The Fifth EU Anti-Money Laundering Directive (AMLD5) took effect on 10th January 2020. Since it was first published in June 2018, national governments have been enshrining it into law. While each EU country is implementing the directive in its own nuanced way, what they all have in common is to further tighten the existing AML regulation.
Throughout last year, kompany has been advising its customers on AMLD5’s implications, particularly on the requirement to rely on audit-proof information. This usually means the information must be retrieved directly from a primary source when the check is done. Fortunately, this is exactly what kompany helps its clients do.
kompany operates an unrivalled proprietary global, real-time network with access to official company registers in over 200 jurisdictions. The Business KYC (KYB) solutions offered are based on the provision of time-stamped, primary source company information satisfying the new stricter requirements.
AMLD5 updates AMLD4 which was released three years earlier. Below are the most significant differences between the two and the implications to watch out for.
1. Extension of Obliged Entities
Traditional banks and financial institutions (FIs) are used to implementing demanding regulatory provisions at an ever-growing pace. But focusing on proper AMLD5 preparations for January 2020 in addition to numerous other challenges such as Brexit, new IFRS standards, PSD2's SCA and many more, is not easy. This is especially true considering banks and FIs still have their hands full with post-implementation refinements of previous regulatory projects such as MiFID II/MiFIR, CRS, Benchmark Regulation, and IDD.
The newly regulated industries such as art dealerships and virtual currency providers are facing an even bigger challenge. The task of implementing a full flag AML Compliance Program in a short space of time is immense. And it is probable that most of these businesses have not yet had the chance of establishing a functioning network with regulators, competitors or representative industry bodies.
2. Obligatory Ultimate Beneficial Owner Checks
This additional burden for banks and FIs also comes with several new risks. Either they can be held liable for not reporting presumed gaps, or if they report presumed gaps which turn out not to be true, then their customer relationships may be damaged.AMLD4 introduced the concept of a Beneficial Owner Register, and AMLD5 leverages its broader use. This is particularly relevant for banks and financial institutions who were previously merely encouraged to consult such registers. Now AMLD5 makes it an obligatory part of their due diligence processes. And the regulator is effectively employing banks and FIs as its deputy sheriffs to ensure the registers’ high quality of information. There is a shift towards actively encouraging banks and FIs to follow up with customers and have them correct entries in the beneficial owner register.
3. Enhanced Due Diligence Obligations for High Risk Third Countries
Enhanced due diligence in high risk third countries calls for more transparency into where the money of a customer's customer is coming from, meaning stricter Know Your Customer’s Customer checks (KYCC). Every experienced AML Officer knows how hard it is to convince a customer's customer - who has no contractual ties to the obliged entity - to disclose any sensitive information about their owners or operations.
Some obligated entities might therefore have to rethink their business models. AMLD5 is now even arguing for additional security safeguards such as the winding down of operations in certain high risk third countries. This is further complicated by the inability within the EU (and on a global level) to agree on a single list of which these defined countries are.
4. Expanded role for Financial Intelligence Units (FIUs)
Banks are expected know about their customers based on the data they hold on them and from any subsequent research they do. But from now on FIUs will know a lot more due to their increased inter-connectivity. The implications are that banks face a higher risk of being fined if they do not detect red flags before the regulator.
In summary, in the context of these tightened AML rules, using a risk-based approach as an argument for a slack implementation of AML processes is no longer a practice that Regulators will accept. As a result. RegTech solutions are now crucial for a broader range of regulated entities to ensure they avoid reputational damage and stay on the right side of the law. There is now a much greater burden for organizations to demonstrate that their compliance activities are audit- proof. And this now relates not only to their processes, but also the data itself upon which their checks are based.
kompany is the leading RegTech platform for Global Business Verification and Business KYC (KYB) providing audit-proof, primary source and time stamped company information in real-time. It is headquartered in Vienna, Austria and has offices in Singapore and the UK. kompany is a government licensed clearing house and official distributor for commercial and business registers in multiple countries worldwide.