As money laundering and terrorist financing continue to threaten global security, the EU continues to fight back in order to preserve the integrity of the financial ecosystem. Their most recent legislation, The 5th Money Laundering Directive (5MLD) was implemented in January 2020.
What is 5MLD? Key take-aways:
Customer Due Diligence (CDD) was at the core of 4MLD and the requirements only increase with 5MLD. Leveraging the proper use of data is critical to comply. Beyond CDD, a new key provision for consideration are the regulatory requirements for identifying and tracking Ultimate Beneficial Ownership (UBO).
With both CDD and UBO, the additional “heavy lift” is the lowering of thresholds for identity verification. The 250 EU threshold from 4MLD is reduced to 150 EU in 5MLD.
5MLD will also require verification of previously anonymous prepaid cards. This is driven by the understanding of recent money laundering and terrorist activities being financed by smaller prepaid financing activities.
5MLD recognizes the advancements made to security and authentication measures for online transactions, enabling member states to review “risk classification” of non-face-to-face channels and potentially unburden e-commerce from EDD by default.
5MLD specific changes:
Previously, cryptocurrencies have been the source of significant concern for financial regulators. Many worry that crypto-based assets allow criminals to move large amounts of money around the world quickly and with limited governmental oversight.
As cryptocurrencies gain more widespread popularity among legitimate customers, regulators introduced new efforts in 5MLD to bring accountability and oversight to this space.
These changes include:
- 5 MLD introduces a legal definition of cryptocurrency as “a digital representation of value that can be digitally transferred, stored or traded and is accepted…as a medium of exchange.”
- Cryptocurrency exchanges and custodial wallets are reclassified as obliged entities, and are now subject to the same CFT and AML requirements as laid out for financial institutions.
- 5MLD provides Financial Intelligence Units with a mandate to obtain address and identity data of individuals who own cryptocurrency, making them less anonymous and easier to track over time.
Politically Exposed Persons are another target of 5MLD. Under the new law, the EU and Member states will create and maintain functional lists of prominent positions that are politically exposed. Because the individuals holding these positions are likely to change over time, the list will include the position and any relevant details, but not name of the individual holding the position.
Pre-paid card users will face increased Customer Due Diligence (CDD) measures as the monetary threshold decreases from €250 to €150. The threshold for CDD for online transactions is reduced to 50€. Pre-paid cards issued in other parts of the world are now prohibited unless the country in which they were issued enforces AML and CFT protections on par with those set out in 5 MLD.
4. High-Risk Third Countries
The EU will compile a list of High-Risk third countries where AML and CFT protections are perceived as deficient. Transactions involving customers from these countries should be classified as higher risk. Companies and other Obliged Identities must perform Enhanced Due Diligence (EDD) and obtain approval from senior management before transacting (or continuing to transact) with customers in these countries.
5. Ultimate Beneficial Ownership (UBO)
UBO Ownership registers (established under 4 MLD) must now be made publicly available. Trusts and other similar types of arrangements must observe the same UBO reporting requirements as companies. Member states must create and maintain a separate UBO register for bank accounts. This register will not available to the public and will only be accessed by authorities.
5MLD expands AML and CFT reporting obligations for merchants of high-value goods ranging from oil and arms to precious metals and fine art. Dealers and intermediaries selling these types of goods are also required to perform due diligence procedures on their customers. High-value art deals are targeted specifically, with regulators requiring AML verification checks on all single (or aggregated) transactions of €10,000 or more.
5MLD recognizes the advancements made to security and authentication measures for online transactions enabling member states to review “risk classification” of non-face-to-face channels and potentially unburden e-commerce from EDD by default.
How GDC can help
GDC has brought together an industry-first Compliance Advisory Board (CAB). GDC’s CAB is an independent body of compliance professionals that help others in the industry manage the challenges of protecting data privacy and maintaining compliance with other global regulations.
Contact us today to learn more about how the CAB can help you.