Bank and payment account monitoring system
The legal act concerning the bank and payment account monitoring system entered into force on 1 May 2019. The purpose of the act is to facilitate electronic data acquisition by authorities from bank and payment accounts of citizens, companies and corporations . In this way, the combat against money laundering and the financing of terrorism is enhanced.
The bank and payment account monitoring system comprises two technically different systems:
- The Account Register maintained by Customs, and
- a distributed data retrieval system.
Furthermore, Customs will introduce an aggregating application on 1 November 2022. The aggregating application is a system created and maintained by Finnish Customs that enables competent authorities to obtain data from the Customs-maintained Accounts Register and from individual data retrieval systems with a single query.
From a citizen’s viewpoint, the elements of the monitoring system, the Account Register and data retrieval systems administered by financial operators are similar. Information is gathered so that certain authorities can use it in investigations relating to financing of money laundering and terrorism. Gathering of data and the monitoring system itself are regulated by a national legal act on a bank and payment account monitoring system based on the EU anti-money laundering directive.
The legal act on a bank and payment account monitoring system determines the parties who utilise monitoring data. These include the Finnish Patent and Registration Office, the Regional State Administrative Agencies, the Financial Intelligence Unit of the National Bureau of Investigation, the Gambling Administration of the National Police Board and the bar associations. Separate legislation on each party utilising information provides for information acquisition rights.
The monitoring system helps to establish an electronic and secure channel for obtaining information from credit and payment institutions, electronic money institutions and virtual currency providers. The legal act does not increase the competence of authorities, but instead gives them a new way of gathering information in a secure electronic way.
Data transfer and storage are based on appropriate high-standard data security measures. The system has specific rights of use for different authorities, and each enquiry that is made is recorded in the system log.
Due to the EU Directive and national legislation, only certain authorities have access to the information in the bank and payment account monitoring system. If you have doubts about the accuracy of information, you should contact the credit or payment institutions where you have accounts, safety deposit boxes or customer relations.
Finnish Customs has been entrusted with the implementation of the bank and payment account monitoring system, and has set up an Account Register Project for this purpose. Customs will implement the Account Register and the related interfaces, i.e. the update interface for banks and payment institutions, and the query interface for authorities who use the Register. Furthermore, Customs has issued instructions on how financial operators can establish a distributed data retrieval system and any related interfaces. The Account Register Project is coordinated by the Ministry of Finance.