Ruling [DEU] ¦ Bank’s Address Requirement for Guardians Upheld

26 May 2025

Ruling [DEU] ¦ Bank’s Address Requirement for Guardians Upheld

Why the GwG (Anti‑Money‑Laundering Act) Matters

The court’s decision turned chiefly on obligations under the German Anti‑Money‑Laundering Act (Geldwäschegesetz, GwG). The bank required legal guardians (Betreuer) who manage clients’ payment accounts to present an official identity document showing their residential address. The court held that this practice is consistent with the GwG because the statute and BaFin’s interpretation require customer identification that includes residential address data. The plaintiff’s argument – that address collection is unnecessary in some cases and that guardians may have legitimate reasons to keep their home address confidential – did not outweigh the bank’s statutory duties.

What the GwG requires in identification

Section 11 of the GwG requires obliged entities, including credit institutions, to identify their contractual partners and verify and record certain identifying data. Identification normally requires reliable documentary evidence. Regulatory guidance and BaFin’s application notes clarify that the data to be recorded include the residential address and that identification duties extend to persons acting on behalf of the contractual partner, for example guardians with powers of asset management. In practice this means banks must obtain and retain supporting documents that demonstrate identity and living address for guardians who operate a customer’s account.

Form versus substance: documents do not replace data

The decision distinguished between rules that relax which documents are acceptable and the underlying duty to collect and retain core data. The GwG and associated BaFin guidance permit alternative documents in particular circumstances (for example where the standard documents are unavailable), but those provisions change only acceptable proof, not the requirement to capture the address itself. Thus, citing provisions that allow alternative documentary proof does not eliminate the need to record the guardian’s residential address.

Bastian Schwind-Wagner
Bastian Schwind-Wagner

"The court confirmed that obligations under the GwG require banks to collect and record the residential address of legal guardians who act with asset‑management powers for customers, even when guardians assert confidentiality needs. This duty reflects statutory customer‑due‑diligence requirements and BaFin guidance extending identification duties to persons acting on behalf of contract partners.

Banks should therefore document their legal basis for address collection and implement strong internal safeguards to limit access and reduce leakage risk. Guardians seeking anonymity must rely on legal mechanisms (protected‑address provisions or court directions) and cooperate with banks to find compliant solutions rather than expecting wholesale omission of address data collection."

Why privacy or safety concerns of guardians did not defeat GwG duties

The plaintiff stressed that some guardians legitimately need to keep their residential address confidential to protect their safety or privacy. The court acknowledged these legitimate concerns and noted that the law already provides some protective mechanisms (for example, address protection under the Federal Registration Act). However, those concerns do not negate the bank’s GwG duties. Where financial institutions must satisfy AML rules, the obligation to identify and log relevant personal data persists unless a statutory exception applies – a narrow category not shown in this case.

Practical consequences for banks

Financial institutions should treat this ruling as confirmation that GwG obligations have priority when identification duties are at stake.

Practical steps banks should follow include:

  • Ensuring internal customer‑due‑diligence procedures explicitly record residential addresses for guardians acting with asset management powers, and documenting the legal basis for doing so.
  • Applying BaFin guidance consistently: when a person acts for the customer, identification must capture the data required by the GwG even if the person is not the account holder.
  • Using the flexibility allowed by the GwG about acceptable documents where appropriate, while still collecting the required data elements.
  • Developing processing and storage safeguards to minimize leakage risks and to address legitimate confidentiality needs (for example restricted staff access, pseudonymization in nonoperational systems, or legal means such as protected addresses where available).

Implications for guardians and customers

Guardians who need address confidentiality should not assume that banks can simply omit address recording.

Instead, guardians should:

  • Discuss protected‑address options under public‑law mechanisms (e.g., Federal Registration Act protections) and, if necessary, obtain court directions that balance confidentiality with AML duties.
  • Work with banks to identify demonstrably equivalent documentary proof acceptable under GwG flexibility provisions, while accepting that the bank will still record the residential address as a data element.
  • Seek tailored data‑protection and access‑control measures from the bank to reduce the risk that the address becomes widely accessible within the institution.

Limits and remaining tensions

The ruling confirms that GwG duties are a strong legal basis for uniform identity requirements. That said, tensions remain between AML compliance and privacy/safety interests in individual cases. The GwG does allow some procedural flexibility (alternative documentation, simplified due diligence in low‑risk scenarios), and institutions should apply these tools case‑by‑case where appropriate. When statutory exceptions or narrowly tailored protective measures exist, institutions and guardians should pursue them through established legal channels rather than expecting wholesale omission of address collection.

Bottom line

The court made clear that the GwG’s identification and record‑keeping duties justify a bank’s requirement to obtain a guardian’s residential address. Privacy or safety concerns of guardians are relevant but do not, by themselves, negate the data collection obligations imposed by anti‑money‑laundering law. Banks must comply with the GwG while also implementing internal safeguards; guardians seeking confidentiality should pursue legal protections and work with banks to find compliant practical solutions.

The information in this article is of a general nature and is provided for informational purposes only. If you need legal advice for your individual situation, you should seek the advice of a qualified lawyer.
Did you find any mistakes? Would you like to provide feedback? If so, please contact us!
Dive deeper
  • openJur ¦ Higher Regional Court of Dusseldorf, judgment of 26 May 2025 – 20 UKl 8/24 ¦ Link
« Ruling [LUX] ¦ Luxembourg Court Imposes Fine for Failure to Register Beneficial Owners
Ruling [LUX] ¦ Luxembourg Court Acquits Company in Beneficial Ownership Registry Case Due to Lack of Intent »
Bastian Schwind-Wagner
Bastian Schwind-Wagner Bastian is a recognized expert in anti-money laundering (AML), countering the financing of terrorism (CFT), compliance, data protection, risk management, and whistleblowing. He has worked for fund management companies for more than 24 years, where he has held senior positions in these areas.

EU Sanctions Helpdesk

EU Sanctions Helpdesk The EU Sanctions Helpdesk platform supports European operators in complying with European Union restrictive measures (also known as sanctions) imposed worldwide. Aimed primarily at Small and Medium-sized Enterprises (SMEs), the Helpdesk offers resources and personalised help to companies performing sanctions due diligence checks.
get free support

What else?

What else?