The European Banking Authority (EBA) has published revised guidelines for money laundering and terrorist-financing risk factors.

The guidelines relate to financial institutions and regulatory authorities. They incorporate guidance on crowdfunding platforms, corporate finance, payment initiation services providers (PISPs), account information service providers (AISPs) and currency exchange offices, as well as information on risk assessment and due diligence regarding beneficial owners..

They have been devised and issued by the EBA as a response to changes to the European Union’s anti-money laundering (AML) and counterterrorism financing (CFT) legal framework. But they have also been prompted by the new risks that have been recognised as a result of implementation reviews conducted by the EBA.

Under the revised guidelines, financial institutions are obliged to identify the beneficial owner of a corporate client. They must also determine that the customer’s ownership structure is not overly complex or unclear and ascertain whether real control of the legal entity is in the hands of someone who is not named as its owner.

The EBA has made it clear that carrying out such checks cannot be based solely on information that can be obtained from national registers of beneficial ownership. The Authority has warned that firms may have to undertake extra activity to verify the authenticity of information that is supplied by customers. The EBA says this is especially important when risks associated with a particular business have increased or where there are genuine doubts about the information held on a register.

Financial firms may, in certain situations, cite a company’s senior managers as the beneficial owners. But this can only be done when “all possible means of identifying the natural person who ultimately owns or controls the customer” have been exhausted, and when the customer’s reasons for not naming the ultimate beneficial owner can be considered plausible.

The revised guidelines emphasise the need for compliance professionals that use technological solutions for beneficial-ownership identification and verification purposes to consider whether using such resources adequately addresses the AML/CFT risks.

The EBA has said it is not demanding that financial institutions end their provision of services to whole categories of customers, which is known as de-risking. But it wants them to balance the need for - and benefits of - financial inclusion with the need to reduce their individual AML/CFT risks. The executive summary of the 225-page guidelines document emphasises that its purpose is to “promote the development of a common understanding, by firms and competent authorities across the EU, of what the risk-based approach to AML/CFT entails and how it should be applied’’.