Designed to bring a more risk-based approach to the prevention of money laundering and terrorist financing, the European Union Fourth Anti-Money Laundering Directive is the most substantial change to AML and counter terrorist financing legislation in Europe in several years.
The EU Fourth Directive was enacted on 25 June 2015, replacing the previous Third Directive. A two-year window was given for implementation and so the UK (regardless of any Brexit considerations) must be compliant with the new mandate by 26 June 2017. To that end on 15 March 2017 the Government published a draft of the 2017 money laundering regulations or, to give them their full title “The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, with a consultation paper seeking views as to whether the drafting delivers the government’s stated aims.
In addition the Government is to create a new body, the Office for Professional Body Anti-Money Laundering Supervision (OPBAS), to oversee and help improve standards of supervision and cooperation between supervisors and law enforcement. The government noted that sectors at risk of being used to facilitate money laundering and terrorist financing are presently supervised by 25 organisations, 22 of which are accountancy and legal services providers’ professional bodies. OPBAS will be located within the FCA and will operate within that Authorities’ present governance arrangements. Due for launch in 2018 it will set out how professional body AML supervisors should comply with their obligations in the new Money Laundering Regulations and ensure that they do so, with the powers to penalise any breaches of the new Regulations.
The new draft Regulations are detailed, but the main changes are as follows:
- Trusts: HMRC act as a registering authority for all trust and company service providers (TCSPs), who are not registered by the Financial Conduct Authority. HMRC must maintain a register of beneficial owners of taxable trusts [Regulation 44]. The “fit and proper” test will be extended to agents of money service businesses. That test will be also superintended by HMRC. [Regulation 57]
- Gambling: The 4MLD extends anti money laundering requirements to all gambling services rather than just casinos unless a country can demonstrate that their non-casino gambling sector is low risk. The United Kingdom has done just that and as such the 2017 Regulations provide for the exemption of all gambling service providers from the requirements of the directive, except remote and non-remote casinos. This is the result of the findings of the National Risk Assessment which on enquiry found that there was a lower risk of money laundering in the gambling sector than in other regulated sectors. Supervision of the sector continues to fall to the Gambling Commission under the Gambling Act 2005 but the Treasury and Home Office will continue [Regulation 16] to assess whether providers of gambling services should continue to be excluded from the requirements of the Regulations.
- Pooled client accounts will not be automatically subject to simplified due diligence but must be subject to a risk assessment [Regulation 36].
- Parent and Subsidiary Undertakings. Companies with branches or subsidiaries operating in the European Economic Area (EEA) will need to ensure that those establishments respect the UK national provisions. Where those branches are outside the EEA they will still have to comply with UK law as far as is permitted by the country of location. [Regulation 20]
- Written Risk Assessment: There are new requirements on firms to take appropriate steps to identify and assess the risks of money laundering and terrorist financing and to document methodology. [Regulation 18].
- Simplified Due Diligence: There is no longer any automatic entitlement to apply SDD for specific customers. Firms will now need to determine the level of risk posed by a customer and will need to provide robust rationale and justification for applying simplified due diligence measures. This may subject customer risk assessments to enhanced regulatory scrutiny will require better record keeping controls. [Regulation 36]
- Record Keeping: Firms must retain client information for the maximum period of five years after the end of the business relationship with a client. [Regulation 39]
- Beneficial Ownership and Tax: The UK is required to create a directory of the beneficial owners of corporate entities and beneficial trusts incorporated in their countries. [Regulation 41]. Corporate bodies are required to provide on request information identifying legal and beneficial ownership. [Regulation 42]. Trustees must do likewise [Regulation 43]. With tax offences included as a predicate offence for money laundering for the first time in the EU (although they have been so in the UK for a long time) firms will face an increased burden to ensure that their systems and controls are sufficient to identify tax crimes.
- Politically Exposed Persons: The definition of PEP has been changed to encompass persons entrusted with a prominent public position domestically, as well as domestic PEPs who work for international organisations; firms will now be required to apply EDD on PEPs for at least 18 months after the individual ceases to be a PEP.
- High Value Dealers: The threshold of making and receiving cash payments has been reduced to €10,000 [Regulation 14].