5MLD: How the new regulations affect your compliance processes, and what you ought to consider
We’re just weeks away from the 5th Anti-Money Laundering Directive (5MLD) being implemented into national law on 10 January 2020.
But what do you need to do to prepare?
To help demystify some complexity, I build on an earlier blog about the implications and requirements of 5MLD. Below I examine (in the simplest possible detail) six big changes 5MLD introduces. I also explain the actions you can consider to improve your compliance programme.
While 5MLD may seem like yet another burden, today’s terrorist and criminal organisations are incredibly sophisticated. It is essential we all keep improving our processes and approaches to fight money laundering and terrorist financing.
With 5MLD we will be better equipped to shut down loopholes and use best intelligence available to pre-empt and prevent illicit money flows.
Key changes 5MLD introduces
1. 5MLD requires more sectors to comply
5MLD classes more sectors as ‘obliged entities’ than ever. Sectors that must now comply with the directive include virtual assets such as cryptocurrencies, virtual asset service providers such as digital wallets, and high value art traders.
(In my next blog, I look at crypto in more depth. So, keep a look out for that.)
Implications
All those under the realm of 5MLD need to implement AML and counter terrorist financing controls.
What next
- Develop and implement policies and procedures based on your business risk appetite to reduce money laundering and terrorist financing risks.
- Implement full anti-money laundering controls.
- For cryptoasset businesses in the UK, visit the FCA’s page to understand what this entails.
2. 5MLD limits the options for prepaid card holders
The terrorist attacks that happened in Brussels and Paris were financed using anonymous prepaid cards. This made it difficult for law enforcement agencies to track their financing operations. 5MLD puts an end to this faceless terrorist tactic by addressing prepaid card anonymity.
Implications
- Prepaid card issuers will need to identify card holders, and conduct due diligence for any prepaid card that has a value of €150 or more. If the card is purchased remotely, the maximum value permitted without these checks is just €50.
- Using anonymous prepaid cards that were issued in non-EU member states may also not be permitted unless that state’s money laundering legislation is considered to be equal to that of
the EU.
What next
- Determine if your systems, resources and processes will be able to cope with performing checks in line with the new thresholds.
- Adjust due diligence processes based on your business risk appetite and new requirements
3. 5MLD makes enhanced due diligence mandatory where transactions involve high risk jurisdictions
Money laundering controls are only as strong as the weakest link. 5MLD aims to reduce the risk of illicit money flowing into the European Union. It therefore mandates that all obliged entities implement enhanced due diligence (EDD) measures when the transaction involves high risk third countries. These countries are those identified by the EU and FATF and having weaknesses in their AML controls.
Implications
- The controls now include transactional activity: when the business relationship transaction involves a high risk third country, you must be prepared to conduct EDD checks in local languages. Checks should cover the customer, beneficial owners, source of funds and reasons for the transaction.
What next
- Screening clients and screening transactions will demonstrate EDD.
- It’s also important to monitor customers on an ongoing basis. This will enable you to flag risks at the earliest possible time and reduce potential risk exposure.
4. 5MLD improves the identification of politically exposed persons (PEPs)
PEPs are a high risk category requiring EDD measures. Under 5MLD, each member state will have to issue a list setting out the “prominent public functions” (e.g. government ministers, judges etc) according to its national laws and regulations. This is in addition to equivalent lists from the European Commission.
Implications
- Many PEP definitions and screening lists are likely to change. This will affect the data you screen, if you screen, adding to the number of lists, and therefore adding to workloads.
What next
- Work with a top quality data provider to ensure the PEP screening lists you use are complete, accurate and up-to-date.
- Prepare for the fact that when you add or change screening lists, you will encounter an increased number of false positives. This is very disruptive and costly to process. Using software to reduce false positives will enable you to screen new data quickly and efficiently
5. 5MLD heightens the importance and transparency of beneficial ownership registers
A beneficial owner is a person who ultimately owns/controls/is entitled to more than 25% of shares/voting rights. While ultimate beneficial owners having a significant impact on third party risk, only 29% of companies screen for them. 5MLD heightens the importance of beneficial ownership registers by clarifying their requirements and timing.
Implications
- Corporates, all trusts and other legal entities need to obtain and hold information on their beneficial ownership, and register this information with a central national register. To increase transparency, the register will now also be publicly available to those with a legitimate interest.
What next
- Ensure beneficial ownership information is complete, up-to-date, accurate and compliant.
- 5MLD heightens the importance of screening for beneficial ownership. Ignorance isn’t an option anymore. With exponentially increasing volumes of data to process, it’s even more important to have an efficient and effective screening system in place.
6. 5MLD gives Financial Intelligence Units greater power
5MLD gives Financial Intelligence Units the authority to request payment transaction registers and electronic data at any time, from any obliged entity.
Implications
- You’ll need to have the right processes and controls in place to collect, store and make customer account data available on demand.
What next
- To be able to handle these information requests, resources may need to be trained on the applicable data privacy laws, use of beneficial ownership and bank account data in the central registers, as well as new processes to provide information to FIUs.
It’s time to commit to regulatory compliance
The key message to take from these changes is that the regulatory landscape for businesses at risk of being involved in money laundering or terrorist financing is changing on an increasingly rapid basis.
The compliance bar is ever rising. An unprecedented level of data now needs to be professionally organised, processed, monitored and controlled. Those with cobbled together compliance systems simply won’t be able to cope under the new requirements of 5MLD. The time is now to step up and commit to regulatory compliance.
Achieve 5MLD compliance with Napier
Napier is a new breed of AML and trade compliance tech provider. Our Intelligent Compliance Platform is transforming compliance from legal obligation to competitive edge.
We provide easy to integrate end-to-end compliance solutions powered by AI and the latest data management technology.
All Napier products are built on our ICP third generation compliance platform. The platform, which can be delivered via public cloud, private cloud or on premise, is powered by four key proprietary technologies. Together these offer the world’s first truly intelligent compliance platform.
See it for yourself: book a demo today.
.png)
