Source: OJ L 150, 9.6.2023, pp. 1–39Current language: EN
- Anti-money laundering
Basic legislative acts
- Transfer of funds regulation (TFR)
Article 28 Administrative sanctions and measures
Summary What does Article 28 of the Transfer of funds regulation (TFR) say?
This article establishes the enforcement framework for breaches of the Regulation, placing the obligation on Member States to create and implement a regime of administrative sanctions and measures.
It aligns with the broader sanctioning framework already set out in Directive (EU) 2015/849, ensuring consistency across the AML/CFT landscape.
The article also extends liability beyond the institution itself, reaching individual members of management bodies and natural persons responsible for a breach, as well as legal persons whose leadership either committed or failed to prevent the breach.
Competent authorities are given the necessary powers to enforce these rules, including through cooperation with other authorities in cross-border situations.
Important points:
- Member States are required to establish administrative sanctions that are effective, proportionate, and dissuasive, and must notify these rules to the Commission and the relevant AML/CFT committee.
- Sanctions can be applied not only to payment service providers and crypto-asset service providers as entities, but also to individual members of their management body and other responsible natural persons.
- Competent authorities are required to cooperate closely when exercising their sanctioning powers, particularly in cross-border cases.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Without prejudice to the right to provide for and impose criminal sanctions, Member States shall lay down the rules on administrative sanctions and measures applicable to breaches of the provisions of this Regulation and shall take all measures necessary to ensure that they are implemented. The sanctions and measures provided for shall be effective, proportionate and dissuasive and shall be consistent with those laid down in accordance with Chapter VI, Section 4, of Directive (EU) 2015/849.
Member States may decide not to lay down rules on administrative sanctions or measures for breach of the provisions of this Regulation which are subject to criminal sanctions in their national law. In that case, Member States shall communicate to the Commission the relevant criminal law provisions.
Member States shall ensure that, where obligations apply to payment service providers and crypto-asset service providers, in the event of a breach of provisions of this Regulation sanctions or measures can, subject to national law, be applied to the members of the management body of the relevant service provider and to any other natural person who, under national law, is responsible for the breach.
Member States shall notify the rules referred to in paragraph 1 to the Commission and to the permanent internal committee on anti-money-laundering and countering terrorist financing referred to in Article 9a(7) of Regulation (EU) No 1093/2010. Member States shall notify the Commission and that permanent internal committee without undue delay of any subsequent amendments thereto.
In accordance with Article 58(4) of Directive (EU) 2015/849, competent authorities shall have all the supervisory and investigatory powers that are necessary for the exercise of their functions. In the exercise of their powers to impose administrative sanctions and measures, competent authorities shall cooperate closely to ensure that those administrative sanctions or measures produce the desired results and to coordinate their action when dealing with cross-border cases.
Member States shall ensure that legal persons can be held liable for the breaches referred to in Article 29 committed for their benefit by any person acting individually or as part of an organ of that legal person, and having a leading position within the legal person based on any of the following:
power to represent the legal person;
authority to take decisions on behalf of the legal person;
authority to exercise control within the legal person.
Member States shall also ensure that legal persons can be held liable where the lack of supervision or control by a person referred to in paragraph 5 of this Article has made it possible to commit one of the breaches referred to in Article 29 for the benefit of that legal person by a person under its authority.
Competent authorities shall exercise their powers to impose administrative sanctions and measures in accordance with this Regulation in any of the following ways:
directly;
in collaboration with other authorities;
under their responsibility by delegation to such other authorities;
by application to the competent judicial authorities.
In the exercise of their powers to impose administrative sanctions and measures, competent authorities shall cooperate closely in order to ensure that those administrative sanctions or measures produce the desired results and to coordinate their action when dealing with cross-border cases.
Relevant recitals
Recital 55 Enhanced sanctioning powers to improve compliance
In order to improve compliance with this Regulation, and in accordance with the Commission Communication of 9 December 2010 entitled ‘Reinforcing sanctioning regimes in the financial services sector’, the power to adopt supervisory measures and the sanctioning powers of competent authorities should be enhanced. Administrative sanctions and measures should be provided for and, given the importance of the fight against money laundering and terrorist financing, Member States should lay down sanctions and measures that are effective, proportionate and dissuasive. Member States should notify the Commission and the permanent internal committee on anti-money-laundering and countering terrorist financing referred to in Article 9a(7) of Regulation (EU) No 1093/2010 thereof.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
crypto-asset services
Definition
supervisor
Definition
funds
Definition
electronic money
Definition
crypto-asset
Definition
payment service provider
Definition
payment account
Definition
transfer of funds
- a credit transfer as defined in Article 4, point (24), of Directive (EU) 2015/2366;
- a direct debit as defined in Article 4, point (23), of Directive (EU) 2015/2366;
- a money remittance as defined in Article 4, point (22), of Directive (EU) 2015/2366, whether national or cross-border;
- a transfer carried out using a payment card, an electronic money instrument, a mobile phone or any other digital or IT prepaid or postpaid device with similar characteristics;
Definition
property
Definition
management body
Definition
crypto-asset
Definition
competent authority
- a Financial Intelligence Unit (FIU);
- a supervisory authority;
- a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;
- a public authority with designated responsibilities for combating money laundering or terrorist financing;
Definition
terrorist financing
Definition
terrorist financing
Definition
crypto-asset service provider
Definition
money laundering
Definition
payee
Definition
self-regulatory body
Definition
third country
Definition
supervisory authority
Definition
payer
Definition
money laundering