EBA finalises remote onboarding guidelines

EBA has published its final guidelines on the steps credit and financial institutions should take to ensure safe and effective remote customer onboarding. The guidelines include:

  • expectations for policies and procedures that should be in place, which address the solution the institution has in place, when remote onboarding can be used, the extent of required human intervention, controls on transactions of new customers, and staff training;
  • a requirement that the AML/CFT Compliance Officer should, as part of their general duty to prepare compliant CDD policies, ensure that remote onboarding policies and procedures are properly implemented and reviewed;
  • the need for a pre-implementation assessment of any proposed remote solution; and
  • what a detailed ongoing monitoring programme should look like.

The guidelines go on to address what information should be acquired on customers and how, so that the customer is both identified and their identity verified, with appropriate controls on how to match information provided with other information to ensure veracity.

In respect of outsourcing, policies should be clear on what is outsourced to whom, and what the controls over ICT and security risks are, as well as over the performance of the third party provider.

Emma Radmore