22 Amendments of Lídia PEREIRA related to 2021/0239(COD)
Amendment 157 #
Proposal for a regulation
Recital 20
Recital 20
(20) A consistent set of rules on internal systems and controls that applies to all obliged entities operating in the internal market will strengthen AML/CFT compliance and make supervision more effective. In order to ensure adequate mitigation of money laundering and terrorist financing risks, obliged entities should have in place an internal control framework consisting of risk–based policies, controls and procedures and clear division of responsibilities throughout the organisation. In line with the risk-based approach of this Regulation, those policies, controls and procedures should be proportionate to the nature, type of activity and size of the obliged entity and respond to the risks of money laundering and terrorist financing that the entity faces.
Amendment 181 #
Proposal for a regulation
Recital 34
Recital 34
(34) Some business models are based on the obliged entity having a business relationship with a merchant for offering payment initiation services through which the merchant gets paid for the provision of goods or services, and not with the merchant’s customer, who authorises the payment initiation service to initiate a single or one-offone or more transactions to the merchant once or on several separate occasions, and may moreover use account information services as part of that service. In such a business model, the obliged entity’s customer for the purpose of AML/CFT rules is the merchant, and not the merchant’s customer, both for the establishment of the business relationship and for the occasional transactions. Therefore, customer due diligence obligations should be applied by the obliged entity only vis-a-vis the merchant. If the same obliged entity also provides payment services to the merchant, which brings it into the possession of funds, then the obliged entity’s customer is also the merchant as regards the combined offering of payment initiation services, account information services and payment services. The inherent ML/TF risk associated with AISPs and PISPs is low. Both should therefore, as a rule, be eligible for simplified customer due diligence.
Amendment 205 #
Proposal for a regulation
Recital 57
Recital 57
(57) When customers are no longer entrusted with a prominent public function, they can still pose a higher risk, for example because of the informal influence they could still exercise, or because their previous and current functions are linked. It is essential that obliged entities take into consideration those continuing risks and apply one or more enhanced due diligence measures until such time that the individuals are deemed to pose no further risk, and in any case for not less than 12 months following the time when they are no longer entrusted with a prominent public function. The assessment of whether that person poses an additional risk should be evaluated on a regular basis, until such additional risk ceases. A specific approach for persons that are entrusted with a prominent public function for a period of less than 1 year is needed to ensure the proportionality of the set of rules regarding this dimension of this Regulation.
Amendment 213 #
Proposal for a regulation
Recital 62
Recital 62
(62) Obliged entities may outsource tasks relating to the performance of customer due diligence to an agent or external service provider that fully comply with GDPR, such as AML Compliance Entities, unless they are established in third countries that are designated as high-risk, as having compliance weaknesses or as posing a threat to the Union’s financial system. In the case of agency or outsourcing relationships on a contractual basis between obliged entities and external service providers not covered by AML/CFT requirements, any AML/CFT obligations upon those agents or outsourcing service providers could arise only from the contract between the parties and not from this Regulation. Therefore, the responsibility for complying with AML/CFT requirements should remain entirely with the obliged entity itself. The obliged entity should in particular ensure that, where an outsourced service provider is involved for the purposes of remote customer identification, the risk-based approach is respected.
Amendment 214 #
Proposal for a regulation
Recital 63
Recital 63
(63) In order for third party reliance and outsourcing relationships to function efficiently, further clarity is needed around the conditions according to which reliance takes place. AMLA should have the task of developing guidelines on the conditions under which third-party reliance and outsourcing can take place, as well as the roles and responsibilities of the respective parties. To ensure that consistent oversight of reliance and outsourcing practices is ensured throughout the Union, the guidelines should also provide clarity on how supervisors should take into account such practices and verify compliance with AML/CFT requirements when obliged entities resort to those practices. These guidelines must ensure that third-party reliance and outsourcing can only take place when third-parties fully comply with GDPR.
Amendment 234 #
Proposal for a regulation
Recital 93
Recital 93
(93) The anonymitynature of crypto-assets can exposes them to risks of misuse for criminal purposes. Anonymous crypto- asset wallets do not allow the traceability of crypto-asset transfers, whilst also making it difficult to identify linked transactions that may raise suspicion or to apply to adequate level of customer due diligence. In order to ensure effective, fair and proportionate application of AML/CFT requirements to crypto-assets, it is necessary to prohibitregulate the provision and the custody of anonymous crypto-asset wallets by crypto-asset service providers.
Amendment 286 #
Proposal for a regulation
Article 2 – paragraph 1 – point 25 – point a – point i
Article 2 – paragraph 1 – point 25 – point a – point i
(i) heads of State, heads of government, ministers and deputy or assistant ministers, regardless their official designation;
Amendment 291 #
(ii) members of parliament or of similar legislative bodies, namely regional legislative bodies;
Amendment 298 #
Proposal for a regulation
Article 2 – paragraph 1 – point 25 – point a – point vii a (new)
Article 2 – paragraph 1 – point 25 – point a – point vii a (new)
(viia) Mayors and members of local regional executive bodies;
Amendment 320 #
Proposal for a regulation
Article 2 – paragraph 1 – point 36 a (new)
Article 2 – paragraph 1 – point 36 a (new)
(36a) ‘AML Compliance Entity’, means an established entity that fully complies with GDPR and contributes to the effective compliance with the objectives and obligations set out in this regulation.
Amendment 380 #
Proposal for a regulation
Article 6 – paragraph 1
Article 6 – paragraph 1
1. Member States shall notify the Commission of any exemption that they intend to grant in accordance with Articles 4 and 5 without delay. The notification shall include a detailed justification based on the relevant risk assessment for the exemption. If deemed appropriate, the Member States shall provide further evidence to support their intended decision.
Amendment 396 #
Proposal for a regulation
Article 7 – paragraph 1 – subparagraph 1
Article 7 – paragraph 1 – subparagraph 1
Those policies, controls and procedures shall be proportionate to the nature, type of activity and size of the obliged entity.
Amendment 401 #
Proposal for a regulation
Article 7 – paragraph 2 – point d
Article 7 – paragraph 2 – point d
(d) the verification, when recruiting and assigning staff to certain tasks and functions and when appointing its agents and distributors, that those persons are of good repute,have the technical ability and knowledge proportionate to the risks associated with the tasks and functions to be performed;
Amendment 409 #
Proposal for a regulation
Article 8 – paragraph 1 – introductory part
Article 8 – paragraph 1 – introductory part
1. Obliged entities shall take appropriate measures, proportionate to their nature, type of activity and size, to identify and assess the risks of money laundering and terrorist financing to which they are exposed, as well as the risks of non-implementation and evasion of proliferation financing- related targeted financial sanctions, taking into account:
Amendment 413 #
Proposal for a regulation
Article 8 – paragraph 1 – introductory part
Article 8 – paragraph 1 – introductory part
1. Obliged entities shall take appropriate measures, proportionate to their nature, type of activity and size, to identify and assess the risks of money laundering and terrorist financing to which they are exposed, as well as the risks of non-implementation and evasion of proliferation financing- related targeted financial sanctions, taking into account:
Amendment 444 #
Proposal for a regulation
Article 11 – paragraph 3 – introductory part
Article 11 – paragraph 3 – introductory part
3. Obliged entities shall have in place appropriate procedures for their employees, or persons in a comparable position, to report breaches of this Regulation internally through a specific, independent and anonymous channel, proportionate to the nature, type of activity and size of the obliged entity concerned.
Amendment 644 #
Proposal for a regulation
Article 27 – paragraph 1 – subparagraph 1
Article 27 – paragraph 1 – subparagraph 1
The measures referred to in the first subparagraph shall be proportionate to the nature, type of activity and size of the business and to the specific elements of lower risk identified. However, obliged entities shall carry out sufficient monitoring of the transactions and business relationship to enable the detection of unusual or suspicious transactions.
Amendment 647 #
Proposal for a regulation
Article 27 – paragraph 4
Article 27 – paragraph 4
4. Obliged entities shall verify on a regular basis that the conditions for the application of simplified due diligence continue to exist. The frequency of such verifications shall be commensurate to the nature, type of activity and size of the business and the risks posed by the specific relationship.
Amendment 686 #
Proposal for a regulation
Article 32 – paragraph 1 a (new)
Article 32 – paragraph 1 a (new)
1a. In order to have in place the most effective risk management systems mentioned in paragraph 1, obliged entities may use external service providers that fully comply with GDPR – such as AML compliance Entities – and that can determine whether the customer or the beneficial owner is a politically exposed person.
Amendment 701 #
Proposal for a regulation
Article 35 – paragraph 2
Article 35 – paragraph 2
2. Obliged entities shall apply one or more of the measures referred to in Article 28(4) to mitigate the risks posed by the business relationship, until such time as that person is deemed to pose no further risk, but in any case for not less than 12 months following the time when the individurom the moment the reason for why that person was considered a PEP, disappears. The assessment of whether that person poses an additional ris no longer entrusted with a prominent public functionk should be evaluated on an regular basis, until such additional risk ceases.
Amendment 713 #
Proposal for a regulation
Article 40 – paragraph 1 – introductory part
Article 40 – paragraph 1 – introductory part
1. Obliged entities may outsource tasks deriving from requirements under this Regulation for the purpose of performing customer due diligence to an agent or external service provider, whether a natural or legal personthat fully comply with GDPR. These tasks can be outsourced to whether a natural or legal person, including AML Compliance Entities, with the exception of natural or legal persons residing or established in third countries identified pursuant to Section 2 of this Chapter.
Amendment 913 #
Proposal for a regulation
Article 58 – paragraph 1 – introductory part
Article 58 – paragraph 1 – introductory part
1. Credit institutions, financial institutions and crypto-asset service providers shall be prohibited from keeping anonymous accounts, anonymous passbooks, anonymous safe-deposit boxes or instruments used for anonymousising crypto-asset wallets as well as any account otherwise allowing for the anonymisation of the customer account holder.