1. Financial institutions and credit institutions (hereinafter 'institutions') have to put in place and maintain policies and procedures to comply with their legal obligations. These policies and procedures include policies and procedures to identify and manage the risks to which they are exposed, for example credit risk or the risk that they may be used for money laundering and terrorist financing (ML/TF) purposes. Where an institution takes a decision to refuse to enter into, or to terminate, business relationships with individual customers or categories of customers associated with higher ML/TF risk, or to refuse to carry out higher ML/TF risk transactions, this is referred to as 'de-risking'.

2. While decisions not to establish or to end a business relationship, or not to carry out a transaction, may be in line with the provisions of Directive (EU) 2015/849 (AMLD) [Article 14.4. specifies that 'Member States shall require that, where an obliged entity is unable to comply with the customer due diligence requirements laid down in point (a), (b) or (c) of the first subparagraph of Article 13(1), it shall not carry out a transaction through a bank account, establish a business relationship or carry out the transaction, and shall terminate the business relationship and consider making a Suspicious Transaction report to the FIU in relation to the customer in accordance with Article 33.'], de-risking of entire categories of customers, without due consideration of individual customers' risk profiles can be unwarranted and a sign of ineffective ML/TF risk management that ultimately can affect wholesale categories of customers.