New AML regulations - Central Database of Safe-Deposit Boxes and Bank and Payment Accounts
Anticipated regulations to establish a central database of information on safe-deposit boxes and payment accounts have been published. The European Union (Anti-Money Laundering: Central Mechanism for Information on Safe-Deposit Boxes and Bank and Payment Accounts) Regulations 2022 (the Regulations) were signed by the Minister for Finance on 3 February 2022 and came into force on that date.
What are the Regulations?
In short, the Regulations authorise the Central Bank of Ireland (the CBI) to establish and maintain a central register of information on safe-deposit boxes and bank and payment accounts, as required under Article 32a of the Fourth Anti-Money Laundering Directive (4AMLD), as amended by the Fifth Anti-Money Laundering Directive.
4AMLD required Member States to put in place "centralised automated mechanisms, such as central registries or central electronic data retrieval systems, which allow the identification, in a timely manner, of any natural or legal persons holding or controlling payment accounts and bank accounts identified by IBAN ... and safe-deposit boxes held by a credit institution within their territory."
To whom do the Regulations apply?
The Regulations apply to credit institutions, including branches, which are established in the State (whether their head office is situated within the EU or in a third country).
What is required?
The Regulations authorise the CBI to establish and maintain:
- a database (referred to in the Regulations as the "Central Database")
- an information system (to be known as the “Central Mechanism of Ownership of Bank and Payment Accounts and Safe-Deposit Boxes”)
In simple terms, the Regulations provide for the establishment of a Central Database, which the CBI will manage and where information will be stored, and a Central Mechanism (or system) whereby this information will be requested and provided.
The main features of the Central Database and Central Mechanism are as follows:
- Credit institutions may be required to provide certain prescribed information to the CBI. Further guidance is awaited from the CBI on how and when credit institutions will be required to comply.
- The CBI will hold this information for not less than 5 years after the account is closed or the lease on the safe-deposit box has expired.
- The CBI may only use this information for the purposes of the Regulations and in its role as controller of data under the GDPR.
- Only FIU Ireland will be permitted to carry out searches on and retrieve information from the Central Database.
- FIU Ireland is also permitted to share this information with other FIUs.
Information to be provided by credit institutions
There are a number of strands to the information that may be requested of the credit institution by the CBI, whether it relates to the holder of the account, the lessee of the safe-deposit box, or the account itself.
1. The customer-account holder, any person acting on behalf of the account holder and the beneficial owner
Where any of these persons is a natural person, the following information may be requested:
(i) forename and surname
(ii) date of birth
(iii) address (including Eircode, if known)
Where any of these persons is not a natural person, the following information may be requested:
(i) name
(ii) registered address (including Eircode, if known)
2. Bank or payment account
The following information may be requested in respect of a bank or payment account:
(i) IBAN
(ii) account name
(iii) date of account opening
(iv) where applicable, date of account closing
3. Safe-deposit box
The following information may be requested in respect of a safe-deposit box where the lessee is a natural person:
(i) forename and surname of the lessee
(ii) date of birth of the lessee
(iii) address (including Eircode, if known) of the lessee
(iv) lease period
The following information may be requested in respect of a safe-deposit box where the lessee is a natural person:
(i) name of the lessee
(ii) registered address (including Eircode, if known) of the lessee
(iii) lease period
The CBI has indicated that it is in the process of finalising technical requirements for the Central Database and will make them available to all eligible credit institutions as soon as possible. We will continue to monitor the situation.
For further information, please contact Paula Reid, Knowledge partner, Anne O'Neill, senior Knowledge executive or any member of ALG's Finance or Financial Regulation group.
Date published: 9 February 2022