Recent analysis conducted by LexisNexis highlighted that many financial institutions are struggling to complete their implementation plans for the Fifth Anti-Money Laundering Directive (5AMLD). Even more troubling was that many of those surveyed were not even aware of its key purpose. So what activities should banks be focusing on to ensure their compliance to both 5AMLD and the recent Sixth Anti-Money Laundering Directive (6AMLD)?

5AMLD legislation came into force in European legislation on the 9th July 2018, with all EU countries required to transcribe the directive into their own legislation by the 10th January 2020. Since January, all in-scope organisations trading in the UK should have been compliant, but as the above research highlighted, many are still unprepared.

Why is 5AMLD important?

Ultimately 5AMLD aims to strengthen the barriers in the battle against money laundering and terrorist financing introduced under 4AMLD by:

• Increasing ownership transparency to prevent money laundering and terrorist financing through organisations with opaque ownership structures
• Creating centralised bank account registers to increase and improve the capabilities of Financial Intelligence Units (FIUs) across Europe
• Reducing the risk of anonymous virtual currencies and pre-paid instruments being used to facilitate terrorist financing
• Improving the cooperation and exchange of information between AML supervisors and the European Central Bank
• Broadening the criteria for the assessment of high-risk countries and ensure that all in-scope organisations apply the same stringent standards to monitor and check financial flows from such locations

The steps to 5AMLD compliance

While this is by no means an exhaustive list (requirements will be specific to each individual organisation and jurisdiction), there are some key actions financial institutions need to take to drive compliance:

Ownership transparency: In-scope entities must be aware of any requirements to submit beneficial ownership information to the centralised e-justice registry. For accurate submission to take place, KYC records should be complete, in-date and include up-to-date beneficial ownership information.

Action: Conduct an impact assessment to identify any gaps in beneficial ownership information within KYC records and ensure processes are in place to update national centralised registries where required. Where centralised information is available, assess how this can be obtained automatically to accelerate AML and onboarding tasks. You can search for company information on the centralised registry here.

Transparency of trusts: Under 5AMLD, competent authorities or those with a legitimate interest will be able to access the beneficial ownership information of trusts with no restriction. Where a trust is a beneficial owner of a company it will be possible to access the same degree of information as above through a written request.

Action: Ensure your teams are aware of the new rules in relation to trusts and put in place procedures to ensure that such beneficial ownership information is gathered and reviewed during the due diligence process.

Crypto Currencies: 5AMLD extends AML requirements to all entities involved in exchange services between virtual currencies and cash, including those providing custodian wallets, tax related services and traders in works of art.

Action: Virtual currency exchange platforms will now need to adopt the regulatory framework set out under 5AMLD. Such entities must have policies and procedures in place to ensure effective client identification & verification, client due diligence standards, transaction monitoring and suspicious activity reporting.

Pre-paid Cards: 5AMLD requires that financial institutions identify the owners of pre-paid cards valued at 150 Euros or above.

Action: Asses the ability to detect pre-paid card transactions and prevent those transactions linked to a pre-paid card for which the owner is unidentified or considered to be high risk.

Improved cooperation with the ECB: Under 5AMLD member states should implement centralised bank account registers to enable the identification of bank and payment account holders. Financial Investigation Units (FIUs) can request information from all in-scope entities in relation to specific bank accounts.

Action: Ensure that your teams are adequately trained both in the new requirements and in data privacy law to ensure they can respond accurately and confidently, without risk of confidentiality breaches.

High risk country assessment: All in-scope entities should adopt the revised EU list of high-risk countries. Further detail can be found here.

Action: Review all KYC and risk rating processes and systems to ensure they accommodate any additional high risk (Enhanced due diligence) checks that may be required.

Preparing for the Sixth Anti-Money Laundering Directive (6AMLD)

Only six months after 5AMLD, the EU extended the scope of AML legislation with the introduction of the Sixth Anti-Money Laundering Directive. The main focus of this iteration was to enhance and expand the list of predicate criminalised offences (those crimes which are committed as a component of a more serious criminal act) and generally increase the penalties for money laundering.

This directive came into force in European legislation with all EU countries required to transcribe the directive into their own legislation by the 3rd December 2020. Critically, the UK has opted out of 6AMLD but for all entities operating across Europe, alignment with the directive will still be an essential compliance requirement for 2021.

Understanding the differences in the 6AMLD

The key changes under 6AMLD include:

• Predicate Money Laundering Offences, Article 3 of 6AMLD bring a significant number of new offences within the scope of criminal punishment.
• Aiding and abetting, inciting and attempting, under Article 3 such actions will now be considered a criminal offence.
• Penalties for natural persons, under Article 5 the penalties associated with predicate offences will carry a term of c.4 years imprisonment, with additional sanctions against natural persons who have committed the offence.
• Jurisdiction, Article 10 requires members states to work together to prosecute cases in which crimes are committed across jurisdictions, i.e. in separate member states.

The main requirement for compliance is to ensure that all in-scope entities and their staff are aware of the new predicate offences, know how to identify them using the available tools and how to act upon suspicious activity in an effective and timely manner.

The expansion and potential severity of the compliance regime introduced under 6AMLD, suggests that now would be a good time to review policy, procedure and processes – especially around screening and monitoring for compliance. Given recent enforcement action at Swedbank, it may be wise to review the volumes of all high risk transaction flows.

Waiting is not an option

While 2020 was a unique and challenging year, money launders will not relent in their efforts to exploit the financial system. It is imperative that the financial services community continues to enhance and develop their ability to detect and prevent money laundering and terrorist financing.

This year it will be essential that all financial institutions focus on accelerating any delayed implementations to ensure processes, systems and most importantly team members are able to demonstrate accurate management of risk, prevention of illegal activity and the ability to respond to regulatory requests. Together these efforts will help to safeguard both the stability and security of the banking system and of our society in general.