Beauftragung Dritter mit internen Sicherungsmaßnahmen anzeigen

§ Section 6 (7) sentence 1 of the Money Laundering Act (GwG)

§ Section 4 (2) of the Money Laundering Act (GwG)

§ Section 6 (2) of the Money Laundering Act (GwG)

As an obliged entity under the Anti-Money Laundering Act (GwG), you must create appropriate business and customer-related internal security measures in order to manage and mitigate the risks of money laundering and terrorist financing through suitable principles, procedures and controls.

You can also transfer the implementation of internal security measures to a third party within the framework of contractual agreements. However, you must first notify the competent supervisory authority of the intended outsourcing.
The AMLA contains standard examples of the security measures to be put in place (Section 6 (2) AMLA). This list is not exhaustive. Further internal security measures may be required in individual cases.
The internal security measures still require the approval of the member of your company's management responsible for money laundering prevention.

As an obliged entity, you may have the internal security measures carried out by an (external) third party within the framework of contractual agreements if you have notified the supervisory authority in advance. The supervisory authority may prohibit the transfer if

• the third party does not guarantee that the security measures will be carried out properly
• the control options of the obligated party are impaired or
• supervision by the supervisory authority is impaired.

For you as the obliged entity, this means that you must state in your notification that the conditions for prohibiting the transfer are not met.

You must also state in the notification which internal security measures are the subject of the outsourcing.

The notification must be made by the obliged entity itself or, if applicable, by the appointed money laundering officer.

Important note:

The responsibility for the fulfillment of the internal security measures remains with the obliged entities. If the third party does not properly fulfill the contractually assigned obligations, for example, you remain responsible for non-compliance with the internal security measures.

- Notification of the outsourcing of internal security measures

• The notification must clearly state which internal security measures are to be outsourced.
• In addition, the notification of outsourcing must state in full and in writing that all requirements have been met and that there are no grounds for prohibiting the intended outsourcing.

- Proof of authorization to notify

- Contract with the third party

• Proof of appointment as money laundering officer or
• Contract on the outsourcing of internal security measures or
• Proof that the reporting person is a member of the company's management (e.g. extract from the commercial register or shareholders' agreement)

Copy of the contractual agreement with the third party to whom the security measures are to be outsourced.

- Current excerpt from the commercial register, if applicable

• Registered companies should submit a current excerpt from the commercial register with the notification. Legal entities that are in the process of being founded (GmbH, AG) must submit the articles of association.
• Note: The authority may require proof of the service provider's suitability - this could be, for example, CVs, training certificates or references that explicitly refer to obligations and experience under money laundering law.

Obligated parties under the Money Laundering Act

• Only natural or legal persons who are obligated parties under the AMLA are entitled to report money laundering.
• The reporting person must be a member of management or an internal/external money laundering officer of the company.
• The third party must be sufficiently qualified and reliable to carry out the internal security measures:
  • be sufficiently qualified and reliable,
  • offer the guarantee that the security measures are carried out properly and
  • the outsourcing must not impair the control options of the obliged entity and the supervision of the supervisory authority.

• The notification must be submitted to the competent supervisory authority by the obliged entity itself or, if applicable, by the appointed anti-money laundering officer
• Your report will be reviewed by the competent authority
• You will receive a final notification
• After notification, the internal security measures can be carried out by a third party; prior approval from the authority is not required.
• The supervisory authority may prohibit the transfer to a third party if
• the third party does not guarantee that the security measures will be carried out properly,
• the control options of the obligated party are impaired as a result, or
• supervision by the supervisory authority is impaired

• Notify the commissioning of third parties with internal security measures
• Obligated parties must create appropriate business and customer-related internal security measures in accordance with the Money Laundering Act; the internal security measures may be carried out by a third party; the outsourcing must be reported to the supervisory authority in advance.
• Outsourcing may be prohibited by the supervisory authority under certain conditions

• Forms: yes
• Online procedure possible: no
• Written form required: no
• Personal appearance required: no