A new anti-money laundering regime applies from 26 June 2017 under the European Union’s Fourth Anti-Money Laundering Directive (“4 MLD”). The 4MLD, as its name would suggest, is one in a series of instruments seeking to tackle money laundering and the financing of counter terrorism and is the European Union’s way of giving effect to updated international standards in this area as set out by the Financial Action Task Force (FATF) recommendations from 2012. The UK will give effect to these provisions under new Money Laundering Regulations 2017 (“MLR 2017”).
What are the MLR 2017?
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLR 2017”) introduce the provisions of the 4 MLD into national law. These will revoke the Money Laundering Regulations 2007 and the Transfer of Funds (Information on the Payer) Regulations 2007.
Whilst not regarded as a major overhaul of the current regime, there are some significant developments introduced.
There is an increased emphasis on a risk-based approach. The 4MLD reduced the “checklist” mentality inherent in a “rules-based” approach that requires compliance with rules irrespective of the underlying risk. Whilst this may sound as if the compliance burden is reduced, the MLR 2017 introduce a whole series of internal controls and procedures, including relating to customer due diligence, record keeping and imposes a number of obligations on senior management and employers.
Risk assessments need to be undertaken at government level, by supervisory authorities (e.g. Financial Conduct Authority), and by relevant persons covered by the regime.
Business, professionals, individuals, charities and organisations should be prepared and alive to the changes. They must ensure that the policies and procedures they set in place are commensurate to the risks they face.
Long arm of the law…global reach
The MLR 2017 apply to a “relevant person” and its subsidiaries – including those located outside the UK and any branches carrying out any activity which falls under the new regime. Different rules apply as to whether this overseas office is within Europe or in a third country.
Under control – managing the risks
A relevant person must establish and maintain policies, controls and procedures to mitigate and manage effectively the risks identified in the risk assessment. These need to be proportionate with regard to the size and nature of the relevant person’s business, and approved by its senior management.
A senior individual (board level or equivalent management body) must be responsible for the relevant person’s compliance with the Regulations. This individual must be a member of the board of directors or, if there is no such board, the equivalent management body. A nominated officer must also be appointed and an independent audit function must be established.
Customer due diligence
Customer due diligence is at the heart of a risk-based approach to tackling money laundering and terrorist financing. Different due diligence measures will be applied to different types of customers. A series of changes are made in relation to customer due diligence (CDD) to ensure that the highest risk scenarios receive enhanced customer due diligence (EDD) – including Politically Exposed Persons - and transaction monitoring. On the other hand, having regard to proportionality, simplified customer due diligence (SDD) is applied in lower risk cases.
As under the previous MLR 2007, specific powers are set out in the MLR 2017 in relation to information and investigation. Such as: power to require information but with safeguards as to admissibility of that information; entry and inspection without a warrant; and, entry and inspection under a warrant.
Facing the consequences
Civil and regulatory breach
A delegated supervisory authority will have the power to impose a financial penalty on, or to publicly censure, a person, for a contravention of a relevant requirement applicable to them.
An officer of the relevant person can also have a financial penalty imposed on them or be publicly censured. A supervisory authority can temporarily or permanently prohibit an officer responsible for a contravention from holding a management role at a relevant person or a payment service provider.
Specific measures are laid out in relation to the Financial Conduct Authority where the FCA will have new powers to cancel, suspend or restrict an authorisation or registration of an authorised person or a payment service provider.
The section on Criminal Offences includes offences of prejudicing an investigation and disclosure offences. A new criminal offence is created under the MLR 2017.
Any individual who recklessly makes a statement which is false or misleading, in the context of a money laundering investigation commits an offence. This is punishable by a fine/up to 2 years' imprisonment. This is an addition to the regime under MRL 2007 (and maintained under the MLR 2017) where a person who contravenes a relevant requirement is guilty of an offence and liable to a fine/up to 2 years’ imprisonment.