Canada is a prosperous, developed nation with one of the largest economies in the world. An influential trading hub, Canada attracts a huge range of global investment interests to a marketplace worth around $2 trillion. Unfortunately, Canada’s profile also makes it a target for money launderers: federal authorities estimate that up to $113 billion dollars are laundered in Canada each year, with significant amounts of illicit funds entering the country from foreign sources such as China and Russia.
With some experts characterising money laundering in Canada as a “crisis”, the Canadian government is taking steps to bolster its anti-money laundering (AML) regulatory response. To keep pace with an evolving regulatory landscape, it’s critical that firms understand Canada’s AML regulations, and how incoming changes might affect compliance needs.
Canada’s AML Regulator: FINTRAC
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) serves as Canada’s financial intelligence unit (FIU) and anti-money laundering and counter-financing of terrorism (CFT) supervisor. Established in 2000, and headquartered in the capital city of Ottawa, FINTRAC has a mandate to “facilitate the detection, prevention, and deterrence of money laundering and the financing of terrorist activities” in Canada. It achieves this objective by ensuring that firms comply with Canada’s AML/CFT regulations and by generating financial intelligence for law enforcement investigations.
FINTRAC’s duties and responsibilities also include:
Processing suspicious transaction reports from Canadian firms
Protecting the personal information of Canadian persons
Maintaining a registry of licensed money services businesses in Canada
Researching and analysing financial data to establish patterns in AML/CFT activities
Enhancing public understanding and awareness of AML/CFT risks
To detect and deter money laundering and terrorism financing activities in Canada, and facilitate the investigation of offences. As part of that objective, the PCMLTFA imposes record keeping and reporting obligations on firms in Canada.
To provide law enforcement agencies with the intelligence they need to investigate money laundering and terrorism financing offences.
To fulfil Canada’s commitments to the global fight against financial crime.
How to Comply with the PCMLTFA
The PCMLTFA requires firms to implement a risk-based compliance solution, which means that they must assess their customers to determine the level of risk they present, and then deploy proportionate AML measures. The key components of a PCMLTFA compliance solution include:
Customer due diligence: Firms must establish the identities of their customers by performing customer due diligence (CDD), and collecting identifying information including names, addresses, dates of birth, company incorporation details, and so on. Higher risk customers should be subject to enhanced due diligence (EDD) checks.
Beneficial ownership: Firms must also establish the ultimate beneficial ownership (UBO) of customer entities that they do business with, in order to prevent money launderers concealing their identities with shell companies or corporate infrastructure.
Suspicious transaction screening: Firms should screen customer transactions for AML risk, which may include transactions involving high risk jurisdictions and counterparties.
Sanctions and watchlist screening: Firms should establish whether customers are designated on Canada’s sanctions lists (or other international sanctions lists), or are politically exposed persons (PEPs).
Adverse media screening in Canada: Since news media stories often reveal true AML risk before that information is confirmed by official sources, firms in Canada should also implement an adverse media screening solution.
Your adverse media (or negative news) screening solution should be capable of capturing data from Canadian news sources, and sources from around the world, and cover websites, blogs, forum entries, and social media posts. The solution should also integrate multi-language search functionality in order to account for regional variations in spelling, use of non-Western characters, similar sounding names, nicknames, and aliases.
Recent AML Initiatives in Canada
Canadian authorities are increasing regulatory focus on money laundering, and in particular the risks posed by virtual assets and sanctions evasion. The 2023 Federal Budget included proposals for amendments to the PCMLTFA which will broadly strengthen the country’s AML regime. The proposed changes include:
Increased powers for law enforcement to freeze virtual assets with suspected criminal links.
Enhanced information sharing between FINTRAC and the Canada Revenue Agency (CRA).
A new criminal offence relating to the structuring of transactions in order to avoid AML reporting, and the criminalisation of unregistered money services businesses.
Enhanced registration requirements for currency dealers (and other money services businesses), including criminal record checks.
New whistleblowing protections for employees disclosing information to FINTRAC.
New sanctions reporting requirements for businesses in the financial sector.
Russia sanctions: Canada has joined the US, UK, EU, and other Western countries in imposing economic sanctions on Russia in response to the invasion of Ukraine in February 2022. Canada’s Russia sanctions are set out in the Special Economic Measures (Russia) Regulations. In May 2023, the Canadian government issued a fresh round of sanctions against Russia, targeting 17 individuals and 18 entities linked to Vladimir Putin’s regime. With the conflict in Ukraine ongoing, Canada’s Russia sanctions are fluid and the government is likely to impose further sanctions in the future.
As the Canadian government strengthens its AML/CFT regime, compliance obligations will continue to change for firms across the country. To meet new regulatory requirements, firms will need to implement AML/CFT solutions capable of not only collecting and analysing large volumes of financial data, but adapting quickly as new risks emerge.
Ripjar’s Labyrinth Screening solution gives firms the power to achieve regulatory compliance in Canada’s changing AML environment. Labyrinth Screening is capable of multi-language searches of thousands of sanctions lists, watchlists, and adverse media sources, and delivers actionable financial intelligence in seconds. Powered by next-generation machine learning technology, Labyrinth enables compliance teams to extract the most relevant risk data from search results in order to build in-depth customer risk profiles, minimise false positives and facilitate stronger, faster decision making.
China’s economic and political ambitions often prompt concerns that Western governments will impose sanctions in response to violations of international law. That possibility is particularly worrying for Western businesses because of the significant market disruption they would cause. China is a major trading partner to the West: the UK, US and EU operate at a trade deficit with China, with the UK importing £63.6 billion of Chinese goods in 2021, the US importing $450.4 billion, and the EU €472 billion. With so many Chinese-manufactured goods consumed in the West, the impact of any new sanctions is hard to predict.
Chinese diplomatic relationships also complicate the sanctions landscape. President Xi Jinping’s expression of support for the Russian invasion of Ukraine in 2022, for example, created speculation that China would follow Russia’s lead by attempting to impose its rule on neighbouring Taiwan – an outcome that would force Western governments to take action.
While many Western countries currently implement China sanctions programmes, a China-Taiwan conflict would lead to fresh rounds of penalties, and force companies around the world to adjust their sanctions screening solutions in order to comply. China’s response to new sanctions will also be significant. Xi Jinping’s government recently established its own international sanctions programme, with measures that affect a range of Western individuals.
Many firms were caught off-guard by the swift (and ongoing) implementation of sanctions against Russia. To help your firm be ready to react to any emerging risk, we’ve put together a guide to the current state of play on the China sanctions landscape.
China Sanctions: Global Overview
Western governments have imposed sanctions against China in response to a number of recent international incidents, including espionage activities and human rights violations. Key global China sanctions programmes include:
United States
Most of the US’ current sanctions against China were imposed during the Trump administration in response to Chinese espionage activities and human rights abuses. Those sanctions included a 2018 ban on US agencies using Huawei products, and targeted sanctions against Chinese officials in response to the repression of Uyghur Muslims in 2020. In that year, the US also sanctioned Hong Kong and Chinese officials for undermining democracy in Hong Kong.
In 2022, the Biden administration imposed sanctions against Chinese businesses for supplying technology to Russian military networks in the conflict against Ukraine. The ban applies to advanced computing and semiconductor technology.
United Kingdom
In 2021, the UK imposed sanctions against China for the first time in response to human rights violations against minority Uyghur Muslims. The sanctions targeted the Xinjiang Productions and Construction Corps, and 4 Chinese officials.
Canada
In coordination with other Western allies, Canada imposed sanctions on China in 2021 in response to its treatment of the Uyghurs. Canada’s China sanctions programme includes a ban on the export of sensitive technologies, and imposes investment and travel bans.
The European Union
The EU has responded to China’s crackdown on Uyghur Muslims with the imposition of new economic sanctions in 2021. The sanctions targeted four Chinese officials and introduced export bans on technologies that could be used to conduct surveillance activities on the minority group.
Recent Changes to China Sanctions
The most recent global sanctions against China have broadly focused on addressing espionage and China’s ongoing support for Vladmir Putin’s invasion of Ukraine. The measures have typically been led by the US.
In 2023, the US issued sanctions against Spacety China for providing the Russian military with satellite surveillance imagery of Ukraine, The US also sanctioned Chinese companies for providing technology to Iranian drone manufacturers which, in turn, supplied the Russian military.
Following incursions by Chinese spy balloons into US airspace in February 2023, the US sanctioned several Chinese aviation and technology companies. The sanctions banned the export of parts and technologies, including valuable computer chips, from the US.
In April 2023, the US also imposed sanctions on entities within China for supplying chemicals used in the production of fentanyl by Mexican drug cartels.
In May 2023, the EU proposed a new sanctions package against 7 Chinese entities in response to their support for the Russian invasion of Ukraine.
China’s Sanctions Programme
It’s important to remember that China has also implemented its own sanctions programme to counter Western measures. China sets out its sanctions targets in the Unreliable Entity List (UEL), which was introduced in 2019 and is administered by the Ministry of Commerce (MOFCOM).
China has designated numerous Western targets on the UEL, focusing predominantly on US, UK, EU, and Canadian politicians. Recent designations on the UEL followed Western sanctions imposed in response to the Hong Kong democratic protests and the oppression of Uyghur Muslims, but China has signalled that it may expand its measures to counter new geopolitical pressures.
In 2022, China imposed sanctions against a number of Taiwanese officials following a visit by US House Speaker Nancy Pelosi, and followed up in 2023 with a second round of sanctions, which included Taiwan’s de-facto ambassador to the US. There are also indications that China will retaliate against US tech sanctions by placing sanctions on the export of certain technical components alongside some biotechnology.
The Future of China Sanctions
Xi Jinping’s support for the war on Ukraine will continue to have a significant effect on China sanctions programmes. In addition to the EU’s proposed sanctions, it is likely that the US will broaden its ban on the export of technologies to China, with a continuing focus on the export of microchips and semiconductors. The US may also broaden the scope of sanctions to more Chinese business entities, to capital flows into China, and to other Chinese industries, including biopharmaceuticals and medical software, both of which rely heavily on US intellectual property.
While the US typically has the capacity to act unilaterally against China, it is likely that other countries, including the EU, will adjust their sanctions posture depending on the outcome of geopolitical events – including the war in Ukraine, and the Chinese government’s treatment of Taiwan.
Taiwan
China’s position on Taiwan will be a significant factor in any future Western sanctions. While Taiwan has been governed independently since 1949, China has made clear that it intends to eventually bring the island under its full administrative control. To that end, China has engaged in recent actions to emphasise that objective, including military provocations against Taiwan and its Western allies, and issuing sanctions against high profile individuals who undermine China’s claim.
Any escalation of those actions may lead to conflict between China and Taiwan, and would force Western governments to impose new sanctions. In the wake of the coordinated action against Russia, it’s likely that new sanctions against China will be severe, and have a similar impact on Western businesses, affecting much of the industrial landscape and creating a significant new compliance burden.
In the event of a China-Taiwan conflict, firms will have to keep pace with governments in order to avoid penalties. To mitigate risk, it’s a good idea to begin compliance preparations now, rather than waiting until sanctions become a reality. Practically, this means that firms should closely monitor geopolitical developments concerning China and Taiwan, and review current levels of risk exposure, including supply chain and third party risks. Similarly, firms should update their sanctions screening solution to capture emerging risk factors, with particular attention to adverse media searches and multilingual name screening capabilities.
Screening Solutions
Given the obligations that China sanctions impose, it’s vital that firms consider the specific screening challenges of hypothetical targets. While firms should screen regularly for updates to official sanctions lists, there are other specific screening challenges, including:
Multi-Lingual Screening
In order to detect China sanctions risk effectively, firms must be capable of capturing data written in Chinese characters. To that end, solutions should include multi-lingual and multi-script name matching capabilities, and account for the following factors:
Use of non-Latinate characters, for example: 习近平 (Xi Jinping).
Transliteration of names from native to Western characters.
Use of Asian naming conventions, such as the reversal of first names and surnames, or approximations of anglicised spellings.
Misidentification of similar-sounding or similar-spelled names, and variant spellings.
Accounting for multi-lingual challenges means integrating a software solution with sophisticated screening capabilities and, ideally, recruiting compliance teams with the relevant language expertise.
Adverse Media Screening
Emerging sanctions risks are often revealed by news and other media sources before they are officially implemented in government sanctions lists. Investigative journalists, for example, may expose evasion of China sanctions, along with the firms that facilitate that activity.
With that in mind, to stay ahead of the compliance curve, and anticipate emerging sanctions risk, firms should focus on screening adverse media or negative news for stories that involve their customers, with searches taking in traditional screen and print media, along with websites, social media, forums, blogs and so on. Adverse media screening should have a global scope, including searches of domestic, Chinese, and global data sources, and firms should apply the same multi-lingual approach as they apply to other screening processes.
Next Generation Screening
China sanction screening solutions should facilitate fast, efficient searches that minimise noise and false positives, and empower firms to make confident decisions. To achieve that goal, firms must integrate flexible technology that can manage the quickly evolving challenges of both the sanctions and adverse media landscapes.
Ripjar’s Labyrinth Screening platform is capable of searching thousands of global data sources, combining official sanctions list screening with multi-lingual adverse media searches. Labyrinth searches in real time, in over 20 foreign languages, in order to provide meaningful, contemporary data in seconds, and inform strong, speedy decision making. Powered by next generation machine learning technology, Labyrinth also enables firms to extract the most relevant data points, building more accurate customer risk profiles while minimising false positive alerts.
To learn more about China sanctions screening and compliance, contact us today
Norway is a highly developed Scandinavian country and, supported by abundant natural resources, one of the wealthiest economies in the world. Norway’s prosperity also makes it a target for financial criminals, who seek to exploit its financial system to commit crimes such as fraud, money laundering, and terrorism financing. Recent financial scandals have drawn attention to Norway’s anti-money laundering (AML) and counter-financing of terrorism (CFT) regulatory requirements. In 2020, for example, DNB ASA, Norway’s largest financial services group, was fined a record-breaking NOK 400 million (around $48.1 million) for systematic AML compliance violations.
Norway’s increased focus on combatting financial crime means that businesses operating in the country must be familiar with its AML/CFT landscape, including how to work with its financial authorities, and how to implement a suitable regulatory compliance programme.
Norway’s AML Regulator: Finanstilsynet
Norway’s primary AML regulator is the Financial Supervisory Authority of Norway (FSA), also known as Finanstilsynet. Established in 1986 as a merger of the Norwegian Insurance Council, the Bank Inspection Agency, and the Broker Control Agency, Finanstilsynet functions to “promote financial stability and well-functioning markets” in Norway, by ensuring that “supervised institutions comply with the anti-money laundering legislation”.
In that capacity, Finanstilsynet supervises Norway’s banks and financial institutions, including insurance and credit companies, pension funds, accountants, and real estate agencies. Its duties include developing and implementing financial legislation in conjunction with the Norwegian government, implementing risk-based AML/CFT in Norway’s financial institutions, and conducting on-site compliance inspections. Financial institutions that wish to operate in Norway must demonstrate that they meet a set of competency criteria and then obtain a licence from Finanstilsynet.
As a signatory to the EU’s Memorandum of Understanding on Cooperation, Finanstilsynet also works with other national supervisory authorities across the European Economic Area (EEA), and with other regulatory bodies across the world, in the global fight against money laundering.
Norway AML Regulations
Norway’s main AML/CFT law is the Act Relating to Measures to Combat Money Laundering and Terrorist Financing, also known as the Anti-Money Laundering Act. Passed in 2018, the Anti-Money Laundering Act imposes risk-based record-keeping and reporting regulations on financial institutions in Norway, including the need to apply customer due diligence (CDD) and ultimate beneficial ownership (UBO) checks to new customers, and to perform ongoing monitoring of customer financial activity in order to identify suspicious behaviour.
As part of the EEA, Norway implements the EU’s anti-money laundering directives (AMLD) in its domestic AML/CFT legislation. Accordingly, Norway has updated the Anti-Money Laundering Act with the relevant regulatory detail, including measures set out in the latest AMLD, the Sixth Anti-Money Laundering Act (6AMLD), which came into effect on 3 June 2021.
Recent AML initiatives: Norway is likely to implement the EU’s landmark Markets in Crypto Assets (MiCA) regulation, which will manage the emerging risks posed by unbacked crypto-assets and stablecoins. Norway will also implement the Transfer of Funds Regulation (TFR), extending AML/CFT regulations to virtual asset service providers. Both regulations are set to come into effect in 2024.
How to Comply with AML Regulations in Norway
Following Financial Action Task Force (FATF) guidance, and AMLD requirements, Norway imposes risk-based AML/CFT regulations on its financial institutions. This means that they must conduct risk assessments in order to establish customer risk profiles, and then deploy a proportionate compliance response, depending on the level of risk. With that in mind, Norway AML compliance solutions should include:
Customer due diligence: In order to build accurate risk profiles, firms in Norway must establish the identities of their customers by applying effective customer due diligence. In addition to collecting names, addresses, birthdates, and other identifying information, firms should seek to establish the ultimate beneficial ownership of corporate customers.
Transaction screening: Firms should screen customer transactions for signs of money laundering, including transactions with high risk counterparties or transactions that involve high risk jurisdictions.
Sanctions and watchlists: Sanctions targets and politically exposed persons (PEPs) represent a high level of AML risk. Accordingly, firms in Norway must screen their customers against the relevant sanctions and watchlists during onboarding and throughout the relationship.
Adverse media: News stories and other forms of media are particularly effective at revealing criminal risk. Stories about sanctions designations, criminal investigations, or professional connections, for example, may be broken online, by news organisations or other entities long before they are confirmed by government or law enforcement sources. Accordingly, adverse media represents a valuable AML resource, and one of the most effective ways to inform risk-based compliance decisions about individual customers.
In practice, firms should screen their customers against adverse media sources on an ongoing basis. Adverse media screening should have a global scope, and take in as broad a range of sources as possible, including established news outlets, websites, blogs, forums, and social media posts. Effective adverse media screening requires firms to integrate software with multi-language search capabilities that is capable of searching in real time in order to deliver the most recent risk data.
Next Generation Screening Technology
Norway’s AML regulations are evolving to match the demands of the global risk landscape. To stay ahead of your compliance obligations in Norway and beyond, it’s critical that you implement a screening solution capable of capturing a vast amount of risk data, while minimising false positive alerts.
Ripjar’s Labyrinth Screening platform has been designed to meet AML compliance challenges in jurisdictions around the world, and ensure your firm stays ahead of both regulatory changes and criminal threats. Powered by next generation machine learning technology, Labyrinth enables real-time searches of thousands of global media sources, including news articles, and sanctions and watchlists, in over 20 languages. Labyrinth focuses on extracting the most relevant risk data, helping you build accurate, effective risk profiles in seconds and identify new risks as soon as they emerge.
Sweden is a prosperous Nordic country and EU member-state with a highly developed economy. While it is traditionally regarded as a safe financial destination, recent criminal scandals have damaged Sweden’s reputation. In 2019, for example, an investigation into the Swedish bank Swedbank exposed a $200 million money laundering scheme in its Eastern European and Russian branches, and led to a €360 million fine. Similarly, in 2022, investigators uncovered money laundering regulatory violations at Swedish gambling companies Kindred, ATG, and Pinbet – and subsequently issued millions of Euros in fines to each company.
To combat the threat of financial crime, and protect the integrity of its financial system, Sweden is tightening its anti-money laundering (AML) and counter-financing of terrorism (CFT) controls, and pushing for a more robust regulatory framework across the EU. Given the increased focus, firms must understand their AML/CFT obligations in Sweden, and how to achieve regulatory compliance.
Sweden’s AML Regulator: Finansinspektionen
Established in 1991 as a merger of the Bank Inspectorate and the Insurance Supervision Authority, the Financial Supervisory Authority of Sweden, or Finansinspektionen (FI), is the country’s primary financial regulator.
FI operates under the authority of the Swedish Ministry of Finance and is responsible for examining the “risks and control systems” of the country’s financial institutions and supervising “compliance with statutes, ordinances and other regulations.” Those duties mean that FI is responsible for assessing the effectiveness of Sweden’s AML/CFT legislation and, where necessary, making recommendations for amendments. In its supervisory role, the regulator also assesses the financial health of companies setting up in Sweden, and issues permits to those deemed competent to conduct business.
In addition, FI has a mandate for financial education, disclosing clear and accurate financial information to the Swedish public and issuing guidance on compliance regulations to public and private entities. As Sweden’s national financial regulator, FI works with counterparts in other countries to aid AML/CFT investigations and address global criminal threats.
Key Sweden AML Regulations
Sweden’s main article of AML/CFT legislation is the Money Laundering and Terrorist Financing (Prevention) Act, also known as the Anti-Money Laundering Act, which requires firms to implement a risk-based AML/CFT compliance programme. In practice, this means that firms must assess the risk that individual customers present, and then deploy proportionate compliance measures. The AML Act also requires firms to monitor customers and their transactions for suspicious activity, and report AML alerts to Sweden’s Financial Intelligence Unit (FIU).
EU AMLDs: As a member of the EU, Sweden implements the Anti-Money Laundering Directives (AMLD), which are released periodically by the European Parliament and transposed into domestic legal frameworks. The latest AMLD is the Sixth Anti-Money Laundering Directive (6AMLD), which came into effect on 3 June 2021. Key regulatory details of 6AMLD include a harmonised list of money laundering predicate offences, an increase in the minimum penalties for money laundering, and an expanded definition of the crime of money laundering to include aiding and abetting.
AML/CFT penalties: In 2020, the penalty for money laundering in Sweden was capped at €50 million. Individuals found guilty of money laundering may face prison sentences of between 6 months and 6 years.
How to Comply With Sweden’s AML Regulations
In order to comply with Sweden’s risk-based AML/CFT regulations, firms must implement the following measures:
Customer due diligence: Firms must conduct customer due diligence (CDD) in order to identify their customers and build accurate risk profiles. The CDD process includes the collection of names, addresses, dates of birth, and other identifying information, and should also include the ultimate beneficial ownership (UBO) of customer-entities.
Transaction screening: Firms must screen their customers’ transactions on an ongoing basis for signs of money laundering activity. This might include transactions involving high risk counterparties or high risk jurisdictions.
Sanctions and watchlist screening: As part of the screening process, firms must ensure they are not doing business with sanctions targets and politically exposed persons (PEP). To identify this type of high risk customer, firms must screen against international sanctions lists, PEP lists, and other relevant financial crime watchlists.
Adverse media screening: One of the most effective ways to strengthen compliance with risk-based screening requirements is to screen customers for involvement in adverse or negative news media. News reports and other forms of online media often reveal information about customers before it is officially confirmed – enabling firms to react as quickly as possible when a customer’s risk profile changes.
The EU AMLDs require firms to implement adverse media screening as part of their AML/CFT compliance process. This means that firms must integrate software capable of screening for adverse media on a global scale, with a coverage that includes traditional print and screen outlets, websites, and other data sources such as blogs, forums, and social media platforms.
Recent AML Initiatives in Sweden
The Swedish government is pushing for the EU to implement its most recent AML/CFT proposals, and is keen to advance the introduction of a single AML/CFT Rulebook, and a centralised Anti-Money Laundering Authority (AMLA). Discussions around both initiatives have gained broad consensus from EU member states but the location of the new AMLA is yet to be decided.
Sweden will also implement the EU’s Markets in Crypto-Assets (MiCA) regulation, a landmark new framework for managing the risks posed by unbacked crypto-assets and stablecoins. MiCA will come into effect in 2024, and joins the Transfer of Funds Regulation (TFR) which extends AML/CFT reporting and record-keeping obligations to cryptocurrency service providers.
Next Generation AML Screening for Swedish Compliance
Sweden’s AML/CFT landscape is changing, and financial institutions need to be able to respond quickly to new risks and regulatory requirements, and emerging criminal threats.
In this environment, Ripjar’s Labyrinth Screening platform provides a powerful compliance advantage, enabling searches of thousands of structured and unstructured data sources, including foreign news stories, sanctions lists, and watchlists, and generating real time financial intelligence. Built with next generation machine learning technology, Labyrinth enables firms to extract the most relevant compliance data from a source in seconds, so that firms can react quickly to new threats, in Sweden and beyond, and know as soon as possible when a client’s risk profile changes.
While Belgium has a reputation as a wealthy and politically influential European power, it also faces an increasing number of financial crime threats, which include international money laundering and terrorism financing activities. In 2021, for example, Belgium’s financial intelligence unit (FIU) recorded 46,000 suspicious transactions, up 50% on the previous year. In order to protect its own economic system from that threat, and contribute to global anti-money laundering (AML) and counter-financing of terrorism (CFT) efforts, Belgium has built a robust regulatory framework for financial institutions, and established a financial regulator to oversee compliance.
If you’re setting up or doing business in Belgium, it’s important to understand how Belgium’s AML regulations will affect you, and what steps you need to take to protect your organisation from risk.
Belgium AML Regulators
The Financial Services and Markets Authority
Belgium’s primary financial regulator is the Financial Services and Markets Authority (FSMA). Established in 2011, the FSMA replaced its predecessor, the Banking Finance and Insurance Commission (CBFA), as part of an effort to consolidate supervision of Belgium’s financial system, and protect the transparency, fairness, and orderly operation of its markets. To that end, the FSMA works primarily in the following domains:
Supervision of financial products and services, including pension schemes
Compliance with financial conduct rules and AML/CFT regulations
Surveillance of markets and distributed financial information
Financial education
The FSMA works with the National Bank of Belgium (NBB) and the Federal Public Service Economy in its supervisory role, and has the authority to conduct onsite inspections or request documentation in order to verify AML/CFT compliance. Where it finds violations, the FSMA may issue warnings, impose business prohibitions, or impose sanctions including significant financial penalties against the offending firms.
As a member of the European Securities and Markets Authority (ESMA) and other international financial organisations, the FSMA also represents Belgium on the global financial stage. To that end, it is signatory to numerous international financial crime agreements and coordinates with counterpart organisations to protect global financial markets.
The CTIF
Following Financial Action Task Force (FATF) and EU directives, Belgium has also established a financial intelligence unit (FIU), known as the Financial Intelligence Processing Unit (CTIF). Like other FIUs, the CTIF is an independent, autonomous entity responsible for collecting and processing AML/CFT data, including suspicious transaction reports (STR), in order to provide actionable intelligence for subsequent law enforcement investigations. The CTIF also coordinates with counterpart FIUs in other countries to aid in the investigation and prosecution of financial crime.
Key AML Regulations in Belgium
Belgium’s main AML/CFT legislation is the Law of 18 September 2017 on the Prevention of Money Laundering and Terrorist Financing – also known as the “AML Law”. The law transposes the details of the EU’s Anti-Money Laundering Directives, establishing a set of risk-based AML/CFT requirements for firms that operate within Belgium’s jurisdiction.
As new AMLDs are released, the Belgian government updates the AML Law to include the latest regulatory detail. The Sixth Anti-Money Laundering Directive, for example, sets out a harmonised list of money laundering predicate offences, and expanded the definition of money laundering to include aiding and abetting.
Belgian authorities may impose fines for non-compliance with the AML Law, which may reach up to €1,250,000 for non-financial companies, and €5000 or 10% of annual turnover (whichever is greater) for financial companies.
How to Comply with Belgium’s AML Law
The AML Law imposes risk-based AML/CFT requirements on firms operating within Belgium. This means that firms must conduct a risk assessment of individual customers to establish the level of risk they present, and then deploy proportionate AML/CFT compliance measures.
Establishing risk accurately is a significant challenge for financial institutions, which must collect and analyse large amounts of data in order to establish accurate customer risk profiles. With that in mind, Belgian AML/CFT compliance solutions typically include the following controls:
Customer due diligence (CDD) measures to establish and verify the identity of customers, and build accurate risk profiles. Required CDD information may include names, addresses, places of business, and other identifying materials.
Ultimate beneficial ownership (UBO) verification of corporate structures in order to ensure that money launderers are not concealing their identity with shell companies or corporate structures.
Customer screening against relevant watchlists, including politically exposed person (PEP) lists and global sanctions lists, and adverse media sources. PEPs and persons subject to sanctions represent a high financial crime risk, so firms must perform ongoing screening to verify any changes to customer statuses.
Adverse media screening: In an evolving financial landscape, one of the quickest ways to establish true customer risk is to conduct adverse media screening – which may reveal critical compliance information before confirmation by official government sources. Adverse media includes news stories, social media, blogs, and forum posts, and may detail involvement in criminal activity, incoming regulatory changes, or a customer’s designation on watchlists and sanctions lists – all of which will likely change a customer’s risk profile.
Sanctions screening: Customers that are subject to international sanctions pose an elevated AML/CFT risk, and should be subject to enhanced due diligence (EDD) including adverse media scrutiny. As an EU member-state, Belgium must comply with EU sanctions screening requirements: in particular, firms should pay close attention to Russia sanctions, which are updated frequently, and currently designate a range of companies and individuals that directly support or are involved with the invasion of Ukraine.
Belgium AML Initiatives: Crypto Regulation
In addition to the most recent AMLD measures, Belgium will, like other EU member states, implement the Markets in Crypto Assets (MiCA) regulation. Scheduled to be introduced in 2024, MiCA will affect the AML/CFT treatment of crypto assets, introduce specific requirements for the use of stablecoins, and establish an EU-wide crypto asset service provider register overseen by the European Banking Authority.
Belgium has focused heavily on crypto regulation recently, with an amendment to the AML Law in 2022, which brought crypto service providers under the scope of the legislation (and previous EU AMLDs). The amendment introduced the following measures:
A definition of “exchange services between virtual currencies and fiat currencies” as they pertain to the AML Law.
A definition of the type of crypto exchange services that fall under the scope of the AML Law.
A prohibition on non-European Economic Area persons offering or providing crypto exchange services in Belgium.
An FSMA registry of crypto exchange service providers.
A number of new criminal offences and sanctions that pertain to crypto asset activities.
The amendment came into effect on 1 May 2022.
AML Compliance Solutions
EU AMLDs include strict requirements for both sanctions and adverse media screening compliance, and firms in Belgium must be prepared to search international data sources for customer involvement in risk factors set out in domestic legislation. Speed, scope, and accuracy are critical to effective customer screening, which means firms must seek a solution with a global scope, that can be tailored to their risk appetite, and that can minimise false positive alerts.
Ripjar’s Labyrinth Screening platform is built to achieve screening compliance in Belgium, the EU, and jurisdictions around the world. Built with cutting-edge machine learning technology, Labyrinth Screening is informed by thousands of global data sources in real time, including the latest adverse media, sanctions list and watchlist updates. Labyrinth is capable of searching in over 20 foreign languages to ensure firms capture data from every corner of the world, and delivers actionable intelligence in seconds so that firms can make important decisions quickly and confidently.
Spain is one of the wealthiest nations in Europe, with a highly developed economy that hosts a spectrum of businesses and investment interests. Unfortunately, Spain’s growth and development as an economic power has also made it a target for criminals, who seek to exploit its financial system to commit fraud and other serious financial crimes, such as money laundering and terrorism financing. In response to those threats, the Spanish government has developed a robust anti-money laundering (AML) and counter-financing of terrorism (CFT) framework to protect the country’s economic system and meet its obligations in the global fight against financial crime.
Following recent financial scandals across Europe, and high profile prosecutions of money launderers within Spain, Spanish regulators have increased their focus on screening and compliance. Given the potential for steep financial penalties, it’s vital that businesses understand Spain’s AML regulations, how to achieve compliance, and how to manage incoming regulatory challenges.
Spain’s AML Regulator: SEPBLAC
Established in 1993, the Commission for the Prevention of Money Laundering and Financial Crimes, or Servicio Ejecutivo de la Comisión de Prevención de Blanqueo de Capitales (SEPBLAC) is Spain’s AML/CFT regulator and financial intelligence unit (FIU). SEPBLAC operates under the authority of the Secretariat of State for Economy and Business Support, which is a collective composed of a number of Spanish government representatives and law enforcement agencies.
In its supervisory role, SEPBLAC’s mission is to ensure that financial institutions comply with Spain’s risk-based AML/CFT regulations “in accordance with the best international practices”. As an FIU, SEPBLAC handles the submission of suspicious transaction reports (STR), analysing financial data to determine whether to launch criminal investigations.
Like most global AML/CFT regulators, SEPBLAC also has a duty to work with international counterparts to address financial crime threats. To that end, SEPBLAC coordinates with other EU supervisory authorities and FIUs, and shares financial intelligence on platforms such as FIU-Net and the Egmont Secure Web (ESW).
Anti-Money Laundering Directives: As an EU member, Spain is required to transpose into law the EU’s Anti-Money Laundering Directives (AMLD). The most recent AMLD, the Sixth Anti-Money Laundering Directive (6AMLD), included a new definition of the crime of money laundering (that included aiding and abetting), set out a harmonised list of money laundering predicate offences, and increased the minimum penalties for persons convicted. Spain implemented 6AMLD through Royal Decree-Law 7/2021, of April 27.
Penalties for money laundering in Spain are imposed under the Criminal Code and include a prison sentence of up to 6 years and a fine of up to three times the value of the assets involved. Authorities may also impose business prohibitions of up to 3 years on persons found guilty of money laundering.
How to Comply with Spain’s AML Regulations
Following Financial Action Task Force (FATF) guidance, Spain requires firms to take a risk-based approach to AML/CFT, which means they must assess the risk that their customers present, and then deploy proportionate compliance measures. The FATF Recommendations set out the measures and controls that must be implemented as part of a risk-based AML/CFT compliance solution. These include:
Customer identification: Firms must collect identifying information from customers in order to build accurate risk profiles. Suitable customer due diligence (CDD) information includes names, addresses, birth certificates, and business incorporation documents. High risk customers may warrant enhanced due diligence (EDD) measures.
Beneficial ownership: Firms must ensure that customers are not using shell companies or corporate structures to conceal their identities and evade compliance controls. Accordingly, AML/CFT solutions should also include verification of the ultimate beneficial ownership (UBO) of customer-entities.
Suspicious transactions: Firms must screen customer transactions for suspicious activity, including transactions with high risk individuals or transactions that involve high risk jurisdictions.
Customer screening: Firms should ensure that customers are not designated on international sanctions lists or watchlists, and are not politically exposed persons (PEP), by screening customers on an ongoing basis against the relevant data sources.
Adverse Media Screening: One of the most effective and accurate ways to establish customer risk is to screen customers against adverse media sources, which include news stories, social media, blog posts, forum posts, and more. Adverse media typically reveals customer AML/CFT risk, such as involvement in financial crime, before it is confirmed by official sources – and so enables firms to deploy the appropriate compliance response as quickly as possible. Firms should dedicate screening resources to capture a wide range of adverse media from around the world.
Incoming AML Regulations
In June 2022, the EU reached a provisional agreement to introduce a new regulatory framework for unbacked crypto-assets and stablecoins, known as Markets in Crypto-Assets (MiCA). The EU also passed the Transfer of Funds Regulation (TFR), which extends AML/CFT regulations to cryptocurrency service providers. Both regulations will come into effect in Spain, and across the EU, in 2024. With the new regulations on the horizon, firms in Spain should ensure they adjust their compliance solutions to account for new levels of risk from transactions that involve virtual assets.
AML Solutions: Screening Technology
Under the EU’s AMLD regulations, firms in Spain must be prepared to screen against a range of global data sources including adverse media. With that in mind, it’s vital that firms find a technology solution capable of searching for customer names with suitable scope, flexibility, and accuracy in order to capture breaking news stories, new sanctions designations, social media entries, and other types of media – and do so quickly whilst minimising false positive alerts.
Ripjar’s Labyrinth Screening platform gives firms that capability. Built on cutting edge machine learning technology, Labyrinth enables comprehensive, real-time searches of thousands of global data sources, including foreign news articles, sanctions lists, and watchlists, in over 20 languages, and delivers actionable financial intelligence in seconds. In a complex and changing EU regulatory landscape, Labyrinth lets firms tailor their compliance response to specific AML/CFT risk factors, react to new legislation and criminal threats, and know as soon as possible when a customer’s risk level changes.
In March 2023, the UK launched its Economic Crime Plan 2, building on the first iteration of the plan with measures to “continue to to transform the UK’s response to economic crime”. On announcing the new plan, the government highlighted the damage that economic crime inflicts, with over £100 billion pounds laundered in the UK each year, and with fraud accounting for around 41% of all crime. The government also highlighted the Russian invasion of Ukraine as an example of the growing criminal threat posed by kleptocracies.
Acknowledging the evolving nature of the financial landscape, the updated UK Economic Crime Plan designates new resources and financial support for enforcement authorities, and for fraud, anti-money laundering (AML) and counter-financing of terrorism (CFT) efforts. As the new Economic Crime Plan comes into effect, it’s important that UK firms understand how it will change the AML/CFT landscape and how to ensure compliance under the new regime.
The First UK Economic Crime Plan
Launched in 2019, the first version of the plan was known as the UK Economic Crime Plan 2019 to 2022, and was implemented to protect the UK from the “significant threat” of serious financial crimes such as fraud, money laundering, and the financing of terrorism. The plan sought to bring together “the capabilities, expertise and intelligence of the public and private sectors” in order to defend the UK’s economy and “support legitimate growth and prosperity”.
To that end, the original Economic Crime Plan set out the following 7 strategic priorities for combatting economic crime in the UK:
To better understand the threat of economic crime and the UK’s performance in combatting it.
To find better ways to share and use information between public and private sector institutions for the purposes of addressing economic crime.
To make the “powers, procedures and tools” of UK law enforcement authorities as effective as possible.
To strengthen the collective capabilities of UK law enforcement, the justice system, and the private sector in detecting and disrupting financial crimes.
To build resilience to financial crime by enhancing private sector management of risk and risk-based supervision.
To improve ownership transparency of legal entities and arrangements.
To develop an “ambitious international strategy” for addressing economic crime in order to enhance the UK’s global influence.
Key Outcomes of the First Plan
The UK government has characterised the implementation of the first Economic Crime Plan as a success, citing the following achievements:
An improved understanding of criminal threats through joint public-private risk assessment initiatives.
Reform of the UK’s Suspicious Activity Report (SAR) regime, and a comprehensive review of the UK’s money laundering regulations.
New legislation including the Economic Crime (Transparency and Enforcement) Act, the Economic Crime and Corporate Transparency Bill, and the Online Safety Bill.
Enhanced domestic and international cooperation.
UK Economic Crime Plan 2: Key Updates
The UK Economic Crime Plan 2 seeks to “build on the foundations” of its predecessor and to “focus more directly on impact and outcomes”. The plan allocates £200 million of government investment and £200 million from the Economic Crime (Anti-Money Laundering) Levy to achieve that goal, with a focus on 3 key outcomes:
Reducing money laundering and recovering more criminal assets
Limiting abuse of UK corporate structures
Increasing the effectiveness of the UK’s AML/CFT regulatory regime
Combatting cryptoasset crimes
Improving SAR intelligence, feedback, and analysis
Combatting kleptocracy and sanctions evasion
Improving financial sanctions design, implementation and enforcement
Strengthening the international and operational response to kleptocracy
Cutting fraud
Pursuing criminals responsible for fraud and blocking fraud
Helping the Public Sector Fraud Authority reduce the impact of fraud
New Initiatives Under the Updated Plan
In order to achieve the outcomes set out above, the new plan will put the following ideas and reforms into action:
Financial crime investigations: The Economic Crime Plan 2 will see the recruitment of 475 financial crime investigators who will address money laundering and asset recovery.
Public-private coordination: A new approach to public-private coordination will establish joint priorities in order to maximise resources, and detect and prevent financial crime.
Fintech: Law enforcement agencies will implement state-of-the-art technology solutions, including advanced data analytics, to keep pace with criminal methodologies.
Cryptoassets: The government will establish a new Crypto Cell which will pool the expertise and enforcement tools of law enforcement agencies and regulators in order to tackle the criminal abuse of cryptoassets.
Supervisory reform: The new plan will introduce “ambitious reform” of the UK’s supervisory regime in order to encourage greater information and intelligence sharing.
Kleptocracy: The government will expand the UK’s Combatting Kleptocracy Cell, harnessing the expertise of the National Crime Agency (NCA).
How Technology Can Help With Economic Crime Plan Compliance
The second Economic Crime Plan emphasises a greater degree of cooperation between public and private entities, and applies a greater AML/CFT scope so that firms can deal with evolving global risks such as international kleptocracy and cryptoasset crime. In this new regime, quality, actionable data will be critical: firms will need to be able to collect and analyse data on their customers, from sources around the world, distribute that data, and make effective compliance decisions as quickly as possible. Similarly, as the UK government implements aspects of the new plan, the regulatory landscape may shift, which means firms will need to be agile in their approach to regulatory compliance and be prepared to react when new threats emerge.
Ripjar’s Labyrinth Screening platform is designed for advanced data analysis in a challenging, fast-moving regulatory environment. Built with cutting-edge machine learning technology, Labyrinth Screening enables firms to search customers against thousands of global data sources, and generate actionable financial intelligence in seconds. Updated in real time with the latest financial crime data, Labyrinth searches cover global adverse media stories, sanctions lists and watchlists, and the platform allows firms to tailor searches for the most relevant risk data in order to minimise false positives and enable strong, speedy decision making.
The Middle East is an increasingly important financial destination, with economic development across the region attracting global capital and innovation. However, the dramatic growth of certain Middle Eastern countries has led to an increase in financial crime, including money laundering and terrorism financing, which typically exploit the region’s high risk industries such as construction, oil and gas, and real estate. Corruption has also been a traditional financial crime risk in the Middle East, with a number of recent scandals, such as the $3 billion fraud case that led to the collapse of NMC Healthcare in the UAE in 2020.
Middle Eastern countries have responded to the criminal threats they face by implementing anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations, which impose a range of screening, monitoring, and reporting regulations. To help your firm navigate its compliance landscape, let’s take a closer look at the AML/CFT environment in a number of Middle Eastern jurisdictions.
Key Middle Eastern AML Regulators and Regulations
UAE – CBUAE
The United Arab Emirate’s (UAE) primary financial regulator is the Central Bank of the UAE (CBUAE), which provides supervision for licensed financial institutions and has a mission to “regulate, develop, oversee, and maintain” the UAE’s financial system. The bank carries out its supervisory duties through its Banking and Insurance Supervision Department, which includes the Regulatory Development Division, which sets the UAE’s AML/CFT policies.
Qatar’s financial regulator is the Qatar Financial Centre Regulatory Authority (QFCRA). Established in 2002, the QFCRA has a mandate to “authorise and regulate firms and individuals conducting financial services” and maintains a dedicated AML/CFT unit which works to ensure compliance with Qatar’s AML/CFT rules. The Authority also contributes to “Qatar’s ongoing engagement with international standard-setting bodies”.
Key Qatar AML regulations: Qatar’s Law No. (20) of 2019 on Combating Money Laundering and Terrorism Financing is the state’s primary AML/CFT law. The law sets out a range of risk-based compliance obligations for financial institutions in Qatar, including customer due diligence, beneficial ownership, and customer screening and monitoring.
Saudi Arabia – Ministry of Anti-Money Laundering, SAMA, SAFIU
There are a number of government bodies that address money laundering in Saudi Arabia, including the Ministry of Anti-Money Laundering, the Saudi Arabian Monetary Agency (SAMA), and the Saudi Arabian Financial Intelligence Unit (SAFIU). The AML/CFT efforts of these entities are coordinated through the Permanent Committee for Anti-Money Laundering, which is headquartered at the SAMA head office in Riyadh.
Key Saudi Arabia AML regulations: The main AML regulation is the Saudi Arabia Cabinet Decision No. 80/1439, approving the Anti‐Money Laundering Law, also known as the AML Law. There are a number of important supporting laws to the AML Law, including the Implementing Regulation to the AML Law October 2017. Similarly, the main CFT law in Saudi Arabia is the Law on Combating Terrorism Crimes and Financing (and its corresponding implementing regulation). The AML and CFT laws impose risk-based compliance obligations on firms within Saudi jurisdiction.
Oman – CBO, CMA
The Central Bank of Oman (CBO) is Oman’s primary AML/CFT authority, responsible for supervising and licensing all financial institutions in the country, and implementing its AML/CFT regulations. The Capital Markets Authority (CMA) also has an AML/CFT regulatory role but is responsible for supervising Oman’s capital market and insurance sectors.
Key Oman AML regulations: The principle AML/CFT law in Oman is the Law on
Turkey’s AML/CFT authority is the Financial Crimes Investigation Board, or Mali Suçlar Araştırma Kurulu (MASAK). Operating under the Ministry of Finance, MASAK has the power to implement AML/CFT policy in Turkey, conduct investigations, and assist law enforcement agencies with prosecutions.
Key Turkey AML regulations: Implemented in 2006, Turkey’s principle AML law is Law No. 5549 on Prevention of Laundering Proceeds of Crime, which imposes reporting, record-keeping, monitoring and screening obligations on Turkish financial institutions. In 2023, Turkey introduced Law No. 6415 on the Prevention of the Funding of Terrorism, which expanded the definition of terrorism financing and the power of authorities to prosecute alleged cases.
How to Comply with the Middle East’s AML Regulations
The Middle Eastern states listed above have committed to implementing the AML/CFT standards recommended by the Financial Action Task Force (FATF) – either as members of the FATF, or as members of the Middle Eastern and North Africa FATF (MENAFATF), an FATF-style regional body.
Following the FATF Recommendations, Middle Eastern jurisdictions must develop and implement risk-based AML/CFT compliance regulations, which require firms to establish individual customer risk levels and deploy proportionate compliance measures in response. In practice, this means that Middle Eastern financial institutions must conduct robust data collection and screening processes, including:
Identity verification: Firms should apply customer due diligence (CDD) measures to establish the identity of their customers and build accurate risk profiles. Where customers present a higher risk of financial crime, firms should apply enhanced due diligence (EDD).
Transaction screening: Middle eastern firms must screen customer transactions for suspicious activity, which may include transactions with high risk individuals or transactions involving high risk jurisdictions.
PEP and sanctions screening: To establish customer risk levels, firms must check that customers are not suspected of financial crimes, are not politically exposed persons (PEP), and are not designated on international sanctions lists. To that end, firms must be able to screen customers against the relevant sanctions and watchlists.
Adverse media screening: Firms should screen their customers for involvement in adverse media – which may disclose important risk information before it is confirmed by official sources. Firms should screen for adverse media with a global scope in order to ensure they collect as much risk data as possible.
Recent AML Developments in the Middle East
The Middle East can be a volatile AML/CFT environment with risk levels varying significantly between jurisdictions.
Following a Plenary and Working Group Meeting in 2022, the FATF chose to designate the UAE on its list of Jurisdictions Under Increased Monitoring, also known as the Grey List, as a result of failures to address “strategic deficiencies” in its counter-terrorism financing framework.
Designation on the Grey List means that financial institutions must be alert to an elevated risk of doing business in listed countries, while listed countries are required to work with the FATF to address points on an AML/CFT action plan. The UAE, for example, recently issued guidance for financial institutions on improving their understanding of AML/CFT risk, including implementing digital ID systems to enhance CDD.
The UAE is not the only Middle Eastern country on the Grey List, and joins Syria, Yemen, and Turkey, which was added in October 2021. Iran is designated on the FATF’s Black List, or High Risk Jurisdictions Subject to a Call for Action, which indicates a high level of AML/CFT risk and requires firms to deploy suitable countermeasures.
Customer Screening Technology for Middle East AML Compliance
Many financial activities in the Middle East are associated with industries that pose an elevated risk of financial crime but that stretch across borders and involve complex international supply chains. With this in mind, it is critical that firms implement a customer screening solution capable of matching names to watchlists, new stories, and other media in the Middle East and across the world, capturing large volumes of data while minimising noise and false positive AML alerts.
Ripjar’s Labyrinth Screening platform integrates cutting-edge machine learning technology and advanced analytics to help your firm enhance its customer screening process in the Middle East and beyond. Labyrinth enables searches of thousands of data sources, including news stories, sanctions lists, and watchlists in over 20 foreign languages, taking into account non-Western spelling conventions and characters, such as the use of Arabic, to enable effective, accurate decision making. Fast, flexible and customisable to your risk appetite, Labyrinth Screening offers a powerful advantage in managing the diverse and evolving risk landscape of the Middle East.
As technology transforms the financial landscape, and criminal methodologies become more sophisticated, governments and authorities must address emerging risks by integrating suitable digital tools – a process known as digital transformation.
Given the scale of the challenge, the Financial Action Task Force (FATF) has characterised the digital transformation of anti-money laundering (AML) and counter-financing of terrorism (CFT) as a “necessity”, and President T. Raja Kumar has stated that the FATF will be “exploring the opportunities that technology can offer to improve AML and CFT efforts”. The ongoing digital transformation of the intergovernmental organisation will have consequences for firms in every corner of the world, which must adjust their compliance frameworks to meet new challenges.
The FATF has published a range of guidelines to help firms understand how it is achieving digital transformation. Let’s take a look at some of the key considerations, and explore what the process means for your AML/CFT compliance.
The Adoption of New Technologies
The FATF’s digital transformation emphasises both the integration of new technologies and “innovative ways to use established technology-based processes”. In this context, digital transformation refers to the holistic adoption of digital tools and methods, rather than the process of simply converting analogue data to digital content. The FATF’s approach to digital transformation focuses on the following areas:
New opportunities: The FATF is working to identify opportunities to leverage “emerging and existing technology-based solutions” for AML/CFT innovation. Following research, the FATF published a report into the possible opportunities and challenges of new technology-based AML/CFT solutions.
Data analytics: The FATF is exploring how technology can enhance the analysis of “large amounts of structured and unstructured data”. This focus includes data pooling and collaborative analytics which can make it easier to identify and mitigate money laundering and terrorism financing activities, and reduce false positive alerts, while protecting user privacy rights.
Operational capability: The FAFT will examine ways in which operational agencies can “harness technology to strengthen their operational capability and resilience”. Focus will also fall on optimising the use of technology, enhancing communication and information-sharing, and removing barriers to digital transformation.
Digital identity: Research suggests that reliable digital ID makes it easier to perform customer identification and conduct transaction monitoring. To this end, the FATF is exploring the benefits of digital ID for AML/CFT and for improving access to financial services.
Digital Transformation for FATF Operational Agencies
FATF operational agencies, which broadly refers to Financial Intelligence Units (FIU) within the FATF Global Network, have been integrating digital tools to enhance AML/CFT workflows and solve day-to-day challenges for years. Beyond the automated speed and accuracy of digitisation, the transformation trend reflects a desire amongst FIUs to take advantage of the following key benefits:
Data utility: Digital transformation offers FIUs real time access to a wider landscape of data, stored in multiple databases. That access facilitates better comprehension of AML/CFT data and analysis of AML/CFT alerts.
Data capacity: Digital transformation increases data handling capacity, with FIUs able to analyse larger volumes of unstructured data. By drawing from a larger volume of data, analysts are more likely to be able to observe connections between disparate suspicious transactions.
Data analysis: In the face of increasing volumes of suspicious activity reports (SAR) and suspicious transaction reports (STR), the digital transformation process enhances the efficiency and quality of AML/CFT analysis, enabling FIUs to integrate advanced analytic tools, and mine data more effectively for patterns that indicate criminal activity.
Emergent risks: By integrating innovative new tools, such as AI and machine learning systems, digital transformation offers analysts a better understanding of emergent AML/CFT risks and criminal typologies, and a better chance of spotting behaviour that does not correlate with established risk profiles.
Alert management: Digital tools enable FIUs to better communicate and disseminate SAR information across departments, with enhanced data security and privacy protection. Similarly, digital tools make it easier to store, analyse and provide reporting feedback for STRs.
Digital Transformation for Law Enforcement
Like operational agencies, global law enforcement agencies are also adopting digital tools and technologies to help them detect and investigate financial crimes. The FATF has acknowledged the importance of digital transformation to law enforcement agencies and published a confidential report into the possible AML/CFT applications and opportunities of digital technology.
The FATF also published a public summary of the law enforcement report, which includes the following highlights:
Alignment of vision: The FATF suggests that law enforcement stakeholders should align their vision for their digital transformation objectives. This means considering mid and long-term issues, such as internal priorities, available resources, and technological capabilities, and ensuring that all parties are able to buy in to proposed digital initiatives.
Integrating digital tools: Law enforcement agencies should be clear on which digital tools they need to to get the most out of AML/CFT data, and how to use them. The integration of digital tools should follow a clear roadmap, matched with necessary resources, and supported by in-house management or third-party partners.
Ethical considerations: The integration of new screening and monitoring technologies often creates ethical considerations, especially for personal data privacy and protection. The FATF suggests that law enforcement authorities should consider whether their digital transformation efforts align with existing data protection and security frameworks, and whether legislative amendments are needed to accommodate them.
Investigative support: The FATF suggests that law enforcement agencies should understand which money laundering and terrorism financing crimes would be most impacted by the application of digital tools. Agencies should also consider how to roll out their digital initiatives most effectively, and whether to develop core digital tools in-house or acquire them from third parties.
Law Enforcement Intelligence
Digital tools enable law enforcement and other government organisations to maximise their use of valuable intelligence faster and more effectively. For example, AI-powered data fusion investigative tools, such as Ripjar’s Labyrinth Intelligence platform, enable the understanding of patterns across disparate complex data sets, deriving additional intelligence knowledge and undertaking collaborative reporting.
Those agencies can additionally utilise Ripjar’s Labyrinth Screening platform to enable searches for customers and counterparties while taking into account key characteristics, including mentions in the media or high risk jurisdictions, in order to identify suspicious activity more accurately.
The Future of the FATF’s Digital Transformation
The FATF has established the potential of new technologies to make AML/CFT measures “faster, cheaper and more effective”, and to enhance the implementation of the FATF Recommendations. While it explored the opportunities of data pooling, collaborative analytics, and data protection in 2020-21, in its Annual Report 2021-22, the FATF focused on advanced analytics, in particular machine learning systems, as a means to analyse financial intelligence, and better understand AML/CFT risks.
The specific benefits of machine learning technology include:
Automated analysis of established customer data in order to distinguish suspicious transactions from normal financial activity.
A reduction in the need for front-line human compliance intervention.
Enhanced customer risk assessment and onboarding processes, along with improved customer experiences.
Enhanced information exchange between AML/CFT counterparts.
Adaptive learning processes which account for emerging criminal methodologies and changes in regulation.
Digital Transformation Compliance Solutions
Digital transformation represents a cultural change for the financial services community as much as a logistical one. Beyond seeking effective software systems to replace analogue processes, the FATF’s conception of digital transformation will require regulators and private sector firms to optimise their AML/CFT solutions by effectively harnessing the power of compliance technology – and taking advantage of the analytic possibilities of AI innovation.
In addition to delivering automated speed and accuracy, Ripjar’s Labyrinth Screening is designed to help firms meet the digital expectations of both the FATF and domestic regulators. Powered by cutting edge-machine learning technology, Labyrinth Screening is capable of fusing internal customer data with thousands of global data sources, including international watchlists, news stories, and corporate records, in real time, in over 20 foreign languages. Fully customisable to your firm’s compliance needs, Labyrinth delivers actionable financial intelligence in seconds, automatically extracting the most relevant risk data so that your firm can keep pace with criminal threats in a changing financial landscape.
Learn more about Ripjar’s AML/CFT compliance solutions to support your digital transformation, get in touch with us today
The Financial Action Task Force (FATF) held its second Plenary meeting under President T. Raja Kumar in February 2023, with delegates from 206 jurisdictions and observer organisations attending in Paris. Following a turbulent 2022, the FATF Plenary involved the discussion of the world’s most significant financial crime issues, FATF membership changes, and the consequences of the Russian invasion of Ukraine.
FATF anti-money laundering (AML) and counter-financing of terrorism (CFT) standards must be implemented in the domestic legislation of member states. In order to help your firm remain compliant with the new rules and regulations, let’s take a closer look at the key outcomes and points of interest from the FATF Plenary.
Russia FATF Membership
Following the Plenary, the FATF released a statement on the Russian Federation’s “illegal, unprovoked and unjustified full-scale military invasion of Ukraine”. In addition to expressing sympathy for the Ukrainian people following the “huge loss of lives and malicious destruction”, the FATF noted that the actions of President Vladimir Putin’s regime posed a threat to the “security, safety, and integrity of the global financial system”.
Accordingly, the FATF noted that it was suspending the Russian Federation’s FATF membership. With the suspension in place, the FATF added that Russia would be expected to continue to meet its AML/CFT obligations and that it would remain a member of the Eurasian Group on Combating Money Laundering (EAG). The FATF suggested that it would monitor the ongoing situation in Ukraine with a view to lifting or modifying Russia’s suspension at subsequent Plenary meetings.
Changes to the FATF Black List and Grey List
The FATF’s list of High Risk Jurisdictions subject to a Call for Action, also known as the FATF black list, designates countries that have serious deficiencies in their AML/CFT regulatory frameworks. Black list countries pose an extremely high risk of financial crime and the FATF calls for the deployment of “counter-measures” when dealing with them.
As of the Plenary session in February 2023, there were three countries on the FATF black list:
Democratic People’s Republic of Korea (unchanged since February 2020)
Iran (unchanged since February 2020)
Myanmar (added October 2022)
The FATF’s Jurisdictions Under Increased Monitoring, also known as the grey list, is a list of high risk countries that have “strategic deficiencies” in their AML/CFT infrastructure but that have committed to an action plan in order to resolve them.
The following countries were added to the grey list at the Plenary:
South Africa: South Africa was added to the grey list as a result of its failure to address concerns raised in its 2021 Mutual Evaluation Report (MER). These included inadequate customer due diligence measures, and a lack of AML/CFT resources for compliance employees and law enforcement agencies.
Nigeria: Nigeria’s grey list action plan sets out a series of regulatory requirements, including improvements to the country’s national AML/CFT strategy, improvements to risk-based AML/CFT supervision, and more effective investigations of money laundering and terrorism financing activities.
The FATF also announced that two countries, Cambodia and Morocco, would be removed from the grey list, following their progress in addressing “technical deficiencies” outlined in their individual action plans.
Beneficial Ownership Revisions
The FATF emphasised beneficial ownership as a priority in 2023 and beyond, building on details set out in its 2021-22 Annual Report. The report outlined the need for greater transparency around the “ultimate ownership and control of legal persons” in order to prevent criminals using corporate structures “to hide their identity and launder their illicit profits from criminal activities”. Accordingly, in March 2022, the FATF implemented amendments to its Recommendation 24, with a requirement for a “multi-pronged approach” to collecting beneficial ownership information.
The 2023 Plenary clarified the guidance set out in the Annual Report, with the publication of a document to help countries implement the amended Recommendation 24. The guidance sets out a requirement for countries to establish a domestic beneficial ownership registry, along with a public body to provide supervision. The Plenary also agreed to enhance Recommendation 25 in order to bring legal arrangements into alignment with the beneficial ownership standards set out in Recommendation 24. The FATF will prepare a new guidance document on the revised Recommendation 25.
Ransomware Research
The Plenary recognised the significant increase in “the scale and number of ransomware attacks” in recent years, and the “crippling impact” that they have on businesses around the world. Given the nature of the global ransomware threat, the Plenary emphasised the need to “build on and leverage existing international cooperation mechanisms”, and for authorities to develop the necessary skillets to identify and trace virtual assets involved in ransomware attacks.
The FATF has conducted research into the methodology of ransomware attacks and how criminals launder their financial proceeds, with a report on the research published in March 2023.
Virtual Asset Regulations Implementation
The FATF has noted that “the lack of regulation of virtual assets” in jurisdictions around the world has created opportunities for both money launderers and terrorist financiers. In 2018, the FATF strengthened Recommendation 15, also known as the Travel Rule, to include virtual assets and virtual asset service providers. The Travel Rule requires firms to obtain identifying information about the originators and beneficiaries of virtual asset transactions, and to retain that data for AML/CFT purposes.
The 2023 Plenary agreed to strengthen AML/CFT provisions for virtual assets and virtual asset service providers, with the introduction of a roadmap for the implementation of regulations. The roadmap steps include a review of current regulatory implementations across the FATF global network, and a progress report to be published in 2024 on members’ progress in implementing new regulations.
How Technology Can Help FATF Compliance
FATF members are required to implement FATF Recommendations in domestic legislation, which means that firms must be agile in their AML/CFT response to recent amendments. The changes announced at the Plenary, for example, require firms to conduct enhanced due diligence for customers from South Africa, Nigeria, and Russia (which is also subject to a range of international economic sanctions), and review their beneficial ownership and virtual asset AML/CFT screening capabilities.
The global scope of FATF Plenary guidance means that firms must adjust their data collection and analysis process to capture new risks, and be able to remediate AML/CFT alerts quickly and efficiently. Ripjar’s Labyrinth Screening platform enables exactly this kind of compliance response, with real time risk screening across thousands of international data sources, including adverse media, sanctions lists, and watchlists. Blending structured and unstructured data seamlessly, in over 20 foreign languages, Labyrinth Screening brings enterprise-wide coherence to the screening process, and ensures your organisation reacts as swiftly as possible following the emergence of new regulatory standards or criminal threats.
Following widespread legislative reforms, the Asia-Pacific (APAC) region has seen an increase in financial crime investigations in recent years. While geopolitical events such as the Covid-19 pandemic and the global supply chain crisis slowed anti-money laundering (AML) and counter-financing of terrorism (CFT) efforts in 2021 and 2022, APAC AML regulations will continue to evolve in 2023, and compliance teams should prepare for change.
From the emerging risks of cryptocurrency and digital assets, to new global economic sanctions, the Asia-Pacific region’s financial risk landscape is diverse. To help your organisation stay ahead of its obligations, and address criminal threats, let’s explore some of the most notable AML changes from key APAC regulators.
Singapore
The Monetary Authority of Singapore (MAS) is a regional leader in financial crime enforcement, and regularly announces initiatives to combat financial crime in Singapore and beyond. In October 2022, MAS announced its National Strategy for Countering the Financing of Terrorism, a five-pronged plan for addressing the misuse of Singapore’s financial system for terrorism financing. The plan calls for greater coordination between law enforcement agencies and international counterparts, and sets out the following key priorities:
Coordinated, comprehensive risk identification, emphasising cooperation between government agencies.
Strong legal and sanctions enforcement frameworks, matched to international AML/CFT standards.
Risk-based supervision, matched to international standards and best practices.
Greater inter-agency law enforcement cooperation to ensure decisive action against terrorism financiers.
In support of its inter-agency cooperation objectives, MAS announced the roll-out of its Collaborative Sharing of ML/TF Information & Cases (COSMIC) platform, which is scheduled for implementation in 2023. Co-created by 6 major international banks, COSMIC will facilitate information sharing between organisations in Singapore, with a focus on shell company abuse, illicit trade finance, and weapons proliferation.
Hong Kong
Hong Kong’s primary financial regulator, the Hong Kong Monetary Authority (HKMA) has stated that its priorities for 2023 include tackling fraud and the use of mule accounts to launder money. Its 2022 Risk Assessment report set the money laundering risk to the banking sector at “High”, with fraud as the principal threat.
In order to address fraud, and other AML/CFT risks, the HKMA is continuing efforts to promote wider adoption of AML technology. Those efforts include its Fintech 2025 strategy, which includes a range of initiatives to promote information sharing between financial institutions, such as the launch of the Commercial Data Interchange (CDI).
In 2023, the HKMA has identified the following supervisory priorities:
Prudential work: Health checks on non-bank financial institutions.
Technology: Continuing promotion of fintech adoption and a focus on cybersecurity and third-party risk management.
AML risk: Data-driven supervision, regulatory updates, information sharing, and an analytic focus on mule account networks.
Consumer protection: Investor protection for virtual assets, enhanced protection for credit card services, mandatory reference checking.
China
China’s regulatory scrutiny of money laundering activities increased in 2022 following a significant rise in money laundering convictions between 2016 and 2019. The Chinese government launched its three year action plan to crack down on money laundering in 2022. Led by the People’s Bank of China (PBOC) and the Ministry of Public Security, the plan sets out new coordination and consultation requirements between government departments in order to target money laundering, and includes proposals for new risk prevention mechanisms, AML training programmes, and solutions for the analysis of money laundering typologies.
China’s focus on AML/CFT follows its fourth-round Mutual Evaluation Report by the FATF. As part of its efforts to implement FATF requirements, China clarified its customer due diligence (CDD) rules, and extended those rules to non-banking payment institutions, loan companies, financing firms, and other types of financial service providers.
Japan
Following the FATF’s Mutual Evaluation Report of Japan in August 2021, the Japanese government published its action plan for compliance. The FATF’s main criticism of Japan’s AML/CFT framework was a lack of understanding of risk in certain financial institutions. Accordingly, the action plan requires Japanese financial institutions to improve their risk assessment and risk mitigation measures, and to ensure the efficacy of their ongoing CDD measures.
Japan’s Financial Services Agency (FSA) also identified fintech advances as a source of AML/CFT risk, suggesting that regulatory action will be forthcoming in 2023. The FSA highlighted the risks of crypto-assets, artificial intelligence algorithms, and even “deepfake” videos as potential risk factors and suggested that Japan’s financial institutions should leverage digital tools to enhance the effectiveness of their AML/CFT countermeasures.
With that challenge in mind, Japan has been focusing on new cryptocurrency regulations. In September 2022, the government announced that it would be amending the Act on Prevention and Transfer of Criminal Proceeds in order to extend the FATF’s Travel Rule reporting requirement to cryptocurrency and stablecoin transactions.
Australia
In 2021, the Australian government launched an inquiry into the adequacy and efficacy of Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime. The inquiry identified an ongoing financial crime risk from Designated Non-Financial Businesses & Professions (DNFBPs) such as real estate agents, casinos, gambling companies and lawyers, which had not been brought into the scope of certain AML/CFT reforms. As a result of that failure, criminals had used Australian DNFBPs to launder billions of dollars, enabling criminal activities and networks across APAC.
The inquiry recommends that the Australian Transaction Reports and Analysis Centre (AUSTRAC) extend its AML/CFT reporting rules to DNFBPs, encourage financial institutions to integrate technology as part of their risk-based AML/CFT frameworks, and better align its AML/CFT regulations with international standards. As part of that effort, Australia announced plans for the introduction of a new beneficial ownership registry in November 2022: the registry will aid law enforcement efforts in tracking down foreign money launderers that exploit the country’s financial system.
APAC AML Regulations: How Technology Can Help
APAC is a complex and challenging AML landscape, and firms that do business across the region must be ready to manage a diversity of regulatory obligations. While certain trends, such as the focus on digital asset regulation, reflect the global financial situation, national concerns, such as Australia’s DNFBP crisis, require a localised response.
To understand risk exposure in this environment and avoid regulatory compliance penalties, firms must be able to collect and analyse data at scale, with speed and accuracy. Ripjar’s Labyrinth Screening platform was designed with that objective in mind, enabling firms to search customer names in real time against thousands of adverse media stories, sanctions lists, and watchlists. Integrating machine learning technology, Labyrinth helps firms extract meaningful data from a spectrum of structured and unstructured sources, and adapt quickly to the changing regulatory requirements of jurisdictions across APAC and the world.
To discuss how Ripjar can help you with AML compliance in APAC, get in touch
US compliance teams faced no shortage of adversity in 2022, not least the consequences of Russia’s invasion of Ukraine and lingering Covid-19 pandemic measures. Those challenges prompted a decisive regulatory response from the US government, and meant that firms had to adapt to an evolving anti-money laundering (AML) and counter-financing of terrorism (CFT) risk landscape in order to avoid damaging penalties.
With the Ukraine war and economic turbulence ongoing, US AML regulations will continue to evolve to meet new financial crime risks in 2023. To help your firm navigate the compliance landscape and meet its obligations, let’s take a look at some of the key upcoming US AML regulation changes.
The FINCEN Final Rule
The US’ Anti-Money Laundering Act 2020 (passed on 1 January 2021) set out new rules for the reporting of beneficial ownership information (BOI). Intended to crack down on the use of shell companies and legal structures in money laundering, the rules introduce new reporting requirements and ensure that US law enforcement and security agencies have access to essential company ownership information.
In September 2022, the Financial Crimes Enforcement Network (FinCEN) published its final rule on the BOI provisions. Due to be implemented on 1 January, 2024, the final rule broadly aligns with the original proposals, and introduces the following regulatory points:
A definition of “reporting companies” that are obliged to comply with the BOI rules.
A definition of “beneficial owners” which includes individuals that exercise “substantial control” over a company, such as senior officers or C-suite employees, or that have at least 25% control of the company.
A requirement for companies to report “company applicants” which refers to individuals who file company formation documents, and to individuals who direct those responsible for filing.
A list of ownership information that must be reported, including the names, addresses, and birthdates of owners, and other identifying documents (such as driving licences).
A requirement for firms to report no later than 30 days after their registration date.
A clarification of criminal and financial penalties for reporting violations. Under the new rules, responsibility for violations will “fall principally on individuals” rather than reporting companies.
Closing loopholes in the US AML/CFT framework that are vulnerable to exploitation by shell companies and cash real estate purchases.
Continuing to enhance the US AML/CFT framework by providing clear compliance guidance, facilitating information sharing, and funding supervision and enforcement.
Enhancing the effectiveness of law enforcement in combatting illicit finance.
Enabling the benefits of new technologies while mitigating the risks that they pose and addressing the potential threats of virtual assets and other fintech innovations.
Responsible Financial Innovation Act
Introduced to congress in June 2022, the Responsible Financial Innovation Act (RFIA) is intended to “create a regulatory framework for digital assets” in the US. Also known as the “Lummis-Gillibrand Bill” (after its proponents, senators Cynthia Lummis and Kirsten Gillibrand), the RFIA will provide regulatory clarity for the use of digital assets, including the authorities which will provide oversight for them, and will introduce reporting responsibilities for digital asset service providers.
Key highlights of the RFIA include:
Oversight: The Commodity Futures Trading Commission (CFTC) would become the primary regulator of digital assets.
Reporting: Issuers of digital assets would be required to periodically disclose information to the Securities and Exchange Commission (SEC). All digital asset service providers would be required to make certain disclosures to customers.
Stablecoins: Issuers of stablecoins would be subject to new prudential regulations.
DAO classification: Decentralised Autonomous Organisations (DAO) would be classified as “business entities” and subject to the relevant regulations and tax treatment.
Taxation: Digital assets would be subject to tax rules, with the IRS introducing guidance on certain tax issues.
Responsible Development of Digital Assets
The US government’s regulatory focus on digital assets is growing. In September 2022, President Biden released the Comprehensive Framework for the Responsible Development of Digital Assets, which included recommendations for protecting consumers and national security interests from the risks of digital assets.
The Framework suggests that the Biden administration will introduce further regulatory controls on digital assets in 2023 and beyond. Key highlights include:
Guidance: While the US government prepares digital asset regulations, the Treasury will “issue guidance and rules to address current and emergent risks in the digital asset ecosystem”.
Collaboration: The Treasury and other federal agencies will cross-collaborate with US firms to provide and implement regulatory guidance on digital assets.
Education: The US Financial Literacy Education Commission (FLEC) will lead efforts to increase public awareness of the risks and fraudulent practices associated with digital assets.
Global Sanctions and Ukraine
With the invasion of Ukraine entering its second year, it is likely that the US, along with Western allies, will add to its “unprecedented” sanctions programme against Russia and President Vladmir Putin’s regime. In February 2023, the White House announced a range of new economic restrictions, including:
New export restrictions targeting Russia’s defence and energy sectors.
A crackdown on attempts by third parties to evade US sanctions on Russia.
A joint initiative with the UK to impose sanctions against Russian cybercriminals.
Beyond Ukraine and Russia, the US will evolve its sanctions programmes against a range of global targets. In particular, it is likely that the US will continue to exert pressure on Iran in response to its ongoing oppression of human rights protesters, and efforts to develop nuclear weapons. In early February, the Biden administration imposed sanctions against Iranian petrochemical manufacturers that were selling fuel to customers in Singapore and Malaysia.
It is also likely that the US will target China with additional economic sanctions in response to ongoing espionage activities, including the Chinese spy balloon that was discovered in US airspace in early February. Following that incident, the US announced the addition of six Chinese technology companies to the Bureau of Industry and Security (BIS) Entity List as a result of their support for China’s military aerospace programmes.
Using Technology to Comply with US AML Regulations
While the US is following a global trend of digital asset regulation, its sanctions activity in 2023, especially pertaining to Ukraine, may be harder to predict, and depend on both the economic situation in Russia and progress made on the frontlines. In a compliance context, this means that financial institutions must implement agile screening solutions with a global scope, and be ready to move quickly to adapt to geopolitical developments. Innovative AML technology will continue to be critical to US AML compliance. In a complex and evolving risk environment, firms must be able to acquire meaningful data quickly and accurately, and minimise the amount of false positives their screening solution generates.
With that goal in mind, Ripjar’s Labyrinth Screening platform has a proven track record of helping firms extract actionable insight from complex data sets, including millions of adverse news media articles, and international sanctions and watchlists such as the US’ OFAC sanctions list. Labyrinth uses advanced machine learning algorithms to process data in real time, in over 20 foreign languages, delivering results in seconds to ensure your organisation understands its risk liability, in the US and around the world.
Learn more about Ripjar’s US AML compliance solutions: get in touch today
The EU’s anti-money laundering regulations reflect a challenging global financial landscape, and evolve to account for emerging criminal threats, geopolitical change, and new technologies. Recent events such as the Covid pandemic and Russia’s invasion of Ukraine have only added complexity to the EU’s AML requirements, and increased the importance of regulatory compliance for organisations across the bloc.
Non-compliance with EU AML regulations carries the possibility of strict financial and criminal penalties. In 2022, for example, France’s financial regulator imposed a €1.5 million fine against Crédit Agricole for transaction monitoring and customer due diligence failings, while the Netherlands’ financial regulator issued a €2 million fine against Robeco for similar due diligence failings. With those penalties in mind, EU compliance officers must ensure that they account for a diversity of criminal and regulatory risks, and understand how incoming changes will affect their organisation’s products and services.
From data protection and cryptocurrency, to reporting rules and economic sanctions, the 2023 EU AML package will bring new compliance challenges for firms of every size. To help you stay ahead of those challenges, we’ve put together a guide to the key EU AML developments that your organisation needs to be ready for.
The EU AML Authority
In 2021, as part of its wider EU AML package, the European Commission proposed the creation of a new Anti-Money Laundering Authority (AMLA), which would be dedicated to protecting the EU’s financial system from money laundering and terrorism financing threats. In a September 2022 address, EU Commissioner Mairead McGuinness described AMLA as a “game changer”, and set out a range of functions that it would perform, including the supervision of high risk cross border financial sector bodies, and the provision of a Joint Supervisory Team with national supervisors.
AMLA is scheduled for implementation in 2024. The Commissioner pointed out that it will not replace existing national AML/CFT authorities but will contribute to the creation of a harmonised supervision system across the bloc.
The New 6AMLD
The EU’s AML package also included the announcement of updates to the Sixth Anti-Money Laundering Directive – essentially a ‘new’ 6AMLD. The updates entail a range of legislative mechanisms and measures, which include the introduction of:
National risk assessments every 4 years
Financial intelligence unit (FIU) frameworks for analysis and SAR submission
Clarification of beneficial ownership information requirements
Cross-border asset registers
New public supervisory bodies to provide oversight for EU self-regulatory bodies
Clarification of the rules for collecting personal data in the context of AML/CFT
Enhanced protection for whistleblowers that expose financial crimes
Common Rules of Conduct for FIs
Accompanying the creation of AMLA, will be the introduction of a ‘single rulebook’ for AML/CFT across the EU, based on the harmonised practices set out in the AMLDs. The single rulebook will establish a set of common rules of conduct for financial institutions (FIs) operating in the EU, including:
More detailed customer due diligence (CDD) rules to help FIs determine what type of measures should be applied for different levels of risk.
Clarification on the rules for determining ultimate beneficial ownership (UBO) in order to establish a more consistent definition of the term across the EU. The rules will also clarify the powers and obligations of FIs when investigating UBO.
A requirement to connect bank accounts to national registers in order to facilitate faster information sharing processes.
Crypto Asset Transfer Regulations
In June 2022, the EU announced its landmark Markets in Crypto Assets (MiCA) framework, which will come into legal effect in 2024. A set of crypto regulations relating to unbacked crypto assets and stablecoins, MiCA imposes the following compliance requirements on cryptocurrency service providers:
Under MiCA, issuers of stablecoins will have to maintain a sufficient liquid reserve to ensure redemption in the event of a mass withdrawal.
MiCA will require crypto asset service providers to obtain authorisation from a national authority in order to operate in the EU.
MiCA will introduce a public register of crypto asset service providers that are non-compliant with the new regulations. The register will be overseen by the European Banking Authority (EBA).
MiCA will come into effect in 2024 along with the Transfer of Funds Regulation (TFR), a separate set of compliance requirements that address the anonymity risks associated with cryptocurrency transactions. The TFR will introduce the following measures and controls:
Cryptocurrency exchanges must obtain the personal details of all parties involved in a crypto asset transfer or transaction. This requirement also applies to unhosted crypto wallets when the value of a transaction exceeds €1,000.
Crypto service providers must screen beneficiaries of transactions against sanctions lists.
Crypto service providers must provide the authorities with the personal data of customers when it is requested.
EU firms should begin preparing for the introduction of TFR and MiCA, which are legislatively intertwined, and which are designed to further harmonise AML/CFT regulations across the EU.
The UK’s Second Economic Crime Bill
While the UK left the EU in 2020, its AML/CFT regulations have kept pace with those of the EU. One of the most significant regulatory changes that will take effect in the UK in 2023 is the second Economic Crime (Transparency and Enforcement) Bill, which will prioritise the prevention of foreign money laundering and promote the UK as a safe business destination. Under the second Economic Crime Bill, the UK will implement the following regulatory steps:
Enhanced investigative and enforcement powers for Companies House.
Reform of limited partnership regulations to prevent misuse by foreign persons.
New regulatory powers to seize and recover crypto assets derived from money laundering and other financial crimes.
Enhanced anti-money laundering regulations including reformed information sharing rules, a simplified SAR submission process, and an increased focus on high value financial crime.
The second Economic Crime Bill builds on steps taken in the first Bill, which introduced an overseas entities register containing beneficial ownership information, a simplified unexplained wealth order (UWO) process, and strict liability for economic sanctions breaches. The Economic Crime Bills reflect the UK’s commitment to keeping pace with the EU, in 2023 and beyond, on issues such as Russian abuse of western financial systems, and the money laundering risks posed by cryptocurrencies.
How Technology Can Support EU Regulatory Compliance in 2023
The EU AML package will require firms to expand their compliance capabilities in 2023, with specific new requirements for data collection during CDD and UBO checks, and the sanctions screening process. At the same time, firms will have to adapt to enhanced scrutiny from new and existing authorities, which will be focusing on AML/CFT harmonisation. In this changing environment, it is crucial that firms find and implement a technology solution capable of meeting new compliance standards, and of adapting to new regulations as they are introduced.
Ripjar’s Labyrinth Screening platform offers your business a powerful advantage in meeting the evolving standards of EU AML/CFT compliance. Powered by machine learning technology, Labyrinth Screening enables you to search customers against thousands of structured and unstructured data sources, including adverse media, and global sanctions and watch lists. Labyrinth delivers actionable intelligence in real time, screening in over 20 foreign languages, to ensure that you know as soon as possible when a customer’s risk profile changes, and can adapt to new threats as they emerge, or new legislation as it is implemented.
Learn more about Ripjar’s EU AML/CFT compliance solutions – contact us today
