GREECE Law and Practice Contributed by: Ioannis Charalampopoulos, Petros Machas and Alexandros Saratsiotis, Machas & Partners
requires robust onboarding procedures, due diligence, and recordkeeping processes to ensure accurate and timely reporting in line with both regimes. 4.11 Anti-Money Laundering (AML) and Know Your Customer (KYC) Regime Greece maintains a robust AML/KYC regime under Law 4557/2018, as amended, which implements the EU’s 4th, 5th, and 6th AML Directives and is fully aligned with the FATF standards. Greece is a member of the FATF, FIU.net, and the Egmont Group through its Financial Intelligence Unit (FIU), and cooperates closely with the EU, the Council of Europe, and other international bodies in combating money laundering and terrorist financing. Obliged entities – including banks, investment firms, AIFMs, UCITS managers, auditors, accountants, and other financial intermediaries – must adopt a risk-based customer due diligence (CDD) approach, verify client identity, identify beneficial owners via the national register, understand the business relation - ship’s purpose, and monitor transactions on an ongo - ing basis. Enhanced due diligence applies to high-risk cases, including those involving politically exposed persons and jurisdictions with high risk. Under Articles 22 and 27, institutions and employees must: • immediately report to the FIU any suspicion or knowledge of money laundering or predicate offences; • promptly provide all information requested by com - petent authorities; and • avoid tipping off clients or third parties. Suspicious activity encompasses any transaction indi - cating or suggesting criminal involvement, including cryptocurrency transactions, as “property” under Arti - cle 3. Sanctions for breaches (Article 45) include significant fines, suspension or revocation of license, restric - tions on business operations, and exclusion from public benefits. Ministry of Finance circulars further detail bookkeeping and reporting obligations, clarify -
ing that even general suspicions, without proof, must be reported to the FIU. 4.12 Data Security and Privacy for Investors Refer to 3.10 AI and Use of Data . In Greece, managers of alternative investment funds (AIFs) and venture capital mutual funds (VCMFs) are subject to a comprehensive regulatory framework governing data security and privacy, particularly when dealing with investors. The HCMC exercises supervi - sory authority over managers’ administrative, account - ing, and IT systems, with a view to ensuring that their policies and practices meet regulatory standards and safeguard investor interests. Managers are required to maintain robust administrative and accounting procedures, internal control mechanisms, and secu - rity arrangements for electronic data processing. This encompasses network security, information system integrity, and the protection of all investor-related data. The obligations align with Regulation (EU) 2022/2554 on digital operational resilience, which establishes stand - ards for operational and cyber resilience in financial entities. Compliance requires that managers implement systems capable of preventing unauthorised access, detecting breaches promptly, and ensuring continuity in the face of operational disruptions. Additionally, managers must establish rules govern - ing personal transactions by employees and invest - ments on their own account, ensuring that any activity is transparent, traceable, and fully compliant with the fund’s rules and applicable law. All electronic records and transaction data must be accurately document - ed, and procedures must allow for clear audit trails, supporting accountability and compliance monitor - ing. These requirements also ensure that managers respect data privacy obligations under applicable law, including the General Data Protection Regula - tion (GDPR), when processing investor information. A holistic approach to data security is required, com - bining IT safeguards, operational procedures, and employee conduct rules to protect both the integrity of fund operations and the confidentiality of investor information. 4.13 Anticipated Changes for Investors Refer to 2.10 Anticipated Changes for Funds .
153 CHAMBERS.COM
Powered by FlippingBook