(Part 1 of 2)
First introduced in 1991, the EU’s Money Laundering Directives aim to prevent money laundering and other financial crimes such as terrorist financing. The Fourth Money Laundering Directive (MLD4) was passed in 2015 and all EU states must put it into action by the end of 2016. In the UK, it will be implemented in June. This fourth revision bolsters various provisions of MLD3 in order to curb money laundering and terrorist financing, as well as to increase ownership transparency in firms. These steps bring the EU into compatibility with the latest guidelines from the FATF, helping to ensure global consistency across AML policies.
MLD4: what are the major changes?
MLD4 will have a huge impact on payments firms that operate in Europe – and with further policy amendments due by the end of the month, this impact will only grow. Below we outline the major changes to MLD4’s scope and sanctions, and we explain its updates to beneficial ownership. Check back on Thursday to learn about changes to the risk-based approach and upcoming amendments, and find out what it all means for you.
Wider scope of obliged entities:
Many firms and individuals who previously escaped the regulators’ watchful eye are now considered to be “obliged entities” (referred to in the UK as the “regulated sector”). This simply means that more firms will have to comply with the regulations set out in MLD4, including Customer Due Diligence requirements. Obliged entities under MLD4 will include all credit and financial institutions, various Designated Non-Financial Businesses and Professions (DNFBPs), and gambling services. At the very least, obliged entities must perform CDD when establishing a business relationship or before allowing any transactions.
Occasional transactions—that is, any transaction outside of a business relationship— of €15,000 or more are also covered under the regulations, as are transactions that the EU defines as a “transfer of funds” exceeding €1,000. Individual member states can set lower thresholds if they choose.
In short, then, these changes mean that more transactions will need to be monitored and CDD will have to be performed for more clients.
Additionally, e-money products will be specifically regulated under MLD4 for the first time. Countries do have discretion to allow some exclusions to this regulation as long as certain conditions are met. These include restrictions that the payment instrument, such as a pre-paid card, cannot hold more than €250, cannot enable more than €250 in monthly transactions, is used solely to purchase goods or services, and cannot be funded anonymously. If a country chooses to relax CDD requirements for e-money, it must still ensure that issuers carry out sufficient transaction monitoring and issuers must demonstrate that the risks associated with e-money are low.
It’s also important to remember that, regardless of any thresholds or exemptions, CDD must always be performed if there is a suspicion of potential money laundering or terrorist financing. Moreover, CDD must be conducted again if there are any doubts about the adequacy and/or veracity of previously obtained information.
Updates to beneficial ownership:
EU countries must now require entities in their jurisdiction to keep up-to-date ownership information in a central registry that is accessible to authorities, obliged entities, and public persons with a legitimate interest, such as journalists or NGOs.
Additionally, the definition of an ultimate beneficial owner (UBO) has been modified. The key factor in determining who is the UBO is still owning or controlling more than 25% of the shares or voting rights in a legal entity, but MLD4 allows for senior managing officials to be treated as beneficial owners in cases where the above criteria cannot be determined.
Sanctions:
The sanctions for firms and individuals who don’t comply with the Money Laundering Directive have also been updated – and it is now mandatory for EU countries to impose these sanctions. Those who violate MLD4’s provisions will face a maximum fine of at least twice the amount of the benefit derived from the breach or at least €1 million.
For breaches involving credit or financial institutions, the penalties are even steeper: legal persons will receive a maximum fine of at least €5 million or 10% of total annual turnover, while natural persons will receive a maximum fine of at least €5 million.