Article 6
Transfer of customer data to Member States
Where the third country's law prohibits or restricts the transfer of data related to customers of a branch and majority-owned subsidiary established in a third country to a Member State for the purpose of supervision for anti-money laundering and countering the financing of terrorism, credit institutions and financial institutions shall at least:
|
(a) |
inform the competent authority of the home Member State without undue delay and in any case no later than 28 calendar days after identifying the third country of the following:
|
|
(b) |
carry out enhanced reviews, including, where this is commensurate with the money laundering and terrorist financing risk associated with the operation of the branch or majority-owned subsidiary established in the third country, onsite checks or independent audits, to be satisfied that the branch or majority-owned subsidiary effectively implements group-wide policies and procedures and that it adequately identifies, assesses and manages the money laundering and terrorist financing risks; |
|
(c) |
provide the findings of the reviews referred to in point (b) to the competent authority of the home Member State upon request; |
|
(d) |
require the branch or majority-owned subsidiary established in the third country regularly to provide relevant information to the credit institution's or financial institution's senior management, including at least the following:
|
|
(e) |
make the information referred to in point (d) available to the competent authority of the home Member State upon request. |