Name
Global FinTech Guide
Country _ Name
Bosnia and Herzegovina
SectionTitle
KYC requirements
Body
The know-your-customer or know-your-client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

The Bosnian Anti-Money Laundering (AML) regulatory framework is set out in the Law on Prevention of Money Laundering and Financing Terrorist Activities of BiH, which was adopted in 2024 at the state level.

National regulator or relevant authority for AML controls

The Financial-Intelligence Department in the State Investigation and Protection Agency is the relevant authority.

Customer Due Diligence

Conduct of a typical KYC identification process

Pursuant to the applicable legislation, person under obligation (liable persons) – i.e. banks, post offices if providing payment services, , currency exchange offices, microcredit organization, leasing company, electronic money institution, authorized exchange offices, insurance company authorized to perform life insurance activities, insurance intermediary and representative engaged in the activity of intermediation or representation in insurance when concluding contracts for life insurance and other investment-related insurances, voluntary pension fund management company, stockbroker, custodian bank, investment fund management company, factoring company, provider of services related to virtual currencies, gambling organizer, trustee service provider or commercial company, public notaries, lawyers, accountants, auditors, tax consultant, real estate agencies, legal person and entrepreneur– performing the following activities: (i) money and value transfer service, (ii) issuing other means of payment and managing them, such as traveler's checks and bank drafts, if this activity is not a payment service within the meaning of the law regulating payment transactions, (iii) issuing guarantees, (iv) investing, administering, or managing assets for another person and providing advice in this regard, (v) safe deposit box rental, (vi) forfeiting, (vii) lending, crediting, offering, and brokering in loan negotiations, (viii) buying or selling real estate or business entities, (ix) managing money, securities, or other assets for clients, (x) opening or maintaining accounts at a bank, including bank accounts, savings deposits, or securities accounts, (xi) collecting funds necessary for the establishment, operation, and management of business entities and (xii) establishing, operating, or managing a business entity, managing trusts, foundations, or similar structures. - (xiii) trade in precious metals and stones and products made from these materials; (xiv) trading with work of art, , are obliged to take measures to identify and monitor the client when:

  • Establishing a business relationship with a client;
  • Performing a transaction amounting to or exceeding BAM 30,000 (approx. EUR 15,000), irrespective of whether it concerns one (1) transaction or more connected transactions;
  • Performing occasional transactions involving the transfer of funds amounting to BAM 2,000 (approx. EUR 1,000) or more;
  • The existence of doubts on the credibility and adequacy of previously obtained information about the client or the beneficial owner;
  • Existence of doubts on money laundering or terrorist financing activities related to the transaction or the client, regardless of the amount of the transaction.


The measures of identification and monitoring include: (i) identification and authentication based on clients documents, data or information obtained from a credible and objective source; (ii) determining the actual owner; (iii) obtaining information about the objective and the purpose of a business relationship or transaction, as well as other information prescribed by the relevant legislation; (iv) regular monitoring of business activities of the client by the person under obligation, (v) determining whether a client is a politicly exposed person (PEP)

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

Under conditions prescribed by the relevant legislation, identification of the client and the beneficial owner of the client, as well as the collection of data on the purpose and the anticipated nature of the business relationship or the transaction, may be entrusted to third parties. Prior entrusting the identification procedure to a third person, the liable person is obliged to check whether a third person meets the conditions set out by the relevant legislation. However, the person under obligation still continues to bear the responsibility for the identification procedure. The obligor must not accept the performance of certain actions and measures of identification and monitoring of a client from a third party if that person has determined and verified the client's identity without his presence. By entrusting a third person with undertaking certain measures and activities of client identification and monitoring, the liable person is not waived of the responsibility for correct implementation of measures and activities.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

No, the Law on Prevention of Money Laundering and Financing Terrorist Activities of BiH specifically states that the third person is obliged to meet AML regulations.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence
Pursuant to the Law on Prevention of Money Laundering and Financing Terrorist Activities of BiH third persons are: banks, , insurance companies which have a license for performing life insurance business, leasing companies, microcredit organizations, post offices if they provide payment services.. The aforementioned law prescribe that these third parties need to (i) apply the requirements of client identification and tracking and record keeping requirements which are the same or stricter in relation to the requirements that are in force in BiH and (ii) whose compliance with the requirements of prevention of money laundering and financing terrorist activities are monitored regularly and continuously by competent authorities in the countries of their seat, on the manner and extent in which competent authorities supervise AML persons under obligation in BiH.

Further questions

Entities that could be relied on specifically by law as a third party to comply with AML regulations (regardless of outsourcing)



credit institutions
financial institutions
auditors, external accountants, and tax advisors
notaries and other independent legal professionals
other trust or company service providers
estate agents
other persons trading high-value goods
providers of gambling services
banks, , insurance companies which have a license for performing life insurance business, leasing companies, microcredit organizations, post offices if they provide payment services



Authors

Close

Choose country