Name
Global FinTech Guide
Country _ Name
Germany
SectionTitle
KYC requirements
Body
The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

In Germany, the anti-money laundering regulation (GeldwäschegesetzGwG) constitutes the regulatory framework regarding AML. It has first come into force in 1993 and has been heavily influenced by European legislation since.

National regulator or relevant authority for AML controls

For FinTechs, the relevant authority for AML controls in Germany is the Federal Financial Supervisory Authority (Bundesanstalt für FinanzdienstleistungsaufsichtBaFin).

Customer Due Diligence

Conduct of a typical KYC identification process

Customers or clients need to be identified by the obliged company. Usually, this must take place before the business relationship is established. According to Section 11 para 4 GwG, several personal details must be obtained:

  1. In the case of a natural person –
    2. a) (all) first name(s) and last name;
    b) place of birth;
    c) date of birth;
    d) nationality; and
    e) a residential address or, if there is no fixed abode with legal residence in the European Union and the verification of identity is carried out within the framework of the conclusion of a basic account agreement within the meaning of Section 38 of the Payment Accounts Act, the postal address at which the contracting party, as well as the person acting vis-à-vis the obliged party can be reached.

  2. In the case of a legal entity or a partnership –
    a) company name, name, or designation;
    b) legal form;
    c) registration number, if any;
    d) address of the registered office or principal place of business; and
    e) the names of the members of the representative body or the names of the legal representatives and, if a member of the representative body or the legal representative is a legal entity, from this legal entity the data under letters (a) to (d).
Usually, the identification procedure must be conducted in person. However, a face-to-face video-identification is sufficient.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

Customer due diligence can be outsourced to a third party. In principle, the third party must be obliged by law to meet AML regulations as well. However, the responsibility for fulfilling the general due diligence obligations remains with the obliged party.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

It is possible to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these. However, the contractual third party must meet the AML regulations. The obliged party must ensure that the third party is reliable. The actions of such a third party are attributed to the obliged party as its own actions.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence

In general, there is no need for the outsourcing company to acquire a license. However, if the outsourcing company is an obliged company according to the GwG itself because it has a licence, there is no need for an outsourcing contract or reliability check regarding th

Authors

Close

Choose country