We will be happy to answer your questions

By submitting an enquiry, you consent to the processing of your personal data. More at Privacy policy

We will be happy to answer your questions

By sending an inquiry, you consent to the processing of personal data. More in Privacy policy

AML procedure
(Anti-Money Laundering and Countering the Financing of Terrorism)

Implementation of procedures and support to the RPMS Office

in the field of AML

The obligation to implement anti-money laundering procedures applies to a wide group of entities known as obliged institutions. These are mainly entities related to the financial and insurance markets, but not only. Accountants, art galleries or real estate agents also fall into this category.

Check whether you need an internal AML procedure

The obligation to have an internal AML procedure stems from Article 50 of the AML and Terrorist Financing Law.

Pursuant to Article 50 of the AML Act, the obligation to have an internal AML procedure has been imposed on the obliged institutions indicated in the Act. The list of these entities is long and includes entities operating in industries that have been deemed particularly important in the AML process. According to the legislator, private entrepreneurs, who have the greatest knowledge of their customers and their cash flow, must be one of the links in the AML/CFT system. Without the assistance of obliged institutions, supervisors are unable to control the market in this respect, and it is therefore mandatory for these entities to have an AML procedure.

AML implementation in three steps

To implement an AML procedure in an institution, you must
01

Draw up an internal AML/CFT procedure with the necessary annexes

02

Conduct a risk assessment of money laundering and terrorist financing in your business.

03

Analyse who in your business will perform AML and terrorist financing duties and ensure that they attend AML training.

The issues surrounding risk analysis and internal AML procedure are complex. It is not made any easier by the fact that making mistakes in this area can cost you a lot.

You do not have to deal with this yourself. We will implement AML procedures for you. We will carry out the necessary changes, staff training and ensure compliance with AML regulations at your institution. Benefit from the support of our specialists:

Solutions for the implementation of AML procedures

We carry out implementations as part of: (A) packages or (B) dedicated solutions:

Ready-made packages for mandatory institutions

Packages include service:

  • virtual currency exchange,
  • traditional currency exchange,
  • estate agents,
  • accounting offices.

Why can this be prepared as a finished product? Because we have AML standards worked out, also taking into account the guidelines of the supervisory authorities for the industry, e.g. the NBP for exchange offices, for such entities.

Just remember that there are elements that are always variable. For example, the risk assessment document of the obliged institution - we assess your risk, so it cannot be assessed at the ready. That would be flawed, and supervisors are clearly negative about such templates that do not take into account the risks of a particular institution.

What does the package contain and why is it comprehensive?

  1. AML procedure (here the entirety of KYC and anonymous whistleblowing) - a document written practically, the reader knows what his or her obligations are and which form to reach for in a client relationship. We are not rewriting the law!
  2. Risk assessment of the obliged institution
  3. Annexes to the AML Procedure:
    1. declaration for employees/co-workers
    2. model resolution on the introduction of a procedure
    3. customer data form (natural person) with customer risk assessment questionnaire
    4. customer data form (legal entity and organisational unit) with customer risk assessment questionnaire
      form for anonymous reporting of violations
    5. declaration concerning the beneficial owner of a natural person
    6. declaration concerning the beneficial owner
    7. proof of funds of the legal person or entity
    8. proof of funds of the natural person
    9. pep statement by an individual
    10. list of alert signals - so-called red flags
    11. list of countries included in the AML/CFT process
    12. list of high-risk industries
    13. internal control - report
    14. checklist kyc

We provide you with the documents "ready to use". You do not have to complete or generate anything yourself. It is our job to provide you with a procedure for your business. Clear, practical and positively assessed by the authorities in the event of an inspection.

Our price list
Accounting Office
Kantor of traditional currencies
Virtual currency exchange
Real estate agent

A

  • AML procedure
  • Risk assessment of the obliged institution
  • Annexes to the procedure
Accounting Office PLN 1000 Net
Kantor of traditional currencies PLN 1200 Net
Virtual currency exchange PLN 1200 Net
Real estate agent PLN 1000 Net

B

  • AML training (up to 4 persons)
Accounting Office PLN 600 Net
Kantor of traditional currencies PLN 600 Net
Virtual currency exchange PLN 600 Net
Real estate agent PLN 600 Net

C

Recommended

Package A+B

  • AML procedure
  • Risk assessment of the obliged institution
  • Annexes to the procedure"
  • AML training
Accounting Office PLN 1300 Net
Kantor of traditional currencies PLN 1500 Net
Virtual currency exchange PLN 1500 Net
Real estate agent PLN 1300 Net

Dedicated implementation

We draft AML documentation in a dedicated manner, i.e. after learning about your needs and with an individual approach to the industry in question

This is particularly recommended when dealing with large obliged institution or unconventional operating model (e.g. status as an obliged institution by virtue of being a shared service centre or a car dealer accepting large amounts of cash).

What does such an implementation look like?

  • You describe your business, how it operates, your client profile, and provide any other information we ask for that is necessary to draw up the AML procedure
  • It happens in dedicated implementations that you need to provide additional documents that you already have, e.g. within your organisation you already have a whistleblowing or supplier onboarding procedure, a our documents must be consistent with this and use the technical resources you already have at your disposal.
  • We are preparing an AML procedure - A document comprehensively describing all AML rules and activities in your business. There will be no need for a separate KYC or whistleblowing procedure. (anonymous reporting of violations).
  • A risk assessment of the obliged institution is produced according to the risk screening methodology we have developed.
  • We prepare annexes to the AML procedure, tailoring them to your business, including, in particular, your client profile and the services you provide. We are talking about report templates, employee statements, KYC forms, among others.
  • We pass on the AML procedure to you - if you have any questions at this stage, we answer them all.
  • It is possible to recordings of optional training for employees - This will enable you to pass on training material to new employees or those who were unable to attend the training on a particular date.
  • For each training course we issue personalised certificates of participation.

We will be happy to answer your questions

By sending an inquiry, you consent to the processing of personal data. More in Privacy policy

Step-by-step implementation of the AML procedure

Implementation schedule
Step 1
01

Drawing up an internal procedure for countering money and terrorist financing

We will develop a complete AML procedure for you, which will take into account the individual circumstances of your business, as well as all the required documents (forms, records, downloadable ready-made statements on PEP status, among others).

An AML procedure is a document that contains, among other things, the steps or actions taken to mitigate the risk of money laundering, as well as the measures used to properly manage the identified risks.

The document also lists the principles involved:

  • identifying and assessing money laundering risks,
    storage of documents and information related to AML,
  • application of financial security measures,
  • the performance of obligations to provide information to the GIIF (Chief Inspector of Financial Information),
  • disseminating knowledge of AML legislation to employees,
    reporting of potential or actual AML violations,
  • AML internal control.

Take advantage of our offer - once you have read the AML procedure we have prepared, you will know what to do. These are not templates whose creation consists of rewriting the content of the law, which the control authorities are not very fond of - the documents you will receive will be individualised and tailored to your business

Step 2
02

Develop a risk assessment of money laundering and terrorist financing in your business

The risk of money laundering and terrorist financing is not the same in every obliged institution. They are therefore required to analyse it and produce a risk assessment document.

The assessment of the level of risk is carried out taking into account factors relating to:

  • customers,
  • services provided,
  • country and geographical area,
  • sources of customer and channel acquisition,
  • qualitative risks.

The resulting risk level is a very important benchmark for obliged institutions. This is because it determines the extent to which an institution is vulnerable to being used in money laundering and/or terrorist financing, which in turn determines the need to apply adequate measures to prevent and eliminate such risks.

Step 3
03

We will provide AML training for managers and employees

We also provide AML training, where we provide practical guidance on how to comply with our obligations under the Act.

  • We clarify definitions related to AML and terrorist financing.
  • Employees receive guidance on, among other things, reporting to the GIIF and other duties, such as KYC (customer identity identification and verification) and customer risk analysis.

AML training with RPMS Law Firm is a portion of useful, practical knowledge for obliged institutions. What is more, we always tailor it to the nature of the activity in question. Thus, during the training sessions we refer to situations and events that a specific obliged institution should be on the lookout for.

The training concludes with the issue of a certificate attesting to the extent of the knowledge imparted. With a certificate, you increase your credibility in the event of an inspection and demonstrate that you fulfil the statutory prerequisites. Training in English is also available.

Do you want to know if your business requires the implementation of an AML procedure?

This is not always obvious - for example, if you operate a hybrid business or do not exceed certain cash limits, perform transactions not exceeding €15,000, use only cash exchange, or if you only serve group entities.

Even if you do not fall into any of the categories of obliged institutions indicated in the AML Act, you can implement AML principles as part of your compliance activities, including in combination with such internal regulations as a security procedure, risk management or an anti-fraud policy.

Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) training course

We also offer a package with AML training.

The training we provide takes place 'live' online, with your participation and that of selected employees (max. 4 people in total), during which you can ask questions. After the training, you receive a presentation and certificates of participation.

It should be borne in mind that, in addition to the AML Act's requirement that persons performing AML activities at an obliged institution have received such training, AML control authorities often expect proof of this - and we provide you with this proof, in the form of a certificate of attendance.

Example of a training programme for cantors:

  • Basic assumptions under the AML Act for the exchange office - do we only apply AML to transactions over €15,000?
  • The rationale for bringing exchange offices under the Act - using an example "from the life" of the industry,
  • Basic concepts - PEP, Actual Beneficiary, risk approach,
  • Types of transactions in the exchange office business, in particular occasional transactions,
  • Customer risk - how do you investigate it and what will the scoring form be useful for?
  • Unacceptable risks (including sanction lists and automation of the screening process)
  • Identification and verification of customer identity (KYC) - who and when?
  • Determining the beneficial owner, or "about the brain of the operation"
  • Real-life case 'contact person on behalf of the client,
  • "My client is a PEP" - are PEP lists a good idea?
  • What documents to apply and use in AML at the exchange office?
  • Document retention and AML in contact with RODO
  • Red Flags for the exchange sector, i.e. ongoing analysis of the transactions carried out
  • "An inspection comes to the exchange office" - what to expect?
  • Anonymous whistleblowing, or whether AML whistleblowers matter
  • Participants' questions

Training is provided by qualified practitioners.

AML training is provided by, among others, legal advisor Kamila Wasilewska, member of the Regional Chamber of Legal Advisors in Poznań since 2017. Postgraduate studies in the field of Modern Technology Law at the Leon Koźmiński Academy in Warsaw. Since 2008, she has gained experience as an in-house lawyer in companies in the financial market industry (also in the function of compliance officer). She has extensive experience in cooperation with IT, e-commerce, including financial technology (fin tech) and payment service providers. As AML Compliance Officer, she advises obliged entities on the organisation of their activities and the establishment of procedures against money laundering and terrorist financing.

Comprehensive AML services for your business

In addition to the implementation of AML procedures and training in this area, we also offer:

Our law firm offers comprehensive support services in the context of AML/CFT regulations. Our representatives provide assistance to all obliged institutions, acting as experienced AML Officers.

Determination of the compliance function

Not sure who to appoint as an AML specialist? We can help you make a choice in this area, and explain what the role of the post holder entails.

Advice on customer identification and verification (KYC - Know Your Customer)

Before entering into a business relationship or carrying out an occasional transaction, you should identify and verify the identity of your clients and their beneficial owners (i.e. those with control over the client).

We can help you prepare the necessary KYC documentation and explain how this procedure should work. We can also carry out the client verification for you.

Deciding to carry out a transaction and/or establish a business relationship (cooperation)

If you are in doubt, we will help you to assess whether you should/can engage or transact with a particular client (in a particular situation).

Notification of the General Inspector of Financial Information and/or the public prosecutor

As an obliged institution, you are required to notify the General Inspector of Financial Information (GIIF) of any case of suspected money laundering and/or terrorist financing.

We can help you assess whether your situation requires any of the above notifications. We can also draft them for you.

Auditing the AML area of your business

Do you want to check whether you are correctly performing your obligations under the AML Act (e.g. the way you carry out the KYC procedure or transaction analysis)? Or do you want to change the organisation of the AML area, for example by simplifying it?

We will audit the AML/CFT area of your business - we will examine your documentation, talk to your employees, and trace examples of situations where you are applying financial security measures. Finally, we will explain how to improve the AML area or make the changes you want.

We will prepare a report on your counterparty in terms of international sanctions and sanction lists

In view of the current international situation, many of our clients are wondering whether they can carry out transactions and/or undertake cooperation with the entities in question - especially if they are entrepreneurs from across our eastern border.

We will help you check the potential counterparty (including its inclusion on sanction lists), the terms of the transaction, its credibility, and finally, in the form of a report, we will make a concrete recommendation for cooperation.

Monitoring of changing regulations and recommendations (corporate compliance)

As a law firm specialising in AML, we keep abreast of all changes in regulations, communications from the GIIF and other state authorities as they relate to AML. If the need arises, we will help you to implement the changes in your business without delay. The result? You will minimise legal and business risks. You will operate transparently, efficiently and without disruption.

Support in drafting AML management reports

We will help you prepare management reports and interpret the data collected. We will provide you with clear, input-ready guidelines and reports.

I am interested in AML services

What is AML and money laundering?

AML is the European Anti-Money Laundering Directive. Its purpose is to protect the financial system from abuse and to maintain the credibility of financial institutions.

Money laundering is a crime designed to disguise the origin of illegally acquired funds (as well as movable property, real estate, cryptocurrency, and others) so that they appear to come from legitimate sources.

Anti-Money Laundering (AML) refers to a network of rules, regulations and procedures designed to detect illicit funds disguised as legitimate income and protect the financial system from abuse.

Obligated institutions are primarily

banks
lending institutions
credit institutions and their branches
alternative investment companies
cooperative savings and credit unions (SKOKs)
national payment institutions (NPAs)
small payment institutions (MIPs)
settlement agents
investment funds
traditional currency exchange offices
virtual currency exchange offices
investment companies
custodian banks and branches of foreign investment companies
insurance companies
insurance intermediaries
postal operators
providers of virtual currency exchange services
Entrepreneurs carrying out activities in the area of games of chance, betting, card games and slot games
pawnbroking activities
estate agents
accountants and all providers of tax advice and services (even one-person accounting firms)
offshore and company services (e.g. company registration, provision of a registered office, acting as a board member)
entrepreneurs, foundations and associations with legal personality - if they receive or make cash payments of a value equal to or greater than EUR 10 000 in one or more related operations
art galleries and auction houses
barristers, solicitors, notaries, tax advisers (to a limited extent)

The actions of mandatory institutions are aimed at detecting suspicious circumstances that may indicate a crime:

Money laundering

Article 299 of the Penal Code.

"Whoever accepts, possesses, uses, transfers or exports abroad, conceals, transfers or converts them, assists in the transfer of their ownership or possession, or takes other actions which may frustrate or significantly impede the determination of their criminal origin or their location, their detection, seizure or forfeiture. shall be punishable by a term of imprisonment of 6 months to 8 years

Financing of terrorism

Article 165a § 1. of the Penal Code.

"Whoever collects, transfers or offers means of payment, financial instruments, securities, foreign exchange, property rights or other movable or immovable property with the intention of financing a terrorist offence [...]. shall be punishable by a term of imprisonment of between 2 and 12 years."

The definition of money laundering in the Criminal Code is broad, as it refers to any property value (so not only money, but also things, real estate, cryptocurrencies, etc.); and there are many verb tenets referring to what can be done with such property values to commit the offence of money laundering (receiving, possessing, using, transferring, etc.). The essence of money laundering is to 'disconnect' the criminal nature from the property values.

Money laundering is always linked to another crime, the so-called underlying crime, which has made the assets in question 'dirty' (i.e. illegal) so that they must be 'laundered' (e.g. precisely by using the services of an obliged institution).

Often such underlying offences are:

  • corruption
  • fraud, including in the model of today's popular online scams
  • drug-related crime or organised crime groups
  • fiscal offences, in particular tax evasion.

The application of the financial security measures listed in the legislation by obliged institutions is necessary in the case of:

an occasional transaction with a value of EUR 15 000 or more (regardless of whether it is a single operation or several operations linked to each other)

betting on and collecting winnings of the equivalent of EUR 2 000 or more (whether in a single operation or in several operations linked to each other);

an occasional transaction that constitutes a transfer of funds for an amount exceeding the equivalent of €1,000;

establishing business relationships (irrespective of the amount);

an occasional transaction using virtual currency
of the equivalent of EUR 1 000 or more;

suspected money laundering or terrorist financing (regardless of the amount);

occasional cash transactions with an equivalent value of €10,000 or more (regardless of whether it is a single operation or several related operations for selected obliged institutions);

doubts about the veracity or completeness of the customer's identification data (again, irrespective of the amount involved).

Resolve your doubts now

  • I am a one-person accountancy firm that only keeps income and expense books, we do not keep so-called full accounts - does AML apply to me?

    Yes, since the October 2021 amendment, accounting firms that do not keep full accounts are also subject to the application of the AML Act (pursuant to paragraph 15a(1) of Article 2 of the Act).

  • We employ 3 people as estate agents and I also have a B2B partnership with 3 people. Who should I train?

    Yes, since the October 2021 amendment, accounting firms that do not keep full accounts are also subject to the application of the AML Act (pursuant to paragraph 15a(1) of Article 2 of the Act).

  • We carry out accounting for a capital group. We perform part of the accounting duties in the company in Poland and part in the company in the Czech Republic. Our clients are group entities. Do we need to implement AML?

    If an entity (e.g. a separate company serving a group) provides bookkeeping services or other services as defined in the AML Act (e.g. tax advice), it will be a mandatory institution and will have to implement the AML procedure.

  • When to implement a group anti-money laundering (AML) procedure

    Obligated institutions in a group and their branches and majority-owned subsidiaries established in a third country shall put in place an anti-money laundering and counter-terrorist financing (AML/CFT) group procedure to implement the obligations of the group and its constituent entities under AML/CFT legislation.

    The obligation to implement a group procedure may also be incumbent on corporate groups where entities share responsibilities with each other and only some of them take on the status of an obliged institution (e.g. a shared services centre).

  • I am a cryptocurrency exchange that only serves customers on an exchange such as Binance. Do I need to apply AML?

    Yes, according to Article 2(1)(12) of the AML Act, entities engaged in the business of providing: a) exchange between virtual currencies and means of payment, b) exchange between virtual currencies, c) intermediation of exchanges referred to in a or b are obliged institutions and must apply AML solutions.

  • As an online cantor, do I have to apply AML?

    Yes, pursuant to Article 2(1)(11) of the AML Act, online currency exchange offices, like land-based currency exchange offices, are required to implement AML solutions, including having an internal procedure.

  • Do we need to appoint an AML Specialist within the organisation?

    Yes. Each obliged institution must appoint an AML specialist, i.e., according to Article 8 of the AML Law, an employee in a managerial position responsible for ensuring that the activities of the obliged institution and its employees and other persons performing activities on behalf of the obliged institution comply with the AML and terrorist financing regulations.

  • How to implement AML as an estate agent?

    There is actually no clear answer to this question. The implementation of AML consists of several steps, including the implementation of a procedure, but also the adaptation of processes in the company, changes in policies or a training cycle for certain employees. This will often be a rather complicated process and it is therefore worth ensuring the involvement of a specialised advisor.

  • I am a Payment Services Office. Do I have to do KYC to the customer since the transactions go through the bank account and the bank does it?

    Yes. Each obliged institution, including payment service bureaus, is obliged to apply the financial security measures (i.e., e.g., KYC) provided for in the AML Act independently of other obliged institutions.

  • I have checked the KRS register for the contract with the client, compared it with the CRBR entry and see that the data do not match. Should I bring this to the attention of the client?

    The obliged institution notes discrepancies between the information collected in the CRBR and the information it has established about the customer's beneficial owner (including precisely the information provided by the customer) and takes steps to explain the reasons for these discrepancies - one of these steps is, of course, to ask the customer itself to explain the situation.

  • What is the processing of personal data (RODO) of customers from whom I request to go through the KYC procedure (e.g. sending a photo of an ID card)?

    Obliged institutions are obliged under the provisions of the AML Act to collect information allowing for the identification and verification of the customer's identity. This means that the purpose of processing the aforementioned data will be the necessity to fulfil a legal obligation imposed on the controller (i.e. precisely the obliged institution). Thus, obliged institutions have a legal basis to legally process their customers' personal data (e.g. by requesting a scan of an identity card).

    The topic of 'AML vs. RODO' also comes up in our training courses.

Do you have questions? Contact us

Consequences of not implementing AML What are the risks?

If you are an obliged institution but do not have an AML procedure (or have one but faulty/outdated) or do not comply with other obligations under the AML Act, you risk administrative penalties and even criminal liability.

Below are the sanctions you may face for doing so.

Administrative liability

L. P. Kara Responsible entity Circumstances (M.IN.)
1 Publication of information about the OI and the extent of the breach of the Act in the Public Information Bulletin on the website of the office serving the Minister of Finance. Obligated institution
  • Failure to appoint an AML Specialist,
  • Failure to prepare a global risk assessment and/or update it,
  • Failure to apply the ¶bf in circumstances justifying it,
  • Failure to document the śbf and the results of ongoing transaction analysis,
  • Failure to implement the AML Procedure,
  • Non-compliance with decisions of the GIIF/KNF,
  • Failure to implement a procedure for anonymous reporting of violations,
  • Failure to organise AML training,
  • Failure to implement the GIIF's audit recommendations,
  • Failure to keep records as indicated in the Act (5 years),
  • Failure to apply mandatory restrictive measures,
  • Failure to notify the GIIF/other authorities.
2 An order that the obliged institution cease certain activities Obligated institution
3 Revocation of a licence or permit or removal from the register of regulated activities Obligated institution
4 Prohibition from holding a managerial position for a maximum of one year Person responsible for violation of the Act by the obligated institution
5 A fine of up to the equivalent of €5,000,000 or up to 10% of the turnover shown in the last approved financial statements.

If an obliged institution is found to have breached certain obligations, the authorities may impose a fine of up to PLN 1,000,000 on the person responsible for the performance of the obligations set out in the Act at the time of the breach.

Obligated institution

Person responsible for violation of the Act by the obligated institution

Criminal liability

L. P. Kara Responsible entity Circumstances (M.IN.)
1 Prison sentence
3 months to 5 years
A person acting in the name of or on behalf of the Obligated Institution
  • Failure to notify the GIIF when the premises for doing so have updated (e.g. carrying out a suspicious transaction). -Transmitting untrue data to the GIF.
  • Disclosure to unauthorised persons of information collected in accordance with the Act (e.g. in the course of KYC).
2 Fine Person acting for or on behalf of the OI
  • As above, but the action was unintentional. -Thwarting control activities (e.g. GIIF, FSC).
3 Imprisonment from 6 months
up to 8 years
Each Accepting, possessing, using, transferring/exporting abroad, concealing, transferring or converting, assisting in the transfer of their ownership or possession or taking any other action that may frustrate the
or make it considerably more difficult to establish the criminal origin of the money.
4 Imprisonment from 6 months
up to 8 years
Employee or person acting for or on behalf of the OI Accepting money, transferring or converting it, or accepting it in other circumstances giving rise to a reasonable suspicion that it is the subject of an act under subsection (3) above, or providing other services to conceal its criminal origin or services in securing it from seizure.
5 Imprisonment of up to 3 years Anyone / employee or person acting on behalf of or for the IO Preparations to commit the offences in points 3 and 4 above.
6 Imprisonment from one to 10 years Anyone / employee or person acting on behalf of or for the IO
  • Committing the offences in points 3 and 4 in concert with other persons.
  • Achieving a substantial financial benefit as a result of committing the offence under points 3 and 4.

Not sure if AML applies to your business? Do you need help with this?

Or do you want to check the correctness of your company's AML procedures?

Get in touch with us. We are a team of experienced lawyers, specialists
from IT, tax and accounting.

They trust us

Do you have questions?

Get in touch and see how we can help you!