Source: OJ L, 2024/1624, 19.6.2024Current language: EN
- Anti-money laundering
Basic legislative acts
- Anti-money laundering regulation (AMLR)
Article 22 Identification and verification of the identity of customers and beneficial owners
Summary What does Article 22 of the Anti-money laundering regulation (AMLR) say?
This is a detailed, foundational article that sits at the heart of the customer due diligence framework established by Article 20, fleshing out exactly what information obliged entities must collect and how identity verification must be carried out.
It sets out minimum identification data requirements that vary depending on the type of customer — natural persons, legal entities, trustees of express trusts, and other legally capable organisations each have their own tailored list of required information.
The article also addresses situations where no beneficial owner can be identified, directing obliged entities to instead identify senior managing officials, with a carve-out where doing so might alert the customer to the entity's suspicions.
Notably, credit and financial institutions face additional obligations specific to virtual IBANs, and the article closes with permitted methods for identity verification, including physical documents and electronic identification means.
Important points:
- Collect customer identification data — the specific fields required vary based on whether the customer is a natural person, legal entity, trustee, or other organisation.
- Where no beneficial owner can be identified after exhausting all means, identify and verify the senior managing officials of the legal entity instead, unless doing so risks tipping off the customer.
- Verify the identity of beneficial owners by consulting the central registers, in addition to any other verification means used.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
With the exception of cases of lower risk to which measures under Section 3 apply and irrespective of the application of additional measures in cases of higher risk under Section 4 obliged entities shall obtain at least the following information in order to identify the customer, any person purporting to act on behalf of the customer, and the natural persons on whose behalf or for the benefit of whom a transaction or activity is being conducted:
for a natural person:
all names and surnames;
place and full date of birth;
nationalities, or statelessness and refugee or subsidiary protection status where applicable, and the national identification number, where applicable;
the usual place of residence or, if there is no fixed residential address with legitimate residence in the Union, the postal address at which the natural person can be reached and, where available the tax identification number;
for a legal entity:
legal form and name of the legal entity;
address of the registered or official office and, if different, the principal place of business, and the country of creation;
the names of the legal representatives of the legal entity as well as, where available, the registration number, the tax identification number and the Legal Entity Identifier;
the names of persons holding shares or a directorship position in nominee form, including reference to their status as nominee shareholders or directors.
for a trustee of an express trust or a person holding an equivalent position in a similar legal arrangement:
basic information on the legal arrangement; however, with regard to the assets held in the legal arrangement or managed through it, only the assets that are to be managed in the context of the business relationship or occasional transaction shall be identified;
the address of residence of the trustees or persons holding an equivalent position in a similar legal arrangement and, if different, the place from where the express trust or similar legal arrangement is administered, the powers that regulate and bind the legal arrangement, as well as, where available, the tax identification number and the Legal Entity Identifier;
for other organisations that have legal capacity under national law:
name, address of the registered office or equivalent;
names of the persons empowered to represent the organisation as well as, where applicable, legal form, tax identification number, registration number, Legal Entity Identifier and deeds of association or equivalent.
For the purposes of identifying the beneficial owner of a legal entity or of a legal arrangement, obliged entities shall collect the information referred to in Article 62(1), second subparagraph, point (a).
Where, after having exhausted all possible means of identification, no natural persons are identified as beneficial owners, or where there are doubts that the persons identified are the beneficial owners, obliged entities shall record that no beneficial owner was identified and identify all the natural persons holding the positions of senior managing officials in the legal entity and shall verify their identity.
Where the performance of identity verification referred to in the second subparagraph may tip off the customer that the obliged entity has doubts regarding the beneficial ownership of the legal entity, the obliged entity shall abstain from verifying the senior managing officials’ identity, and shall instead record the steps taken to ascertain the identity of the beneficial owners and senior managing officials. Obliged entities shall keep records of the actions taken as well as of the difficulties encountered during the identification process, which led to resorting to the identification of a senior managing official.
Credit institutions and financial institutions shall obtain information to identify and verify the identity of the natural or legal persons using any virtual IBAN they issue, and the associated bank or payment account.
The credit institution or financial institution servicing the bank or payment account to which a virtual IBAN issued by another credit institution or financial institution redirects payments, shall ensure that it can obtain from the institution issuing the virtual IBAN the information identifying and verifying the identity of the natural person using that virtual IBAN without delay and in any case within 5 working days of it requesting that information.
In the case of beneficiaries of trusts or similar legal entities or arrangements that are designated by particular characteristics or class, an obliged entity shall obtain sufficient information concerning the beneficiary so that it will be able to establish the identity of the beneficiary at the time of the payout or at the time of the exercise by the beneficiary of its vested rights.
In the case of discretionary trusts, an obliged entity shall obtain sufficient information concerning the objects of a power and default takers to enable it to establish the identity of the beneficiary at the time of the exercise by the trustees of their power of discretion, or at the time that the default takers become the beneficiaries due to the trustees’ failure to exercise their power of discretion.
Obliged entities shall obtain the information, documents and data necessary for the verification of the identity of the customer and of any person purporting to act on their behalf through either of the following means:
the submission of an identity document, passport or equivalent and, where relevant, the acquisition of information from reliable and independent sources, whether accessed directly or provided by the customer;
the use of electronic identification means which meet the requirements of Regulation (EU) No 910/2014 with regard to the assurance levels ‘substantial’ or ‘high’ and relevant qualified trust services as set out in that Regulation.
Obliged entities shall verify the identity of the beneficial owner and, where relevant, the persons on whose behalf or for the benefit of whom a transaction or activity is being carried out in either of the following ways:
in accordance with paragraph 6;
by taking reasonable measures to obtain the necessary information, documents and data from the customer or other reliable sources, including public registers other than the central registers.
Obliged entities shall determine the extent of the information to be consulted, having regard to the risks posed by the occasional transaction or the business relationship and the beneficial owner, including risks relating to the ownership structure.
In addition to the means of verification set out in the first subparagraph of this paragraph, obliged entities shall verify the information on the beneficial owners by consulting the central registers.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
Legal Entity Identifier
Definition
crypto-asset services
Definition
financial mixed activity holding company
Definition
virtual IBAN
Definition
crypto-asset service provider
Definition
objects of a power
Definition
credit institution
- a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;
- a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
crypto-asset
Definition
property
Definition
express trust
Definition
legal arrangement
Definition
financial institution
- an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32), including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;
- an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33), insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;
- an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;
- an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34);
- a collective investment undertaking, in particular:
- an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;
- an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;
- a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35);
- a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37);
- a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;
- a crypto-asset service provider;
- a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
third country
Definition
funds
Definition
beneficial owner
Definition
business relationship
Definition
basic information
- in relation to a legal entity:
- legal form and name of the legal entity;
- instrument of constitution, and the statutes if they are contained in a separate instrument;
- address of the registered or official office and, if different, the principal place of business, and the country of creation;
- a list of legal representatives;
- where applicable, a list of shareholders or members, including information on the number of shares held by each shareholder and the categories of those shares and the nature of the associated voting rights;
- where available, the registration number, the European Unique identifier, the tax identification number and the Legal Entity Identifier;
- in the case of foundations, the assets held by the foundation to pursue its purposes;
- in relation to a legal arrangement:
- the name or unique identifier of the legal arrangement;
- the trust deed or equivalent;
- the purposes of the legal arrangement, if any;
- the assets held in the legal arrangement or managed through it;
- the place of residence of the trustees of the express trust or persons holding equivalent positions in the similar legal arrangement, and, if different, the place from where the express trust or similar legal arrangement is administered;
Definition
default taker