Croatia’s Regulatory Requirements for Financial Institutions: AML and KYC Guidelines
======================================================
In Croatia, financial institutions are subject to strict regulatory requirements regarding anti-money laundering (AML) and know your customer (KYC) guidelines. The main legislation governing AML is the AML Act, which came into effect on April 25, 2019.
Enforcement of AML Regulations
The Croatian National Bank (CNB), Financial Inspectorate, HANFA, Tax Administration, and other relevant authorities are responsible for enforcing AML regulations. The Anti-Money Laundering Office coordinates and cooperates with these entities to ensure effective implementation of AML measures.
KYC Measures
Under the AML Act, KYC measures include verifying the identity of customers and establishing their suitability and risks involved in maintaining a business relationship. Banks and other financial institutions typically require face-to-face identification of clients, although video calls are also permissible under certain circumstances.
Customer Due Diligence
Financial institutions may outsource customer due diligence to third parties, but only for specific services such as:
- Establishing and verifying client identity
- Identifying actual owners
- Collecting data on the purpose of business relationships
However, obligors must continuously monitor business relationships independently and not through a third party.
Entities Authorized to Perform Customer Due Diligence
The AML Act explicitly lists entities that can perform customer due diligence, including:
- Public notaries
- FINA
- HP-Hrvatska pošta d.d.
- Certain credit or financial institutions
Third parties from other EU member states or third countries may also be recognized if they comply with equivalent AML requirements.
Externalization vs. Implementation through Third Parties
In cases where customer due diligence is entrusted to external associates and representatives of credit institutions, the provider of these services is considered part of the AML obligor and must apply policies and procedures for customer due diligence in accordance with the AML Act.
Financial institutions should note the distinction between implementation through third parties and externalization. The former involves a third party that implements its own customer due diligence procedures, while the latter involves an external associate or representative that applies the obligor’s customer due diligence procedures.
License or Approval Requirements
Entities providing services regulated under specific acts may be required to obtain a license or approval for their activities. Financial institutions should carefully consider outsourcing customer due diligence to ensure compliance with AML regulations and minimize risks.
Entities Recognized by Law
Entities specifically recognized by law as third parties that can comply with AML regulations include:
- Credit institutions
- Financial institutions
- Notaries
- Independent legal professionals
- Trust or company service providers
- Certain other entities
Other professions such as auditors, external accountants, tax advisors, estate agents, and providers of gambling services are excluded from this list.
Compliance with AML Regulations
Financial institutions operating in Croatia must be aware of the country’s AML and KYC guidelines to ensure compliance with regulatory requirements and mitigate risks associated with money laundering and terrorist financing.