In July 2021, the EU presented a package (the Package) of legislative proposals to strengthen the EU’s Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) rules. The package consists of four legislative proposals:
A Regulation establishing an EU AML/CFT Authority (AMLAR) - AMLA;
A new Regulation on AML/CFT (AMLR / the Regulation);
A sixth Directive on AML/CFT (AMLD6); and
A recast of the 2015 Regulation on Transfers of Funds (Regulation 2015/847/EU)
As of 24 April 2024, the final elements of the Package of legislative proposals were agreed upon by co-legislators (with the creation of AMLA also being tackled), and the Package was adopted by the European Parliament. Moreover, the EU Council formally adopted the Package on 30 May 2024, with the next step being the publication of the texts in the Official Journal of the EU and subsequent entry into force.
Subject Persons should take note of the following key elements emanating from the Package and consider any possible impact on their operations:
One of the elements the new AMLR covers is outsourcing. The following are some of the key points on this subject:
The AMLR aims to ensure the harmonisation of rules across the internal market, such as through the clarification of requirements in relation to internal policies, controls and procedures, including in the case of groups. The following are some of the key elements included in the Regulation:
By virtue of the Package, all rules currently enshrined within Directive (EU) 2015/849 pertaining to the private sector are being transferred to the AMLR.
The AMLR serves to include a variety of new sectors within the already-existing definition of “obliged entities” or Subject Persons as per the local legal framework. This will now include, amongst others, professional football clubs and their agents, individuals involved in the trade of luxurious products, as well as crypto-asset service providers. One of the key elements of the AMLR is the clarification of the reporting requirements to be followed by obliged entities.
To this end, a €10,000 cash payment threshold is being set, whilst the AMLR will also require these entities to identify and verify the identity of any natural person carrying out transactions constituting over €3,000 in cash. Moreover, the AMLR also clarifies that these thresholds do not preclude obliged entities from conducting all necessary CDD measures and reporting the same to the relevant Financial Intelligence Unit (“FIU”) should any suspicions of ML/TF subsist.
Subject Persons must now also report any and all suspicious transactions, including those resulting from an inability to conduct CDD, either of their own accord or following a request for information from the relevant FIU. In such instances, replies to requests for information made by the FIU are to be made within five days, whilst in certain urgent instances, the FIU enjoys the discretion to shorten the above-mentioned time frame to less than 24 hours, should necessity dictate as such.
Two years following the entry into force of the AMLR, it is expected that AMLA will draft implementing technical standards regarding the format to be utilised for reporting purposes in the above-mentioned scenarios, to be submitted to the European Commission for its consideration and eventual adoption.
It is important to note that these requirements do not apply to lawyers, notaries, other independent legal professionals, auditors, external accountants, and tax advisors.
The Package also sees the establishment of AMLA. This new Authority will be set up in Frankfurt, Germany and will primarily serve a direct supervisory function to 40 high-risk financial entities operating on a cross-border basis, whilst also indirectly supervising other entities, irrespective of whether or not they form part of the financial sector.
AMLA will also be heavily involved in the coordination of FIUs’ activities, in terms of the facilitation of communication and information exchange between respective units, contributing to the analysis of cross-border cases, as well as maintaining the FIU.net information database. Moreover, AMLA is also expected to draft regulatory and implementing technical standards and issue its own sets of guidelines, to be considered together with existing EU AML/CFT rules and legislation.