Source: OJ L 150, 9.6.2023, pp. 1–39Current language: EN
- Anti-money laundering
Basic legislative acts
- Transfer of funds regulation (TFR)
Article 32 Reporting of breaches
Summary What does Article 32 of the Transfer of funds regulation (TFR) say?
This article addresses whistleblowing and breach reporting, operating on two levels simultaneously.
At the national level, it requires Member States to put in place mechanisms that encourage reporting of breaches to competent authorities.
At the firm level, it requires payment service providers and crypto-asset service providers to establish internal channels through which their employees can report breaches.
This article connects directly to the sanctions framework established in Articles 28 and 29, supporting enforcement by ensuring breaches can be surfaced both internally and to authorities.
Important points:
- Member States are required to establish effective mechanisms for reporting breaches to competent authorities, at minimum meeting the standards set out in Article 61(2) of Directive (EU) 2015/849.
- Establish internal procedures allowing employees to report breaches through a secure, independent, specific and anonymous channel.
- These internal reporting channels must be proportionate to the nature and size of your organisation, and set up in cooperation with competent authorities.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Member States shall establish effective mechanisms to encourage the reporting to competent authorities of breaches of this Regulation.
Those mechanisms shall include at least those referred to in Article 61(2) of Directive (EU) 2015/849.
Payment service providers and crypto-asset service providers, in cooperation with the competent authorities, shall establish appropriate internal procedures for their employees, or persons in a comparable position, to report breaches internally through a secure, independent, specific and anonymous channel, proportionate to the nature and size of the payment service provider or the crypto-asset service provider concerned.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
crypto-asset services
Definition
supervisor
Definition
funds
Definition
electronic money
Definition
crypto-asset
Definition
payment service provider
Definition
payment account
Definition
transfer of funds
- a credit transfer as defined in Article 4, point (24), of Directive (EU) 2015/2366;
- a direct debit as defined in Article 4, point (23), of Directive (EU) 2015/2366;
- a money remittance as defined in Article 4, point (22), of Directive (EU) 2015/2366, whether national or cross-border;
- a transfer carried out using a payment card, an electronic money instrument, a mobile phone or any other digital or IT prepaid or postpaid device with similar characteristics;
Definition
property
Definition
crypto-asset
Definition
competent authority
- a Financial Intelligence Unit (FIU);
- a supervisory authority;
- a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;
- a public authority with designated responsibilities for combating money laundering or terrorist financing;
Definition
terrorist financing
Definition
crypto-asset service provider
Definition
money laundering
Definition
payee
Definition
self-regulatory body
Definition
third country
Definition
supervisory authority
Definition
payer