The EU’s Fifth Money Laundering Directive ((EU) 2018/843) (“MLD5”) was adopted in April 2018. The UK adopted the Money Laundering and Terrorist Financing (Amendment) Regulations 2019 (the “2019 Regulations”) on 20 December 2019 to transpose MLD5 into national law and update the current money laundering regulations (“MLR”). The main aim of MLD5 is to reduce the risk of terrorist financing by expanding the scope of the MLR to encompass modern technology services and alternative financial systems and payment methods, as well as increasing the transparency of financial transactions and the entities that undertake them. This article summarises some of the main areas of development.
The 2019 Regulations have increased the scope of the MLR so that cryptoasset exchange provider (“CEPs”) and custodian wallet providers (“CWPs”) (as newly defined in the 2019 Regulations) are now “relevant persons”. CEPs are platforms through which cryptoassets can be exchanged and CWPs are entities that safeguard cryptoassets or cryptographic keys. CEPs and CWPs have to comply with the requirements of the MLR from 10 January 2020. They will be subject to reporting and customer due diligence obligations, the requirement to assess money laundering and terrorist financing risks, and the requirement for adequate internal controls and record keeping. They will also have to register with and provide certain information to the FCA, including their programme of operations, business plan, structural organisation, systems and controls, and individuals responsible for the management of the CEP/CWP, beneficial owners and close links.
Cryptoasset businesses should begin preparing to comply with these new obligations. There will be a transition period for FCA registration lasting until 10 January 2021 for cryptoasset businesses carrying on business in the UK immediately before 10 January 2020. But CEPs and CWPs will have to comply with all other requirements from 10 January 2020.
Safeguards for transactions to and from high-risk third countries
Under the 2019 Regulations there are now additional high-risk factors which must be included when firms are assessing the need for enhanced due diligence. One of these is where there are relevant transactions between parties based in high-risk third countries (n.b. not merely where business transactions “involve” high-risk third countries). Firms will need to obtain additional information on the customer, its beneficial ownership, source of funds, and must put in place additional ongoing monitoring. These changes are being made because MLD5 aims to standardise treatment of transactions and relationships involving high-risk countries whereas the previous MLR regime allowed member states to determine their own requirements.
Beneficial ownership: reporting discrepancies to Companies House
Companies subject to the MLR will be required to check for any discrepancies in beneficial ownership between information contained in the official register (e.g. PSC register) and any information uncovered during “know your customer” checks before establishing a business relationship with another entity. If any discrepancies are found, they must be reported to Companies House which must then investigate and, if necessary, take action to resolve the discrepancy.
In response to this change, the Law Society pointed out that the PSC regime tests and beneficial owner test under MLD5 are not the same, so identifying “discrepancy” may not be straightforward. Care should be taken when making the comparison.
Centralised registers for banks and payment account registers and ensuring Financial Intelligence Units (“FIU”s) have access to information
There is a new requirement coming into force on 10 September 2020 for credit institutions and the providers of safe custody services to respond to requests for information via central automated mechanisms (e.g. central registers or central electronic data retrieval systems). This will enable law enforcement agencies to request customer information from and quickly identify the holders and controllers of bank accounts and safe-deposit boxes.
FIUs will also now have the power to request money laundering and terrorist financing information from firms even before a firm has submitted a suspicious activity report.
Further reforms to the MLR may be on the horizon as the sixth EU AML directive (6MLD) was adopted in late 2018 and EU members must transpose it into national law by 3 December 2020. It is yet to be seen whether the UK government will implement the legislation in light of Brexit.
Andrew Dodds, Partner in the Banking & Finance team at Stevens & Bolton comments:
“Although the 2019 Regulations will affect cryptoasset business most significantly by bringing them within the scope of the MLR, firms already within its scope must also be alert to the new requirements. They should make sure their policies are updated to reflect the changes, particularly in relation to beneficial ownership information requirements and the additional high-risk factors.”