- they must have established and verified the identity of all customers to which they are providing services;
- in the event of a business relationship or other circumstances requiring customer due diligence, they must have analysed and assessed the risks related to the customer, products and services, distribution channels and transactions and have linked these to an appropriate customer risk and transaction profile;
- they must monitor the transactions of their customers;
- they must report all unusual transactions to FIU-NL.
In the event that unacceptable risks are identified with respect to a customer, they must terminate the business relationship with this customer. DNB will monitor crypto service providers’ compliance with these requirements as part of its regular supervision.
In addition to the above, requirements in terms of crypto service providers’ operational management also apply.Pursuant to the Act, crypto service providers must have appropriate processes in place to ensure adequate implementation of these CDD-related requirements with respect to existing and new customers. DNB will devote attention to this in its supervision.