It is a well-known fact that remote business relationships are
included in the list of activities capable of presenting a greater
level of risk as regards money laundering and the financing of
terrorism. This means that we have to resort to enhanced due
diligence measures in establishing a remote business relationship
with the client.
The indicated enhanced due diligence measures are not suitable
for every type of relationship or commercial operation and may
create additional problems for regulated entities, since not all
clients have e-signatures nor does the first payment made by the
client always occur at the commencement of a relationship.
This fact results in some regulated entities being forced to
request their clients for a certified copy of their identity
documents, which distorts the nature of remote activities.
In order to overcome this situation Roca Junyent has advised
using a German third party exchange facility in relation to
obtaining authorisation from the Government Service for the
Prevention of Money Laundering
("SEPBLAC") in order to identify its
clients in remote activities through the use of a videoconferencing
system ("Video KYC"), as is used in
Germany (thus allowing the process of identifying clients that is
established in Spain and Germany to be standardised).
This has led SEPBLAC to recognise the Video KYC process for the
first time in Spain as a secure procedure for the identification of
clients, in accordance with article 21.1.d) of Law 10/2010 of 28
April on the prevention of money laundering and the financing of
terrorism (the "Anti Money Laundering
Act"), which empowers SEPBLAC to authorise other
identification procedures different from those established
expressly by the regulations.
The approval of this new system of client identification came
into force on 1 March 2016, and it can be used by any person in
respect of whom this information is required under the Anti Money
Laundering Act (which also includes foreigners operating in Spain
through branches, agents or the free provision of services).
The main requirements set out by SEPBLAC are as follows:
The actual prior implementation of a
remote identification process via videoconference, with the
regulated entity having to carry out the specific risk analysis
referred to in article 32.2 of the Regulations concerning Law
The remote identification procedures
via videoconference must be managed by staff with specific
The client must explicitly consent to
carrying out the remote identification procedures via
videoconference and their recording and storage, either in advance
or in the course thereof.
During the videoconference, the
regulated entity shall adopt measures to ensure the privacy of the
conversation held with the client.
Any photographs or snapshots from
mobile applications obtained must meet the conditions of quality
and clarity for them to be used for enquiries or assessment and
shall be kept in accordance with the provisions of article 25 of
Another matter to be highlighted from the permission granted by
SEPBLAC is that it explicitly recognises the opportunity to
outsource the application of this system of identification,
provided that the regulated entity retains all of the related
liability. We understand that this outsourcing must not be confused
with the third-party review mechanism established under article 8
of the Anti Money Laundering Act, which is intended solely for
ordinary due diligence measures (and not for the enhanced due
diligence measures applicable to remote activities).
In view of the above, we are pleased to confirm that the Spanish
authorities are beginning to appreciate, as SEPBLAC makes clear by
its approval, that technological innovation in the financial sector
may reduce costs, increase competitiveness and offer better service
to clients. There will never be an actual digitalization of
traditional sectors such as banking if we continue to use only
offline procedures that do not adapt to the needs of the new
realities such as Fintech. In any event, there is no doubt that the
establishment of these measures must take place without reducing
the levels of protection for the clients. In any case, we
acknowledge that this move on the part of SEPBLAC is going in the
right direction and is a first step towards accommodating
regulations to new online anti money laundering procedures.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The UK Supreme Court has resoundingly held that the UK Government may not serve the Article 50 notice withdrawing from the European Union without an Act of the UK Parliament giving the necessary parliamentary authorisation.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).