If your business provides transfer of funds services within the EU then you're known as a 'Payment Service Provider'. You're covered by the EU Payments Regulation and the Transfer of Funds Regulations.
The EU Payments Regulation sets out rules about the information on the payer that must be sent with transfers of funds. The aim of these rules is to prevent, detect and investigate money laundering and terrorist financing.
If your business is a Money Service Business, it must comply with the Money Laundering Regulations. By complying with these regulations you'll already be meeting some of the requirements of the EU Payments Regulation.
This guide tells you about the EU Payments Regulation, who it applies to and what you need to do to comply with it. It also tells you about the penalties for not complying with it.
On this page:
The EU Payments Regulation came into effect on 1 January 2007. It sets out rules for the information about the payer - the person transferring the funds - that has to be sent with a 'transfer of funds'. A transfer of funds is any transfer that the payer makes through a Payment Service Provider to make funds available for collection at a Payment Service Provider if at any stage in the process the money is moved electronically, for example by fax or email.
The payer can transfer funds from one bank account to another, or they can give the funds they want to transfer to the Payment Service Provider in cash, by cheque or by credit card. The funds can then be transferred electronically using SWIFT (Society for World-wide Interbank Financial Telecommunications) or transmitted in another way.
When a Payment Service Provider transfers funds they must normally send 'Complete Information on the Payer' with the transfer. This allows the authorities to trace payments if necessary.
If the Payment Service Providers used by the payer and the person receiving the funds are both within the EU then, unless full details are requested, the sender need only give the account number of the payer or another unique identifier selected by the Payment Service Provider.
If you're a Money Service Business operating as a Payment Service Provider in the EU, you must comply with the EU Payments Regulation rules when you transfer funds. The rules apply to all transfers of funds in any currency that you send or receive.
When you make or receive any transfer of funds you must have Complete Information on the Payer (the payer is the person transferring the funds).
In some instances you will also need to verify this information (see below for when you need to do this). You verify the information using documents, data or information from a reliable and independent source such as:
If the transfer is a one-off payment and you think it is unlikely to become regular business you do not need to verify the information the payer gives you.
For one-off transfers of 1,000 euros or more you must verify the Complete Information on the Payer before you make the transfer.
If the amount of the funds to be transferred is less than 1,000 euros you'll still need to verify the Complete Information on the Payer if both of the following apply:
If you will be handling transfers for a payer on a regular basis and you develop a 'business relationship' you'll need to verify the Complete Information on the Payer.
When you have verified the information once you don't have to do so for every transaction. Instead you'll need to verify it at regular intervals. How frequently you do it is up to you as it will depend on your assessment of the risk.
You can find out more about verifying a person's identity in Section 8 and Appendix 5 of the following HM Revenue & Customs (HMRC) leaflet.
If you're acting as Payment Service Provider for the payer and you're transferring funds outside the EU you must send the Complete Information on the Payer to the Payment Service Provider acting for the person receiving the funds - the payee.
If the payee's Payment Service Provider is within the EU, you'll only need to send either the account number or a unique identifier which allows the transfer to be traced back to the payer.
If you're acting as Payment Service Provider for the payee you must make sure you receive the Complete Information on the Payer from the payer's Payment Service Provider. If you don't you should ask for it or consider rejecting the transfer.
If you deal regularly with a Payment Service Provider who fails to send the Complete Information on the Payer, you could consider warning them or setting deadlines to make sure you receive it. If they still fail to send the Complete Information on the Payer, you might decide to restrict or end your business relationship with them.
Missing or incomplete Complete Information on the Payer might be an indication that the transfer of funds is suspicious and should be reported to the Serious Organised Crime Agency.
You must keep all your Complete Information on the Payer records for five years
If you're an Intermediary Payment Service Provider you must make sure you keep with the transfer all the information you received with it.
(You're an Intermediary Payment Service Provider if you're involved in the transfer of funds but you're neither the payer's nor the payee's Payment Service Provider.)
Some people have to apply for what's known as a 'fit and proper' test before their business can be registered under the Money Laundering Regulations.
If you keep failing to comply with the EU Payments Regulation you may no longer be accepted as a fit and proper person and HMRC may cancel your registration. You can find out more about the fit and proper test by following the link below.
You can get more detailed information about your responsibilities under the EU Payments Regulation and the Money Laundering Regulations in Appendix 10 of the Anti Money Laundering Guide for Money Service Businesses.
You can read the full text of the EU Payments Regulation on the Europa website.
Third party payments are money transmissions where the receivers of the money remittance order(s) are based in one country, but where settlement for the order(s) is made by the payment of an invoice to a beneficiary (often in another country). This is sometimes described as 'third party pooling’ or 'cover payments'. This type of remittance and settlement involves two separate transactions, each of which requires the appropriate customer due diligence or enhanced due diligence.
Under the Money Laundering Regulations the settlement of a debt by means of an offset payment is a separate transaction. Your customer is the overseas recipient (for example, a Money Service Business or similar local payment service provider) which pays out the money remittance orders to the individual receiver(s) and which then requests settlement of an invoice to be made to the beneficiary (the ‘third party’).
These transactions are high risk. You should make sure your risk assessment includes indicators of risk and seriously consider if you should apply enhanced due diligence on the overseas recipient. You should think about asking for and verifying additional documents, data or information to satisfy yourself about the identity of the overseas recipient of the payment. You should also keep records of settlement accounts.
Where the payment is to be made against an invoice you should check that the document is genuine. Checks could include some or all of the following, depending on the level of risk you have identified:
Where you have any level of doubt about the invoice you should seek further evidence to check that it is genuine by getting supporting documentation such as movement certificates, shipping orders, packing lists and/or bills of loading.
Third party payments exclude circumstances where payment is made to a beneficiary in the UK or elsewhere on the instructions of an overseas customer which does not involve an offset of a payment. In this situation the Money Service Business in the UK needs to do the appropriate level of customer due diligence on the overseas customer.
These occur when a customer outside the UK wishes to carry out a transfer of funds to a beneficiary in the UK.
The location of the customer does not affect your need to perform customer due diligence. You must apply customer due diligence and where appropriate, ongoing monitoring if an overseas customer deals directly with you in the UK.
Where the transfer of funds is sent to you from an overseas Money Service Business you must treat them as your customer. Where you are receiving a bulk transfer (where the transfer represents a collection of underlying transactions) the situation is high risk. You should consider if you need to carry out enhanced due diligence. At the very least you must obtain the number of underlying transactions of each bulk transfer made to you by your customer. This information will allow you to monitor that the number and average value of transactions is consistent with the anticipated level of activity when you began your business relationship. It will also give you an indication of risk, particularly where the number of transactions or the average transaction value is significantly above what you expected.
Where you are not satisfied with the reasons provided by your customer, you should make a note of their explanation as to why the average transaction value has increased and check that your customer has carried out appropriate customer due diligence. You will need to decide if it is necessary to make any further checks before you decide whether to accept the transaction.
Where the transfer of funds is included in any sort of ‘offset arrangement’ (where you pay the beneficiary from your own funds and the debt owed to you by the overseas Money Service Business is satisfied by a payment from them to a third party at your instruction) this is a separate, potentially high risk transaction. You must perform customer due diligence and if appropriate enhanced due diligence checks on the overseas Money Service Business. Based on your assessment of the risk this should include checking some specific transactions where you have instructed the overseas Money Service Business to make a payment to a third party.
You must also check if complete information on the payer is present and in the case of missing or incomplete information, reject the transfer or ask for the missing information.
The Transfer of Funds Regulations came into effect on 15 December 2007. These give HMRC the power to charge a penalty if a business fails to comply with the EU Payments Regulation.
When HMRC visit your business to check that you're complying with the Money Laundering Regulations it will also check that you're complying with the EU Payments Regulation.
If you need more information on the EU Payments Regulation, or you have any queries about how to comply with it, you can contact the HMRC VAT, Excise and Customs Helpline - see the contact details below.
If you want to put your query in writing you can contact HMRC by email.
Or if you prefer you can write to them at:
Written Enquiries Section