Reporting by financial institutions : Comments and recommendations
1. Overall risk assessment (business-wide risk assessment)
1.1 Documents to be submitted
In order to meet their legal and regulatory obligations relating to the overall risk assessment (see the page devoted to this topic), financial institutions are required to complete and submit to the NBB the following two documents:
The first document contains a summary table that provides a global overview - in abridged and simplified form - of the overall risk assessment carried out by the institution. In order to illustrate how the NBB expects this table to be completed,a sample is provided by way of example.
The second document contains a number of specific questions relating to the way in which the overall risk assessment process has been conducted.
These documents are available in English, French and Dutch.
For any questions regarding these documents, the NBB’s AML/CFT supervisory team can be contacted at the following e-mail address: firstname.lastname@example.org.
1.2 Deadlines for submission and updating
When implementing the overall risk assessment process for the first time after the entry into force of the Anti-Money Laundering Law, institutions are requested to provide the NBB with a first version of both documents by 1 April 2018 at the latest. This first version, which is primarily intended to allow the NBB to monitor the timely progress of the assessment work, should reflect the state of progress of the overall risk assessment on that date.
The final version of these documents, which should reflect the full and finalised risk assessment, in accordance with the provisions of Articles 16 and 17 of the Anti-Money Laundering Law, should be submitted to the NBB by 15 July 2018 at the latest.
It should also be recalled that the overall risk assessment process is a continuous exercise and that the NBB will continue to monitor this process afterwards. Therefore, institutions are asked to update the aforementioned documents each time the overall risk assessment is adjusted, and, if necessary, to submit the new updated version to the NBB at the latest by 30 June each year, simultaneously with a copy of the AMLCO’s annual activity report, as referred to in Article 7 of the Anti-Money Laundering Regulation of the NBB (see below) and with the periodic questionnaire.
1.3 Transmission channel
Institutions that have access to eCorporate should submit the completed documents through this application. Institutions that do not have access to eCorporate should send the completed documents to the following e-mail address: email@example.com.
2. Periodic questionnaire
Through this questionnaire, the NBB seeks to obtain standardised information from the financial institutions in order to implement its risk-based approach in exercising its legal supervisory powers in the field of AML/CFT (see the page « Supervisory powers and measures available to the NBB »). This information relates to the inherent ML/FT risks to which the financial institutions are exposed, on the one hand, and to the quality of the risk management measures taken by them on the other hand. On the basis of both assessments, the residual ML/FT risk and the supervisory priorities can then be determined for each institution. Each financial institution is expected to send the the completed periodic questionnaire to the NBB in accordance with the following rules.
2.1 Documents to be submitted
For each category of institutions subject to supervision by the NBB, separate questionnaires are available, which – to the extent possible – take into account the specific activities performed in the different sectors. A total of four different questionnaires were prepared for the following categories of institutions: (i) credit institutions, (ii) stockbroking firms, (iii) life insurance companies and (iv) payment institutions and electronic money institutions. Settlement institutions should answer the questionnaire for credit institutions.
All questionnaires are available in English, French and Dutch.
For any questions regarding these questionnaires, the NBB’s AML/CFT supervisory team can be contacted at the following e-mail address: firstname.lastname@example.org.
2.2. Frequency and deadline for submission
In order to be able to regularly update its classification of financial institutions according to the ML/FT risks associated with them, the NBB invites these institutions to reply to the said periodic questionnaire annually.
Replies to the 2018 questionnaire should be sent to the NBB through OneGate by 30 June 2018 at the latest. The electronic form in which the requested information must be provided will be available in OneGate from 1 May 2018.
2.3 Transmission channel
The financial institutions should submit their answers to the periodic questionnaire through OneGate, where it will be available in electronic form. The NBB automatically receives the information provided by each institution as soon as the electronic form is closed and sent.
In order to guarantee the safety of the information provided, each institution must have an electronic certificate to access the OneGate application. These certificates can be obtained from various external service providers (inter alia Globalsign, Isabel and/or Quo Vadis). Institutions that do not have a Belgian CBE number can exceptionally request to be exempted from using an electronic certificate by sending an e-mail to email@example.com. If the requested exemption is granted, the institution concerned is granted a login and password to access the OneGate application in order to reply to the periodic questionnaire.
More information about the OneGate application and how to access it can be found under the following links:
2.4 Procedure for answering the questionnaire
a) Answering the questions
In the electronic form that will be available in OneGate, each financial institution should provide the necessary information by selecting in the drop-down menu, for each question, the answer that best suits its organisation (e.g. ‘yes’, ‘no’ or ‘not applicable’).
Where numerical information is requested, the responding institution usually has the choice between the options 'not available' or 'digit'. If the institution does not have the statistical information required to provide a reliable answer to a question, the option 'not available’ should be chosen. If the institution does have the required information, the option 'digit’ must be chosen and the correct figure must be entered. Finally, if the question is not relevant to the responding institution, the option 'digit' must be chosen and ‘0’ must be entered.
Numbers should always be entered without points or commas to separate the thousands. Points may only be used as a decimal separator. If the number is not entered in the correct format, an error message will appear and it will not be possible to close the form.
b) Reference date for answering the questions
As regards the reference date for answering the questions, the following distinction must be made.
The questions aimed at obtaining statistical information in principle always mention the date or period to which the information requested should relate. In almost all cases, the information requested should (i) relate to the situation on 31 December of the previous calendar year (e.g. number of customers as at 31 December 20XX), (ii) or relate to the previous calendar year (e.g. number of payments made to high-risk countries in 20XX).
As regards the qualitative questions, which are aimed, for example, at verifying compliance of the internal procedures with the legislation in force, or which concern the checks, if any, performed by a financial institution, the information provided by the responding institution should always relate to the situation as at 31 December of the previous calendar year.
c) Responsibility for the accuracy of the answers
The answers to the questionnaire should be submitted to the NBB under the ultimate responsibility of the responding financial institution’s senior management.
It should also be noted that the AMLCO appointed within each financial institution in accordance with Article 9, § 2, of the Anti-Money Laundering Law is, pursuant to the same legal provision, primarily tasked not only with analysing atypical transactions in order to determine whether these transactions should be considered suspicious and be notified to the CTIF-CFI, but also with implementing the policies and procedures referred to in Article 8 of the Law, particularly the internal control measures and procedures which are necessary to ensure compliance with the Law and which are covered in the questionnaire. Article 9 of the Law also provides that this person responsible should ensure, in general, that the institution fulfils all its obligations with regard to AML/CFT and, more in particular, that an adequate administrative organisation and adequate internal control measures are set up, as required pursuant to Article 8 of the Law. The AMLCO should also have the power to propose, on his own initiative, all necessary or useful measures in this regard to the senior management of the institution, including the release of the necessary resources (see the page « Governance »).
The NBB therefore expects the financial institution’s senior management to decide which answers should be given to the questionnaire, on the proposal of the AMLCO.
In the context of specific control actions or on-site inspections, the NBB will not fail to verify the accuracy and quality of the answers provided by the institutions.
3. Activity report by the AMLCO
3.1 Document to be submitted
Article 7 of the Anti-Money Laundering Regulation of the NBB requires the AMLCO to establish an activity report and send it to the management committee (or to the senior management if there is no management committee) and to the board of directors at least once a year.
This report is an important document for the management bodies, as it allows them to properly perform their tasks. This report is specific for AML/CFT, as the nature of the subject requires specific treatment, although it is also important from a prudential point of view (from a compliance function perspective). The expected content of this report is set out on the « Governance » page.
Each financial institution is expected to send a copy of the aforementioned activity report to the NBB in accordance with the following rules.
3.2 Deadline for submission
The copy of the AMLCO's activity report should be sent to the NBB no later than 30 June of the year following the year to which it relates. Life insurance companies, however, should respect the reporting dates laid down in the e-Corporate circular.
3.3 Transmission channel
Institutions that have access to eCorporate should submit a copy of the activity report through this application. Institutions that do not have access to eCorporate should send the completed documents to the following e-mail address: firstname.lastname@example.org.