Spain is one of the wealthiest nations in Europe, with a highly developed economy that hosts a spectrum of businesses and investment interests. Unfortunately, Spain’s growth and development as an economic power has also made it a target for criminals, who seek to exploit its financial system to commit fraud and other serious financial crimes, such as money laundering and terrorism financing. In response to those threats, the Spanish government has developed a robust anti-money laundering (AML) and counter-financing of terrorism (CFT) framework to protect the country’s economic system and meet its obligations in the global fight against financial crime.
Following recent financial scandals across Europe, and high profile prosecutions of money launderers within Spain, Spanish regulators have increased their focus on screening and compliance. Given the potential for steep financial penalties, it’s vital that businesses understand Spain’s AML regulations, how to achieve compliance, and how to manage incoming regulatory challenges.
Spain’s AML Regulator: SEPBLAC
Established in 1993, the Commission for the Prevention of Money Laundering and Financial Crimes, or Servicio Ejecutivo de la Comisión de Prevención de Blanqueo de Capitales (SEPBLAC) is Spain’s AML/CFT regulator and financial intelligence unit (FIU). SEPBLAC operates under the authority of the Secretariat of State for Economy and Business Support, which is a collective composed of a number of Spanish government representatives and law enforcement agencies.
In its supervisory role, SEPBLAC’s mission is to ensure that financial institutions comply with Spain’s risk-based AML/CFT regulations “in accordance with the best international practices”. As an FIU, SEPBLAC handles the submission of suspicious transaction reports (STR), analysing financial data to determine whether to launch criminal investigations.
Like most global AML/CFT regulators, SEPBLAC also has a duty to work with international counterparts to address financial crime threats. To that end, SEPBLAC coordinates with other EU supervisory authorities and FIUs, and shares financial intelligence on platforms such as FIU-Net and the Egmont Secure Web (ESW).
Key AML Regulations in Spain
Spain’s main article of AML legislation is Law 10/2010 of 28 April on the prevention of money laundering and terrorist financing. The legislation imposes risk-based AML/CFT compliance obligations on firms within Spain, along with reporting and record-keeping obligations.
Anti-Money Laundering Directives: As an EU member, Spain is required to transpose into law the EU’s Anti-Money Laundering Directives (AMLD). The most recent AMLD, the Sixth Anti-Money Laundering Directive (6AMLD), included a new definition of the crime of money laundering (that included aiding and abetting), set out a harmonised list of money laundering predicate offences, and increased the minimum penalties for persons convicted. Spain implemented 6AMLD through Royal Decree-Law 7/2021, of April 27.
Penalties for money laundering in Spain are imposed under the Criminal Code and include a prison sentence of up to 6 years and a fine of up to three times the value of the assets involved. Authorities may also impose business prohibitions of up to 3 years on persons found guilty of money laundering.
How to Comply with Spain’s AML Regulations
Following Financial Action Task Force (FATF) guidance, Spain requires firms to take a risk-based approach to AML/CFT, which means they must assess the risk that their customers present, and then deploy proportionate compliance measures. The FATF Recommendations set out the measures and controls that must be implemented as part of a risk-based AML/CFT compliance solution. These include:
- Customer identification: Firms must collect identifying information from customers in order to build accurate risk profiles. Suitable customer due diligence (CDD) information includes names, addresses, birth certificates, and business incorporation documents. High risk customers may warrant enhanced due diligence (EDD) measures.
- Beneficial ownership: Firms must ensure that customers are not using shell companies or corporate structures to conceal their identities and evade compliance controls. Accordingly, AML/CFT solutions should also include verification of the ultimate beneficial ownership (UBO) of customer-entities.
- Suspicious transactions: Firms must screen customer transactions for suspicious activity, including transactions with high risk individuals or transactions that involve high risk jurisdictions.
- Customer screening: Firms should ensure that customers are not designated on international sanctions lists or watchlists, and are not politically exposed persons (PEP), by screening customers on an ongoing basis against the relevant data sources.
Adverse Media Screening: One of the most effective and accurate ways to establish customer risk is to screen customers against adverse media sources, which include news stories, social media, blog posts, forum posts, and more. Adverse media typically reveals customer AML/CFT risk, such as involvement in financial crime, before it is confirmed by official sources – and so enables firms to deploy the appropriate compliance response as quickly as possible. Firms should dedicate screening resources to capture a wide range of adverse media from around the world.
Incoming AML Regulations
In June 2022, the EU reached a provisional agreement to introduce a new regulatory framework for unbacked crypto-assets and stablecoins, known as Markets in Crypto-Assets (MiCA). The EU also passed the Transfer of Funds Regulation (TFR), which extends AML/CFT regulations to cryptocurrency service providers. Both regulations will come into effect in Spain, and across the EU, in 2024. With the new regulations on the horizon, firms in Spain should ensure they adjust their compliance solutions to account for new levels of risk from transactions that involve virtual assets.
AML Solutions: Screening Technology
Under the EU’s AMLD regulations, firms in Spain must be prepared to screen against a range of global data sources including adverse media. With that in mind, it’s vital that firms find a technology solution capable of searching for customer names with suitable scope, flexibility, and accuracy in order to capture breaking news stories, new sanctions designations, social media entries, and other types of media – and do so quickly whilst minimising false positive alerts.
Ripjar’s Labyrinth Screening platform gives firms that capability. Built on cutting edge machine learning technology, Labyrinth enables comprehensive, real-time searches of thousands of global data sources, including foreign news articles, sanctions lists, and watchlists, in over 20 languages, and delivers actionable financial intelligence in seconds. In a complex and changing EU regulatory landscape, Labyrinth lets firms tailor their compliance response to specific AML/CFT risk factors, react to new legislation and criminal threats, and know as soon as possible when a customer’s risk level changes.