AML Compliance Guidelines: Croatia
Simplifying the complexities of AML/CFT compliance
AML Compliance in Croatia
Ministry of Finance Republic of Croatia (MFIN)
The Anti-Money Laundering Office in Croatia is responsible for receiving and analyzing reports of suspicious transactions, coordinating AML efforts with law enforcement agencies, and enforcing compliance with AML regulations among financial institutions and other obliged entities.
Anti-Money Laundering and Terrorism Financing Law 108/17 CROATIAN PARLIAMENT DECISION ON THE PROMULGATION OF THE ANTI MONEY LAUNDERING AND TERRORIST FINANCING LAWOfficial Gazette 108/17 (08/11/2017)(MFIN)
Under Article 11, reporting entities (referred to in Article 9), shall be obliged to fulfill the duties prescribed by this Law and regulations passed on the basis of this Law during the course of the performance of their activities.
The duties referred under this article shall encompass as follows:
- Conducting money laundering and terrorist financing prevention measures in business units and companies in which the reporting entity holds majority share or exercises predominant decision-making rights, having headquarters in another member state or third country.
- Appointment of an authorized person and his/her deputy for the implementation of money laundering and terrorist financing prevention measures, considering the organizational structure of the reporting entity, sufficient number of his/her deputies, and providing adequate conditions for the performance of their work.
- Enabling regular professional training and education of employees of reporting entities, and ensuring regular internal audits of the money laundering and terrorist financing prevention system at reporting entities.
Under Article 12, reporting entities (referred to in Article 9) shall be obliged to draw up a money laundering and terrorist financing risk analysis in order to identify, assess, understand and mitigate the money laundering and terrorist financing risks, taking into consideration the risk factors referring to:
- Customers
- Countries or geographic areas
- Products, services or transactions
- Delivery channels
Under Article 15, the customer due diligence shall encompass the following measures:
- Identifying the customer and verifying the customer’s identity on the basis of documents, data or information obtained from a credible, reliable and independent source.
- Identifying the beneficial owner of the customer and taking reasonable measures for the verification of the beneficial owner’s identity, including the taking of measures necessary for understanding the ownership and control structure of the customer.
- Conducting ongoing monitoring of the business relationship, including scrutiny of transactions the customer carries out during the course of the business relationship.
- To ensure that the transactions being conducted are consistent with the reporting entity’s knowledge of the customer, type of business and risk profile, including, where necessary, the information on the source of funds, the documents and the data the reporting entity holds must be kept up-to-date.
As per Article 16, reporting entities referred to in Article 9 of this Law shall be obliged to conduct customer due diligence in the following cases:
- When establishing a business relationship with a customer
- When carrying out an occasional transaction amounting to HRK 105,000.00 or more, whether that transaction is carried out in a single operation or in several transactions that are apparently mutually linked and that reach a total value of HRK 105,000.00 or more
- When carrying out an occasional transaction constituting a transfer of funds exceeding EUR 1,000 in terms of the Regulation (EU) 2015/847
- When providing service of games of chance, when placing bets and taking the gains including buying or exchanging chips in the amount of HRK 15,000.00 and more, whether that transaction is carried out in a single operation or in several transactions that are apparently mutually linked and that reach a total value of HRK 15,000.00 or more
- When there are doubts about the veracity or adequacy of the previously obtained data on a customer, and
- In all instances when there are reasons for suspicion of money laundering or terrorist financing in relation to a transaction or a customer, regardless of all prescribed exemptions and the transaction value.”
As per Article 67, for the purpose of establishing and implementing an efficient and effective money laundering and terrorist financing prevention system, the management of the reporting entity shall be obliged to:
- Appoint an authorized person and one or several deputies of the authorized person in line with Article 68 of this Law
- Ensure that the authorized person is employed at a job position that is systematized within the organizational structure of the reporting entity at such a position that it enables the authorized person to quickly, properly, and timely execute the tasks prescribed by this Law and regulations
- Ensure that the authorized person and his/her deputy have unrestricted access to all necessary data, information, and documentation
- Provide appropriate organizational, staff, material, and other working conditions for the authorized person and his/her deputy
- Provide adequate space and technical conditions for the authorized person and his/her deputy, that guarantee an appropriate level of the protection of confidential data and information the authorized person and his/her deputy dispose of
- Provide the system that makes it possible for reporting entities, the authorized person and his/her deputy, in line with powers and competences of the Office and the competent supervisory body
- Provide regular professional training and education for employees of reporting entities.
As per Article 142, The Office shall be obliged to protect data, information, and documentation in the following way:
- By adopting internal instructions on safety and confidentiality of information, including procedures on the actions to be taken, storage, forwarding, and protection of information as well as on the access to information and premises of the Office, in line with the regulations arranging the protection of the confidentiality of data and information security.
- By restricting the access for unauthorized persons to the premises, data, information, and documentation of the Office, including the access to the IT system of the Office.
Sources https://mfin.gov.hr/UserDocsImages//en/Anti-Money_Laundering_Office//AMLTF%20Law%20-%20Croatia.pdf