Wwft monitoring

Based on the Money Laundering and Terrorist Financing Prevention Act (Wwft), a financial institution is required to subject its customers to ongoing monitoring. By this is meant a monitoring of the business relationship with the institution and the transactions carried out by the customer. To comply with the sanctions law, financial institutions must have established an administrative structure and implemented internal control measures. All of this is also referred to as the monitoring process.

What forms of Wwft monitoring are there?

Wwft Monitoring has the following forms:

  • Periodic review
  • Event-driven review
  • Screening against sanction lists
  • Transaction monitoring

1. Periodic review

A periodic review is essentially a renewed client review. You periodically update (based on risk-based and adequate measures) the information about the client. If necessary, you adjust the client’s risk profile accordingly.

You have clearly described in your policies and procedures how and how often a periodic review takes place. You have a (risk-based) rationale for this.

The periodic review follows a cycle per risk category: the higher the risk, the more frequent and thorough a review of the client situation will have to take place. Thanks to this continuous review, it is possible to discover abnormal (transaction) patterns and to check whether situations have occurred that involve an increased risk.

Thus, in practice, we often see banks reviewing their high-risk clients at least once a year, while medium and low-risk clients are subject to a client review every 3 and 5 years, respectively (or based on a pre-defined event).

The frequency and depth of a review depends on the risk. So the additional risk assessment will determine the new review period to be determined. Also, the final analysis of the review and the (renewed) risk assessment will affect the ongoing transaction monitoring.

If the customer or UBO was first designated as a PEP and during the review it appears that this person no longer holds a prominent political position, the enhanced measures must be applied for at least another year. This period may vary per jurisdiction.

2. Event driven review

An Event Driven Review is basically a renewed client screening, triggered by specific risk signals. In your policies and procedures, you have determined on the basis of which signals a new client investigation should be initiated.

For example, a signal that may be cause for an Event Driven Review is when client data in the Chamber of Commerce trade register is updated. New customer details are then grounds for investigation, for example change of mailing address to a high-risk country, or the change of a director who is on a PEP list.

An Event Driven Review leads to an update of the client profile and possibly the adjustment of the client’s risk profile. After an Event Driven Review, set a new deadline for a periodic review.

3. Screening against sanction lists

When screening against sanctions lists, all names and other relevant data of natural persons and legal entities contained in client files (including UBO, authorized representative, beneficiary, etc.) are checked against the EU and Dutch sanctions lists. In practice, we see that these lists are often supplemented by the US sanctions lists OFAC. Screening of relationships is done at customer acceptance, periodic review, event driven review, and/or at interim changes in the customer base and sanctions lists.

Transaction monitoring

Transaction monitoring is a measure to manage money laundering and terrorist financing risk. You translate the money laundering and terrorist financing risks arising from the SIRA into the transaction monitoring process. In determining the customer’s risk profile, you also include the expected transaction behavior.

You have appropriate procedures and processes in place to monitor customer accounts, activities and/or transactions. This allows you to gain and maintain an understanding of the nature and background of clients and their financial behavior. You will also be able to detect anomalous transaction patterns-such as unusual transaction patterns and transactions that by their nature pose a higher risk of money laundering or terrorist financing. And you will be able to comply with your reporting obligations.

It is important that you view transaction monitoring as complementary to the periodic review.

Transaction profile

You must draw up a transaction profile for each client. Based on the knowledge about the client (client profile), it is examined whether that client’s transactions correspond with the image the institution has of the client and the expected transaction profile.

To determine the risk profile, the expected transactions and/or the expected use of a customer’s account are considered. This allows you to sufficiently monitor that the transactions performed during the term of the relationship match your knowledge of the customer and their risk profile.

When does a transaction classify as unusual?

A transaction is unusual if there is suspicion of money laundering or terrorist financing. This may be because the transaction deviates from the transaction profile, for example, but the transaction behavior itself may also cause concern.

There are indicators on the basis of which you must assess whether the transaction can be regarded as unusual. These indicators may differ per type of institution. You can find these indicators on the FIU website.

There are objective and subjective indicators. With an objective indicator, the nature of the transaction is leading. If the transaction fits into an objective indicator, no further assessment is required, because in that case a Wwft report must be made. If the report does not fall under an objective indicator, the subjective indicator may apply. In that case you assess your report yourself and decide whether the report falls under the subjective indicator.

When should you report an unusual transaction?

There are various circumstances under which you must make a Wwft report.

  1. When you come to the conclusion that there is an unusual transaction. A report of an unusual transaction made or intended will have to be made without delay (as soon as possible given the circumstances) after the unusual nature of that transaction has become known.
  2. If the customer due diligence did not produce the information required by law, and in addition there are “indications” that the customer in question is involved in money laundering or terrorist financing.
  3. When an existing customer relationship is terminated because not all the information required by law is obtained, and there are also “indications” that the customer in question is involved in money laundering or terrorist financing.

Failure to report an unusual transaction while the institution is aware of it is an economic crime. Once you have made a report, you are obliged to keep the report confidential.

Want to know more?

Learn more about the Wwft, customer due diligence and transaction monitoring by following our Wwft e-learnings. You can find an overview of our Wwft courses here.