top of page
  • Writer's pictureDeborah
    • Jan 17, 2023

Issued on November 22, 2022 by the European Banking Authority (EBA), the Guidelines apply to all credit and financial institutions that are within the scope of the Anti-money Laundering Directive (AMLD) and sets out the steps these institutions should follow to ensure to choose adequate tools for a safe and effective remote customer onboarding.


Highlights of the key requirements include but are not limited to the following:

  • Implementation and maintenance of policies and procedures for an effective remote customer onboarding process that (i) include an explanation of the features and functioning of a solution; (ii) take into account the risks factors; (iii) distinguish which steps are fully autonomized and which steps require human intervention

  • Submission of the aforementioned policies and procedures to management’s approval

  • pre-implementation assessment of the remote customer onboarding solution (i.e. adequacy of the solution, assessment of the impact of the use of such solution on a business-wide risk (ML/TF, operational, reputational and legal risks…); identification of possible mitigating measures and remedial actions…)

  • Ongoing monitoring of the remote customer onboarding solution: policies and procedures must include information provided by the Guidelines, including a description of at least a) the steps entities will take to be satisfied of the ongoing quality, completeness, accuracy and adequacy of data collected during the remote customer onboarding process; b) the scope and frequency of such regular reviews…

  • Identification of natural persons (e.g. what information is manually entered by the customer, is automatically captured from the documentation provided by the customer or is gathered using other internal or external sources…) VS legal entities (e.g. which category of legal entities they will onboard remotely, taking into account the level of ML/TF risk associated with each category, and the level of human intervention required to validate the identification information).

  • Document authenticity & integrity (e.g. ascertain that the reproduction of an original document is reliable, ensure that tools such as Optical Character Recognition (OCR) algorithms or Machine Readable Zone (MRZ) verifications capture information in an accurate and consistent manner, verify the security features embedded in the official document where possible…)

  • Match customer identity as part of the verification process: Entities must amongst others ensure that (i) there is a match between the visible information of the natural person and the documentation provided; (ii) where the customer is a legal entity, it is publicly registered, where applicable; (iii) where the customer is a legal entity, the natural person that represents it is entitled to act on its behalf.

Recent Posts

See All

Product Corner - VAs : Quèsaco

Virtual Assets (VAs) or crypto assets refer to : “any digital representation of value that can be digitally traded, transferred or used for payment. It does not include digital representation of fiat

Upcoming Regulatory Deadlines to Watch

10 Aug 2023 - Deadline to submit comments to FCA Guidance Consultation (GC23/1) on crypto asset financial promotions. 5 Sep 2023 - Effective date of SEC Cybersecurity Risk Management, Strategy, Govern

bottom of page