The Belgian State Gazette published on Friday 6 October 2017 the law of 18 September 2017 preventing money laundering and financing of terrorism and limiting the use of cash (the"Law"). The Law replaces the law of 11 January 1993 and introduces several changes into the Belgian AML regime, mainly concerning the introduction of a register of beneficial owners, the risk-based approach, whistle-blowing and increased sanctions.
The Law aims at transposing Directive 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (the "Fourth Directive") and to implement the FATF recommendations.
To clarify the Belgian regime and make it more readable, the Parliament decided to repeal the law of 11 January 1993 (the "1993 Law"). However, the major principles underlying the Belgian anti-money laundering system have been maintained.
A new legal initiative may however quickly be required, as a fifth AML Directive is in preparation at EU level.
Further clarifications are expected from a Royal Decree and FSMA or NBB regulations, such as on the concrete working of the register of beneficial owner or the whistle-blowing regime.
Obligation for obliged entities to identify the beneficial owner
Article 23 of the Law requires obliged entities1 to take reasonable measures to identify the beneficial owners of their clients or the representatives of their clients. This obligation was previously stated in article 8 of the 1993 Law. The main difference is that article 23 of the Law now expressly extends such obligation to representatives of clients.
It is worth mentioning that this obligation does not only apply when legal persons are involved. The notion of ‘beneficial owner’ is also used when the client of an obliged entity is a natural person. In such case, the obliged entity shall determine who the beneficial owner of the operation is. This occurs, for example, when a natural person acts via a representative.
The sole exception to this obligation concerns listed companies (either on a European market or on a market presenting the equivalent disclosure of shareholdings of listed companies), as listed companies are already required to make their ownership structure public.2
Definition of beneficial owner
The Law provides a definition of beneficial owner which is mainly the same as the one provided in article 8(1)(2) of the 1993 Law.
As a reminder, beneficial owners are the natural person(s) either (i) who ultimately own(s) or control(s) the customer, the customer’s representative or the beneficiary of a life insurance policy; or (ii) on whose behalf a transaction or activity is being conducted.
The main changes introduced into the definition by the Law are that:
- the definition now expressly indicates the beneficial owner of (i) representatives and (ii) the beneficiaries of life insurance policies;
- the French text is clarified to ensure that all ‘operations’ are concerned, thus clarifying that unilateral operations are in the scope;
- further details are added following the 2012 FATF Recommendations when the client is a legal entity. The most important one concerns companies, where there is now a two-step approach. First, the obliged entity shall identify beneficial owners as (i) natural persons owning, directly or indirectly, enough voting rights (the Law maintains the 25% threshold); or (ii) natural person(s) controlling the entity by other means.3 Secondly, if the first two checks have not enabled the obliged entity to identify the beneficial owners, then the main directors are the beneficial owners. This is different from the regime under the 1993 Law, under which this last step was mandatory. Another difference is that not all directors have to be identified, only the main directors (usually the CEO), being the ones with the most influence on the management of the company.
- there are also detailed definitions of beneficial owners of (international) NGOs, foundations or trusts.
Please note that, even if it is not within the scope of the Fourth AML Directive, the Belgian legislator has decided to keep not-for-profit organizations as an entity for which the beneficial owner(s) should be identified.
The Law transposes one of the major changes introduced by the Fourth Directive: the implementation of a central register of beneficial owners of corporate and other legal entities incorporated in Belgium. This register is important as it will help obliged entities to identify the beneficial owner of the legal persons they are dealing with; however, an obliged entity cannot rely solely on information found in the register.4 The Law leaves to a royal decree to be adopted the effective implementation of such register, so that all the practical modalities are not yet known. This royal decree will for example determine how the information is collected, the management of the database or the use of and access to the data.
France has recently set up a register of beneficial owners of corporate and other legal entities incorporated within the French territory. This register is a component of the Trade and Companies Register5. A decree of 12 June 20176 specifies the information to be provided and the persons that can access the register. Obliged entities willing to access the register after (i) having filed a declaration stating it is obliged entity acting for the prevention of money laundering and (ii) filing a request stating the name of the legal persons they are investigating about and the preventive measures taken concerning these legal entities. The French register entered into force on 1st August 2017, with a deadline until 1st April 2018 for existing legal persons to provide this information.
Obligation to legal persons to provide information to the register
As a consequence of the register’s creation, a new obligation is imposed upon legal entities incorporated in Belgium, i.e., the identification and communication of their beneficial owners. These obligations were introduced into the Company Code and the Law of 27 June 1921 on not-for-profit organizations (the "Law on NGOs").
Access to the register
Access to the register must still be determined by an upcoming royal decree, based upon an opinion of the Commission for Private Life.
Even if the register is created within the Ministry of Finance, the tax administration will not have a direct access to it, but will have to comply with the legal conditions to access it.
The Law introduces administrative sanctions for non-compliance with the rules concerning the register.
First, the Company Code7 and the Law on NGOs8 provide for a criminal fine between EUR 50 and EUR 5,000 for non-communication of the beneficial owners. These sanctions apply to directors.
Secondly, the Law9 provides for an administrative fine, issued by the Minister of Finance, between EUR 250 and EUR 50,000 for (i) failure to identify the beneficial owner, or (ii) insufficient quality of the data transmitted.
The Law is not clear on the link between the abovementioned criminal fines and the administrative ones, and why the maximum and minimum fines are so drastically different. This raises constitutional questions on the validity of the regime.
The Fourth Directive put in place a new philosophy for the evaluation of the anti-money laundering/financing of terrorism ("AML/FT") risk. For the obliged entities, this means that they will move from a rule-based approach to a risk-based approach. In practice, the Law requires the obliged entities to apply the AML/FT provisions depending upon their own AML/FT risk assessment.
As a consequence, customer due diligence will be based upon individual general assessments of their global AML/FT risk based on (i) the purpose of an account or relationship; (ii) the level of assets to be deposited by a customer or the size of transactions undertaken; and (iii) the regularity or duration of the business relationship and on the reports on AML/FT risks prepared by the EU Commission and Belgian coordinating entities.10
The risk-based approach implies that, when identifying clients, representatives or beneficial owners, obliged entities can collect less information when the AML/FT risk is standard. On the contrary, when the risk is high, obliged entities shall take special care and, if needed, require additional information. The same principle applies for the verification of identity.
In order to make such assessment, a cascade process has been put in place. The EU Commission will establish a report, updated every two years, on the AML/FT risks in the internal market or for cross-border transactions (the first version was published in June 2017). Every EU Member State has similar obligations to facilitate assessment.
To transpose the Fourth Directive, the Law requires controlling authorities11 to put in place efficient and reliable whistle-blowing systems, ensuring for example that the whistle-blower remains anonymous.
If employees or representatives of an obliged entity make a declaration in good faith to a controlling authority, they cannot be held civilly, criminally or disciplinarily responsible. In addition, they cannot receive any professional sanction because of the denunciation. This protection also applies if the statement contains information that is or should have been included in a statement to the CTIF/CIF.
Any unfavourable or discriminatory treatment, as well as termination of the work relationship or of the representation, is prohibited.
As under the previous regime, administrative sanctions are applicable for violation of the AML/FT regime. These sanctions are however increased, and their scope of application is broadened. The Law also introduces new criminal sanctions.
As under the 1993 Law, obliged entities can face administrative sanctions for violation of
- title II of the Law, containing the preventive measures, including the identification and verification of clients;
- the prohibition to acquire real estate in cash.
The Law adds administrative sanctions in case of violation of
- the protection granted to whistle-blowers;
- EU Regulation 2015/847 on information accompanying transfers of funds and repealing Regulation (EC) No 1781/2006;
- duty of vigilance for financial embargoes.
It is worth noting that such sanction can be imposed both on the obliged entity and the members of the board of directors or the board of managers or, in case there are no boards, on the persons performing the effective management.
The level of the sanction depends upon the obliged entity:
- financial institutions,12 having a key role in tackling money laundering and the professional resources to do so, can be fined between EUR 10,000 EUR and 10% of the net turnover (for legal persons) and between EUR 5,000 and EUR 5,000,000 (for natural persons);
- other obliged entities13 can be fined an amount between EUR 250 and EUR 1,250,000.
This new regime is an important change and a major increase compared to the 1993 Law for financial institutions, as, under the 1993 Law, fines amounted to between EUR 250 and EUR 1,250,000.
Unlike the 1993 Law, the legislator enumerates some of the circumstances to be taken into account when fixing the amount of the administrative fine. In fact, the amount of the fine depends upon (i) the gravity and duration of the breach; (ii) the degree of responsibility of the person held liable; (iii) the financial strength of the person held liable; (iv) the benefit derived from the breach by the person held liable, insofar as it can be determined; (v) the losses to third parties caused by the breach, insofar as they can be determined; (vi) the level of cooperation with the competent authority; and (vii) any previous breaches.
Unlike the Fourth Directive, which only requires sanctions for serious, repeated and/or systematic breaches, the Belgian regime provides sanctions for every breach.
Finally, the system of naming and shaming is further developed. Sanction decisions shall be published on the website of the controlling entity taking the decision. The publication shall contain (i) the type and nature of the violation, and (ii) the identity of the legal or natural persons involved. Publication can be postponed, made anonymously or cancelled if (i) publication is disproportionate, or (ii) such publication would endanger the stability of financial markets or an ongoing investigation. If the decision is challenged, this should also be made public, as well as all further developments. This sanction is already present in the controlling laws of the NBB14 and the FSMA,15 but the Law extends the regime to other controlling entities.
The Law includes a criminal fine for obliged entities that impede investigations and audits by public authorities, or refuse to provide documents they are required to provide. The main difference from the 1993 Law16 is that the amount of the fine now depends on the type of obliged entity: (i) for entities under the control of the BNB17 or the FSMA,18 a fine between EUR 250 and EUR 2,500,000, and (ii) for the other obliged entities,19 a fine between EUR 150 and EUR 5,000.
As under the 1993 Law, the Law provides a fine of between EUR 250 and EUR 225,000 for persons that do not comply with the rules limiting the use of cash (the fine may however not exceed 10% of the payment or donation). Solidarity for the payment of the fine between the creditor and the debtor disappears, as both can now be fined.
The Law adds that legal persons are civilly liable for the criminal fines levied on directors, managers or representatives.20