Netherlands Act on the prevention of money laundering and terrorist financing

6 August 2008
Harold Pernot, CAMS

On August 1st, 2008 a new law on the prevention of money laundering and terrorist financing ("WWFT") entered into force in The Netherlands. The WWFT ("Wet ter voorkoming van witwassen en financieren van terrorisme") is the Dutch implementation of the third EU Directive on money laundering. As in other EU member states the WWFT gives room for numerous challenges to financial institutions. Internal processes and procedures should become reorganized and consequently IT processes should be aligned accordingly.

This article reiterates the importance of having detailed appropriate and accurate data available for monitoring purposes. Factual data, data on customers' characteristics and data on customers' transactional behavior plays a key role under the third EU Directive and all its EU member states laws on national implementations. 

Data, information and intelligence within the EU 3rd Directive
The third EU Directive implicates financial institutions should have appropriate customer due diligence measures in place. These measures should be based on a risk based approach applied to its customer base and products offered. All customers and all customers' usage of products and services should continuously be assessed in terms of risk exposure.

Aspects like customers, products, channels and the origin / destination through which these products and services are offered, all have a broad set of characteristics which all influence the level of risk exposure to a financial institution.

The availability and quality of a financial institution's data for monitoring purposes has always been a crucial factor in achieving successful results with automated monitoring and detection systems. Therefore from a high level perspective when performing a comprehensive risk assessment aiming to utilize data for monitoring purposes the following should be taken into account:

• Data: the possibility to extract quality data from core back office systems, the meaning, definition and mapping to an aggregate data level for monitoring purposes;
• Information: laid down within documents, for example structured and unstructured data on a customers' identity file, source of wealth statements, information regarding the ultimate beneficial owner, the concern structure, the anticipated transactions, and;
• Intelligence: reliable and independent sources (for example Chamber of Commerce extracts and the verification to the e-CTFSL of the EU).

Ongoing monitoring
In order to be in control and compliant with the new law, financial institutions have to improve the availability and quality of data. The extent and level of effective mitigating measures already in place within the business lines of a financial institution defines the extent and type of monitoring that should be taken in account. It is reiterated that "ongoing monitoring" of all customers' business relationships and of all the customers' activity is an essential element of customer due diligence. "Ongoing monitoring" should be embedded in processes, procedures and controls. Ongoing monitoring  should therefore be applied throughout the entire duration of a customers' relationship with a financial institution.

High level and detailed level
Aggregated client and transactional data plays an important role in achieving an overall high level view of a financial institution's risk exposure. Besides a high level view it is also necessary, in case of an investigation, to have a detailed view of the customers' activity. Due to the new law, the combined usage of customer data and transactional data for monitoring purposes will therefore increase significantly.

The WWFT is illustrative to other EU member states and indicates new requirements which are in line with other EU member states, to process data in order to effectively support continuous risk monitoring.