On August 22nd, 2018, the GIIF published guidelines on the methods of verifying the identity of a natural person (a client who is a natural person or a representative of a client being a legal person) by obligated institutions - when a business relationship is established at a distance, without the physical presence of the client (customer’s representative) .
In the opinion of the GIIF, the establishment of an economic relationship without the physical presence of the client can only take place by using:
- electronic identification measures within the meaning of Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions on the internal market and repealing Directive 1999/93 / WE (Journal of Laws L 257 of 28/08/2014, p. 84), in practice with the use of an electronic signature, or:
- enhanced financial security measures with the following characteristics:
- the requirement of at least two different verification materials (documents, data and information from reliable and independent sources), whereby:
- at least one verification material should constitute a document confirming the identity (identity card or passport) - as an example of two verification materials GIIF provides indicates ID and driving license,
- the obligated institution implements means of verifying the authenticity of the verification materials provided by the client, e.g. inspection of verification materials by means of video interviews,
- in the absence of direct access to verification materials (i.e. in the case of video verification), the obligated institution also takes measures to minimize the risk of incorrect verification of the client, e.g. a verification transfer made from the customer's account in another obligated institution to the account of the identity verification entity.
In other words, in the opinion of GIIF, verification of the identity of a natural person who does not use a qualified electronic signature should consist in:
- verification of the authenticity of the identity card and driver's license issued by a trained employee of the obligated institution during video interviews with the client and in addition:
- the client makes a transfer from his or her own payment account (maintained by the so-called third obligated institution) to the payment account of the obligated institution performing the verification.
The GIIF interpretation seems to be incorrect because:
- does not take into account other criteria that may influence the assessment of the level of money laundering and terrorist financing risk for a given client (including: customer type, geographical area, account designation, type of products, services and distribution methods, level of property values deposited by the client or the value of transactions carried out, the purpose, regularity or duration of business relationships), which violates Art. 33 section 3 of the AML Act,
- does not take into account that art. 43 section 2 point 7 of the AML Act is not absolute (according to the Act establishing a distance relationship only may - and does not have to - indicate a higher risk of money laundering and terrorist financing), an argument directly related to the argument ad. 1 above,
- does not take into account the developed market standards (e.g. customer verification in the business information office),
- conflicts with the PFSA (KNF) guidelines,
- introduces requirements more stricter than the AML4 Directive, thus:
- puts Polish entrepreneurs in a competitive disadvantage compared to the non-Polish EU providers of services in Poland on the basis of the freedom to provide services (so-called cross-border activities), who are not generally obliged institutions within the meaning of the AML Act.
It seems that it is justified to conduct broader discussions in this case, in particular with the participation of representatives of the social factor and representatives of obligated institutions.