Operationalizing KYC in Finland: Banks’ Obligations and Practices under National, EU and International Anti-Money Laundering/Counter Terrorism Financing Frameworks

Abstract

This thesis examines how Finnish banks prevent money laundering (ML) and terrorist financing (TF), focusing on legal obligations and institutional responsibilities within Finland’s financial-crime prevention frameworks. The aim is to find out how Finnish law assigns and defines a banks’ obligations in AML/CTF, how international institutions recommend banks to proceed and how these obligations cascade to the banks and especially to their KYC operations. The research is limited to the banking sector and applies a qualitative content analysis method to examine systematically regulatory texts and authoritative guidance, supported by theoretical lenses drawn from risk-based compliance, regulatory governance and financial crime prevention frameworks. The material consists of Finnish legislation and EU directives, supervisory guidelines from the Finnish Financial Supervisory Authority (FIN-FSA) and other relevant institutional literature on financial crime prevention. The analysis finds that banks in Finland face extensive obligations derived from several regulatory levels and that they play a critical role in preventing ML/TF in the banking system cascading to a bank’s complicated and multi-step Know Your Customer (KYC) processes. The EU law and the Finnish AML/CTF Act set strict rules for banks to follow when it comes to due diligence, monitoring, reporting and internal controls. The bank’s responsibilities include risk assessment, ongoing customer monitoring, escalations of suspicious transactions and maintenance of governance structures capable of ensuring effective ML/TF risk management. In the end the Finnish banks face a complex and evolving regulatory environment, where effective ML/TF prevention relies on the integration of legal compliance, collaborative work in order to perform necessary KYC processes, and organizational capability. The on-going regulatory development will determine how these duties are interpreted and implemented in practice.