Wolfsberg Group Standards

The Wolfsberg Group is an association of 13 global banks developing industry standards and guidance for AML, KYC, and CTF to combat financial crime risks. The group has drawn up guidelines on combating financial crime, which have been adopted by SWIFT, among others.

„Wolfsberg“ Overview & Core Principles

• The 2023 Standards update the 2017 version to address evolving payment methods, open banking infrastructure, and the transition to ISO 20022 formatting.
• The term „Financial Institutions“ is replaced with „Payment Service Providers“ (PSPs), broadly covering both traditional banks and non-bank entities.
• Core Principle: The debtor agent PSP (ordering institution) holds the primary obligation to ensure payments are structured transparently, clearly identifying the debtor and creditor from the start. 

Roles and Responsibilities

• All PSPs: Must not omit, delete, or alter debtor or creditor information to avoid detection. PSPs are strongly encouraged to adopt detailed, structured payment formats (e.g., ISO 20022) and cooperate in sharing transaction information.
• Debtor Agent PSPs (Ordering Institutions):
  • Responsible for Customer Due Diligence (CDD) and verifying the debtor’s identity.
  • Must include the Name, Address, and Account Number (or Unique Transaction Reference) of the debtor.
  • Must include the creditor’s details as provided by the debtor, though these do not require verification by the debtor agent.
  • Must implement strict controls for „On Behalf Of“ (OBO) payments, ensuring ultimate debtor information is captured and consistent with the customer’s business profile.
• Intermediary Agent PSPs:
  • Must pass on all complete information received in payment messages to the next PSP.
  • Must conduct CDD on their direct PSP customers (correspondent relationships), but they are not responsible for performing CDD on the underlying debtors, creditors, or other indirect PSPs.
  • Expected to monitor for suspicious activity and enforce sanctions compliance based only on the information provided in the messag.
• Creditor Agent PSPs (Beneficiary Institutions):
  • Responsible for CDD on their customer (the creditor) and monitoring received payments for suspicious activity.
  • Are not responsible for CDD on the debtor or intermediary PSPs.
• Payment Market Infrastructures (PMIs) & Authorities:
  • Must provide clear rulebooks regarding permitted intermediation levels, acceptable payment bundling scenarios, and technological formatting requirements.

Key Challenges

• Highly intermediated payment chains and „bundled“ payments (e.g., remittances bundled into a single transfer) severely limit transparency.
• This lack of underlying data impacts the ability of intermediary and creditor PSPs to conduct effective transaction monitoring and sanctions screening.