FinTech identification services in Serbia may be performed only by licensed financial institutions. These activities may only be outsourced to other entity on the basis of the agreement concluded with the financial institution and after the NBS is duly informed on all ancillary documents and draft outsourcing agreement.
Performing those activities is not licensable activity, but may be performed only in cooperation with the financial institution.
There is no market for identification services since they may be performed only by licenced financial institutions as noted above.
Further regulation and market expansion in this area is expected.
I. Regulatory Framework
Serbian national regulatory framework with respect to AML represents the Law on Prevention of Money Laundering and Financing Terrorism (“AML Law”) which became effective as of 1 April 2018.
The AML Law is significantly harmonized with the EU Directive 2015/849 (4th AML Directive) unlike the previous AML Law from 2009.
National regulator: Administration for the Prevention of Money Laundering is relevant and main authority for AML controls in Serbia.
Also, National Bank of Serbia and Republic of Serbia Securities Commission take a part in monitoring of implementation the AML Law.
II. Customer Due Diligence (Know your customer identification)
Process: Know-your-customer (“KYC”) requirements in Serbia are primarily regulated by the AML Law. KYC is typically conducted through the following actions and measures of KYC:
- identifying the customer;
- verifying the identity of the customer based on documents, data, or information obtained from reliable and credible sources;
- identifying the ultimate beneficial owner and verifying their identity in the cases specified within AML Law;
- obtaining and assessing the credibility of information on the purpose and intended nature of a business relationship or transaction, and other data in accordance within AML Law;
- obtaining and assessing the credibility of information on the origin of property which is or which will be the subject matter of the business relationship or transaction, in line with the risk assessment;
- regularly monitoring business transactions of the customer and checking the consistency of the customer’s activities with the nature of the business relationship and the usual scope and type of the customer’s business.
The precedingly mentioned actions and measures of KYC are conducted when establishing a business relationship that is expected to last, in case of transactions exceeding EUR 15,000, when transferring the monetary mean, when there are reasons for suspicion of money laundering or terrorism financing with respect to a customer or transaction and when there are doubts as to the veracity or credibility of the obtained customer data.
The AML Law prescribes that customer’s identification data shall be obtained by an insight into the original or certified copy of the documentation from the register kept by the competent authority of the country of the customer's registered seat. Such documentation shall not be older than three to six months (three months for determining the identity of the client and six months for determining identity of the ultimate beneficial owner) from the date of issuance.
The identification data may be also obtained by direct insight into the register maintained by the competent authority of the country of the customer's registered seat or other official public register.
If it is not possible to obtain all the data from the official public register, the missing identification data shall be obtained from the original document or certified copy of the document or other business documentation submitted by the customer. If certain missing data cannot, for objective reasons, be determined in the prescribed manner, it shall be determined on the basis of a written statement submitted by the customer.
Although the AML Law sets certain principles for verification of customer’s identity electronically, currently in practice obligors under AML Law do not allow non-face to face verification. The AML Law provides for the exception when the transaction may be executed or a customer business relationship established through its proxy, in such case the identity of the proxy would have to be verified in person. Moreover, in this case the obligors under AML Law shall perform enhanced customer due diligence measures.
Another exception provided under the AML Law is that the customer’s identity may be verified on the basis of qualified electronic signature issued by the certified body in the Republic of Serbia or an equivalent foreign qualified certificate. However, obtaining qualified electronic signature in Serbia requires personal presence, while the use of foreign qualified electronic signatures has not been tested in practice yet.
Finally, the National Bank of Serbia recently adopted a new bylaw regulating the manner of customer identity verification by means of electronic communication and with no personal presence of the respective customer in certain cases. The National Bank of Serbia prescribes non-face-to-face identification procedures only for regulated entities such as banks, insurance and financial leasing companies, etc.
It is possible to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations.
Third party entities:
- Credit institutions
- Financial institutions
- Auditors, external accountants and tax advisors
- Other trust or company service providers
- Brokerage and factoring companies
It is not legally permitted to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these.
License or registration requirements: No license or registration requirements are prescribed under the AML Law, therefore, outsourcing customer due diligence to other third parties who are not obligors of the AML Law is not allowed under Serbian regulations.
I. Specific Form Requirements
Serbian law which governs electronic documents prescribes a possibility of hard-copy documents’ digitalization and, under condition that the digitalization is performed in a procedure envisaged by the law, a digital copy has the same evidence strength as the original hard-copy document. If the law requires specific written form of the document, such as notarial deed form for transfer of real estate, it cannot be replaced by any other equivalent form of the document.
The electronic document cannot be denied validity, probative force, or written form only because it is in electronic form.
Conclusion of loan agreement: Serbian Law on Obligations makes a difference between loan contract and credit contract. While loan contract does not entail any formal requirements, credit contract has to be concluded in written form.
Credit contract could be concluded only between a bank (or some other financial institution) and its client. Whilst loan contract could be concluded between any individual or legal entity.
Although written form is not explicitly provided for the loan contract, in practice these are also concluded in the written form. Credit and loan contract with foreign entities are subject to reporting procedure with the National Bank of Serbia for which the requirement of written form is prescribed.
Conclusion of contracts by electronic signature: In Serbia, the competent authorities for issuing qualified electronic signatures are qualified service providers of trust, which need to be registered before the registry of qualified service providers of trust (“Registry”), however o license is required. In order to perform inscription within the Registry, the certain documents need to be submitted, such as: (i) decision of the competent authority on the entry in the companies registry; (ii) the conformity assessment report issued by the conformity assessment body (conditions for the conformity are for example: engaging employees with relevant qualifications and obtaining insurance against liability for damage resulting from business activity, etc.); and (iii) general conditions for the provision of services, etc. The Ministry of Trade, Tourism and Telecommunications allows inscription following the fulfilment of the conditions.
The bodies registered before the Registry issue a qualified certificate for electronic signature (a plastic card similar to USB) and a qualified technical medium for creation of the electronic signature (hardware) on the basis of the request submitted by persons concerned. However, obtaining qualified electronic signature in Serbia requires personal presence.
A qualified electronic signature is created by placing the card (the qualified certificate for electronic signature) in the hardware (qualified technical medium for creation of the electronic signature).
In this respect, contracts are concluded by mutual exchange of electronic document containing all essential elements of the contract and qualified electronic signatures of the contracting parties.
Also, there is a legal obligation for the contracting parties to confirm receipt of an electronic document, sent by the other part.
In practice, conclusion of contracts by using a qualified electronic signature is not largely developed in Serbia.
Conclusion of an electronic contract that has to match with specific formal requirements is convenient in the country.
Legal consequences if formal requirements are not fulfilled: Serbian Law on Obligations prescribes formal requirements for several contracts it governs. The legal consequence for failure to comply with formal requirements is lack of legal effect. The sanction for lack of a form in some sense has been corrected if the contracting parties execute the contract in its entirety or predominant part of it. However, this legal remedy is not applicable if the prescribed form contains the other purpose. For example, a condition for validity of the contract on sale and purchase of the real estate is a written form. This means that when this contract is not concluded in the foreseen form, the fulfilment of obligations under the contract is without impact to the convalidation (as if the contract was concluded in the prescribed form) of the contract.
Also, the Law on Obligations identifies the situation when contracting parties agreed on formal requirement in their contract as a condition for validity of the contract. The legal consequence would be the same as in previous paragraph – lack of legal effect.
II. Procedure of Signing in Practice
Contractual agreements in B2B sector: Usually, contracts are signed by a handwritten signature. Although, the qualified electronic signature has the same legal effect as a handwritten signature, the contracts are rarely signed in this manner, due to the underdeveloped bylaws in this area. Therefore, the court’s ruling in case of a dispute would be rather questionable and inconclusive.
Contractual agreements in B2C sector: From the reasons explained above in B2B sector, in Serbian practice the contracts are usually signed by handwritten signature. This relates to all contracts concluded in the practice, such are loan, lease or sale and purchase contracts.