KYC.IO

Global Regulations and Requirements for KYC Onboarding
(powered by KYC-Chain)

KYC to onboard domestic persons

nameaddresssocial security numberpassportdriving licensebirth certificate

KYC to onboard international persons

nameaddresssocial security numberpassportdriving licensebirth certificatetax returnstax code

corporate requirements

nameaddresscompany numberregistered information from Danish Commercearticles of association

National ID card name

billedlegitimationskort

Does the country have Esignature Laws?

Bill on Electronic Signatures

E-sig law files

What year did the relevant AML laws and regulations become effective?

1993

Further details on AML regime

1993 (significant amendments in 2006, 2008, 2009, 2010, 2012 and 2013).

Who is the regulator for AML controls for Banking

The Danish FSA

Link to site

http://www.finanstilsynet.dk

Other financial Services

The Danish FSA

Website of Regulator

http://www.finanstilsynet.dk

Financial Sector regulator

http://www.advokatsamfundet.dk/ , https://erhvervsstyrelsen.dk/

Practical Guidance for AML

A Danish general guidance is issued by the Danish FSA (http://www.finanstilsynet.dk/da/Temaer/Hvidvask/Regler.aspx). Furthermore, the Danish Business Authority has issued guidance for specific sectors e.g. accountancy sector (https://www.retsinformation.dk/Forms/R0710.aspx?id=146481).

Practical guidance PDF's

R0710.aspx

Is there a requirement to verify the identity of customers retroactively?

Yes

Retroactive details

Yes, all customers need to be verified according to the regulation, new customers as well as old customers.

Has the country been the subject of FATF mutal evaluation in the last 3 years?

The latest report of this nature is the follow up report to the Mutual Evaluation of Denmark dated Oct 2010

PDF of FATF review

followupreporttothemutualevaluationofdenmark.html

Are there minimum transaction thresholds (Y/N)

Yes

More details on minimum transaction thresholds.

As the main principle customer due diligence always applies. However, transactions below EUR6,700 may be exempted from part of the due diligence requirements pursuant to the current regulation and guidelines. A potential exemption from the customer due diligence requirement must be based upon a risk assessment and must comply with all statutory requirements.

What are the requirements for customer identification information for individuals

name, address and social security number. Accepted evidence includes: passport, driving license, birth certificate, tax returns and tax code (including social security number). In addition electronic public keys (NEM-ID) can function as a supporting document if it is presented together with one or more of the primary documents.

Details to be Collected on Corporates

name, address and company number. Accepted evidence includes: registered information from the Danish Commerce and Companies Agency and Articles of Association

What are the high level requirements around beneficial ownership (identification and verification)?

The beneficial owners must be identified by identification information (primary documents for identification is accepted, ref. A.9). The group structure or ownership of a group has to be identified as well as

What circumstances are enhanced customer due diligence measures required?

Local guidance states four cases: a) customers who do not physically present themselves for identification purposes; b) cross-border correspondent banks; c) PEPs; and d) shell companies

How should FI's deal with Politically exposed persons

Legislation requires financial institutions to: a) have sufficient procedures to determine whether the customer is a PEP who is a resident of another country; b) obtain approvals from senior management on a daily basis for establishing business relationships with such customers; c) take reasonable measures to gather information about the sources of income and funds that are involved in the business relationship or transaction; and d) continuously monitor the business relationship.

What enhanced due diligence must be performed for correspondent banking relationships?

In cases of money transfers to or from a bank outside the European Union ('EU') where there is no official agreement of financial services with the EU, further proceedings have to be considered as stated in the local guidance. Before establishing new correspondent banking relationships, firms will be required to: a) gather sufficient information about a respondent institution to understand fully the nature of the respondent's business and to determine, from publicly available information, the reputation of the institution and the quality of supervision; b) assess the counterparty's AML and anti-terrorist-financing controls; and c) obtain daily approval from senior management.

Are relationships with banks who might be considered a 'shell' and without substance permitted?

Yes

In what circumstances is additional due diligence required for non face-to-face transactions and/or relationships?

In the case of a customer who has not been physically present for identification purposes, legislation requires the taking of 'further measures to ascertain the customer’s identity'. It sets out an illustrative list of measures that can be taken to ascertain the customer’s identity in these situations, such as: a) ensuring that the customer's identity is established by additional documentation; b) checking or verifying the documents supplied, or requiring a confirmatory certification by another financial institution; and c) requiring that the first payment in connection with the transactions is carried out through an account opened in the customer's name with a bank.

To whom are SAR's made? (suspicious activity reports)

Danish Money Laundering Secretariat hosted by the State Prosecutor for Serious Economic Crime

Link to website of SAR reporting

http://www.anklagemyndigheden.dk/Sider/hvidvask.aspx

Other Suspicious or unusual transactions obligations.

Any suspicion (that has not been disproved) of a potential violation of the regulation on money laundering and terrorist financing, has to be reported immediately to the relevant authorities

Are there any de-minimis thresholds below which transactions do not need to be reported?

The de-minimis threshold for reporting is set to situations where suspicion relates to offenses punishable by imprisonment of less than a one year. The threshold referred to is not the possible sentencing in the particular case, but the maximum penalty for the accused criminal offense. In practice, the de-minimis threshold is of minor importance, and rarely applies (all suspicions related to offenses punishable by imprisonment of more than one year have to be reported).

Are there any penalties for non compliance with reporting requirements e.g. tipping off?

Any penalties will be handled by the State Prosecutor for Serious Economic Crime. In certain cases this can be up to six months imprisonment

Are there any requirements (legal or regulatory) to use automated Suspicious Transaction monitoring technology?

Yes

Is there a requirement to obtain authority to proceed with a current/ongoing transaction that is identified as suspicious?

No. In certain situations however, the authorities can issue a temporary order to freeze transactions from being executed. In addition, the EU regulations applies to transactions involving sanctioned

Does the local legislation allow transactions to be monitored outside the jurisdiction?

No.

Is there a legal requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls?

No.

If an external report on the bank’s AML systems and controls is required: a) how frequently must the report be provided?

N/A

To whom should the report on AML systems be submitted?

N/A

Is an AML system part of the financial statement audit?

N/A

What are the requirements for the content of this external report on a bank’s AML systems and controls? Does it require: a) sample testing of KYC files? b) sample testing of SAR reports? c) examination of risk assessments?

N/A

Data Protection Laws And Personal Data

yes

Data Protection for Corporate Data

yes

Data protection for "sensitive Data" and additional protections.

there are no specific definitions of “sensitive data” in the Danish act on processing of personal data. However, sections 6-8 defines three different categories of information: normal personal information (6), sensitive personal information on private matters (7) and other types of information on private matters (8) (please see link below). http://www.datatilsynet.dk/english/the-act-on-processing-of-personal-data/read-the-act-on-processing-of-personal-data/compiled-version-of-the-act-on-processing-of-personal-data/

Do any restrictions on the transfer of credit reports exist?

Yes, the information contained in such reports are subject to the protection of information in the Danish act on processing of personal data.

Regulator Acronym

FSA

Year of last FATF mutual evaluation

2010

Field 67

additional documentsconfirmatory certification by another financial institutionfirst payment in connection w/ transactions

National ID card details

No national identity card.

National ID source

N/A

Passport Photo

practical Guidance yes / no

Is there a risk based approach

Legal Requirement

Requirement to proceed

requirement to use automated suspicious transaction tools

Yes

Who are SARS made to?

SPSEC

shell banks

Yes

EDD for correspondent banking

Yes

Minimum transactions

EUR 6,700

Min transaction USD

7326

Personal Data protection

Data Protection for Corporates

Personal Data Protection Act

https://www.coe.int/t/dghl/standardsetting/dataprotection/National%20laws/DANEMARKThe%20Act%20on%20Processing%20of%20Personal%20Data.pdf

key restrictions

There are no critical restrictions.

Summary

Denmark’s law allows only for the enforceability of digital signatures. While digital or advanced electronic signatures are legal, the use of simple electronic signatures is not provided for under the law. Summary of law Denmark follows the model law that many European Union member states do. However, it is unusual in that it does not have a provision recognizing simple electronic signatures. The law also provides rules for the certification authorities that issue digital certificates. It is limited to certification authorities established in Denmark and does not specify any special requirements concerning certification authorities and electronic signatures originating in other countries. However, it does make it possible for certificates issued by them to be recognized in the same way as certificates issued by Danish certification authorities.

Are e-signatures acceptable

If the AML laws and/or regulations became effective in the last 2 years, what were the requirements of the previous AML regime?

N/A

Non financial sector (e.g. casinos, high value goods etc.)

Business Registry Authority (http://www.erst.dk/), Lawyer: The Danish Bar and Law Society (http://www.advokatsamfundet.dk).

Does the country have a risk based approach?

A risk based approach is allowed in accordance with law. However, the actual approach has to be approved as being consistent with the AML regulations

Where copies of identification documentation are provided, what are the requirements around independent verification or authentication?

There are no mandatory requirements in the law, but it is stated in local guidance that copies of identification documentation are accepted. Copies of documentation can be certified by financial institutions according to the law.

Is there case law, other constitutional law or any other laws or regulations that may impact upon the transfer of information to this jurisdiction?

This would have to be evaluated by a lawyer

List of case law, constitutional law or any other laws or regulations that may impact upon the transfer of information.