Overall assessment of money laundering and terrorist financing risks

New NBB circular letter

On 24 January 2018 the National Bank of Belgium published its Circular 2018_02 on the overall assessment of money laundering and terrorist financing risks. On 22 December 2017 the Royal Decree of 10 December 2017 approving the NBB Regulation of 21 November 2017 on the prevention of ML/FT, was published in the Belgian Official Journal. The Circular and the Regulation build on the new Law of 18 September 2017 on the prevention of ML/FT and on the restriction of the use of cash.

Regulatory Newsflash | 29 January 2018


The Circular and the Regulation provide further guidance on:

  • the requirements by and expectations of the NBB regarding the general AML/CFT risk assessment (Enterprise Wide Risk Assessment or “EWRA”)
  • additional provisions on the organisation and internal control by the obliged entities
Regulatory Newsflash

Risk Based Approach (“RBA”) based on an Enterprise Wide Risk Assessment (“EWRA”)

The new AML Law introduced the Risk Based Approach (“RBA”) as the corner stone for setting up each single piece of the institution’s AML/CFT framework. The RBA implies that, in a more clear way than before, available resources should be deployed in an optimal way to avoid/mitigate the risk of being misused for ML/FT purposes (for more details, see our Newsflash of 9 October 2017).

The set-up of the institution’s RBA should be based on an actual and profound knowledge and understanding of its ML/FT risks. Therefore, institutions are required to set-up and perform a general AML/CFT risk assessment (“Enterprise Wide Risk Assessment” – “EWRA”) at the level of their entity.

The NBB Regulation and Circular give further details on the governance and process of the EWRA. Moreover, a timeline is set for the performance of the first EWRA exercise by the institutions.

Further details are available in the newsflash.

Organisation and internal control

Next to the EWRA, the Regulation elaborates further requirements regarding the organisation and internal control within the institutions. As such, it replaces the old AML/CFT Regulation of the CBFA (23 February 2010).

The requirements of the new Regulation take into account:

  • The annual activity report of the AMLCO;
  • Details regarding internal procedures related to client acceptance, identification, verification and update of client data, investigation of transactions, intervention of third parties, declaration of suspicious activities, money transfers and sanctions and embargoes; and
  • Organisation and internal control at group level.

To have a better view on the elaboration and set-up of a practical and effective AML/CFT Gap Analysis or Enterprise Wide Risk Assessment and/or to build a risk based approach tailored to the risk level and appetite of the specific financial institution in line with the requirements of the new AML Law, you can always contact our dedicated specialists (contact details – see enclosed).

Did you find this useful?