These days in Romania businesses are becoming more and more concerned and occupied with the requirement that they know their clients (“KYC”). This article is to highlight some aspects that need to be considered in Romania and Clients need to be aware that they should improve their KYC tests. These requirements apply to all client of all businesses and the degree of apparent risk. Some businesses will work on the basis that there will not be any risk because it is a onetime transaction but if a long-term business relationship is built up then KYC becomes more important. Even a one-off transaction can present risks.
In Romania, it is necessary to consider all aspects of the Client when entering into a new business relationship. Money laundering issues will arise when even in an occasional transaction the amount involved is at least EUR 15,000 or its equivalent. This will apply if the transaction is carried out in a single operation or in several operations which appear to be linked. They will also arise if there is a suspicion of money laundering or terrorist financing, regardless of the value of the transaction and when there are doubts about the truth client identification data.
What can you do in Romania to protect yourself? You should as a minimum identifying the client and verifying the client’s identity on the basis of documents, data or information obtained from reliable and independent sources. A risk profile should be considered so that the information obtained is satisfactory and that it allows understanding of the ownership and control structure of the client. Further you should conduct ongoing monitoring of the business relationship including scrutiny of the transactions undertaken to ensure that the transactions being conducted are consistent with the information about the client, the business and risk profile originally given including where necessary checking the source of funds and ensuring that the documents, data or information held are kept up-to-date.
In some circumstances the position is eased where the client is a credit or financial institution in a Member State of the EU or a credit or financial institution from a third country which imposes similar requirements on money laundering and terrorist financing. Also, if the client is a company traded on a regulated market, subject to reporting and transparency requirements. If the client is a national public authority there is an assumed lower level of risk.
However, additional measures are required to the standard measures where the person is not physically present to conduct the operations, or they are a politically exposed person who is resident in another Member State of the EU or in a third State.
In these cases, the request of documents and additional information to establish the identity of the client should be done. Obtaining certification by a credit or financial institution which is subject to requirements of prevention and combating of money laundering and terrorist financing, as well as requesting that the first operation to be carried out through an account opened in the name of the client from a credit institution subject to requirements of prevention and combat of money laundering and terrorist financing.
In the case of politically exposed persons then it is necessary to take adequate measures to establish the source of wealth and source of funds that are involved in business relationships or transactions with such persons.
What constitutes sufficient identification data. For a Natural person, the status data specified in their identification documents. For a legal person, the data mentioned in the registration documents as provided by law, as well as proof that the person who conducts the transaction represents the legal entity.
It is necessary to keep a copy of these documents as proof of identity or for identity references for a minimum period of 5 years from the date when the relationship ended with the client. Records, of all financial transactions resulting from a business relationship or of occasional transactions are to be kept in appropriate format so as to be used as evidence in legal proceedings for a minimum of 5 years minimum after the end of the business relationship, or from the occasional transaction. Failure to comply with any of these obligations can be fined with a fine between 10,000 to 50,000 lei.
By Decision No. 1272 of 18 October 2005 Romania has approved the list of individuals and legal entities suspected of committing or financing of terrorist acts although This list is updated.
Professional persons are required to notify the competent authority if they have data and information about persons or entities or activities which are subject of an international sanction as well as if they are in the possession of or have under their control any goods which are subject to international sanctions, or if they have information about such goods. The notification given to the authorities must contain the minimum information allowing identification and contacting its author. However, many professional bodies are unhappy with these requirements as it prima facae gives rise to a claim that Client privilege has been breached. Professionals therefore need to be on their guard at all times to ensure that they observe their clients’ rights but at the same time protect themselves.
Lawyer have the obligation of reporting suspicious transactions under the laws relating to money laundering and the terrorist financing and must implement measures for knowing the clientele, in order to determine as to whether it involves persons or entities subject to international sanctions or if the transactions conducted involve goods subject to international sanctions.
as mentioned previously these rules apply not only to professional in Romania but all companies where there is a perceived risk of money laundering and terrorist financing.
In the light of the above all companies should carry out an audit of their KYC and their records in Romania to ensure that they are compliant with the rules and requirements not only of Romania but also the EU.