The long awaited Criminal Justice (Money Laundering and Terrorist Financing) Bill, 2009 which will give effect to the Third Money Laundering Directive 2005/60/EC (“the 3 MLD”) was finally published on Tuesday 28 July.

Broadly, there are no real surprises in the Bill and the measures, in the main, reflect the provisions of the 3 MLD and incorporate the essence of the heads of the Bill that were first circulated by the Minister for Justice, Equality and Law Reform in February 2008. From a business perspective, the approach of placing on a statutory footing what in the past, had been left to regulatory guidance, is to be welcomed, and will provide regulated businesses with more clarity about their legal position.

The headline changes are amendments to the offence of money laundering which extend the scope of the offence and which broaden the extra-territorial aspects of the offence. The obligation to report suspicions of money laundering and terrorist financing has also been widened so as to bring the reporting obligation closer to a whistle-blowing obligation.

The 3 MLD places greater emphasis and focus on monitoring and compliance. This is reflected in the Bill with 23 sections dedicated to monitoring by competent authorities. Breach of the compliance procedure will as before give rise to potential criminal sanctions. Moreover, for financial and credit institutions, among others, breach of the money laundering control procedures will now give rise not just to potential criminal sanctions prescribed under the legislation but, in addition, the administrative sanctions operated by the Financial Regulator

Of course, a key part of coming to grips with the new regime will be the industry guidance notes which are currently being finalised. It is anticipated that this Bill will be considered by the Dáil in early October and it has been earmarked as priority legislation. We will keep you updated about the progress of this Bill and the related industry guidance notes.

Customer Due Diligence  

  • Under the Bill “Customer Due Diligence” replaces the “Know Your Customer” regime established under the Criminal Justice Act, 1994 (“the CJA”). The change is more than just a change in name and the new rules relating to client identification reflect the risk-based approach to verification endorsed by the 3 MLD.
  • The client identification rules are said to apply in the following circumstances:
  1. when establishing a business relationship;
  2. when carrying out occasional transactions amounting to €15,000 or more, whether the transaction is carried out in a single operation, or in several operations which appear to be linked;
  3. when there is a risk of money laundering or terrorist financing;
  4. where there are doubts about the accuracy of existing customer identification.

Broadly these are similar to the triggers for client identity checks under the CJA.  

  • Identification must be established prior to the establishment of a business relationship. However, there is some leeway given on timing and where this would interrupt the normal conduct of business and there is no real risk of money laundering or terrorist financing, identification may be checked during the establishment of the business relationship. However, efforts must be made to check identify as soon as practicable. It is useful that this guidance has now been placed on a statutory basis.
  • Detailed statutory guidance on the steps that should be taken to check identity.
  • Specific and onerous requirement to identify any “beneficial owner” connected with the customer or services concerned so that the designated person knows who the beneficial owner is and, in the case of corporates, partnerships or trusts understands the ownership and control structure of the entity or arrangement concerned.
  • “Beneficial owner” defined broadly to mean -
    • any individual who, in the case of a corporate other than a listed company, ultimately owns or controls, whether through direct or indirect ownership, or control, more than 25% of the shares or voting rights in the body, or otherwise exercises control over the management of the body.
    • in relation to a partnership, any individual who ultimately is entitled to or who controls, whether directly or indirectly, more than a 25% share of the capital, profits or voting rights of the partnership or otherwise exercises control over the management of the partnership.
    • in the case of a trust any individual who is entitled to a vested interest in possession, remainder, or reversion, in at least 25% of the capital of the trust property. Specific guidance for non face-to-face business.  

“Private Members’ Clubs” included as Designated Persons  

Casinos and persons who are effectively directing private members’ clubs are included in the list of Designated Persons which will be required to carry out certain customer due diligence and to report suspicious transactions. The Bill also includes a specific registration requirement in relation to private members’ clubs. Under the Bill persons directing or effectively directing private members’ clubs will be required to register with the Minister for Justice, Equality and Law Reform in accordance with the procedures prescribed by the Minister. Failure to register will be a criminal offence.

Simplified Due Diligence  

  • Simplified due diligence means exemptions from the customer identification requirements for certain types of customers and products known as ‘specified customers’ and ‘specified products’. The products that fall into this category include “small” life insurance products below certain financial thresholds (essentially, those currently set out in the CJA;
  • Customers subject to simplified due diligence include ‘blue-chip’ regulated entities including credit or financial institutions carrying on business in the State, or in a Member State of the EU or in a third country with anti-money laundering requirements equivalent to those laid down in the 3 MLD; listed companies; public bodies and certain other bodies with public functions.  

Risk-Based Approach  

  • Designated persons are required to obtain client identification information by reference to the risk of money laundering and terrorist financing or the purpose and intended nature of the business relationship. This risk assessment involves an analysis of the following factors: type of customer and business relationship; the purpose and value of the service and the source of funds. Where the designated person is unable to obtain this information then it shall not proceed with the business relationship.
  • Ongoing obligation on designated persons to monitor dealings with a customer by scrutinising transactions and the source of funds so as to determine whether or not these transactions are consistent with the person’s knowledge of the customer and its business profile. This approach is not required in circumstances where the customer is a specified customer or a specified product.  

Enhanced Due Diligence  

  • Enhanced customer due diligence procedures for Politically Exposed Persons (“PEPs”) residing in another Member State or in a third country.
  • Designated persons are required to take steps to determine whether or not a customer, or a beneficial owner connected with the customer residing in a place outside the State, is a PEP or an immediate family member, or a close associate of a PEP. These steps are those that as are reasonably justified by the risk that the customer or beneficial owner is involved in money laundering or terrorist financing.
  • Broadly, a PEP is defined as a natural person resident outside the State, who is or was at any time in the last year, entrusted with a prominent public function, and immediate family members, or persons known to be close associates of such persons. They include heads of state, heads of government, members of parliament, members of supreme courts, ambassadors, members of courts of auditors. Immediate family members of these persons would include the spouse, any person considered by national laws equivalent to the spouse, the children and their spouses and partners and the parents. Close associates of the PEPs include any natural person who is known to have a joint beneficial ownership of legal entities and legal arrangements, or any other close business relations with a PEP, any natural person who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the actual benefit of the PEP referred to above.
  • Designated persons are required to have risk based procedures to determine whether a customer is a PEP, have senior management approval for establishing business relationships with PEPs and also ongoing monitoring of the business relationship with regard to the source of funds.
  • Enhanced due diligence requirements also required for the entering into of correspondent banking relationships.  
  • Designated persons may apply enhanced customer due diligence procedures in addition to the circumstances outlined in the legislation where it believes that there is a heightened risk of money laundering or terrorist financing.  


  • No major changes
  • Designated persons are obliged to keep identification and transaction records relating to each customer and in respect of correspondent banking relationships. These documents should be retained by the designated person for a period of not less than 6 years.
  • These obligations continue to apply to a person who has ceased to carry on the business of a designated person.  

Money Laundering Offence

  • Minor amendments to the offence of money laundering.
  • Definition of “criminal conduct” extended to include any conduct that constitutes an offence. Under the CJA “criminal conduct” was confined to conduct which constitutes an “indictable offence”.
  • The offence of attempting to commit the offence of money laundering and terrorist financing placed on a statutory basis. Currently, this offence may be prosecuted at common law.
  • Extension of the extra-territorial scope of the money laundering offence and the offence of terrorist financing. The Bill confirms that a person commits an offence outside the State if they engage in conduct that would constitute an offence in the State or if they aid, abet, counsel or procure the commission of such an offence.
  • Introduction of certain presumptions and inferences to assist with the prosecution of money laundering and terrorist financing offences.  

Reporting Obligation  

  • Extension of the parameters of the reporting obligation. Under the Bill the requirement is for designated persons to report to the Garda Siochana and the Revenue Commissioners any knowledge or suspicion they have that another person is engaged in money laundering or terrorist financing. Under Section 57 CJA the requirement was to report suspicions of money laundering or terrorist financing in relation to the business of a designated body (emphasis added). This change brings the reporting obligation closer to a general whistle-blowing obligation. In addition, the extension of the definition of “criminal conduct” to include any criminal offence also widens the scope of the reporting obligation.
  • The trigger for making a suspicious transactions report (“STR”) is knowledge, suspicion or reasonable grounds that another person has been or is engaged in the offence of money laundering or terrorist financing.
  • Guidance on the information to be included in a Suspicious Transaction Report (“STR”)
  • Failure by a customer to provide identification documents may form the basis of reasonable grounds for suspicion. In practice, this may operate as an incentive for compliance with the identification requirements.
  • Requirement that an STR be made as soon as practicable.
  • Prohibition on dealing with a transaction or service connected with an STR prior to the sending of the STR unless it is not practicable to delay or stop the transaction, or failure to proceed with the transaction would result in the other person suspecting that a report may have been made.
  • Carve-out from the reporting obligation is confined under the Bill to where a relevant professional advisor has “received information from or in relation to a client in the course of ascertaining the legal position of that client”. Under the CJA the exempted areas were:
    • ascertaining the legal position for the client;
    • performing the task of defending or representing the client in or conducting judicial proceedings, or advising the client in relation to instituting, avoiding or defending judicial proceedings, whether the information is received/obtained before, during or after such proceedings.  


  • Expansion of the tipping-off offence and, in particular, of the statutory defences to the offence. For example, it is a defence to prove that the disclosure was to a customer of the defendant or designated person or that the defendant or designated person was directed or ordered by the Gardai not to carry out any service or transaction in respect of the customer and this fact was the extent of the disclosure. It is also a defence if the disclosure was solely to the effect that the defendant or a designated person on whose behalf the defendant made the disclosure had been directed by the Gardai or the District Court not to carry out a service. There is also a defence where a disclosure was made by a credit or financial institution inter-group.

Internal policies and procedures, training and record-keeping  

No significant changes. Designated persons are required to adopt policies and procedures that specify their obligations relating to (a) the assessment and management of the risk of money laundering or terrorist financing and (b) internal controls. It is envisaged that training for the client identification and reporting procedures should be ongoing. The designated person must also adopt policies and procedures in relation to the monitoring and management of compliance with, and the internal communication of the policies and procedures referred to above.  

Special provisions applying to credit and financial institutions  

  • A credit institution or financial institution should have systems in place to enable it to respond promptly and comprehensively to enquiries from the Gardaí as to whether or not it has or has had a business relationship within the previous 6 years with a person specified by the Gardaí and the nature of such relationship with that person. Failure to comply with such a Gardai enquiry will be an offence.
  • Any branches or subsidiaries, outside a Member State of a credit or financial institution that is a designated person, must comply with client identification and record keeping requirements prescribed by the 3 MLD. If this is not possible then the designated person must inform the competent authority and apply measures to address the risk of money laundering or terrorist financing. Credit or financial institutions that are designated and incorporated in the State are required to communicate their anti-money laundering policies and procedures to branches or subsidiaries outside a Member State.
  • Prohibition on the establishment of anonymous accounts or the provision of anonymous passbooks by credit or financial institutions. This extends to anonymous accounts or passbooks that came into existence prior to this requirement coming into force.
  • Prohibition on credit institutions from entering to a banking relationship with a shell bank. Any pre-existing arrangements will cease to exist when this prohibition becomes law.  

Reliance on Third Parties

  • Scope for designated persons to rely on “relevant third parties” to conduct customer due diligence on their behalf. “Relevant third parties” include:-
    • credit institutions;
    • financial institutions;
    • an external accountant or auditor who is also a member of a designated accountancy body;
    • independent legal professionals;
    • trust or customer service providers who are members of a designated accountancy body or of the Law Society of Ireland or authorised to carry on business by the Central Bank and Financial Services Authority of Ireland
  • Notwithstanding such arrangements with “relevant third parties” a designated person remains liable for any breaches of the CDD requirements.
  • Designated persons are free to enter into outsourcing arrangements with other third parties provided the designated person remains liable for any breach.  


  • 23 new provisions on monitoring
  • All designated persons will be supervised by a competent authority set out in the Bill (or prescribed by the Minister) as follows:
    • In the case of credit and financial institutions the Central Bank and Financial Services Authority of Ireland.
    • In the case of an auditor, external adviser or tax adviser, or trust or company service provider if the person is a member of designated accountancy body, the designated accountancy body,  
    • If the person is not a member of a designated accountancy body and is a body corporate, or a body of unincorporated persons carrying out its functions through members or employees who are members of a designated accountancy body, the designated accountancy body.
    • In the case of a solicitor, the Law Society of Ireland.
    • In the case of a designated person who is a barrister, the General Council of the Bar of Ireland.
    • In the case of any other designated person, the Minister for Justice.  
  • Where there is more than one competent authority, those competent authorities may agree that one of them will act as the competent authority for that designated person.
  • Certain competent authorities are referred to as “State competent authorities”, namely, the Central Bank and Financial Services Authority of Ireland, the Minister for Justice, Equality and Law Reform and such other competent authority as may be prescribed by the Minister.
  • A competent authority is responsible for monitoring designated persons in its charge and ensuring compliance with the legislative requirements. A competent authority must produce an annual report of its activities.  
  • State competent authorities are given a range of supervisory powers. They may, for example, by written notice, request a designated person to provide information or documents relating to its business. Failure to comply with such notice is an offence. By way of a follow up to this, the State competent authority may request explanations in relation to any documents provided. It may also request a designated person to discontinue or refrain from conduct that in its opinion constitutes a breach of the legislation. A State competent authority may also appoint employees of the authority or other persons, who in its opinion, are suitably qualified, to be authorised officers.  
  • Authorised officers may enter and inspect premises and request access to documents that relate to the business. They may inspect such documents, take copies of them and request any person at the premises who appear to have information relating to the documents to answer questions. They may also remove and retain these documents.  
  • Authorised officers may be accompanied and assisted by other authorised officers, members of the Gardaí or other appropriate persons.  
  • An authorised officer may apply to the District Court for a warrant to get access to residential premises. This will only be granted if the Judge is satisfied that there are reasonable grounds for believing that documents relating to the business of designated persons are in the relevant residential premises.  
  • It is an offence to obstruct or interfere or fail to comply with a request by an authorised officer. There is a carve-out from the production of documents subject to legal privilege and safeguards against self-incrimination.  

Directions from the Gardaí  

  • A member of the Gardaí, not below the rank of Superintendent, may by written notice, direct a person not to carry out any specified service or transaction for a period not exceeding 7 days if satisfied on the basis of information that it has obtained or received that there are reasonable grounds to suspect that the service is linked with money laundering or terrorist financing.
  • A judge of the District Court may grant a similar order for a period not exceeding 21 days based on the same considerations.
  • In addition, a member of the Gardaí Siochána not below the rank of Superintendent may by written notice authorise a person to proceed with an act that would otherwise constitute money laundering if satisfied that this is necessary for the purposes of an investigation into an offence. This provision may provide some clarity for designated persons who may find themselves in somewhat of an invidious position after an STR has been made whereby they are concerned about dealing with property the subject of an STR but equally concerned that a failure to deal with the property will result in tipping-off.  

Authorisation of Trust or Company Service Providers  

  • Trust and Company Services Providers are subject to a new authorisation and registration procedure which requires trust and company service providers to be licensed and registered and that a “fit and proper” test be applied to persons who direct or who are the beneficial owners of such businesses.
  • “Trust or Company Service Provider” excludes members of a designated accountancy body, barristers, solicitors, credit institutions and financial institutions
  • Certain matters disqualify a person from being considered “a fit and proper person” for the purposes of an authorisation such as certain criminal convictions, refusing due payment of debt, being an undischarged bankrupt or otherwise not being a fit and proper person
  • Offence to carry on the business of a Trust or Company Service Provider without an authorisation by the Minister for Justice. Penalties on summary conviction: a fine not exceeding €5,000 and/or imprisonment for a term not exceeding 12 months. Penalties on conviction on indictment: a fine and/or imprisonment not exceeding 5 years.
  • If the Minister refuses an application, he must state the grounds to the applicant and allow the applicant to make representations stating why the application should be granted. The Minister can also impose conditions on an authorisation and amend or revoke an authorisation. It is an offence not to comply with conditions imposed on an authorisation. Penalties on summary conviction to a fine not exceeding €2,000 and on indictment to a fine not exceeding €100,000.
  • A person aggrieved by a decision of the Minister can serve notice of an appeal on the Minister, which is then referred to an Appeal Tribunal. Any question of law arising from a determination by the Appeal Tribunal can then be appealed to the High Court.
  • Register of holders of authorisations to be established by the Minister, made publicly available and published annually in Iris Oifigiúil.
  • Requirement by holders of an authorisation to retain certain records as specified by the Minister. Offence not to comply with this. Penalties on summary conviction, to a fine not exceeding €5,000 or imprisonment for a term not exceeding 12 months. Penalties on conviction on indictment, to a fine or imprisonment for a term not exceeding 5 years.  

Administrative Sanctions  

The Bill proposes to bring breaches of the money laundering control procedures by “regulated entities” within the Financial Regulator's Administrative Sanctions Regime. Thus regulated entities that fall within the regime include credit institutions, investment firms, insurance companies, insurance intermediaries, fund service providers and retail credit firms. Fines can be imposed by the Financial Regulator on both the institution (up to a maximum of €5,000,000) and on individuals (up to a maximum of €500,000). Sanctions can also include a public or private reprimand.

This means that these regulated entities face potential criminal sanctions for breach of the legislation as well as potential liability under the administrative sanctions regime.

Up to now the Financial Regulator, as a matter of policy, has not pursued criminal sanctions in addition to an administrative sanction.