To enhance the user experience of payment service consumers and improve the application of anti-money laundering risk management measures by financial institutions, the Board of the Bank of Lithuania has established new requirements for financial market participants – banks, credit unions, electronic money institutions, and payment institutions. These guidelines on financial service accessibility and financial inclusion will take effect from the beginning of next year, allowing time for preparation.
Key Requirements
Individual Risk Assessment:
- Financial institutions must evaluate the individual circumstances of clients for anti-money laundering and terrorist financing risk purposes.
- Institutions are required to avoid unjustified de-risking policies without first considering other risk mitigation measures. Decisions cannot be automated.
Policies, Procedures, and Controls:
- Institutions must implement policies, procedures, and control measures to systematically manage anti-money laundering and terrorist financing risks, ensuring the availability of essential financial services.
- Decisions to terminate business relationships or refuse to start them must only be used as an extreme measure and must be documented, stored, and provided to the Bank of Lithuania upon request.
Decision-Making Timeline:
- Financial institutions must decide within one month whether to initiate or justifiably refuse a business relationship with a client.
- If refusing, institutions must inform the consumer about the complaint procedure, the right to appeal to a court, or to the Bank of Lithuania if disputes cannot be resolved directly.
Consumer Information:
- Clients must be adequately informed about decisions related to anti-money laundering measures, including reasons for temporary restrictions on their financial services.
- Institutions must provide clarity on process timelines and offer explanations for delays, giving clients the opportunity to respond or provide additional evidence.
Suspension Duration:
- Payment suspensions should last only as long as necessary to manage anti-money laundering and terrorist financing risks.
- Financial institutions should set a preliminary decision-making timeline and inform clients accordingly. If the decision cannot be made within the specified time, the institution must inform the client of the reasons, if allowed by law.
Extension of Suspensions:
- Payment suspensions can be extended by five business days indefinitely, provided the client is informed and the reasons for the extension are explained.
Implementation and Expectations:
- The guidelines align with the European Banking Authority’s provisions on this matter.
- The Bank of Lithuania will provide additional information on its website regarding the new procedures and their benefits for consumers.
Recommendations of ECOVIS ProventusLaw
Develop Comprehensive Risk Assessment Protocols
- Implement detailed procedures to individually assess the anti-money laundering (AML) and terrorist financing (TF) risks of each client.
Avoid Unjustified De-Risking
- Establish a framework that prioritizes other risk mitigation measures before resorting to de-risking. Ensure decisions to terminate or refuse business relationships are based on thorough analysis and are not automated.
Strengthen Internal Policies and Controls
- Revise internal policies to align with the new guidelines, focusing on systematic AML and TF risk management. Integrate these policies into daily operations and ensure all staff are trained on the updated procedures.
Document Decision-Making Processes
- Create robust documentation processes for all decisions related to terminating or refusing business relationships. Maintain these records securely and be prepared to provide them to the Bank of Lithuania upon request.
Adhere to Decision-Making Timelines
- Implement systems to ensure decisions on initiating or refusing business relationships are made within the stipulated one-month period. Develop clear protocols to inform clients promptly about the outcomes and their rights to appeal.