On 5 February 2020, the European supervisory authority (European Banking Authority “EBA”) published a new consultation paper on the revised anti-money laundering and terrorism financing risk factor guidelines. Stephanie Wagner and Peter Frey already took a look at the role of the EBA in their post entitled “The EBA calling the shots in the future in the area of anti-money laundering”. With this post, we now aim to provide you with an overview of the EBA’s new consultation paper. In particular, we will look in detail at the aim and the main content of the paper.
The aim of the consultation paper
Since the publication of the Guidelines on Risk Factors (JC 2017 37) by the three European financial supervisory authorities (European Supervisory Authorities – “ESAs”) in June 2017, the framework under European law has changed and at the same time, new risks have come into focus.
On 9 July 2018, the 5th Anti-Money Laundering Directive (Directive (EU) 2018/843 – “AMLD5”) came into force. The AMLD5 amends the 4th Anti-Money Laundering Directive (Directive (EU) 2015/849 – “AMLD4”) and introduces a set of new rules, particularly regarding the enhanced due diligence measures to verify the identity of customers with a connection to high-risk third countries. Additionally, competent authorities across the entire EU continue to have their concerns about the identification and evaluation of risks that exist business-wide as well as in respect to individual business relationships and the application of customer due diligence measures. In light of theseconcerns, the EBA has updated its Guidelines. However, in its rationale it also emphasises that there are no changes to the key principles. In order to ensure an effective deterrent and the discovery of money laundering and terrorism financing, the Guidelines are intended to be updated or expanded, where applicable, with respect to the following aspects:
- the business-wide and individual risk evaluation regarding money laundering and terrorism financing;
- the customer due diligence measures, including the rules on beneficial owners;
- the risk factors relating to terrorism financing;
- additional guidelines regarding new risks, e.g. with respect to the use of innovative solutions to fulfil customer due diligence measures.
Content of the consultation paper
The 149-page consultation paper is divided into three parts.
Overview of the status quo
The first part of the consultation paper is intended to serve as an overview of the status quo. It includes background information and highlights the fact that an update of the EBA Guidelines has become necessary as a result of AMLD5 and the amendments connected therewith. This applies in particular to the rules on enhanced due diligence measuress to verify the customer’s identity and in connection with high-risk third countries.
The first part of the consultation paper also contains the rationale for the amendments and additions. The rationale includes a list of the amendment proposals as well as a list of 20 questions relating thereto that are directed at interested parties. Every question includes an inquiry as to whether there are any comments on the respective amendment proposals. This shows that the questions have been phrased as openly as possible. The list of amendment proposals and therefore also the questions follow the structure of the “new” Guidelines. These have been divided into an introduction (“Subject matter, scope and definitions”), a first part (“Title 1: General Guidelines”) as well as a second part (“Title 2: Sector specific Guidelines”). Question 1 relates to the introduction, questions 2 to 7 to Title 1 and questions 8 to 20 to Title 2.
Draft of the updated Guidelines
The following two parts of the consultation paper contain the key content: the draft of the updated Guidelines.
In the introduction to the “new” Guidelines (“Subject matter, scope and definitions”), a new definition is added, among other things: “risk appetite” is added as a defined term and described as the level of risk a company is willing to accept. The term “risk appetite” is included in other parts of the draft, among others in connection with the business-wide risk assessment as well as customer due diligence measures that apply to all companies. In accordance with this, every company is asked to determine its own risk appetite and apply this as a benchmark for the business-wide risk assessment.
Title 1 of the Guidelines – General Part
The first part of the Guidelines serves as a general part which, mathematically speaking, has been placed “before the brackets”. This means it applies to all of the more specific rules which are included in subsequent parts of the Guidelines and therefore to all companies. It contains, for example, rules on customer-related and country-specific risk factors and the measures that need to be adopted in relation thereto. By way of example, the geographical risks were extended so that when identifying this specific risk, companies now also need to consider those countries and geographical areas in which their business partner or the relevant beneficial owner has a financial or legal interest.
Title 2 of the Guidelines – Sector-specific Guidelines
Title 2 of the Guidelines supplements the Guidelines contained in Title 1 and they need to be read in conjunction. Title 2 contains sector-specific Guidelines. They are only directed at specified addressees. Below, we will highlight some of the sectors mentioned and provide some examples of the planned amendments:
- Correspondent banks
Pursuant to the “new” Guidelines, correspondent banks need to consider a further factor for a potentially higher customer-related risk. This factor applies where a customer does not provide sufficient information in the context of the customer-related due diligence obligations measures or with respect to the payer or payee.
- Retail banks
The Guidelines contain new requirements for retail banks that apply where a retail bank enters into a business relationship with a customer offering services relating to virtual currencies. Pursuant to these new rules, the bank needs to consider the money laundering and terrorism financing risks connected with virtual currencies as part of its risk evaluation.
- e-money issuers
For e-money issuers, certain monitoring systems have been added, among other things, that companies are obliged to introduce. This includes, for example, systems to monitor transactions that are capable of detecting unusual or suspect behavioural patterns.
- Money remittance business
The factors for a potentially higher customer-related risk have been extended for money remittance business providers. Such a factor exists, among others, where a customer submits inconsistent information to the company.
- Wealth management
The requirements regarding enhanced customer due diligence measures with respect to high-risk third countries were changed for wealth managers.
Further sectors mentioned in Title 2 of the Guidelines include regulated crowdfunding platforms, payment initiation and account information services as well as life insurance companies.
With the publication of the consultation paper, the EBA has placed the ball in the court of the interested parties. They have until the beginning of July 2020 to submit their comments. Comments can relate to the amendment proposals; the EBA additionally invites interested parties to answer the 20 questions listed in the part of the consultation paper containing the rationale. Comments can be submitted on the EBA’s relevant website via the “send your comments” button. It is also advisable to indicate whether you would like your comments to be published.
After the EBA has viewed all the submitted comments, it will finalise the Guidelines and then publish them. The new Guidelines will then repeal the current Guidelines.
We will publish further articles in this series in the coming weeks. Stay tuned.
Cover picture: Copyright © Adobe Stock / VectorMine