menu-burger

INTERNAL PROCEDURE RULES AND INTERNAL CONTROL RULES

The rules of internal procedures, drawn up under the International Sanctions Act, have been established for the application of international sanctions and for the application of the Anti- Money Laundering and the Combating Financing of Terrorism Act, and the internal control rules have been established for their implementation.

1. GENERAL PROVISIONS

  • 1.1. These rules establish internal security measures at the enterprise for the performance of customer due diligence measures in order to establish control over compliance with the requirements for the prevention of money laundering and terrorist financing and for the disclosure of suspicious and unusual transactions.
  • 1.2. The basis of these rules is the International Sanctions Act (IAS), the Anti-Money Laundering and Combating Financing of Terrorism Act (AML/CFT) and the Directive (EU) 2015/849 of the European Parliament and of the Council.
  • 1.3. The purpose of these rules is to enhance the credibility and transparency of the business environment in order to prevent the use of the financial system and economic space of the Republic of Estonia for money laundering and terrorist financing.
  • 1.4. These rules regulate and establish:
    • 1) the basic principles of assessment, management and reduction of risks associated with money laundering and financing of terrorism;
    • 2) the procedure for applying customer due diligence measures in respect of the customer, including the procedure for applying simplified or enhanced customer due diligence measures;
    • 3) responsibilities for data collection and related customer due diligence measures related to the disclosure in respect of actual beneficial owner of legal entities;
    • 4) guidance on how to effectively determine whether the case is with a person who is connected with public authorities or with a person who is connected with local authorities or with a person in respect of whom international sanctions are applied or with a person, whose place of residence or location is inthe third country with the high risk;
    • 5) the order of data collection, their security and their accessibility;
    • 6) models foridentificationof the customer and related risks;
    • 7) methodology and guidance for determining if an obliged entity is suspected in connection with money laundering and terrorist financing, or the case is with a suspicious transaction or circumstances, as well as guidance on compliance with notification requirements and procedures of reporting to the management;
    • 8) the order of management and assessment of related risks in connection with the available new technologies, services and products, including new or unconventional sales channels or in connection with developing technologies;
    • 9) collection of information on account holders and the duties related to the disclosure.
  • 1.5. The provisions of the procedural rules apply to all transactions related to business relations and with customers, including transactions that are concluded with the help of agents, and in the manner prescribed in the Anti-Money Laundering and Combating Financing of Terrorism Act (hereinafter AML/CFT) when transferring commercial activities to a third party.
  • 1.6. Responsible person of the legal entity is the management board, responsible person of the branch is the branch manager, or in case of their absence, the obliged entity should provide the employees whose responsibilities include the establishment of partnerships or transactions, for the fulfillment of obligations arising from this Act, due vocational training, which should continue after the employee starts execution of mentioned above responsibilities and after on a regular basis or when necessary. In the course of training, among other things, information should be provided on the envisaged procedural rules, on modern methods of money laundering and the financing of terrorism and on the risks involved, on the requirements for the protection of personal data, on methods of recognizing transactions that may be related to money laundering and financing terrorism, and guidelines for action in such situations.
  • 1.7. The management board of the enterprise is obliged to familiarize with these rules and with its applications all employees when applying for a job and in the future as necessary, but not less than once a year.
  • 1.8. Employees of the enterprise and the management board are required to confirm with the signature their acquaintance with this code.
  • 1.9. Employees of the enterprise and the management board are personally responsible for compliance with the requirements of the AML/CFT in a manner prescribed by law.
  • 1.10. Thetimelinessofthistreatmentischeckedandsupplementedonaregularbasis,butnot less than once a year.
  • 1.11. Employees of the enterprise are required to know and strictly adhere to the provisions of the AML/CFT, as well as guidance on identifying signs of money laundering and terrorist financing in transactions, drawn up by the Financial Intelligence Unit, and based on the requirements of this code.
  • 1.12. Employees of the enterprise should independently familiarize themselves with laws and other legal acts that are published on the Financial Intelligence Unit's website http://www.politsei.ee/et/organisatsioon/rahapesu/ at least once a year.
  • 1.13. Obliged entities shall co-operate with each other and with government supervisory authorities, as well as with law enforcement agencies to prevent money laundering and terrorist financing, including the provision of information at their disposal and responding to requests within a reasonable time, following prescribed requirements and adhering to the restrictions that are prescribed in legal acts.

2. DEFINITIONS

  • 2.1. Money laundering - property obtained through criminal activity or obtaining property for participation in criminal activities:
    • 1) conversion of property or transfer of property if it is known that such property was obtained as a result of criminal activity or with participation in it, in order to conceal the illegal origin of property or to assist a person participating in criminal activity so that it evades the legal consequences of its actions;
    • 2) acquisition, possession or use if, upon receipt, it has become known that it was obtained through criminal means or with participation in a crime;
    • 3) the concealment or disguise of the true nature, origin, location, manner of disposal, rearrangement or concealment of property rights, or concealment of other rights related to property, or if it became known that such property was obtained as a result of criminal activity or with participation in a crime;
    • 4) money laundering is a participation in the activity specified in section 2.1.1, connectionto that, in an attempt to participate in it and in every way to facilitate and incite or provide favorable conditions or advise;
    • 5) money laundering is regarded as such also in case where a criminal activity which generated the property to be laundered was carried out in the territory of another country;
    • 6) money laundering is regarded as such also where the details of a criminal activity which generated the property to be laundered have not been identified.
  • 2.2. Financing of terrorism and financing activities for its commission is a terrorist illegal act in the sense of 2373 Penal Code.
    The Financial Intelligence Unit - the Money Laundering Information Bureau is an independent structural subdivision of the Police and Border Guard Department, which oversees and whose main task is to suppress the financing of money laundering and terrorism in Estonia. Applies state coercion on the basis and in the manner prescribed by law. Address: Tööstuse 52, 10416 Tallinn; e-mail: [email protected]; phone (+372) 612 3840; fax: (+372) 612 3845.
  • 2.3. Cash means cash within the meaning of Article 2(2) of Regulation (EC) No 1889/2005 of the European Parliament and of the Council on controls of cash entering or leaving the Community (OJ L 309, 25.11.2005, pp 9–12).
  • 2.4. Property means any object as well as the right of ownership of such object or a document certifying the rights related to the object, including an electronic document, and the benefit received from such objekt.
  • Obliged entity means a person specified in § 2 of the AML/CFT, including economic, vocational and professional activities of the following persons:
    • 1) credit institutions;
    • 2) financial institutions;
    • 3) gambling operators, except for organisers of commercial lotteries;
    • 4) persons who mediate transactions involving the acquisition or the right of use of real estate; traders within the meaning of the Trading Act, where a cash payment of no less than EUR 10 000 or an equal amount in another currency is made to or by the trader, regardless of whether the financial obligation is performed in the transaction in a lump sum or by way of several linked payments over a period of up to one year, unless otherwise provided by law;
    • 5) persons engaged in buying-in or wholesale of precious metals, precious metal articles or precious stones, except precious metals and precious metal articles used for production, scientific or medical purposes;
    • 6) auditors and providers of accounting services;
    • 7) providers of accounting or tax advice services;
    • 8) providers of trust and company services;
    • 9) providers of a service of exchanging a virtual currency against a fiat currency;
    • 10) providers of a virtual currency wallet service;
    • 11) a central securities depository where it arranges the opening of securities accounts and provides services related to register entries without the mediation of an account operator;
    • 12) undertakings providing a cross-border cash and securities transportation service;
    • 13) pawnbrokers.
  • 2.6. Business relationship means a relationship that is established upon conclusion of a long- term contract by an obliged entity in economic or professional activities for the purpose of provision of a service or sale of goods or distribution thereof in another manner or that is not based on a long-term contract, but whereby a certain duration could be reasonably expected at the time of establishment of the contact and during which the obliged entity repeatedly makes separate transactions in the course of economic or professional activities while providing a service or professional service, performing professional acts or offering goodis.
  • 2.7. Customer means a person who has a business relationship with an obliged entity.
  • 2.8. Precious stones means natural and artificial precious stones and semi-precious stones, their powder and dust, and natural and cultivated pearls.
  • 2.9. Precious metal means precious metal within the meaning of the Precious Metal Articles Act.
  • 2.10. Precious metal article means a precious metal article within the meaning of the Precious Metal Articles Act.
  • 2.11. Virtual currency means a value represented in the digital form, which is digitally transferable, preservable or tradable and which natural persons or legal persons accept as a payment instrument, but that is not the legal tender of any country or funds for the purposes of Article 4(25) of Directive (EU) 2015/2366 of the European Parliament and of the Council on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, pp. 35–127) or a payment transaction for the purposes of points (k) and (l) of Article 3 of the same Directive.
  • 2.12. Virtual currency wallet service means a service in the framework of which keys are generated for customers or customers’ encrypted keys are kept, which can be used for the purpose of keeping, storing and transferring virtual currencies.
  • 2.13. Senior management of obliged entity means an officer or employee with sufficient knowledge of the institution’s money laundering and terrorist financing risk exposure and sufficient seniority to take decisions affecting its risk exposure, and need not, in all cases, be a member of the management board.
  • 2.14. Foreign exchange services means the exchanging of a valid currency against another valid currency by an undertaking in its economic or professional activities.
  • 2.15. Group means a group of undertakings which consists of a parent undertaking, its subsidiaries within the meaning of § 6 of the Commercial Code, and the entities in which the parent undertaking or its subsidiaries hold a participation, as well as undertakings that constitute a consolidation group for the purposes of subsection 3 of § 27 of the Accounting Act;
  • 2.16. High-risk third country means a country specified in a delegated act adopted on the basis of Article 9(2) of Directive (EU) 2015/849 of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141/73, 05.06.2015, pp 73–117).
  • 2.17. A contact person is an employee who is appointed by decision of the management board and who is the contact person of the Financial Intelligence Unit and regulates the implementation of established methods for preventing money laundering and terrorist financing. If a specific contact person is not appointed by the decision of the management board, in this case the duties of the contact person are performed by the management board of the legal entity.
  • 2.18. Seller means a natural person who serves customers on behalf of a trader, or a person who sells goods or provides services outside the economic or professional activities thereof by way of street or market trading.

3. NATIONAL RISK ASSESSMENT

  • 3.1. National risk assessment:
    • 1) it is envisaged to develop legal acts to prevent money laundering and terrorist financing and cover other areas and regulation with related areas, as well as the development of guidance for supervisory institutions and the need for their modification;
    • 2) specifies, among other things, the sectors, fields, transaction amounts and types and, where necessary, countries or jurisdictions with regard to which obliged entities must apply enhanced due diligence measures and, where necessary, clarifies the measures;
    • 3) specifies, among other things, the sectors, fields, transaction amounts and types whereby the risk of money laundering and terrorist financing is smaller and where it is possible to apply simplified due diligence measure;
    • 4) gives instructions to the ministries and authorities in their area of government regarding allocation of resources and setting of priorities for AML/CFT purposes.
  • 3.2. Upon implementation of national risk assessment, relevant information, statistics and analyses which have been published or made available to the ministries or authorities in their area of government, including relevant risk assessments, reports and recommendations of international organisations and the European Commission are taken into account and collected, thereby taking account of data protection requirements.
  • 3.3. The generalized results of the national risk assessment are published on the website of the Ministry of Finance and immediately made available to obliged entities, the European Commission, European supervisory authorities and other Member States of the European Union.
  • 3.4. Based on the national risk assessment, the minister responsible for the field may by a regulation establish limit amounts, requirements for monitoring a business relationship or other risk-based restrictions aimed at mitigating the risks of money laundering or terrorist financing.

4. MANAGING RISKS ARISING FROM THE ACTIVITIES OF THE OBLIGED ENTITY

  • 4.1. For the purpose of identification, assessment and analysis of risks of money laundering and terrorist financing related to their activities, obliged entities prepare a risk assessment, taking account of at least the following risk categories:
    • 1) risks relating to customers;
    • 2) risks relating to countries, geographic areas or jurisdictions;
    • 3) risks relating to products, services or transactions;
    • 4) risk relating to communication, mediation or products, services, transactions or delivery channels between the obliged entity and customers.
  • 4.2. The steps taken to identify, assess and analyse risks must be proportionate to the nature, size and level of complexity of the economic and professional activities of the obliged entity.
  • 4.3. As a result of the risk assessment, the obliged entity establishes:
    • 1) fields of a lower and higher risk of money laundering and terrorist financing;
    • 2) the risk appetite, including the volume and scope of products and services provided in the course of business activities;
    • 3) the risk management model, including simplified and enhanced due diligence measures, in order to mitigate identified risks.
  • 4.4. Risk appetite means the total of the exposure level and types of the obliged entity, which the obliged entity is prepared to assume for the purpose of its economic activities and attainment of its strategic goals, and which is established by the senior management of the obliged entity in writing. When applying the above, one should also take into account the risk that the obliged entity is ready to accept or that it wishes to avoid in connection with its commercial activities and with qualitative and quantitative mechanisms such as planned income, capital or other methods used by other liquid funds, or other circumstances, such as reputational risks and money laundering and terrorist financing, or legal and other risks associated with unethical activities.
  • 4.5. When applying Risk appetite to the risk, the obliged entity must at least determine those of the customer’s characteristics which should be to avoided in business relations and, in the presence of which, it would be necessary to apply the increased customer due diligence measures, including those when the obliged entity has to assess the risks associated with this customer and appoint the appropriate methods to reduce these risks.
  • 4.6. The risk assessment and the establishment of the risk appetite must be documented, the documents are to be updated where necessary and based on the published results of the national risk assessment. At the request of the competent supervisory authority, the obliged entity submits the documents to the supervisory authority.
  • 4.7. When applying the AML/CFT it is expected that an obliged entity that is the parent undertaking of a group applies group-wide rules of procedure and the internal control rules for controlling adherence thereto regardless of whether all the undertakings of the group are located in one country or in different countries. This obligation includes, inter alia, the establishment of a group-wide procedure for exchanging information on of the AML/CFT and the establishment of similar rules for protection of personal data. The obliged entity ensures that group-wide rules of procedure and the internal control rules for controlling adherence thereto take to the appropriate extent account of the law of another Member State of the European Union which implements Directive (EU) 2015/849 of the European Parliament and of the Council, where the obliged entity has a representation, branch or majority-owned subsidiary in that Member State.
  • 4.8. Where the obliged entity has a representation, branch or majority-owned subsidiary in a third country where the minimum requirements for AML/CFT are not equivalent to those of Directive (EU) 2015/849 of the European Parliament and of the Council, the representation, branch and majority-owned subsidiary follow the rules of procedure and internal control rules complying with the requirements of this Act, including the requirements for protection of personal data, to the extent permitted by the law of the third country.
  • 4.9. Where the obliged entity identifies a situation where the law of the third country does not allow for implementing rules of procedure or internal control rules complying with the requirements of the AML/CFT in its representation, branch or majority-owned subsidiary, the obliged entity informs the competent supervisory authority thereof. The competent supervisory authority notifies the Member States and, where relevant, the European supervisory authorities where it has become evident in accordance with the first sentence of this subsection that the law of the third country does not allow for applying rules of procedure or internal control rules complying with the requirements of Directive (EU) 2015/849 of the European Parliament and of the Council. In the case specified in this section, the obliged entity ensures the application of additional measures in the representation, branch or majority-owned subsidiary so that the risks relating to money laundering or terrorist financing are effectively managed in another manner, informing the competent supervisory authority of the measures taken. In such an event the competent supervisory authority has the right to issue a precept demanding, inter alia, that the obliged entity or its representation, branch or majority-owned subsidiary:
    • 1) refrain from establishing new business relationships in the country;
    • 2) terminate the existing business relationships in the country;
    • 3) suspend the provision of the service in part or in full;
    • 4) wind itself up;
    • 5) apply other measures provided for in regulatory technical standards adopted by the European Commission on the basis of Article 45(7) of Directive (EU) 2015/849 of the European Parliament and of the Council.
  • 4.10. Within the group, information on a suspicion reported to the Financial Intelligence Unit may be shared, unless the Financial Intelligence Unit has ordered otherwise.
  • 4.11. Where a foreign service provider is an obliged entity and has a branch that has been registered in the Estonian commercial register or where a foreign service provider has a majority-owned subsidiary, it does not need to apply the group-wide rules of procedure or internal control rules to the extent that adherence thereto would be in conflict with the national risk assessment prepared on the basis of the AML/CFT or with requirements established in or on the basis of the AML/CFT.

5. CUSTOMER DUE DILIGENCE MEASURES

  • 5.1. It is necessary to pay special attention to the person involved in the transaction or to the customer's activities and circumstances that indicate money laundering or the financing of terrorism, or to the obvious connection with money laundering or terrorist financing, including a complex transaction of a large volume, as well as an unusual transaction that does not have a specific financial purpose.
  • 5.2. Thefollowing methods of due diligence are applied to customers:
    • 1) identification of a customer or a person participating in an occasional transaction and verification of the submitted information based on information obtained from a reliable and independent source, including using means of electronic identification and of trust services for electronic transactions;
    • 2) identification and verification of a customer or a person participating in an occasional transaction and their right of representation;
    • 3) identification of the beneficial owner and, for the purpose of verifying their identity, taking measures to the extent that allows the obliged entity to make certain that it knows who the beneficial owner is, and understands the ownership and control structure of the customer or of the person participating in an occasional transaction;
    • 4) understanding of business relationships, an occasional transaction or act and, where relevant, gathering information thereon;
    • 5) gathering information on whether a person is a politically exposed person, their family member or a person known to be close associate;
    • 6) monitoring of a business relationship.
  • 5.3. Upon implementation of subsection 5.2 of this section, the obliged entity must understand the purpose of the business relationship or the purpose of the occasional transaction, identifying, inter alia, the permanent seat, place of business or place of residence, profession or field of activity, main contracting partners, payment habits and, in the case of a legal person, also the experience of the customer or person participating in the occasional transaction.
  • 5.4. In the case of an occasional transaction made outside of a business relationship, the obliged entity gathers information on the origin of the property used in the transaction, instead of applying clause 4 of subsection 5.2 of this section.
  • 5.5. A person participating in a transaction made in economic or professional activities, a person participating in a professional act or a person using a professional service or a customer submits, at the request of the obliged entity, documents required for application of the due diligence measures specified in clauses 1–4 of the subsection 5.2 of this section and provides relevant information. A person participating in a transaction made in economic or professional activities, a person participating in a professional act or a person using a professional service or a customer certifies by signature, at the request of the obliged entity, the correctness of the submitted information and documents submitted for the application of the due diligence measures.
  • 5.6. The due diligence measures specified in clauses 1-5 of subsection 5.2 of this section must be applied before the conclusion of the transaction, before and outside the partnership.
  • 5.7. The identity of a customer or of the customer’s representative may beverified on the basis of information obtained from a credible and independent source also at the time of establishment of the business relationship, provided that it is necessary for not disturbing the ordinary course of business. In such an event the verification of identity must be carried out as quickly as possible and before the taking of binding measures..
  • 5.8. The obliged entity may choose the extent of performance of the duty and the need to verify the information and data used therefore with the help of a credible and independent source.
  • 5.9. Due diligence measures to the business relationship may be applied in a simplified manner in accordance with the simplified procedure, provided that a factor characterising a lower risk has been established and ay least the following criteria are met:
    • 1) a long-term contract has been concluded with the customer in writing, electronically or in a form reproducible in writing;
    • 2) payments accrue to the obliged entity in the framework of the business relationship only via an account held in a credit institution or the branch of a foreign credit institution registered in the Estonian commercial register or in a credit institution established or having its place of business in a contracting state of the European Economic Area Agreement or in a country that applies requirements equal to those of Directive (EU) 2015/849 of the European Parliament and of the Council;
    • 3) the total value of incoming and outgoing payments in transactions made in the framework of the business relationship does not exceed EUR 15 000 a year.

6. SIMPLIFIED CUSTOMER DUE DILIGENCE MEASURES

  • 6.1. The obliged entity may apply simplified customer due diligence measures where a in the risk assessment prepared on the basis of the risk analysis, which is compiled by the obliged person, it is established that, in the case of the economic or professional activity, field or circumstances, the risk of money laundering or terrorist financing is lower than usual.
  • 6.2. Before the application of simplified customer due diligence measures to a customer, the obliged entity establishes that the business relationship, transaction or act is of a lower risk.
  • 6.3. The application of simplified customer due diligence measures is permitted to the extent that the obliged entity ensures sufficient monitoring of transactions, acts and business relationships, so that it would be possible to identify unusual transactions and allow for notifying of suspicious transactions in accordance with the procedure established in § 49 of the AML/CFT.

7. ENHANCED CUSTOMER DUE DILIGENCE MEASURES

  • 7.1. The obliged entity applies enhanced customer due diligence measures in order to adequately manage and mitigate a higher-than-usual risk of money laundering and terrorist financing.
  • 7.2. Enhanced customer due diligence measures are applied always when:
    • 1) upon identification of a person or verification of submitted information, there are doubts as to the truthfulness of the submitted data, authenticity of the documents or identification of the beneficial owner;
    • 2) the customer is a politically exposed person, except for a local politically exposed person, their family member or a close associate;
    • 3) the customer is from a high-risk third country or their place of residence or seat or the seat of the payment service provider of the payee is in a high-risk third country;
    • 4) the customer or the person participating in the transaction is from such country or territory or their place of residence or seat or the seat of the payment service provider of the payee is in a country or territory that, according to credible sources such as mutual evaluations, reports or published follow-up reports, has not established effective AML/CFT systems that are in accordance with the recommendations of the Financial Action Task Force, or that is considered a low tax rate territory.
  • 7.3. The obliged entity applies enhanced customer due diligence measures also where a risk assessment prepared on the basis the AML/CFT identifies that, in the case of the economic or professional activity, field or factors, the risk of money laundering or terrorist financing is higher than usual.
  • 7.4. Enhanced customer due diligence measures do not need to be applied regarding the branch of an obliged entity established in a contracting state of the European Economic Area or a majority-owned subsidiary seated in a high-risk third country, provided that the branch and the majority-owned subsidiary fully comply with the group-wide procedures and the obliged entity assesses that the waiver to apply enhanced customer due diligence measures does not entail major additional risks of money laundering and terrorist financing.

8. ADDITIONAL CUSTOMER DUE DILIGENCE MEANSURES

  • 8.1. The obliged entity chooses additional customer due diligence measures in order to manage and mitigate an established risk of money laundering and terrorist financing that is higher than usual, choosing at own discretion toapply one or several of the following due diligence measures:
    • 1) verification of information additionally submitted upon identification of the person based on additional documents, data or information originating from a credible and independent source;
    • 2) gathering additional information on the purpose and nature of the business relationship, transaction or operation and verifying the submitted information based on additional documents, data or information that originates from a reliable and independent source;
    • 3) gathering additional information and documents regarding the actual execution of transactions made in the business relationship in order to rule out the ostensibility of the transactions;
    • 4) gathering additional information and documents for the purpose of identifying the source and origin of the funds used in a transaction made in the business relationship in order to rule out the ostensibility of the transactions;
    • 5) the making of the first payment related to a transaction via an account that has been opened in the name of the person or customer participating in the transaction in a credit institution registered or having its place of business in a contracting state of the European Economic Area or in a country where requirements equal to those of Directive (EU) 2015/849 of the European Parliament and of the Council are in force;
    • 6) the application of due diligence measures regarding the person or their representative while being at the same place as the person or their representative.
  • 8.2. Upon application of enhanced customer due diligence measures, the obliged entity must apply the monitoring of a business relationship more frequently than usually; including reassess the customer’s risk profile not later than six months after the establishment of the business relationship.

9. GENERAL PRINCIPLES FOR VERIFICATION OF CUSTOMER’S IDENTITY

  • 9.1. The client confirms the submitted information with his own signature.
  • 9.2. When establishing partnership agreements with a natural person who is a permanent resident in Estonia or a in a contracting state of the European Economic Area Agreement, it is possible to follew a simplified procedure for identification.
  • 9.3. Prior to establishing a partnership with a politically exposed person, with family members of a politically exposed person or with close associates of a politically exposed person, the employee should receive a permission from the management board, which decides the feasibility of establishing customer relationship and provides the due guidance for further tracking of customer relationship.
  • 9.4. Prior to establishing a partnership with a legal entity where the actual beneficial owner is connected with a politically exposed person, with family members of a politically exposed person or with close associates of a politically exposed person that operates on the territory of a contracting state of the European Economic Area Agreement or of a third country, the employee should receive a permission from the management board, which decides the feasibility of establishing customer relationship and provides the due guidance for further tracking of customer relationship.
  • 9.5. Prior to establishing a partnership with a politically exposed person, whose location is the third country with a high risk, where institutions have not adopted sufficient methods to prevent money laundering and terrorist financing, or this country does not cooperate with other countries in the field of preventing money laundering and terrorist financing, the employee should receive a permission from the management board, which decides the feasibility of establishing customer relationship and provides the due guidance for further tracking of customer relationship.
  • 9.6. Prior to establishing a partnership with a legal entity in respect of whose activities, or in respect of person who formally represents them or in the case of an actual beneficial owner, there is a prior suspicion that the above-mentioned persons may be associated with money laundering or financing of terrorism, the employee should receive a permission from the management board, which decides the feasibility of establishing customer relationship and provides the due guidance for further tracking of customer relationship
  • 9.7. When at establishing the identity of a customer a justifiable suspicion arises that it does not act on its own behalf or at its own expense, the employee should establishes the identity of the person on whose behalf or at whose expense the customer acts.
  • 9.8. If the identity of a person, on behalf of whom, or at whose expense the other person acts, cannot be established, in this case the employee is prohibited from making a transaction. Also, theemployee must immediately inform the Financial Intelligence Unit of the intention of the person to make the transaction or about the transaction that has already taken place.
  • 9.9. Before providing the primary use of the offered service or establishing a partnership it is preferable to establish the identity of the customer, being with him physically in the same place.
  • 9.10. When at establishing the customer’s identity a suspicion arises, an employee must ask for an additional identity document, in which there is a photograph, based on which it is possible to ensure the correct identification. In case of suspicion for document forgery signs, it is recommended to keep it, call for police assistance and pass a document that caused suspicion to a police officer.Use the assistance of a security officer or another personwhen possible. It is necessary to file a report to the Financial Intelligence Unit on this case.

10. IDENTIFICATION OF TRANSACTIONS AND CUSTOMER RELATIONSHIP

  • 10.1. The obliged entity’s employee applies the following procedural rules every time prior to the transaction with the customer or the establishment of business relationship.
  • 10.2. The obliged entity’s employee clarifies the purpose and nature of the transaction and the establishment of business relationship.
  • 10.3. The obliged entity’s employees are prohibited from making a transaction and signing an agreement with a customer who refuses to provide the data specified in the previous section, as well as with a customer for whom the employee has a suspicion that he may be a front man; if the customer does not provide the required documents and necessary information or if on the basis of the submitted documents the employee suspects that the case may be with money laundering or with the financing of terrorism.
  • 10.4. The contact person of the Financial Intelligence Unit (the management board) should be informed immediately about the cases referred to in section 10.3, and as much data in the part of the customer, based on which will it be possible to establish the customer’s identity the later on, must be secured.

11. NATURAL PERSON’S IDENTITY VERIFICATION

  • 11.1. The obliged entity’s employee establishes the customer’s identity and, if necessary, the customer’s representative identity, and also the following information in respect of the customer's and, if necessary, the customer’s representative, must be secured:
    • 1) name and surname;
    • 2) personal identification code, in case of it’s absence, date of birth and place of birth, as well as the place of residence or location;
    • 3) information on how to determine and verify the right of representation and its scope, also in case when the right of representation does not arise from the law, then the name of the document that is the basis for the right of representation, the date of its issue and the name of the entity that issued it.
  • 11.2. The obliged entity’s employee verifies the correctness of the data specified in clauses 1, 2, 3 of section 11.1 using information from an independent and reliable source. In the event that the identifiable person has a document specified in clause 3 section 11.1, or equivalent document and the customer’s identity is established and verified on the basis of this document, or is established on the basis of electronic identification, or on the basis of electronic transactions, using the proven tools, the term of validity of which is established on the basis of these documents, then in this case there is no need to secure the additional information in respect to these documents.
  • 11.3. The employee makes a copy of the page on which the personal data is indicated and there is a photograph, and a copy shall be signed and dated by the person who made the copy.
  • 11.4. Proceeding from the part 2 of § 2 and the part 4 of § 4 of the Identity Documents Act, the following effective documents are allowed to be used as the basis for the natural person’s identity verification:
    • 1) identity card;
    • 2) digital identity card;
    • 3) residence permit card;
    • 4) passport of an Estonian citizen;
    • 5) diplomatic passport;
    • 6) the seaman's service book;
    • 7) alien's passport;
    • 8) temporary travel document;
    • 9) refugee travel document;
    • 10) a maritime certificate;
    • 11) return sertificate;
    • 12) refundation license;
    • 13) driver's license issued in the Republic of Estonia;
    • 14) driver's license issued in a foreign country, if the owner’s name, a photograph or facial image, signature or facsimile of the signature and date of birth or personal identification code are indicated in the document;
    • 15) travel document issued in a foreign country.
  • 11.5. If the original document specified in clause 11.4 of this code cannot be seen, a notarized copy of the document and also notarized or officially certified copy of the document or the information from other independent and reliable sources, including the means of electronic identification and through electronic transactions, using in this case, the data control at least two different sources can be used in order to verify the identity.

12. LEGAL ENTITY’S IDENTIFICATION

  • 12.1. In order to identify the legal entity, the submitted documents must contain:
    • 1) the name or business name of the legal person;
    • 2) the registry code or registration number and the date of registration;
    • 3) the names of the director, members of the management board or other body replacing the management board, and their authorisation in representing the legal person;
    • 4) the details of the telecommunications of the legal persoon.
  • 12.2. The obliged entity’s employeeverifies the correctness of the data specified inclauses 1 and 2 of section 12.1 of this part, using information originating from a credible and independent source for that purpose. Where the obliged entity has access to the commercial register, register of non-profit associations and foundations or the data of the relevant registers of a foreign country, the submission of the documents specified in subsection 3 of this section does not need to be demanded from the customer.
  • 12.3. The following effective documents are allowed to be used as the basis for the legal entity’s identity verification:
    • 1) extract from the registration card of the relevant register or from the registration certificate or an equivalent document issued by the competent authority or institution not earlier than six months prior the filing (in the case of a legal entity registered in Estonia and a branch of a foreign commercial enterprise registered in Estonia);
    • 2) extract from the registration card of the relevant register or from the registration certificate or an equivalent document issued by the competent authority or institution not earlier than six months prior the filing (in the case of a foreign legal entity).
  • 12.4.Where the original document specified in clause12.3 of this partis not available, the identity can be verified on the basis of a document specified in subsection 3, which has been authenticated by a notary or certified by a notary or officially, or on the basis of other information originating from a credible and independent source, including means of electronic identification and trust services for electronic transactions, thereby using at least two different sources for verification of data in such an event.
  • 12.5. A representative of a legal person of a foreign country must, at the request of the obliged entity, submit a document certifying his or her powers, which has been authenticated by a notary or in accordance with an equal procedure and legalised or certified by a certificate replacing legalisation (apostille), unless otherwise provided for in an international agreement.

13. ACTUAL BENEFICIAL OWNER IDENTIFICATION

  • 13.1. When establishing a legal entity, the obliged entity must register the actual beneficial owner of the legal entity. As a rule, it is assumed that the legal entity is represented by a legal representative or a person having a power of attorney for representation. In respect of powers of attorney and documents that were drawn up in foreign countries; it must be taken into account that they must be legalized or apostilled. When dealing with a document authorizing the rights of representation, it is necessary to clarify the fact whether the entity who issued the document had the authority to do so. The representative of the legal entity is expected to have knowledge of economic or professional activities, the purpose of the transaction, business partners, sources and origin of the funds used, the range of owners and other knowledge.
  • 13.2. Beneficial owner means a natural person who, taking advantage of their influence, makes a transaction, act, action, operation or step or otherwise exercises control over a transaction, act, action, operation or step or over another person and in whose interests or favour or on whose account a transaction or act, action, operation or step is made. In the case of companies, a beneficial owner is the natural person who ultimately owns or controls a legal person through direct or indirect ownership of a sufficient percentage of the shares or voting rights or ownership interest in that person, including through bearer shareholdings, or through control via other means.
    • 1) Direct ownership is a manner of exercising control whereby a natural person holds a shareholding of 25 per cent plus one share or an ownership interest of more than 25 per cent in a company. Indirect ownership is a manner of exercising control whereby a company which is under the control of a natural person holds or multiple companies which are under the control of the same natural person hold a shareholding of 25 per cent plus one share or an ownership interest of more than 25 per cent in a company.
    • 2) Where, after all possible means of identification have been exhausted, the person specified in this section of this part cannot be identified and there is no doubt that such person exists or where there are doubts as to whether the identified person is a beneficial owner, the natural person who holds the position of a senior managing official is deemed as a beneficial owner.
    • 3) The obliged entity may consider the actual beneficial owner also the person who exercises control over the enterprise in another way, other than ownership interest of more than 25 per cent in the said enterprise. This procedure develops when an obliged entity has a suspicion that an overwhelming control over the enterprise is being exercised by a third party, whose communication with the enterprise cannot be legally proven or the proof is difficult. In this case, information should be required about their owners, partners and other persons who control the activities of the legal entity or have any other significant influence.
    • 4) In the case of a trust, civil law partnership, community or legal arrangement, the beneficial owner is the natural person who ultimately controls the association via direct or indirect ownership or otherwise and is such associations’: settlor or person who has handed over property to the asset pool; trustee or manager or possessor of the property; person ensuring and controlling the preservation of property, where such person has been appointed, or the beneficiary, or where the beneficiary or beneficiaries have yet to be determined, the class of persons in whose main interest such association is set up or operates.
    • 5) In the case of a person or an association of persons not specified in clauses 2 and 6 of this section, a member or members of the management board may be designated as a beneficial owner.
    • 6) The obliged entity registers and keeps records of all actions taken in order to identify the beneficial owner.
    • 7) If this is the case with a commercial entity whose securities are traded on the regulated securities market, then there is no need to establish the actual beneficial owner of this commercial entity.
  • 13.3. The information received from the representative of the legal entity shall be used in order to determine the actual beneficial owner.
    • 1) The obliged entity analyzes the documents submitted by the representative of the legal entity and, if necessary, requests additional documents and data in order to establish the legal beneficial owner (s) of the legal entity.
    • 2) If the obliged entity has a suspicion about the accuracy or completeness of the relevant information, then a thorough check of the information provided on open accessible sources of information must be performed and, if necessary, the customer should be requested to provide additional information.
    • 3) If it is not clear from the documents on the basis of which the legal entity is being established or from other documents provided, who is the actual beneficial owner, then the relevant data has to be recorded from the words of the representative of the legal entity or on the basis of a written document signed by him personally. It is necessary to apply reasonable methods (to make inquiries in the appropriate registers), to require the provision of an annual report of a legal entity or the provision of other relevant documents, in order to verify the information received on the basis of a document which was drawn up from the words or handwritten.
    • 4) When determining the actual beneficial owner, it is necessary to pay primarily attention to commercial entities that are established in a zone with low taxation, the legal capacity of which is not always straightforward.
    • 5) If another legal entity is related to the concept of the actual beneficial owner of a controlled legal entity, then the obliged entity must assess the risks of the person or the customer and, in appropriate order, collect information in relation to another legal entity related to this legal entity, in order to establish the actual beneficial owner.
  • 13.4. Identification of the actual beneficial owner of a natural person:
    • 1) when establishing a natural person’s identity, the obliged entity is required in the case of suspicion to establish also the actual beneficial owner of a natural person in the sense of identifying the person who controls the activity of the audited persoon;
    • 2) asuspicion regarding the existence of the actual beneficial owner may appear primarily if, in applying the customer due diligence measures, the obliged entity has a suspicion that the natural person was inclined to create a business relationship or to conduct a transaction. In this case, it is necessary to consider that entity which controls a natural person is the actual beneficial owner of a natural person.

14. POLITICALLY EXPOSED PERSON IDENTIFICATION

  • 14.1. A politically exposed person is an individual who performs the duties of public authority or performs significant duties of public authority, including the president of the republic, the head of government, the minister or deputy minister or minister's assistant, a member of parliament or a member of a state body similar to the parliament, a member of the state court or the suprem court, the state controller and a member of the central bank's management board, the ambassador, the charge d'affaires and the senior officer of the defense forces, the management board member of the state, a member of the administrative or supervisory authority, the head of an international organization, a deputy head and a member of the management, or a person who performs the same functions but does not have an official secondary or lower status level.
    • 1) A person politically connected with local authorities is the person specified in clause 14.1 that performs or performed significant public authority duties in Estonia, in other countries which are the contracting states of the European Economic Area Agreement or in the European Union’ institutions.
    • 2) A member of the family of a politically exposed person at the state level or a politically exposed person at the local level is a spouse of a person or person who is considered to be a spouse of a politically exposed person at the state level or a politically exposed person at the local level, a child of a politically exposed person at the state level or a politically exposed person of the local level or spouse of a child of a politically exposed person at the state level or a politically exposed person at the local level or a person who is considered to be a spouse of a child of a politically exposed person at the state level or a politically exposed person at the local level, and a parent of a politically exposed person at the state level or a politically exposed person at the local level.
    • 3) The close associate is an individual with respect to whom it is known that he or she is in relation to a legal entity or legal structure and he or she is the actual beneficial owner or co-owner together with a politically exposed person at the state level or with a politically exposedperson at the local level or has close business relations with a politically exposed person at the state level or with a politically exposed person at the local level and an individual who is the only actual beneficial owneror of such legal entity’s legal framework in respect of which it is known that it is indeed established by a politically exposed person at the national level or in favor of a politically exposed person at the local level.
  • 14.2. In a situation where an economic or professional transaction or a participant in the performance of an official act, the customer or their actual beneficial owner is a politically exposed person of national level, a member of the family of a politically exposed person of national level, or a person who is a close associate of a politically exposed person of national level, then the obliged person applies the following customer due diligence measures:
    • 1) receives approval from senior management to establish a partnership or to continue business relationships with that person;
    • 2) applies methods of customer due diligens measures in order to establish the origin of thematerial wealth and the sources of funds that are used in partnerships or that are used for the transaction;
    • 3) monitors these partnerships in an enhanced manner of customer due diligence and conducts regular enhanced monitoring, with the exception of cases specified in legal acts.
  • 14.3. If a politically exposed person of state level no longer fulfills the public duties entrusted to him or her, then the obliged entity, for at least 12 months, must take into account the risks that have been associated with the person in question and apply the necessary and risk-based methods untilit is sure that the risks inherent in a politically exposed person of national level no longer arise.
  • 14.4. The obliged entity may not apply the methods of customer due diligence described in this part to a politically exposed person of national level, to members of his or her family and to persons who are considered his or her close associates, if there are no other circumstances indicating the presence of other, higher than usual risks.
  • 14.5. The obliged entity should establish the internal procedural rules on the basis of which the decision shall be made whether the potential customer or the actual beneficial owner of the customer is a politically exposed person of state level, a politically exposed person of local level of a county which is the contracting state of the European Economic Area Agreement or of a third country or who performs or performed the public duties assigned to him or her in international organizations. The obliged entity should establish the close associates of a politically exposed person of state level and members of his or her family only if their connection with the executor of important public duties is known to the public or when the obliged entity has reason to believe that such a relationship exists.
  • 14.6. The obliged entity must apply the enhanced customer due diligence measures in addition to the necessary methods of customer due diligence with regard to a politically exposed person of state level including the following methods:
    • 1) require the additional information from the customer, as well as to applyall necessary methods in order to establish sources of wealth and money that are used to establish business relationships or when conducting a transaction;
    • 2) verify data or make inquiries to the relevant databases or open databases or make inquiries or verify data with respect to the customer, or to the appropriate supervisory authorities at the customer's location or on official websites of government agencies. The following data should be checked primarily:
      • a politically exposed person of local level can be checked on the website of thee the Financial Intelligence Unit: https://www.politsei.ee/et/organisatsioon/rahapesu/kasulikku/;
      • a foreign politically exposed person of national level can be identified using the NameScan database: https://namescan.io/FreePEPCheck.aspx., which has a free access, or in any paid database (for example, Thomson Reuters, MemberCheck and others);
      • while checking a politically exposed person of local level, as well as a politically exposed person of national level, it is necessary to perform an additional check up using Google, and also using local search systems in the country of origin of the customer, by entering the customer's name and date of birth both in Latin letters and using the locallanguage.
  • 14.7. The decision to establish a business relationship with a politically exposed person of national level must be taken by the management board of the obliged entity, the responsible member of the management board or the contact person. If a business relationship is established with the customer that will become later on or later it will becomes known that he or she or actual beneficial owner has become a politically important person of state level in the understanding of this guidance, then it is necessary to inform the management board, the responsible member of the management board or the contact person.

15. HIGH RISK THIRD COUNTRY ACTING PERSON

  • 15.1. The high risk country is the third country which, on the basis of the Directive (EU) 2015/849 of the European Parliament and of the Council, that regulates the counteraction to money laundering and the financing of terrorism of the financial system and which amends the Resolution (EU) 648/2012 and recognizes invalid, and the 2005/60/EU of the Council and Commission Directive (EU) 2006/70/EU (EU page 141, 05.06.2015, pages 73-117), section 9 part 2, high risk countries are listed (Annex 14) on the basis of these adopted acts.
  • 15.2. High risk third countries include: Afghanistan, Bosnia and Herzegovina, Guyana, Iraq, Lao People's Democratic Republic, Syria, Uganda, Vanuatu, Yemen, Iran and North Korea.
  • 15.3. If an obliged entity in the commercial or professional activity in the course of a transaction or in the performance of an official act interacts with the participating entity, with a customer, in whose respect an official action is carried out, or with a customer from a high risk third country, then the following customer due diligence measures should be applied:
    • 1) collection of additional information concerning the customer and the actual beneficial owner;
    • 2) collection of additional information regarding the content of the planned transaction;
    • 3) collection of information regarding the origin of funds and the wealth of the customer and the actual beneficial owner;
    • 4) collection of information regarding the reasons for planned or concluded transactions;
    • 5) obtaining permission from senior management to establish partnerships or to continue them;
    • 6) to intensify the monitoring of business relationship by increasing the number and frequency of control methods applied and selecting the parameters of transactions subject to additional verification.
  • 15.4. In addition to the above, the obliged person may oblige the customer and require from the customer at the moment of making payments from the account of the customer whose location is in a contracting state of the European Economic Area Agreement, to apply the same measures that apply to credit institutions of third countries on the basis of the Directive (EU) 2015/849 of the European Parliament and of the Council.

16. MONITORING BUSINESS RELATIONSHIP

  • 16.1. The obliged entity establishes principles for monitoring a business relationship established in economic or professional activities (hereinafter monitoring business relationship) according to the rules of internal proceduresand internal control rules.
  • 16.2. Monitoring business relationship must include at least the following:
    • 1) checking of transactions made in a business relationship in order to ensure that the transactions are in concent with the obliged entity’s knowledge of the customer, customer’s activities and customer’s risk profile;
    • 2) regular updating of relevant documents, data or information gathered in the course of application of customer due diligence measures;
    • 3) identifying the source and origin of the funds used in a transaction;
    • 4) in economic or professional activities, paying more attention to transactions made in the business relationship, the activities of the customer and circumstances that refer to a criminal activity, money laundering or terrorist financing or that a likely to be linked with money laundering or terrorist financing, including to complex, high-value and unusual transactions and transaction patterns that do not have a reasonable or visible economic or lawful purpose or that are not typicalfor the given business specifics. In the performance of these duties, it is necessary to ascertain the presence of these transactions, the reason and the background, as well as other information to understand the meaning and content of transactions, and to pay more attention to these transactions;
    • 5) in economic or professional activities, paying more attention to the business relationship or transaction whereby the customer is from a high-risk third country or a country or jurisdiction specified in subsection 4 of § 37 of the AML/CFT or whereby the customer is a citizen of such country or whereby the customer’s place of residence or seat or the seat of the payment service provider of the payee is in such country or jurisdiction.

17. DATA REGISTRATION, VERIFICATION AND STORAGE

  • 17.1. The obliged entity registers the transaction date or period and a description of the substance of the transaction. In addition, the obligedentity registers:
    • 1) information on the circumstances of the obliged entity’s refusal to establish a business relationship or make an occasional transaction;
    • 2) the circumstances of a waiver to establish a business relationship or make a transaction, including. an occasional transaction, on the initiative of a person participating in the transaction or professional act, a person using the official service or a customer where the waiver is related to the obliged entity’sapplication of customer due diligence measures;
    • 3) information according to which it is not possible to take the customer due diligence measures provided for in subsection 1 of § 20 of the AML/CFT using information technology means;
    • 4) information on the circumstances of termination of a business relationship in connection with the impossibility of application of the customer due diligence measures;
    • 5) information serving as the basis for the duty to report under § 49 of the AML/CFT;
    • 6) upon making transactions with a civil law partnership, community or another legal arrangement, trust fund or trustee, the fact that the person has such status, an extract of the registry card or a certificate of the registrar of the register where the legal arrangement has been registered.
  • 17.2. The obliged entity must retain the originals or copies of the documents specified in §§ 21, 22 and 46 of the AML/CFT, which serve as the basis for identification and verification of persons, and the documents serving as the basis for the establishment of a business relationship no less than five years after termination of the business relationship.
  • 17.3. Arising from AML/CFT, the obliged entity must also retain the entire correspondence relating to the performance of the duties and obligations and all the data and documents gathered in the course of monitoring the business relationship as well as data on suspicious or unusual transactions or circumstances, which the Financial Intelligence Unit was not notified of, during the period of five years.
  • 17.4. The obliged entity must retain the documents prepared with regard to a transaction on any data medium and the documents and data serving as the basis for the notification obligations specified in § 49 of the AML/CFT for no less than five years after making the transaction or performing the duty to report.
  • 17.5. The obliged entity must retain the documents and data in a manner that allows for exhaustively and immediately replying to the enquiries of the Financial Intelligence Unit or, in accordance with legislation, those of other supervisory authorities, investigative bodies or courts, inter alia, regarding whether the obliged entity has or has had in the preceding five years a business relationship with the given person and what is or was the nature of the relationship.
  • 17.6. Where the obliged entity makes, for the purpose of identifying a person, an enquiry with a database that is part of the state information system, the duties provided for in this clause will be deemed performed where information on the making of an electronic enquiry to the register is reproducible over a period of five years after termination of the business relationship or making of the transaction.
  • 17.7. Upon implementation of § 31 of the AML/CFT, the obliged entity retains the data of the document prescribed for the digital identification of a person, information on making an electronic enquiry to the identity documents database, and the audio and video recording of the procedure of identifying the person and verifying the person’s identity for at least five years after termination of the business relationship
  • 17.8. The obliged entity implements all rules of protection of personal data upon application of the requirements arising from the AML/CFT.
  • 17.9. The obliged entity is allowed to process personal data gathered upon implementation of the AML/CFT only for the purpose of preventing money laundering and terrorist financing and the data must not be additionally processed in a manner that does not meet the purpose, for instance, for marketing purposes.
  • 7.10. The obliged entity submits information concerning the processing of personal data before establishing a business relationship or making an occasional transaction with them. General information on the duties and obligations of the obliged entity upon processing personal data for the AML/CFT purposes is given among this information.

18. RESPONSIBLE MANAGEMENT BOARD MEMBER AND CONTACT PERSON

  • 18.1. Where the obliged entity has more than one management board member, the obliged entity appoints a responcible management board member who is in charge of implementation of this Act and legislation and guidelines adopted on the basis thereof. The obliged entity who is not a credit institution or financial institution may appoint a compliance officer for performance of AML/CFT duties and obligations. Where no compliance officer has been appointed, the duties of a compliance officer are performed by the management board of the legal person, appointedresponcible management board member, the director of the branch of the foreign company registered in the Estonian commercial register or a self-employed person.
  • 18.2. An employee or a structural unit may perform the duties of a compliance officer. Where a structural unit performs the duties of a compliance officer, the head of the respective structural unit is responsible for performance of the given duties. The Financial Intelligence Unit and the competent supervisory authority are informed of the appointment of a compliance officer.
  • 18.3. Only a person who has the education, professional suitability, the abilities, personal qualities, experience and impeccable reputation required for performance of the duties of a compliance officer may be appointed as a compliance officer. The appointment of a compliance officer is coordinated with the Financial Intelligence Unit.
  • 18.4. The Financial Intelligence Unit has the right to receive information from a compliance officer or compliance office candidate, their employer and state databases for the purpose of verifying the suitability of the compliance officer or compliance officer candidate. Where, as a result of the check carried out by the Financial Intelligence Unit, it becomes evident that the person’s reliability is under suspicion due to their past acts or omissions, the person’s reputation cannot be considered impeccable and the obliged entity may extraordinarily terminate the compliance officer’s employment contract due to the loss of confidence. Where the duties of a compliance officer are performed by a structural unit, the provisions of this subsection are applied to each employee of the structural unit.
  • 18.5. The duties of a compliance officer include, inter alia:
    • 1) organisation of the collection and analysis of information referring to unusual transactions or transactions or circumstances suspected of money laundering or terrorist financing, which have become evident in the activities of the obliged entity;
    • 2) reporting to the Financial Intelligence Unit in the event of suspicion of money laundering or terrorist financing;
    • 3) performance of other duties and obligations related to compliance with the requirements of the AML/CFT.
  • 18.6. A compliance officer has the right to:
    • 1) execute the transactions and monitore it’s compliance with the legislation of the Republic of Estonia and with this guidence;
    • 2) receive data and information required for performance of the duties of a compliance officer;
    • 3) make proposals for organisation of the process of submission of notifications of suspicious and unusual transactions;
    • 4) demand that a structural unit of the obliged entity eliminate within a reasonable time deficiencies identified in the implementation of the AML/CFT requirements;
    • 5) receive training in the field.
  • 18.7. The contact person can transfer the information or data that has become known to him in connection with the suspicion of money laundering only:
    • 1) The Financial Intelligence Unit;
    • 2) authority conducting an investigation in connection with the criminal case;
    • 3) court on the basis of a court order or a court decision.
  • 18.8. Each employee of the obliged entity must inform the contact person about all cases of refusal to establish commercial relationship on the basis of the AML/CFT, on suspicion of money laundering or unusual transactions, cases of emergency refusal from the current contract.
  • 18.9. Wherein the course of economic or professional activitiesthe facts are established whose characteristics refer to the use of criminal proceeds or terrorist financing or with regard to which the obliged entity suspects or knows that it constitutes money laundering or terrorist financing, the obliged entity must report it to the Financial Intelligence Unit immediately, after identifying the activity or facts or after getting the suspicion(Annex 1)and instructions issued by the Financial Intelligence Unit concearning suspecions of terrorist financing transactions. (Annex 2).

19. OBLIGATION TO REPORT OF SUSPECTED MONEY LAUNDERING AND TERRORIST FINANCING

  • 19.1. Where the obliged entity identifies in economic or professional activities, a professional act or provision of a professional service an activity or facts whose characteristics refer to the use of criminal proceeds or terrorist financing or to the commission of related offences or an attempt thereof or with regard to which the obliged entity suspects or knows that it constitutes money laundering or terrorist financing or the commission of related offences, the obliged entity must report it to the Financial Intelligence Unit immediately, but not later than within two working days after identifying the activity or facts or after getting the suspicion. The above mentioned is applied also where a business relationship cannot be established, a transaction or operation cannot be made or a service cannot be provided, and upon occurrence of the circumstances specified in §§ 42 and 43 of the AML/CFT.
  • 19.2. The obliged entity, except for a credit institution, immediately but not later than two working days after the making of the transaction, notifies the Financial Intelligence Unit of each learned transaction whereby a pecuniary obligation of over EUR 32 000 or an equal sum in another currency is performed in cash, regardless of whether the transaction is made in a single payment or in several linked payments over a period of up to one year. The credit institution notifies the Financial Intelligence Unit immediately, but not later than two working days after the making of the transaction about each foreign exchange transaction of over EUR 32 000 made in cash where the credit institution does not have a business relationship with the person participating in the transaction.
  • 19.3. The obliged entity immediately submits to the Financial Intelligence Unit all the information available to the obliged entity, which the Financial Intelligence Unit requested in its enquiry.
  • 19.4. The duty to report, as mentioned in this section, does not apply to other legal service provider, provider of accounting services or provider of advisory services in the field of accounting or taxation where they assess the customer’s legal situation, defend to represent the customer in court, intra-authority or other such proceedings, including where they advise the customer in a matter of initiation or prevention of proceedings, regardless of whether the information has been obtained before, during or after the proceedings.
  • 19.5. Where the obliged entity suspects or knows that terrorist financing or money laundering or related criminal offences are being committed, the making of the transaction or professional act or the provision of the official service must be postponed until the submission of a report that is mentioned in this section. Where the postponement of the transaction may cause considerable harm, it is not possible to omit the transaction or it may impede catching the person who committed possible money laundering or terrorist financing, the transaction or professional act will be carried out or the official service will be provided and a report will be submitted the Financial Intelligence Unit thereafter.
  • 19.6. Where relevant, the Financial Intelligence Unit gives obliged entities feedback on their performance of the duty to report and on the use of the received information.
  • 19.7. Place and form of performance of duty to report:
    • 1) a report is submitted to the Financial Intelligence Unit of the contracting state of the European Economic Area Agreement on whose territory the obliged entity was established, is seated or provides the service;
    • 2) a report is submitted via the online form of the Financial Intelligence Unit or via the X-road service;
    • 3) the data used for identifying the person and verifying the submitted information and, if any, copies of the documents are added to the report;
    • 4) requirements for the contents and form of a notice submitted to the Financial Intelligence Unit and the guidelines for the submission of a report are established by a regulation of the minister responsible for the field.
  • 19.8. The obliged entity, a structural unit of the obliged legal entity, a member of a management body and an employee is prohibited to inform a person, its beneficial owner, representative or third party about a report submitted on them to the Financial Intelligence Unit, a plan to submit such a report or the occurrence of reporting as well as about a precept made by the Financial Intelligence Unit based on §§ 57 and 58 of the AML/CFT or about the commencement of criminal proceedings. After a precept made by the Financial Intelligence Unit has been complied with, the obliged entity may inform a person that the Financial Intelligence Unit has restricted the use of the person’s account or that another restriction has been imposed.
  • 19.9. The above mentioned prohibition provided for in subsection 1 of this section is not applied upon submission of information to:
    • 1) competent supervisory authorities and law enforcement agencies;
    • 2) credit institutions and financial institutions in between themselves where they are part of the same group;
    • 3) institutions and branches that are part of the same group as the person specified in subsection 2 of this section where the group applies group-wide procedural rules and principles in accordance with § 15 of the AML/CFT;
    • 4) a third party who operates in the same legal person or structure as an obliged entity who is other legal service provider, provider of accounting services or provider of advisory services in the field of accounting or taxation and whereby the legal person or structure has the same owners and management system where joint compliance is practiced.
  • 19.10. The above mentioned prohibitiondoes not apply to the exchange of information in a situation where it concerns the same person and the same transaction that involves two or more obliged entities that are credit institutions, financial institutions, enforcement officers, bankruptcy trustees, auditors, attorneys or other legal service providers, providers of accounting services or providers of advisory services in the field of accounting or taxation located in a contracting state of the European Economic Area Agreement or in a country where requirements equal to those of Directive (EU) 2015/849 of the European Parliament and of the Council are in force, act in the same field of profession and requirements equal to those in force in Estonia are implemented for keeping their professional secrets and protecting personal data.
  • 19.11. Where other legal service provider, provider of accounting services or provider of advisory services in the field of accounting or taxation convinces a customer to refrain from unlawful acts, it is not deemed violation of the prohibition provided forin this section.
  • 19.12. The exchange of information regulated in this section must be retained in writing or in a form reproducible in writing for the next five years and information is submitted to the competent supervisory authority at its request.

20. IMPLEMENTATION OF INTERNATIONAL SANCTIONS

  • 20.1. The objective of the national imposition of international sanctions and the implementationthereof is, in compliance with the United Nations Charter, to maintain or restore peace, prevent conflicts and reinforce international security, support and reinforce democracy, follow the rule of law, human rights and international law and achieve other objectives of the common foreign and security policy of the European Union.For the purposes of this guidelines international sanction means a measure which is not related to the use of armed forces and the imposition thereof has been decided by the European Union, the United Nations, another international organisation or the Government of the Republic to achieve the objectives provided for in above sections.
  • 20.2. The subject of international sanction is:
    • 1) a state, a certain territory, a territorial unit, a regime, an organisation, an association or a group against whom the measures prescribed by the act on the imposition of international sanctions are taken;
    • 2) a natural or legal person, an agency, a civil law partnership or any other entity which is directly specified in the act on the imposition or implementation of international sanctions and with regard to whom the measures prescribed therein are taken.
  • 20.3. A person having specific obligations who shall have specific obligations shall be:
    • 1) a credit institution within the meaning of the Credit Institutions Act;
    • 2) a provider of currency exchange service within the meaning of the Money Laundering and Terrorist Financing Prevention Act;
    • 3) an e-money institution within the meaning of the Payment Institutions and E-money Institutions Act;
    • 4) a payment institution within the meaning of the Payment Institutions and E-money Institutions Act;
    • 5) a provider of alternative means of payment service within the meaning of the Money Laundering and Terrorist Financing Prevention Act;
    • 6) an insurer and insurance intermediary within the meaning of the Insurance Activities Act;
    • 7) an investment fund established as a management company and a public limited company within the meaning of the Investment Funds Act;
    • 8) account manager;
    • 9) a member of the securities settlement system and an investment firm within the meaning of the Securities Market Act;
    • 10) a savings and loan association within the meaning of the Savings and Loan Associations Act;
    • 11) other financial institution within the meaning of the Credit Institutions Act;
    • 12) abranch of a service provider of a foreign state registered in the Estonian Commercial Register providing the same type of service as the institutions specified in this clause.
  • 20.4. A person having specific obligations who provides legal services is required to use all the same methods as other persons with specific obligations, except that they have the right to refuse to apply internal procedural rules and from the control as appointed by the contact person. Persons with specific obligations who are involved in providing services are considered also other persons, who provide other legal services,the customer in a financial or immovable property transaction on behalf of and at the expense of the customer, instructing the planning or implementation of the transaction or carrying out a professionalact which is related to:
    • 1) the purchase or sale of immovable property or a business or shares of a company;
    • 2) the management of the money, securities of other assets of the customer;
    • 3) the opening or management of bank or securities accounts;
    • 4) obtaining the necessary funds for establishment, operation or management of a company;
    • 5) the establishment, operation or management of the trust fund, company or any other such kind of entity.
  • 20.5. Upon entry into force of an act on the imposition or implementation of international financial sanctions a natural person and a legal person shall take measures to fulfill the obligations arising there from and shall demonstrate due diligence to ensure the achieving of the objective of the international financial sanction and shall avoid breach of a sanction. A natural and legal person who has doubts or who knows that a person, who is in business relations or is making a transaction or carrying out a proceeding with him or her, as well as a person intending to create business relations, make a transaction or carry out a proceeding with him or her, is a subject of international financial sanction, shall immediately notify the Financial Intelligence Unit of the identification of the subject of international financial sanction, of the doubt thereof and of the measures taken.
  • 20.6. In his or her economic or professional activity a person having specific obligations shall draw special attention to the person who is in business relations or is making a transaction or carrying out a proceeding with him or her, as well as to the activities of the person intending to create business relations, make a transaction or carry out a proceeding with him or her and to the facts which refer to the possibility that the person is a subject of international financial sanction.
  • 20.7. A person having specific obligations shall regularly follow the webpage specified by the Financial Intelligence and shall immediately take measures provided for in the act on the imposition or implementation of the international financial sanction in order to ensure the achievement of the objective of the international financial sanction and prevent breach of the international financial sanction.
  • 20.8. Upon entry into force of an act on the imposition or implementation of international financial sanction, the amendment, repeal or expiry thereof, a person having specific obligations or a person authorized by him or her shall immediately check whether a person with whom he or she is in business relations or is making a transaction or carrying out an act, as well as a person intending to create business relations, make a transaction or carry out an act is a subject of international financial sanction with regard to whom the financial sanction is imposed, amended or terminated.
  • 20.9. If an act on the imposition or implementation of international financial sanction is repealed, expires or is amended in such a manner that the implementation of the international financial sanction with regard to the subject of the international financial sanction is terminated wholly or partially, the person having specific obligations shall terminate the implementation of the measure to the extent provided for in the act on the imposition or application of the international financial sanction.
  • 20.10. A person having specific obligations shall establish the rules of procedure in a written form or in a form which can be reproduced in a written form for the implementation of international financial sanction and the fulfillment of the obligations arising from this Act and the procedure for supervision of the fulfillment thereof and shall designate a person in charge of the implementation of international financial sanction, whose contact information he or she shall forward to the supervisor.
  • 20.11. Based on the International Sanctions Act, persons with specific obligations must perform additional methods of customer due diligence in order to find out whether the international sanctions are necessary. To do this, the persons mentioned above are obliged:
    • 1) apply additional customer due diligence measures in establishing partnerships and in making transactions with customers and in relation to the circumstances of the transaction (including in relation to the other party of the transaction);
    • 2) credit and financial institutions have to pay attention to trade finance in respect of all transactions in all circumstances with respect to parties and circumstances (including goods), ensuring the implementation of international sanctions;
    • 3) follow in their activities, for information on international sanctions and the relevant lists on the Financial Intelligence Unit website;
    • 4) report on the identification of the subject of economic sanctions and on the application on this basis of economic sanctions in the Financial Intelligence Unit;
    • 5) in cases of suspicion in regard of the subject of economic sanctions to gather additional information (including from the customer);
    • 6) in case of continued suspicion of the subject of economic sanctions or of the circumstances of the transaction, also in relation to the second party of the transaction, after gathering additional information, to report the suspicion (also in the event that additional information can not be collected) in the Financial Intelligence Unit, and to refuse to continue the transaction and/or from the establishment of partnerships;
    • 7) inform the Financial Intelligence Unit about the refusal to establish a partnership or to execute a transaction if the reason for the refusal of the transaction was possible participation in the regime that is under the international economic sanctions of a person, state, transaction or goods on which the transaction is based;
    • 8) inform the Financial Intelligence Unit of the circumstance when there is a suspicion that the customer is directly or indirectly controlled by a subject of international economic relations;
    • 9) have the necessary procedural rules and contact person to apply economic sanctions;
    • 10) to monitor the establishment of economic sanctions;
    • 11) to secure data related to suspicion of economic sanctions and data related to the relevant control;
    • 12) when establishing the subject of international sanctions, it is necessary to establish the methods which are applied to this person when imposing sanctions. It is necessary to establish the exact sanction that is applied to the person, following the legal act where the applied methods are described, in order to ensure the legality and correctness of the application of measures;
    • 13) all other persons must show all their diligence in the necessity of applying international sanctions in the course of their activities.A natural and legal person who has doubts or who knows that a person, who is in business relations or is making a transaction or carrying out a proceeding with him or her, as well as a person intending to create business relations, make a transaction or carry out a proceeding with him or her, is a subject of international financial sanction, shall immediately notify the Financial Intelligence Unit of the identification of the subject of international financial sanction, of the doubt thereof and of the measures taken;
    • 14) The Financial Intelligence Unit confirmsthe receit of the message and checks whether the subject of economic sanctions was established correctly and whether the customer due diligence measures wereapplied on ligitimate basis, immediately or not later than within two working days.
  • 20.12. Upon fulfillment of the obligations provided for in subsection (3) of this section a person having specific obligations shall collect and preserve the following data:
    • 1) time of inspection;
    • 2) the name of the person who carried out inspection;
    • 3) the results of inspection;
    • 4) the measures taken.
  • 20.13. If a person having specific obligation or a person authorized by him or her has doubts if the person having business relations or making a transaction or carrying out a proceeding with him or her, as well as a person intending to create business relations, make a transaction or carry out an act with him or her, is a subject of international financial sanction, he or she shall ask additional information from that person for the identification thereof. If a person who is in business relations or is making transactions or is carrying out acts with the person having specific obligations, as well as a person who intends to create business relations, make a transaction or carry out an act, refuses to provide additional information or it is impossible to identify by means thereof if the person is a subject of international financial sanction, the person having specific obligations or a person authorized by him or her shall refuse to make a transaction or act, shall take measures provided for in the act on the imposition or implementation of international financial sanction and shall notify immediately the Financial Intelligence Unit of his or her doubts and of the measures taken.
  • 20.14. Upon entry into force of an act on the imposition or implementation of international financial sanctions the obliged entity’s employees shall take measures to fulfill the obligations arising therefrom and shall demonstrate due diligence to ensure the achieving of the objective of the international financial sanction and shall avoid breach of a sanction.
  • 20.15. The obliged entity’s employee who has doubts or who knows that the customer, who is in business relations or is making a transaction or carrying out a proceeding with him or her, as well as a person intending to create business relations, make a transaction or carry out a proceeding with him or her, is a subject of international financial sanction, shall immediately notify the Financial Intelligence Unit of the identification of the subject of international financial sanction, of the doubt thereof and of the measures taken.
  • 20.16. In his or her economic activitythe obliged entity’s employeeshall draw special attention to the person who is in business relations or is making a transaction or carrying out a proceeding with the obliged entity’s employee, as well as to the activities of the person intending to create business relations, make a transaction or carry out a proceeding with him or her and to the facts which refer to the possibility that the person is a subject of international financial sanction.
  • 20.17. If the obliged entity’s employee or a person authorized by him or her has doubts if the person having business relations or making a transaction or carrying out a proceeding with him or her, as well as a person intending to create business relations, make a transaction or carry out an act with him or her, is a subject of international financial sanction, he or she shall ask additional information from that person for the identification thereof and report to the obliged entity’s management board that shall require the additional information regarding the person against whom a suspicion arised.
  • 20.18. If a person who is in business relations or is making transactions or is carrying out acts with the obliged entity, as well as a person who intends to create business relations, make a transaction or carry out an act, refuses to provide additional information or it is impossible to identify by means thereof if the person is a subject of international financial sanction, the obliged entityor a person authorized by him or her shall refuse to make a transaction or act, shall take measures provided for in the act on the imposition or implementation of international financial sanction and shall notify immediately the Financial Intelligence Unit of his or her doubts and of the measures taken.
  • 20.19. If an act on the imposition or implementation of international financial sanction is repealed, expires or is amended in such a manner that the implementation of the international financial sanction with regard to the subject of the international financial sanction is terminated wholly or partially, the obliged entity’s employeeshall terminate the implementation of the measure to the extent provided for in the act on the imposition or application of the international financial sanction.
  • 20.20. European Union sanctions against countries can be found on the website: https://www.sanctionsmap.eu/#/main; the sanctions of the European Union and the United Nations regarding subjects can be checked on the website of the Financial Intelligence Unit: https://www.politsei.ee/et/organisatsioon/rahapesu/finantssanktsiooni- subjekti-otsing-ja-muudatused-sanktsioonide-nimekirjas/.

21. MONITORING THE EXECUTION OF THE PROCEDURAL RULES

  • 21.1. The Financial Intelligence Unit and/or other competent bodies and institutions authorized by the relevant laws exercise the supervision overthe obliged entity’smanagement board performance of the claims arising from the AML/CFT and legal acts issued on its basis.
  • 21.2. The management board of the obliged entity, the responsible member of the management board or the contact person, if any, shall monitor the employees’ of the obliged entitythe performance of claims arising from the AML/CFT and from legal acts issued on its basis.
  • 21.3. Competence of employees of the obliged entity in respect of compliance with the AML/CFT and the legal acts issued on its basis:
    • 1) in compliance with the requirements of the AML/CFT and the legal acts issued on its basis, at the time of the performance of actions, including those related to the application of customer due diligence measures, only those employeeswho are authorized by the obliged entity’s management board or by a responsible member of the management board, and who has thoroughly acquainted with the relevant legislation, with information issued by the competent authorities, and with this manual, and also have exhaustive knowledge in the application of AML/KYC, have right to act and take dicisions regarding the establishement of business relationships;
    • 2) the obliged entity’s employees and heads of structural units shall communicate in matters and in the performance of duties arising from the AML/CFT and legal acts issued on its basis, primarily with the contact person and, in his absence, with the responsible member of the management board. The responsible member of the management board always has the right to supervise the activities of the person, the structural manager and the contact person;
  • 21.4. The fundamentalobligations of the obliged entity’semployees and of the structural divisions managers regarding the customer due diligence based on the AML/CFT, are as follows:
    • 1) The obliged entity’semployees and the structural divisions managers are required to strictly follow:
      • The Law on International Sanctions (LIS);
      • Money Laundering and Terrorist Financing Prevention Act (AML/CFT);
      • Directive (EU) 2015/849of the European Parliament and of the Council;
      • guidance and instructions of the Financial Intelligence Unit and other competent authorities;
      • internal procedural rules and internal control requirements established by the obliged entity’s management board;
      • appropriate and lawful instuctions of the obliged entity’s management board, the responsible member of the management board and a contact persoon;
    • 2) in the event that the employee (or the structural unit manager) had a suspicion as to whether any method of customer due diligence or any related criterion was being performed (or whether the transaction or the establishment of partnerships was authorized) - the employee (or the structural unit manager) is obliged to immediately address to their immediate supervisor (or the structural unit manager, contact person, responsible member of the management board) with the appropriate request and stop the transaction or partnership relations before receiving a response to this request or receiving orders, how to proceed in the current situation.
  • 21.5. The obliged entity establishes the following internal control system on the basis of the AML/CFT and the legal acts issued on it’s basis, and exercises control over the implementation of these procedural rules and internal control requirements:
    • 1) supervises and monitors the work of the obliged entity’s employees:
      • structural manager of the employee;
      • in the absence of the structural manager of the employee, a responsible member of the management board and/or a contact person;
      • the employee is obliged to submit all necessary data relating to the customer’s identity and the partnership relations established with them,including the customer’s personal information, data on the transaction made with the customer, results of application of methods of customer due diligence and other essential information, to the structural manageror, in his absence, to a responsible member of the management board and/or to a contact person, not later than the next working day after data collection and termination of application of customer due diligence measures;
    • 2) the activity of the obliged entity structural manager is monitored and controlled by the responsible member of the management board of the obliged entity and/or the contact person:
      • the obliged entity’s structural unit manager is obligated to submit all relevant information gathered by him or her persinally or by his or her structural unit's employees concerning the obliged entity’scustomers identities and the nature of the business relationships they create, to the relevant contact person or responsible member of the management board, at least once a month;
    • 3) the activities of the contact person of the obliged entity, if any, is monitored and controlled by a responsible member of the board or the management board:
      • the contact person monitors the relevant data collected by the obliged entity’s employees and the structural unit’s manager relating to the obliged entity’s customer identity and the the established partnership with them and secures their safety in accordance with the relevant requirements of the AML/CFT and based on the instructions given in this guidence. The contact person submits the relevant reports to the responsible member of the obliged entity’smanagement boardon a quarterly basis;
    • 4) the activity of the responsible member of the obliged entity’s management board is monitored and controlled by the management board or, on an exeptional basis, by the general meeting of shareholders or by a person, structural subdivision or authoritywhich was permanently or temporarily appointed by the general meeting of shareholders:
      • in the absence of a contact person, the responsible member of the management board controls the relevant data transferred by the obliged entity’s employees and the structural unit manager that relate to the obliged entity’scustomer identity and to established partnership relations, and secures their safety in accordance with the relevant requirements of the AML/CFT and based on the instructions given in this guidence.
  • 21.6. In order to fulfill the obligations arising from the AML/CFT, the obliged entity’s contact person, the responsible member of the management board or the management board are required to periodically inform the employees of the enterprise on changes in legislation and on new approaches of the supervisory authorities, on the activities of an obliged entity, on changes in risk assessments and criteria for certain customers or groups of customers, about changes in the short or long-term enterprise doctrine, or on individual positions and directions (according with the market situation, in accordance with the political and economic situation, in connection with the orders of supervisory authorities, etc).
  • 21.7. Violation of the duties of customer due diligence measures arising from the AML/CFT, failure to comply with the orders of a responsible member of the management board, the management board or the contact person, or not informing the Financial Intelligence Unit about suspected money laundering or financing of terrorism, either directly or through the structural unit manager, is sufficient basis to initiate disciplinary proceedings against the employee and/or in relation to the structural unit manager and for the termination of the employment.
  • 21.8. The obliged entity’s management board must ensure that sufficient resources are allocated in order to ensure compliance with requirements of the AML/CFT and of this guidance, and that employees who are involved in performing the requirements of the AML/CFT do act only on the condition that they are fully acquainted with the requirements of the AML/CFT and these guidance.
  • 21.9. The obliged entity is not required to conduct an internal audit, except when required by a responsible member of the management board, the management board or by a general meeting of shareholders, or when the conduct of internal audit is required by law.

These internal rules of procedure and internal control rules on the prevention of money laundering and the financing of terrorism were adopted and approved on 01.12.2019 by the decision of the management board.

ANNEXES

  • 1. Guidelines for management and prevention of risks related to customers and their actions.
  • 2. Model of customer’s risk level assessment.
  • 3. Risk и risk threat, arising from the activities of the obliged entity.
  • 4. Money Laundering and Terrorist Financing Prevention Act, RT I, 17.11.2017, 38.
  • 5. International Sanctions Act, RT I, 17.11.2017, 39.
  • 6. Directive (EU) 2015/849 of the European Parliament and of the Council.
  • 7. Form and content of the report submitted to the Financial Intelligence Unit and a guidence to completing it, RT I, 01.12.2017, 20.
  • 8. Form of the report submitted to the Financial Intelligence Unit.
  • 9. A guidence to completing the report submitted to the Financial Intelligence Unit.
  • 10. The Financial Intelligence Unit guide for the application of International Sanctions.
  • 11. Recommended guidance of the Financial Intelligence Unit establishing the evidence of money laundering.
  • 12. Recommended guidance of the Financial Intelligence Unit establishing the evidence of financing of terrorism.
  • 13. Delivered Decision (EU) 2016/1675 of the Commission of the Council of Europe, of 14.07.2016, which is complementing the Directive (EU) 2015/849 of the Parliament of Europe and the Council, where they precisely identify third countries with high risk, where there are strategic shortcomings.
  • 14. List of foreign officials whose certified power of attorney is equal to the Estonian notary’s certified power of attorney, RT I, 10.11.2010, 5.
  • 15. Common position of the European Union adopted with regard to countries equal to third countries.