Service Finder

back

Show commissioning of third parties with internal security measures

Service Description

As an obliged entity or obligated party under money laundering law, you must create appropriate business and customer-related internal security measures to manage and mitigate the risks of money laundering and terrorist financing through suitable principles, procedures and controls.

You can also transfer the implementation of internal security measures to a third party within the framework of contractual agreements. However, you must first notify the competent supervisory authority of the intended outsourcing. The Money Laundering Act contains standard examples of the security measures to be put in place. This list is not exhaustive. Further internal security measures may be required in individual cases. The internal security measures also require the approval of the member of management responsible for money laundering prevention in your company.

As the obligated party, you may have the internal security measures carried out by an (external) third party within the framework of contractual agreements if you have notified the supervisory authority in advance. The supervisory authority may prohibit the transfer if

  • the third party does not guarantee that the security measures will be carried out properly.
  • the control options of the obligated party are impaired or
  • supervision by the supervisory authority is impaired.

For you as the obligated party, this means that you must state in your notification that the conditions for prohibiting the transfer are not met.

You must also state in the notification which internal security measures are the subject of the outsourcing

The notification must be made by the obliged entity itself or, if applicable, by the appointed money laundering officer.

Important note:

The responsibility for the fulfillment of the internal security measures remains with the obliged entities. If the third party does not properly fulfill the contractually assigned obligations, for example, you remain responsible for non-compliance with the internal security measures.

Process flow

  • The notification must be submitted to the competent supervisory authority by the obligated party itself or, if applicable, by the appointed money laundering officer
  • Your notification will be examined by the competent authority
  • You will receive a final notification
  • After notification, the internal security measures can be carried out by a third party; prior approval by the authority is not required.
  • The supervisory authority can prohibit the transfer to a third party if
    • the third party does not provide a guarantee that the security measures will be carried out properly,
    • the management options of the obligated parties are impaired as a result, or
    • the supervision by the supervisory authority is impaired

Who should I contact?

Please contact the Thuringian State Administration Office.

Requirements

Obligated Persons under the Money Laundering Act

  • Only natural persons or legal entities who are obligated parties under the Money Laundering Act are eligible to file a report.
  • The reporting person must be a member of the management level or internal/external money laundering officer or internal/external money laundering officer of the company.

The third party must be:

  • be sufficiently qualified and reliable, provide assurance that the safeguards are properly implemented, and
  • not impair the management options of the obligated parties or the supervision of the supervisory authority as a result of the outsourcing.

Which documents are required?

  • Notification of outsourcing of internal security measures
    • The notification must clearly state which internal security measures are the subject of the outsourcing.
    • In the notification of outsourcing, it must also be stated in full and in writing that all requirements have been met and that there are no grounds for prohibiting the intended outsourcing.
  • Proof of authorization to report
    • Evidence of appointment as money laundering officer or money laundering representative or
    • Contract on the outsourcing of internal security measures or
    • Evidence that the person making the notification is a member of the company's management (e.g. extract from the commercial register or shareholders' agreement)
  • Contract with the third party
    • Copy of the contractual agreement with the third party to whom the safeguards are to be outsourced.
  • If applicable, current excerpt from the commercial register
    • Registered companies please submit a current excerpt from the commercial register with the notification. Legal entities in the process of formation (GmbH, AG) submit the articles of association or articles of incorporation.
    • Note: The authority may require evidence of the service provider's suitability - this could be, for example, CVs, training certificates or references that explicitly relate to money laundering obligations and experience.

What are the fees?

none

What deadlines do I have to pay attention to?

  • Notification of outsourcing of internal security measures must be made prior to outsourcing
  • After notification, the internal security measures can be carried out, prior approval of the authority is not required.

Legal basis

§ Section 6 (1) of the German Money Laundering Act (GwG) for basic obligation to take security measures

§ Sec. 6 (7) AMLA regarding duty to notify in case of outsourcing

Appeal

  • Forms: yes
  • Online procedure possible: no
  • Written form required: no
  • Personal appearance required: no

Author

The text was automatically translated based on the German content.

Source: Zuständigkeitsfinder Thüringen (Linie6Plus)

No competent authority found

Please enter your location.