Spotlight AML Package II: Commission Proposes AML Regulation
By means of its legislative proposal for a Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, the Commission responded to calls for stricter, more uniform and directly applicable EU rules on money laundering. The proposal that was presented on 20 July 2021 must be seen in connection with the accompanied legislative proposals for a sixth AML Directive and for a recast of Regulation 2015/847 dealing with the traceability of money transfers (→separate news items). The legislative package is designed to fulfil the objective of establishing an EU single rulebook on AML/CFT as announced in the Commission action plan of 7 May 2020 (→ eucrim 2/2021, 87-88).
The proposed Regulation aims at addressing shortcomings identified in the context of an evaluation of the current EU approach, which lays down obligations for private entities to curb money laundering activities by way of not directly applicable directives (the AML/CFT directives). According to the Commission, lack of direct applicability and granularity in the existing legislation led to a fragmentation in the application of the EU AML/CFT rules along national lines and divergent interpretations. This also disturbs effective handling of AML/CFT risks in cross-border situations and therefore endangers the adequate protection of the EU’s internal market. The current situation also generates additional costs and burdens for operators providing cross-border services and causes regulatory arbitrage.
The envisaged legislation will transform all AML/CFT rules that apply to the private sector to a Regulation, whereas the organisation of the institutional AML/CFT system at national level continue to be regulated by a Directive (the latter are included in the proposal for a 6th AMLD → separate news item). However, the proposal for a Regulation does not only simply transfer the rules from the existing AML Directives, but also makes a number of changes, in order to achieve a greater level of harmonisation and convergence in the application of AML/CFT rules across the bloc. The main changes and novelties are the following:
- The list of entities obliged to prevent money laundering and terrorist financing is expanded to include crypto-asset service providers and other sectors, such as crowdfunding platforms and investment migration operators;
- Internal policies, controls, and procedures for risk management are clarified, in particular customs due diligence (CDD) measures are detailed;
- The approach to tackle third countries whose AML/CFT policy pose a threat to the Union’s financial market is revised, in order to apply enhanced CDD measures in a more harmonised way;
- The definition of “politically exposed person” is clarified;
- Beneficial ownership requirements are streamlined to ensure an adequate level of transparency across the Union, and new requirements are introduced in relation to nominees and foreign entities to mitigate risks that criminals hide behind intermediate levels;
- Requirements for the processing of personal data are made more consistent with EU data protection rules;
- Measures against the misuse of bearer instruments are strengthened;
- An EU-wide maximum cap for large cash transactions (€10,000) is introduced.
Regarding third countries policy, the Commission proposes that the EU will run two lists, whereby the lists are closely aligned with the lists of the FATF. However, the Commission may also identify third countries, which are not listed by the FATF, but pose a specific threat to the EU’s financial system. Countries on the black list showing persistently serious strategic deficiencies in their AML/CFT framework will be subject to enhanced due diligence measures and country-specific countermeasures that are proportionate to the risk the third country poses to the EU’s financial system. Countries with compliance weaknesses in the AML/CFT regimes will appear on a grey list and be subject to country-specific enhanced due diligence measures. The Commission proposes more harmonised and more granular rules on how the EU will mitigate external threats. A key role is envisaged for the proposed new AML authority (→ separate news item), which will monitor specific risks, trends and methods to which the Union’s financial system is exposed. The new authority will adopt guidelines defining external threats and inform obliged entities about them on a regular basis.
The Commission expects that the new rulebook, including technical standards, can apply by the end of 2025.