Information on Procedures for updating identification information under Law 83/2017 - Legal entities and similar organizations

Under the duty of identification and due diligence, banking entities must, whenever they establish a business relationship (for example, opening an account), carry out a complete and proven identification of their customers, their representatives and beneficial owners, taking into account the specific risks involved.

Compliance with this obligation does not end when the business relationship starts, as regards elements of identification and other information belonging to customers, their representatives and beneficial owners. Banks must perform update procedures to ensure that the information they have, or should have, is up to date, accurate and complete. 

Who is required to update their data?

Updates of identification data and other information relating to Accounts held by Legal Entities and Similar Organizations are intended for the customer (or account holder) and, if applicable, for parties that hold capital or voting rights worth 5% or more, members of the management body or equivalent authority and beneficial owners.

When do you have to update your data?

  • Whenever there are changes to the data of the indivdiduals and/or organizations stipulated in “Who is required to update their data?” in relation to the information provided at the beginning or during the course of the business relationship, within a maximum period of 60 days from the relevant change.
  • Periodically, when you receive communication from the Bank to this effect, based on the frequency defined in relation to the customer's profile, with the update period not being longer than 5 years. The bank will send a digital or postal periodic data update request to customers who are Legal Entities or Similar Organizations, parties that hold capital or voting rights worth 5% or more, members of the management body or equivalent authority and beneficial owners (if applicable), 90 and 45 days before the information validity end date, and also on the expiry date. This last communication will reiterate the consequences of not updating information and expressly indicate the data/documents that need to be updated. If the data update process is not completed, the bank will send a new communication every year asking for it to be updated.

How can I update the data?

In order to submit the information and/or documents asked for in the above communications (periodic updates), or at the customer's initiative (whenever the identification information changes), the customer only needs to send an email or letter to the BBVA Customer Manager to submit and/or confirm their data.

What are the consequences for the client of not complying with the obligation to periodically update data?

If the periodic procedure for updating customers and their associated parties is not successfully completed in accordance with the legislation and regulations in force, the bank will prevent customers from engaging new products or services, starting from the date the identification information is out of date.

After 60 days of being out of date, Company account debit transactions will also be blocked, with the exception of payments to the State or Bank.  

Without prejudice to the above, failure to comply with the obligation to update identification data may be grounds to terminate the business relationship.

If any of these measures are applied to you, how can you reverse the situation?

To reverse these measures, the customer simply needs to provide and/or confirm their data, through the means mentioned above.