KYC in blockchain with a focus on data protection and AML laws

Supplementing blockchain with KYC offers endless possibilities

While you may be tempted to think that decentralized and anonymous blockchains are safe because they are free of control from a single authority and work transparently, the reality, however, is a bit different, they are constant targets of scams. Even though the encryption makes it difficult to hack a blockchain system, its anonymity makes it a haven for criminals. Bitcoins and other cryptocurrencies based on blockchain are used by the criminals for illicit money transfers.  

Blockchain technology based on a distributed ledger system has great potential and is increasingly being adopted in different industries. However, there are some challenges and concerns over the design and implementation of distributed ledger systems. One of the major concerns over the decentralized ledger system is data integrity and data protection. As recent developments in data privacy and protection laws proffer the user an authority on their data, the businesses are answerable to the user on how or where the data is being used. 

Realizing this, technologists and researchers are coming up with new technologies that can help embed blockchain-based businesses into the existing legal framework for data protection, customer due diligence, and Anti-Money Laundering (AML). Artificial Intelligence-based due diligence solutions are considered the best bet for this purpose but before discussing it let’s look at how blockchain works.

Blockchain and Distributed Ledger systems  

In a nutshell, a blockchain is a form of distributed ledger system representing a digital data structure in which records are organized in cryptographically sealed blocks. These blocks are time-stamped, replicated, and synchronized. Distributed over peer to peer networks they are often maintained by consensus algorithms. Blockchain technology is also referred to as a status transition machine where the specific token is assigned a status using cryptographic values within a blockchain.

Data Protection and Blockchain

Blockchains are designed with a high level of transparency to ensure trust in the system. However, this transparency also makes it challenging to comply with data regulation and protection regulations such as GDPR and AMLD5. BLockchains transparency is considered incompatible with data protection regulation because it is pseudonymous, not anonymous. A person is represented in the blockchain system with a public key created with cryptographic values. GDPR, on the other hand, defines it as personally identifiable information (PII). And once the data is written on the blockchain it is impossible to alter or delete that data. 

Moreover, the dualistic categorisation of data processors into controllers and processors by the GDPR raises issues such as no controller in the blockchain. Therefore many of the rights individuals are granted towards a controller cannot be addressed, as blockchain technology is not controlled by any centralized entity. These tensions between data protection regulations and blockchain in many challenges like unknown provider, alien jurisdiction, conflict of laws and many more.

Integrating Automated KYC verification solutions with blockchain

 

However, blockchain can guarantee more data privacy as well as data security, if the personal data is kept off the blockchain and only the key to transactional data is transformed into the blockchain. Data protection is crucial when using a distributed ledger system. To keep the system secure from hackers and bad actors, the personal information could be verified by performing customer due diligence for every entity entering the blockchain system, this way the consumers will be verified easily without entering their data on the blockchain.

The problem that constitutes here is that the time required for manual KYC verification contributes to rigid customer experiences and the errors that could lead to fatal losses. Nevertheless, employing an automated KYC verification solution could solve this problem easily.

Blockchain and Anti Money Laundering

Another major consideration in blockchain technology is security for users and businesses in general. Unfortunately, in almost any sort of blockchain both public and private, including cryptocurrencies, token networks, or Initial Coin Offerings (ICO) related blockchains, the security is watertight on one end and the other if a successful hack or phishing attack is successful it is not traceable.

The anonymity of blockchain means that the stolen data remains visible but untouchable. 

With such a possibility, in an unregulated space succumbing to massive speculation, regulators around the world are formulating protocols to govern everyone’s best interests in the blockchain era.

AML and KYC regulations around the wold have wider implications than the cryptocurrencies alone, but the main display of their implementation happens in the digital world. Applied to blockchain technology, AML implies KYC processes and, at times, conducting due diligence on the origin of the assets by tracing transactions or asking the bringer of the funds to prove the source of income. However, there lie challenges in (i) the early implementation of KYC/AML standards and (ii) the ability to understand the technology underlying the Blockchain to be able to identify the origin of the assets. When implementing a blockchain-based business, a company should work with KYC/AML tools even when raising private funds.

To enhance the KYC verification process companies can utilise AI-based verification tools that could be integrated into the registration process on a website, into which customers enter their basic personal information. Online fraud management and AML scanning tools can undertake background checks and document whether a source of funds seems plausible.

Harnessing blockchain 

Understanding Blockchain enables comprehension of its potential challenges and risks. It is important to understand the tools at hand before initiating or evaluating a Blockchain-based project. Supplementing blockchain with KYC verification has many possibilities and can help to fight against data theft, identity fraud, money laundering, and other illicit crimes that could be conducted by negatively exploiting blockchain technology. 

6AMLD of EU - A Detailed Insight

6AMLD of EU – A detailed insight

European union’s another anti-money laundering directive is in the pipeline. And this time the union is aiming for uniformity in AML/CFT practices across member countries while keeping up with changing international regimes.

The estimated amount of money laundered globally in one year is 2 – 5% of global GDP, or $800 billion. And in the EU money laundering accounts for up to 1.2 % of the EU’s annual GDP, or around $225.2bn (€197.2bn) in 2018, according to a 2017 report by Europol.

Recently the 5AMLD was implemented on 10 January 2020. The fifth directive mainly targeted loopholes in certain sectors. It addressed the loopholes in prepaid cards, virtual assets, and precious metal dealing. The major change that came due to 5AMLD is that the identity verification threshold for prepaid cards is reduced from €250 to €150. This threshold for remote transactions is €50. 

Now the 6AMLD is in the next big change in the AML/CFT regimes of the EU. The member states are required to integrate the new directive into their national laws by December 2020 and the reporting entities are required to completely implement the new laws by June 2021. The new directive is drafted well to close any left loopholes in AML/CFT regulations.

Key Features of 6AMLD

The 6AMLD is not only about fulfilling minimum regulatory requirements but about changing the attitude towards AML/CFT. The reporting entities need to go another mile to play their role in eliminating money laundering.

Key Features of 6AMLD

1. A list of predicate offences

A list of 22 predicate offences is provided in AMLD6. It includes offences related to environmental crime, cyber crimes, tax crime, and self-laundering. The directive includes ‘aiding and abetting’ and ‘attempting and inciting’, which means that criminal liability will be extended to people or businesses that are used in the criminal offence. Businesses will be liable for penalties if money laundering is channeled through their system due to a lack of preventive measures. 

The offenses are clearly defined in the official journal of the 6AMLD. The reason behind this measure is to create uniformity in the AML/CFT measures of member states. Because lack of uniformity is one of the major reasons behind money laundering scandals in EU member states. 

2. Increase in non-compliance penalties

The 6AMLD has clearly defined the penalties for businesses and individuals. 

Natural persons 

The individuals involved in money laundering are called “natural persons” in the 6AMLD. Non-compliance penalty is increased for the natural persons. Now a sentence of four years is non-compliance penalty, it was one year previously. As mentioned in the official journal

In order to deter money laundering throughout the Union, Member States should ensure that it is punishable by a maximum term of imprisonment of at least four years.”  

Also, the monetary fine is increased to five million Euros. 

Legal persons 

Businesses are described as “legal person”. In case a business is found to be a part of a financial crime due to lack of AML measures or negligence it will be liable for these below-mentioned penalties:

  • Exclusion from entitlement to public benefits or aid
  • Permanent or temporary disqualification to perform commercial activities
  • Judicial winding up
  • Temporary or permanent closure
  • Placed under judicial supervision

3. “Aiding and Abetting” and “ inciting and attempting” 

The scope of AML regulations is increased to” aiding and abetting” and “ inciting and attempting”. The 6AMLD official journal clearly states, “Member States shall take the necessary measures to ensure that aiding and abetting, inciting and attempting an offence referred to in Article 3(1) and (5) is punishable as a criminal offence.”

4. Alignment with international laws

The Journal states that the member countries are required to implement the 6AMLD while keeping their AML/CFT laws aligned with international laws. It will increase transparency in financial infrastructure. 

This means the reporting entities (businesses/ legal persons) will be required to follow the new regulations that will be aligned with international regimes.

5. FATF recommendations EU AML laws

The 6AMLD will require the member countries to align AML laws with the FATF recommendations. The tax crimes are defined as a criminal offence and the preventive measures are required to be designed in light of revised recommendations of FATF. 

6. Not missing on the virtual currencies

The sixth anti-money laundering directive requires the member countries to take concrete steps towards elimination of risk coming with these virtual assets. The reporting entities such as crypto exchanges, digital asset exchanges, cryptocurrency dealers, crypto wallet providers and businesses accepting cryptocurrency payments will be facing some major AML/KYC compliance scrutiny in 2021. 

How businesses should prepare for the change?

The ultimate effect of changing regimes is on the businesses. The new directive is drafted to change the perspective of businesses towards AML/CFT compliance. The new regulations of “Aiding and abetting”, and “ inciting and attempting” have changed the compliance requirements. Businesses will be liable for heavy penalties if they’re found to be involved in the criminal offence. Even if they’re used as a tool or a channel. 

The reporting entities are required to have an in-depth understanding of the risks and threats and to take necessary steps to eliminate the risk of any of the listed criminal offences being channeled from their platform. 

The businesses are expected to have a completely updated setup for compliance requirements. Digital identity screening could prove to be a reliable partner of the businesses in this regard. As it provides global coverage in the screening of individuals and businesses it helps reporting entities maintain a global risk cover against bad actors.

Find more relevant resources:

6AMLD of EU – A detailed insight

AML solutions: Eliminating the risks of money laundering

AML Solutions: Eliminating the Risks of Money Laundering

Money laundering is a serious crime that can have serious and long-term consequences for your business. Oftentimes, small business owners are offered business opportunities that they can’t simply pass up. It looks like easy money, so they accept and start serving as a facilitator for money laundering. According to a PwC survey, global money laundering transactions account for roughly $1 trillion to $2 trillion annually or 5% of global GDP.

What is money laundering?

The basic concept of money laundering revolves around transforming dirty money into clean money or in a more formal way, money laundering is the process of making a large amount of money generated through illegal activity appear to have earned through legitimate sources. 

Money laundering is typically done through 3 steps: placement, layering, and integration. 

  • Placement is to put illegal money into a legitimate financial system such as a bank
  • Layering is to mask the source of money through a series of transactions and bookkeeping techniques
  • Integration is to withdraw laundered money from a legal account and utilize it

Know more about money laundering process in this demo:

The money laundering is generally accomplished through currency exchanges, wire transfers, smurfing, and shell companies. Moreover, the globalization and digitalization have expanded the capabilities of money launderers, making it more difficult to identify the source of the transaction. Online banking, P2P services, money exchange businesses, and now cryptocurrency have made it difficult to detect the illegal transfer of money. 

However, laundering money is a serious offence. It could lead to heavy fines, penalties and even jail time. According to International Comparative Legal Guide, the maximum penalties for laundering money are fines up to $50,000 or double the amount of property involved, whichever is greater, and imprisonment up to 20 years for each violation. 

Risk of money laundering for small businesses

Small businesses are often the victims of money laundering. Criminals target small businesses because the owners of such businesses lack experience and knowledge about the risks involved with a certain type of business dealing. Further, they don’t have allocated resources and knowledge about Anti Money Laundering (AML) compliance.

Protecting your business against money laundering

By adopting anti-money laundering solutions and practices, you can protect your business from money laundering threats. 

What is Anti Money Laundering?

Anti-money laundering or AML is a methodology or a policy that governs: how the company monitors transactions, detects and reports financial crimes to the regulatory authority. For this purpose, companies adopt different AML solutions that screens and tackles money laundering risks, which the company faces or could face in the future.

AML compliance was first coined with the formation of the Financial Action Task Force (FATF) in 1989. The main concept for its formation was to devise international standards to prevent money laundering and to promote these standards.

In past AML laws has been slow to catch up with cybercrimes, since most of the AML solutions were deployed for traditional banking institutes. However, amid the digital transformation, FATF and other regulatory authorities started focusing on digital transactions and devised stringent regulations to prevent money laundering using digital platforms.

To follow and comply with these regulations, businesses need AML solutions that could detect suspicious transactions and perform due diligence during the onboarding process.    

Automated AML solutions for enhancing AML process

Artificial intelligence and machine learning have been transforming different operational sectors in the finance industry. Automating the tasks that involve data processing and analyzation, filtering out false alerts, and identifying complex criminal conducts are some of the tasks that are being automated using artificial intelligence. To prevent money laundering, banks and other financial institutes use AI-driven AML solutions. These systems are used to identify and categorise suspicious transactional activities.

AI is deemed crucial for performing repetitive tasks while saving time, resources and efforts, which can be reallocated for other tasks. Natural language processing and machine learning are usually adopted for automating AML screening tasks. 

6 Ways AML Solutions can prevent Small Businesses from Money Laundering

Here are ways in which AI-driven AML solutions have revolutionised customer and business screening.

Enhanced due diligence

Artificial intelligence automates the enhanced due diligence process. It starts by taking steps to ensure you know who you are dealing with, understanding and monitoring their transactional activities and accessing their risks of money laundering.

Monitoring transactions and activity

AI-powered risk-based solutions and procedures help monitor ongoing customer activity to detect fraud, as well as money laundering activities including but not limited to placement, layering, and integration of funds.

Reviewing odd patterns of transactions

In most of the cases, launderers use hundreds of different accounts to perform small transactions that can easily surpass without being detected. While it’s difficult for humans to identify such transactions, automated AML solutions can easily identify such smaller transactions and reveal a pattern of illegal activity related to money laundering or terrorist financing.

Identifying Politically Exposed Persons (PEPs)

PEPs compliance is mandatory for firms. It is crucial to identify the risks associated with your customers. According to FATF, any person who is or has been holding any public office or function is a politically exposed person and to do business with any such entity, organisations should perform enhanced due diligence and monitor their ongoing transactional activities.  

Money laundering is a serious risk for small businesses. In addition to facing criminal charges and hefty fines. Involving in money laundering activity intentionally or accidentally could lead to fines and may damage your brand reputation. With this in mind, small business owners need to study and comply with AML regulations. 

An inside look at the need for AML in the e-gaming industry

An inside look at the need for AML in the e-gaming industry

Data analytics and trends show the penetration of the population into console-based online video games and smartphone gaming applications. Online video gaming platforms having microtransaction features tend to handle much of financial transactions on their own, they are not considered a bank or a saving association. Therefore do not lie under the regulations of the Office of Foreign Assets Control or Bank Secrecy Act (BSA). However, the facility of financial transactions to buy gaming assets are raising several security challenges in the e-gaming industry. 

Financial frauds, the major threat the e-gaming industry is prone to. Money laundering, a huge financial crime is facilitated using the gaming industry a medium. By selling digital goods and currency (in-game), money laundering activities are conducted. The rise of online gaming has opened the ways for fraudsters to conduct financial crimes in the complex environment in which players operate. The loopholes in the gaming systems are well-analyzed and misused by laundering millions. This is challenging for the e-gaming industry to regulate the sector and deter the risks of financial crimes. 

Moreover, money launderers use e-gaming platforms to convert embezzle funds into good money. The video game industry can reduce money laundering activities by taking in place dynamic AML practices that filter out the bad actors beforehand. 

Anti-Money Laundering and Countering of Terrorist Financing (AML/CFT)

To disguise the ownership of illicit funds, money launderers use several means to hide money or convert it into legitimate money. The money that is earned as a result of cross-border organized criminal activities is concealed by money launderers either by transferring it across the world or buying properties with that. This is what happens in the online gaming industry. Assets are bought with in-game currency and in the form of assets, money is laundered. 

Having a comprehensive AML and CFT program is not only a regulatory requirement but a business practice on which business reputation, as well as profits, are dependent. Moreover, to fight against the criminal liabilities facilitated through e-gaming platforms can better be avoided taking in place stringent AML and CFT actions. 

Player identification

Online casinos’ major concern is fraud prevention. Especially money laundering that is residing in the industry can better be prevented by identifying each onboarding player at the time of account registration and financial transactions. Customer Due Diligence and AML background checks should be implemented in real-time while onboarding a player. This will help build a clean customer base.

Player identification usually can be performed by verifying the identity details. By authenticating official ID documents, KYC compliance can be achieved. The real-time captured information is then validated against the updated global watchlists. AML screening is performed during identity validation in which various AM background checks are implemented that ensure the identity’s data against exclusion lists such as;

  • Sanction Lists
  • Government-issued Data Sources
  • Watchlists
  • Money Launderers
  • Criminal Databases
  • Politically Exposed Persons (PEPs) List

By collecting the extensive details from identity and validating them against criminal databases, online casinos and gaming platforms can build a compliance program that can help them comply with local and global regulatory obligations as well as protect their business from any monetary loss. 

Moreover, ongoing identity monitoring is equally important. One time identity verification can not help eliminate money laundering activities entirely. In-between identity verification deters the risks of malicious transactions and suspicious activities. Just to overcome the effort of identity verification, biometric identification can help in robust verification without compromising user experience and keeping intact the security perspectives simultaneously. 

Other money-laundering countermeasures

Other than verifying the identity of a player, countermeasures can be taken that prevent the direct and indirect approaches of fraudsters of laundering money. These measures are:

  • Detective and preventive controls in assistance with technology should be taken to investigate if some players are exchanging the information among themselves to cheat the gaming system and perform money laundering.
  • Preventive measures against identity theft should be taken to avoid the misuse of someone’s identity by the fraudster to launder money. 
  • The customer information collected at the time of identity verification should be protected from any uncontrolled/unauthorized access. 
  • The customer’s credit card details should be protected from unauthorized access.
  • Enhanced Due Diligence measures to combat money launderers from entering into a legitimate system.
  • Prohibiting direct payment system between customers.
  • Monitoring the transactions between countries and immediate blocking when money is sent to some country that does not register previously as the home country.
  • Reporting of suspicious transactions to the Financial Intelligence Unit.

Risk-based approach

Online gaming companies are required to evaluate the measures they have taken to counter bad actors and their malevolent activities in an online environment. Identification of risks and mitigating them to avoid severe circumstances is the priority of every business. Assigning each onboarding identity a risk rating can help prevent money laundering in the e-gaming sector. With the risk rating approach, gaming companies can develop appropriate AML and CFT measures to combat potential threats. 

Future prospects to combat money laundering in e-gaming

The online video gaming industry will be evolving in the years ahead and create new opportunities for enhanced monetization. By employing an enhanced identity verification framework, the e-gaming sector can proactively avoid regulatory fines and penalties. Identity verifications supported by AI-based and machine learning models that facilitate automation facility would be the future of combating money laundering from the online gaming industry. Hence, providing a financially safer platform and a secure environment from bad actors. Moreover, improved revenue generation opportunities for e-gaming seems to be on the way in years ahead. 

EU’s AMLD5: What does it mean and how will it impact the AML regulation regimes?

EU’s AMLD5: What does it mean and how will it impact the AML regulation regimes?

From the Panama papers, Paradise leaks and Danske Bank case to the most recent revelations about SEB bank, money laundering scandals over the last few years have taken the world by storm. As general awareness about money laundering strengthened, so did the pressure on the regulatory authorities across the globe to counter build proper anti-money laundering laws and regulations

With every new revelation, lawmakers gain a great insight into how the financial system can be exploited and, as a result, find better ways to devise new amendments in already existing laws.

This is one of the reasons why the European Commission proposed the 5th Money Laundering Directive only a year after the legalization of AMLD4. Although published in the official journal of the EU in June 2018, AMLD5 was originally proposed in July 2016 as a part of its action plan against terror financing and money laundering, after the Paris and Brussels attacks, and as a reaction to Panama paper published in 2016.

The primary intention to make changes by January 2017 looked over-aggressive; a final devised text was reached in December 2017. 5th Money laundering Directive came into force in July 2018, and member states are required to make amendments in national laws accordingly before 20th January 2020.

What are the Key Changes in the 5th Anti Money Laundering Directive? 

AMLD5 serves greater prospects and shows the European Union’s leadership role in AML legislation. One of the key features of AMLD5 is that it proposes changes in already existing legislation in AMLD4, instead of replacing them.

The precise amendments that the fifth directive proposed are:

  • The scope of money laundering screening is extended to virtual currency providers, art worker traders, e-wallet providers, and tax-related services.
  • European member states require to develop a list containing all public offices and its functions nationally that qualify as politically exposed (PEP) for enhanced due diligence.
  • Financial flows from high-risk non-European states are subjected to high due diligence.
  • AMLD5 makes it obligatory to consult beneficial ownership registers while performing AML screening.
  • The directive also recommends that access to beneficial ownership information for EU based businesses should be made publicly accessible. In AMLD4, this information was not publicly accessible.
  • It also ends the anonymity of saving accounts and safe deposits across all the banks under the European Union.
  • Information on real estate holders is to be made centrally available to public authorities across Europe.
  • The payment threshold for prepaid cards and e-money is to be lowered. Previously, the threshold was a maximum of 250 euros. AMLD5 requires this threshold to be lowered further to 150 euros.

What are the Key Changes in the 5th Anti Money Laundering Directive?

Following the spirit to become AML leaders in the world and to stop money laundering across Europe, the European Commission requires member states to implement these changes in national laws by January 20th, 2020. And as the deadline imposed by the EU ends almost in a month, let us have a deep dive into how it will impact the AML regulations landscape for businesses across Europe.

How will AMLD5 impact Anti Money Laundering Regulation Regime?

Virtual Currency Service Providers in Scope

Since the virtual currency is the talk of the town for a while now and regulators are finding ways to regulate decentralized cryptocurrencies such as bitcoins, AMLD5 will apply to virtual currency service providers as well as electronic wallet providers, to cover the risks associated with cryptocurrencies. In addition to this, the traders of artwork and entities rendering tax-related services are also in the scope of AMLD5 regulations.

Enhanced KYC including access to Beneficial Ownership Information

The business across Europe are obliged to consult related registers while performing KYC. However, for now, it is only applicable to the businesses registered and operating under the European Union.

Public Access to Beneficial Ownership Information

AMLD4 required the member states to maintain central registers for beneficial ownership information and required interested parties to demonstrate legitimate access to beneficial ownership registers. Under the AMLD5, this information is to be made publicly available except for trusts and similar legal arrangments. 

In such cases, legal information about beneficial ownership will be granted to anyone demonstrating a legitimate interest. The beneficial ownership information will be comprised of; the name of the beneficial owner, date of birth, nationality, country of residence, and the extent of the beneficial interest held in that particular business.

Access to Information on Real Estate Holders

Money Laundering through real estate is estimated to reach $1.6 trillion a year. Owing to this, the AMLD5 makes information on real estate holders, available to the public authorities. This does not require to maintain a central register for the information.

Lower Prepaid Card and E-Money Threshold

Prepaid cards are being used in money laundering across the globe. According to the FBI, drug cartels utilize prepaid cards to launder illegally earned money from drug sales across the United States. For identifying prepaid cardholders, AMLD5 lowered the threshold of prepaid cards from 250 euros to 150 euros. Furthermore, E-money transactions using prepaid cards are lowered to 50 euros. 

No member state is allowed to increase this amount, however, these amounts can be lowered further. AMLD5 not only lowers this amount but also includes strict restrictions on anonymous prepaid cards issued in non-member countries.

Regulations for Bank Accounts and Safe Deposit Box

One of the stricter regulations in AMLD5 is the abolishment of the anonymity of bank accounts, saving accounts, and safe deposit boxes. Member states are obliged to design central registries or data retrieval systems by September 10, 2020, which will be directly accessible by the Financial Intelligence Units and competent national authorities.

Once the directive is transformed into legislation, the financial institutions will require to build or render digital KYC services for the onboarding process and it is important for the financial institutes to attain clear guidance on this directive and formulate strategies accordingly.    

Bill to Combat Money Laundering Makes Its Way Through The Senate

Bill to Combat Money Laundering Makes Its Way Through The Senate

The US House of Representatives passed the Corporate Transparency Act of 2019 (HR 2513) on October 22, 2019. It is currently being reviewed by the Senate. 

The bill aims to reveal the true owners of “anonymous” shell companies to law enforcement agencies. It will have major implications for all the small businesses and their owners. The bill would require businesses, that didn’t fall under the Bank Secrecy Act, to report every transaction, however small, to the government. Moreover, the business owners would have to alert the authorities regarding any suspicious activity, while maintaining a comprehensive record of all sales.

United Nations finance expert, Eric LeCompte, said of the bill, 

“This legislation helps us stop human traffickers and corrupt public officials and protects development aid. Shell companies contribute to a trillion-dollar loss to the developing world every single year.”

This bill is part of an extensive effort to crack down on money laundering and terrorist financing in both the US and Europe. Passed by the House of Representatives on October 22, it is now being evaluated by the committee experts in the Senate. 

AML Technology Eradicating the Perils of Money Laundering

AML Technology Eradicating the Perils of Money Laundering

In the past few years, we have seen a substantial increase in the number of legislations regarding how legal entities especially financial institutions combat financial crimes like terrorist funding, money laundering, and identity theft. A report estimates that in 2009, criminal proceeds amounted to 3.6% of global GDP, with 2.7%  (or USD 1.6 trillion) being laundered. Businesses are in dire need of KYC and AML compliance to fight back all such frauds. Business owners are deploying various measures against scams but the AML compliance program is effective out of all. 

AML compliance program is basically a methodology that defines the role that governs how a company monitors accounts, detects and reports financial crimes to relevant authorities. AML screening tackles with the intrinsic money laundering risks the company faces or can face in the future. The role of legislation is crucial in order to know how the AML compliance program should work. Customer screening for anti-money laundering is for completing due diligence to prevent and deter money laundering, terrorist financing, and other financial crimes and frauds. 

Why AML Compliance?

AML( Anti Money Laundering) practices have been used for businesses around the globe and all regions require the businesses to perform due diligence on their customers in one way or the other. AML compliance is not as difficult for organizations to follow as it seems. An investment of a few thousand dollars can obviously demit the loss of millions in penalties that businesses will have to pay eventually. 

To detect suspicious transactions and analyzing customer data, Anti-money laundering AML screening has been employed by financial institutes and other businesses. To filter customer data and classify it according to the level of suspicious and inspect it for errors is done by AML systems. Any sudden and substantial increase in funds or a large withdrawal of cash includes such anomalies.  AML checks are not for money laundering but also put a tight reign on frauds like tax evasion, terrorist financing, etc. AML compliance has a system to report money laundering activities to relevant authorities evaluating the client’s risk profile. 

Artificial Intelligence Enhancing AML Checks:

 

Artificial intelligence (AI) has the potential to transform financial institutions (FIs), disrupting every aspect of financial services, from the customer experience to financial crime. AI technology can be utilized by FIs in a number of ways, with anti-money laundering (AML) one of the main areas of focus. FIs can employ AI to analyze large amounts of data, to filter out false alerts and identify complex criminal conduct. It can identify connections and patterns that are too complex to be picked up by straightforward, rule-based monitoring or the human eye.

FIs are awakening to the potential of AI, both internally and externally, and beginning to embrace it. According to the Digital Banking Report, 35 percent of financial organizations have deployed at least one machine learning solution. Artificial intelligence has the ability to completely transform how banks perform AML and Know Your Customer (KYC) compliance. Additionally, for this need of anti-money laundering, artificial intelligence systems are capable to mine a great volume of data to prevent risk, which simplifies the process of identification of high-risk clients.

 AI is crucial when performing repetitive tasks, saving a lot of valuable time, resources and efforts that can be refocused on other tasks. AI technology including natural language processing NLP and machine learning ML can create automation in process of AML screening.

How is AML Compliance impacting Businesses?

 

AML compliance can intelligently extract risk-related facts from a huge volume of data making the process of identity verification a lot more smooth and risk-free. It has the ability to track the alterations in regulations around the globe. It fights against financial crimes by identifying gaps in customer information by financial institutions and provide Know Your Customer ( KYC) alerts. Here are ways in which  AI has revolutionized AML screening to help the client onboarding process easy, resulting in bringing higher revenue and lower fraud risk to the business:

 

  • Enhanced Due Diligence:

 

Artificial intelligence can automate AML screening that helps automate the creation and updating of the client risk profile to match this against the classification process i.e high, medium or low risk that ensures continuous compliance throughout the client life cycle. Moreover, it assists the process of identity verification easier for enhanced due diligence.

 

  • Improved Client On-Boarding:

 

When applied to workflow automation, AI along with AML  has the ability to transform the generation of documents, reports, audit trails and alerts/notifications.

 

  • Risk Assessment :

 

AML compliance can help mitigate risk as whenever a client is highlighted with a suspicious activity system can block resulting in the removal of any sort of risk. It gives a full understanding of the different tiers of risks a customer presents and how to mitigate them

 

  • Detection of Suspicious Activity:

 

Any suspicious activity can be detected and immediately reported to the concerned department without putting yourself in trouble. The goal here is to have systems in place for prompt detection of activities associated with money laundering. For instance, suspicious activity can be:

  •  Increase in cash deposits of or business without any obvious reasons.
  •  Providing very little information when applying for a bank account.

 

  • Managing Regulatory Compliance and Change:

 

AML screening ability to counter patterns in a vast range of text enables it to make an understanding of all changing regulatory environment. Furthermore,  to analyze and classify documents to extract useful information such as client identities, products, and procedures that can be affected by regulatory changes. It can be instrumental in helping banks and other financial institutions to fight back financial frauds. 

 

  • AML Screening and Investigation:

 

A recent Dow Jones-sponsored ACAMS survey revealed the most challenging for bank compliance is of false positive. Underpinning the alert generation method with AML may end up in fewer false positives. whereas they’re a major part of the AML compliance method, alerts don’t seem to be enough to support an efficient and thorough investigation method. What’s needed is that the linking of high-quality information to the alert (via interpretation associate degreed link analysis) to supply a correct, graphical illustration of the legal entity structure. AML beside AI will facilitate to leverage antecedently performed steps within the alert investigation method to formulate a suggested next steps approach.

Read more about how AML regulations can help prevent financial crimes:

AMLD5- Closing the loopholes of AML:

 

Consider new technologies and improve transparency AMLD5 is here to fulfill the EU’s next-generation AML requirements:

The goals of 5AMLD are as follows:
  • Impact on  financial intelligence units and facilitate increasing transparency on who really owns companies and trusts by establishing beneficial ownership registers
  • Prevent risk associated with the use of virtual currencies for terrorist financing and limit the use of prepaid cards
  • To secure the financial transaction to and from the high-risk third parties. 
  • The access of financial intelligence units to information including bank account registers must be enhanced. 
  • Ensure centralized national bank and payment account registers or central data retrieval systems in all member states.
The Bank Secrecy Act

Know Your Business-Pillar of Strength To AML Regulations

Moving in the world of technology, where every industry is going digital, there has been very less transparency among the businesses. Collaborating with businesses and entities online leaves room for some suspicious activities – means you will have no idea about the identity of the person on the other end. For example, the business you are onboarding may be a shell company or funding the terrorist.

Know your business (KYB) – these three words always seem to pop up everywhere in the industrial sectors, especially in financial institutions. KYB has successfully evolved from Know your customer (KYC) process and has eventually become an important part of today’s regulatory firms. It plays a vital role in low-friction regtech platforms to serve all types of customers without getting involved in illegal activities and entities.

The Bank Secrecy Act (BSA) of 1979:

Back in 1970, when the Vietnam war was on the full swing, a deadly confrontation erupted regarding drug trafficking. As a result, the administration laid a strong foundation against the War of Drug. The Bank Secrecy Act of 1979 (BSA) was introduced as a part of this policy agenda to deter illegal fundings. The BSA requires all U.S. financial institutions to report certain types of customer activities to the regulatory firm – FinCEN, the federal Financial Crimes Enforcement Network. For instance, financial firms need to report about the transactions totaling $10,000 or above.

The intentions of these regulations were to hinder the cartels, drug smugglers and other productive criminal enterprises from moving money through the US. The BSA makes the transactions more visible to the federal law enforcement hence starving the actors from their profits.

From KYC to KYB

The BSA is itself a foundation for the anti-money laundering (AML) regulations also known as Know your customer (KYC) compliance. It was enumerated in the 2001 USA Patriot Act as a result of the 9/11 incident and came into effect in 2003 – adopted by a joint resolution of federal financial agencies. These regulations intend to curb the flow of money to terrorist factions and other money laundering crimes. To meet these regulations, the institutes are required to maintain a record of personally verifiable information of every customer.

It won’t be an understatement to say KYC was built upon the BSA, which enforces the financial firms to ensure the identity of their customers that they are who they claim to be. However, the BSA rules were somehow vague that were covered by KYC regulations with the introduction of the Customer Identification Program (CIP) and Customer Due Diligence (CDD).

While KYC compliance ensures the identity of the customers and keeps an eye on the risk factors associated with them, but unfortunately there is still a major loophole unsolved. That is the financial institutes weren’t required to identify or verify the stakeholders and beneficiaries of the businesses and entities they are serving. This means that legitimate firms could unknowingly shelter bad entities or shell companies while performing illegal and high-value transactions on their behalf. Doing so makes the financial firms equally responsible for the illicit transactions taking place right under their nose. 

This issue came into light through the scandal of Panama papers back in 2016 and as a result, KYB services were introduced for business verification.

Dive Deep into KYB

 

The officially titled “Customer Due Diligence Requirements for Financial Institutions” is what we consider as know your business checks or KYB. It can be taken as an extensive form of knowing your customer since it doesn’t only verify the name of the person to whom the business is registered. It also enforces the institutions to verify the identities of the chief executives and any other person who owns 25 percent or more of the business. 

KYB compliance covers an entire industry of consultants who facilitate various firms to ensure that their business customers are properly investigated and none of them are involved in illegal activities. Every financial institution, merchant acquirer or payment companies who deal with money transfers and transactions, is enforced to perform KYB check of the businesses with whom it does business.

The checks for KYB solutions include the verification of company registration, business license, identification of a business, and other executives of the business. The KYB compliance requirements may vary from address and date of birth to driving license, passports and bank statements. Moreover, these checks are also performed against sanction lists, PEPs, Adverse media, and disqualified directors. 

These authentication checks are carried out by the KYB solution providers depending on the nature of the business, transaction value, suspicious reports, and more importantly the country legislations.

The Role of 5th AML Directive

 

The regulatory regimes around the world are continuously changing with every passing day. Last year, two major regulatory directives were updated, the 2nd Payment Services Directive (PSD2) and the Fifth Anti-Money Laundering Directive (AMLD5). The PSD2 requires financial institutions to make certain data available to other institutions through the use of APIs (Application Programming Interfaces). Whereas, AMLD5 compels the financial businesses to keep tight reins on the personal information online.

The businesses from financial institutes to merchants, everyone is facing regulatory pressure to meet stringent verification requirements. To do so they deliberately need to adjust the processes to conduct due diligence. The 5th AML directive along with PSD2 and GDPR regulates organizations to verify the businesses – the KYB compliance.

AMLD5, in particular, holds liability for the EU states to collect all the legal documentation regarding the company in a central registry. Moreover, it is mandatory that this central registry must be available and accessible to all the obliged entities that are required to perform business verification. 

Enhanced Due Diligence

 

After the Panama Paper Scandal, verifying the business entities and the mainstream business structure is an integral part of AML compliance requirements, compelling enhanced due diligence (EDD). It obliges securing additional information about the business client, for instance, the nature of the business relationship, source of funds, transaction history and the enhanced monitoring of the business relationship.

KYB in Europe

 

In Europe, the 4th AML Directive is already in effect and by January 2020, AMLD5 will also be in action. The AML 4 requires the businesses to identify the obliged entities and take prudent measures to verify their identities. It facilitates the businesses to know about the UBOs in regards to trust, foundations, and legality of the entities to better understand the structure of the business and customers.

According to defined rules, the beneficial proprietor in the EU is any person who owns 25% of the corporate business. However, in the upcoming AMLD5, the proposal is lowered to 10%. 

KYB in the US

 

The Customer Due Diligence (CDD) Final Rule has been in effect since May 2018, in the US. This rule states as: 

“Beginning on the Applicability Date, covered financial institutions must identify and verify the identity of the beneficial proprietors of all legal entity customers (other than those that are excluded) at the time a new account is opened (other than accounts that are exempted)”

As per the regulations, the financial institutes include banks, dealers and brokers, mutual funds and futures commission merchants. However, different jurisdictions constitute different requirements. In fact, even one region may have different regulations to be applicable to the state members. For example, the US financial institutes, in addition to the Bank Secrecy Act (BSA), they are liable to OFAC (Office of Foreign Assets Control), FACTA (Foreign Account Tax Compliance Act) and SEC disclosure rules.

KYB Process –  From Weeks to Seconds 

 

Performing Business verification is quite difficult, time-consuming and costly. Most of the companies hide their true identities in order to surpass the money trial. Also, the shell company can obscure their true information in filling and different jurisdictions. The percentage of possession is mostly disguised through different paper trials which makes it difficult to identify. In fact, in some countries, there is no proper paper trial – means no documentation is required for setting up a business, hence no source to investigate for shareholders’ information – which is against the FATF, AML and CTF regulations.

Some of the companies are overcoming this problem by implementing KYB solutions just like KYC. However, manual verification is quite slow, error-prone and costly. To incorporate this con, the KYB solution providers are actively adopting automated ways to verify the businesses in real-time.

In this era of high competition and complex compliance requirements, there is a need for electronic ID verification of business. By automating the KYB process, the financial institutes can securely access the UBOs identifying information from the central registry and verify it. Moreover, meeting the KYB compliance can paramount the complex regulatory environment.

KYC checks KYC solutions KYC and AML

Winter is Coming: With a Storm of KYC and AML Regulations

The ever-evolving regulations are creating challenges and complexities for the financial institutes, both in national and international markets. Financial sector deals approximately with 200 regulatory changes per day and these numbers are rising. Most of the time, businesses fail to concede these regulatory requirements and face heavy fines. Since 2008, global banks have been fined more than $321 billion collectively for not following Know Your Customer (KYC) and Anti Money Laundering (AML) regulations

Even with a compliance cost of almost $100 billion globally in a single year, crimes like money laundering, terrorist financing, and cyber frauds are increasing. Financial Institutes (FI) do not only find it challenging to comply with KYC and AML regulations but increased fraudulent activities make these things even worse. Financial institutes often fail to identify fraudsters and face fines and even get banned.

Fraudsters and money launderers are exploring new ways of carrying illegal activities. An undercover agent who infiltrated Pablo Escobar’s drug cartel responds, “You can launder money in so many different ways, it is as unique as snowflakes.” To counter these challenges, regulatory authorities are making updates in regulations almost every day.

Changing Regulations with the Changing World

 

In the aftermath of the 2008 financial crisis, regulatory authorities put forth several noticeable amounts of regulations, but now almost after a decade, some regulators and lawmakers think it is time to analyze what is working and what is not and make necessary amendments accordingly.

Banks and financial institutes are the protectors of the financial systems and the responsibility to prevent financial crimes lies with them. In the last decade, these institutions have worked tirelessly to establish reliable KYC and AML procedures and systems. However, changes created by technology and globalization demands modifications in regulations. 

For instance, high demand for virtual currency has made regulators reassess in place regulations and make amendments to regularise cryptocurrency. As most of the cryptocurrencies are not backed up by any central governments the potential of its use in illegal activities, especially terror financing and money laundering, already threatens the authorities and businesses. 

The authorities are making amendments and the newest laws to regulate all these advances in financial systems. Here are some recent changes by notable global regulatory authorities: 

FATF

Financial Action Task Force (FATF) is an intergovernmental organization, which strives to eliminate money laundering and terrorist financing globally. The organization has been very keen on recommending necessary changes required to comprehensively deal with financial crimes.

Noticing the recent trends of money laundering (ML) and terrorist financing (TF), FATF recommends member states to perform legal screening of Ultimate Beneficial Owners (UBOs) of every business. Owing to the exploitation of virtual currency by criminals, FATF also recommends regulating cryptocurrencies. According to a report, $4.26 billion worth of cryptocurrencies were stolen by cybercriminals, only in 2019. FATF expects members to implement these regulative reforms in their respective states for combating ML and TF. 

European Commission’s AMLD5 and AMLD6

As a part of an action plan against money laundering and terrorism, the European Commission has introduced new regulations in the 5th and 6th AML directives. Every European country is required to implement these regulations as a part of its national action plan on AML and CFT.

AMLD5

 

The most prominent law in AMLD5 is the regulation of cryptocurrency exchanges and service providers. Before this directive, e-wallet providers and crypto exchanges were not covered under the financial regulations. AMLD5 made it compulsory for crypto businesses to perform KYC for identity verification. Furthermore, member states are required to maintain a central register for Ultimate Beneficial Ownership (UBOs) of the crypto businesses.

AMLD5 also lowers the threshold for the prepaid cards to decrease the risks of money laundering through these cards. According to the U.S Federal Bureau of Investigation (FBI), drug cartels use prepaid cards as a source to launder money earned from illegal drug sales in the USA. European countries are required to implement AMLD5 by January 10, 2020.

AMLD6

 

While the European Union’s member nations are striving to implement AMLD5, the European Commission published a new directive i.e. AMLD6 in their journal. This new directive will make AML and KYC regulations more stringent. By setting a clearer definition of money laundering and increasing the minimum liability for predicate offences, the EU aims to make AML and KYC more robust. 

The key elements of AMLD6 are: 

 

  • Addition of Cyber Crimes in Predicate offences. Predicate offences are crimes underlying money laundering and terrorist financing. Initially, cybercrimes including online identity theft, credit card frauds were not included in predicate offences. Once AMLD6 is implemented the businesses will require more enhanced KYC checks to avoid indulging in unlawful activities.
  • Inclusion of the entities that are aiding criminals to launder money in money laundering crimes. The addition of ‘enablers’ can make money laundering tracking easier.
  • The punishment for money laundering and terrorist financing is increased for up to four years including other penalties.

RegTech: A useful KYC solution  

 

While the aforementioned are major regulatory changes in the world, many countries are also regulating businesses to perform enhanced due diligence and KYC at national levels. Financial Sector is obliged to follow these regulations.

However, the financial sector is not lagging and is taking measures to remain compliant with rules. Since the finance sector always remains one step ahead in adopting innovative technology. One of the latest addition to the finance sector’s arsenal is Artificial Intelligence (AI). The finance sector can adopt AI to make KYC/AML screening more robust, cost-effective, and time-efficient.

RegTech (Regulatory Technology) refers to the use of technology-based solutions to help in compliance with financial regulations. RegTech is enabling rapid development in the financial sector regarding compliance. AI-based identity verification and AML screening solution are both cost-effective and time-efficient. Businesses should adopt AI-based KYC and customers due to diligence solutions (CDD) when onboarding customers to remain compliant with regulatory changes and avoid any offence.  

Conclusion

 

KYC laws are continually modified to catch up with the latest techniques for perpetrating financial crimes. A recent example is AMLD6 by European Commission, which intends to make KYC and AML compliance stricter. The financial sector must adopt effective measures to maintain the integrity of the institutions as well as meet the regulatory requirements. They are the first line of defence against money laundering and need to act accordingly. To ensure that businesses remain in compliance with these changes, RegTech industry is rendering efficient AI-based solutions for KYC checks.   

EUs Sixth AntiMoney Laundering Directive AMLD6

EU’s Sixth Anti-Money Laundering Directive (AMLD6)

Summary: Sixth Anti-Money Laundering Directive (AMLD6) highlights a stringent framework to combat money laundering and terrorist financing. It extends the scope of criminal liabilities and entities with an updated list of predicate offenses. AMLD6 came up with tougher penalties and widens the criminal liability to legal persons. 

The European Commission affirmed action plans to tighten the reins on mounting money laundering and terrorist financing. On 26 June 2017, the 4th Anti-Money Laundering Directive (AMLD4) came into force contributing to the same idea of combating bad money flow. It stated the regulations for information exchange and its operation among financial institutions. After this, EU co-legislators identified the need for amendments in AMLD4 which were declared in AMLD5. These changes are expected to come into effect by the 10th of January 2020 and state sectors which need to strengthen the standard operations to deter the risks of money laundering. Also, it asserts that the sectors facilitating criminal activity will be subjected to harsh regulatory penalties. Recently, the EU Commission came up with Sixth Anti-Money Laundering Directive(AMLD6) published in the EU’s Official Journal. AMLD6 introduces a harmonized authoritarian framework for the elimination of money laundering. 

AMLD6 strengthens the existing norms of anti-money laundering. It establishes minimal criminal liability rules for money laundering by setting it’s clear definition and stating predicate offences, enforces minimal sanctions and extends criminal liability to legal professionals. It reinforces the framework with the police cooperation point of view. Furthermore, the Directive sets specific requirements regarding information records and requests, sensitive data processing, and restrictions to rights. 

AMLD6 – New Measures and Amendments

 

EU Commission proposed new measures to fight against terrorist financing and money laundering activities. Commission believes that existing models are neither comprehensive nor consistent. It suggests that definitions should be cleared at the national level and scope should be widened that covers the industries with a broader perspective. It further elaborates that criminal proceedings are innovative enough to exploit the parliamentary discrepancies. These weaknesses become the source of opportunities for money launderers to convert their ill-gotten gains to good money. 

The draft provided by EU legislation is obliged to send it to Parliament as well as Council. The trialogue of three bodies will reproduce an agreed document that would be accepted as a new EU law. Denmark will not be affected by this law due to its legal agreements and the UK government may be opted out of the adoption of AMLD6 notwithstanding Brexit agreement. The fundamental component of AMLD6 is the list of 22 predicate offences. AMLD6 defines these predicate offences explicitly which will definitely impose obligations on the firms. Companies would have to take in place monitoring systems to detect direct and indirect links facilitating predicate offences. 

Following are the key elements of AMLD6 that incorporate criminal legislation:

 

 

  • Harmonized list of Predicate Offences

 

The scope of 22 predicate offences has extended. Now it includes the emerging threats of environmental crimes and cybercrimes in the EU. Environmental crimes refer to those that set out in legal acts of the Union. Similarly, cybercrimes are declared as predicate offence that was not catered in the FATF recommendations. Tax crimes are also in the scope of AMLD6, the crimes that directly and directly committed due to tax commutation. To avoid the ruinous circumstances, firms should familiarize themselves with the expanse of 22 predicate offences. 

 

  • Aiding and Abetting, Inciting and Attempting

 

The money laundering scope is extended in AMLD6. Now, aiding and abetting, and inciting and attempting lies under the premises of money laundering perspectives. By including these entities that are called ‘enablers’, money laundering tracking can become easier. These entities are considered the facilitators of the money laundering process. Therefore, AMLD6 extends its boundaries for money launderers to combat the risks of embezzling funds transfer. 

 

Key Points of 6th AML Directive

 

 

  • Criminal liability extension to Legal Professionals

 

Recalling AMLD5 in which legal professionals were spotlighted to undergo client identity verification and keep accurate information about them. AMLD6 focuses on the evaluation of legal professionals. According to which, criminal liability is extended to legal professionals i.e. partnerships and companies. It is applicable to those who facilitate money laundering through their businesses directly or indirectly for the sake of their own benefit. Legal professionals would be answerable if Individuals who caught transferring illicit funds is not identified. 

In addition to this, the representatives, executives, supervisors, and decision-makers who lack proper individual authentication or supervision would be accountable for facilitating criminal activity.

 

  • Tougher Regulatory Penalties

 

One of the most important area covered in AMLD6. The Directive says that all Member States are supposed to set the imprisonment of at least four years to deter money laundering. The business that caught facilitating money laundering would be temporarily or permanently banned. Also, there would be the closure of business units and operations, exclusion from public funding access, halted grants and concessions through which predicate offence is committed. Wise companies are in the race of complying with the regulatory norms to avoid harsh fines and reputational loss of a company. 

The rising exposure to money laundering is alarming for industries and businesses. Any entity that facilitates money laundering or terrorist financing actions will be sentenced with heavy penalties. Companies are seeking innovative solutions to tackle money laundering and to perform efficient monitoring of bad money flow through Artificial Intelligence and Machine Learning techniques. 

Data Protection and Privacy

 

This initiative facilitates competent authorities to take in place stringent mechanisms through which personal and sensitive data is collected and processed. The fundamental rights of the subjects should not be compromised in any way. The directive focuses on data protection and privacy rights, the information collection should be minimal and should not include any financial information, for example, financial transactions or credit in bank accounts. Although a limited set of information includes personal data i.e. subject’s name, bank account number, date of birth, etc. Information on the total number of bank accounts of the subject is necessary for the purpose of investigation.

Sixth Anti-Money Laundering Directive (AMLD6) will be formally published and adopted in the EU’s Official Journal and at least after 26 months of coming into force, firms would have to comply with the directive. Member States have to follow the regulatory provisions and laws to take into account the associated predicate offences that could be promoted in the premises of legitimate business in any way.

AMLD Regulations catching up with Technology

AMLD5 – Regulations catching up with Technology

In this era of technology, it is a common saying that “Innovation leads and regulation follows.” This couldn’t be any truer with the adoption of the Fifth Anti-Money Laundering Directive (AMLD5) by the European Union. AMLD5 is basically an extension of the previous iteration – AML4. Both of these directives are to tackle and control the on-growing power and risks associated with the use of technology by criminals. 

Moving into the fourth industrial revolution, businesses are completely under the limelight of technology. Of course, the criminal world is also taking advantage of technology to carry out their operations more effectively and anonymously. This drives the attention of government and regulatory agencies to come up with stricter directive for businesses to curb criminal activities.

The aim behind the introduction of AMLD5 is to prevent money laundering, terrorist funding and illicit transfer of money throughout the financial industries of the EU. The same was the goal statement of AMLD4 but in some ways, AMLD5 is more advanced and covers some further aspects. It includes a better definition of the virtual currencies, the changes and the information-sharing policies that are required to combat crimes related to prepaid cards and financial institutes.

From AMLD4 to AMLD5

 

Previously AMLD4 tackled the risks by making it mandatory for “obliged entities”- banks and financial institutions – to meet KYC and due diligence requirements. Also, the companies operating within the EU were obliged to maintain central registers of their ownerships. According to the European central bank, AMLD4 didn’t go far enough to curb the risks posed by criminal transactions and money laundering.

The main reason was the recent terrorist attacks throughout Europe. Moreover, the Panama papers scandal in 2016 followed Paradise Papers publications in 2017 made it a top agenda for the regulators to come up with a more efficient directive. These papers provided insight to the government into the ways politicians and wealthy-beings can exploit tight-lipped offshore tax regimes. These incidents created a huge fuss around the world questioning the credibility of country regulations. 

Taking into account these issues, the updated framework of the 4th Anti-Money Laundering Directive – AMLD5 came into force in July 2018 which is to be implemented from January 2020. It doesn’t contain any new sets of rules, instead, they are just an extension of the previous ones. The fifth AML directive intends to bring boundless transparency in business activities and company ownership within the EU.

Multiple amendments posed by AMLD5 in the fourth directive. These extensions are to strengthen the policies to deter money laundering due to new technology advancements. AMLD5 not only proposes the public registry for beneficial owners of obliged entities, but it also addresses the significant risks associated with virtual and cryptocurrencies.  

The Obliged Entities and Requirements

 

The fifth AML directive covers various entities that include:

 

  • Financial Institutions – MiFID firms, insurance companies, collective investment schemes.
  • Estate Agents
  • Credit Institutes
  • Providers of virtual currencies
  • Prepaid cards
  • Legal Professionals, Auditors, Tax Advisors, and external accountants
  • Trust, or company service providers
  • Person trading in goods (involving cash payments in amounts of €10,000 or more)

The most important requirement of AMLD5 is requiring the obliged entities to implement the beneficial ownership registry. It is essential for state members to collect and maintain accurate and current information about the legal entities  – as described in AMLD4. In order to meet this requirement, the obliged entities that are operating in the EU must have Know your Customer (KYC) information, in addition to beneficial ownership information, readily available with all the planned procedures.

Enhanced Due Diligence:

 

Undoubtedly, the beneficial ownership registry is the primary level of customer due diligence. However, with the implementation of AMLD5, the obliged entities will have to adopt Enhanced Due Diligence (EDD) requirements. The EU-based banks are compelled to perform EDD every time they enter into transactions from high-risked third countries as defined by the European Commission. This requirement is to diminish the potential of doing business with criminal organizations. 

The process of enhanced due diligence involves the collection of additional information about the customer, the screening and the completion of risk assessment. The risk rating strategies must involve the risk factors that may be responsible for updating the KYC policies and Procedures. For example, technology is the major risk factor and the manual KYC process is needed to be digital.

After the completion of the risk rating process, the entities must ensure the automatic delivering of data to national authorities and providing them access to information. Enforcement of AMLD5’s EDD requirement on EU-based entities doesn’t mean that their clients must also follow them. But if a bank in Europe adopts stringent EDD requirements, then the associated entities are required to ensure that they are complying with AMLD5 requirements along with their regional regulations.

The Significant Changes in the Regulation:

 

Though AMLD5 is an extension of AMLD4 regulations but there are some key changes that are highlighted in this directive, it includes:

1. Virtual Currencies

 

The virtual currencies like Bitcoin possess the transparency feature, i.e. the individuals involved with them tend to stay anonymous. It is both the weakness and strength of the organizations as well. The weakness because of the involvement of money launderers and cybercriminals. AMLD5 clearly states that virtual currency exchange platforms must have to apply Customer Due Diligence(CDD) just like traditional financial institutes.

It includes all the KYC and customer verification requirements. Moreover, customers have to get registered. All these requirements are to combat money laundering and criminal funding that takes place through these platforms.

2. Letterbox Companies

 

Under the new AMLD5 regulations, anyone will be able to access information about the real owners of “Letterbox” Companies that are operating in the EU. These companies are considered the hub of corruption, money laundering and transnational organized crime. This change in the directive can reveal the corruption and tax evasion that may be taking place in the companies. 

Moreover, with the central beneficial owner registry will be available for individuals with a ‘legitimate interest’, for example, an investigative finding out the owners of trusts and companies.

3. Prepaid Cards

 

AMLD5 has called for a reduction in the threshold of anonymous prepaid cards – from €250 to €150. This new arrangement is to combat the criminal activities that might be taking place through these cards. While prepaid cards generally have legitimate uses, the anonymous cards are readily used in money laundering and terrorist funding. 

The banks and other financial institutions are obliged to conduct CDD against the prepaid cardholder if the payments exceed a defined threshold. Moreover, as per AMLD5 regulations, the use of prepaid cards – that are issued outside EU territory – will be prohibited unless they follow AMLD5 regimes

Notable Challenges for Businesses in adopting new Standards

 

Until now, though the businesses used to comply with AML regulations but didn’t have to take that much notice of AML directives as they will have to do now. Previously, financial institutions and tax advisors were the major entities meeting AML compliance. However, with the introduction of AMLD5, now the virtual currency exchange platforms, prepaid cards, and custodian wallets will also have to obliged to new standards and regulations.

The obliged entities have to comply with Customer due diligence, monitoring the virtual currencies transactions and keeping a tight rein on customer activities that they might find suspicious. The major challenge for businesses is that from onboarding customers to ongoing documentation, they have to keep the data up-to-date and share customer information with anti-money laundering authorities.

 

Moreover, businesses will need to make sure that all the staff members have proper knowledge of the AML directives and follow the standards accordingly. It will cost businesses in training their employees. As the date of implementation of AMLD5 is approaching near, the time to incorporate all these new standards and rules is shortening – another challenge for the businesses.

AMLD Implications for Cryptocurrency

5AMLD: Implications for Cryptocurrency

What is 5AMLD?

As part of the Action Plan against terrorism, the 5th Anti-Money Laundering Directive (5AMLD) proposed by the European Commission aims to address risks associated with virtual currencies and wallet providers. The proposal augments the 4th Directive in its efforts to enact EU rules designed to combat Anti Money Laundering (AML) and financing of terrorist activities (CFT). 

The indication is of thorough regulatory change as digital currency exchange platforms and e-wallet providers are now required to comply with AML and CFT requirements. Collecting and monitoring customer data will be part of their compliance operations. 

Under the new law, the general public will have access to beneficial ownership information of EU companies, and due diligence measures for financial flows from high-risk countries will be beefed up. 

Cryptocurrency – Safe or Not?

 

Virtual currencies such as bitcoin provide efficient ways of data sharing and user interaction for a wide customer base. However, the inherent way in which cryptocurrencies are able to hide user identity opens up opportunities for suspicious transactions online. 

This implies that authorities cannot trace the identity behind any kind of transaction, and financial transfers can therefore be concealed easily. The risk of such services being used by terrorist organisations looms large on the horizon, leading to strict scrutiny measures for the crypto realm in 5AMLD. Virtual currency remittance systems are also at the risk of being used for terrorist and illegal activity financing.

As safety of digital transactions dwindles, KYC for identity verification becomes an increasingly important part of the security equation. In contrast, at the very heart of cryptocurrency is the counter-intuitive idea of decentralisation that allows a user to create a disconnect between his identity and e-money. The key here is finding the middle ground between privacy and legality. 

Currently, only a third of all businesses across Europe and the US perform background checks on their users. And this is about to change after the implementation of 5AMLD. 

Before this commission, no other EU Laws were directed at monitoring digital currencies or e-wallets. Previously absent in 4AMLD, the new directive includes a definition of virtual currencies: 

‘a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically’.

This covers a wide range of virtual money – coins, tokens, custodial wallets – to ensure that no form of electronic value escapes monitoring. Although the definition is all-encompassing, it is useful to note that it merely views cryptocurrency as a means of exchange online and not as assets, securities or commodities. 

There is no clarification for ‘virtual currency exchanges’, but individual entities are identified as providing services between virtual and fiat currencies. Again, the scope of such transactions under AML/CFT compliance is unclear, and the commission almost overlooks crypto-to-crypto exchanges. For Initial Coin Offering (ICO) organisers, brokers and other platforms, this underscores the need for detailed checks under 5AMLD Compliance.  

In this respect, the UK has warned against the use of crypto assets in illegal activities, and hinted at using a broader regulatory framework. 

Next in importance to cryptocurrencies are e-wallets. A custodian wallet is explained by the law as:

“An entity that provides services to safeguard private cryptographic keys on behalf of their customers, to hold, store and transfer virtual currencies”. 

Following this interpretation, a service provider shall not be liable under CFT/AML laws unless it holds the user’s private key. Obliged entities include centralised cryptocurrency exchanges such as Mist, Ledger Nano S and Trezor. 

Under 5AMLD, previously unlicensed exchange services and e-wallet providers now need to be authorised through a registration process. This means that common AML practices such as customer due diligence, transaction monitoring, and fraud detection will need to become part of company compliance processes. Countries are obliged to create central databases, with complete lists of virtual currency users and their self-declaration forms. 

As ironic as it may seem, cryptocurrency providers will collect, store and monitor information of customers, as well as any beneficiary owners that may be involved. For the purpose of AML/CFT screening, this puts an end to any anonymity in the currency space, and enables concerned national authorities to collect such data and verify it against relevant account holders. 

The law also lowers the threshold for identifying users of e-money, to further empower Financial Intelligence Units (FIUs) by facilitating information exchange. In addition, when performing a KYC before a business relationship, the corresponding beneficial register in the EU must be accessed. 

Onwards and Safer

 

After the 5th AML Directive of the EU is rolled out, crypto exchanges, e-wallets and trading platforms will require efficient identity verification processes and AML monitoring tools for enhanced customer experience. 

For smooth sailing amid regulatory change, digital currency providers are better off adopting reliable KYC/AML/Customer Due Diligence and financial crime control strategies well in time. Cybercrime and terrorism need to be rooted out at source, and compliance officers must carefully identify their exposure to the risk of criminal activity. Keeping in view the products and services being offered, cryptocurrencies must conduct a risk assessment and take pre-emptive action against high-risk transactions and users. 

Regulating cryptocurrency space will not be as easy as controlling its non-digital counterpart. Regulators, financial institutions and crypto providers equally face technical challenges in ensuring compliance of AML laws. Sharing relevant, open and transparent information, as well as establishing partnerships at each level, will, therefore, be central to the process of regulation and innovation. 

AMLD Amendments in Prepaid Cards Transaction Threshold

AMLD5 Amendments in Prepaid Cards Transaction Threshold

In July 2018, the European Commission came into effect the 5th Anti-Money Laundering Directive (AMLD5). In the past couple of years, a series of money laundering cases and tremendous terrorist financing attacks were noticed. Not only this, a string of involvement of Politically Exposed Persons (PEPs) and high-profile individuals induce pressure on the Commission for policy reforms. 5th latest money laundering directive focuses primarily on centralized agencies and beneficial owners, legitimate online businesses connected directly or indirectly with the local regime. 

Typically, money laundering involves unauthorized shell companies that have no evidence instead of a piece of paper, which is used to transform the embezzle funds into ostensibly legal ones. The directive ensures the credibility of papers that are misappropriated and hidden from public scrutiny. The data on these papers should be examined and verified keeping AMLD in place. According to the Head of Compliance Christopher Baines: 

“The directive is definitely a step in the right decision, it reduces the number of options of criminals.”

Major Amendments in EU’s Fifth Anti-Money Laundering Directive:

In the Official Journal of the European Union, Fifth AML Directive depicts the guidelines to reduce the ventures of money laundering activities. It is in the response of terrorist financing and offshores leaks in Panama Papers that are imposing stringent checks and compliance adoption. In the recent AML regime, below are the 4 key amendments:

  • It is mandatory for the member states to make sure that registers of beneficial owners of legal companies and entities are accessible to the public. These registers do not include the owners of trust as it needs an extra illustration of legitimate interests. The lists should be up-to-date indicating the comprehensive functions for identification purposes of natural or legal persons
  • AML Directive (AMLD5) is extended to electronic wallet providers, art dealers, virtual currency exchanges, etc. Also, further specifications are demonstrated for tax advisors and real estate agents
  • The threshold for prepaid cards holders is lowered to €150
  • Member States are supposed to implement serious measures that fulfill the demand for enhanced due diligence to monitor the high-risk suspicious transactions. Electronic identification should be done to regulate and recognize the entities efficiently

After the Fifth AML Directive on 9 July 2018, EU Member States got the deadline of 10 January 2020 (about 18 months) to make sure its implementation into national law. 

Lowered Threshold of Prepaid Credit Cards & E-money

The purpose of the Fifth AML Directive is to reduce the transactions from anonymous prepaid cards. The threshold for identifying prepaid cardholders is reduced to EUR 150 from EUR 250. This requirement neither applies to the redemption or withdrawal of cash nor applies to remote payment transactions where the amount exceeds €50 per transaction. The prepaid cards that are issued in third countries will be acceptable only if the insurance requirements meet the guidelines of the EU AML regime.

AMLD5 Amendments in Prepaid Cards Transaction Threshold

This new directive focuses on digital currencies and prepaid cards. The maximum amount that can be placed in prepaid cards has drastically reduced. The banks and financial institutions are supposed to conduct an investigation against the prepaid cardholder if a value of over EUR 150 is placed. Also, the amount of EUR 150 is for both the amount to keep in prepaid card and the transaction amount on a monthly basis. Electronic identification needs to be performed to verify the prepaid card credit. Prepaid cards that are issued outside the territory of the EU will be prohibited unless it lies under the regimes equivalent to AMLD5.

Similarly, cryptocurrencies and digital wallets are under the hood of the AML regime that ensures standards contributing to curb money laundering, the money trail, and terrorist financing. AMLD5 is going to deploy at the start of 2020, enforcing legal beneficial owners to take identification measures for authentication of prepaid cards threshold to make sure that any cardholder identity does not place credit more than the amount specified by the directive.