Making a notification about an incident or wrongdoing
Help us fight fraud, scams and other wrongdoing by financial companies. Your information can make a significant contribution to our supervision. In some situations, financial companies are required to make a notification. Additionally, anyone who works at or is involved with a financial company can make a notification about wrongdoing. For help with making a notification, consult the Guide to the Providers’ Obligation to Notify.
How to make a notification
Email your notification via Cryptshare to email@example.com. Cryptshare enables confidential information to be sent with encryption. Read the handbook to find simple instructions on sharing files via Cryptshare.
If you have any questions or if you want to talk about wrongdoing, you can email the Business Desk at firstname.lastname@example.org.
What supporting documents do you need?
To help us assess your notification, we need you to send as much information as you can to substantiate your notification.
• relevant correspondence between you and the company/person who is the subject of the notification;
• internal and external documents such as work instructions or working arrangements that provide evidence of unlawful or harmful behaviour;
• brochures and/or general terms and conditions for a product;
• screenshots of a website/advertisement;
• quotes, client profiles, bank statements, meeting minutes, work instructions.
Information about a specific company
• For a report about a specific company, we would like to receive the following information:
• Which company is the report about? Desired information: licence number (if applicable), name, address, town/city, website, type of company (e.g. bank, insurer, adviser, broker, investment firm, boiler room, etc.).
• Is the report about specific people in the organisation? Desired information: first name (or initials), surname, position, date of birth.
• Is the report about specific products or services? Desired information: type of product (e.g. a mortgage or investment-linked insurance), product name, type of service (e.g. acting as an intermediary or giving advice), the provider of the product.
• In what period did the issue or situation arise? Who was involved? What happened? What was the extent of the harm? What is the relationship between you and the perpetrator?
• Other information and data that provide a picture of the situation, the risk or the wrongdoing.
Making an anonymous notification
If necessary, you can make an anonymous notification. The disadvantage is that the AFM cannot contact you if you have left out any important information. That makes it more difficult to assess the severity of the situation. If relevant information is missing, the AFM may not give priority to your notification and may not perform an investigation.
However, in the event of serious wrongdoing, the AFM would rather receive an anonymous notification than no notification at all.
You can also indicate that you do not want the AFM to mention your name but still include your details, so we can contact you if relevant information is missing. If you state in your notification that you would like to remain anonymous, the AFM will delete from the report any information that could be traced back to you. However, in certain cases, the AFM may be required to disclose the identity of the maker of an anonymous notification outside the AFM, in compliance with a court order, for example.
Protection of whistleblowers
The protections for whistleblowers were improved on 17 December 2021. On the Protection of whistleblowers page, you can read how people are protected against disadvantage as a consequence of a work-related notification about a breach of EU law. You will also find instructions for making a notification here.