Source: OJ L, 2024/1620, 19.6.2024Current language: EN
- Anti-money laundering
Basic legislative acts
- Anti-money laundering authority regulation (AMLAR)
Article 90 Reporting of breaches and protection of reporting persons
Summary What does Article 90 of the Anti-money laundering authority regulation (AMLAR) say?
This article establishes the Authority's whistleblowing infrastructure.
It requires the Authority to maintain dedicated reporting channels for individuals who wish to report actual or potential breaches of the key AML/CFT regulations and directives, covering obligations applicable to financial institutions, supervisory authorities, self-regulatory bodies, and FIUs.
The article also connects to the broader EU whistleblower protection framework by extending the protections of Directive (EU) 2019/1937 to those who report through these channels.
Finally, it gives the Authority a follow-up power in relation to non-financial sector supervisory authorities, allowing it to request information on how they handled breach reports they received.
Important points:
- The Authority is required to establish dedicated reporting channels for breaches of AML/CFT rules across financial institutions, supervisory authorities, self-regulatory bodies, and FIUs.
- Persons reporting through these channels, as well as the persons concerned, are protected under Directive (EU) 2019/1937 where applicable.
- Non-financial sector supervisory authorities are required to provide the Authority with follow-up information on reports they received, but must not disclose information that could identify the reporting person.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
The Authority shall have in place dedicated reporting channels for receiving and handling information provided by persons reporting actual or potential breaches of:
Regulation (EU) 2024/1624, insofar as the requirements applicable to credit institutions and financial institutions are concerned;
Regulation (EU) 2023/1113;
Directive (EU) 2024/1640, insofar as the requirements applicable to supervisory authorities, self-regulatory bodies in the exercise of supervisory functions and FIUs are concerned.
The persons reporting through those channels and the persons concerned shall enjoy the protection of Directive (EU) 2019/1937, where applicable.
Following the submission of reports pursuant to Article 60(4) of Directive (EU) 2024/1640 by supervisory authorities in the non-financial sector, the Authority shall be able to request additional information from those supervisory authorities on how they followed up on the reports received. Those supervisory authorities shall promptly provide the requested information but shall not disclose information that may lead to the identification of the reporting person.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
crypto-asset services
Definition
supervisor
Definition
financial mixed activity holding company
Definition
crypto-asset service provider
Definition
credit institution
- a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;
- a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
crypto-asset
Definition
property
Definition
financial institution
- an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32), including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;
- an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33), insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;
- an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;
- an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34);
- a collective investment undertaking, in particular:
- an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;
- an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;
- a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35);
- a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37);
- a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;
- a crypto-asset service provider;
- a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
self-regulatory body
Definition
third country
Definition
funds
Definition
supervisory authority