Obligation to obtain information and to report

Obliged entities under the Anti-Money Laundering Act (AML Act) are subject to the obligation under the Act to obtain information and report. These instructions only address the activities of the supervised entities of the Financial Supervisory Authority (FIN-FSA).

Supervised entities must monitor the development of customer relationships and the use of services as part of the organisation of business risks and internal control. This entails, for example, monitoring of financial services used by customers, deposits, payment transactions, investment activity or the use of insurance services.

The obligation to obtain information means that if the supervised entity detects an unusual or suspicious transaction, it must then inquire the purpose and reasons of the transaction and, based on the explanation received, decide whether a report should be filed with the Financial Intelligence Unit.

The background of a transaction must be investigated for example in the following situations:

  • the transaction differs from the customer’s normal activity in terms of amount or structure
  • the transaction can be considered to be unusual in the customer’s field of business
  • the transaction has no obvious financial purpose
  • the transaction is in conflict with the customer’s financial standing or other business activities.

A report must be filed without delay so that the funds are not transferred beyond the reach of the authorities. In addition, the transaction must be suspended for further investigations or refused in the following situations:

  • the transaction is suspicious; or
  • the supervised entity suspects that the funds involved in the transaction will be used for terrorist financing or a punishable attempt at such an act.

If the transaction cannot be suspended or if its suspension or refusal would be likely to make it more difficult to identify the actual beneficial owner of the transaction, the supervised entity may complete the transaction.

The obligation to report applies to all situations where a suspicious or an unusual transaction is detected in

  • the customer relationship
  • the customer’s business activity
  • the origin of the funds or
  • the purpose of use the funds.

Cases may be related to money laundering and terrorist financing. Underlying predicate offences may be related to, for example, tax crime, fraud or embezzlement. A money laundering report does not constitute a report of an offence, and one can be filed without knowing the quality and identifying characteristics of the crime. To make a report, it is sufficient for the supervised entity to detect suspicious or unusual activity with regard to its customer and not to clarify, by reasonable means available to it, the background of such activity and the origin and purpose of the funds involved.

Clarification can be obtained, for example, from information obtained from official records or the supervised entity’s own records, or by requesting from the customer a more detailed explanation of the transaction, for example contractual or other documents supporting the transaction. The supervised entity also has the right to check the customer’s credit information.

It is possible that the supervised entity does not detect a suspicious or unusual transaction until later. A report must be filed regardless of whether a customer relationship has been established or refused, or whether the transaction has been completed, suspended or refused. If the supervised entity is terminating an existing customer relationship, it must also clarify at that time whether there is something related to the customer relationship that would justify the filing of a report in connection with the termination of the customer relationship.

When there is a suspicion of terrorist financing: on suspecting terrorist financing, the supervised entity is under the same obligations as when detecting a suspicious transaction that may be related to money laundering. One difference, however, is that money laundering is concerned with a suspicion about the legality of the origin of the funds, whereas terrorist financing may also be based on legally obtained funds, for example in connection with fund raising or money remittance. In this case, the suspicion is concerned with the intended use of the funds. Funds may also be collected for good purposes, but their use may involve the risk of funds being diverted for a terrorist purpose beyond the control of the collector or sender.

When must a report be made?

A report must be filed with the Financial Intelligence Unit at least in the following situations:

  • an unusual transaction appears unusual even after the explanation requested from the customer.
  • the customer is unwilling to provide the requested clarification
  • a suspicious transaction is detected afterwards, or considerations making the transaction suspicious emerge afterwards.
  • the service provider executes a suspicious transaction as refusal would make it more difficult to investigate the beneficiary or the case
  • the service provider refuses an unusual or suspicious transaction.

There is no monetary minimum threshold for filing a report other than for money remittance service providers. Under the AML Act that entered into force in July 2017, money remittance service providers referred to in section 1, subsection 2, paragraph 5 of the Act on Payment Institutions shall report individual or several separate linked payments or remittances that have a value of at least EUR 1,000. Payments and remittances can be considered to be linked when, for example, payments are made to the same recipient within a few days and the basis of the payments is evidently similar.

Supervised entities subject to the obligation to report market abuse (MAR, Article 16) should carefully assess, in the case of suspicions of market abuse (abuse of inside information or market manipulation), whether, in addition to a possible STOR (Suspicious Transaction and Order Reporting) report, there is reason to doubt the origin or purpose of the funds. If this is the case, a report should also be filed to the Financial Intelligence Unit.

Filing a money laundering report online

A report can be filed on the Financial Intelligence Unit’s website using a separate application (GoAML), which can be accessed here. A report can also be made for special reasons using some other encrypted connection or secure method.

Only obliged entities referred to in chapter 1, section 2 of the AML Act may register in the reporting application. Private individuals cannot file a money laundering report via the app. They can, if necessary, contact the Financial Intelligence Unit by email by sending a message to the address rahanpesuilmoitukset(at)poliisi.fi.

Content of the money laundering report

The Financial Intelligence Unit must be able to assess the progression of the suspected case on the basis of the report. The report must therefore be drafted in such a way as to enable the Financial Intelligence Unit to assess the course of events and the actions taken in the case by the obliged entity. The money laundering report must be written clearly and objectively.

The report on the suspicious transaction must contain the customer due diligence information referred to in chapter 3, section 3 of the AML Act as well as information on

  • the nature of the transaction
  • the amount and currency of the funds or other assets included in the transaction
  • the origin or destination of the funds or other assets
  • the reason that made the transaction suspicious.

In addition, the money laundering report must include information on whether the transaction has been completed, whether it has been suspended or whether it has been refused. The report should clearly indicate whether the customer of the supervised entity mentioned in the report is under suspicion or whether the customer is a potential victim. It is also recommended that the report include, with regard to large supervised entities (for example, banks), information as to the business area or product area in which the suspicious transaction has been detected.

The Financial Intelligence Unit has the right obtain all of the information its needs in relation to the report. The supervised entity must respond to the Financial Intelligence Unit’s requests for information within a reasonable period of time set by the Unit. Further information is available on the Financial Intelligence Unit’s website.

Confidentiality concerning suspicious transactions and the obligation to protect employees

The filing of the report must not be disclosed to the customer about whom the report has been filed nor, as a general rule, be communicated to the supervised entity’s personnel. The obligation to protect employees laid down in the AML Act means that that the employer should have adequate and appropriate procedures for protecting employees who report suspicious transactions to the Financial Intelligence Unit. In practice, this means that supervised entities must ensure, for example, that entries and comments made on filed money laundering reports in their systems are visible only to those persons who necessarily need the information in the course of their working duties.

Retention of information concerning suspicious transactions

Obliged entities must retain for a period of five years the necessary information obtained in order to fulfil the obligation to report as well as any related documents. The information and documents must be kept separate from the customer register and may not be used for any purpose other than that laid down in the AML Act.

Supervised entity’s risk assessment, internal instructions and training

It is recommended that supervised entities utilise the information obtained from their money laundering reports in their risk assessment referred to in chapter 2, section 3 of the AML Act, and also in the development of risk management methods and controls. The money laundering report process includes relevant and useful information on the risks to which the supervised entity is particularly exposed.

Supervised entities must have clear and comprehensive internal guidelines and instructions for detecting, investigating and reporting suspicious and unusual transactions to the Financial Intelligence Unit. Internal instructions should also include clear processing times, processes and responsibilities for handling internal reports and transaction monitoring alerts.

Supervised entities must document the conclusions of investigations into suspicious transactions and transaction monitoring alerts with sufficient precision to enable them to demonstrate to the supervisory authority, if necessary, that they have exercised due care in handling reports.

In addition, supervised entities must arrange regular and comprehensive training for their personnel with regard to ongoing monitoring and the obligation to obtain information and report. A training register should be kept of training provided. Supervised entities should also ensure quality control of money laundering reports and keep management aware of the development of the number and quality of money laundering reports.

It is also recommended that supervised entities have a so-called post-SAR process, in which the supervised entity assesses the customer relationship after filing a report to the Financial Intelligence Unit. This is particularly relevant if the same customer has been the subject of several reports of suspicious activity to the Financial Intelligence Unit over a short period of time. According to a precedent of the Supreme Court (KKO:2121:6), a supervised entity may be guilty of negligent money laundering if it does not observe due diligence and caution in preventing crime where a customer’s suspicious activity is allowed to continue for several months despite a money laundering report.