By Dhanum Nursigadoo, Financial Crime Specialist, Comply Advantage
The EU’s regime to address anti-money laundering, and to counter the financing of terrorism is reinforced this week, with the Fifth Money Laundering Directive (5AMLD) coming into force. It impacts five main areas: cryptocurrencies, prepaid cards, high value goods, beneficial ownership, high-risk countries, and politically exposed persons.
Virtual currencies are perhaps the area most impacted by 5AMLD, with the directive introducing the measures detailed below.
The measures could be positive news for the cryptocurrency market in Europe, as increased regulation makes the crypto market safer. The new regulation paves the way for EU operators to introduce more cryptocurrency products and, crucially, to compete with Asian countries, which have already made legislative progress in integrating cryptocurrency with financial markets.
A legal definition of cryptocurrency which may broadly be regarded as “a digital representation of value that can be digitally transferred, stored or traded and is accepted…as a medium of exchange.”
Cryptocurrencies and cryptocurrency exchanges are considered “obliged entities”, and face the same CFT/AML regulations applied to financial institutions under 4AMLD. Practically, this involves an obligation to perform customer due diligence (CDD), and submit suspicious activity reports (SAR).
5AMLD actually goes further than 4AMLD in imposing reporting obligations by giving Financial Intelligence Units (FIU) the authority to obtain the addresses and identities of owners of virtual currency and, in so doing, to push back against the anonymity associated with the use of cryptocurrency.
5AMLD also introduces regulation for providers of cryptocurrency exchanges and wallets – which must now be registered with the competent authorities in their domestic locations, for example, Germany’s BaFin, or the UK’s Financial Conduct Authority.
The monthly transaction limit on prepaid cards is lower than ever before, at €150 — which applies to the amount that can be stored or topped-up on the cards. The previous legislation, 4AMLD, cut the monthly transaction limit on anonymous prepaid cards to €250.
The 5AMLD limit means that firms will be required to carry out identity checks on customers using prepaid cards funded with more than €150. Similarly, anonymous remote or online transaction limits are reduced to €50. In practical terms, this reduces the number of options for potential bad actors.
Prepaid cards issued outside the EU are now prohibited unless they were issued in a territory enforcing legislation equivalent to the EU’s AML/CFT and KYC standards.
Obliged entities must review the way they handle prepaid card payments and put mechanisms in place to identify (and refuse) transactions using cards from non-EU sources. This requirement may involve significant revision of existing systems and procedures.
High Value Goods
High Value Goods are used as stores of value, and transactions involving a range of high value goods are currently considered high-risk – such as oil, arms, precious metals, tobacco and fine art.
5AMLD has increased the scope of the legislation here. To use the art market as an example, art traders, or those acting as intermediaries, now have AML/CFT reporting obligations and will have to perform due diligence procedures on customers. The directive specifically singles out high value works of art for the first time, by applying AML checks to transactions involving art which amount to €10,000 or more. The rule applies to single transactions and multiple linked transactions.
In addition to art, historical, cultural and archaeological artifacts are included in the regulation. This is a move to target funding for terrorist groups such as ISIS.
5AMLD builds on the steps introduced in 2017, which introduced a focus on ultimate beneficial ownership (UBO) for the purposes of risk mitigation and money laundering prevention.
UBO lists (drawn up under 4AMLD) are to be made publicly accessible within 18 months of 5AMLD’s implementation date.
Trusts (or any similar arrangement) must observe beneficial ownership regulations and, like companies, must make that information available to authorities or others demonstrating legitimate interest.
UBO national registers must be inter-connected at an EU level in order to facilitate cooperation and the exchange of information between member-state authorities. However, in a number of countries, it’s unlikely that this requirement will be met in time for the transposition.
Member states are to strengthen their UBO verification mechanisms to ensure the information they carry is accurate and reliable.
Member states must introduce separate UBO registers for bank accounts: unlike company UBO registers, these lists will not be publicly available and only accessible by authorities.
High-Risk Third Countries
Companies that do business with customers from high-risk third countries are, under 5AMLD, required to perform enhanced due diligence measures focused on addressing the deficiencies in those countries’ AML protections, and the money laundering risks they present. The measures require firms to:
Obtain information on customers and UBO, including establishing the purpose of proposed transactions and the source of UBO funding and wealth.
Report transaction details with high-risk third countries to senior management and obtain approval prior to establishing or continuing those business relationships.
Increase controls on specific business relationships and identify transactions that may need further scrutiny.
Politically Exposed Persons (PEPs)
5AMLD requires EU member states to compile and publicly release a functional PEP list made up of prominent politically exposed public functions. This requirement extends to accredited international organizations: the EU will also release an EU-level version of the list.
Functional PEP lists are rare and so can require explanation.
The list created by the EU member states under their 5AMLD compliance obligations will feature the positions that are considered politically exposed but will not name the person fulfilling the function (which, of course, will change periodically). These lists are designed to make it easier for smaller compliance teams, or those with lower volumes of customers, to identify the PEPs that they should be screening against and monitoring for ongoing changes to risk.