Legal Acts

Good Banking Practice


I General principles

The goal of Good Banking Practice is to set out in writing the principles that Estonian credit institutions and branches of foreign credit institutions (hereinafter collectively referred to as “banks”) proceed from and which contribute to better mutual understanding and fair and free competition, and ensure the reliable functioning and good reputation of the entire banking system.

By publishing Good Banking Practice, banks wish to emphasise the importance of good practices and professional ethics and to notify customers, employees and other interest groups that the bank follows good banking practices.

Good Banking Practice was approved by the board of the Estonian Banking Association (hereinafter referred to as Banking Association). The Banking Association board supplements and updates Good Banking Practice as needed, inter alia as occasioned by changes in the banking sector and the economic and legal environment.

Organising banking activity

Banks shall organise their activity in a transparent and conscientious manner and ensure that bank employees are suitable and sufficiently well-trained for their positions and that their activity is subject to sufficient control, supervision and management.

In organising their activities, banks shall abide by the law, other legislation, their internal rules and agreements between banks and customers, and shall ensure that all bank employees are sufficiently informed of these rules to perform their work as required and adhere to them with the required care and diligence.

The Banking Association and the banks have a philosophy that issues unregulated by provisions of law should be resolved under self-regulated procedure.

If necessary, the Banking Association shall establish additional instructions and standards that further refine the rules for the banking sector.

Banks shall comply with the advisory guidelines issued by the European Banking Federation (EBF) and the European Banking Industry Committee (EBIC), to which the Banking Association has decided to accede.

Banks and society

Banks shall act in a sustainable and socially conscientious manner.

Prevention of money laundering and implementation of international sanctions is important to ensure the trustworthiness of banks.

Banks shall promote positive developments in Estonian society and contribute to the growth of the Estonian economy.

Banks and the Banking Association support the professionalism of market participants and development of financial literacy and education for customers.

Banks disclose their dividend policy at their website.

II Relations with other banks

In their mutual interaction and business relations, banks shall adhere to principles of propriety, honesty and mutual respect. This means that banks shall fulfil the obligations arising from agreements they enter into, ensure the adequacy of information exchanged by them and refrain from expressing opinions that can lead to negative conclusions being drawn about other banks.


In their business relationships Banks shall adhere to the principle of fair competition and use only legal and ethical means for outperforming a competitor.

Banks shall refrain from entering into agreements that are prohibited or restricting competition in their intent or consequences.

Notification of the public

Banks shall provide true, fair and sufficient information regarding their activities.

Banks shall follow generally accepted marketing principles. In advertising and promotional activity, banks shall provide a true and fair view of their activities and services. In their advertisements, banks shall not make untrue claims or disparage competitors.

Banks and politics

Banks shall not lend support to political movements or parties or other political organisations.

Compliance with Good Banking Practice

The Banking Association assumes that all Banking Association members comply with Good Banking Practice.

The Banking Association board shall give its opinion on cases raised by member banks that can be potentially construed as violation of Good Banking Practice.

A bank which is in conflict with Good Banking Practice intentionally or due to negligence harms its own reputation as well as that of the entire banking sector. In case of violation of Good Banking Practice, the Banking Association may apply appropriate measures. In the case of severe and repeated violations, a bank may be excluded from the list of Banking Association members.

III Relations between bank and customer


Relations between customers and banks are based on mutual propriety, honesty and trust.

Bank employees shall take into consideration the legitimate interests of all parties.

Using the risk-based approach the banks are entitled to decide, which customer due diligence measures to apply. The banks may decide the scope and content of information to be obtained from the customer. The banks are entitled to not establish or terminate any business relationship using the risk-based approach.

Bank employees may not, either by action or omission, or directly or indirectly, compromise the trust between customer and bank. Bank employees are obliged to administer the assets entrusted to them in a professional and trustworthy manner.

Avoidance of conflicts of interest

Banks shall establish codes of ethics and principles for avoidance of conflict of interest and ensure that they are in conformity with provisions of law and good practices, as well as enforce them among their staff. If it is not possible to avoid a conflict of interest, banks shall ensure that such a risk is sufficiently hedged.

Banks shall implement necessary measures so that the personal interests of bank employees do not have a bearing on their decisions made in an official capacity. Bank employees may not take part in the resolution of matters that are related to economic interests of natural persons and legal persons closely related to them.

Bank employees may not accept gifts personally or on behalf of the bank, nor may they incite customers to make gifts that may be construed as bribes in accordance with law or ethical standards.


Safeguarding customers’ assets is of key importance for banks, as a result of which both physical and IT security measures are developed with daily care.

For the purpose of implementing prevention of money laundering and terrorism financing and related international sanctions, banks may refrain from entering into contractual relations with a potential customer or from executing customer transactions.

The right of customers to choose their bank and bank service

Customers have the right to freely choose among banks and bank services offered to them.

Providing information to customers

Banks shall ensure that customers have continuous access to information on the primary bank services, service charges and deposit interest rates offered to them. This information must be presented clearly and understandably in each bank office and branch and on the banks’ websites. Information on the terms and conditions of other bank services shall be provided by banks upon request.

For their part, banks shall make efforts to ensure that information on the fees charged for bank services and interest rates on deposits are available in a manner ensuring that customers have an opportunity to compare similar services offered by different banks.

In communicating this information, banks shall conform to requirements of law as well as additional instructions established by competent authorities.

Advising customers

Banks shall advise their customers based on each specific case, the needs of the customer and the customer’s financial situation. Banks shall give their customers sufficient and professional information, including outlining the risks related to use of a specific bank service.

With regard to lending activities, banks shall act in a responsible manner, contributing to establishing conditions where customers can assess whether a given loan or credit product is compatible with their personal interest as a borrower and their financial situation and which allows to assess the risks related to borrowing.

Resolution of complaints

In interacting with customers, banks shall attempt to avoid and prevent conflict situations. If differences do arise, banks shall prefer extrajudicial avenues of resolution, in a constructive atmosphere of mutual understanding.

Banks shall establish internal rules regarding the lodging of complaints by customers, procedures for reviewing complaints and deadlines for doing so. The terms for reviewing and replying to complaints must be reasonable. Banks shall ensure that all bank employees who have contact with customers are aware of the said rules.

Banks shall ensure that the principles for resolving complaints are available for customers. Bank employees shall provide all manner of assistance to customers in resolving complaints.

Banks shall ensure that customers have access to information regarding whom to contact for extrajudicial solutions, if a customer finds that the outcome of an in-house proceedings at the bank is unsatisfactory.

The Banking Association shall not resolve disagreements between banks and customers.

Banking secrecy

All information and opinions that were learned regarding a customer – either its own customer or that of another bank – shall be treated as banking secrets. Banks shall implement effective measures for protection of banking secrets based on the strictest principles of confidentiality.

Banks shall ensure that information subject to banking secrecy is available within the bank only to bank employees who need the information in an official capacity.

Banks shall disclose banking secrets to third parties only with the customer’s permission or in cases provided by law.

IV Approval of Good Banking Practice

Good Banking Practice was approved by the Board of the Banking Association in 1996, updated in 2011 and 2017.


1. Upon opening of account
2. Upon performing of transactions
3. Upon analysis of transactions

           * * *

1. Upon opening of account
    a. Suspicion of straw man
    • - The person is using outside assistance for filling of documents or can not fill them in
      - The person does not know actual owners of the trading company, location of the trading company or contact data
      - The person does not know character of the business of the company and possible partners
      - The person can not explain the need for ordered services (amount of settlement limits)
      - The person is listed in the list of known straw men
    b. Suspicion of front
    • - Owners and/or representatives of the trading company can not be unambiguously identified in the documents
      - The trading company has been registered in the territory belonging into the "black list" of FATF
      - The trading company has been registered in offshore region
      - Founders of the trading company can be classified as "suspicious"
      - Paid starting capital is promptly taken out or sent back
    c. Unusual documents
    • - Authorisations or identification documents of representative are not correct or valid
      - Submitted documents cause suspicion of forgery or have evident signs of forgery
      - Documents of non-residents are not valid (requirements of legalisation etc. have been ignored)
    d. Other suspicions
    • - Appearance of the person does not comply with his/her activities or statement of will
      - 2 or more cash cards are ordered with extraordinarily high limits
      - account is opened in bank office, which location has no direct relation to the trading company or person
2. Upon performing of transactions
    e. Unusual cash transaction
    • - Single large payments or withdrawals of cash
      - Payment of single large sums onto the account of private person, which are promptly withdrawn in cash or with cash card
      - Regular cash payments onto the account of private person also in smaller sums, which are transferred in larger sums to single accounts
      - Regular currency exchange in large sums
      - Regular exchange of smaller notes against notes with higher value
      - Purchase of financial services (securities, insurance products, shares of funds etc.) in large amounts for cash
      - Payment of taxes in large amounts in cash
      - Cash transfers to another country without opening of account
    f. Unusual transaction on account
    • - Single extraordinarily large transfer for the benefit of a client not having occurred earlier or a client registered in offshore region
      - Payments of different persons onto one account without sufficient explanation
      - On side of the transfer is credit or financial institution registered in offshore region
      - Large transfers with credit or financial institutions located in the territories belonging into the "black list" of FATF
      - Unjustified large return of VAT from the Tax Board
      - Frequent large wins from casinos or income from the sale of real estate or vehicles
      - Regular payment for luxury goods (cars, art treasures, real estate etc.)
      - Purchase of financial services (securities, insurance products, shares of funds etc.) in large amounts
      - Large purchases and sales of e-money
      - Regular payments for the use of internet-based financial instruments (e.g. SunBill, Privacy Tools etc.)
3. Upon analysis of transactions
    g. On the basis of random choice
    • - Paid (large) sums are withdrawn quickly in cash
      - Paid sums are withdrawn in ATM of other banks (countries)
      - Paid sums are withdrawn through other bank offices
      - Large deposit transactions made through ATM
      - Systematic payment of cash by persons, who are not dealing with retail or service
      - Several cash payments onto one account from different bank offices on one day, which give large total sum
    h. In relation with other transactions
    • - Circulation of large sums in closed circle (between different credit institutions)
      - Flows of large sums (between different persons) within one credit institution in one day
    i. On the basis of previous information (not from the bank)
    • - The person is using his/her account (multi-account) for mutual settlements of his/her other clients
      - Persons, who had no real commercial activities (during the previous year, after opening of account)
      - The person is connected with criminal transactions or persons


In order to prevent the use of financial system for money laundering, the bank must apply additional measures for the prevention of money laundering:

  • The bank must know its client
  • The bank must assess and know the content and objective of transactions and operations of the client
  • The bank must monitor and analyse compliance of economic activity of the client with economic possibilities of the client
  • The bank must check the origin of the assets used in transactions in case of transactions not complying with legal capacity and economic possibilities of the client


    I Upon opening of account

    Upon the conclusion of account agreement with legal person the bank will ask from the client additional data, which must reveal:
  • Precise field of activity of the client
  • Main contractual partners of the client
  • Turnover of the client
  • Percentage of cash and non-cash transactions
  • Settlements with foreign countries - names of countries/persons
  • Direction of transactions - from account/to account, from abroad/to abroad
  • Frequency of transactions
  • Accounts of the client in other banks, incl. data of the bank and contact person of the bank

    If upon identification of the person justified doubt arises that he/she may not act on behalf of him/herself, the bank must identify the person on behalf of whom he/she is acting. In case of justified doubt that the person does not act on behalf of him/herself, the account will not be opened.

    II Upon performing of transactions:
    If it seems to the bank officer that activity of the client can refer to money laundering, the bank will ask from the client additional information in order to determine the origin of money or other assets used in transactions. The bank may ask from the client additional information orally and/or in writing.

    Before the performing of transaction the bank will ask from the client explanation of the origin of assets used in the transaction.

    In order to determine the origin of money or other assets used in the transaction and to check the correctness of the explanation of payment submitted by the client, the bank is entitled to ask from the client additionally following documents and/or data, if necessary:

    1. Documents mentioned in the explanation of payment, such as
  • Sales-purchase agreements
  • Consignment notes of goods
  • Customs documents
  • Invoices
  • Other documents

    The bank will not accept order of payment, if explanation of payment is lacking or insufficient.

    2. Balance sheet or income statement of legal person

    3. Additional data, if necessary
  • Data of the other party
  • Contact data of legal or natural person connected with the transaction (name, contact address, contact phone)
  • Name of the bank and data of the contact person of the bank, through whom information can be obtained about level and extent of the transaction.

    III Risk groups and standards of behaviour
    The bank will establish to the clients risk groups and corresponding standards of behaviour;
  • Proceeding from the country of location
  • According to business form
  • According to the existence of former doubt of money laundering
  • According to the reputation of person/company;

    Standards of behaviour must guarantee implementation of principles fixed in this instruction in credit and financial institutions.

    IV Additional measures in case of cash transactions and receipts

    Receipts The bank will check and pay special attention to receipts;
  • Which have no logical economic reason not depending on the sum;
  • Cash transactions;
    In case of cash transactions the bank will ask from the client explanation and documents attesting legal origin of the money as follows: in case of unknown/little known client from 100.000 EEK and also in case of smaller sums, if the bank has reasons to suspect money laundering, and/or, if the sum of single and/or consecutive transactions exceeds 100.000 EEK. If no explanation is received, the transaction will not be performed.
  • From the countries belonging into the so-called "Black list";
  • Large single or regular payments;
    In case of large single or regular sums received from the countries of the Black list, not depending on the country of location, the bank will ask from the client documents certifying legal origin of the money or other assets used in the transactions. If no explanation is received, the transaction will not be performed.

    The receiving bank will check legality of money or other assets used in transactions. Correspondent bank is not obliged to check legal origin of the assets.


    If in spite of the submission of explanation, documents and additional data by the client the bank has still doubt that the bank may be used for money laundering or that the client is not acting on behalf of him/herself, the bank will be entitled:
  • Not to open the account
  • To postpone the transaction
  • Not to perform the transaction
  • To return the assets to the sender
  • To block the transaction on the basis of corresponding legal order


    In addition to the provisions of the law and other legal acts, internal rules of procedure of the bank must include:
  • List of documents required upon opening of account
  • List of documents required upon performing of transactions
  • Order of regular checking of submitted data
  • Order of alteration of representation rights of the client
  • Order of registration of documents
  • Order of preservation of documents
  • Division of obligations of bank officer in bank structure
  • Responsibility of bank officer for non-compliance with established requirements

    For more efficient prevention of money laundering, upon the establishment of internal rules of procedures of a bank, banks will proceed from these recommendations.

    Upon entering into contractual relations and performing of transactions/operations, credit institutions (further: banks) should pay special attention on foreign legal persons, who are located or running business in countries other that member states of the European Union, Latvia, Lithuania or Norway.

    Given below are additional recommended measures in relations with foreign legal persons of private law (further "legal persons"), which have been founded in offshore regions**.

    In addition to the measures specified in this document, the bank will be entitled to establish additional requirements and restrictions.


    1.1. Certificate of Incorporation or Certificate of Organisation of the legal person or transcript from the register.
    The document must include:

      1.1.1. name of the legal person
      1.1.2. registration number
      1.1.3. date of registration
      1.1.4. register name and country of location
      1.1.5. issuing date of the document

    1.2. Memorandum and Articles of Association, Memorandum of Association, By-Laws, Operating Agreement or Articles of Organisation.
    The document must include:

      1.2.1. name of the legal person
      1.2.2. location
      1.2.3. fields of activity (if not included in the document, this should be asked additionally)
      1.2.4. subscribers

    1.3. Document concerning the owners of the legal person

      1.3.1. Memorandum and Articles of Association, Memorandum of Association, By-Laws, Operating Agreement or Articles of Organisation, certifying the subscribers.
      1.3.2. Document showing transfer of rights from subscribers to new owners (e.g. agreement, assignment note or other document with equal force).

    1.4. Document about election/appointment of the management of legal person (Board, executive director)
    Document about election/appointment of members of the Board/director(s) (Operating Agreement, Statement of Incorporator, Initial resolution of the Members, Shareholder Declaration, Certificate etc).

    1.5. Document certifying the right of representation
    Right of representation may be included in following documents:

      1.5.1. foundation agreement
      1.5.2. articles of the organisation
      1.5.3. resolution of competent body (Minutes of the First Meeting of the Directors, Resolution of the Board of the Directors/Members)
      1.5.4. power of attorney
      1.5.5. transcript from the register concerning the person with right of representation.

    The document must include: - data of the authoriser (name and address of the competent body; name and surname, ID-code, date of birth or residential address of the competent person)
    - data of the representative (name and surname, ID-code or date of birth or residential address)
    - date of issuing of the document

    Letter of authority must additionally include:
    - term of validity
    - range of authority
    - right of re-authorisation, if any

    Document including authorisation must be notarially attested or certified.

    1.6. Document about the appointment of the agent of legal person*
    Document certifying appointment of the agent, if agent is authorised to represent the legal person in the country of location (Operating Agreement, Certificate etc.).

    1.7. Certificate of Goodstanding

    1.8. Other documents

    If the above mentioned documents or data can not be obtained or if the country of location does not issue them in the form specified in the instruction, the bank will be entitled to use also other documents or their notarised or otherwise certified copies for identification of the person.


    2.1. All documents submitted to the bank must be:

      2.1.1. original documents or notarised or equally otherwise certified copies and
      2.1.2. legalised or certified with certificate substituting legalisation (apostil), if foreign agreement does not specify otherwise***.

    Notarised or certified documents on several pages must have been fixed together in such way that their taking apart would be impossible without leaving traces.


    In case of documents in foreign language the Bank will be entitled to demand additionally translation of documents into Estonian or any other language specified by the Bank. Translation must be performed by authorised translator or the signature of translator must be notarised.


    4.1. The bank will be entitled to establish longer term than usual for studying of documents submitted to the bank for the conclusion of settlement agreement by foreign legal persons and making of decision.

      4.2. The bank is not obliged to accept:
      4.2.1. transcript from register, which has been issued earlier than 1 year before;
      4.2.2. certificate of goodstanding, which has been issued earlier than 1 year before.
      4.3. The bank must establish with internal rules of procedure regular control of documents of legal persons registered in offshore regions***.


    5.1. The bank is entitled to restrict services provided to legal persons founded in certain regions (e.g. certain electronic services).
    5.2. The bank is entitled to draw a list of countries and regions, where founded legal persons are subject to the duality principle upon the conclusion of settlement agreements with the bank.
    5.3. The bank is entitled to refuse to conclude settlement agreement or suspend existing settlement agreement with the person, who:

      5.3.1. Is a trading company with bearer shares, with location outside the European Union.
      5.3.2. Does not submit documents specified in this document to the bank.
      5.3.3. The submitted documents do not include data specified in this document.
      5.3.4. The submitted documents do not comply with formal requirements set in this document.
      5.3.5. Age of the submitted documents has exceeded the allowed limit.
      5.3.6. Documents have evident signs of forgery (additions, amendments, traces of erasure etc.).


    * Will be asked, if necessary

    ** offshore region = countries and territories listed in the list of the Tax Board ("Tax-free territories and territories with low tax rate") and list of FATF (Non-Cooperative Countries and Territories).
    Lists are available at following addresses:

    *** The concept of public document and apostil has been specified in the convention on invalidation of the requirement of legalisation of public document of a foreign country (RT II 2000, 27,165).


    1. General provisions

    1.1 The regulation governing money laundering prevention in Estonia, including the Money Laundering Prevention Act (hereinafter MLPA), has been developed based on the European Union Directive on Prevention of the Use of the Financial System for the Purpose of Money Laundering (91/308/EEC). Besides, competent Estonian authorities have confirmed that based on the provisions of the European Parliament and European Union Council Directive 2001/97/EC - i.e. the so-called second money laundering Directive - the Estonian regulation governing money laundering prevention would be modified in 2002.

    1.2 Besides the specified documents, the provisions of the UN 1988 Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances (the Vienna Convention) and the Council of Europe 1990 Convention on Laundering, Search, Seizure and Confiscation of the Proceeds of Crime (the Strasbourg Convention), the ratification acts whereof have been passed by the Riigikogu, shall be observed on money laundering prevention in Estonia.

    1.3 Punishments for money laundering offences are provided for by the Penal Code adopted on 06.06.2001 (Articles 394-396), which based on the ratification act will be enforced from 01.09.2002.

    1.4 FATF (Financial Action Task Force on Money Laundering) formed in 1989 with the aim of preventing money laundering is the principal international organisation focusing on money laundering prevention aspects, which directs the international policy of combating money laundering and develops methodological recommendations for fighting against money laundering. 31 countries and regional organisations are members of FATF.1 The 40 FATF recommendations for money laundering prevention form the most important international standard, the principles whereof are included in the respective legislation of FATF member countries and the countries that are members of regional organisations, including Estonia.

    1.5 The delegations of FATF and of its associated organisations monitor the implementation of recommendations in various countries. Based on the visits and received material, the compliance of the money laundering prevention policy of countries with the internationally accepted practice is assessed. Based on the results, the countries are divided according to cooperation readiness into co-operative and non-cooperative countries and territories (NCCT). Although the FATF documents regulating money laundering prevention are of advisory character, the 40 FATF recommendations should be fully implemented besides the EU member states also in EU candidate states pursuant to the meeting of EU ministers of economics, finance, internal affairs and justice held on 16-17.10.2001.

    1.6 The Basel Banking Supervision Committee of the Bank for International Settlements (BIS) develops standards and guidelines with the aim of increasing stability in the monetary and financial area. The BIS document Customer due diligence for banks, published in October 2001, stipulates, inter alia, the know your customer principle, the implementation whereof is nowadays considered good practice in the areas related to finance.

    1.7 The following recommendations are based on the above-specified legislation and other published opinions and are directed at the formation of single and common behaviour and understandings in the activity of credit and financial institutions (hereinafter financial institutions) related to the implementation of legislation regulating money laundering prevention.

    1.8 The regulation stipulated in these Guidelines provides recommendations for the events when the identification obligation arises from MLPA. In other cases the recommendations stipulated in these Guidelines shall be applicable based on the prudence principle.

    1.9 Depending on circumstances,2 the persons or persons' representatives, who wish to use a service of a financial institution without opening an account or entering into any other agreement serving as the basis for customer relationship.

    Part 2
    Identification of natural persons on creating relationship

    2.1 Natural persons are identified on the basis of a document bearing a photo, issued by a government agency, where at least the person's name and his date of birth or personal identification code are entered. The requirements set to the identity documents are provided in § 9 (1) of MLPA. The documents that are known to be easily forged or purchased should be avoided.

    2.2 The following data of the document submitted for identification shall be verified:

  • validity of document based according to its scope of use and expiry date;
  • resemblance and age of the person with the person's appearance on the photo in the document;
  • compliance of the identity code with the gender of the document holder. In respect of codes assigned to foreign natural persons, embassies or any other competent institutions should be consulted.

    2.3 On identification, a copy is made from the pages of the document serving as the basis for identification, which contain the information necessary for identification (personal data and entries) pursuant to § 9 (1) of MLPA, and the following personal data are registered pursuant to § 11 (1) of MLPA:
  • name, personal identification code and/or date of birth of natural person;
  • category, number, date of issue, place of issue and validity of the document used for identification;
  • person's place of residence or location.

    If the document submitted by the person contains no such data, the person's actual place of residence should be established by questioning, and, if required, the truth of the information served on the address in respect of the county, town, street, house and apartment number should be verified with reliable sources as soon as possible. The serving of a post office box number, poste restante address or any other similar data is unacceptable on the identification of natural persons.

    2.4 If it is impossible to verify all personal data based on the submitted document, the customer shall be requested to submit such data. If data is missing or any suspicions arise in respect of the truth of information provided in the data submitted, the financial institution may upon its own initiative, prior to opening an account, verify the truth of the submitted data with reliable sources. The data and references required for the identification of customers shall be verified only on the basis of original documents, respective certificates etc. of authorities.

    2.5 Only in special cases3 copies of documents or information submitted by intermediaries shall be accepted. In such case a respective note shall be added to the copies of documents confirming identification, and as soon as possible the data and documents shall be verified with the original sources.

    2.6 A financial institution shall not maintain anonymous accounts or accounts in fictitious names.

    2.7 The introduction of a customer by the management of a financial institution or persons accepted thereby may facilitate the identification of the customer, but it shall not substitute the above-specified identification procedures.

    2.8 Personal acquaintance with a customer or the fact that a customer is well-known publicly shall not serve as the basis for the non-observance of the above-described identification procedure. The identity of all public figures (incl. statesmen, members of the Government, politicians and persons directly related to them, renowned business and cultural persons, etc.)shall be established since any exception may jeopardise the reputation of the financial institution which is a party to transaction.

    2.9 The same identification procedures shall be observed on identifying minors. In such case also the personal data of or their parent or parents, or guardian or guardians shall be verified.

    2.10 If an account is opened to a non-resident, at least the same requirements equivalent to those set to residents shall be applied.

    2.11 Besides identification, the customer's activity profile shall also be established on opening an account. For this purpose, the major areas of activity and potential payment habits of the customer shall be established. It is also important to know the customer's business partners or other persons to whom and from whom payments can move, likewise location thereof. The establishment of the location of business partners and other relevant persons is important since in a number of countries the regulation governing money laundering prevention is inadequate and therefore enables the movement of also illegally acquired funds.

    2.12 The customer identification is not a single action, the changes in his personal data as well as area of activity shall be regularly updated at least once a year.

    2.13 If the identification obligation is not observed, a pecuniary punishment shall be applied pursuant to § 395 of the Penal Code.

    2.14 Representatives

    2.14.1 A financial institution shall establish whether the person acts in his own or other person's name and/or on his or other person's account. If the person acts in the name and/or on the account of another person, the financial institution shall also identify the person in whose name and/or on whose account transactions are conducted.

    2.14.2 In the case of transactions conducted through representatives, incl. attorneys, notaries, auditors, accountants, tax consultants, real estate agents, it is essential to primarily identify the representative pursuant to the legislation and the requirements of these Guidelines. Thereupon, the represented person shall be identified, his name, origin, place of residence and date of birth and/or personal identification code shall be established.

    2.14.3 Besides, financial institutions shall, pursuant to § 10 of MLPA, establish any other information they consider necessary for the entering into and maintenance of such customer relationship.

    2.14.4 If customer relationship is created by a representative, a confirmation shall be acquired from such representative in addition to the other data and documents required for identification, that he is not acting in his own interests, but he performs the duties arising from his position, which are based on the contractual relationship concluded between him and the represented person. The scope of powers granted to the representative shall be specified (whether this is a long-term relationship or powers have been granted for a single transaction only, for instance, for opening an account).

    2.14.5 A financial institution shall observe the terms of the powers granted to representatives and provide services only within the scope of the granted rights of representation.

    2.14.6 A representative shall be able to comprehensively answer the questions in respect of the activity of his principal and non-involvement of his principal in criminal activity, besides, the representative shall be able to persuasively confirm that he has identified his principal and is aware and confident of the legal origin of his principal's funds.

    2.15 Civil law partnerships

    2.15.1 On identifying civil law partnerships4 the aim shall be set to identify all members of a civil law partnership or their representatives on the same bases that apply to customers who are natural persons.
    2.15.2 Data in respect of the members of civil law partnerships and their representatives shall be maintained and regularly updated. Also, in the case of civil law partnerships, clubs, etc. the objective of their activity and the origin of the funds they use shall be established.

    Part 3
    Identification of legal persons on creating relationship

    3.1 For the identification of legal persons the data in respect of the legal status, management, all representatives, major shareholders. objectives of activity and activity profile of the person, likewise the rights of the person to assume obligations shall be established.

    3.2 In the case of legal persons in private law, primarily, their passive legal capacity shall be verified by way of obtaining a certificate from the state register or the customer itself or from both (original copy) in respect of the registration of the legal person and legal status thereof. Based on legal status, legal persons shall submit the Articles of Associations registered with the state register, extract from the register in respect of the authorised signatories and the resolution of the competent body or person in respect of the use of a financial service, likewise the location of activity and contact data of the legal person. All the documents submitted in respect of representation of a legal person shall be issued or confirmed by respective authorities up to 30 days prior to submitting thereof to the financial institution.

    3.3 In respect of legal persons in public law and international organisations the documents serving as the basis for their activity shall be established and they shall be requested to submit the relevant documents. If need be, the data contained in the documents, which are required for the creation of customer relationship, shall be verified.

    3.4 Each natural person acting on behalf and account of a legal person, who have the right to operate the funds of the legal person, shall be identified pursuant to the requirements provided in § 9 of MLPA and Part 2 of these Guidelines.

    3.5 If the right to operate the funds of a legal person is granted to a representative, the bases, scope and term of the representative's powers shall be established.

    3.6 Additionally, on identifying legal persons, information in respect of their shareholders, partners and other persons who have control over or any other essential impact on such legal persons shall be requested.

    3.7 On identifying non-resident legal persons, credit and financial institutions shall, to the extent possible, observe the same requirements which apply to resident customers, considering the peculiarities arising from the non-resident customer's country of residence and legal status.

    3.8 On accepting the documents confirming the registration of non-resident legal persons and the representatives' powers, it shall be verified that such documents comply with the requirements stipulated by the Estonian legislation.

    3.9 In a number of states (regions and countries with low tax rates) the standards for the identification of customers, registration and maintenance of documents are lower than those in Estonia, therefore special attention shall be paid to the contents and way of presentation of documents of the companies registered in such countries5.

    3.10 On verifying the powers of a legal person's representatives, it shall be established whether the representative knows his customer. The document confirming the rights of representation shall not be restricted to the signature verification, but it shall stipulate that the person has been explained his rights and obligations (the representative must know the essence and objective of the represented person's expression of will, also he must be able to answer any other relevant questions).

    3.11 The data and documents submitted in respect of the persons whose country of origin is entered in the list of countries prepared by FATF, which do not contribute sufficiently to prevent money laundering, (non-cooperative countries and territories)6, or in the case of countries declared tax exempt and low tax rate territories by the Estonian Taxation Board, shall be examined with special attention7.

    3.12 If the submitted data are insufficient for the identification of the person or its representative, additional documents and information shall definitely be requested and the data shall be verified with reliable sources8. To verify the data, the companies that are members of the same group with the financial institution, which might have additional information in respect of the activity of the customer or its transaction partners, shall be consulted. Only after the person has been completely identified services can be provided to such person.

    3.13 Intermediaries

    3.13.1 A person who has a legal obligation to identify his customer can be in intermediary. If a foreign financial institution providing securities intermediation services to its customers on its behalf is an intermediary, the current legislation of a respective country governing the providing of financial services shall be consulted: whether and how the providing of services is regulated (for instance: is it a licenced activity? what requirements apply for the customer identification?). If it is established that the respective country applies lower criteria than those applied in Estonia, no services shall be provided in Estonia to such customer without additional identification.

    3.13.2 An intermediary shall confirm that he has identified his customer and is convinced about the legal origin of the customer's funds. The intermediary shall be able to comprehensively answer the questions in respect of the activity of his customer and his non-involvement in criminal activity.

    3.14 Safe deposit boxes, interim accounts

    The general customer identification obligation shall extend to safe deposit boxes and use of interim accounts, likewise to any other similar actions.

    Part 4
    Creation of relationship without direct contact

    4.1 The customer relationship of a credit institution shall be governed by unattested agreements pursuant to § 89 (2) of the Credit Institutions Act (CIA), i.e. a customer or his representative shall, upon establishing customer relationship, be personally present to sign the agreement.

    4.2 In special cases9, financial institutions can create customer relationship also without direct contact. In such case, a comprehensive written confirmation in respect of the customer identification data submitted by post, e-mail or via any other channels shall be obtained from reliable sources.

    4.3 On creating customer relationship without direct contact, all related and later risks shall be assessed.

    Part 5
    Identification of persons on conducting transactions

    5.1 If the amount of a single transaction or the amount of successive transactions exceeds the limit stipulated by the legislation or internal procedure rules of a financial institution, the person or his representative shall be identified.
    5.2 Regardless of the amount of transaction, nature thereof or partner thereto, the person or representative shall be identified if the activity of the persons related to the transaction is unusual or the transaction circumstances are suspicious. The internal procedure rules of a financial institution shall contain the descriptions of suspicious and unusual transactions.
    5.3 In the case of financial services provided via the Internet, telephone and post, the compliance of the customer's behaviour with his activity profile and payment habits shall be assessed similarly to that of a customer who has a direct contact with the financial institution.
    5.4 On processing the payment instructions that arrive electronically, the verification system enabling the analysis of the essence of payments and compliance thereof with the principal activity of the customer, shall be implemented Also, credit institutions shall implement measures for regular (at least once a year) checking and updating of the customers who use electronic services, in order to avoid the use of services by unidentified persons.

    Part 6
    Implementation of 'know your customer' principle

    6.1 A financial institution shall implement the 'know your customer' principle in all transactions with the customer in order to adequately assess the compliance of the customer's transactions with his principal activity and/or payment habits.

    6.2 In order to decide whether a transaction is of suspicious or unusual nature, a financial institution shall pay particular attention to its knowledge of the customer and its economic activity. Circumstances, which are suspicious or unusual in respect of one customer, may be totally normal (business) activity of another customer.

    6.3 On creating customer relationship, likewise on conducting transactions, attention shall be paid to the fact whether this is done in the branch of the place of residence or location of the customer. If the customer's behaviour is unusual, it should definitely be required why the customer did not turn to the branch of his residence or location.

    6.4 A financial institution shall assess the essence and objective of the customer's transactions and actions based on its general work experience, in order to establish the potential connection of the transaction or funds used to money laundering or any other offence. Besides, respective instruction and training of employees shall be ensured.

    6.5 The transformation, transfer of funds or performance of legal actions which are the result of tax offences shall be treated similarly to all criminal offences against property on preventing money laundering. Thus, it shall be checked whether tax returns and any other potential movements in customers' accounts related thereto comply with the profile and extent of their activity.

    6.6 § 11 (4) of MLPA allows a financial institution to refuse to conduct a transaction if the person, regardless of respective request, fails to submit the documents certifying the legal origin of the funds which are the object of transaction.

    Part 7
    Internal security measures

    7.1 A financial institution shall, pursuant to § 13 of MLPA, establish internal security measures, which shall contain particular activity guidelines for the identification of suspicious and unusual transactions in all areas of activity. The internal procedure rules shall contain the descriptions of suspicious and unusual transactions.

    7.2 The procedure rules established for the observance by employees shall contain guidelines on refusing to conduct transactions or providing services in at least the following cases:
  • there is reasonable doubt that the customer does not act in his own name;
  • there is reasonable doubt that the funds which are the object of transaction have been derived from crime;
  • the customer's expression of will is unclear;
  • the customer is in a visibly indecisive state.

    7.3 The job descriptions of employees of a financial institution shall stipulate the obligation of notification of the contact person of the Financial Intelligence Unit of suspicious or unusual transactions.

    7.4 In case of suspicion, a financial institution shall verify the legal origin of funds prior to signing the agreement/conducting the transaction. In case of suspicion of illegal origin of the funds that are the object of transaction the contact person of the Financial Intelligence Unit shall be notified.

    7.5 A financial institution shall register and analyse all the cases of refusal to conduct transactions and the reports prepared in respect of suspicious or unusual transactions. Respective details and information shall be preserved for at least five years.

    7.6 The internal procedure rules and job descriptions of employees of a financial institution shall provide for the requirements pursuant to which employees are forbidden to inform customers (and persons who may be related to customers) of the reports prepared in respect of suspicious or unusual transactions.

    Part 8
    Preservation of data

    8.1 The customer identification data and any other information in respect of the development of customer relationship shall be preserved pursuant to § 12 of MLPA for at least five years upon the termination of customer relation, so that in the course of a later investigation the account holder and transaction data can be identified on the basis of such data.
    8.2 It shall be possible to identify the following transaction data:
  • origin of funds (provided they have been identified on conducting the transaction);
  • way of receipt of funds, for instance: in cash, by cheque or in any other way; further use of funds, for instance: cash withdrawal, payment for services; effecting of payment, etc.;
  • person who has submitted the instructions in respect of further use of funds;
  • beneficiary of the payment effected from the customer's account.

    8.3 With regard to investment services, information on the purchase and selling orders of the broker or any other intermediary, transaction order register, payment instructions and payment confirmations, correspondence in respect of transactions and other communication shall be preserved separately.

    8.4 With regard to investment services, information on the customer and assessment of his financial standing, receipt and origin of funds, names and addresses of the counterparties to transaction, structure of investments, their price, value and other relevant details shall be preserved separately.

    8.5 On providing investment services, the data on the financial standing of the customer, his needs for insurance services and agreements signed with the customer, including details of payment method and indemnities, post-sale transaction documents related to the agreement until the expiry of agreement, circumstances related to the termination of agreement and satisfaction of claims shall be preserved.

    8.6 A financial institution shall in its internal procedure rules provide for the procedure of archiving and preservation of data, so that money laundering offences can be investigated as efficiently as possible. When the term for data preservation starts expiring, all the data related to the cases under investigation shall be preserved until the proceeding of respective cases is terminated.

    8.7 If this is a case of a customer of a number of financial institutions that are members of the same group, it shall be sufficient if the updated data supporting identification of such customer are preserved in one of the financial institutions that are members of the same group, provided all the necessary data, if required, are available also to other members of the group and investigative bodies.

    8.8 Transaction data shall be preserved in all financial institutions that have been the initiators of transactions, intermediating or receiving parties or in any other way related to the transaction or operation.

    8.9 Companies of a group located in different countries shall take into account the rules of preventing money laundering and storage of data, which are applied by the parent company or a company of the group located in the country with the strictest legislation with regard to the prevention of money laundering. If any company of a group leaves the group, the issues related to the information preserved according to the rules of money laundering prevention shall also be settled.

    Part 9
    Activity in case of suspicion of money laundering

    9.1 If in a relationship with a customer circumstances arise which are unusual or in respect whereof suspicion of money laundering arises, the contact person of the Financial Intelligence Unit assigned by the manager of the financial institution shall be notified thereof immediately, and he shall decide upon the forwarding of information to the Financial Intelligence Unit. Information can be forwarded verbally, in writing or electronically. If a notice is forwarded verbally, it shall be repeated later, within the next working day, in writing. The Financial Intelligence Unit10 is in the administration area of the Ministry of Internal Affairs and is a structural unit of the Police Board.

    9.2 The customer (likewise his representative and other related persons) in whose respect the Financial Intelligence Unit is notified of the arisen suspicion shall not be notified thereof.

    9.3 The background of each suspicious or unusual case shall be investigated to the utmost extent possible. The details of transaction shall be fixed and the circumstances that have arisen shall be analysed in order to establish the most standard features of transactions conducted most often. The principal issues that have to be addressed on analysing suspicious and unusual transactions are the following:
  • What gave rise to suspicion in the conducting of operations, transactions or any other circumstances?
  • Can you state that the financial institution really knows the customer or are additional data required in his respect?
  • Was the customer or his representative identified during the transaction or operation pursuant to the procedure provided? Was, at that time, the entire required information submitted or additional data had to be requested or specified in any other way?
  • Did recurrent events of suspicious operations and transactions occur?

    9.4 On consulting the contact person of the Financial Intelligence Unit, it should become clear whether this is a really unusual or suspicious operation or transaction. The activity differing from ordinary behaviour is not necessarily automatically suspicious. It is essential, on establishing unusual operations and transactions, to specify all circumstances that may have any relation to the given situation. If, pursuant to the internal procedure rules of a financial institution, the person's activity cannot be totally qualified as the activity that has to be reported to the Financial Intelligence Unit, the further activity of the customer shall be observed more closely. The Financial Intelligence Unit shall be notified as soon as reasonable doubt arises in respect of the customer's suspicious behaviour.

    9.5 The failure of the manager or contact person of a financial institution to notify the Financial Intelligence Unit of the suspicion of money laundering or submitting of incorrect data shall be punished pursuant to § 396 of the Penal Code.

    9.6 Although the majority of employees of a financial institution are under the obligation of professional secrecy, the managers and employees of the financial institution, pursuant to § 17 of MLPA, shall not be liable for the damage arising from the non-conducting of a transaction or undue conducting thereof, which is caused to the customer in relation to the notification of the Financial Intelligence Unit of the suspicion of money laundering. Also, they shall not be liable for the violation of the obligation of professional secrecy stipulated in the agreement, which occurred due to the notification of the Financial Intelligence Unit of the suspicion of money laundering.

    9.7 Pursuant to § 15 (2) of MLPA, the Financial Intelligence Unit may, in the case of reasonable doubt of money laundering, suspend the transaction or establish restrictions for the use of funds for up to two business days. Based on the written application of the Financial Intelligence Unit, financial institutions shall serve the Unit with any other information on transactions or persons related to money laundering suspicion.

    1 FATF member countries and the associated organisations are provided at the following web address:
    2 Circumstances leading to the identification of a person who has no customer relationship are, for instance, the person's unusual behaviour or wish to conduct transactions the conditions whereof are unusual.
    3 Such cases shall be governed by the internal procedure rules of financial institutions.
    4 Law of Obligations Act, § 580
    5 The processing of the documents of non-resident customers shall be governed by Regulation No. 97 in respect of foreign officials issued by the Minister of Justice on the basis of the Notarisation Act on 14 December 2001 (RTL, 2001, 132, 1921).
    6 The list of respective countries is provided at the following web address:
    7 Tax exempt and low tax rate territories:
    8 For instance, state registers, supervision authorities and credit institutions, foreign representative offices of the Republic of Estonia, foreign representative offices in Estonia.
    9 The procedure for acting in special cases shall be governed by the internal procedure rules of financial institutions.
    10 At the time of enforcing the Guidelines the telephone number of the Financial Intelligence Unit is 6123 202.