Statement on payment service and money laundering inspection in November First A / S
In January 2021, the Danish Financial Supervisory Authority inspected November First A / S (the company). The inspection was carried out in accordance with section 131 of the Payments Act, cf. Executive Order no. 1719 of 27 November 2020 (Payments Act) and section 47, subsection 1 of the Act on Preventive Measures against Money Laundering and Terrorist Financing, cf. Executive Order no. 1782 of 27 November 2020 (the Money Laundering Act).
The company is a Danish company headquartered in Copenhagen. Since May 2016, the company has been licensed as a payment institution to offer money transfer business. The company’s business model consists of a payment platform that allows the company’s customers to make payments to recipients at home and abroad in different currencies as well as to receive payments in different currencies.
The Danish Financial Supervisory Authority assesses that the company’s inherent risk of being used for money laundering or terrorist financing is normal to high in relation to the average of financial companies in Denmark. In the assessment, the Danish Financial Supervisory Authority has placed special emphasis on the company offering currency exchange via a digital payment platform and thus making both domestic and foreign payments. It is also part of the Danish FSA’s assessment that the company’s customer portfolio consists exclusively of distance customers.
Based on the inspection, there are a number of areas that give rise to supervisory reactions.
The company is instructed to ensure that the company has adequate satisfactory compensatory measures that ensure separation between the person responsible for internal controls and the person performing the tasks to be controlled.
The company is instructed to ensure that the company has adequate internal control mechanisms and written procedures for the person responsible for internal control reporting to the board of directors on the company’s compliance with internal business procedures, including the frequency and content of the reporting.
The company is instructed to ensure that the company has business procedures and procedures that ensure that risks are identified and reported up through the organization.
The company is instructed to ensure that the company has adequate procedures for the separation of functions in connection with the management and prevention of conflicts of interest for the company’s employees, including that it is determined when the employees are in a conflict of interest and that there is a procedure for how they should react if they are in a conflict of interest.
The company is instructed to ensure that it is clear that inquiries via the scheme can be made anonymously, as well as to ensure that the company has procedures for following up on reports via the company’s whistleblower scheme.
The company is instructed to prepare a risk assessment for money laundering and terrorist financing, respectively, so that it is based on the company’s business model, and includes an identification and assessment of the risk factors associated with customers, products, services, and transactions as well as delivery channels and countries. or geographical areas in which the business activities are carried out.
The company is instructed to revise the company’s money laundering policy so that it contains an identification and delimitation of how the company will manage and limit the risks in the money laundering area that the company has identified in the risk assessment.
The company is instructed to revise its written policies, business procedures and controls to include risk management, customer due diligence procedures, investigation, listing and notification, information retention, employee screening and internal control for effective prevention, mitigation and risk management. money laundering and terrorist financing. Likewise, the company must ensure that the business procedures are operational and clearly state the specific tasks that the employees must perform.
The company is instructed to carry out stricter customer due diligence procedures in the customer relationships where the company has assessed that there is an increased risk of money laundering and terrorist financing, including, if necessary, obtaining information on the origin of the funds.
The company is instructed to ensure that the company implements customer knowledge information when a customer’s relevant circumstances change and otherwise at appropriate times.