On 31 March 2016, the Dutch Central Bank (De Nederlandsche Bank, DNB) published the results of the investigation it conducted in 2015 into the way banks deal with integrity risks, such as money laundering and terrorist financing risks. As part of this investigation DNB also looked into whether banks had sufficient control and oversight over the integrity risks for its so-called ‘remote entities’. Remote entities are the subsidiaries or branch offices of Dutch banks that are organisationally and/or physically distant from the head office. DNB indicates that banks constantly need to be aware of the integrity risks that they are exposed to through these remote entities and must mitigate these risks.
DNB has provided individual feedback to the banks that were part of its investigation, but DNB also wants to share some general points of attention, including:
- remote entities do not always form part of the overarching systematic integrity risk analysis (overkoepelende systematische integriteitsrisicoanalyse, the SIRA), while this should certainly be the case;
- most of the communication lines between the remote entities and the head office is one way: the head office sends information on a regular basis to the remote entities, but not vice versa. As a result, there is the risk that certain crucial information does not reach the bank’s head office in time; and
- the quality of the client records of the remote entities is not always in line with the internal standard that DNB has published. The Dutch head office will need to ensure that this is improved.
View DNB’s new item on the attention to integrity risks (Dutch only), 31 March 2016.