AMLD5 – Regulations catching up with Technology

In this era of technology, it is a common saying that “Innovation leads and regulation follows.” This couldn’t be any truer with the adoption of the Fifth Anti-Money Laundering Directive (AMLD5) by the European Union. AMLD5 is basically an extension of the previous iteration – AML4. Both of these directives are to tackle and control the on-growing power and risks associated with the use of technology by criminals. 

Moving into the fourth industrial revolution, businesses are completely under the limelight of technology. Of course, the criminal world is also taking advantage of technology to carry out their operations more effectively and anonymously. This drives the attention of government and regulatory agencies to come up with stricter directive for businesses to curb criminal activities.

The aim behind the introduction of AMLD5 is to prevent money laundering, terrorist funding and illicit transfer of money throughout the financial industries of the EU. The same was the goal statement of AMLD4 but in some ways, AMLD5 is more advanced and covers some further aspects. It includes a better definition of the virtual currencies, the changes and the information-sharing policies that are required to combat crimes related to prepaid cards and financial institutes.

From AMLD4 to AMLD5

Previously AMLD4 tackled the risks by making it mandatory for “obliged entities”- banks and financial institutions – to meet KYC and due diligence requirements. Also, the companies operating within the EU were obliged to maintain central registers of their ownerships. According to the European central bank, AMLD4 didn’t go far enough to curb the risks posed by criminal transactions and money laundering.

The main reason was the recent terrorist attacks throughout Europe. Moreover, the Panama papers scandal in 2016 followed Paradise Papers publications in 2017 made it a top agenda for the regulators to come up with a more efficient directive. These papers provided insight to the government into the ways politicians and wealthy-beings can exploit tight-lipped offshore tax regimes. These incidents created a huge fuss around the world questioning the credibility of country regulations. 

Taking into account these issues, the updated framework of the 4th Anti-Money Laundering Directive – AMLD5 came into force in July 2018 which is to be implemented from January 2020. It doesn’t contain any new sets of rules, instead, they are just an extension of the previous ones. The fifth AML directive intends to bring boundless transparency in business activities and company ownership within the EU.

Multiple amendments posed by AMLD5 in the fourth directive. These extensions are to strengthen the policies to deter money laundering due to new technology advancements. AMLD5 not only proposes the public registry for beneficial owners of obliged entities, but it also addresses the significant risks associated with virtual and cryptocurrencies.  

The Obliged Entities and Requirements

The fifth AML directive covers various entities that include:

• Financial Institutions – MiFID firms, insurance companies, collective investment schemes.
• Estate Agents
• Credit Institutes
• Providers of virtual currencies
• Prepaid cards
• Legal Professionals, Auditors, Tax Advisors, and external accountants
• Trust, or company service providers
• Person trading in goods (involving cash payments in amounts of €10,000 or more)

The most important requirement of AMLD5 is requiring the obliged entities to implement the beneficial ownership registry. It is essential for state members to collect and maintain accurate and current information about the legal entities  – as described in AMLD4. In order to meet this requirement, the obliged entities that are operating in the EU must have Know your Customer (KYC) information, in addition to beneficial ownership information, readily available with all the planned procedures.

Enhanced Due Diligence:

Undoubtedly, the beneficial ownership registry is the primary level of customer due diligence. However, with the implementation of AMLD5, the obliged entities will have to adopt Enhanced Due Diligence (EDD) requirements. The EU-based banks are compelled to perform EDD every time they enter into transactions from high-risked third countries as defined by the European Commission. This requirement is to diminish the potential of doing business with criminal organizations. 

The process of enhanced due diligence involves the collection of additional information about the customer, the screening and the completion of risk assessment. The risk rating strategies must involve the risk factors that may be responsible for updating the KYC policies and Procedures. For example, technology is the major risk factor and the manual KYC process is needed to be digital.

After the completion of the risk rating process, the entities must ensure the automatic delivering of data to national authorities and providing them access to information. Enforcement of AMLD5’s EDD requirement on EU-based entities doesn’t mean that their clients must also follow them. But if a bank in Europe adopts stringent EDD requirements, then the associated entities are required to ensure that they are complying with AMLD5 requirements along with their regional regulations.

The Significant Changes in the Regulation:

Though AMLD5 is an extension of AMLD4 regulations but there are some key changes that are highlighted in this directive, it includes:

1. Virtual Currencies

The virtual currencies like Bitcoin possess the transparency feature, i.e. the individuals involved with them tend to stay anonymous. It is both the weakness and strength of the organizations as well. The weakness because of the involvement of money launderers and cybercriminals. AMLD5 clearly states that virtual currency exchange platforms must have to apply Customer Due Diligence(CDD) just like traditional financial institutes.

It includes all the KYC and customer verification requirements. Moreover, customers have to get registered. All these requirements are to combat money laundering and criminal funding that takes place through these platforms.

2. Letterbox Companies

Under the new AMLD5 regulations, anyone will be able to access information about the real owners of “Letterbox” Companies that are operating in the EU. These companies are considered the hub of corruption, money laundering and transnational organized crime. This change in the directive can reveal the corruption and tax evasion that may be taking place in the companies. 

Moreover, with the central beneficial owner registry will be available for individuals with a ‘legitimate interest’, for example, an investigative finding out the owners of trusts and companies.

3. Prepaid Cards

AMLD5 has called for a reduction in the threshold of anonymous prepaid cards – from €250 to €150. This new arrangement is to combat the criminal activities that might be taking place through these cards. While prepaid cards generally have legitimate uses, the anonymous cards are readily used in money laundering and terrorist funding. 

The banks and other financial institutions are obliged to conduct CDD against the prepaid cardholder if the payments exceed a defined threshold. Moreover, as per AMLD5 regulations, the use of prepaid cards – that are issued outside EU territory – will be prohibited unless they follow AMLD5 regimes

Notable Challenges for Businesses in adopting new Standards

Until now, though the businesses used to comply with AML regulations but didn’t have to take that much notice of AML directives as they will have to do now. Previously, financial institutions and tax advisors were the major entities meeting AML compliance. However, with the introduction of AMLD5, now the virtual currency exchange platforms, prepaid cards, and custodian wallets will also have to obliged to new standards and regulations.

The obliged entities have to comply with Customer due diligence, monitoring the virtual currencies transactions and keeping a tight rein on customer activities that they might find suspicious. The major challenge for businesses is that from onboarding customers to ongoing documentation, they have to keep the data up-to-date and share customer information with anti-money laundering authorities.

Moreover, businesses will need to make sure that all the staff members have proper knowledge of the AML directives and follow the standards accordingly. It will cost businesses in training their employees. As the date of implementation of AMLD5 is approaching near, the time to incorporate all these new standards and rules is shortening – another challenge for the businesses.