Position of the Bank of Lithuania on the right of electronic money institutions and payment institutions to access bank accounts opened with credit institutions

BANK OF LITHUANIA SUPERVISION SERVICE DIRECTOR DECISION ON THE APPROVAL OF THE POSITION OF THE BANK OF LITHUANIA ON THE RIGHT OF ELECTRONIC MONEY INSTITUTIONS AND PAYMENT INSTITUTIONS TO ACCESS BANK ACCOUNTS OPENED WITH CREDIT INSTITUTIONS 25 th May 2020  No V 2020/(21.25.E-2100)-241-117 Vilnius Acting in accordance with Article 42(4)(1) of the Republic of Lithuania Law on the Bank of Lithuania and item 5.8 of the Regulations of the Supervision Service of the Bank of Lithuania approved by Order No V2012/(1.7-0202)-02-100 of the Chair of the Board of the Bank of Lithuania of 28 March 2012, I hereby d e c i d e: To approve the position of the Bank of Lithuania on the right of electronic money institutions and payment institutions to access bank accounts opened with credit institutions (attached). Director Jekaterina Govina APPROVED by Decision No . V 2020/(21.25.E-2100)-241-117 of the Director of the Supervision Service of 25 th May 2020 POSITION OF THE BANK OF LITHUANIA ON THE RIGHT OF ELECTRONIC MONEY INSTITUTIONS AND PAYMENT INSTITUTIONS TO ACCESS BANK ACCOUNTS OPENED WITH CREDIT INSTITUTIONS In carrying out the supervision of electronic money institutions and payment institutions (hereinafter – Institutions), the Bank of Lithuania has noticed the increased number of cases when the said Institutions are experiencing difficulties in opening the bank accounts with credit institutions intended for the execution of payments by clients of the institutions and/or safeguarding of their funds (hereinafter – bank accounts) and/or other restrictions on access of such bank accounts, which constitute an obstacle to the unobstructed and efficient provision of electronic money issuance and/or payment services to their clients. Acting in accordance with Article 10(3) and (4) of the Republic of Lithuania Law on Payments and the Rules on Operational or Security Incident Reporting to the Bank of Lithuania approved by Resolution No 03-10 of the Board of the Bank of Lithuania of 21 January 2019 on the Approval of the Rules on Operational or Security Incident Reporting to the Bank of Lithuania and Information Submission Templates, credit institutions must notify the Bank of Lithuania of the decisions taken by them to reject opening of bank accounts to Institutions, to restrict the access to these bank accounts (e.g. in cases of a multi-currency account, restricting payment transactions executed in a specific foreign currency) and/or to close these bank accounts. The assessment of the information contained in the notifications submitted by credit institutions has revealed that such decisions of the credit institutions are often based on the credit institutions’ intention to properly manage money laundering and/or terrorist financing risks (hereinafter – ML/TF risks). According to the assessment of the credit institutions which have submitted the above notifications to the Bank of Lithuania, the Institutions executing clients’ payments pose higher ML/TF risks, therefore, the ML/TF risk control procedures of these institutions are inadequate or ineffective and the compliance function performed by the Institutions is not sufficiently effective. The Bank of Lithuania understands the aspiration of credit institutions to properly manage ML/TF risks and agrees with the fact that ML/TF risks may be higher by their nature when bank accounts opened on behalf of Institutions are used to safeguard funds of clients of the Institutions or to make payments by the clients of the Institutions whose identity and/or transactions cannot normally be directly verified by the credit institutions. However, in the opinion of the Bank of Lithuania, this is not in itself a sufficient ground for applying in all cases extreme and/or most stringent risk management measures, such as refusal to enter into a business relationship or termination of a business relationship with an Institution. In addition, it has been observed that there are cases where, for the reasons set out above, not only the right of the Institutions to hold a bank account opened with credit institutions for the provision of payment and/or other financial services is restricted, but also the right to hold a bank account which is intended to satisfy the needs of the Institution as any other economic entity not related to the provision of payment and/or other financial services (e.g. holding of own funds, payment of wages to employees of the Institution, acquisition of goods and services, etc.). To ensure that the ML/TF risk management measures applied by credit institutions are proportionate not only to the management of such risks, but also to the exercise of the statutory right of the Institutions and/or the obligation, where applicable, to hold bank accounts with credit institutions and to access them and acting in accordance with Article 42(4)(1) of the Republic of Lithuania Law on the Bank of Lithuania, the Bank of Lithuania has prepared this position with a view to drawing the attention of the credit institutions operating in Lithuania to the fact that credit institutions, having the statutory duty to ensure the possibility for Institutions to open bank accounts and to access them to an extent that the Institutions would be able to provide their services in an unobstructed and efficient way, should be aware that such decisions by the credit institutions as refusal to open an account with a credit institution and/or unilateral closure of such accounts and/or imposition of restrictions on access to such accounts have adverse consequences for the Institutions and limit their ability to carry out the activities specified in the operating licences issued to the Institutions. This position may not be considered as an official interpretation of legislation. Given that the Bank of Lithuania takes relevant decisions only after assessing the entirety of specific factual circumstances, this position may neither be considered as a decision of the Bank of Lithuania in a specific case. The position shall apply to the credit institutions established in the Republic of Lithuania [1] and holding bank accounts which have been opened on behalf of Institutions and/or the Institutions have applied for their opening in euro and/or a foreign currency (in the currencies of other Member States and in foreign currencies) and which are intended for the execution of payments by clients and/or safeguarding of their funds, as well as bank accounts which are intended to satisfy the needs of the Institutions not related to the provision of payment and/or other financial services. It should be noted that paragraph 39 of the preamble of Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (hereinafter – PSD2), states that, when engaging in the provision of one or more of the payment services covered by this Directive payment service providers should always hold payment accounts used exclusively for payment transactions. In order to enable payment service providers to provide payment services, it is indispensable that they have the possibility to open and maintain accounts with credit institutions. Member States should ensure that access to such accounts is provided in a non-discriminatory way and proportionately to the legitimate aim it intends to achieve. While access can be basic, it should always be sufficiently extensive for the payment institution to be able to provide its services in an unobstructed and efficient way. The right of Institutions to access the bank accounts opened with credit institutions and being necessary for their activities is stipulated in Article 10 of the Republic of Lithuania Law on Payments implementing provisions of PSD2 in relation to the provision of payment services and their supervision. In accordance with the above Article, the Institutions shall have the right to apply to a credit institution for the opening of a payment account and to access it to an extent that they would be able to provide payment services to their clients in an unobstructed and efficient way (Article 10(1) of the Republic of Lithuania Law on Payments). A credit institution taking a decision on the opening of a payment account and providing to the Institutions the service of maintenance of the payment account must comply with the principles of objectivity, non-discrimination and proportionality (Article 10(2) of the Republic of Lithuania Law on Payments). PSD2 also establishes supervisory requirements for the separation and holding of funds of clients of payment institutions, which have been transposed to Article 17 of the Republic of Lithuania Law on Payment Institutions. Point 1 of paragraph 1 of this Article stipulates that a payment institution which provides the payment services indicated in points 1 to 6 of Article 5 of the Republic of Lithuania Law on Payments is required to safeguard the payment service users’ funds received directly from the payment service users or from another payment service provider for the purpose of execution of payment transactions by not commingling them with funds of other natural or legal persons other than the payment service users. Where the received funds are still held by the payment institution and not yet delivered to the payee or transferred to another payment service provider by the end of the next business day, these funds must be deposited in a separate account opened with a credit institution of the Republic of Lithuania (including a branch of a foreign credit institution established in the Republic of Lithuania), a credit institution of another Member State, the Bank of Lithuania or the central bank of another Member State or invested in secure, liquid low-risk assets in accordance with the procedure established by legal acts of the competent authority. Article 25(1)(1) of the Republic of Lithuania Law on Electronic Money and Electronic Money Institutions stipulates equivalent requirements for electronic money institutions: an electronic money institution is required to safeguard the funds received from electronic money holders for issued electronic money by not commingling these funds with funds of any natural or legal persons other than electronic money holders. Where the received funds are still held by the electronic money institution by the end of the next business day, they must be deposited in a separate account opened with a credit institution of the Republic of Lithuania (including a branch of a foreign credit institution established in the Republic of Lithuania), a credit institution of another Member State, the Bank of Lithuania or the central bank of another Member State or invested in secure, liquid low-risk assets in accordance with the procedure laid down by legal acts of the competent authority. It should be noted that according to the Republic of Lithuania Law on Payments, Institutions, just as other natural and legal persons, shall also have the right to hold bank accounts for other purposes not related to the provision of financial services to the clients of an Institution and to use other services related to a bank account. I. Regarding types of bank accounts Taking into account the objectives, nature and other features of the access to the aforementioned bank accounts opened (to be opened) on behalf of an Institution, the Bank of Lithuania believes that the following types of bank accounts opened (to be opened) on behalf of the Institution can be distinguished: An

Institution’s current bank account (hereinafter – a Current Account) means a bank account accessed by the Institution for purposes not related to the provision of payment and/or other financial services, i.e. holding the funds belonging to the Institution by the right of ownership (e.g. income from activities carried out (not necessarily from financial activities), sale of assets held, etc.) and using them for settlements on behalf of the Institution (e.g. payment of wages, settlements for purchased goods or services, payments of taxes to the state budget, etc.). It must be noted that, in accordance with the legal acts regulating activities of an Institution, the Institution may not commingle clients’ funds with funds of natural or legal persons other than payment service users and/or electronic money holders; therefore, a Current Account cannot be accessed for the execution of payments by the Institution’s clients and/or safeguarding of their funds. A

bank account for the safeguarding of funds of an Institution’s clients (hereinafter – a Safeguarding Account) means a bank account (including an account opened under a deposit agreement other than an irrevocable fixed-term deposit agreement) which is accessed exclusively for the safeguarding of funds of the Institution’s clients, where the Institution still holds the received funds by the end of the next business day. The Institutions holding these accounts should at least be able to return clients’ funds (or part thereof) to the same payment account intended for the execution of payments by the Institution’s clients from which funds have been transferred or to another account agreed with a credit institution and opened on behalf of the Institution. It may be agreed in an agreement with the credit institution that payments may not be made from this bank account on behalf of and/or for the benefit of the clients of the Institution, including payments to and/or from third parties (unless the Safeguarding Account is also a bank account intended for the execution of payments by the Institution’s clients). It should be noted that Institutions shall have the right to safeguard their clients’ funds only in Safeguarding Accounts opened only with the credit institutions specified by laws and may not hold them with a credit institution of a foreign state, another electronic money institution or a payment institution. It should be pointed out that legal acts require the Institutions to provide for measures to ensure the protection of the ownership rights of payment service users, inter alia , to take action to protect clients’ funds against recovery according to the debts of the Institution or in the event of insolvency of the Institution. One such action is a clear declaration of the status of the clients’ funds and inclusion of other special provisions in agreements, including annexes to an agreement concluded with credit institutions for the safeguarding of the clients’ funds, i.e. the terms of an agreement on the opening of a Safeguarding Account, including the annexes to this agreement, must also stipulate that the account is intended only for the safeguarding and maintenance of the clients’ funds transferred to the Institution and these funds remain in the ownership of the specified persons who have transferred them and may and no recovery may be levied on such funds according to the debts of the Institution. Having regard to the fact that the clients’ funds held in the Safeguarding Accounts are the property of the clients and cannot be the subject of recovery according to the debts of the Institution, the Bank of Lithuania would consider as good practice the possibility provided by credit institutions for the Institutions to settle for the service of maintenance of a Safeguarding Account in a manner other than writing off bank fees from the Safeguarding Account. 3. A

bank account for the execution of payments by the Institution’s clients (hereinafter – a Payment Account) means a bank account that is accessed to execute payment orders submitted to the Institution by clients of the Institution, including payments received by the clients of the Institution from third parties. Laws shall not stipulate any restrictions regarding the financial institution with which clients’ funds must be held, provided that payments are executed within the time limits laid down by legal acts and the clients’ funds do not remain with an electronic money institution or a payment institution for a period longer than until the end of the next business day. Thus, in the opinion of the Bank of Lithuania, Payment Accounts may be opened not only with the credit institutions specified by laws, but also with a foreign credit institution, also with another electronic money institution or payment institution. In the opinion of the Bank of Lithuania, a Payment Account may also be a Safeguarding Account, however, in such a case it may be opened only with the credit institutions specified by laws, and the provisions of a bank account agreement must comply with the provisions of a Safeguarding Account agreement, including annexes to this agreement, specified in paragraph 2 of Part I of this position. It should be noted that bank account agreements should clearly indicate the objective and/or purpose of the account (in accordance with the above functionality) and the ownership of the funds held in it. In the opinion of the Bank of Lithuania, the Institution is responsible for the proper access to all bank accounts under the terms specified in an agreement concluded with a credit institution, including their access according to the purpose (e.g. not to execute payments of clients’ funds in a Current Account). The Bank of Lithuania would consider as good practice the possibility provided by credit institutions to open all three types of bank accounts. It should be noted that the types of bank accounts indicated in the position are intended to describe the functionality (purpose) of the accounts and do not imply that credit institutions are obliged to name or rename their bank accounts according to the names indicated in the position, etc. II. Regarding the principles of objectivity, non-discrimination and proportionality Having regard to Article 10 of the Republic of Lithuania Law on Payments, credit institutions must, when taking decisions on a case-by-case basis to terminate (restrict) or reject entering into a business relationship with an Institution, comply with the principles of objectivity, non-discrimination and proportionality, i.e. to ensure that such decisions and other actions of a credit institution are impartial and objective. Moreover, having regard to Article 12 of the Republic of Lithuania Law on Payments, credit institutions must not discriminate against Institutions when they apply to the credit institutions for the opening of a bank account or access to it. Institutions shall have the right to access Current Accounts just as any other payment service user who does not provide financial services, therefore, in the opinion of the Bank of Lithuania, requirements for opening or using these accounts should not differ from those applicable to legal persons pursuing activities other than the provision of financial services and using (willing to access) the services of a Current account, and the scope of the said requirements and the means of their implementation must comply with the necessary and justified purposes of using this account. The requirements for opening or using a Safeguarding Account and/or a Payment Account applicable to each individual Institution should not differ from those applicable to other Institutions (or) other financial market participants (e.g. credit institutions) providing equivalent payment services and/or opening Safeguarding Accounts for the purpose of safeguarding clients’ funds, credit institutions should cooperate with all Institutions without exception and not impose upon them any restrictions in the absence of objective and justified reasons (for example, restrictions on the execution of payment transactions in a certain foreign currency) (the principle of non-discrimination), and the scope of the said requirements, as well as the means for their implementation must comply with the necessary and justified purposes of using these accounts (the principle of proportionality). In the opinion of the Bank of Lithuania, the fact that a credit institution cannot provide to an Institution a part of the services requested by the Institution (e.g. opening a Payment Account or providing access to it) for objective and justified reasons related to ML/TF risk management and/or other circumstances (e.g. the correspondent bank of the credit institution rejects performing the payment transactions initiated in a foreign currency by the Institution and/or its clients) should not in itself be considered as an obstacle to the Institution’s access to other services provided by the credit institution, if the risk of using them is managed (e.g. opening a Current Account or a Safeguarding Account and providing access to them). Moreover, the closure of a Safeguarding Account and/or a Payment Account does not always, i.e. in the absence of justified evidence or suspicions, constitute also a basis for the closure of a Current Account. III. Regarding ML/TF risk management requirements applicable to Safeguarding Accounts and Payment Accounts Taking into account the specific nature of a business relationship that exists between a credit institution and an Institution, where a client of one payment service provider (credit institution) is another payment service provider (the Institution) and an account opened with a credit institution can be accessed both for the safeguarding of the funds of the Institution’s clients (a Safeguarding Account) and for the execution of payments made by the Institution’s clients (a Payment Account), the credit institution must take measures to ensure that the ML/TF risks associated with such business relationships are properly managed and risk-mitigating measures are applied. In cases where there exist between financial institutions business relationships of the type described above, a credit institution shall be subject to the same ML/TF risk management requirements as all other clients: in addition to taking measures to know its client properly, it must also, taking into account the risks posed by the client, carry out continuous monitoring of the client’s business relationships and transactions in order to identify unusual or suspicious activities. In such cases, proper KYC measures should cover such areas as ascertaining the purpose and nature of a business relationship and the legitimacy of the business relationship, ascertaining the soundness of an Institution’s internal policies and procedures for assessing, managing and mitigating ML/TF risks (assessment of the soundness of customer identification, monitoring and other internal procedures), referring to the Institution in order to ascertain the objective of the transactions carried out, the origin of funds and other measures. It should be noted that the scale and intensity of the above measures will vary in each case depending on both the type of an account opened, i.e. whether it is a Safeguarding Account or a Payment Account, and the nature of the transactions carried out in this account, as well as existing risks and the measures already taken by the client of the credit institution (the Institution) to manage the ML/TF risks. In addition, it should be noted that the relationship between payment service providers of the nature described above has very clear features of correspondent banking, which places a considerable burden on the monitoring of business relationships and transactions and makes it essential that, at the beginning of a business relationship, credit institutions and Institutions discuss and lay down specific conditions and measures relating to such business relationships to be taken by these institutions to

properly manage the risks associated with ML/TF and to comply with the requirements set out in legal acts for the prevention of ML/TF . Such conditions could include, for example, a prior agreement on what payments may be executed in specific accounts, as discussed in Part I of this position regarding types of bank accounts, an agreement on what data and information may be requested to be submitted when making a payment order and/or in cases where the transactions carried out in an Institution’s accounts raise questions or suspicions, an adjustment is required, etc., an anticipation of what other ML/TF risk management measures will be taken by both parties to mitigate the risks associated with such business relationships. In cases where it is established that the Institution does not comply with or fails to comply with the pre-agreed conditions, which results in the risk associated with ML/TF being improperly managed and/or a higher risk of ML/TF, the credit institutions shall have the right and duty to take all targeted and proportionate measures to mitigate and manage the risks to which they are exposed. Such measures may include, for example, restricting certain services or transactions, submitting queries for additional information, ascertaining that the ML/TF risk management measures and procedures applied by the Institution are sound and adequate (documentary analysis, on-site inspections and visits), etc. It should be noted that specific business relationships between a credit institution and an Institution must be assessed on a case-by-case basis, taking into account the entirety of such circumstances as the nature of a business relationship, i.e. the services provided (type of a bank account), the activities carried out by the specific Institution, the ML/TF risks posed by it and the measures that the credit institution should take in each case to manage the ML/TF risks to which it is exposed and to properly implement prevention requirements. In the opinion of the Bank of Lithuania, credit institutions should ensure that extreme measures, such as termination of or refusal to engage in a business relationship with an Institution based on ML/TF risks, are applied only after assessing the circumstances relevant to the particular case and only when other possible ML/TF risk management and mitigation measures are not available, have already been exhausted and/or where a credit institution is unable to properly comply with ML/TF prevention requirements and to manage ML/TF risks when establishing and/or continuing a business relationship with a specific Institution (for example, if the Institution avoids or delays to submit information for unclear reasons, conceals it and/or provides false information, uses a bank account not according to its purpose, carries out suspicious transactions in a bank account, etc.). In all cases, the action taken by the credit institution in implementing the ML/TF prevention requirements should be proportionate, based on existing risks and should not go beyond what is necessary to achieve the objective of ensuring compliance with the ML/TF prevention requirements set out in legal acts. IV. Regarding the closure of a Safeguarding Account Where, in the course of a business relationship with an Institution, a credit institution takes an objective and legally justified decision to terminate the relationship, i.e. to close a bank account opened on behalf of the Institution, the credit institution should take into account the fact that such decisions of the credit institution have adverse consequences for the Institutions, in particular when a Safeguarding Account is closed and the Institution used only the services of that particular credit institution prior to such a decision of the credit institution and Safeguarding Accounts are closed on the initiative of the credit institution within a short period of time, which is not sufficient for the Institution to enter into an agreement with another credit institution providing equivalent services and/or to start using its services. It is important to note that the funds held in Safeguarding Accounts are not funds belonging to an Institution, but funds belonging to its clients, which, according to provisions of legal acts, may be held only with the credit institutions specified by laws; therefore, the closure of these accounts, until the Institution opens an equivalent bank account with other credit institutions, increases the risk of security of the clients’ funds. With a view to forming the best practice of closing Safeguarding Accounts and ensuring adequate protection of the legitimate interests of an Institution’s clients and their funds, the Bank of Lithuania believes that before closing the Safeguarding Accounts opened on behalf of Institutions for the above and/or other justified reasons, credit institutions should comply with the following conditions: notify the Institution of such a decision as early as possible, giving it sufficient time, to the extent that this does not conflict with mandatory provisions of legal acts, to open Safeguarding Accounts with other credit institutions specified by other laws, provided that the Institution does not hold such accounts; where the Institution provides information on a Safeguarding Account opened on behalf of the Institution with another credit institution, to transfer the funds held in the accounts to be closed to the Safeguarding Account specified by the Institution; Where the Institution fails, for justified reasons, to open equivalent accounts with other credit institutions specified by laws before the envisaged date of closure of the Safeguarding Account, to give the Institution additional time for completion of such actions by extending the time limit for closure of the Safeguarding Account, to restrict the Institution’s right of access to such accounts, where such action is necessary to comply with the requirements set out in legal acts, ensure that, until funds are with a credit institution, including transfers of funds to the credit institution’s internal accounts, it is possible to determine the balance of funds remaining in the Safeguarding Account and these funds are not the subject of recovery according to debts of the Institution. V. Regarding cooperation between the Institution and a credit institution Attention should be drawn to the fact that the general principles of the conclusion and performance of bank account agreements stipulated in the Civil Code of the Republic of Lithuania oblige a credit institution and an Institution as parties to a bank account agreement to perform their duties in the most cost-effective manner and to cooperate with each other in the course of contractual relations. Where the credit institution intends to restrict access to a bank account or to close it because it is unable to provide certain services, execute certain payment transactions, it should notify the Institution in advance and, where possible, discuss what steps to take, to search for the most acceptable options for both parties (if possible), to exchange the information relevant to their contractual relations (e.g. the credit institution should inform about changes in correspondent banks’ policies on cross-border payment transactions, etc.), as such information is important not only for smooth cooperation between the Institution and the credit institution, but also for ensuring of interests of the Institution’s clients, because possession of such information enables the Institution to appropriately communicate with its clients, plan the provision of services and the pursuit of activities. In the opinion of the Bank of Lithuania, the above principles should also be applied when the business relationship between a credit institution and the Institution is terminated, i.e. the party initiating the termination of the business relationship should make every effort to minimise to the other party to the agreement the negative consequences suffered as a result of such termination of the business relationship.

---

Credit institution means a credit institution as defined in Article 4(1)(1) of Regulation (EU) No 575/2013, its branch or a branch of a foreign credit institution established in the Republic of Lithuania. ↑