SECTION 4 U.K. Performance by third parties
Article 25U.K.
Member States may permit obliged entities to rely on third parties to meet the customer due diligence requirements laid down in points (a), (b) and (c) of the first subparagraph of Article 13(1). However, the ultimate responsibility for meeting those requirements shall remain with the obliged entity which relies on the third party.
Article 26U.K.
1.For the purposes of this Section, ‘third parties’ means obliged entities listed in Article 2, the member organisations or federations of those obliged entities, or other institutions or persons situated in a Member State or third country that:
(a)apply customer due diligence requirements and record-keeping requirements that are consistent with those laid down in this Directive; and
(b)have their compliance with the requirements of this Directive supervised in a manner consistent with Section 2 of Chapter VI.
2.Member States shall prohibit obliged entities from relying on third parties established in high-risk third countries. Member States may exempt branches and majority-owned subsidiaries of obliged entities established in the Union from that prohibition where those branches and majority-owned subsidiaries fully comply with the group-wide policies and procedures in accordance with Article 45.
Article 27U.K.
1.Member States shall ensure that obliged entities obtain from the third party relied upon the necessary information concerning the customer due diligence requirements laid down in points (a), (b) and (c) of the first subparagraph of Article 13(1).
[2. Member States shall ensure that obliged entities to which the customer is referred take adequate steps to ensure that the third party provides immediately, upon request, relevant copies of identification and verification data, including, where available, data obtained through electronic identification means, relevant trust services as set out in Regulation (EU) No 910/2014, or any other secure, remote or electronic, identification process regulated, recognised, approved or accepted by the relevant national authorities.]
Article 28U.K.
Member States shall ensure that the competent authority of the home Member State (for group-wide policies and procedures) and the competent authority of the host Member State (for branches and subsidiaries) may consider an obliged entity to comply with the provisions adopted pursuant to Articles 26 and 27 through its group programme, where all of the following conditions are met:
(a)
the obliged entity relies on information provided by a third party that is part of the same group;
(b)
that group applies customer due diligence measures, rules on record-keeping and programmes against money laundering and terrorist financing in accordance with this Directive or equivalent rules;
(c)
the effective implementation of the requirements referred to in point (b) is supervised at group level by a competent authority of the home Member State or of the third country.
Article 29U.K.
This Section shall not apply to outsourcing or agency relationships where, on the basis of a contractual arrangement, the outsourcing service provider or agent is to be regarded as part of the obliged entity.