Important financial regulations in Europe you should know to protect your money 2021

If you have used any EU financial services, chances are, you had come across various financial regulations when you accepted their terms and conditions. These financial regulations are not only for the financial company to comply with but also for you to follow. These financial regulations influence everything - from creating an account on the financial institutions' website to making transactions. The financial regulations range from preventing money laundering and supervision to data protection. Here are the main financial regulations in Europe you should know to protect your money.

Regulatory measures regarding finances are very dynamic, meaning that they do not affect your money strictly. As a financial service entity, they have a range of financial regulations and rules to follow, some of which affect you in other aspects. Here we will analyse 3 aspects and the EU financial services regulation that apply to them:

1. The AML Directive

Money laundering is a financial crime. It is the act of hiding the main source of the finance obtained illegally through financial transactions. Everyone agrees that money laundering harms the economy; however, it is very difficult to weed them out. Hence, firms are required to take steps to prevent money laundering. These steps include verifying their customers, their transactions and monitoring further financial activities. Anti-money laundering is covered by the European Directive 2018/843 of the prevention of the use of the financial system for the purposes of money laundering or terrorist financing - AML Directive for short.

The list below explains the measures that financial services will implement on you as a customer:

Verifying you as a customer

The general rule is that every financial entity must verify your identity as a customer before establishing any business relationship with you. To verify identity is enshrined in article 14 of the AML Directive. Article 13 explains how they will verify you:

  • by collecting your information, data, and documents
  • cross-checking the information and documents, you have provided through a reliable and independent source. For example, through national registries and portals
  • finally, accept you as their customer and allow you to use their services

However, their responsibilities do not end here. Financial entities are required to continue monitoring you and your financial activities within their services. Hence, you will see that companies keep asking for confirmation for activities despite having your data. This is Customer Due diligence, which we will explain next.

Customer Due Diligence

Customer due diligence is crucial for financial companies to monitor their customers, evaluate the risks, and prevent illegal activities. Hence, you will notice the various forms of restrictive measures when making transactions, even if you have been their customer for a long time. Due diligence means taking specific measures to evaluate that your financial activities are legal. In practice, they have implemented due diligence on transactions based on the amount of money. Article 11 of the AML Directive states that financial states must apply due diligence when:

  • a transfer of funds from one bank account to another exceeds 1000 EUR
  • a transaction of funds amount to 15,000 EUR or more in single or multiple transactions
  • transactions relating to goods amount to 10,000 EUR or more in single or multiple operations

It means, for the transactions as mentioned above, the entity will ask for double confirmation before releasing the money or ask for further documents to support it.

Entities must also take additional steps based on your country transactions and the delivery channels (Article 8). Therefore, if you are making an international transaction to a country considered high-risk, you will be subject to further scrutiny. The same applies if you receive money from a country that is considered high-risk. The entity may ask for additional documents or may take more time to release or accept the money. It is essential to be aware of such situations because your transactions may be delayed or stopped completely.

2. The Wire Transfer Regulation

Making financial transactions to another person requires you to share your information and the receiver’s data. This is legal practice mandated by the financial Regulation 2015/847. Regulation 2015/847 or the Wire Transfer Regulation outlines the rules on the payers’ and payees’ information of fund transfer. Although a hassle, this inquiry is a preventive measure against money laundering. It is particularly so if the service provider is operating from within the European Union. Under article 4, you must provide the following information:

  • your name, account number, address and the official personal document number, the identification number or date and place of birth
  • the payee’s name and account number where the funds will go to

The financial company will verify the data that you provided before sending the money out. If they find any required information missing, they must reject the transfer and ask for further data. They can not release the funds until the information is acquired.

3. GDPR and other data protection laws

The increase of digitalisation has led to a rise in online crimes. The financial sector is the primary target because it is a lucrative area with lots to gain from exploitation. Hence, you may be worried, like everyone else, regarding protecting your data held by the financial entity. And you should be - breach of data security puts you and your money at risk to be digitally abused.

Fortunately, regulators take data privacy and protection seriously; hence they have passed new legal measures and included data protection in several laws related to financial services to provide adequate solutions to both sides:

GDPR

The primary legislation on data privacy and protection is the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data - GDPR for short. The purpose of GDPR is to protect your data as a natural person regarding its processing, movement and storage. GDPR looks at data protection from a more fundamental rights perspective, thus protecting you by:

  • outlining the principles and the lawful processing of your data
  • how entities should acquire consent regarding the processing of your data
  • your right as a data subject regarding transparency, giving access to third parties, amendment and deletion
  • the rights and responsibilities of the entities who are handling your data

It hands the right and control of data protection over to you while shifting the responsibility and accountability of protecting it to the processors. This law applies to every sector in the economy - from financial services to the health sector. This is the general law on data protection that applies to you in all aspects of life.

Financial information Directive

Directive (EU) 2019/1153 is another legislation supporting the AML Directive regarding the access to and the use of your financial data. That means any competent authority has the right to access your bank account and other financial information to investigate to prevent money laundering activities and other serious crimes if they suspect so. They can also exchange your information with other authorities, and if necessary, your member state may restrict your rights to access your personal data under this Directive.

This law is already subject to GDPR; therefore, data processing under this Directive is already considered compatible with your rights as a data subject.

Data protection under AML Directive

AML Directive has included data protection in its provision to the extent necessary to uphold your fundamental rights. As such, the financial service provider must process your data only for purposes to prevent money laundering and terrorist financing and not for any other purposes under this Directive.

Financial companies must retain the documents and data you provided during customer due diligence measures for 5 years after terminating the services. After 5 years, the company must delete those data unless otherwise required by your national laws.

Wire transfer regulation

Like the AML Directive, the Wire transfer Regulation requires payment service providers to process your personal data to prevent money laundering and terrorist financing. The company is prohibited from processing your data for any other purpose conflicting with the main one, especially commercial. The entity must also ensure confidentiality of the processing, and they cannot retain your information longer than 5 years.

To avoid rejection of your financial transaction, you need to comply with their verification procedures. Like banks, payment service providers, and investment companies, financial services companies have to inquire your information critically for internal and regulatory policies. Otherwise, the companies will be penalised. Refusing to comply will result in rejection, therefore, you have to follow them or stop using financial services altogether.

Last update: 06/05/2021