Requirements for maintaining a BaFin Licence | FinTech online course #18

BaFin Licence | PayTechLaw | FinTech online course | sutthinon602

In our yesterday’s blog post, we dealt with the question how to obtain a BaFin licence for payment services or other activities requiring a licence. But once you’ve got a licence, the fun really starts: you have to work hard not to lose your licence again. In this article we want to deal with what you have to be aware of.

Use of the BaFin Licence

Above all, the licenced company has to make use of its licence in order not to lose it again. If the company does not use a licence for more than six months, BaFin may revoke it. If the company does not use the licence immediately after it was granted, it is even worse. Then the licence is gone after 12 months without BaFin having to do anything else. In this case it expires automatically. Just like that.

Supervision by BaFin

As a company with a BaFin licence, you are supervised by BaFin. This means that BaFin checks whether the company always complies with its supervisory duties (e.g. its organisational duties or the duties to report certain facts to BaFin). In most cases, BaFin does not audit this itself. Instead, this task is delegated to the annual auditor. At least once a year, the auditor checks whether the company complies with its regulatory obligations and prepares an audit report on this. BaFin also receives this audit report. If BaFin has the impression from the audit report that the company is not operating properly, it can conduct further investigations and take supervisory measures up to revoking the licence. The supervised company itself must pay for the audit by the auditor and the supervision by BaFin.

Compliance with Anti-Money Laundering Obligations

A company with a licence from BaFin must also comply with certain requirements to prevent money laundering and terrorist financing. These include, in particular, the identification of its customers, the reporting of suspicious cases of money laundering and various internal measures (e.g. the appointment of a money laundering officer, verification of the reliability of employees and the archiving of certain documents). Breaches of these obligations may result in more than just supervisory measures. They can also be punished by heavy fines.

Compliance with Civil Law Requirements

In addition, companies supervised by BaFin often have to comply with requirements when drafting their customer contracts. These include extensive information obligations vis-à-vis customers, but also certain requirements regarding the company’s liability. These requirements play a particularly important role in B2C business. Also BaFin is interested in whether a supervised company plays fair. For example, customers of payment service providers can complain to BaFin. This is another source of information for BaFin. If, as a result of customer complaints, BaFin gets the impression that a supervised company is not operating properly, it can investigate the matter and even take supervisory measures against the company.

 

LINK TO THE HOMEPAGE OF THE FINTECH ONLINE COURSE

 

Cover picture: Copyright © Adobe/ sutthinon602

 



By continuing, you accept our privacy policy.
You May Also Like
A new era in IT security: a comparison of NIS2 and DORA 4
Read More

A new era in IT security: a comparison of NIS2 and DORA

As digitalization advances, companies and organizations are increasingly confronted with complex challenges around IT security and digital operational resilience. Within a few months, the European Union has adopted two important pieces of legislation to strengthen IT and cybersecurity, which will now come into force in the near future: the “Directive on measures for a high common level of cybersecurity across the Union” (NIS2) and the Digital Operational Resilience Act (DORA).
Read More