Section 62(2) of the AML Law governs the verification of customer and beneficial owner identities.

General rule: Identity verification must be completed before establishing a business relationship or conducting a transaction.

Exception: Verification may occur during the relationship if:

• Business continuity requires it.
• Money laundering/terrorist financing risks are low.
• Verification is completed as soon as possible after the initial contact.

Conditions for low-risk assessment:

• Deposits must not exceed €2,000.
• Funds must originate from a bank account in the customer’s name.
• Verification must be finalised within 15 days or the relationship is terminated and funds refunded.

Refunds: Deposits, including profits, must be returned to the originating account if verification is incomplete. Losses are deducted.

Administrative Service Providers (ASPs): ASPs must justify any delay in verification and ensure compliance with Section 62.

AML Manual: Obliged entities must document internal procedures to ensure compliance with Section 62(2).

CySEC emphasises the importance of completing identity verification before entering business relationships and urges entities to adopt robust measures to mitigate risks.

CySEC’s Circular C721 can be found here