Introduction
Pliant is an authorised Electronic Money Institution (EMI) regulated by the Finnish Financial Supervisory Authority (FIN-FSA) and a licensed Visa Principal member. EMIs play a crucial role in the financial ecosystem, offering payment solutions, payment cards, and electronic money services to private and corporate customers. With increasing regulatory scrutiny and financial crime risks, EMI license holders must implement robust compliance frameworks, including Due Diligence (DD) at onboarding but also ongoing Due Diligence (ODD), to ensure continuous monitoring of their customers.
This article explores why ODD is essential for Pliant as an EMI license holder regulated by the FIN-FSA, providing corporate credit card services.
2. Adherence to AML/CFT Regulations
EMIs are obligated to comply with Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) laws, as outlined in various regulations, including:
The European Union’s AML Directives (4AMLD, 5AMLD, and 6AMLD)
Local supervisory authority requirements (e.g., FIN-FSA regulations on AML compliance for financial institutions)
And recommended to follow The Financial Action Task Force (FATF) 40 Recommendations
Under these regulations, obliged entities must conduct ongoing monitoring of customers to ensure that customer risk profiles remain accurate and report any suspicious activities to the relevant Financial Intelligence Unit (FIU).
3. Requirements from the Financial Supervisory Authority (FIN-FSA)
The FIN-FSA guidelines explicitly outline the obligation of financial institutions to:
Perform continuous monitoring of customers (corporate and/or individual)
Update risk assessments regularly
Identify and report suspicious activities to the Financial Intelligence Unit (FIU)
Ensure that customer data remains accurate and up-to-date
4. Ongoing Due Diligence (ODD) and compliance with Know Your Customer (KYC) data requirements
Ongoing Due Diligence allows Pliant to assess and assure that collected data at initial onboarding is up to date. It gives Pliant the occasion to update any information that has changed since onboarding or since last review. Adhering to AML regulations, Pliant applies a risk-based approach (RBA) to customer onboarding and customer monitoring.
Pliant will assess if there have been any corporate changes, such as new Legal Representatives (LR), changes in shareholders or beneficial owners (UBO), and if the business activity is in line with declared activity and if the usage of Pliant’s credit cards are in line with declared intended use.
Customers are also required to proactively inform Pliant of any changes. Pliant will collect updated information, in line with regulatory requirements to ensure that customer data remains accurate and up-to-date.
Monitoring of customers on an ongoing basis will ensure compliance with regulatory requirements. Failure to comply can result in penalties, reputational damage, or even license revocation.
5. Prevention of Credit and Transaction Fraud
EMIs providing corporate credit cards must not only monitor the customer data (KYC) but also monitor transactions and collect more information, when seen necessary to understand the customer’s use of their services.
Pliant may reach out to the customer to get more information about the transaction and may request supporting documents. To prevent credit and transaction fraud Pliant uses real-time transaction monitoring which helps to detect fraud at an early stage.
6. Conclusion
Pliant takes its regulatory requirements to perform Due Diligence (DD) at onboarding and Ongoing Due Diligence (ODD) seriously to not only protect Pliant but also to ensure that the customers' funds and data are protected.
ODD is not just a regulatory requirement but a critical risk management tool for EMI license holders offering corporate credit cards. Failing to conduct ODD exposes EMIs to financial crime, regulatory penalties, and reputational damage. By integrating robust monitoring systems, risk-based approaches, and automated compliance solutions, Pliant can ensure business continuity, regulatory compliance, and financial system integrity.