On 20 July 2021, the European Commission published a package of legislative proposals aimed at strengthening the EU's anti-money laundering and countering terrorism financing (AML/CFT) rules.

The AML package is available here.

Background

In order to protect EU citizens and the EU's financial system from money laundering and terrorist financing, and to improve the detection of suspicious transactions and activities, the European Commission presented on 20 July 2021 a legislative package consisting of four legislative proposals:

  1. proposal for a “regulation of the European Parliament and of the Council establishing the Authority for Anti-Money Laundering and Countering the Financing of Terrorism and amending Regulations (EU) No 1093/2010, (EU) 1094/2010, (EU) 1095/2010” (“AMLA Regulation”); [1]
  2. proposal for a “regulation of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing” (“New Regulation on AML/CFT”);[2]
  3. proposal for a “directive of the European Parliament and of the Council on the mechanisms to be put in place by the Member States for the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and repealing Directive (EU) 2015/849” (“AMLD 6”);[3]
  4. proposal for a “regulation of the European Parliament and of the Council on information accompanying transfers of funds and certain crypto-assets (recast)” (“Revised Regulation on Transfers of Funds”).[4]

The AML package will be discussed by the European Parliament and Council and the European Commission is hopeful for a speedy legislative process.

The main changes in the European Commission's proposals

AMLA Regulation

The main objective of the AMLA Regulation is to create a new “Anti-Money Laundering Authority” at EU-level (“AMLA”) which will (i) be the central authority coordinating national authorities to ensure the private sector correctly and consistently applies EU rules and (ii) support EU Financial Intelligence Units (“FIUs”) to improve their analytical capacity around illicit flows and make financial intelligence a key source for law enforcement agencies.

According to the draft of AMLA Regulation, AMLA will:

  • establish a single integrated system of AML/CFT supervision across the European Union, based on common supervisory methods and convergence of high supervisory standards;
  • directly supervise some of the riskiest financial institutions that operate in a large number of Member States or require immediate action to address imminent risks;
  • monitor and coordinate national supervisors responsible for other financial entities, as well as coordinate supervisors of non-financial entities;
  • support cooperation among national FIUs and help coordination and joint analyses between them, to better detect illicit cross-border financial flows.

The AMLA should be established in 2023 with the aim to start most of its activities in 2024, reach full staffing in 2026, and begin direct supervision of certain high-risk financial entities in 2026.

New Regulation on AML/CFT

The New Regulation on AML/CFT aims at harmonising AML/CFT rules across the European Union, including more detailed rules on the performance of customer due diligence obligations, the identification of beneficial owner(s) of corporate and other legal entities, and the powers and task of supervisors and FIUs. The provisions concerning the entities to be considered as “obliged entities” are particularly interesting.

The range of entities defined as “obliged entities” under current EU AML/CFT legislation – p subject to EU AML/CFT rules and obligations – should be amended as follows:

  • crowdfunding service providers which fall outside the scope of Regulation (EU) 2020/1503 should be added;
  • creditors for mortgage and consumer credits, as well as mortgage and consumer credit intermediaries that are not credit institutions or financial institutions, should also be added, to ensure a level playing field between operators providing the same kind of services;
  • operators involved on behalf of third country nationals in the context of investor residence schemes should be added;
  • traders in goods should be removed (previously, they had an obligation to report cash transactions of a value over €10,000), except for dealers in precious metals and stones who, given the exposure to money laundering and terrorist financing risks of the sector, should continue to apply AML/CFT requirements.

Referring to internal policy controls and procedures, the New Regulation on AML/CFT provides more clarity on the existing requirements. Obliged entities should have a policy in place to identify and assess the risks of money laundering and terrorist financing they are facing, with a risk-based approach, and to mitigate those risks.

Obliged entities must also take all measures at management level to implement internal policies, controls and procedures, including the appointment of a dedicated compliance manager, and ensure that responsible staff are appropriately trained. The requirement to allocate a member of the staff to the role of compliance officer and the tasks of such role are also defined more clearly.

Regarding reporting obligations, in order to facilitate obliged entities’ compliance with such obligations and allow for a more effective functioning of the FIUs’ analytical activities and cooperation, AMLA must develop draft implementing technical standards specifying a common template for the reporting of suspicious transactions to be used as a uniform basis throughout the EU.

AMLD 6

The AMLD 6 will (i) replace the existing Directive 2015/849/EU (the “fourth AML directive”, as amended by the “fifth AML directive”) (ii) contain provisions that will be moved into national law, such as rules on national supervisors and FIUs in Member States.

The draft of AMLD 6 sets out specific regulatory requirements that Member States are required to implement in national law for certain sectors. Specifically, currency exchange and cheque cashing offices, and trust or company service providers must be subject to either licensing or registration requirements; gambling service providers must be regulated.

The draft directive allows supervisors of the Member States where electronic money issuers, payment service providers and crypto-assets service providers are active via freedom to provide services to appoint contact points in those Member States. In this regard, AMLA shall propose regulatory technical standards to clarify when this should be the case.

The AMLD 6 also confirms the probity requirements for senior managers in certain obliged entities as in the current framework, complementing fit and proper requirements in other Union acts, and clarifies that certain requirements also apply to beneficial owners of those obliged entities.

With reference to other obliged entities, the draft directive confirms the prohibition for persons convicted of money laundering, its predicate offences, or terrorist financing, to operate.

The AMLD 6 also grants certain powers to national supervisors over the senior management of certain obliged entities, especially in the case of conviction for money laundering or terrorist financing.

Revised Regulation on Transfers of Funds

As stated by the European Commission “the revision of Regulation 2015/847/EU will make it possible to trace transfers of crypto-assets and limit large cash payments”.

The aim of the Revised Regulation on Transfers of Funds is to extend the scope of Regulation 2015/847 to include transfers of crypto-assets made by “Crypto-Asset Service Providers” (“CASPs”), in addition to the current provisions on transfer of funds.

In particular, the revised regulation intends to reflect, in EU law, the amendments made in June 2019 to FATF Recommendation 15 on new technologies to cover “virtual assets” and “virtual asset service providers” and, in particular, new information obligations for the originator and beneficiary CASPs at the two ends of a crypto-assets transfer (the so-called “travel rule”).

The requirements of the Revised Regulation on Transfers of Funds apply to CASPs whenever their transactions, whether in fiat currency or a crypto-asset, involve:

a) a traditional wire transfer, or

b) a crypto-asset transfer between a CASP and another obliged entity (e.g. between two CASPs or between a CASP and another obliged entity, such as a bank or other financial institution).

In the context of the Revised Regulation on Transfers of Funds, all crypto-asset transfers are treated with the same requirements as cross-border wire transfers, rather than domestic wire transfers, given the risks associated to crypto-assets activities and CASP operations.

Following the draft of such regulation, the CASP of the originator must ensure that transfers of crypto-assets are accompanied by:

  • the name of the originator;
  • the originator’s account number, where such an account exists and is used to process the transaction;
  • the originator’s address, official personal document number, customer identification number or date and place of birth.

The CASP of the originator must also ensure that transfers of crypto-assets are accompanied by the name of the beneficiary and the beneficiary’s account number, if such an account exists and is used to process the transaction.

The CASP of the beneficiary must implement effective procedures to detect whether the information on the originator is included in, or follows, the transfer of crypto-assets; the CASP of the beneficiary must also implement effective procedures, including, where appropriate, ex-post monitoring or real-time monitoring, in order to detect whether the required information on the originator or the beneficiary is missing.