Article, The Third EU Money Laundering Directive and Compliance

Benjamin M Musau
International Compliance
The Third EU Money Laundering Directive and Compliance
In this article Benjamin Musau discusses the Third EU Money Laundering directive, its implementation and its requirements which are many (on-going customer due diligence, identify non-domestic PEPs, ascertain beneficial ownership of offshore accounts, create policies to ensure a risk-based approach to money laundering risks).  How should a compliance officer at a financial services institution in Europe respond?  Which nations have taken steps to implement the directive and how did they achieve these steps?
 
The Third European Union (EU) Money Laundering Directive (the Third EU Directive) became operative on 15^th December, 2007.  The EU member states who are signatories of the directive have adopted relevant FATF recommendations on money laundering and compliance.  The three key changes that the Third EU Directive introduced from previous anti-money laundering guides and regulations are:
 

• Institutions need to have a risk assessment in place;
• Institutions need to conduct their client due diligence on the basis of that assessment;
• Institutions need to continuously monitor their clients, including existing clients.

 
The requirements of the Third EU Directive include:
 

• Customer Due Diligence: preventing criminals from operating anonymously or under false identities by accurately identifying customers and knowing enough about their business to be able to differentiate between legitimate business and criminal activity.
  • Customer due diligence must be applied when:
    • Establishing a business relationship;
    • Carrying out transactions of EUR 15,000 or more;
    • There is any suspicion of money laundering/terrorist financing.
  • Enhanced due diligence measures must be applied when:
    • Public official from outside the EU for which the firm should:
      • Gather information to understand their business;
      • Assess their Anti Money Laundering (AML) and Anti Terrorist Financing (ATF) controls
      • Get approval from senior management
      • Document the responsibilities of each institution;
    • Clients that the firm does not physically meet for which the firm should:
      • Ensure the customer identity is established by additional documents;
      • Employ extra measures to verify/certify documents supplied;
      • Ensure that the first payment of operations is carried out through the account opened in the customer’s name with a credit institution.
• Record keeping: keeping accurate customer identification and transaction records that can be promptly accessed by authorities and enable customer transactions to be traced.
• Suspicious transaction reporting: Monitoring relationships and promptly report any suspicious transactions to the financial intelligence unit for analysis and possible dissemination to law enforcement authorities.
• Politically Exposed Persons (PEPs): apply due diligence to all PEPs, foreign and domestic.  Laws and regulations should make no distinction between domestic and foreign PEPs.  The standards adopted by FATF and regional and national standard setters should require similar enhanced due diligence for both foreign and domestic PEPs.  In particular, the firm should:
  • Have appropriate risk-based procedures to determine if a person is a politically exposed person.
  • Have senior management approval.
  • Take adequate measures to establish the sources of wealth and funds.
  • Have enhanced monitoring of business relationship.
• Ascertain beneficial ownership of offshore accounts: Require declaration of beneficial ownership.  At account opening and as needed thereafter, banks should require customers to complete a written declaration of the identity and details of natural person(s) who are the ultimate beneficial owner(s) of the business relationship or transaction as a first step in meeting their beneficial ownership customer due diligence requirements.
• Create policies to ensure a risk-based approach to money laundering risks: In addition, there should be periodic review of PEP customers by senior management or a committee including at least one senior manager using a risk-based approach, at least yearly, and the results of the review should be documented.  Over the course of a business relationship with a PEP, ongoing monitoring procedures may reveal changes to the profile and activity.  The PEP may have been promoted or elected to a more senior position, engaged in litigation, or perhaps transactions have deviated from the norm.  Considered separately, the activities, transactions or profile changes may not be sufficient to raise “red flags”.  Once the information is assembled however, the “big picture” may reveal increases in risk overall or raise suspicions of corrupt activity.  Implementing a periodic review of PEP customers on a risk-based approach, and at least yearly, helps overcome this silo approach in which decision are made transaction-by-transaction, activity-by-activity.  A common practice among the banks visited, it ensures that the banks assemble a comprehensive picture of each PEP customer which is analyzed and considered by senior management or a committee comprised of at least one senior manager on a regular basis.  This enhances the oversight of the PEPs customer relationships by the bank’s management.  The individual or committee subsequently takes decisions on termination or continuation of the business relationship.
• Monitoring existing clients: firms are required to monitor continually their relationship with the client and have evidence of their identity in place.  This extends to established clients who may have been in the firm’s books for many years.
• Anonymous accounts: It is no longer allowed to keep anonymous accounts or anonymous passbooks.  The owners/beneficiaries of existing anonymous accounts may be made the subject of customer due diligence.

 
The Third EU Directive also known as 3MLD, incorporates the objectives of the EU Second Money Laundering Directive and is intended to further curb abuses of the European financial and banking systems.  Its stated primary aim is to include Anti Terrorist Financing within the Anti Money Laundering provisions, and it has served to expand and consolidate the provisions of 2MLD.
 
The Third EU Directive, with the support of the Joint Money Laundering Steering Group), will see UK authorities implementing an even more rigorous enforcement regime to prosecute non-compliant institutions.
 
Businesses that have never made a disclosure regarding suspect activities are already being targeted, as the parameters of what constitutes money laundering are drawn so wide that not unearthing something suspicious is virtually impossible.
 
Given a particularly broad definition of “suspicious activities”, it is virtually impossible not to stumble across something irregular, and hence failure to notify the UK Serious Organised Crimes Agency (SOCA) of suspicious activities or transactions is treated as a sign of non-compliance.
 
The AML compliance landscape is a complex one, and despite the fact that most banks and regulated service providers have willingly invested in compliance infrastructure and procedures, many institutions are struggling to surmount the operational challenges of remaining compliant – and hence still face a significant reputational risk.
 
A compliance officer at a financial services institution in Europe should respond to the Third EU Directive by:

• Implementing effective measures to detect and prevent money laundering and terrorist financing – ensuring that the required range of persons and entities in both the financial and non-financial sectors implement the AML/CTF preventative measures listed below:
  • Customer Due Diligence: preventing criminals from operating anonymously or under false identities by accurately identifying customers and knowing enough about their business to be able to differentiate between legitimate business and criminal activity.
  • Record keeping: keeping accurate customer identification and transaction records that can be promptly accessed by authorities and enable customer transactions to be traced.
  • Suspicious transaction reporting: Monitoring relationships and promptly report any suspicious transactions to the financial intelligence unit for analysis and possible dissemination to law enforcement authorities.
• Ensuring that the financial institution complies with AML/CTF requirements;
• Ensure that the financial institution is not vulnerable to infiltration or abuse by organized crime groups;
• Building the capacity of the institution to fight terrorism and trace terrorist money;
• Ensuring that the institution complies with binding international obligations, and avoiding the risk of sanctions or other action by the international community;

 
The 27 EU member countries that are in compliance are:

1. Austria
2. Belgium
3. Bulgaria
4. Cyprus
5. Czech Republic
6. Denmark
7. Estonia
8. Finland
9. France
10. Germany
11. Greece
12. Hungary
13. Ireland
14. Italy
15. Latvia
16. Lithuania
17. Luxembourg
18. Malta
19. Netherlands
20. Poland
21. Portugal
22. Romania
23. Slovakia
24. Slovenia
25. Spain
26. Sweden
27. United Kingdom

 
According to the FAFT recommendations which these countries have adopted, the countries are required to achieve the steps of implementing the following FATF steps:
 

• Successfully investigate and prosecute money laundering and terrorist financing offences – Criminalize money laundering and terrorist financing, properly train law enforcement and prosecutorial authorities, and equip them with sufficient powers and resources;
• Deprive criminals of their criminal proceeds and the resources needed to finance their illicit activities – implement effective mechanisms to freeze, seize ad confiscate criminal assets;
• Require financial institutions and other businesses and professions to implement effective measures to detect and prevent money laundering and terrorist financing – ensure that the required range of persons and entities in both the financial and non-financial sectors implement the AML/CTF preventative measures listed below:
  • Customer Due Diligence: prevent criminals from operating anonymously or under false identities by accurately identifying customers and knowing enough about their business to be able to differentiate between legitimate business and criminal activity.
  • Record keeping: keep accurate customer identification and transaction records that can be promptly accessed by authorities and enable customer transactions to be traced.
  • Suspicious transaction reporting: Monitor relationships and promptly report any suspicious transactions to the financial intelligence unit for analysis and possible dissemination to law enforcement authorities.
• Ensure that financial institutions and other businesses and profession comply with AML/CTF requirements – implementing monitoring and supervision mechanisms, including powers to sanction financial institutions and other businesses and professions that do not comply with AML/CTF requirements;
• Enhance the transparency of legal persons and arrangements;
• Implement mechanisms to facilitate cooperation and co-ordination of AML/CTF efforts at the international and domestic levels;
• Securing a more transparent and stable financial system that is more attractive to foreign investors;
• Ensure that financial institutions are not vulnerable to infiltration or abuse by organized crime groups;
• Build the capacity to fight terrorism and trace terrorist money;
• Meet binding international obligations, and avoid the risk of sanctions or other action by the international community;
• Avoid becoming a haven for criminals.

 
References:
 

1. http://www.cpaaudit.co.uk/pdfs/ThirdMoneyLaunderingDirective.pdf
2. http://www.world-check.com/anti-money-laundering-aml-compliance/
3. www.anti-moneylaundering.org/Document/Default.aspx?DocumentUid
4. http://www.fatf-gafi.org/dataoecd/48/11/45139480.pdf
5. http://www.fatf-gafi.org/findDocument/0,3770,en_32250379_32235720_1_1_1_1_1,00.html
6. http://siteresources.worldbank.org/EXTSARI/Resources/5570284-1257172052492/PEPs-ful.pdf?resourceurlname=PEPs-ful.pdf

 
March 2, 2011

Dr. Benjamin Musau

I am a Kenyan Advocate and the Managing Partner of B M Musau & Co., Advocates, a position I have held since 1999. My work encompasses regulatory reforms, reduction of administrative burdens, the structure of business entities, joint ventures, acquisitions, banking, foreign investment and other general corporate areas