Art. 11 Compliance functions | Anti-money laundering regulation (AMLR) | AML

1. Obliged entities shall appoint one member of the management body in its management functionmeans the management body responsible for the day-to-day management of the obliged entity; who shall be responsible for ensuring compliance with this Regulation, Regulation (EU) 2023/1113 and any administrative act issued by any supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; (‘compliance manager’).
2. The compliance manager shall ensure that the obliged entity’s internal policies, procedures and controls are consistent with the obliged entity’s risk exposure and that they are implemented. The compliance manager shall also ensure that sufficient human and material resources are allocated to that end. The compliance manager shall be responsible for receiving information on significant or material weaknesses in such policies, procedures and controls.
3. Where the management body in its management functionmeans the management body responsible for the day-to-day management of the obliged entity; is a body collectively responsible for its decisions, the compliance manager shall be responsible for assisting and advising it and for preparing the decisions referred to in this Article.
1. Obliged entities shall have a compliance officer, to be appointed by the management body in its management functionmeans the management body responsible for the day-to-day management of the obliged entity; and with sufficiently high hierarchical standing, who shall be responsible for the policies, procedures and controls in the day-to-day operation of the obliged entity’s AML/CFT requirements, including in relation to the implementation of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, and shall be a contact point for competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. The compliance officer shall also be responsible for reporting suspicious transactions to the FIU in accordance with Article 69(6).
2. In the case of obliged entities subject to checks on their senior managementmeans the members of the management body in its management function, as well as officers and employees with sufficient knowledge of the obliged entity’s money laundering and terrorist financing risk exposure and sufficient seniority to take decisions affecting its risk exposure; or beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; pursuant to Article 6 of Directive (EU) 2024/1640 or under other Union legal acts, compliance officers shall be subject to verification that they comply with those requirements.
3. Where justified by the size of the obliged entity and the low risk of its activities, an obliged entity that is part of a groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; may appoint as its compliance officer an individual who performs that function in another entity within that groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;.
4. The compliance officer may only be removed following prior notification to the management body in its management functionmeans the management body responsible for the day-to-day management of the obliged entity;. The obliged entity shall notify the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the removal of the compliance officer, specifying whether the decision relates to the carrying out of the tasks assigned under this Regulation. The compliance officer may, on his or her own initiative or upon request, provide information to the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; concerning the removal. The supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; may use that information to perform its tasks under the second subparagraph of this paragraph and under Article 37(4) of Directive (EU) 2024/1640.
1. Obliged entities shall provide the compliance functions with adequate resources, including staff and technology, in proportion to the size, nature and risks of the obliged entity for effective performance of their tasks, and shall ensure that the persons responsible for those functions are granted the powers to propose any measures necessary to ensure the effectiveness of the obliged entity’s internal policies, procedures and controls.
1. Obliged entities shall take measures to ensure that the compliance officer is protected against retaliation, discrimination and any other unfair treatment, and that decisions of the compliance officer are not undermined or unduly influenced by commercial interests of the obliged entity.
1. Obliged entities shall ensure that the compliance officer and the person responsible for the audit function referred to in Article 9(2), point (b), can report directly to the management body in its management functionmeans the management body responsible for the day-to-day management of the obliged entity; and, where such a body exists, to the management body in its supervisory functionmeans the management body acting in its role of overseeing and monitoring management decision-making; independently, and can raise concerns and warn the management bodymeans an obliged entity’s body or bodies, which are appointed in accordance with national law, which are empowered to set the obliged entity’s strategy, objectives and overall direction, and which oversee and monitor management decision-making, and include the persons who effectively direct the business of the obliged entity; where no such body exists, the person who effectively directs the business of the obliged entity;, where specific risk developments affect or may affect the obliged entity.
2. Obliged entities shall ensure that the persons directly or indirectly participating in implementation of this Regulation, Regulation (EU) 2023/1113 and any administrative act issued by any supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, have access to all information and data necessary to perform their tasks.
1. The compliance manager shall regularly report on the implementation of the obliged entity’s internal policies, procedures and controls to the management bodymeans an obliged entity’s body or bodies, which are appointed in accordance with national law, which are empowered to set the obliged entity’s strategy, objectives and overall direction, and which oversee and monitor management decision-making, and include the persons who effectively direct the business of the obliged entity; where no such body exists, the person who effectively directs the business of the obliged entity;. In particular, the compliance manager shall submit once a year, or, where appropriate, more frequently, to the management bodymeans an obliged entity’s body or bodies, which are appointed in accordance with national law, which are empowered to set the obliged entity’s strategy, objectives and overall direction, and which oversee and monitor management decision-making, and include the persons who effectively direct the business of the obliged entity; where no such body exists, the person who effectively directs the business of the obliged entity; a report on the implementation of the obliged entity’s internal policies, procedures and controls drawn up by the compliance officer, and shall keep that body informed of the outcome of any reviews. The compliance manager shall take the necessary actions to remedy in a timely manner any deficiencies identified.
1. Where the nature of the business of the obliged entity, including its risks and complexity, and its size justify it, the functions of the compliance manager and the compliance officer may be performed by the same natural person. Those functions may be cumulated with other functions.
2. Where the obliged entity is a natural person or a legal person whose activities are performed by one natural person only, that person shall be responsible for performing the tasks under this Article.