FINANCIAL SERVICES FLASH REPORT



Similar documents
Client Update Fourth Anti-Money Laundering Directive Comes Into Force

Policy on Prevention of Money Laundering and Terrorist Financing ABH Holding S.A.

The proposed Fourth Money Laundering Directive

FINANCIAL SERVICES FLASH REPORT

Managing Regulatory Compliance and AML Risk in a Virtual Currency World

The Wolfsberg Group Anti-Money Laundering Questionnaire. Financial Institution Name. 8 Canada Square, London E14 5HQ

Public Consultation on Member State discretions

Wolfsberg Anti-Money Laundering Principles for Correspondent Banking

Anti-Money Laundering and Counter- Terrorism Financial Policy

Insurance Europe Position Paper on the proposal for the fourth AML Directive. Our reference: LIF-AML Date: 14 May 2013

INTERNATIONAL CORRESPONDENT BANKS. Knowing Your Customer (KYC) Anti-Money Laundering Prevention of Terrorist Financing

Appendix E: Know Your Client DUE DILIGENCE QUESTIONNAIRE

NOTICE TO BANKS MONETARY AUTHORITY OF SINGAPORE ACT, CAP. 186 PREVENTION OF MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM - BANKS

Jersey MONEYVAL Report Summary

GROUP POLICY TO COMBAT MONEY LAUNDERING AND TERRORIST FINANCING. Anti-Money Laundering Policy

Customer Due Diligence/ Know Your Customer (CDD/ KYC) Policy

INTERNATIONAL CORRESPONDENT BANKING

Svenska Handelsbanken AB FI Ref through Chair of Board Service no. 1. Finansinspektionen's decision (to be issued on 19 May 2015 at 08.

FINANCIAL SERVICES FLASH REPORT

ANTI-MONEY LAUNDERING AND COUNTER-TERRORISM FINANCING (AML AND CTF) PROGRAM PART A

Report on Anti-Money Laundering/Countering the Financing of Terrorism and Financial Sanctions Compliance in the Life Insurance Sector in Ireland

In accordance with Article 14(5) of the Rules of Procedure of the Board of Supervisors, 2 the Board of Supervisors has adopted this Opinion.

PREVENTION OF MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM - BANKS

CAIXA GERAL DE DEPÓSITOS, SA

Anti Money Laundering. Cork. Fergus Bradley November 2011

The 2006 FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual:

SUBSIDIARY LEGISLATION PREVENTION OF MONEY LAUNDERING AND FUNDING OF TERRORISM REGULATIONS

Anti-money laundering guidance for trust or company service providers

Basel Committee on Banking Supervision. Consolidated KYC Risk Management

Option Table - Directive on Statutory Audits of Annual and Consolidated Accounts

INTERNATIONAL STANDARDS ON COMBATING MONEY LAUNDERING AND THE FINANCING OF TERRORISM & PROLIFERATION. The FATF Recommendations

(Unofficial translation by the Financial and Capital Market Commission)

ANTI-MONEY LANDERING & COUNTER TERRORISM FINANCING POLICY

Application for Status as a Registered Bank:

ING DIRECT Customer Identification Procedures for Brokers

Federal Act on Combating Money Laundering and Terrorist Financing in the Financial Sector 1

G20 High-Level Principles on Beneficial Ownership Transparency

Settlement Agreement between the Central Bank and Western Union Payment Services

REGULATION FOR LIFE INSURANCE AND FAMILY TAKAFUL INSURANCE BUSINESSES ON PREVENTION OF MONEY LAUNDERING AND FINANCING OF TERRORISM

Non Financial Anti Money Laundering/Anti Terrorist Financing (AML/CFT) Regulations

Wolfsberg Statement Guidance on a Risk Based Approach for Managing Money Laundering Risks

DEVELOPING AN AML (ANTI-MONEY LAUNDERING) PROGRAM:

Banks management of high money-laundering risk situations

ANTI-MONEY LAUNDERING/ COUNTER TERRORISM FINANCING POLICY

How small banks manage money laundering and sanctions risk

Wolfsberg Statement Guidance on a Risk Based Approach for Managing Money Laundering Risks

(unofficial English translation)

Autoridade Bancária e de Pagamentos de Timor-Leste Banking and Payments Authority of Timor-Leste

Briefing Seminar on the New Guidelines on Anti-Money Laundering and Counter- Terrorist Financing (AML/CFT)

PROTIVITI FLASH REPORT

FINANCIAL INTELLIGENCE UNIT MINISTRY OF FINANCE AND THE ECONOMY

SENATE LEGAL AND CONSTITUTIONAL AFFAIRS COMMITTEE QUESTIONS ON NOTICE TO ATTORNEY-GENERAL S DEPARTMENT

Basel Committee on Banking Supervision

ANTI-MONEY LAUNDERING POLICY AND GUIDANCE NOTES

GUIDELINES for the analysis and assessment of money laundering and terrorist financing risks for credit institutions and credit unions

Financial services firms approach to UK financial sanctions. Financial Services Authority

FSA reports on how banks deal with high-risk customers, correspondent banking relationships and wire transfers

THE FORTY RECOMMENDATIONS OF THE FINANCIAL ACTION TASK FORCE ON MONEY LAUNDERING

Text of the Recommendation and Interpretative Notes

Wolfsberg Statement Anti-Money Laundering Guidance for Mutual Funds and Other Pooled Investment Vehicles

INTEGRITY DUE DILIGENCE GUIDELINES FOR LENDING TRANSACTIONS

PROTIVITI FLASH REPORT

HIGH-RISK COUNTRIES IN AML MONITORING

STEPTOE & JOHNSON LLP

Appendix 1. In this appendix as all the text is new it is not underlined or struck through in the usual manner.

Guideline on Anti-Money Laundering and Counter- Terrorist Financing. (For Authorized Institutions)

EUROPEAN CENTRAL BANK

HELM TRUST COMPANY LIMITED COMPANY MANAGEMENT APPLICATION FORM

FATF 40 Recommendations

FINAL NOTICE. (1) imposes on Bank of Beirut (UK) Ltd ( Bank of Beirut ) a financial penalty of 2,100,000; and

Background. FIN-2010-G001 Issued: March 5, 2010 Subject: Guidance on Obtaining and Retaining Beneficial Ownership Information

Know Your Customer (KYC), Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)

Enhancing transparency of beneficial ownership information of foreign companies undertaking certain economic activities in the UK

Ultimate Beneficial Ownership An AML-CTF Challenge: Approaches, Issues, and Challenges

UNDERSTANDING MONEY LAUNDERING

Guideline on Anti-Money Laundering and Counter- Terrorist Financing

Wolfsberg Frequently Asked Questions ( FAQs ) on Politically Exposed Persons ( PEPs )

Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Guide for small financial adviser businesses

2: Credit cards, etc. Overview of the sector

Implementation of the new FATF Recommendations in Switzerland

Report on Anti-Money Laundering/Countering the Financing of Terrorism and Financial Sanctions Compliance in the Irish Banking Sector

Financial crime: a guide for firms Part 1: A firm s guide to preventing financial crime

BOARD APPROVED TEXT APRIL 2012

BRAZIL BENEFICIAL OWNERSHIP TRANSPARENCY

Annex 1: Detailed outline

CORRUPTION. A Reference Guide and Information Note. to support the fight against Corruption. Safeguarding public sector integrity

Basel Committee on Banking Supervision. Sharing of financial records between jurisdictions in connection with the fight against terrorist financing

MPS GROUP GLOBAL ANTI-MONEY LAUNDERING POLICY

INSURANCE COMPANIES CONTROL SERVICE

Money laundering: the prevention of money laundering and combating the financing of terrorism Guidance for remote and non-remote casinos Second

Aegon Global Compliance

Transcription:

FINANCIAL SERVICES FLASH REPORT The Fourth European Union Anti-Money Laundering Directive July 2015 The Fourth European Union (EU) Anti-Money Laundering Directive (Fourth Directive) was approved by the European Council on February 10, 2015, and by the European Parliament on May 20, 2015. The Fourth Directive was published in the official European Commission Journal on June 8, 2015, succeeding the Third EU Anti-Money Laundering Directive (Third Directive) ratified in 2005. Member States are required to incorporate the Fourth Directive into national laws by June 26, 2017, while financial institutions, accountants, tax advisers, lawyers, trust providers and estate/letting agents with whom the trustees form a business relationship (socalled Obliged Entities formerly known as Designated Persons ) must comply with these laws starting June 26, 2017. The purpose of the Fourth Directive is to strengthen the EU rules against money laundering while aligning the international approach with the adoption of recommendations by the Financial Action Task Force (FATF), an inter-governmental body, which are broadly considered to be the global standards for combating money laundering and terrorist financing. The core areas of the Fourth Directive remain in line with the Third Directive but there have been key updates in six components of the new Directive: 1. Risk Based Approach 2. Beneficial Ownership 3. Politically Exposed Persons (PEPs) 4. Policies and Procedures 5. Penalties 6. Cash Payments This Flash Report summarizes the changes made to each of these categories, and provides brief guidance to the industry on how to approach each change. What Are the and What Should Financial Institutions Do? 1. Risk Based Approach Risk Assessments The Fourth Directive comprises a new requirement for EU Member States to complete risk assessments at the national level. The results of these risk assessments will be made available to Obliged Entities and other Member States to identify, understand, manage and mitigate

their risks. Furthermore, the European Commission will conduct an assessment of the risks of money laundering and terrorist financing at a supra-national level for distribution to the Member States at least every two years in a bid to better identify cross-border threats, which may not be identified by individual Member States. Simplified Due Diligence (SDD) The Fourth Directive has removed the automatic entitlement to apply SDD for specified customers and products. This is a change from current procedures, where Obliged Entities are permitted to apply SDD where a customer falls into a certain category (e.g. a financial institution listed on a regulated market). The Fourth Directive now requires Obliged Entities to determine the level of risk posed by a customer prior to applying SDD, and will subsequently be required to provide robust rationale and justification if SDD is deemed appropriate. Record Keeping The Fourth Directive outlines updated record keeping requirements in relation to Customer Due Diligence (CDD). The retention policy to keep a copy of documents five years after the end of the business relationship remains; however, the Fourth Directive outlines newly-adopted requirements upon expiry of the retention period. Specifically, personal data (defined within Directive 95/46/EC, or the Data Protection Directive, to include any information relating to an identified or identifiable natural person) should be deleted unless provided for by national law, while further retention will only be granted if necessary for prevention, detection or investigation of money laundering and terrorist financing. It is important to note that the maximum retention period will not exceed ten years from the end of the business relationship. This update is important in aligning CDD requirements with data protection policies and procedures. Risk Assessments The results of the risk assessments at the national and EU level should be utilized by Obliged Entities and incorporated into their own risk assessments (e.g. Geographic Risk Assessments) to improve AML/CTF controls in their own institutions. SDD Organizations will now need to provide full justification to the regulators for applying SDD to particular customers. Institutions should evaluate their risk assessment methodologies currently in place from a qualitative and quantitative perspective, as further narrative rationale may be required in order to justify the risk associated with specific customers, products and jurisdictions within the organization. Organizations should use the results of risk assessments to determine clear distinctions among the different levels of due diligence applicable to particular customers and the varying risk levels associated to ultimately identify lower risk customers to which SDD could be applied. Institutions should also perform impact assessments to see how this may affect CDD and transaction monitoring. For example, in the past it was acceptable for Obliged Entities to apply SDD automatically to respondents that were publicly listed and well-known global institutions. That is no longer the case with the Fourth Directive. Obliged Entities will need to justify why some of their respondents require less due diligence than others. Record Keeping Entities must ensure they adhere to the record keeping policies in order to avoid penalties and regulatory violations, particularly with regard to protection of personal data. Policies and procedures may need to be updated and redistributed in order for employees to be made aware of the necessary requirements. Clearly articulated policies and procedures will be needed on when and how it is acceptable to destroy documentation. Institutions should consider any third-party vendors who help store records, and review the terms and conditions of their contracts to ensure they are in line with the new requirements. Protiviti 2

2. Beneficial Ownership As a result of the Fourth Directive making tax evasion a predicate offense to money laundering, the Fourth Directive also proposes enhanced clarity and transparency of beneficial ownership information whilst bringing about a number of fundamental changes to UK company law. Obliged Entities will still be required to identify parties and conduct CDD in respect of any beneficial owner that controls more than 25% of the shares or voting rights of a business. In addition, there will be more stringent requirements for maintaining records to evidence beneficial ownership, alongside new laws abolishing the current practice of corporations acting as directors. The Fourth Directive further requires that ultimate beneficial owners of companies and other legal entities, including foundations and legal arrangements similar to trusts, be listed on central registers which will be accessible by persons including Obliged Entities and competent authorities. Beneficial ownership information will need to be available to Obliged Entities carrying out their AML/Counter Terrorist Financing (CTF) due diligence and to law enforcement agencies. For cases where no ultimate owner can be identified, a senior manager will be deemed sufficient to meet identification requirements. Furthermore, entities incorporated within Member States will be required to take reasonable steps in identifying individuals they know, or suspect to, hold significant control of entities (25 percent or more). This will require additional due diligence from entities to screen, identify and maintain a register of individuals with significant control of the entity and report to the relevant parties in order to avoid penalties and criminal conviction. Per the emphasis on transparency within the Fourth Directive, Member States will be required to prohibit companies from issuing bearer shares. Current bearer shareholders will be permitted a ninemonth period in which to surrender their shares in exchange for registered shares. Corporate and other legal entities incorporated within Member States will need to ensure their current information on beneficial owners is adequate, accurate and up-to-date. Data protection and sensitivity will need to be considered with caution when disclosing information on public registers. Obliged Entities should consider the potential impact of the public registers of beneficial owners. For instance, how this information will be incorporated into the customer risk rating tools, how increases in risk may affect downstream operations (e.g., CDD, EDD, transaction monitoring), and whether this will lead to any potential de-risking necessities for those customers that will now fall outside the risk appetite of the financial institution. 3. PEPs The Fourth Directive broadens the definition of PEPs while also clarifying the requirements for carrying out enhanced due diligence (EDD) on these persons. PEPs will now encompass persons entrusted with a prominent public position domestically (e.g. heads of state, members of government, judges etc.) as well as domestic PEPs who work for international organizations. Moreover, a Domestic PEP will be specifically defined as a prominent public individual within the EU, whereas a Foreign PEP will strictly refer to those prominent individuals from outside the EU. In addition, where a PEP is no longer entrusted with a prominent public function by a Member State or a third country, or with a prominent function by an international organization, Obliged Entities must consider the continuing risk posed by that individual for at least 12 months, and until it is deemed that the person does not pose further risk specific to politically exposed persons. Protiviti 3

The extended scope and definition of PEPs will require businesses to review their risk appetite statement, and update systems and controls to ensure they can identify domestic and foreign PEPs, as well as apply the appropriate level of due diligence, or enhanced due diligence, necessary. Policies and procedures will also need to be amended in order for employees to understand the new EDD requirements and adhere to the enhanced measures set out in the Fourth Directive. Obliged Entities will also need to consider whether they need to apply a different level of risk for domestic PEPs as defined by the EU (e.g. domestic to the EU) vs. PEPs that are domestic to the Member State in which the Obliged Entity is domiciled. In considering the continued risk posed by a PEP no longer entrusted with a prominent public function, Obliged Entities should apply appropriate risk-sensitive measures and caution (such as conducting enhanced and ongoing monitoring of business relationships, and establishing the source of wealth and funds involved in transactions of these persons) for at least 12 months from the initial date the PEP is deemed no longer entrusted. 4. Policies and Procedures The Fourth Directive more clearly defines the need for policies and procedures to ultimately mitigate AML/CTF risks at the EU, national and business level. The Fourth Directive introduces new requirements for entities to include data protection policies within AML/CTF policies and procedures for customer information sharing, with the primary objective to strengthen controls while maintaining the protection of data. Alongside this, the Fourth Directive will require Obliged Entities with branches or majority owned subsidiaries outside the EU where AML/CTF legislation may be deemed deficient to implement AML requirements of the regulated entity s home Member State, in order to implement more consistent adherence to policies and procedures both within and outside the EU. Obliged Entities should reassess current policies and procedures to identify any updates that may be required, particularly with regard to SDD/EDD, Beneficial Ownership, and PEPs (both domestic and foreign). Additionally, entities should consider drafting a risk appetite statement to outline their approach to the updated definition of domestic PEPs. It is important to note that entities will be required to obtain senior management approval for the policies and procedures, and in turn senior management will be required to monitor and improve the measures taken. It is particularly important for Obliged Entities, which have responsibilities that extend beyond the EU, to consider these stringent requirements of the Directive toward policies and procedures, especially where other jurisdictions have less stringent requirements. 5. Penalties Minimum penalties are set out in the Fourth Directive that apply to breaches by Obliged Entities, which are serious, repeated, and/or systematic in the areas of customer due diligence, suspicious transactions reporting, record keeping and internal controls. Administrative penalties for breaches by natural or legal persons include public reprimand, cease and desist from conduct, suspension of authorization, temporary ban from managerial functions and maximum pecuniary sanctions of at least twice the amount of the benefit derived from the breach, or at least EUR 1 million. For breaches concerning a credit institution or financial institution, the maximum pecuniary penalties for a legal Protiviti 4

person are at least EUR 5 million or 10 percent of the total annual turnover, and at least EUR 5 million for a natural person. This is a change from the Third Directive where minimum penalties were not defined. The Third Directive required Member States to ensure that appropriate administrative measures or penalties could be imposed on credit and financial institutions that would be effective, proportionate and dissuasive. Obliged Entities should ensure awareness of the sanctions set forth in the Fourth Directive and promote compliance with all AML/CTF obligations in order to avoid reputational damage and administrative and financial sanctions. 6. Cash Payments The scope of the provisional Fourth Directive will now include traders in goods that make or receive cash payments of EUR 10,000 or more, either in a single operation or in several transactions that appear to be linked. The Fourth Directive now requires traders to conduct customer due diligence for transactions of EUR 10,000 or more. This threshold has been lowered from EUR 15,000 or more in the Third Directive. As due diligence thresholds have been lowered for cash payments, institutions should review their policies and procedures for accepting and monitoring cash payments to ensure they incorporate and comply with the updated guidance. Summary The Fourth European Union Anti-Money Laundering Directive is intended to update and improve the EU's AML and CTF laws. While Member States have two years to adopt the Fourth Directive s amendments into national legislation, financial institutions can assess and update their AML frameworks in preparation for the implementation of the new legal and regulatory requirements. Although changes in the Fourth Directive are less significant than some might have expected, financial institutions are encouraged to review their existing policies, procedures and practices against the updated text and make any necessary changes in a timely manner to avoid regulatory criticism. Protiviti 5

About Protiviti Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit, and has served more than 60 percent of Fortune 1000 and 35 percent of Fortune Global 500 companies. Protiviti and our independently owned Member Firms serve clients through a network of more than 70 locations in over 20 countries. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Named one of the 2015 Fortune 100 Best Companies to Work For, Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index. Contacts Bernadine Reese Managing Director +44.0207.024.7589 bernadine.reese@protiviti.co.uk Carol Beaumier Managing Director +1.212.603.8337 carol.beaumier@protiviti.com Luis Manuel Canelon Associate Director +44.0207.024.7509 luis.canelon@protiviti.co.uk Acknowledgments Thank you to the following Protiviti consulting professionals who contributed to this report: Helen Van Riel Erin Gavin 2015 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Vet. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information