be integrated harmoniously into all prudential governance rules applicable to the different sectors concerned. 

6.1. AML/CFTP tasks of the board of directors

A financial institution’s board of directors has the following AML/CFTP tasks:

  • deciding on the overall ML/FT risk management strategy of the financial institution concerned. The board of directors should therefore have an overall view of the policy implemented and of the ML/FT risks associated with the activities performed;
  • validating the institution’s AML/CFTP policy (see the page “Policies, procedures, processes and internal control measures”);
  • being informed of the results of the institution’s overall ML/FT risk assessment and its update;
  • approving the AMLCO’s activity report at least once a year;
  • assessing the proper functioning of the compliance function, including its AML/CFTP component, at least once a year, ensuring in particular the adequacy of the human and technical resources allocated to the AMLCO function.

6.2. AML/CFTP tasks of the management committee

A financial institution’s management committee or, if it does not have a management committee, its senior management has the following AML/CFTP tasks:

  1. implementing, at the instigation of the senior officer responsible for AML/CFTP, the organisational and operational AML/CFTP structure necessary to comply with Article 8 of the Anti-Money Laundering Law and with the AML/CFTP strategy defined by the board of directors, paying particular attention to the adequacy of the human and technical resources allocated to the AMLCO function;
  2. approving the internal AML/CFTP procedures (see the page “Policies, procedures, processes and internal control measures”, which stipulates that minor changes to these procedures can be validated by the senior officer responsible for AML/CFTP);
  3. implementing adequate AML/CFTP-related internal control mechanisms (see the page “Policies, procedures, processes and internal control measures”);
  4. approving the AMLCO’s annual activity report and being in regular contact with the AMLCO;
  5. annually assessing the efficiency of its governance system, including the AML/CFTP policy; and
  6. ensuring proper AML/CFTP reporting to both the board of directors and the NBB.

6.3. Adherence to compliance rules

Since the AML/CFTP policy should be integrated into the compliance function, the principles included in Circular NBB_2012_14 are applicable. Moreover, the prudential rule stipulating that all independent control functions should form a coherent whole, also applies, requiring a good interaction between the compliance function and the risk management function with respect to ML/FT risks (but without creating a hierarchy between these independent control functions).

Although ML/FT risk management is the subject of specific reports submitted to the NBB, the NBB expects the compliance function to also cover this aspect in the context of its reporting on compliance. However, the use of cross-references is allowed in this reporting for AML/CFTP-related aspects. 

Reference documents:

  • Guidelines of the European Banking Authority of 25 February 2019 (EBA/GL/2019/02) on outsourcing arrangements (for credit institutions, stockbroking firms, payment institutions and electronic money institutions);
  • Circular NBB_2018_25 regarding suitability of directors, members of the management committee, responsible persons of independent control functions and senior managers of financial institutions;
  • Circular NBB_2012_14 on the compliance function;
  • the sectoral circulars on outsourcing:
    • for credit institutions and stockbroking firms: Circular PPB_2004_5 regarding sound management practices in outsourcing by credit institutions and investment firms,
    • for insurance companies: Circular NBB_2016_31 on the prudential expectations of the NBB as regards the governance system for the insurance and reinsurance sector,
    • for payment institutions and electronic money institutions: the aforementioned Circular PPB_2004_05, which is made applicable by Circulars NBB_2015_09 on the prudential status of electronic money institutions and NBB_2015_10 on the prudential status of payment institutions,
    • for settlement institutions: Circular PPB_2007_5 on internal control and internal audit, compliance function, prevention policy, sound management practices in outsourcing;
  • The sectoral circulars on governance:
    • for credit institutions, stockbroking firms, payment institutions and electronic money institutions, settlement institutions and assimilated institutions: the governance manual,
    • for insurance companies: the aforementioned Circular NBB_2016_31.

Disclaimer: This English text is an unofficial translation and may not be used as a basis for solving any dispute