AML

Commission Publishes Delegated Regulation Supplementing MLD4

 

On May 14, a Delegated Regulation ((EU) 2019/758) supplementing the Fourth Money Laundering Directive ((EU) 2015/849) (MLD4) with regulatory technical standards (RTS) specifying the minimum action and the type of additional measures credit and financial institutions must take to mitigate money laundering and terrorist financing risk in certain third countries was published in the Official Journal of the EU (OJ). READ MORE

IIF Publishes Report on Key Findings from Survey on Use of Machine Learning in AML

 

On October 19, the Institute of International Finance (“IIF“) published a report on machine learning in anti-money laundering (“AML“). The report, which isn’t publicly available, sets out a summary of the IIF’s key findings from a survey of 59 institutions (54 banks and 5 insurers).

The IIF explains that as the level of undetected illicit funds in the financial services sector remains too high, firms are increasingly turning to new technologies, including machine learning, to address the issue. The IIF found that 69% of firms surveyed already use or experiment with machine learning techniques. Another 29% indicated that they are planning to apply new analytical techniques in the foreseeable future however, none of the firms surveyed were pursuing machine learning as a means to reduce staff.

The most prominent benefit was increased speed or automation of analysis which allows the AML process to respond to the latest developments in money laundering methods. Challenges were also identified, including uncertainty about regulators’ support for it as part of a firms’ adequate risk-mitigation framework. Overall, the IIF found that the application of machine learning techniques in AML is spreading quickly across the industry, and expects this trend to continue.

New EU and UK Anti-Money Laundering Rules: The Fifth AML Directive Extends to Cryptocurrencies

The Fifth Anti-Money Laundering Directive (MLD5) entered into force in July 2018. MLD5 updates the legal framework under the Fourth Anti-Money Laundering Directive (MLD4) and must be implemented by the EU member states by January 2020. In response to the growing concerns over terrorist financing and the revelations of the Panama Papers, the amendments in MLD5:

  • increase transparency with respect to the beneficial ownership registers, which EU member states are required to establish under MLD4;
  • clarify and harmonize the enhanced due diligence measures that need to be applied to business relationships or transactions involving “high risk third countries”;
  • require EU member states to create and maintain a list of public functions that qualify as “politically exposed persons” or “PEPs” in their jurisdiction;
  • restrict the anonymous use of prepaid cards in order to mitigate the risk that they may be used for terrorist financing;
  • grant new powers for financial intelligence units, including the power to request, obtain and use information from any obliged entity based on their own analysis and intelligence, rather than just when triggered by a prior suspicious activity report; and
  • require member states to establish centralised registers or data retrieval systems to enable financial intelligence units and national competent authorities to access information about the identities of holders of bank and payment accounts and safe-deposit boxes.

In addition to these broad objectives, MLD5—for the first time—brings certain virtual currency service providers within the scope of EU anti-money laundering and terrorist financing regulations.

Extension of the AML Regime to Virtual Currencies

Virtual currencies, as defined in MLD5, are “a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically.”

Under this definition, most of the coins, tokens, and cryptocurrencies known today probably qualify as “virtual currency.” While not all of the tokens are necessarily used as a “means of exchange,” and this may not be their intended purpose, MLD5 adds that its objective is to cover “all the potential uses of virtual currencies,” such as “means of exchange, investment, store-of-value or use in online casinos.”

As for the reason behind the extension of the AML regime to virtual currencies, in its 2016 Communication on an Action Plan for Strengthening the Fight Against Terrorist Financing, the European Commission identified the ability for virtual currencies to be abused to conceal transactions related to terrorist financing, due to the relative anonymity of the virtual currency environment and the lack of an EU-level reporting mechanism for identifying suspicious activity.

To tackle these issues, MLD5 brings the “gatekeepers” of virtual currencies within the scope of EU anti-money laundering and terrorist financing legislation. Providers engaged in exchange services between virtual currencies and fiat currencies (“virtual currency exchange platforms”) and providers of services to hold, store and transfer virtual currencies (“custodian wallet providers”) have been made “obliged entities” for the purposes of the EU anti-money laundering and terrorist-financing framework. This means that providers of those services will be subject to the same obligations to carry out customer due diligence and report suspicious transactions as other firms designated as obliged entities under EU law, including credit institutions, financial institutions and certain professionals such as auditors and accountants.

The EU acknowledges that regulating virtual currency exchange providers and custodian wallet providers will not entirely address the issue of anonymity attached to virtual currency transactions, since users can transact without going through such providers. But to combat the risks related to anonymity, MLD5 states that national financial intelligence units should be able to obtain information allowing them to associate virtual currency addresses to the identity of the owner of virtual currency.

What’s Next for the UK AML Regime?

EU Member States have until January 10, 2020 to implement MLD5 into their national legislation. Since the implementation date falls within the anticipated transitional period of the UK’s exit from the EU, it is widely assumed that the UK will implement MLD5. MLD5 takes the form of a minimum harmonising Directive, which means that it sets minimum EU-wide standards that the UK could, if it chooses, go beyond.

Going forward, the Sanctions and Anti-Money Laundering Act 2018 (“SAMLA 2018”), which received Royal Assent on May 23, 2018, establishes a broad framework allowing the Secretary of State to pass UK anti-money laundering and terrorist financing regulations after the UK leaves the EU. Regulations may be passed to detect, investigate or prevent money laundering and terrorist financing and implement standards published by the Financial Action Task Force. SAMLA 2018 does not affect the substantive UK money laundering and terrorist financing offences under the Proceeds of Crime Act 2002 and Terrorism Act 2000, which can only be amended by Parliament. However, the broad enabling powers created under the legislation give rise to the possibility that the EU and UK anti-money laundering regimes could start to diverge over time.

NY DFS Adopts Final Anti-Terrorism and Anti-Money Laundering Regulation

On June 30, 2016, the New York Department of Financial Services (“NY DFS”) adopted a final anti-terrorism and anti-money laundering regulation (the “Final Regulation”) that requires institutions subject to regulation by the NY DFS to maintain programs to monitor and filter transactions for potential Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) violations and prevent transactions with sanctioned entities.

Of particular significance is that under the Final Regulation, which will be effective January 1, 2017, relevant regulated NY DFS institutions are required to review their transaction-monitoring and filtering programs and ensure that they are reasonably designed to comply with risk-based safeguards. These institutions also must adopt (at the institution’s option) an annual board resolution or senior officer compliance finding to certify compliance with the Final Regulation beginning April 15, 2018. The resolution or finding must state that documents, reports, certifications and opinions of officers and other relevant parties have been reviewed by the board of directors or senior official to certify compliance with the Final Regulation.

The proposed version of the Final Regulation, which was issued on December 1, 2015, included a much more draconian requirement that a senior financial executive annually deliver an unqualified certificate to the NY DFS that his or her institution “has sufficient systems in place to detect, weed out, and prevent illicit transactions” and that he or she has reviewed the compliance programs of the regulated Institution, or caused them to be reviewed, and that such programs comply with all of the requirements of the proposed regulation. The provisions of the proposed regulation are discussed in the December 22, 2015 Orrick Alert.

The NY DFS noted in its announcement of the Final Regulation that: “The risk-based rule adopted by DFS today takes into consideration comments that were submitted by the financial services industry and others during the extended comment period for the previously-proposed regulation, which ended March 31, 2016.”

Institutions must maintain supporting data for the certification, for review by NY DFS, for five years.

The key requirements of the Final Regulation include the following:

Annual Board Resolution or Senior Officer Compliance Finding

To ensure compliance with the requirements, each regulated institution shall adopt and submit to the Superintendent a board resolution or senior officer compliance finding by April 15 of each year. Each regulated institution shall maintain for examination by DFS all records, schedules and data supporting adoption of the board resolution or senior officer compliance finding for a period of five years.

Maintain a Transaction Monitoring Program

Each relevant regulated institution shall maintain a reasonably designed program for the purpose of monitoring transactions after their execution for potential BSA/AML violations and Suspicious Activity Reporting. The system, which may be manual or automated.

Maintain a Watch List Filtering Program

Each relevant regulated institution shall maintain a reasonably designed filtering program for the purpose of interdicting transactions that are prohibited by federal economic and trade sanctions.

BCBS Finalizes Risk Management Guidelines on AML and Terrorist Financing

On January 15, the Basel Committee on Banking Supervision (BCBS) issued risk management guidelines relating to anti-money laundering (AML) and terrorist financing.

The guidelines apply to all banks and are consistent with the international standards on combating money laundering and the financing of terrorism and proliferation issued by the Financial Action Task Force (FATF) in 2012, and supplement their goals and objectives.  Risk Management Guidelines.

Amendments to Money Laundering Regulations 2007 to Come into Force on October 1

On July 17, HM Treasury published the Government’s response to its consultation on proposed changes to the Money Laundering Regulations 2007 (MLRs) together with its Impact Assessment (June 20). Response.  Impact Assessment.

The Government’s proposals aim to reduce the regulatory burden imposed by the MLRs, while strengthening the overall anti-money laundering (AML) regime. Among the proposals the Government plans to:

  • Retain the criminal penalties in the MLRs (even for minor breaches of the MLRs).
  • Remove the current distinction between bodies listed in Parts 1 and 2 of the MLRs for customer due diligence (CDD) reliance purposes.
  • Strengthen and clarify the powers of the Office of Fair Trading and HMRC.
  • Make the FSA the recognised formal supervisor for recognised investment exchanges (RIEs).