Please note that all my articles are for informational purposes only and not legal advice. I assume no liability for the content of my articles. The articles may be out of date, the legal situation may have changed, or the specific situation in a case may need to be assessed differently. A binding consultation can only be given by me directly in the individual case. Take advantage of my free brief consultation!
Payone GmbH: BaFin prohibits transactions due to high money laundering risks and inadequate security systems
As a rule, I do not publish notifications from BaFin, which reach me daily via e-mail. However, since I also advise or have advised blockchain providers and providers of financial services, including on issues of dealing as an e-money institution and how burdensome it is to implement BaFin requirements, I am making a distinction for once in this message. On July 26, 2023, BaFin prohibited namely Payone GmbH from conducting transactions for certain business customers belonging to the high-risk portfolio due to high money laundering risks and serious deficits in money laundering prevention. BaFin has also ordered a ban on new customers in this area. The ban on transactions and new customers is intended to prevent the e-money institution from being misused for money laundering.
The problem of compliance with AML (anti-money laundering) requirements is a huge one, especially in the web3/blockchain space.
How did the ban come about? In a special audit ordered by BaFin, which has not yet been completed, it was determined that Payone GmbH had serious deficits in complying with and implementing the required enhanced due diligence requirements under the German Money Laundering Act(GwG). As a result of inadequate anti-money laundering safeguards, Payone GmbH had built up a conspicuous high-risk portfolio in its e-commerce business. The business customers of this high-risk portfolio are probably merchants who operate their business models almost exclusively online via websites. Consumers can purchase products and services there and pay for them using credit cards. These credit card transactions are processed by Payone GmbH. Findings from ongoing oversight activities indicate that merchant websites are linked to fraudulent subscriptions, phishing, and fake stores, among other things.
The serious deficiencies identified relate to the measures Payone GmbH undertakes to assess merchants’ business models in the customer acceptance process. The deficiencies also relate to the ongoing monitoring of traders. In particular, the anomalies in the risk assessment by Payone GmbH did not result in merchants being rejected or ongoing business relationships being terminated.
Payone GmbH holds a permit as an e-money institution pursuant to Section 1 (1) No. 2 of the German Payment Services Supervision Act (Zahlungsdiensteaufsichtsgesetz– ZAG). It provides payment services by accepting and settling payment transactions (acquisition business).
Electronic money institutions must ensure that they are not abused for money laundering or terrorist financing. Money laundering is the smuggling of funds from criminal sources into the legal financial and economic circuit in order to disguise their origin.
If there are increased risks of money laundering or terrorist financing, e-money institutions must comply with enhanced due diligence requirements. If the respective enhanced due diligence requirements cannot be met, the termination obligation pursuant to Section 15 (9) GwG shall apply.
Marian Härtel is a lawyer and entrepreneur specializing in copyright law, competition law and IT/IP law, with a focus on games, esports, media and blockchain.
