Shufti’s AML Screening Solution – How to Comply with Germany’s AML Regulations

The stability of the global economy is at risk pertaining to the rapidly growing issues of money laundering and other forms of financial crime. Around €100 billion in laundered money is moved around the German economy annually. AML Regulations have been in place for a very long time to combat money laundering. 

These started out with the regulations by the Paris-based global watchdog Financial Action Task Force (FATF) in the 1990s, but they have since changed and been implemented by numerous nations. Germany is a member of the EU and also abides by the Anti-Money Laundering Directives (AMLDs) of the European Parliament, which are codified in German law as the Geldwäschegesetz (GWG).

Germany’s BaFin and the GWG Act 

BaFin is the regulatory organisation in Germany responsible for monitoring and enforcing the compliance of financial institutions with KYC/AML laws. Despite the fact that AML compliance is required by law, institutions should follow compliance guidelines for a variety of key reasons. Following the rules enables safeguards banks, FinTech firms, and their clients from harm and is likely to improve the reputation and reliability of the business in the process.

After being first adopted in 1991, the AMLD legislation has undergone a number of amendments, each of which has increased regulation and coverage in addition to addressing changes in criminal behaviour and technological advancements. As with previous revisions, the most recent 5AMLD and 6AMLD laws were implemented in 2020 and 2021 and made notable advancements, including a stronger emphasis on Politically Exposed Person (PEP) screening and sources of money, while fostering consistency and understanding throughout the EU. 

The GWG Act was revised numerous times in Germany to accommodate amendments to the AMLD rules, most recently to match the new standards for enforcement and punishment under 6AMLD. The Federal Financial Services Authority, often known as BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht), is a regulatory agency in Germany that reports to the Ministry of Finance and has a head chosen by the Federal Government. Apart from overseeing KYC/AML compliance measures, BaFin is also in charge of licencing financial institutions, regulating audits and financial statements, enforcing financial institutions’ fines, and defending consumers.

Germany AML Compliance Regime 

GWG, which oversees all facets of AML and KYC legal compliance, implements AML law in Germany. These include:

• Money laundering and AML definitions, activities, and required parties
• Requirements for monitoring, risk analysis, and customer due diligence
• Requirements for reporting and escalating suspicious activities
• the participation of Germany’s Financial Intelligence Unit (FIU), which is in charge of investigating and documenting questionable transactions 
• Regulation and criminal responsibility

The technological implementation of AML procedures is one area where country-specific legislation can differ greatly. AML requirements are governed by the AMLD, but neither document specifies the technologies to be used nor the amount of automation that is allowed. By only allowing automated verification via video review, which necessitates a Qualified Electronic Signature (QES) and a minor bank transfer as part of onboarding, BaFin adopts a more cautious approach than other regulators, such as the UK’s Financial Conduct Authority.

How Financial Institutions Can Implement KYC/AML Checks

The eKYC procedures must follow regulatory rules and include the three essential components listed above because the majority of new banking customers in Germany are onboarded and confirmed online. Gathering identification documents and ensuring their legality by ensuring the customer’s identity matches that of the document are necessary for identity verification and client onboarding. Online, this is occurring more frequently in completely or partially automated processes.

CDD is necessary for all new business relationships (whether this is a person or business). It must also be done under a number of scenarios that BaFin lists, such as when a customer’s circumstances change or when there are suspicious or large transactions (over €15,000). More Enhanced Due Diligence (EDD) must be carried out and risk assessment systems must be in place when risk is deemed to be high. Following are some of BaFin’s suggestions about EDD causes:

1. Complex or suspicious transactions, particularly those that are aberrant or seem to have no purpose other than financial ones, or the identification of a client’s or company’s beneficial owner as a PEP. 
2. Relationships or affiliations with businesses that are based in high-risk areas or those that have been designated as such.

BaFin specifies a variety of rules for carrying out EDD as necessary. These include expanding inquiries into financing sources and commercial relationships, improving monitoring, and involving senior management in decision-making. German KYC/AML laws differ significantly from those of other nations in a number of important ways. Financial companies operating in Germany must ensure the use of video KYC for identity verification.

In fact, Germany was among the first nations in 2014 to permit video onboarding. BaFin does not permit the use of AI and biometric identity verification, but other regulators (including the UK) do. However, it is still thought of as the standard in Germany. BaFin has strict standards for video identification procedures, including the need for end-to-end, uninterrupted video identification across encrypted channels in real-time. Additional requirements include lighting requirements, employee identification training, and video quality standards.

GWG standards further protect the use of bank transfers and KYC/AML measures. When onboarding and validating a new customer, a small bank transfer from a recognised German account must be used as verification support. This makes it simpler to open additional accounts in Germany while maintaining a high degree of protection. Scanning ID cards with NFC Identity cards are frequently used in the Nordic nations, although they are rarely used in the UK. However, all German residents now receive identity cards, which can be used as a verification method in Germany.

What Shufti Offers

The GWG Act outlines a risk-based AML strategy that necessitates the creation of a process for identifying and mitigating fraud risks. These procedures must be followed by all concerned personnel and integrated into the organisational infrastructure in financial institutions. BaFin provides guidelines and standards for staff AML training, but it is up to the businesses to choose the most effective training schedule and approach.

Additionally, procedures must be in place for the internal and external reporting of questionable consumers and transactions. Such instances must be reported to the Financial Intelligence Unit in Germany (FIU). Shufti is a UK-based IDV provider that offers a robust AI-powered AML screening solution for real estate businesses enabling them to remain compliant with industry-specific regulations. Businesses can effortlessly identify suspicious and high-risk customers by cross-checking them against 1700+ watchlists to stay compliant with global due diligence standards. 

Find out how businesses can comply with Germany’s regulations