.svg)
The Bank of Lithuania has continued its streak of actions against the payments industry, with two new fines being issued over non-compliance.
A key theme in 2023 was the never-ending fines and warnings for payments and e-money firms licensed by the Bank of Lithuania.
Once lauded as a post-Brexit fintech haven in the EU, the Baltic state has switched from leniency to increasingly tough measures for the industry, as it tries to shift it from a growth mindset to a focus on maturity.
Now, the central bank has fined Valyuz and NexPay, which are both Lithuanian firms.
After conducting an inspection, the Bank of Lithuania found that Valyuz, which was granted a licence by the regulator in March 2018, had failed to comply with money laundering requirements.
Resulting in a fine of €55,000, coupled with obligations and certain restrictions.
The central bank found that Valyuz’ internal control procedures relating to enhanced customer identification had weaknesses.
For example, there was no detailed and consistent description of staff actions in the application of enhanced customer identification measures. As a result, a number of cases were identified where the screening of higher-risk customers was no different from the normal monitoring of customer transactions applied to low or medium-risk customers.
The institution also failed to ensure that enhanced customer identification measures were in place when entering into a correspondent relationship with a third-country financial institution.
Client relationships were also not carefully monitored and due diligence was not carried out on the source of funds, and suspicious transactions were not properly reported to the authorities.
Internal control deficiencies were also identified. For example, the institution did not ensure that the implementation of the money laundering and terrorist financing prevention function was independent of business interests.
The Bank of Lithuania acknowledged that Valyuz has recognised all violations and taken measures to eliminate the identified violations, including drawing up an action plan to eliminate all non-compliance issues and starting to implement it.
As well as being fined, Valyuz has until March 31, 2024 to eliminate all legal violations and operational deficiencies, and to submit an audit company confirmation of its actions to the Bank of Lithuania by June 30.
Until Valyuz is compliant, the company cannot establish new business relations with legal entities with a higher risk of money laundering and terrorist financing, or with legal entities whose economic activities include gambling or crypto-assets.
This is not the first time that Valyuz has been fined. It was also fined by the regulator in 2021 after it submitted information to the regulator incorrectly.
Meanwhile, NexPay has been fined over operational resilience failures.
According to the Bank of Lithuania, the e-money institution faced a cyber-attack that prevented its customers from using payment services for a certain period of time.
The Bank of Lithuania found that the institution disclosed only part of the significant information about the incident.
For this, NexPay has been fined €50,000.
As with Valyuz, this is not the first time that NexPay has faced a monetary penalty from the regulator. In June last year, NexPay was fined €125,000 for non-compliance with money laundering rules.
NexPay and Valyuz had not responded to Vixio at the time of publication.
