Financial institutions, including banks, generally take a cautious approach to risk management in relation to companies providing services with crypto assets. In the initial phase of establishing a business relationship with a CASP, in addition to a detailed understanding of the CASP’s business model, the financial institution also examines the level of its knowledge and experience in the field of AML/CFT, since CASPs are obliged entities under AML/CFT legislation, just like other financial institutions providing services to clients. It is necessary to explicitly state the activities of the CASP when first contacting the financial institution. It is also always necessary to declare truthful data when communicating with the financial institution, which the CASP can prove to the financial institution if necessary. The financial institution may be interested in how the CASP has set up AML/CFT processes in relation to its clients, especially in the areas of:

1. performing due diligence in relation to clients,
2. performing transaction monitoring,
3. verifying the origin of clients‘ funds in crypto-asset transactions,
4. screening clients for sanctions lists,
5. identifying politically exposed clients,
6. reporting unusual business operations to the Financial Intelligence Unit and
7. developing an AML program,
8. storing data on clients and transactions.

  In the initial phase of communication with a financial institution regarding account opening, the CASP must be prepared to provide the financial institution with comprehensive and detailed information on the nature of the business model, technological principles for providing crypto-asset services, the future client portfolio (including the expected structure – residents/non-residents), internal policies and risk management processes, including ML/TF risks, etc. The NBS AML expectations for CASP are listed on the NBS website.