Anti-Money Laundering 5th Directive brings online payments and company ownership under scrutiny
What the changes mean
The European Union’s 4th Anti Money Laundering (“AML”) Directive emphasised transparency in the ultimate beneficial ownership of legal entities and enhanced customer due diligence. Now, the 5th AML Directive has given institutions more authority to audit and control how businesses adhere to beneficial owners’ disclosure requirements. The Directive also introduces standards for those dealing with electronic payments among other changes.
The initial European AML Directive was limited to regulation and supervision of the traditional financial sector, but the scope has been expanded ever since: real estate professionals, accountants, company service providers, virtual currency exchange platforms and custodian wallet providers are all now required to identify their clients and report suspicious transactions to authorities. The implication for the rest of the business world is that every time you engage one of the in-scope entities, you will be asked for various documents to properly establish your identity. Such documentation could include the identity of directors, shareholders and owners, the company’s structure and purpose, or the source and destination of the funds in question.
Regulators get tough
Not only has the scope of the regulation increased, but regulators have been encouraged to crack down much more aggressively. The potential fines faced by companies are now considerable. In 2017, Rolls Royce forfeited just over half a billion pounds for offences relating to corruption in Indonesia, China and five other countries.
Regulators have initiated random check protocols and have increased the rate at which companies are investigated to levels not seen before. The UK’s Financial Conduct Authority (“FCA”) reported in 2017 that it had performed 75% more checks than in the previous year. Illustrating a step change in the scope of AML regulation, investigations against individuals have also increased, targeting individuals such as CEOs, compliance officers and other responsible personnel. No longer are AML discrepancies merely an abstract corporate failure for which blame and consequence manifest themselves only through monetary fines and sanctions. Now, the individual can and will face consequences for irregularities in their AML adherence.
“Ensuring full compliance is absolutely critical for all the clients we serve. With our global perspective, it is clear that as regulatory complexity grows, multinationals are now treating subsidiary governance as a specialist discipline in its own right.” -- Pablo Pueyrredon - Head of Know Your Customer/Anti Money Laundering and Operations Control Management (“KYC/AML and OCM”), Citco Governance Services.
How to ensure compliance
The legal framework is complex. To collect and issue all required information to banks, legal professionals, company service providers, or real estate agents, requires expert resources as well as a significant amount of time. The format of AML forms, and the content of requests, varies from very standardized to extremely customized and detailed. You are also required to provide this information prior to entering into a business relationship.
The key steps to ensure compliance are the preparation and maintenance of beneficial owners’ registers and ensuring that you make the correct initial filings with relevant local authorities on time and whenever there are any changes to the status of beneficial owners.
There is another consideration too. The European Union’s General Data Protection Regulation (“GDPR”) has created additional complexity when it comes to ensuring AML compliance, due to the competing, and in some senses contradictory, aims of the two pieces of legislation. As AML rules seek to increase the amount of data tracked about companies and individuals, GDPR seeks to limit it. As companies respond to the new AML rules they will need to work hand in hand with legal advisors and other expert parties to ensure they are maintaining the right balance between AML and GDPR, particularly when it comes to documenting the legal basis for the collecting and storing of personal information.
The time given to prepare for the 5th AML Directive is short, as all entities domiciled in the EU must comply by the end of 2019. Now is the time to make sure that all of your documentation is in order. Have you already prepared your entities’ beneficial owners register in the United Kingdom, Germany, Sweden or Denmark? Do you know that all other jurisdictions of the EU will follow shortly and, that there are countries outside of EU that follow the same AML practice, like Brazil or UAE? These are the questions that should be top of the agenda.
By Milda Valevice
In-House Legal Counsel