JFSC Guidance on proving legitimate searches of the Obliged Entity Beneficial Owner Register (OEBO)

The JFSC Registry Supervision team will require those who access the Obliged Entity Beneficial Owner Register (OEBO) to demonstrate that their searches of the register were conducted for a legitimate purpose.

INTRODUCTION

1. On 11 September 2024, the States Assembly approved an amendment to the DPI Law to reflect the FATF recommendation that Obliged entities, referred to in the DPI Law as a "relevant person", or their representatives will be able to access certain personal information held by the JFSC Registry (central register) relating to the individual beneficial owners and controllers of a Jersey entity, strictly to assist with their CDD obligations under the MLO.
2. This information must not be used for any other purpose and can only be shared in the circumstances detailed in Article 8B (2) of the DPI Law.
3. From 24 February 2025, the lead administrator for the Accessing parties of Jersey Obliged entities and their representatives have been permitted to access the OEBO register through myJFSC and are subject to the requirements of the DPI Law.

CRIMINAL RISK

1. Access to the register is strictly controlled to prevent misuse.
2. If searches are deemed to have been undertaken for any purpose other than completing the Obliged entity's CDD by the MLO, this constitutes a breach of the DPI Law and will be referred to the attorney general for possible prosecution.

GUIDANCE TO HELP

1. To help avoid criminal and regulatory risk, the JFSC has published new guidance to help obliged entities understand what is needed to be done and by whom
1. https://www.jerseyfsc.org/registry/beneficial-ownership-information/guidance-on-evidence-required-to-prove-legitimate-search-of-the-obliged-entity-beneficial-owner-register/

JFSC TESTING AND VISITS START

1. From January 2026, The JFSC Registry Supervision team will inspect a sample of obliged entities’ OEBO registry searches to verify that they have been undertaken for a legitimate purpose as part of the Registry Supervision Inspection programme.

GUIDANCE ON EVIDENCE REQUIRED TO PROVE LEGITIMATE SEARCH OF THE OBLIGED ENTITY BENEFICIAL OWNER REGISTER

SEARCHING CAPABILITIES OF THE OEBO REGISTER

1. The exact entity name or registered number must be entered to complete searches. This information can be found using the Registry entities search on The JFSC website.
2. An Obliged entity will be able to see the following details of a beneficial owner or controller of an entity (but not the details of any minors):
1. Name and any former name or other names by which the individual is or was known
2. Address for correspondence
3. Residential address
4. Nationality
5. Occupation
6. Gender
7. Date of birth
8. Place and country of birth

REGISTRY SUPERVISION INSPECTION TEAM

1. With effect from January 2026, when the Registry Supervision Inspection team undertakes an inspection, they will access the audit log held by the Accessing party and the central registry and select a sample of the Obliged entity’s OEBO registry searches to verify that the searches have been undertaken for a legitimate purpose.
2. The DPI Law creates offences if searches were not undertaken for a legitimate purpose or if supporting evidence of the search is not provided, which includes fines and imprisonment of up to 5 years.
3. Following Article 8C (1) of the DPI Law, The JFSC would like to ask that you provide evidence to support the legitimacy of a search.
4. This could include:
1. A prospective and/or successful client or customer onboarding documentation
2. A declined business register
5. In addition to the above, the Registry Supervision Inspection team will request confirmation that the information has not been used for any other purpose.
6. The JFSC anticipate several ways to demonstrate this, including:
1. Explanation of use
2. Maintaining a record of correspondence in which the information is shared
3. Maintaining internal policies on CDD which limit its use

RESPONSIBILITIES OF THE JERSEY ENTITY

1. The Obliged entity is responsible for ensuring its employees, including contractors, only access the register for legitimate reasons.
2. Therefore, the board of an Obliged entity must ensure that:
1. Employees understand the DPI Law and potential penalties for misuse
2. Users of the OEBO register are removed upon cessation of the employment relationship
3. Policies and Procedures are in place for usage
4. A periodic role-based access control review by the lead administrator for the Accessing party takes place to ensure responsibilities are adhered to

DISCREPANCY REPORTING

1. The OEBO register does not verify or validate the particulars of Beneficial owners and controllers entered in the central registry by Obliged entities (or their nominated persons). Limited partnerships (excluding separate and incorporated limited partnerships) are not considered legal entities and are, therefore, not included in the OEBO register.
2. A discrepancy report will enable users of the OEBO register to report any discrepancies identified between the information held on the central register and other information available to the Accessing party.
3. Before reporting a discrepancy,
1. Please verify that the information obtained from sources other than the OEBO register is current (within the last 3 months).
2. If not, please contact the entity directly for updated information before reporting the discrepancy.
4. When the JFSC receives a discrepancy report,
1. It will notify the nominated person of the entity that a discrepancy has been identified by issuing a letter via email, which includes details of the type of discrepancy.
5. If you receive a discrepancy notification as a nominated person, The JFSC expect you to:
1. Take action by assessing the discrepancy noted in the letter
2. Verify the details on the central registry match the entity’s records
3. Either confirm no discrepancies exist or file an updated associated party (UAP) submission

TAKE NOTE:-

1. Timely assessment of discrepancy notifications is expected, and an entity is required to notify us within 21 days of becoming aware of any error or inaccuracy in the details on the central registry.
2. If you fail to act on a discrepancy notification, it may result in the entity’s risk rating being increased and it may potentially be subject to an ad hoc inspection by the Registry Supervision Inspection team.
3. Receipt of a discrepancy notification does not necessarily trigger a requirement for a nominated person to refresh their own CDD about the entity. Assessment of current records held by an entity may be sufficient.

SOURCE

• https://www.jerseyfsc.org/news-and-events/guidance-on-requirements-to-prove-legitimate-search-of-the-obliged-entity-beneficial-owner-register/
• https://www.jerseyfsc.org/registry/beneficial-ownership-information/guidance-on-evidence-required-to-prove-legitimate-search-of-the-obliged-entity-beneficial-owner-register/