Implementing 4MLD: Main points
The European Union’s Fourth Anti-Money Laundering Directive (4MLD) was created with an aim to strengthen the AML regime across the EU and is set to come into force today.
Published on 5 June 2015 and replacing the Third Directive, the 4MLD will impose new responsibilities and burdens to reduce ongoing risks.
As the 3MLD was seen as lenient in some respects, the enactment of the 4MLD was largely to enhance Europe’s anti-money laundering management and to address any weaknesses in the regime. It’s also designed to bring the recommendations of the Financial Action Task Force into effect.
Member states were given a two-year period for the directive to be implemented into national law, with the deadline scheduled for 26 June 2017 (today).
Main implications of the 4MLD:
- For branches and subsidiaries operative in other Member States, the 4MLD requires that the UK national provisions are adhered by. Where oversight of such compliance largely occurs in the head office, firms will be required to review certain procedures.
- An EU level risk assessment report will be published by the European Commission, and every two years, each Member State will be required to deliver their own National Risk Assessment (NRA). Firms are expected to acknowledge the UK’s NRA when reviewing and updating their own AML risk assessments.
- One of the new responsibilities brought in by the 4MLD is for firms to provide a written risk assessment. This will need to cover the methodology of necessary steps taken to identify and assess any terrorist financing or money laundering risks. It must be readily available to be sent to the Financial Conduct Authority and should be kept up to date.
- Prior to the 4MLD’s implementation, specific customers were automatically entitled to apply for Simplified Due Diligence (SDD) – this is no longer the case. Instead, firms will be required to assess the risk level posed by certain customers before SDD is applied for, and provide a strong explanation for doing so. This is likely to result in customer risk assessments facing greater scrutiny and cause the controls on record keeping to grow.
- In regard to corporate entities, a directory of their beneficial owners will need to be produced by each Member State, for those entities which are incorporated there. Whilst information on settlers, beneficiaries and prosecutors will need to be accessible to local regulators, this will not be part of a public register. National law in the UK has been changed already in this respect, requiring beneficial ownership information to be reported to a central register.
- The definition of a ‘Politically Exposed Person’ will also change under the 4MLD, removing the distinction between PEP’s working domestically, and domestic PEP’s who work abroad for foreign organisations. Firms will be required to make sure that domestic clients holding prominent positions are recognised and categorised accordingly as well as applying enhanced due diligence.
- Any suspicious completed or attempted transactions will need to be reported.
- The requirement for firms to retain client information for a maximum of five years remains, but there is now a provision for Member States, in certain circumstances, to potentially extend this period.
- Under the 4MLD, the threshold to undertake customer due diligence will be reduced to €10,000 when trading in cash for goods, regardless of whether this takes place over several linked transactions or just a single one.
Law firms will need to:
- Test all internal procedures and policies
- Show that risk assessments are up to date
- Ensure employees are adequately trained in conducting risk assessments and due-diligence
- Maintain compliance reports and review file management