In summer 2021, the European Commission presented an ambitious legislative package to improve the fight against money laundering (AML) and terrorist financing (CFT) (keyword “AML Package“). The package includes a proposal to establish a new European super-authority (AML Authority – AMLA for short), a proposal for a new AML Directive (AMLD6) to replace the existing Directive 2015/849/EU (AMLD4). In addition to the AMLD, an additional EU regulation (“Regulation on AML/CFT”) is intended to create a single set of rules for further harmonisation (see also the article “Money Laundering 3.0” in this blog).
The proposal for the new Directive No. 6 can hardly be compared to the previous Directive, which has already been revised twice (2018 and 2019), as many provisions have been moved to the Regulation and thus elude national implementation and, if necessary, adaptation. Some of the provisions have simply been quietly dropped, including Article 12 of the current AML Directive.
What does Art. 12 contain?
Art. 12 allows member states to waive certain customer due diligence requirements for e-money products that pose a low risk of money laundering and terrorist financing. This exemption allows the waiver of identification of the e-money holder if certain thresholds are met, such as the maximum storage amount of 150 euros, a 50-euro limit for cash redemption and for online payment transactions on the internet. However, the issuer is still obliged to monitor the transactions made with this anonymous e-money. The derogation is optional. Member states still have the possibility to prevent anonymous e-money payments on their territory.
Today’s Art. 12 is already a further limitation of the original 2015 AMLD4 derogation. Still under shock of the terrorist attacks in Paris (Nov. 2015) and Brussels (March 2016), the Commission had called for a tightening of the option in summer 2016, as anonymous prepaid “credit” cards were allegedly also used in the preparation of the attacks. In its proposal, the Commission even called for a ban on internet payments using anonymous e-money products. Due to protests by data protectionists, among others, who demanded a right to anonymous payment on the internet, at least for low amounts, an agreement was finally reached in 2018 on the maximum amount of 50 euros. The benefits of anonymous e-money are particularly evident in internet payments, as the existence of cash continues to provide a widespread substitute medium in the brick-and-mortar segment.
However, it is noteworthy that in the then trilogue process in 2017, the Council proposed as a compromise between the Commission (ban) and the European Parliament (no threshold) that the 50 euro limit be limited with a transition period of 3 years. During this period, new tech-savvy methods for smooth identity capture at the shop checkout or remotely should be developed. From the point of view of the European governments, the option of a limited possibility of anonymous payment on the internet was thus not a “fundamental rights” issue at the time, but rather a practical question of technical progress. I will come back to this point later. Unfortunately, the SPD’s initiative at the time to establish a civil right “to anonymous digital payment” did not lead to a social discussion.
Puzzling deletion without justification
Now the already severely limited option of anonymous e-money under Art. 12 in the Commission’s proposals (Directive and Regulation) has simply been deleted without replacement. The deletion is done without references and without justification. Other important changes, such as the inclusion of crypto trading and crowdfunding and the introduction of a limit for cash payments (10,000 euros) are discussed in detail. The Commission is silent on the abolition of anonymous e-money in the recitals, but also in all accompanying documents, such as Q & A, press release, etc. Even in the detailed analysis of the impact assessment of the measures (“Impact Assessment” of 20 July 2021) there is no analysis of the consequences of this measure, which would have been necessary at least at this point.
There is only one reference in the Impact Assessment. As part of the consultation in the run-up to the new AML package, a high-level meeting was organised on 30 September 2020, attended by representatives of national and EU authorities, MEPs, representatives of the private sector and academics. According to the Commission’s impact assessment analysis, two high-level prosecutors addressed in their keynote presentations the current main threats to AML and CFT: “uncapped cash payments, crowdfunding, crypto currencies and prepaid cards” (p. 67 – underlining by author). The lectures can still be accessed today. Of the two prosecutors, however, only the French general prosecutor François Molins raised the issue of prepaid cards in a half-sentence with reference to the terrorist attacks at the time. Since then, however, the option of anonymous prepaid cards has already been considerably restricted by lowering the thresholds. However, it refrains from mentioning that prepaid cards continue to be used for terrorist financing today. The statement of the analysis quoted above is therefore not correct!
Was it a glitch?
One might think that the deletion was accidental and unintentional on the part of the Commission. The fact that Art. 12 has not completely disappeared speaks against this. The article contains in paragraph 3 the rule that acquirers may not accept payments with anonymous prepaid cards from third countries unless the non-European cards meet the same criteria and thresholds that apply in the EU. This requirement was taken over in a modified form in Art. 58 (2) of the Regulation:
“Credit institutions and financial institutions acting as acquirers shall not accept payments carried out with anonymous prepaid cards issued in third countries, unless otherwise provided in the regulatory technical standards adopted by the Commission in accordance with Article 22 on the basis of a proven low risk.”
Art. 22 regulates the creation of technical standards for customer due diligence by the new authority AMLA, which must be available for approval by the Commission up to 2 years after the Regulation enters into force. It is thus conceivable that AMLA will propose simplified due diligence requirements for non-European and European prepaid cards and other e-money products with low-risk for AML and CFT that still allow anonymous use in the medium term. The passage shows that the abolition of the current exemption for e-money is not an oversight.
What strategy is the Commission pursuing?
In my view, the Commission’s furtive approach is – to say the least – not a prime example of a transparent democratic process. Why is the Commission avoiding a debate? One can puzzle over the reasons. Perhaps it hopes that none of those affected will notice the abolition. Or are they waiting to see if any resistance will form?
Due to this lack of transparency, this possible strategy has largely worked so far. Talks with affected e-money issuers, but also with EU parliamentarians, show that the abolition of the exemption has gone largely unnoticed in the EU. So far, only the Prepaid Association Germany (PVD) has publicly criticised the intended abolition in a statement issued in November 2021.
Which products are affected?
Now the question arises which e-money products are affected today. As far as can be seen, only a few member states still have issuers of prepaid “credit” cards with brands from the international card organisations that make use of the option. Hard or even soft facts that these cards, which are subject to the respective restrictions of Art. 12 when used anonymously, are used for money laundering and terrorist financing are missing. These e-money products have been in the Commission’s sights so far.
In addition to the e-money product Paysafecard, the abolition also affects – presumably unintentionally – some gift and voucher cards (gift cards). Depending on their design, possible uses and national regulation, gift cards are often classified as e-money in the EU for supervisory purposes. As a rule, closed-loop gift cards (issuer is identical to the acceptance point) are not e-money. If this strict two-sidedness is not given, there is the possibility of claiming the Limited Network Exclusion (LNE according to Art. 3(k) of PSD2), whereby these cards also do not fall under e-money regulation. However, depending on how the LNE criteria are determined by the competent supervisory authority in a Member State, gift cards are also classified as e-money. Issuers are traditional credit institutions, authorised e-money institutions or so-called “small” or “exempted” e-money institutions. In several Member States that have taken up this option of the Second E-Money Directive (EM2), such as the Netherlands, Denmark and Latvia, gift cards are often issued as e-money by these small e-money institutions. Since identification of a gift card purchaser is, by its very nature, rather pointless due to gifting, issuers use today’s KYC exemption.
Several gift cards are also issued as e-money in Germany, such as the Aldi gift card (ed.: Helaba), the Esprit Gift Card (ed.: Esprit Card Services) and the Aral SuperCard (ed.: B2Mobility). Another anonymous e-money product is the new prepaid card of the Berlin public transport company BVG (ed. Helaba). It takes a lot of imagination and criminal energy to use these very limited-use products to launder money or even finance terrorism. The risk is almost zero.
The fundamental question of anonymous digital payment
Obviously, the Commission assumes that, despite the low risk, identification is now reasonable and, due to the technical progress in this area (strongly promoted by the Commission) (keyword: eID), is no longer an obstacle to the distribution of these products. In recital 36 of the planned regulation, the Commission writes:
“Technological developments and progress in digitalisation enable a secure remote or electronic identification and verification of prospective and existing customers and can facilitate the remote performance of customer due diligence. “
Not everything that is feasible is useful, appropriate and proportionate. Moreover, the possibility of anonymous digital payment, which is already severely limited, is not a second-best solution due to a lack of technical efficiency so far. It is a fundamental issue, especially with regard to internet payments. This topic requires an open social discussion and transparent decision-making processes.
Cover picture: Copyright © Adobe Stock/Thaut Images