In September and October of this year, the Estonian FIU conducted two information sessions to explain the requirements and obligations of the contact person of obliged companies (companies with an operating license according to MLTFPA of Estonia).
Additionally, the Regulator focused on how virtual currency service providers should implement due diligence measures in correspondent relationships with other financial institutions. About this important topic, we will provide a similar overview in our next post.
In this post, we will provide a brief overview of what FIU expects from the contact person and highlight the main shortcomings identified in the surveillance of the contact person’s duties.
We rely on the materials sent by FIU to the participants, along with my own comments, to provide the main talking points.
The legal regulation of the FIU contact person is stipulated in the MLTFPA, and we will not delve into it here.
FIU emphasized that the contact person can only be a person who primarily meets the stipulated requirements and is approved by FIU. This means that only this person can send reports to FIU and communicate with them officially.
The idea is that only a person who meets high standards and has passed the approval round can be a partner of FIU. As a result, the contact person appointment has four stages:
1. Sending documents (CV, certificates, etc.) to FIU
2. FIU invitation to a meeting with FIU representative
3. Suitability interview
4. Approval (legal document)
During the meeting, FIU checks whether the candidate:
- Has theoretical knowledge of RahaPTS and RSanS (Int Sanction Act)
- Is familiar with the specifics of the company, its organization, and business activities
The role of the contact person in preventing money laundering and terrorist financing:
- The contact person is classically positioned in the 2nd line of defense.
- Good knowledge of the obligee's business activities and the associated risks.
- Good knowledge of risks and typologies related to money laundering and terrorist financing and financial sanctions.
- Access to systems and data of the obligated person and its analysis.
- Submitting reports about suspected money laundering and terrorist financing.
Deficiencies identified in the surveillance of the contact person’s duties:
- Failure to identify situations with suspicion of money laundering and/or terrorist financing and failure to report to FIU.
- The contact person cannot access the data necessary for their work.
- The contact person does not know his rights and obligations.
- There are no analyses/overviews related to money laundering and terrorist financing risks related to the company.
- Different understanding of due diligence measures by the contact person and the first line of defense employee implementation and risks.
- Inability and ignorance of the contact person to distinguish the materials necessary for the supervision procedure.
As we can see, understanding the responsibilities of contact persons of obliged entities in Estonia is crucial knowledge if one wants to have approval from FIU and get the business licensed. We are ready to help you navigate the legal landscape and can provide all necessary support in this matter.