AML Developments – European Commission Action Plan

The Action Plan

Over the past few years it has become clear that the EU’s framework for AML and counter the financing of terrorism (“CTF”) suffers from serious shortcomings including major divergences in the way it is applied by the various EU Member States and significant weaknesses in the way it is enforced. The Action Plan sets out a series of measures that the Commission intends to take over the next 12 months or so with a view to putting in place a comprehensive framework “adapted to the specific threats, risks and vulnerabilities currently facing the EU”.  The measures will build on six pillars as follows:

• Pillar 1: Ensuring the effective implementation of the existing EU AML/CFT framework;
• Pillar 2: Establishing an EU single rule book on AML/CFT;
• Pillar 3: Bringing about EU level AML/CFT supervision;
• Pillar 4: Establishing a support and cooperation mechanism for Financial Intelligence Units (“FIUs”);
• Pillar 5: Enforcing EU-level criminal law provisions and information exchange; and
• Pillar 6: Strengthening the international dimension of the EU AML/CFT framework.

For persons within scope of the AML/CFT framework (“Designated Persons”), the more significant measures are those set out in Pillars 2 and 3.

The Consultation seeks views on the various measures being proposed in the Action Plan and the Commission intends publishing a legislative proposal in Q1 2021 to deliver many of its proposed measures, including those set out in Pillars 2 and 3 above.

Pillar 2 - the Single Rulebook

The Commission is proposing to turn certain parts of the EU’s AML directives into an EU Regulation to limit divergences in the interpretation and application of the relevant rules. At a minimum, this will include the provisions laying down the lists of designated persons, customer due diligence requirements, internal controls, reporting obligations, as well as the provisions on beneficial ownership registers and central bank account mechanisms. Other measures may include:

• a more harmonised approach to the identification of politically exposed persons (PEPs);
• expanding the scope of sectors or entities covered by AML/CFT rules;
• facilitating the use of digital identification for remote customer identification and verification as well as to establish business relationships remotely;
• introducing a ceiling for large cash payments;
• facilitating administrative freezing for FIUs and requiring financial institutions to follow up and execute recall requests;
• mitigating risks arising from investor citizenship and residency schemes; and
• applying stricter AML/CFT conditions to fit and proper tests and ensuring that prudential supervisors have concrete obligations to share information with their AML/CFT counterparts.

Pillar 3 - EU Level Supervision

In the Commission’s view, “there is a clear and evidenced need to have in place an integrated AML/CFT supervisory system at EU level that ensures consistent high-quality application of the AML/CFT rulebook throughout the EU and promotes efficient cooperation between all relevant competent authorities.”

The Commission is seeking views on different options for direct supervision, including entrusting either the European Banking Authority (the “EBA”) or a new dedicated body with direct AML/CFT supervisory tasks over certain designated entities for which it could have exclusive or direct responsibility. The EU body would have the ability to review internal policies, procedures and controls as well as their effective implementation by supervised entities, along with reviewing documentation on transactions and customers.

Comment

Recent AML failures on the part of EU entities, coupled with evidence of lax supervision by some Member State competent authorities have highlighted the need to remedy significant deficiencies in the existing AML/CFT framework.  Technological innovation is also driving change, as evidenced by the fact that the Commission’s recent Consultation on a new digital finance strategy for Europe / FinTech Action Plan (here), published on 3 April 2020, contains a number of questions regarding digital onboarding.

The EU has already taken a number of measures to address existing deficiencies in the AML/CFT framework, including an upgraded mandate for the EBA and amendments to the Capital Requirements Directive.  However, it has also been clear for some time that more root and branch reforms are on the way, including the proposed housing of core AML/CFT requirements in an EU regulation rather than in an EU directive (as is currently the case). It remains to be seen how much flexibility the future AML/CFT regulation will allow designated persons in terms of core measures such as determining the documents/information necessary for satisfying customer identification and verification requirements. In this respect, while the purpose of the regulation is to eliminate divergences stemming from national transposition measures, to a large extent divergences are also inherent in a risk-based approach to AML/CFT with each designated persons determining on the basis of its specific business risk assessment how to comply with AML/CFT requirements.