New rules have been launched on digital onboarding by CySEC that have been published in the anticipated Policy Statement (PS-01-2024). CySEC’s policy statement incorporates:
- the views expressed in the public consultation CP-02-2020, while it outlines CySEC’s approach, and
- the final version of the European Banking Authority Guidelines on the use of Remote Customer Onboarding Solutions under Article 13(1) of Directive (EU) 2015/849 that came into application in October 2023.
Application of the new rules and amendment of CySEC’s AML Directive:
CySEC has amended the Anti Money Laundering Directive which came into application on the 5th of August 2024, except for the new rules on the use of Remote Customer Onboarding Solutions (Annex IV of the AML Directive, Par.2 iv.) that will come into application on 1 December 2024.
Key components of the new rules and CySEC’s approach:
- Obliged entities, i.e. CIFs, are now allowed to use remote customer onboarding solutions (RCOS) for the purpose of verifying the identity of customers who are not physically present, i.e. Non-face-to-face (NFTF) customers.
- videocalls are no longer the sole eligible RCOS for NFTF Customer onboarding purposes. It is up to each obliged entity to select or combine one or more RCOS.
- A risk assessment on a risk-based approach is required to be implemented prior to using remote onboarding solutions.
- Obliged entities should notify CySEC in advance for the intention to use the remote onboarding solution. The format of the notification form is available in Annex III of the Policy Statement.
- The scope of the Policy Statement is limited to NFTF Customer Identification during the onboarding or performance of Customer Due Diligence measures on existing customers. It does not cover ongoing monitoring rules of the business relationship.
- The use of RCOS for on-boarding NFTF Customers is possible not only for natural persons but also for legal entities.
- The use of RCOS that are not within the scope of the eIDAS Regulation is permitted e.g. other solutions that are regulated, recognized approved, or accepted at a national level remains possible or solution not necessarily regulated but are utilized in accordance with the Company’s risk assessment.
- The type of documentation accepted for NFTF Customers is no longer exclusively passports. The insertion of the term ‘identification document’ to the amended CySEC AMLD introduces a broader definition.
- Enables the confirmation of address when collecting copies of the original documents through RCOS.