We realize that as an entity with an obligation to report you wish for a substantive response to your report. However, within the legal constraints of the Money Laundering and Terrorist Financing (Prevention) Act (Wwft), the possibilities for a response are limited. A large part of our work may not be shared. Nevertheless, we do make every effort to provide you with feedback: not only can this increase your motivation to report, but it also gives you the possibility to tighten up your internal processes and to revise the risk profiles of your customers or products, thus enabling you to fulfil your gatekeeper’s role more effectively. We provide feedback responses in the following ways:

• By (wherever possible) informing the reporting entity if a transaction they have reported is designated suspicious. However, we are not permitted to inform you about the reasons for this designation, or about what the investigative authorities do with this information.
• By including case histories on our website. We regularly share concrete case histories based on real-life examples, the aim being to give reporting entities as much information as possible about what money laundering and terrorist financing may look like in practice.
• By publishing an annual report in which, among other things, we comment on the numbers of unusual and suspicious transactions per calendar year. In each annual report, we also describe several noteworthy analyses we have carried out during the year.
• By sending out newsletters. Our newsletters are intended to keep entities with an obligation to report informed about trends, phenomena, and changes in the legislation. If possible, we also share any red flags we have been alerted to.
• By providing training for entities with an obligation to report in the form of presentations.

Although we do our best to make as much progress as possible in this area, there is doubtless room for improvement. Please contact us if you have any ideas about this.

Yes, you must report these unusual transactions to FIU-the Netherlands. This is required in line with one of the objective indicators set out in the Implementation Decree for the Money Laundering and Terrorist Financing (Prevention) Act (Wwft) (Uitvoeringsbesluit Wwft 2018): “It is logical that transactions reported to the police or the Public Prosecution Service in connection with money laundering or terrorist financing should also be reported to the Financial Intelligence Unit; after all, there is an assumption that these transactions may be related to money laundering or terrorist financing”.

If your organization is registered with FIU-the Netherlands, it has a unique identity number for submitting reports: the Reporting ID. You can find the Reporting ID in the reporting portal under ‘My Reporting Details’.

FIU-the Netherlands stores reports of unusual transactions in a highly secure and protected database, where they are classified as “State secret – secret”. This database can only be accessed by employees of FIU-the Netherlands whose position requires such access. Nobody else has access to the database.  If analysis of a given unusual transaction reveals sufficient grounds to designate it suspicious, the suspicious transaction becomes police data, which can be accessed by the investigative, intelligence, and security services. This suspicious transaction is no longer classified as “State secret – secret”, but now falls under the Police Data Act (Wet Politiegegevens).

The investigative services can use a suspicious transaction in various ways, and depending on these uses, it may end up in a prosecution file. If the suspicious transaction is included in a prosecution file, safeguards are in place to protect the safety of the reporting entity. These safeguards were further strengthened by a motion (NL) adopted by the Dutch House of Representatives in 2020.

On the basis of Articles 19 and 20 of the Money Laundering and Terrorist Financing (Prevention) Act (Wwft), if entities with an obligation to report do so in good faith, correctly, in full, and in a timely manner, they have criminal indemnity and are not liable under civil law. This means that as a reporting party you cannot be held liable for any damage your customer may incur as a result of your report, for instance. In addition, data that you report to us in accordance with the standards may not be used against you in a criminal investigation.

For security reasons, the content of your report is removed from the reporting portal after 24 hours. From then on, you will see a summary version of your report.

No, you must be registered as a separate reporting entity in each capacity.

If, for example, you are an estate agent and a valuer, then the capacity in which you make the report depends on the situation. In such cases, you need to have two registrations with FIU Netherlands: one as an estate agent and one as a valuer. If you come across an unusual transaction in your estate agency business, you report as an estate agent; if you encounter an unusual transaction when carrying out valuations, you report as a valuer.

The GDPR requires that any processing of personal data must occur on a valid basis, such as a legal basis. The Wwft is a valid legal basis of this kind. As an entity with an obligation to report, you process the personal data of customers, representatives, and ultimate beneficiaries, among others. This means that, within the framework of the Wwft, you are required to process personal data for the purpose of carrying out checks on your customers.

’Know Your Customer’ checks as required by the Wwft must be carried out in accordance with the provisions of Chapter 2 of the Wwft. Among other things, this means that the identity of the customer (e.g., a buyer) and, if applicable, of the ultimate beneficiary, must be established and recorded. On the basis of the Wwft, this data must be retained for five years after the transaction or the termination of the business relationship. The same holds for data relating to unusual transactions.

Indicators of unusual transactions are listed in the 2018 Implementation Decree for the Money Laundering and Terrorist Financing (Prevention) Act (Wwft) (Uitvoeringsbesluit Wwft 2018 [in Dutch]). These indicators differ per reporting entity. The page on reporting groups gives an overview of the various indicators per reporting group. If in your view a transaction meets one or more of the indicators that apply to your reporting group, you must report that transaction to FIU-the Netherlands.

If you have questions about how to interpret a given indicator, you can ask your Wwft supervisory authority. This page shows which supervisory authority is responsible for your reporting group. This division of roles is addressed in more detail in the FAQ “What is the role of the Wwft supervisory authorities in relation to FIU Netherlands?’’.

Do you want to know whether FIU-the Netherlands has personal data about you and whether you can access it?

The answers to these questions can be found in articles of the General Data Protection Regulation, in the associated directives, and in the Police Data Act (Dutch acronym: Wpg) and Decree. But the bottom line is that you are not allowed to access this data with us. How is that?

All unusual transactions reported to us remain in our database for five years, as required by the Money Laundering and Terrorist Financing (Prevention) Act (Dutch acronym: Wwft). To give an impression of the size of this database, in 2022 we received over 1.8 million unusual transactions (UTRs). It is determined by law that the UTR-information we have, i.e. the unusual transactions and the associated personal data, fall under the classification State Secret – Secret, see Article 5 of the Government Information Security Decree – Special Information. Only authorized FIU employees have access to this information. Therefore, if a person asks us for access to his or her personal data, we are not allowed to provide it. After all, the information is state secret.

Unusual transactions are analyzed by FIU-the Netherlands  to establish whether there are sufficient grounds to designate them suspicious. These transactions declared suspicious (STRs) may then be shared with the relevant intelligence, security and investigation services, such as the police and the fiscal intelligence and investigation service (Dutch acronym: FIOD). This is allowed since STRs are legally subject to the Wpg.