The Cyprus Securities and Exchange Commission’s (‘CySEC) (Amending) Law of 2016 18(I)/2016 for article 30 of the Prevention and Suppression of Money Laundering and Terrorist Financing relating to the application ofarticles 61and 62 of Law 188(Ι)/2007,pertaining to the identity verification of clients/beneficial owners, has issueda consultation paper to allmembers asking for feedback, with view to adhering to effective regulation and consultation procedures as set out by CySEC.

Additional parameters have been proposed that need to be born in mind by regulated entities, when assessing the risk of starting new business relationships with unverified persons and beneficial owners, in relation to the application of articles 61and 62 of Law 188(Ι).

According to article 61(1) of the Law, customer identification due diligence procedures include identifying the customer/beneficial owner and taking adequate measures to verify their identity, in accordance to their degree of risk (on the basis of documents, information or data obtained from an independent and reliable source).

This identification of a customer/beneficial owner normally occurs prior to the establishment of a business relationship whereby the identification procedure includes creation of an economic profile of the customer/ beneficial owner including all relevant tests.

Article 62 amending law requires for the identity verification of customers and beneficial owners be conducted prior to the establishment of a business relationship or an ad hoc business transaction.

However a derogation can be made to article 62 for those cases falling under supervision of CySEC, whereby it would be acceptable for  the customer and beneficial owner to conduct identity verification during the establishment of the business relationship, providing it doesn’t disrupt normal business conduct, where CySEC assumes little risk of money laundering or terrorist financing.

In such exceptions it would be on the proviso that that these identity verification procedures, including creation of an economic profile for the customer and beneficial owner and relevant tests be adhered to as soon as practically possible thereafter, further to the initial contact being made.

Therefore entities under CySEC could proceed with unverified customer/beneficial owners business transactions, providing they conform to the below terms, until such a time where they can confirm verification requirements:

Cumulative deposit funds of unverified customers/ beneficial owners, should not exceed €2,000, irrespective of the number of accounts the client/beneficial owner has with a regular entity.

The relevant verification documents must also be submitted within 15 days of initial contact, and ongoing steps requesting verification must be logged.

If these terms are not adhered to and the verification documents received within the 15 day deadline, all funds must be reimbursed to the account of origin with the business relationship automatically terminated.

Regulated entities must inform their customers/ beneficial owners appropriately/efficiently/ in due time of the relevant procedures and receive clear instructions and confirmation of the procedure to be followed.

CySEC concludes that it recommends that verification of customer/beneficial owners be concluded before the establishment of the business relationship and only in extraordinary cases follow the derogation parameters set up CySEC.