Response to consultation on Guidelines on preventing the abuse of funds and certain crypto-assets transfers for ML/TF (Travel rule Guidelines)
Question 1. Do you agree with the proposed provisions? If you do not agree, please explain how you think these provisions should be amended, and set out why they should be amended. Please provide evidence of the impact these provisions would have if they were maintained as drafted'?
Dear Sir/Madam,
Thank you for the opportunity to comment on the EBA’s consultation on Guidelines on preventing the abuse of funds and certain crypto-assets transfers for ML/TF. The European Savings and Retail Banking Group (ESBG) would like to provide you with the comments below, which we hope will be considered by the EBA.
ESBG’s response:
Section 1 (Definitions)
Paragraph 9 (Definition of “transfer chain”)
For both the transfer of funds and the transfer of crypto-assets, it must be ensured that only service providers that also fall within the scope of the “Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets” are covered by the definition of the "transfer chain". To ensure this already in the definition, the proposed definition of the "transfer chain" should be supplemented as follows:
“Transfer chain:
Means the end-to-end sequence of parties, processes, and interactions involved in facilitating the transfer of funds and transfer of crypto-assets from the payer or originator to the payee or beneficiary, exclusively in the sphere of PSP, IPSP, CASP, ICASP.”
Section 4 (Information to be transmitted with the transfer)
Paragraph 6 and 7 (“persons linked/connected”):
Particularly with regard to the use of the terms “persons linked / connected", it must be ensured that these correspond to the requirements of the planned EU AML Regulation so that identical definitions are used here.
Paragraph 23:
The wording should be aligned to the envisaged AML Regulation to ensure that the addresses that are included with the transfer of funds is the verified address. For legal entities, the principal place of business should be preferrable as the registered address in a number of countries does not give an indication of the actual location of the legal entity and would assist any investigation or screening process but might be a law firm office or corporate service provider without any connection to the actual legal entity. Hence, we propose the following amendments:
“23. The payer’s PSP and originator’s CASP should provide the following:
a. For natural persons, the usual place of residence of the payer or originator. In case of a vulnerable person as referred to in paragraph 19b of “EBA Guidelines on policies and controls for the effective management of money laundering and terrorist financing (ML/TF) risks when providing access to financial services” and cannot reasonably be expected to provide an address in relation to their usual place of residence, the PSP or the CASP may use a postal addresses that is provided in alternative documentation as referred to in that Guidelines paragraph 19(b), where such documentation contains an address and where its use is permitted under the national law of the payer.
b. For legal persons, the payer or originator’s address of the registered or official office or, if different, the principal place of business .”
Section 4.4 (Providing an equivalent Identifier to the LEI of the payer)
Paragraph 28:
The draft Guidelines‘ clarification of the rather vague term “equivalent Identifier” is to be welcomed since it correctly categorises the term in the area of official commercial registers and comparable registries for legal entities.
However, strict consistency with the respective requirements and definitions of the envisaged AML regulation is required to avoid legal uncertainty. We therefore suggest that the EBA performs a corresponding cross-check in coordination with the European Commission.
Section 5.2 (Admissible characters or inputs checks on transfers of funds)
Paragraph 30 (lit. c):
Lit c. should be amended as follows to reflect established mechanisms:
“c. the system prevents the sending or receiving of transfers where inadmissible characters or inputs are detected or, where applicable, provides clear business rules or other means of assistance on how to proceed in such instances; and”
Section 5.4 (Missing information checks)
Paragraphs 37 to 39:
Next to provisions on how to proceed in the case of missing information, several articles of regulation (EU) 2023/1113 explicitly refer to incomplete information on the payer or the payee. The draft Guidelines, as of now, only ascertain cases of incomplete or meaningless/inconsistent information.
Further clarification on both the qualification as certain information requirements being met in an “incomplete way” and the resulting possible courses of action for PSPs would be welcome.
Section 6.3 (Requesting required information)
Paragraph 43:
Paragraph 43 correctly reflects that requests for information to PSPs or CASPs outside the Union typically require longer deadlines. This justifies the proposed deadline of 5 instead of 3 days in the case of intra-EU payments (the first two case groups mentioned in the paragraph). However, the Guidelines should also acknowledge that even more complex chains of communication might require additional working days to effectively ensure realistic assessments and response cycles.
Thus, case group 3 should be amended as follows:
“Longer deadlines may be set where transfer chains involve:
a. more than two parties in the transfer flow (including intermediaries and non-banks);
b. at least one PSP, IPSP, CASP or ICASP that is based outside of the EU.
These deadlines should not exceed seven working days in total.”
Paragraph 45:
Articles 8(2) and 12(2) of regulation (EU) 2023/1113 stipulate the possible courses of action for the payee’s PSP and the ISPSP, respectively, when a PSP has repeatedly failed to provide requested information on the payee or payer. The rejection of payments is just one possible course of action. It follows that the related provision on reminders according to paragraph 45 of the Guidelines may not imply any stricter restriction of this range of options.
To resolve this contradiction, the draft Guideline’s misleading wording should be amended:
“[…] a PSP or IPSP should advise the prior PSP or IPSP in the transfer chain that, if the required information is not received before a particular deadline, the PSP or IPSP might reject the transfer and may treat the PSP or IPSP as […]”
Section 9 (Obligations on the payer’s PSP, payee’s PSP and IPSPs where a transfer is a direct debit)
Paragraph 75:
The provisions in paragraph 75 are worded ambiguously. In particular, an incorrect time reference point appears to have been used with regard to the payer's information to be used. Furthermore, it is not only the payee's information that is relevant, but also the payer's information. Having said this, paragraph 75 should be worded as follows:
“75. Where a transfer of funds is a direct debit, the PSP of the payee should send the required information on the payer and the payee to the PSP of the payer as part of the direct debit collection. The information available to the payee's payment service provider at the time when the direct debit mandate is established or modified. Upon receipt of that information by the payer’s PSP, the payee’s PSP and IPSP should consider the information requirements in Article 4 points (2) and (4) and Article 5 points (1) and (2) of Regulation (EU) 2023/1113 to be met.”