Art. 11 Sharing and processing of customer data within the group or with the obliged entity | RTS on group-wide minimum requirements and additional measures for third-country subsidiaries and branches | AML

1. Where the parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; in the Union or an obliged entity identifies that the law of a third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; does not permit or restricts the application of Regulation (EU) 2024/1624 by a subsidiary or a branch when it comes to the sharing of customer information referred to in Article 4 of this Regulation for anti-money laundering and countering the financing of terrorism purposes within the groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; or with the obliged entity, it shall at least:
  1. inform the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member State without undue delay and in any case no later than 28 calendar days of the following:
    the name of the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; concerned;
    how the application of the law of the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; concerned does not permit or restricts the sharing or processing of customer data for anti-money laundering and countering the financing of terrorism purposes;
  2. ensure that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; determine whether consent from their customers and, where applicable, their customers’ beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;, can be used to legally overcome the restrictions or prohibitions referred to in point (a)(ii);
  3. ensure that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; require their customers and, where applicable, their customer’s beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;, to provide consent to overcome restrictions or prohibitions referred to in point (a)(ii) to the extent that this is compatible with the law of the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;.
1. In cases where obtaining the consent referred to in point (c) of paragraph 1 is not feasible, the parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; in the Union or the obliged entity shall apply one or more of the additional measures set out in points (a) to (c) of Article 15.
1. Where a parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; in the Union or an obliged entity cannot effectively manage the risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; by applying the measures referred to in paragraphs 1 and 2, it shall close down some or all of the operations provided by their branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;.
1. The parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; in the Union or the obliged entity shall always determine the extent of the required additional measures set out in paragraph 2 and 3 of this Article on a risk-sensitive basis and shall inform without undue delay the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member State that the extent of the additional measures is appropriate in view of the risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;.