When you want to open a bank account, banks ask you for all kinds of details. They do this, among other things, to combat money laundering. But aren’t they overreacting? Do they really need all those personal details from you?
"Banks need information to determine the risk of money laundering or terrorist financing for each customer. If a bank assesses that risk as high, it will ask for additional information. In our supervision, we see that banks sometimes consider those risks to be higher than they actually are, and ask for more information than is actually necessary. The reverse also occurs, when banks ask for too little information."
Providing all those details must be annoying for customers...
"Customers are happy to make an effort to combat money laundering and terrorist financing, but only if providing all those data effectively contributes to achieving that goal. We are seeing that banks can make more of an effort to explain to their customers why they need certain information."
DNB argues that everyone should have access to the payment system. This could be at odds with the anti-money laundering policy, under which banks must critically monitor prospective customers. With these strict checks, don’t you run the risk of unfairly excluding people or sectors?
"Banks are not accepting all potential customers, and they restrict their service provision or terminate their relationship with some of their customers. They do this because they perceive these customers to have a heightened risk of being involved in money laundering or crime – suppose a customer tells their bank they are a greengrocer while they do not purchase any vegetables but do deposit substantial cash receipts. However, banks can never be 100% sure whether their (potential) customers are involved in illicit money flows. Banks are not investigative authorities like the police or the Dutch Fiscal Intelligence and Investigation Service. They can only rely on the information they can gather themselves. So there’s always a risk of unjustifiably severing relationships with a customer. Then again, we see no evidence of systematic exclusion of customers in specific sectors."
In the report 'From recovery to balance', DNB argues for more risk-based customer due diligence. In other words, zooming in on the high-risk customer categories. Where does DNB see those high risks?
“Sectors such as the transport sector, wholesale trade and real estate are more vulnerable to abuse by drug-related crime. This doesn't mean banks should refuse all customers from these sectors, but they must ask for more details so they are able to assess money flows properly. If they find the risks involved to be unacceptable, they may not accept a customer or must terminate the relationship.
Cash-intensive sectors such as the hospitality industry, the scrap metals trade or the construction industry may also pose a higher risk of money laundering or terrorist financing. Labelling the use of cash as a risk creates an area of tension. Cash is legal tender, the legitimate use of which should not be hampered. Under certain circumstances, however, the excessive use of cash can point to money laundering or terrorist financing. The Cash Covenant, which was concluded earlier this year by, among others, the four Dutch major banks, consumer associations and DNB, provides guidance in navigating this area of tension. It states, for example, what measures must be taken against money laundering and terrorist financing when cash is used."
And what about customers that have a low risk?
"We argue that scrutiny can be limited for low-risk customers. All those people who receive their wages or benefit every month, pay for their rent and groceries, and have nothing out of the ordinary going on in their account. We believe for these customers checks can be limited.
In our supervision, we are seeing that banks sometimes check too much for these low-risk customers. They do so to stay on the safe side and comply with all legal requirements. We are aware that our supervision sometimes contributes to this. The banks – and we – simply have to accept that a risk may go undetected due to limited scrutiny. So we need a more risk-based approach by banks and supervisory authorities. We believe it is important to clarify, together with the financial sector, when good is good enough. We will be discussing this in roundtable meetings. The National Forum on the Payment System is closely involved in this.”
Banks have invested heavily in the monitoring of unusual transactions. The costs of these checks have increased sharply. Banks are considering charging higher fees for payments accounts. Why is that?
"The costs banks are incurring in putting these checks into place have indeed increased significantly, partly because banks have to clear backlogs. Many banks are in the process of putting their customer files, transaction monitoring and reporting of unusual transactions in order, giving rise to additional costs. In part, however, these investments are permanent and necessary to detect and prevent the abuse of our financial sector by criminals as much as possible. Banks are passing some of these costs on to customers. In this way, we are all doing our bit to prevent and combat money laundering and the serious crime that is often behind it.”
Banks sometimes criticise DNB's supervision, arguing that DNB is overly preoccupied with checking if they are complying with the rules. Is DNB open to innovations from the sector?
“We are looking carefully at our own role and at how we can improve. Our supervision is always squarely based on the purpose of the law: ensuring a sound and ethical financial sector. To achieve this, we need a solid, risk-based approach. Innovations can certainly contribute to achieving this goal. We are interested in developments that help banks move forward, and that can make processes more effective and efficient. A prime example is the digital identity. This makes it much easier for banks to establish a person's identity, which in turn reduces costs. We make sure that new technologies are used responsibly. For example, customer data must be protected and privacy must be guaranteed."