Lithuania AML Act application on blockchain and fintech business
Unlike the traditional financial system, digital currencies are particularly interesting for cybercriminals for anonymity and ease of cross border fund transfers. Thanks to its potential role in the monetary future, the regulative measures should match the emerging nature of virtual assets and risks that need to be mitigated. EU Regulators demand financial institutions to execute identity checks to verify their clients and to ascertain that they are not dealing with money laundering or terrorist financing. To implement EU Money Laundering Directive into it’s legislation, the government of Lithuania has amended its statutory regulations and by laws, specifically:
- on 23 July 2020, the Board of the Bank of Lithuania adopted Resolution No 03-106 on the requirements for electronic money institutions and payment institutions regarding internal control, risk management and safeguarding of received funds;
- on december 17, 2020, the amended provisions of article 10 and 11 of the Law on the Prevention of Money Laundering and Terrorist Financing, (hereinafter –”LPMLTF”) which established client due-diligence norms for both face-to-face and non-face to face identification requirements;
- on December 30, 2020, the Director of the Financial Crime Investigation Service (hereinafter –”FCIS”) adopted Order No V215 on the approval of technical requirements to perform the client’s due diligence process remotely using electronic means allowing to directly transmit the image.
Under LPMLTF, businesses are required to have the following mitigation measures in place:
- proper internal policies and control procedures to regularly identify, assess and manage the risk of money laundering and terrorist financing and monitor the competency of control processes;
- appointment of compliance manager to organise the implementation of anti-money laundering/countering financing of terrorism (AML/CFT) measures and to cooperate with the FCIS;
- employee awareness raising measures on the AML/CFT policies and valid legal provisions;
- implementation of company-wide AML/CFT policies.
Moreover, the financial operators dealing with virtual currencies should ensure appropriate “Know Your Customer” compliance procedures when physical presence is not feasible. Only in the following instances the financial service providers are allowed to non-face-to-face identification (to establish identity remotely) of the customer and/or beneficial owner:
- when using a personal data of the customer/beneficiary person from third parties;
- when using electronic identification schemes issued in EU with high or substantial assurance levels;
- when personal identification data is verified with a qualified e-signature affixed by a qualified signature certificate;
- enabling live video streaming by electronic means in either of two ways:
- original Identification papers is being recorded during direct video footage and the customer’s identity is confirmed via advanced e-signature;
- the image of the customer’s face and original ID presented by the customer is videotaped in the course of direct video streaming;
Entities administering Initial Coin Offering shall determine and verify the identity of the individual who is acquiring virtual currencies and beneficial owners, before conducting monetary operations in the amount of EUR 3,000 or more. Entities must also take appropriate steps to identify the origin of the property and money associated with business affairs or the transaction.
Virtual currency exchange operators should take necessary measures for identification of the customer and the beneficial owner and verification of their identity before conducting digital currency exchange operations and transfer of funds equal to EUR 1 000 or more (even if the transaction is executed in a single operation or for several times as long as these operations seem to be interconnected), except for the cases when the identity has already been established.
Under LPMLTF, entities engaged in financial services are bound by notification requirements, and timely monitoring shady and unusual monetary transactions that FCIS should be informed about.
Virtual currency exchange operators must notify FCIS when there is a financial operation equal or in excess of 15 000 EUR, or equal amount in foreign or digital currency, whether the financial transaction is executed in single or several linked operations.
Legal entities which have started or ended business activities of a virtual currency exchange operator or custodian wallet operator are required to notify the data processor of the register of legal entities within a period not later than 5 working days on the commencement and termination of their activities. Thereby, virtual currency exchange operators and custodian virtual currency wallet operators confirm that they and their management team are compliant with statutory requirements of AML/CFT policies.
As the business is going global, thanks to technological advancements, payments are now made 24/7. Our team advises on the progressive areas of e-transactions, blockchain and digital currency to help companies and new market participants to maintain regulatory compliance, implement best AML/CFT practices, governance arrangements and mitigation tools to address those risky areas of financial service.
Our team helps your business in the following matters:
- incorporate your company and establish financial entities;
- assistance in obtaining operating licenses from FCIS (payment institutions, electronic money, virtual currency exchange operator);
- open an account in a payment system or in a banking institution.
Manimama strives for excellence in every case to meet customer’s expectations.
The content of this article is intended to provide a general guide to the subject matter, not be considered as a legal consultation.
Author: Ganna Voievodina, a licensed attorney,
СЕО and co-founder of Manimama Legal & Growth Agency