Accounting offices are obligated institutions under the AML Act. Find out what this means in practice — for you and your clients.
The Act on Countering Money Laundering and Terrorist Financing (AML) imposes a number of specific obligations on accounting offices, the failure to fulfil which carries the risk of serious administrative sanctions. As an obligated institution, an accounting office must not only verify its clients but also conduct ongoing transaction monitoring and report certain events to the General Inspector of Financial Information (GIIF). In this article we explain what the status of an obligated institution means in practice, what procedures are required, and what AML obligations apply to the clients of an accounting office.
Pursuant to Article 2 of the Act of 1 March 2018 on Countering Money Laundering and Terrorist Financing, accounting offices — more precisely, entities providing bookkeeping services or payroll and HR services — are classified as obligated institutions. This means they are subject to the full AML regulatory regime, in the same way as banks, currency exchange offices or real estate intermediaries. The status of an obligated institution is not optional — it follows directly from the type of services provided. An accounting office that maintains commercial ledgers for its clients automatically falls within the scope of the regulations and must align its operations with the requirements of the Act, regardless of its size or legal form.
Every obligated institution must have a written internal procedure for countering money laundering and terrorist financing. This document should cover at least: • the principles of client identification and verification (so-called customer due diligence measures), • the method of assessing the money laundering risk for individual clients and transactions, • the principles of document retention and transaction recording, • the procedure for reporting suspicious transactions to GIIF, • the principles of employee training. The procedure must be regularly updated — changes in regulations, in the client base or in the risk profile of the office should trigger a review. The absence of a procedure or its being out of date is one of the most frequently identified shortcomings during inspections.
Before entering into a business relationship with a new client, an accounting office is required to apply customer due diligence (CDD) measures. In practice this means: 1. Client identification — establishing the client's identity on the basis of documents (e.g. identity card, KRS extract, NIP). 2. Identification of the beneficial owner — establishing who actually stands behind a given company and exercises control over it. 3. Assessment of the purpose and nature of the business relationship — understanding what the client does and where their funds come from. 4. Ongoing monitoring — verifying that the client's activity is consistent with the information held about them. The intensity of CDD measures depends on the client risk assessment. High-risk clients (e.g. those from high-risk jurisdictions, companies with a complex ownership structure) require enhanced due diligence measures.
AML obligations apply not only to the accounting office itself but also to its clients. Sp. z o.o. companies, S.A. companies and other legal persons are required to submit beneficial owner data to the Central Register of Beneficial Owners (CRBR). The accounting office should: • inform the client of the obligation to register in CRBR, • verify at the outset of the business relationship whether the client is registered, • update the data in the event of changes in the ownership structure. Failing to report or late reporting of the beneficial owner exposes the client to an administrative fine of up to PLN 1,000,000. An accounting office that knowingly disregards this obligation in respect of the entities it services risks being charged with a breach of AML regulations.
One of the key obligations of an obligated institution is to register and report suspicious transactions and threshold-exceeding transactions. An accounting office is required to: • register cash transactions equal to or exceeding the equivalent of EUR 15,000, • report to GIIF without undue delay any transactions or circumstances that may indicate money laundering or terrorist financing. A suspicious transaction report (STR) must be submitted without undue delay via the GIIF electronic system. Important: an accounting office may not inform the client that such a report has been submitted — breaching this rule (known as tipping off) is a criminal offence.
Failure to fulfil the obligations under the AML Act may result in severe consequences. Supervisory authorities — including the National Revenue Administration and the competent bodies of professional self-governing organisations — may impose on an accounting office: • a financial penalty of up to PLN 1,000,000 or up to 10% of turnover for the previous financial year, • a ban on holding managerial positions by persons responsible for the breaches, • a public announcement of the established breach (so-called naming and shaming). It is worth emphasising that liability rests both with the institution itself and with the natural persons performing managerial functions. This is why regular team training and updating of internal procedures are so important.
AML obligations in an accounting office are extensive and require a systematic approach — from drafting procedures, through client verification, to reporting to GIIF. If you have doubts about whether your company meets AML requirements, or if you are looking for an accounting office that understands these regulations, contact the Danexis team. We will be happy to assess your situation and propose appropriate solutions. Call: +48 780 760 666 or write to kontakt@danexis.pl.