How to deal with customers already served before the entry into force of the Implementation Act
Crypto service providers must comply with the requirements of the Wwft once the Implementation Act enters into force.
As of that moment,
- they must have established and verified the identity of all customers to which they are providing services;
- in the event of a business relationship or other circumstances requiring customer due diligence, they must have analysed and assessed the risks related to the customer, products and services, distribution channels and transactions and have linked these to an appropriate customer risk and transaction profile;
- they must monitor the transactions of their customers;
- they must report all unusual transactions to FIU-NL.
In the event that unacceptable risks are identified with respect to a customer, they must terminate the business relationship with this customer.
In addition to the above, requirements in terms of crypto service providers’ operational management also apply.
Pursuant to the Act, crypto service providers must have appropriate processes in place to ensure adequate implementation of these CDD-related requirements with respect to existing and new customers. DNB will devote attention to this in its supervision.