Many subjects of the Federal Law of August 7, 2001 No. 115-FZ “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism” (hereinafter referred to as Federal Law No. 115-FZ) are familiar with the term “identification” and the verification procedure client in order to combat the legalization (laundering) of proceeds from crime and the financing of terrorism (hereinafter referred to as AML/CFT), however, not all entities have yet understood another similar term “simplified identification”. We at U-Piter Consulting are often contacted with questions about the differences between regular identification and simplified identification and which subjects of Law No. 115-FZ have the right to carry it out. For this reason, I decided to write a short article on this topic.

Your employees can also undergo training in our company on the program “Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism” with the issuance of a certificate of the established form. Our company is accredited by the International Training Center for Financial Monitoring (Moscow) and conducts AML/CFT/CFT training . The training is conducted remotely (online course), so you can take part in the webinar while at your work or home computer.

Federal Law No. 482-FZ of December 31, 2017 “On Amendments to Certain Legislative Acts of the Russian Federation” amended the provisions of Federal Law No. 115-FZ of August 7, 2001 “On Combating the Legalization (Laundering) of Proceeds from Crime , and financing of terrorism”, establishing the procedure for remote biometric identification of citizens.

In the explanatory note, the authors of the law noted that it was “developed in order to ensure proper regulatory legal regulation of the use of a mechanism for interactive remote authentication and identification of a credit institution client - an individual using his biometric personal data, as well as information about him contained in a unified identification system and authentication (USIA), which allows credit institutions to open accounts (deposits) for a client - an individual without his personal presence using the Internet.

The law clarifies the concept of “identification”: if previously it had to be carried out using original documents and (or) duly certified copies, now it can be carried out using “state and other information systems.”

Article 7 “Rights and obligations of organizations carrying out transactions with funds or other property” includes rules governing the procedure for remote identification.

The bank is obliged, after carrying out identification in the personal presence of a client - an individual who is a citizen of the Russian Federation, with his consent and free of charge, to place or update in electronic form in a unified identification and authentication system the information necessary for registering the client - an individual in it, as well as his biometric personal data in a unified personal data information system that ensures their collection, processing, storage, verification and transmission of information on the degree of their compliance with the provided biometric personal data of an individual (unified biometric system) (clause 5.6).

The bank must simultaneously meet the following criteria (clause 5.7):

• The Bank participates in the deposit insurance system;
• Bankruptcy prevention measures are not applied to the bank, unless otherwise established by the Central Bank of the Russian Federation;
• In relation to the bank, the Central Bank of the Russian Federation has not made a decision to prohibit the implementation of actions and identification of clients - individuals, provided for in paragraph 5.11 of this article.

The Central Bank of the Russian Federation monthly publishes on its official website on the Internet a list of banks that meet the established criteria.

For individual clients, after identifying them by establishing and confirming the accuracy of information about them using a unified identification and authentication system and a unified biometric system without their personal presence (clause 5.8), banks have the right to:

• Open and maintain accounts (deposits);
• Provide loans to clients;
• Make transfers of funds to such accounts on their instructions.

In this case, the following conditions must be met simultaneously:

• An individual is not a person included in the list of organizations and individuals in respect of whom there is information about their involvement in extremist activities or terrorism, or an individual in respect of whom the interdepartmental coordinating body carrying out the functions of combating the financing of terrorism has made a decision to freeze (blocking) funds or other property;
• The bank has no suspicions regarding the client or the client’s transactions that they are related to the legalization (laundering) of proceeds from crime or the financing of terrorism.

The operator of the unified identification and authentication system provides the authorized body and the Central Bank of the Russian Federation with:

• Information contained in the unified identification and authentication system about individuals;
• Information about the banks to which it was provided.

My comment: Remote identification using biometric data is, of course, very cool, but I am afraid that our scammers will also quickly “master” it. The banking system must initially be mentally prepared for the possibility of successful attacks, and a mechanism for investigating incidents with unauthorized use of biometric data must be provided in advance. Experience shows that the main danger is posed not so much by the scammers themselves, but by people’s unshakable faith in the perfection of modern technologies...

01 August 2019, 18:21

Currently, the most promising segment of the microfinance market is online (on-line) lending. Its share in the total volume of microloans issued is only increasing every year. But, from March 29, 2016, the entire market of microfinance organizations (MFO) was divided by the legislator into two groups: microcredit companies (MCC) and microfinance companies (MFC). This division introduced significant changes and restrictions for online MFOs, primarily in terms of the possibility of conducting remote (online) identification of borrowers without visiting the MFO office. Let's try to figure it out Does an online MFO have the right to carry out such identification? subject to the provisions Federal Law of 07.08.2001 No. 115-FZ"On combating the legalization (laundering) of proceeds from crime and the financing of terrorism" (hereinafter referred to as Federal Law No. 115)?

IMPORTANT! This The article is valid until September 30, 2019. As of October 1, 2019, amendments to Federal Law No. 115 come into force, which change the procedure for remote identification of MFOs of their clients (borrowers), and therefore This article will be updated.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

On March 29, 2017, changes to Federal Law of July 2, 2010 No. 151-FZ“On microfinance activities and microfinance organizations” (hereinafter referred to as Federal Law No. 151), according to which a microfinance organization (MFO) is divided into a microcredit company (MCC) and a microfinance company (MFC). In fact it's divided all microfinance organizations into those who can issue online loans and those who are prohibited from doing so.

In accordance with paragraph 1 of Art. 2 Federal Law No. 151:

Microfinance organization (MFO)- a legal entity that carries out microfinance activities and information about which is entered into the state register of microfinance organizations in the manner prescribed by Federal Law No. 115. Microfinance organizations can carry out their activities in the form of a microfinance company or a microcredit company.

Microcredit company (MCC)- type of microfinance organization carrying out microfinance activities, taking into account the established parts 1 and 3 of Art. 12 Federal Law No. 151 restrictions, which has the right to attract funds from individuals who are its founders (participants, shareholders), as well as legal entities, to carry out such activities.

Microfinance company (MFC)- type of microfinance organization carrying out microfinance activities, taking into account the established parts 1 and 2 of Art. 12 Federal Law No. 151 restrictions that meet the requirements of Federal Law No. 151 and regulations of the Bank of Russia, including to its own funds (capital), and has the right to attract funds from individuals, including those who are not its founders (participants, shareholders), subject to the restrictions established by clause 1, part 2, art. 12 Federal Law No. 151, as well as legal entities.

In details What is the difference between MCC and IFC? We previously wrote in one of our articles posted on. Now let's look at the fundamental difference between MCC and MFC in terms of remote identification borrowers when providing online loans within the framework of fulfilling the requirements of Federal Law No. 115.

In accordance with clause 1.5-2 of Art. 7 Federal Law No. 115 only a microfinance company (MFC) has the right to assign based on the contract credit organization identification or simplified identification client - individual, as well as identification of the client’s representative, beneficiary and beneficial owner for the purpose of concluding a consumer credit (loan) agreement with the specified client, provided to the client - an individual through the transfer of funds in accordance with the legislation on the national payment system.

Requirements for microfinance companies (MFCs), which in accordance with clause 1.5-2 of Art. 7 Federal Law No. 115 may entrust credit institutions with identification or simplified identification, established By Directive of the Bank of Russia dated July 20, 2016 No. 4078-U"On the requirements for credit institutions that may be entrusted with identification or simplified identification, as well as for microfinance companies that may entrust credit institutions with identification or simplified identification" (hereinafter - Central Bank Directive No. 4078).

As follows from paragraph 3 of Central Bank Directive No. 4078, microfinance company (MFC), which in accordance with clause 1.5-2 of Art. 7 Federal Law No. 115, on the basis of an agreement, may instruct credit institutions to carry out identification or simplified identification, must meet the following requirements:

1. carrying out activities in the form of a business company;
2. carrying out microfinance activities for at least 2 (two) years from the moment information about it is entered into the state register of microfinance organizations (MFOs);
3. membership in a self-regulatory organization (SRO) in the financial market;
4. absence in the Unified State Register of Legal Entities (USRLE) of a record of unreliable information about such a microfinance company.

Thus, in order to entrust a credit organization with identification or simplified identification of a client - an individual for the purpose of combating the legalization (laundering) of proceeds from crime and the financing of terrorism (AML/CFT), it is necessary not only to have the status of an IFC, but also to comply with all of the above requirements.

Please note that Federal Law No. 115 does not contain separate rules in relation to microcredit companies (MCC). However, Federal Law No. 115 uses a separate term - simplified client identification. Let's look at it in more detail.

In accordance with Art. 3 Federal Law No. 115:

Identification is a set of measures to establish certain information in Federal Law No. 115 about clients, their representatives, beneficiaries, beneficial owners, authentication this information using original documents and/or appropriately certified copies. For example, for individuals, such a document will be a passport or other identity document.

Simplified client identification- an individual (hereinafter - simplified identification) - carried out in cases established by Federal Law No. 115, a set of measures to establish in relation to a client - an individual surname, name, patronymic (unless otherwise follows from the law or national custom), series and number of an identity document, and confirm the accuracy of these information in one of the following ways:

1. using original documents and (or) duly certified copies documents;
2. using information from information systems of public authorities, the Pension Fund of the Russian Federation, the Federal Compulsory Medical Insurance Fund (MHIF) and (or) the state information system determined by the Government of the Russian Federation;
3. using unified identification and authentication system when using an enhanced qualified electronic signature (ECES) or a simple electronic signature (PES), provided that when issuing a simple electronic signature key the identity of an individual is established during a personal reception.

In accordance with clause 1.11 of Art. 7 Federal Law No. 115 simplified identification of a client - an individual can be carried out upon conclusion consumer credit (loan) agreement taking into account the features established by clause 1.12-1 of Art. 7 Federal Law No. 115, provided that all calculations are carried out exclusively in cashless form on accounts opened in Russian credit organization.

Clause 1.12 art. 7 Federal Law No. 115 establishes that simplified identification of a client - an individual is carried out in one of the following ways:

1. through personal representation by a client - an individual, original documents and (or) duly certified copies of documents;
2. through referral by a client - an individual credit organization (CO), a non-state pension fund (NPF), a professional participant in the securities market (PSMP), a management company of an investment fund, a mutual investment fund or a non-state pension fund (MC UIF), including in electronic form, the following information about yourself: surname, name, patronymic (unless otherwise follows from the law or national custom), series and number of the identity document, insurance number of the individual personal account (SNILS) of the insured person in the personalized accounting system of the Pension Fund of the Russian Federation, and (or) taxpayer identification number (TIN), and (or) number of the compulsory health insurance policy (CHI) of the insured person, as well as subscriber number client - an individual using the services mobile radiotelephone communications. From clause 1.13 of Art. 7 Federal Law No. 115 it follows that if received, including using a unified system of interdepartmental electronic interaction (SMEV), from the information systems of government bodies, the Pension Fund of the Russian Federation, the Federal Compulsory Medical Insurance Fund (MHIF) and (or) state information system defined by the Government of the Russian Federation, confirming the coincidence of the information specified in paragraphs. 2 clause 1.12 art. 7 Federal Law No. 115 ( that is, the information specified in this paragraph), with information in the specified information systems, as well as when the client - an individual confirms the receipt of information on the mobile radiotelephone subscriber number specified by him, ensuring the passage of simplified identification (including the possibility of using an electronic means of payment), the client - an individual is considered to have completed the simplified identification procedure in order to provide the client with a consumer loan (loan), taking into account the features established by clause 1.12-1 of Art. 7 Federal Law No. 115;
3. through passage by a client - an individual authorization in the unified identification and authentication system (USIA) using an enhanced qualified electronic signature or a simple electronic signature, provided that when issuing a simple electronic signature key the identity of an individual is established during a personal meeting, indicating the following information about yourself: last name, first name, patronymic (unless otherwise follows from the law or national custom), insurance number of the individual personal account (SNILS) of the insured person in the personalized accounting system of the Pension Fund of the Russian Federation. In fact, the ESIA is used for registration and authorization on the State Services portal. This means that the borrower must first, before concluding a loan agreement, registered on the State Services portal. To do this, as part of the initial registration on the State Services portal, you need personal presence of the borrower.

The first and third methods of simplified identification Not suitable for issuing online loans, as they require personal presence of the borrower, which does not allow remote (remote) identification.

Microfinance organizations (MFOs), including MCCs and MFCs, are NOT entitled to use the second method of simplified identification, since microfinance organizations (MFOs) are not included by the legislator in the list of organizations to which individual clients can send information about themselves.

But, seconda method for simplified identification of borrowers will be legal if the IFC, in accordance withclause 1.5-2 art. 7 Federal Law No. 115 will instructbased on the contractcredit organization (CO) carrying out identificationor simplified identification borrowers - individuals.

At the same time, the use of the second method of simplified identification by the ICC will in any case be illegal, since such a right is Federal Law No. 115 not provided for MKK. However, despite this, the majority of online MFOs in the form of MCCs carry out remote identification of borrowers using the second method, thereby violating the requirements of Russian legislation in the field of AML/CFT and taking on the risk of a supervisory response from the Bank of Russia.

In conclusion, we note that according to clause 1.12-1 of Art. 7 Federal Law No. 115 provisions clauses 1.11 and 1.12 art. 7 Federal Law No. 115 applies to consumer credit (loan) agreements, the amount of which does not exceed 15,000 rubles or an amount in foreign currency equivalent to 15,000 rubles provided to a client - an individual through translation funds in accordance with the legislation on the national payment system in favor of the client - an individual.

Thus, in accordance with the current legislation of the Russian Federation carry out remote identification and issue online loans without the borrower visiting the MFO office Only microfinance companies (MFCs) CAN by means of an order on the basis of an agreement with a credit institution, identification or simplified identification of a client - an individual. Wherein microcredit companies (MCCs) DO NOT HAVE such a right.

In the case of a microcredit company (MCC) to provide an online loan in order to comply with the requirements of Russian legislation the borrower needs to visit the MCC office at least 1 (one) time for its initial identification. Very often, in the personal lending market, identification is carried out by MCC employees themselves, visiting the borrower’s address. This identification method allows you to comply with the requirements of Russian legislation in the field of AML/CFT, significantly reduce MCC costs and not open additional service offices.

Currently, the list of information requested by banks is comparable only to the data required from companies and individual entrepreneurs by the tax inspectorate. BUKH.1S figured out what documents banks can legally request, and what consequences await clients for failure to provide them.

What documents do banks require based on 115-FZ?

Banking activities are regulated by a huge number of various laws and regulations. One of such documents is Federal Law No. 115-FZ dated August 7, 2001 “On combating the legalization (laundering) of proceeds from crime and the financing of terrorism.”

In pursuance of this law and referring to its own norms, banks require a lot of various documentation from clients. Clients sometimes feel that the requested data has nothing to do with the activities of banks and does not affect the interests of the state. But banks think differently. For example, banks, checking the purity of transactions, request documents under standard agreements that organizations have been entering into for many years. According to clients, such bank requirements are, at a minimum, strange, and, at a maximum, contrary to current legislation. In particular, for example, in cases where the requested information constitutes information protected by law.

Cheat sheet on the article from the editors of BUKH.1S for those who don’t have time

1. Currently, banks require a lot of various documentation from clients, checking the purity of transactions.

2. To identify not only the client himself, but also to check and record all transactions made by him, which seem suspicious to banks, is required by the Federal Law of August 7, 2001 No. 115-FZ “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism "and Regulations of the Bank of Russia dated October 15, 2015 No. 499-P "On identification of clients...".

3. Clause 14 of Article 7 of Law No. 115-FZ establishes the obligation of clients to provide information necessary for banks to comply with legal requirements.

4. An analysis of the Federal Law of 08/07/2001 No. 115 and the Bank of Russia Regulations of 10/15/15 No. 499-P allows us to come to the conclusion that the right of banks to request documentation is practically unlimited in general.

Indeed, sometimes banks require the provision of personal information of employees of organizations, balance sheets, information on taxes paid, etc. Of course, such requests cause a lot of indignation among clients.

As we can see, the list of documentation is very extensive, and in some cases it may be even longer. Moreover, sometimes too little time is given to prepare and submit these documents, which leads to even greater dissatisfaction of clients and their justifiable indignation.

In this regard, a logical question arises: do banks have the legal right to demand all these documents from clients?

Are banks' demands for documentation legal?

As the banks themselves explain, they request documents in such volumes for a reason. This is not their personal whim, but the requirements of the Federal Law of August 7, 2001 No. 115-FZ “On Combating the Legalization (Laundering) of Income...” and Regulations of the Bank of Russia dated October 15, 2015 No. 499-P “On identification of clients...”.

These legal regulations oblige credit institutions to identify not only the client himself, but also to check and record all transactions made by him that seem suspicious to banks. And if a client can be verified at the stage of opening a bank account for him, then the bank can check the purity of the transaction only at the stage of making cash payments.

What exactly does these regulations say? For example, Art. 7 of Federal Law No. 115-FZ dated 08/07/2001 states that when identifying a client, his representative, beneficiary, as well as updating information about them, banks have the right to require the presentation of relevant documents.

Their list includes identification documents, constituent documents, documents on state registration of a legal entity (individual entrepreneur). The bank may also request other documents necessary to comply with legal requirements.

And clause 14 of Article 7 of Law No. 115-FZ establishes the obligation of clients to provide information necessary for banks to comply with legal requirements.

Appendix 2 to Bank of Russia Regulation No. 499-P contains subparagraphs 2.7 – 2.9, which specify the powers of credit institutions to request documentation and information from clients.

Yes, pp. 2.7. establishes that the bank has the right to demand from its clients information and documents about the financial position, including financial statements and tax returns. At the same time, the credit institution, in its internal control rules, independently determines the number and types of documents that it uses to determine the client’s financial situation.

In paragraphs 2.8. it is indicated that the bank may request information about the client’s business reputation and reviews of him from other organizations that have business relations with him. A credit organization, in its internal control rules, can also independently determine another type of documents that can be used to determine the client’s business reputation.

Finally, paragraph 2.9. allows you to request information about the sources of origin of funds and other property of the client. The list of such information is again not exhaustive.

An analysis of the Federal Law of August 7, 2001 No. 115 and the Bank of Russia Regulations of October 15, 2015 No. 499-P allows us to come to the conclusion that the right of banks to request documentation is practically unlimited in general. At least, the legislation does not contain any such restrictions, nor does it contain an exact list of documents that must be provided at the request of a credit institution.

It turns out that banks have the right to request absolutely any documentation and in any volume. Is it really? BUKH.1S asked the head of the department of legal support for professional stock market participants of the FINAM Group of Companies to clarify the situation Sergei Volodkin.

What documents can banks request to comply with the requirements of the anti-money laundering law?

Any documents that banks will include in their internal control rules. And usually this is an open list, because... It is initially impossible to determine the complete list of documents that may be needed in order to determine whether a given operation is carried out for the purpose of laundering criminal proceeds or not. Those. any documents that may be required to analyze a specific transaction or the client’s activities in general.

Can banks require information containing personal data of third parties? For example, personal data of employees of a bank client company?

By law, banks are required to identify the client’s representative (including the sole executive body), the client’s beneficiary. And also take reasonable and accessible measures in the current circumstances to identify the beneficial owner. If these are all individuals (and the beneficial owner is only an individual), and it does not matter whether they are employees of the company or not, then banks are required to require information containing their personal data.

What deadlines for submitting the documents requested by the bank are established by law?

According to some sources, the deadlines have been set; according to others, the regulations say that banks set them themselves. The Central Bank considers the normal period to be 3-7 days; banks usually set such terms. If the bank sets long deadlines, the Central Bank believes that this was done specifically to help the client evade the procedures of Federal Law No. 115 of 08/07/2001.

What happens if you do not provide the information requested by the bank?

Failure by the client to provide information necessary for the credit institution to comply with the requirements of the law may be grounds for refusal to carry out the operation. If the bank has already refused two or more times, it is obliged to terminate the agreement and close the client’s account. The organization automatically ends up on the blacklist, which the Central Bank sends to banks, and there is a high probability that no other bank will open an account for such an organization.

The bank can also disable the remote service system (Internet banking). Then the client will be able to manage the account only by submitting paper payments, which is not very convenient when the client is, for example, in Vladivostok, and the bank is in Moscow. And even if the client brings such a paper payment, the bank will always be able to exercise the right to refuse to carry out the transaction.

So, it turns out that banks not only have the right to demand documents from clients, but this is their responsibility. If this is not done, the bank may be fined a significant amount. The liability of banks is established by Article 15.27 of the Code of Administrative Offenses of the Russian Federation “Failure to comply with the requirements of legislation on combating the legalization (laundering) of proceeds from crime and the financing of terrorism.”

Under this article, fines can reach 1 million rubles, and the bank’s activities can be suspended for up to 90 days. As a result, the credit institution's license to carry out banking operations may be revoked.

It is clear that banks are trying to protect themselves and are trying to thoroughly check the payments made by clients. It turns out that sending letters to clients to provide information is a common practice of credit institutions related to compliance with the laws of the Russian Federation and the requirements of the Central Bank of Russia.

The fact that banks can request an almost unlimited amount of documents from their clients was confirmed by BUKH.1S in the Association of Russian Banks (ARB).

As the chief specialist of the legal department of the ARB told us Veronica Kinsburskaya, the law does not regulate the question of what documents and information are subject to demand from individuals and legal entities in order to verify their non-involvement in extremist activities or terrorism. Also, the law does not determine the procedure for credit institutions to conduct inspections of the activities of their clients. What exactly to request and how exactly to check clients, the bank decides independently:

The exact list of documents and information required from the client, the procedure for verifying the client, including the procedure and timing for submitting the requested documents to the bank, as well as the procedure for recording the information received from the client are established by each credit institution independently. They are prescribed in the internal control rules.

If the bank suspects that any transactions are carried out for the purpose of money laundering or terrorist financing, the bank may request from the client detailed information about the client’s business objectives, business reputation, the purpose of a specific transaction and the sources of origin of the money.

According to paragraph 2 of Art. 6 of Federal Law No. 115-FZ, a transaction with funds is subject to mandatory control if at least one of the parties is an organization or individual in relation to which there is information about their involvement in extremist activities or terrorism. But at the same time, all other suspicious transactions are also subject to control.

An audit of the client’s activities and transactions may be carried out if bank employees have subjective suspicions that a specific operation is being carried out for the purpose of money laundering or terrorist financing. The corresponding right is granted to banks in clause 3 of Art. 7 of Federal Law No. 115-FZ.

If the client fails to provide the information necessary for verification, the bank may block the account, suspend the debit transaction, refuse to enter into an agreement, or terminate the bank account (deposit) agreement with such client.

BUKH.1S is now in the Telegram messenger! You can join the channel via the link: https://t.me/buhru (or dial @buhru in the search bar in Telegram).

Those who suffer in this whole situation, of course, are bona fide clients who conduct trading or production activities and are in no way connected with terrorism and money laundering. Often the volume of information requested by the bank turns out to be so large that it is physically impossible to submit documents on time.

What should bank clients do in such situations? This is the advice given by the general director of the Profdelo consulting center. Tatiana Nikanorova:

Banks must take appropriate measures to prevent illegal transactions. We understand that for this they can request almost any documents and in any quantity. Accountants are familiar with banks that overcharge. If the documents are not submitted in full, the bank may close the current account. And here lies the catch: closing an account on this basis often implies an increased tariff for withdrawing funds from a current account to another bank. This is up to 10% of the amount. You can, of course, complain to the Central Bank of the Russian Federation, and it will determine whether the request from the bank was legal or not. My recommendation for “white” companies: if you receive an excessive request, urgently withdraw money from such a bank and open an account elsewhere.

It can be concluded that clients will have to comply with banks’ demands for the provision of documents and information. And if there is such a possibility, it is better to send the documents in full and on time. If such an opportunity is not available, and the bank demands more and more often, it is wiser not to wait for the account to be closed and switch to servicing in another credit institution.