On 20 July 2021, the European Commission published a legislative package aimed at modernising and strengthening the EU’s anti-money laundering (“AML”) and countering financing of terrorism (“CFT”) regimes. The legislative package follows the Commission’s 2020 Action Plan for a comprehensive Union policy on preventing money laundering and terrorism financing (see our briefing here).
The legislative package includes the following four legislative proposals:
- proposal for a Regulation on the prevention of the use of the financial system for the purposes of money laundering and terrorist financing (“New AML/CFT Regulation”);
- proposal for a Directive establishing the mechanisms that Member States should put in place to prevent the use of the financial system for money laundering and terrorist financing purposes (“AMLD 6 Proposal”);
- proposal for a Regulation creating an EU AML Authority (“AMLA Proposal”); and
- proposal for the recasting of Regulation (EU) No 2015/847 expanding traceability requirements to crypto-assets (“Transfers of Funds Recast Regulation”).
The four proposals strive to implement four of the six pillars identified by the Commission in its Action Plan (mentioned above), namely (i) establishing an EU single rulebook on AML/CFT; (ii) bringing about EU-level AML/CFT supervision; (iii) establishing a support and cooperation mechanism for Financial Intelligence Units; and (iv) strengthening the international dimension of the EU AML/CFT framework. This briefing will focus on the New AML/CFT Regulation, the AMLA Proposal and the Transfers of Funds Recast Regulation.
The New AML/CFT Regulation
In respect of private sector actors that are “obliged entities” (or “designated persons” to use the Irish legislative term)1, the Commission proposes to transfer the existing system from Directive (EU) No 2015/849 (as amended by Directive (EU) No 2018/843) to a new directly applicable Regulation. The Commission’s proposal notes that a requirement for harmonised rules across the EU is evidenced by preparatory reports in 2019, which the Commission regards as indicating that, while the requirements under the current Directives are “far-reaching”, their “lack of direct applicability and granularity” has resulted in a fragmented approach and divergent interpretations across Member States.
Along with transferring the requirements to a Regulation, the approach taken by the proposal is to harmonise certain areas, including customer due diligence and the reporting of suspicious activity/transactions and also to enlarge the scope of the current regime with certain substantive changes, including the following.
The list of obliged entities will be expanded to include: (i) all types of crypto-asset service providers in order to align EU legislation with the relevant Financial Action Task Force (“FATF”) standards; (ii) crowdfunding service providers falling outside the scope of Regulation (EU) No 2020/1503;2 (iii) mortgage credit intermediaries and consumer credit providers that are not financial institutions; and (iv) operators involved on behalf of third country nationals in the context of investor residence schemes (ie investment migration operators).
In respect of crypto-asset service providers (“CASPs”), the current proposal ties in with the Commission’s proposal for a Regulation on Markets in Crypto-Assets (the “MICA Proposal”), which was announced last year as part of the Digital Finance Package (see our briefing here). Under the current proposal, all CASPs that are within the scope of the MICA Proposal will also be subject to AML requirements. However, it is likely that the vast majority of such entities operating in Ireland already fall within the recently-adopted virtual asset service providers (“VASP”) regime under which VASPs are required to register with the Central Bank for AML purposes and comply with the on-going obligations under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010.
Directive (EU) 2015/849 developed the concept of beneficial ownership to increase the transparency of complex corporate structure. The current proposal builds on the provisions in the current legislation by introducing changes, including:
- more detailed and harmonised rules to clarify the type of information needed to identify the beneficial owners of corporate and other legal entities;
- a new registration obligation for non-EU legal entities that have a link with the EU. Such entities will have to register their beneficial ownership in the EU’s beneficial ownership registers;
- new powers for beneficial ownership registers to verify that information submitted is accurate, adequate and up-to-date, including on-site checks; and
- new disclosure requirements in relation to nominee shareholders and nominee directors.
Third country policy
The current proposal adapts the Commission’s policy in respect of the identification of third countries that pose significant threats to the financial system of the Union. Under the proposal, a country that is listed by the FATF will also be listed by the EU. The Commission may also identify third countries which are not listed by the FATF but which pose a specific threat to the Union’s financial system. There will be two EU lists, a “black-list” whereby customers in such third countries will be subject to all enhanced due diligence measures and to additional country-specific countermeasures and a “grey-list” whereby customers in such third countries will be subject to country-specific enhanced due diligence measures.
Limit on large cash payments
The proposal introduces an EU-wide limit of €10,000 on large cash payments for a single purchase. While limits exist in about two-thirds of Member States, there is currently no limit in Ireland. Under the existing AML regime, persons trading in goods in respect of transactions involving the receipt of cash of at least €10,000 are already considered obliged entities and subject to AML requirements. However, the Commission has found such an approach to be ineffective and deems that a Union-wide limit is necessary to mitigate the risks deriving from the misuse of large cash sums. As a consequence, persons trading in goods should no longer be subject to AML/CFT obligations.
A new EU AML Authority
The Commission has proposed a Regulation establishing a new EU AML Authority (“AMLA”). The AMLA is to become a “centrepiece of an integrated AML/CFT supervisory system”, encompassing the AMLA itself and national supervisors. The new Authority’s main activities will be directly supervising some of the riskiest financial institutions; monitoring and coordinating national supervisors; and facilitating and supporting cooperation among national Financial Intelligence Units.
Selection of entities for direct supervision will take place every three years, on the basis of objective criteria centred on risk categorisation and cross-border activity. In addition, the AMLA will be able to request a Commission decision placing a financial sector obliged entity under its direct supervision if there are indications of breaches of AML/CFT legislation which are not being efficiently and adequately dealt with by a national supervisory authority.
The AMLA will also play an indirect supervisory role of both financial sector and non-financial sector obliged entities through oversight of supervisors or self-regulated bodies.
Transfers of Funds Recast Regulation
Regulation (EU) No 2015/847 was adopted to ensure the full traceability of transfers of funds, ensuring the transmission of information throughout the payment chain, by providing for a system which obliges payment service providers to accompany transfers of funds with information on the payer and payee. However, the system is currently only applicable to the transfer of funds, defined as “banknotes and coins, scriptural money and electronic money”. This definition excludes the transfer of virtual assets.
The Commission’s new proposal extends the scope of Regulation No 2015/847 to include transfers of crypto-assets made by CASPs. Similar to the New AML/CFT Regulation, the current proposal ties in with the MICA Proposal and accordingly, all CASPs that are within the scope of the MICA Proposal will also be subject to the information requirements relating to transfers of funds.
The proposal will apply to CASPs whenever their transactions involve a traditional wire transfer or a transfer of crypto-assets between a CASP and another obliged entity (eg between two CASPs or between a CASP and another obliged entity, such as a bank of other financial institution). It will not be possible for CASPs to avail of a simplified domestic wire transfer regime as all transfers will be treated as cross-border wire transfers, given the risks associated to crypto-assets activities and CASP operations.
Under the current proposal, anonymous crypto-currency/asset transactions will no longer be permitted as CASPs will be obliged to collect and make accessible data concerning the originators and beneficiaries of the transfers of virtual or crypto-currencies/assets they operate.
The European Parliament and the Council (composed of the Member State governments) will discuss the Commission’s proposals. The Commission expects that the AMLA should be operational in 2024 and start its work shortly after, once the new regulatory framework starts to apply.