The open standards in the Dutch Prevention of Money Laundering and Terrorist Financing Act (Wet ter voorkoming van witwassen en financieren van terrorisme, “Dutch AML Act”) can lead to robust discussions. Authorities, such as the Dutch Central Bank (“DNB”), do not always consider the various possibilities (more particularly by using new technology) in which those open standards can be interpreted and implemented by institutions in accordance with the Dutch AML Act.
This was also the case in the judgement between DNB and bunq B.V. (“bunq“), a financial institution with a banking license in the Netherlands. To comply with the Dutch AML Act bunq uses technologies such as artificial intelligence for its client due diligence and transaction monitoring process. DNB was of the opinion that bunq was violating the Dutch AML Act because using these technologies did not lead to an adequate and compliant client due diligence and transaction monitoring. As a consequence thereof DNB took disciplinary measures against bunq by instructing bunq to follow a line of conduct as determined by DNB.
bunq took the case to court and it was finally presented in appeal to the Dutch Trade and Industry Appeals Tribunal (College van Beroep voor het bedrijfsleven, “CBb“). Although bunq was not favoured on all aspects, CBb did rule in favor of bunq in relation to (amongst others) determining the purpose and intended nature of a business relationship and conducting transaction monitoring, which will be further discussed in this article.
Purpose and intended nature of business relationship
Financial institutions that need to comply with the Dutch AML Act need to determine the purpose and the intended nature of the business relationship of its customers before entering into a business relationship, as stipulated in Article 3(2)(c) jo Article 5(1) Dutch AML Act.
For its retail customers bunq complies with this requirement by determining the purpose and intended nature of the business relationship based on assumptions prior to entering into a business relationship. bunq is able to do so by establishing two segments of retail customers based on an analysis of its data. The first group contains a homogeneous group of customers who fall within the ‘regular user profile’ and who use its payment account within the ‘regular use’ limits. bunq assumes that the vast majority of customers behave according to that user profile. This ‘regular user profile’ was created using data analysis and artificial intelligence and is said to have a low risk of money laundering. On an ongoing basis bunq reviews whether the customer still fits within the ‘regular user profile’. The moment this is not (or no longer) the case, bunq asks questions to the customer in order to determine whether the ‘regular user profile’ is still suitable for the client and will amend this profile if necessary.
DNB is of the opinion that by implementing such a procedure, bunq determines the purpose and nature of the intended relationship only after transaction monitoring has taken place. DNB based this opinion on the fact that no specific information was obtained from the client and therefore an assumption about the purpose and intended nature of the business relationship is made. The CBb rules differently and indicates that the fact that the allocation of a ‘standard payment account’ is based on a reasoned assumption does not mean that bunq was unable to assess the possible risks involved for a specific customer falling within the ‘regular user profile’. The CBb thus does not consider that bunq determines the purpose and intended nature of the business relationship only after entering into the business relationship (after transaction monitoring has taken place). bunq only monitors whether the assigned ‘regular user profile’ of customers needs adjustment and thus asks additional questions where necessary. According to the CBb this is compliant with the Dutch AML Act as the Act does not prescribe the manner in which the customer due diligence must be carried out. The information bunq has on the client should solely enable bunq to determine the purpose and intended nature of the business relationship in order to assess any risks posed by the provision of services to a customer, which bunq is able to do.
For its corporate customers, DNB reproaches bunq for not determining the purpose and intended nature of the relationship for existing customer files when updating these files, as bunq updates this information on the basis of information it already possesses. CBb rules that it is not necessary to obtain this information by specifically questioning the corporate customer in relation thereto, as this is not stipulated as such in the Dutch AML Act. As mentioned previously, the Dutch AML Act only states that an institution should determine the purpose and intended nature of the business relationship in order to assess any risks posed by the provision of services to a client. As bunq is able to comply with this provision based on existing client information, bunq duly complies with the Dutch AML Act in that regard, as rules the CBb.
Read the full story here.