1. Member States shall require that the institutions and persons covered by this Directive establish adequate and appropriate policies and procedures of customer due diligence, reporting, record keeping, internal control, risk assessment, risk management, compliance management and communication in order to forestall and prevent operations related to money laundering or terrorist financing.
2. Member States shall require that credit and financial institutions covered by this Directive communicate relevant policies and procedures where applicable to branches and majority-owned subsidiaries in third countries.
3. In order to ensure consistent harmonisation and to take account of technical developments in the fight against money laundering and terrorist financing, the ESA, taking into account the existing framework and cooperating, as appropriate, with other relevant Union bodies in that field, may develop draft regulatory technical standards in accordance with Article 56 of Regula