Legal provisions of COM(2021)429 - Amendment of Directive 2019/1153, as regards access of competent authorities to centralised bank account registries through the single access point

Please note

This page contains a limited version of this dossier in the EU Monitor.



Article 1

Directive (EU) 2019/1153 is amended as follows:

(1)Article 1 is amended as follows:

(a)paragraph 1 is replaced by the following:

‘1.   This Directive lays down:

(a)measures to facilitate access to and the use of financial information and bank account information by competent authorities for the prevention, detection, investigation or prosecution of serious criminal offences;

(b)measures to facilitate access to law enforcement information by Financial Intelligence Units (FIUs) for the prevention and combating of money laundering, associate predicate offences and terrorist financing and measures to facilitate cooperation between FIUs; and

(c)technical measures to facilitate the use of transaction records by competent authorities for the prevention, detection, investigation or prosecution of serious criminal offences.’

;

(b)in paragraph 2, the following point is added:

‘(e)procedures under national law under which authorities competent for the prevention, detection, investigation or prosecution of serious criminal offences can require financial institutions and credit institutions to provide transaction records, including time-limits for providing transaction records.’

;

(2)Article 2 is amended as follows:

(a)point 7 is replaced by the following:

‘(7)“bank account information” means the information set out in Article 16(3) of Directive (EU) 2024/1640 of the European Parliament and of the Council (*1);

(*1)  Directive (EU) 2024/1640 of the European Parliament and of the Council of 31 May 2024 on the mechanisms to be put in place by Member States for the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Directive (EU) 2019/1937, and amending and repealing Directive (EU) 2015/849 (OJ L, 2024/1640, 19.6.2024, ELI: http://data.europa.eu/eli/dir/2024/1640/oj).’;"

(b)the following points are inserted:

‘(7a)“transaction records” means the details of operations which have been carried out during a defined period through a specified payment account, as defined in Article 2, point (5), of Regulation (EU) No 260/2012 of the European Parliament and of the Council (*2), or a bank account identified by IBAN, as defined in Article 2, point (15), of that Regulation, or the details of transfers of crypto-assets, as defined in Article 3, point (10), of Regulation (EU) 2023/1113 of the European Parliament and of the Council (*3);

(7b)“credit institution” means credit institution as defined in Article 2, point (5), of Regulation (EU) 2024/1624 of the European Parliament and of the Council (*4);

(7c)“financial institution” means financial institution as defined in Article 2, point (6), of Regulation (EU) 2024/1624;

(7d)“crypto-asset service provider” means crypto-asset service provider as defined in Article 3(1), point (15), of Regulation (EU) 2023/1114 of the European Parliament and of the Council (*5);

(*2)  Regulation (EU) No 260/2012 of the European Parliament and of the Council of 14 March 2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009 (OJ L 94, 30.3.2012, p. 22)."

(*3)  Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849 (OJ L 150, 9.6.2023, p. 1)."

(*4)  Regulation (EU) 2024/1624 of the European Parliament and of the Council of 31 May 2024 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (OJ L, 2024/1624, 19.6.2024, ELI: http://data.europa.eu/eli/reg/2024/1624/oj)."

(*5)  Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (OJ L 150, 9.6.2023, p. 40).’;"

(3)the title of Chapter II is replaced by the following:

‘ACCESS BY COMPETENT AUTHORITIES TO BANK ACCOUNT INFORMATION AND THE FORMAT OF TRANSACTION RECORDS’

;

(4)in Article 4, the following paragraphs are inserted:

‘1a.   Member States shall ensure that the competent national authorities designated pursuant to Article 3(1) of this Directive have the power to access and search, directly and immediately, bank account information in other Member States available through the bank account registers interconnection system (BARIS) put in place pursuant to Article 16(6) of Directive (EU) 2024/1640 where necessary for the performance of their tasks for the purpose of preventing, detecting, investigating or prosecuting a serious criminal offence or supporting a criminal investigation concerning a serious criminal offence, including the identification, tracing and freezing of the assets related to such investigation.

A Member State may limit the power to access and search bank account information through the BARIS to situations in which its competent national authorities designated pursuant to Article 3(1) have justified reasons to believe that there might be relevant bank account information in other Member States.

Without prejudice to Article 4(2) of Directive (EU) 2016/680, bank account information obtained by means of accessing and searching the BARIS shall be processed only for the purpose for which it was collected.

Access and searches pursuant to this paragraph shall be considered to be direct and immediate, inter alia, where the national authorities operating the central bank account registries transmit the bank account information expeditiously by an automated mechanism to competent authorities, provided that no intermediary institution is able to interfere with the requested data or the information to be provided.

1b.   Access and searches pursuant to this Article shall be without prejudice to national procedural safeguards and Union and national rules on the protection of personal data.’

;

(5)Article 5 is amended as follows:

(a)paragraph 1 is replaced by the following:

‘1.   Access to and searches of bank account information in accordance with Article 4(1) and (1a) shall be performed only on a case-by-case basis by the staff of each competent authority that have been specifically designated and authorised to perform those tasks.’

;

(b)paragraph 3 is replaced by the following:

‘3.   Member States shall ensure that technical and organisational measures are in place to ensure the security of the data to high technological standards for the purposes of the exercise by competent authorities of the power to access and search bank account information in accordance with Article 4(1) and (1a).’

;

(6)in Article 6(1), the first sentence is replaced by the following:

‘1.   Member States shall provide that the authorities operating the centralised bank account registries ensure that logs are kept each time designated competent authorities access and search bank account information in accordance with Article 4(1) and (1a).’

;

(7)the following article is inserted in Chapter II:

‘Article 6a

Transaction records

1. Member States shall ensure that financial institutions and credit institutions, including crypto-asset service providers, comply with the technical specifications established in accordance with paragraph 2 when replying, in accordance with national law, to requests for transaction records issued by competent authorities as part of a criminal investigation, including the identification, tracing and freezing of assets related to such investigation.

2. The Commission is empowered to adopt, by means of implementing acts, technical specifications in order to establish the electronic structured format and technical means to be used for providing transaction records. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 22(3). When adopting such implementing acts, the Commission shall consider developments in relevant financial services messaging standards.’

;

(8)in Article 12, the following paragraph is added:

‘4.   Member States shall ensure that FIUs are able to invite Europol where relevant to support them when carrying out the joint analysis referred to in Article 32 of Directive (EU) 2024/1640 and Article 40 of Regulation (EU) 2024/1620 of the European Parliament and of the Council (*6), subject to the agreement of all participating FIUs, within the limits of Europol’s mandate and for the performance of the tasks laid down in Article 4(1), points (h) and (z), of Regulation (EU) 2016/794, and without prejudice to the competences of the Authority for Anti-Money Laundering and Countering the Financing of Terrorism, as set out in Regulation (EU) 2024/1620.

(*6)  Regulation (EU) 2024/1620 of the European Parliament and of the Council of 31 May 2024 establishing the Authority for Anti-Money Laundering and Countering the Financing of Terrorism and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010 (OJ L, 2024/1620, 19.6.2024, ELI: http://data.europa.eu/eli/reg/2024/1620/oj).’;"

(9)in Article 22, the following paragraph is added:

‘3.   Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply.’.

Article 2

1. Member States shall bring into force the laws, regulations and administrative provisions necessary to comply with this Directive by 10 July 2027.

By way of derogation from the first subparagraph of this paragraph, Member States shall bring into force the laws, regulations and administrative provisions necessary to comply with Article 1, points (4) and (5), of this Directive by 10 July 2029.

They shall immediately inform the Commission thereof.

When Member States adopt those measures, they shall contain a reference to this Directive or shall be accompanied by such a reference on the occasion of their official publication. The methods of making such reference shall be laid down by Member States.

2. Member States shall communicate to the Commission the text of the main measures of national law which they adopt in the field covered by this Directive.

Article 3

This Directive shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

Article 4

This Directive is addressed to the Member States in accordance with the Treaties.