Country _ Name
SectionTitle
KYC requirements
Body
The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

The Italian regulatory framework concerning AML derives from the implementation of the applicable EU Directives. The first anti-money laundering Directive was implemented in 1991. Currently, the main legislative source in Legislative Decree no. 231/2007, frequently amended in the following years, most recently in 2021. In particular, the most significant changes to this Legislative Decree were introduced in 2017 and 2019 in order to transpose, respectively, the fourth anti-money laundering Directive (no. 2015/849), later furtherly completed by the Fifth Directive (no. 2018/843).

Alongside Legislative Decree no. 231/07, several secondary regulations adopted by regulatory authorities are in force.

National regulator or relevant authority for AML controls

The main responsibility for implementing statutory AML provision is entrusted to the Ministry of Economy and Finance (MEF), which also has the power to impose sanctions (administrative fines, in addition to criminal sanctions issued by courts). The MEF further plays a key role in providing guidelines and interpretation of applicable provisions. The Financial Intelligence Unit (an autonomous body established within the Bank of Italy) has operational tasks relating to combating money laundering. Other entities having specific AML functions are sectoral supervisory authorities (e.g. over insurance companies or banks) and self-regulatory bodies (e.g. the national bar association).

Customer Due Diligence

Conduct of a typical KYC identification process

The modalities for the performance of customer due diligence are set forth by Legislative Decree no. 231/07, although the scope and extent of the customer due diligence depends on the risk level – simplified measures are allowed for low risk and strengthened measures must be adopted in the event of high risk. As from 2017, obliged entities enjoy a certain degree of discretion in defining the simplified and strengthened due diligence measures.
This being said, the customer due diligence process must in any case include the following steps: (i) the identification and verification of the customer and of the beneficial owner; (ii) the acquisition of information on the purpose and nature of the business relationship; (iii) the ongoing monitoring of the business relationship; and (iv) the limit at EUR 3,000.00 Euro for cash payments, with some lower thresholds for certain specific reasons of payment (Article 49, Legislative Decree no. 231/2007).

As a general rule, the identification of the customer and of the beneficial owner must be performed face-to-face, namely with the physical presence of the customer or of the executor (i.e. the person acting in the name and on behalf of the customer). There are, however, some exceptions, including clients whose identification data result from public deeds and clients with a digital identity or a digital signature certificate having specific features. Moreover, sectoral supervisory authorities may introduce further exceptions, based upon the development of distance identification techniques.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

It is possible to outsource customer due diligence to a third party who is obliged by law to comply with AML regulations.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by

Authors

Close

Choose country