At the beginning of February 2021, a new decree of the Hungarian Minister of Finance (“Decree”) was published on the detailed rules of the execution of the Money Laundering Act for certain non-financial service providers and the development and the minimum requirements of the operation of the filtering system. The decree enters into force on 19 March 2021.
Under the new provisions, service providers performing activities in relation to real estate transactions, the providers of accounting, tax expert, certified tax expert services, tax advisory activities under agency or service contract, the providers engaged in exchange services between virtual currencies and legal tender, custodian wallet providers and seat service providers must classify their clients into low, average or high level of risk categories. The Decree defines clients where the classification of low-risk category may be applied, as well as the main factors of high risk at the establishment of the business relationship. The service provider must continuously monitor the business relationship and in the course of the monitoring activity, it must review the classification of its clients by risk categories at least once a year.
According to the Decree, one or more leaders must be appointed by the service provider who is responsible for the execution of the obligations of Money Laundering Act by the employees. The task of the appointed leader is for instance the performance of monitoring tasks relating to keeping the registers updated and the organization of training programs.
The Decree also details the minimum requirements of the operation of audited electronic means of communication, including their method of auditing, and the execution of client due diligence by such means. In addition, the Decree contains the cases and conditionality of strengthened procedures, and the detailed rules for training programs and for the suspension of transactions.
Finally, the Decree stipulates that at the time of the establishment of the business relationship and the acceptance of the business mandate, the service provider must compare the personal data of its whole client base recorded in its filtering system with the data of persons appearing in the European Union legal acts or in the resolutions of UN Security Council. The execution of filtering must be documented in writing, then these documents must be kept for 8 years and they must be presented in the course of a supervisory control.