Statement on inspection in Clearhaus A / S (money laundering and payment service area)
In December 2018, the Danish Financial Supervisory Authority inspected Clearhaus A / S (Clearhaus). The inspection was an investigation of the payment service area and the money laundering area. The inspection included management, risk management and organization of the company in the area of payment services and risk assessment, policies and business procedures in the area of money laundering. In view of the time that has elapsed since the inspection, the Danish FSA is aware that conditions in the company may have changed significantly.
Clearhaus received a license as a payment institution in 2012. The company’s business model consists of redemption of payment cards, cf. Appendix 1, no. 5 of the Payment Act.
The Danish Financial Supervisory Authority assesses that Clearhaus’ inherent risk of money laundering and terrorist financing in connection with the company’s business model is normal to high. The Danish FSA’s assessment is based on the fact that the company’s business model mainly consists of accepting card payments on behalf of online stores. The risk of money laundering in connection with this type of business is typically considered limited, and relates in particular to cases where a counterfeit store is set up. However, the company has a number of other payment institutions as customers, with whom the company has a significant turnover. These customers involve a high risk.
Based on the inspection, there are a number of areas that give rise to supervisory reactions.
Clearhaus is given a risk information that Clearhaus must be aware of challenges in connection with the company’s continued growth, including that the company’s internal procedures and controls reflect the development in products and organizational structure.
Clearhaus is instructed to draw up written control procedures to ensure that non-compliance with business procedures is detected and dealt with.
Clearhaus is instructed to explicitly document which persons are responsible for following up on errors and deficiencies that are found in connection with internal controls.
Clearhaus is instructed to develop clear procedures for how risks are monitored and managed.
Clearhaus is instructed to revise its conflict of interest management procedure in order to make it more operational.
Clearhaus is instructed to revise its risk assessment so that it identifies and assesses the risk that the company may be used for money laundering and terrorist financing and contains a concrete, documented, analysis of the company’s risk factors. In doing so, the company must ensure that the risk assessment uncovers the company’s risk of money laundering and terrorist financing separately. In addition, the risk assessment must be substantiated with relevant information and be based on the national and supranational risk assessments.
Clearhaus is instructed to ensure that the risk assessment relates explicitly to payment institutions as customers.
Clearhaus is instructed to revise its money laundering policy so that it contains an identification and delimitation of how the company will manage and limit the risks in the money laundering area based on the company’s risk assessment.
Clearhaus is instructed to ensure that the company makes adequate records of the outcome of the investigation of unusual transaction alarms and that these are kept.