Following the FATF’s 4th assessment of Switzerland in 2016, after which the group concluded that the authorities had a good overall understanding of AML /CFT risks, it was nevertheless revealed that the Swiss financial system remains exposed to many risks.
From a technical point of view, there were still shortcomings in the updating of information on customers in long-standing business relationships and verification of the beneficial owners in particular.
In the same way, the effectiveness of the legislation in force remains mixed with persistent failures in the field of STRs or dissuasive sanctions or international cooperation.
In view of this, Switzerland had been subjected to an “enhanced follow-up” procedure with the aim of supporting its legislative strengthening process. It is against this backdrop that FINMA undertook the revision of the anti-money laundering regulation.
As a reminder, and before detailing the main changes brought about by this amendment, the OBA-FINMA applies to the most common financial intermediaries as well as financial intermediaries directly subject to FINNA supervision.
To begin with, the new ordinance establishes a reinforcement of the risk-based approach. This is how financial intermediaries will have to set up a classification of business relationships according to the risks they entail.
This reinforcement will notably affect financial intermediaries who have foreign branches, or run a financial group comprising foreign companies, as they will have to introduce periodic controls aimed at overall monitoring of legal and reputational risks (Articles 5 and 6 OBA FINMA).
Many changes have also been made in terms of due diligence.
Domiciliary companies will have to be examined and documented more rigorously than before. Financial intermediaries will have to look for the reasons for using these domiciliary companies (Article 9a)
As regards general due diligence, Articles 10 to 12 impose new obligations on financial intermediaries. They must now ensure that “the details of the payer are accurate and complete and that those of the beneficiary are complete” They must also make sure that the copies of the identification documents are genuine (in the event that they do not request a certificate of authenticity).
With regard to specific due diligence, the list of criteria indicating the presence of increased risks has been completed.
Henceforth, business relationships with customers established in a country considered by the FATF to be high-risk or non-cooperative must in all cases be considered to involve increased risk.
The same changes apply for transactions (Article 14).
Changes have also been made regarding the cases when further clarifications should be requested. While the current ordinance requires that these clarifications be made “as soon as possible”, the new version requires that these clarifications be undertaken immediately (Article 17).
Finally, and with respect to funds, investment companies and wealth managers within the meaning of the Collective Investment Schemes Act (CISA), the amount from which these institutions must verify the subscriber’s identity has been lowered to 15,000 francs instead of 25000 francs previously (Articles 40 and 41).
The cash transactions are also affected by this change since the amount of verification of the identity of the contracting partner has also been lowered to 15000 francs.
Consequences for financial intermediaries
With this new ordinance coming into effect on January 1st, 2020, financial intermediaries will have to put in place different processes in order to comply with the new text.
Thus, an important process of revisions of internal policies and procedures will have to be undertaken, accompanied by the setting up of a real control organization to ensure the transposition of these new rules. This effort will need to be done in a coordinated way across the group to standardize processes and standards.
Reorganization will also have to be carried out in order to reinforce the teams dedicated to internal control and respect the new obligations.
For example, Article 25a now requires that only management at its highest level (and / or designated persons exercising non-revenue-generating control functions) may decide on the need to draw up a suspicious activity report in accordance with Article 9 LBA or 305ter al.2 CP.
Impacts in terms of staff training and awareness will need to be taken into account.
These different transformations will have to be accompanied by an adaptation of the reporting and a new communication with the customers in order to sensitize them to the changes. These efforts will be needed as the new rules laid down by the ordinance have the effect of creating new situations where relationships and transactions must be considered as entailing increased risks.