EUROPEAN COMMISSION

Strasbourg, 5.7.2016

COM(2016) 450 final

2016/0208(COD)

Proposal for a

DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and amending Directive 2009/101/EC

(Text with EEA relevance)

{SWD(2016) 223 final}
{SWD(2016) 224 final}

EXPLANATORY MEMORANDUM

1.CONTEXT OF THE PROPOSAL

•Reasons for and objectives of the proposal

•Consistency with existing policy provisions in the policy area

•Consistency with other Union policies

–the criminal law framework with regard to offences relating to terrorist groups, and especially the incrimination of terrorism financing as included in the proposal for a Directive on combating terrorism 10 , as well as the commitments undertaken by the Union when signing the Additional Protocol to the Council of Europe Convention on the Prevention of Terrorism;

–the single market for payments establishing a safer and more innovative payment services across the EU, namely rules laid down in Directive (EU) 2015/2366 11 and Regulation 2015/751 12 ;

–the legal framework setting up customer due diligence on financial accounts enabling the automatic exchange of financial account information in tax matters (by implementing the Global Standard) as foreseen by Directive 2011/16/EU, as amended by Directive 2014/107/EU 13 ;

–the framework for effective public and private online services, electronic business and electronic commerce in the Union, as set up by Regulation (EU) No 910/2014 14 ;

–the reformed data protection regime, stemming from Regulation (EU) 2016/679 15 and Directive (EU) 2016/680 16 , and in line with the relevant case law of the Court of Justice of the European Union;

–the digital single market, as set out in the Commission's Communication "A digital single market strategy for Europe" 17 and the specific provisions on electronic identification and trust services for electronic transactions laid down in Regulation (EU) No 910/2014 (the "eIDAS Regulation") 18 ;

–consumer protection and financial inclusion;

–the objectives pursued by the Commission as indicated in its Communication on further measures to enhance transparency and the fight against tax evasion and avoidance 19 .

2.LEGAL BASIS, SUBSIDIARITY AND PROPORTIONALITY

•Legal basis

•Subsidiarity

In addition, lack of an effective AML/CFT framework in one Member State may be exploited by criminals and has consequences in another Member State. Therefore, it is important to have a harmonised framework at Union level, as massive flows of "illicit" money and terrorist financing can damage the stability and reputation of the financial sector..

Clearly drafted rules requiring enhanced transparency for a broad range of economic operators, including undertakings and business-type trusts, address more than theoretical disparities in the functioning of the internal market. The risk of an impaired functioning of the internal market is a concrete one: all Member States are directly impacted by increasing efforts on unprecedented scale by criminals and their associates to disguise the origin of criminal proceeds or to channel lawful or illicit money for terrorist purposes.

•Proportionality

•Choice of the instrument

3.RESULTS OF STAKEHOLDER CONSULTATIONS AND IMPACT ASSESSMENTS

•Stakeholder consultations

–Member States and representatives of their public authorities;

–representatives of the European Parliament;

–representatives of the payment services sector (card schemes, issuers of prepaid cards, a representative association);

–relevant virtual currencies market players: exchange platforms, wallet providers, a representative group of virtual currency stakeholders;

–stakeholders belonging to the banking and financial sector;

–Financial Intelligence Units (EU FIU Platform);

–Europol;

–consumer organisations;

–the European Data Protection Supervisor.

•Impact Assessment

The Impact Assessment draws on relevant reports issued by Union and international organisations such as the European Banking Authority (EBA), the European Central Bank (ECB), Europol, the Bank for International Settlements (BIS), and the FATF. It also draws on data made available to the public by international media.

It addresses the following issues:

(1)Suspicious transactions involving high risk-third countries are not efficiently monitored due to unclear and uncoordinated customer due diligence requirements;

(2)Suspicious transactions made through virtual currencies are not sufficiently monitored by the authorities, which are unable to link the transactions to identified persons;

(3)Current measures to mitigate money laundering and terrorist financing risks associated with anonymous prepaid instruments are not sufficient;

(4)FIUs have limitations in ensuring timely access to – and exchange of – information held by obliged entities;

(5)FIUs lack access, or have delayed access, to information on the identity of holders of bank and payment accounts.

Non-legislative options to address the issues identified have been evaluated. The Commission could (i) formulate 'best practices' to overcome the practical obstacles identified in a mapping exercise, which is currently being conducted within the FIU platform; (ii) formulate recommendations to Member States (on a 'comply or explain' basis) in order to mitigate money laundering and terrorist financing risks identified during the suprantional risk assessment that is currently being conducted; and (iii) deepen its engagement within international fora dealing with counter-terrorist financing in order to strengthen cooperation and exchange of information in this strategic field.

The need to formulate specific regulatory provisions was retained as essential and the most appropriate option.

In respect of improving the effectiveness of EU policy for high-risk third countries, three regulatory options were examined. The option retained is to modify the 4AMLD by providing a prescriptive list of enhanced customer due diligence measures to be applied by obliged entities, combined with an illustrative list of countermeasures that could be applied when dealing with high-risk third countries designated by the Commission.

With regard to improving the detection of suspicious virtual currency transactions, six regulatory options were examined. The option retained consists of a combination of means, namely (i) bringing virtual currency exchange platforms and (ii) custodial wallet providers under the scope of the Directive, while (iii) allowing more time to consider options as regards a system of voluntary self-identification of virtual currency users.

Insofar as reducing the misuse of anonymous prepaid is concerned, five regulatory options were examined. Here, the option retained consists of a combination of means, namely (i) the suppression of anonymity for the online use of reloadable and non-reloadable prepaid cards, and (ii) the reduction of the existing € 250 threshold for anonymous prepaid cards to € 150 when used face-to-face.

In order to improve FIU access to – and exchange of – information held by obliged entities, two regulatory options were examined. The option retained is to further clarify the legal obligations on FIUs by aligning the text of the 4AMLD with the latest international standards on the powers that FIUs should have when requesting additional information from obliged entities.

To provide FIUs (and potentially other competent authorities active in the anti-money laundering/counter-terrorist financing field) with an efficient mechanism to ensure timely access to information on the identity of holders of bank and payment accounts, three regulatory options were examined. The option retained is to put in place an automated central mechanism – such as a central registry or an electronic data retrieval system – at Member State level, allowing for the swift identification of account holders. This mechanism would be directly accessible to national FIUs and potentially other competent authorities active in the field of anti-money laundering or counter-terrorist financing.

A second part of the Impact Assessment was specifically drafted to deal with issues concerning lack of transparency and measures to remedy access to beneficial ownership information.

A first issue addressed is the non-systematic monitoring of the existing beneficial owners of existing customers like trusts, other legal arrangements and legal entities such as foundations. This allows circumvention of existing EU transparency standards found in Directive 2011/16/EU on Administrative Cooperation and an opportunity to hide illicit money, and requires new rules to be laid down at Union level.

A second issue assessed is the publicity and transparency of the beneficial ownership registers for legal entities. The 4AMLD already establishes obligations in respect of the identification of the beneficial owners of legal entities and legal arrangements, the storing of that information and differentiated levels of access to it. With a view to better record such information and enhance access to it, the Impact Assessment analysed options ranging from (i) keeping the current system in place to (ii) making the optional system in the 4AMLD mandatory and (iii) establishing public access to information. The option retained as the most appropriate from a costs, impacts and legitimacy perspective was that of requiring Member States to disclose via a register beneficial information for companies and business-type trusts and other similar legal arrangements, while retaining the necessity to demonstrate a legitimate interest for access to that information in respect of trusts and other legal arrangements that do not qualify as business-type.

In addition, the Impact Assessment addresses the need to set in place a coherent, uniform scheme for the registration of the beneficial ownership information of all trusts set up in the Union. Thus, starting from a detailed analysis of the current situation and the problems encountered in practice with the application of the registration system set out by the 4AMLD, a number of options are analysed: (i) keeping the current system; (ii) registration in jurisdiction of the governing law and (iii) registration in jurisdiction of administration. Option (iii) is retained as the most beneficial and the clearest, and supporting arguments are indicated: least cumbersome option for Member States, the easiest to apply.

•Fundamental rights

4.BUDGETARY IMPLICATIONS

5.OTHER ELEMENTS

•Explanatory documents

•Detailed explanation of the specific provisions of the proposal

As not all Member States have mechanisms in place allowing their FIUs to have timely access to information on the identity of holders of bank and payment accounts, some FIUs are hampered in the detection of criminal and terrorist financial flows at national level. Moreover, the FIUs concerned are also unable to exchange such information with their EU and non EU-counterparts, which complicates cross-border preventative action.

In Articles 30 and 31, the 4AMLD sets out rules on the collection, storing and access to information on the ultimate beneficial owner(s) of companies, trusts and other types of legal arrangements. Currently, those entities are required to hold accurate information on their beneficial ownership.

The 4AMLD sets out a structured approach in respect to legal entities, differentiating between companies and trust and similar legal arrangements. The present proposal retains that structure.

- Corporate and other legal entities

Pursuant to Article 30 of the 4 AMLD, any person or organisation demonstrating a legitimate interest can access beneficial ownership information. In practice, complex ownership structures have been used to obscure links to criminal activities, tax obligations, the involvement of politically exposed persons and sanctioned individuals or jurisdictions. At the same time, differing approaches to transparency around ultimate beneficial owners also create challenges and confusion for companies, which need to dedicate significant resources to their own systems and controls, while investors, shareholders, and other stakeholders have to rely on publicly available and instantly accessible information about the control and ownership of listed companies.

Understanding the beneficial ownership of companies is at the heart of the risk mitigation of financial crime and of prevention strategies for regulated firms. In addition, within the EU framework, this aspect is at the core of a nexus between the preventive regime in the 4AMLD and company law, namely the Directive 2009/101/EC, the Union legal act that lays down the rules on disclosure of company documents. The present proposal addresses this issue by means of an amendment to that Directive so that Member States will be required to ensure compulsory disclosure (public access) to a limited set of information on beneficial owners firms and legal entities engaging in profit-making activities as laid down in Article 54 TFEU. A good corporate governance infrastructure should combine transparency, accountability and integrity, and this includes knowledge of beneficial ownership.

The requirement to grant public access to beneficial ownership information is well founded as it will provide additional guarantees to third parties wishing to do business with those companies. The protection of minority investors and protection of stakeholders such as third parties wishing to do business with the entity or structure requires access to reliable information about the ownership, including the identity of the controlling owners, and control structures of companies and trusts alike.

Public access also allows greater scrutiny of information by civil society, including by the press or civil society organisations, and contributes to preserving trust in the integrity of business transactions and of the financial system. It can contribute to combating the misuse of legal entities and legal arrangements both by helping investigations and through reputational effects, given that anyone who could enter into transactions with them is aware of the identity of the beneficial owner(s). It also facilitates the timely and efficient availability of information for financial institutions as well as authorities, including authorities of third countries, involved in the fight against these offences.

- Trusts and other legal arrangements

The 4AMLD gives competent authorities and FIUs access in a timely manner to beneficial ownership of trusts and other legal arrangements. Obliged entities may have access to the information within the framework of customer due diligence. The beneficial ownership information concerns a wide range of legal arrangements: express trusts specific to common law, but also similar entities such as Treuhand, fiducies or fideicomiso,and all assimilated legal arrangements such as foundations. In addition, current rules require that, where a trust generates tax consequences, a Member State must have in place a register containing the beneficial ownership information.

Many of these trusts and similar legal arrangements are involved in commercial or business-like activities with a view to making profit, just like regular companies. Therefore, the same arguments in favour of public access to beneficial ownership information regarding this particular type of trusts remain valid. The regime set in place at Union level in respect of access to information must be coherent and ensure public access to beneficial information of this category of legal entities.

At the same time, trusts and similar legal arrangements may also be set up for other purposes: preserving and setting conditions on use of family assets, charitable aims, or other purposes beneficial to the community. Such trusts and similar legal arrangements that do not qualify as business-type benefit from a different regime concerning privacy. The essential data on beneficial owners of such entities shall only be granted to persons or organisations holding a legitimate interest. The criteria for demonstrating legitimate interest are also clarified, by means of a recital.

The approach proposed takes into account the particularities of trusts and similar legal arrangements. This way, irrespective of their qualification under national law, a distinction is drawn between, on the one hand, trusts which consist of any property held by or on behalf of a person carrying on a business which consists of or includes the management of trusts, and acting as trustee of a trust in the course of that business with a view to gain profit, and, on the other hand, any other trusts.

Additional elements

i) Corporate structures registered

According to Article 3(6)(a) of the 4AMLD, a criterion to identify the beneficial owner of corporate entities is a threshold for shareholding of 25% plus one share or an ownership interest of more than 25%. The Commission proposes to lower to 10% the threshold set out in the 4AMLD in respect of certain limited types of entities which present a specific risk of being used for money laundering and tax evasion.

For intermediary entities that do not have any economic activity and only serve to distance the beneficial owners from the assets, the 25% threshold is fairly easy to circumvent. Establishing a lower threshold where there is a specific risk will limit the scope of entities on which the obliged entities would need to collect additional information to those where the risk of use for illicit purposes is high. Accordingly, this enables the better detection of beneficial owner(s) with particular focus on entities that function as intermediary structures, do not create income on their own, but mostly channel income from other sources (defined as Passive Non-Financial Entities under Directive 2011/16/EU).

iii) Place of monitoring and registration of trusts

Under Article 31 of the 4AMLD, Member States must require that trusts "governed under their law" obtain and hold adequate, accurate and up-to-date information in particular on the trustee. The same article requires Member States to put in place, at national level, centralised registers of beneficial owners of trusts “which generate tax consequences”.

The Commission proposes to clarify that the Member State which is concerned by these obligations is the one where a trust is administered.

The current criteria relating to "governing law" and "generating tax consequences" are not understood consistently and should be clarified. In particular, it might be considered, based on the current text of Article 31 that, as long as a Member State does not recognise trusts under its law, that Member State is not subject to any obligation of monitoring and registration of trusts administered on its territory. This risks creating gaps in registration and is not in line with the objectives of the transparency requirements of the Directive. Moreover, the limitation of the registration requirement only to trusts which generate tax consequences is not fully consistent with the more encompassing obligation under the Directive to identify all types of trusts before entering into a business relationship.

The provision of the current Directive is also inconsistent in the sense that the current registration requirement exempts from registration trusts that, due to lack of harmonisation of the tax systems, fall outside the scope of the taxation rules of Member States (e.g. due to having no tax residence anywhere). Such trusts not only do not pay taxes, but would also not be registered anywhere.

The Commission's proposal is consistent with FATF Guidance on Transparency and Beneficial Ownership.

(i) Concept of competent authorities

(ii) Exclusion of closed loop cards

(iii) Full consistency with provisions on electronic identification

2016/0208 (COD)

Proposal for a

DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and amending Directive 2009/101/EC

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Articles 50 and 114 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Central Bank 22 ,

Having regard to the opinion of the European Economic and Social Committee 23 ,

Acting in accordance with the ordinary legislative procedure,

Whereas:

(1)Directive (EU) 2015/849 of the European Parliament and the Council 24 constitutes the main legal instrument in the prevention of the use of the Union's financial system for the purposes of money laundering and terrorist financing. That Directive, which is to be transposed by 26 June 2017, sets out a comprehensive framework to address the collection of money or property for terrorist purposes by requiring Member States to identify, understand and mitigate risks related to money laundering and terrorist financing.

(2)Recent terrorist attacks have brought to light emerging new trends, in particular regarding the way terrorist groups finance and conduct their operations. Certain modern technology services are becoming more and more popular as alternative financial systems and remain outside the scope of Union legislation or benefit from exemptions that may no longer be justified. In order to keep pace with evolving trends, further measures to improve the existing preventive framework should be taken.

(3)While the aims of Directive (EU) 2015/849 should be pursued, any amendments to that Directive should be consistent with the Union's ongoing action in the field of countering terrorism and terrorism financing. The European Agenda on Security 25 indicated the need for measures to address terrorist financing in a more effective and comprehensive manner, highlighting that infiltration of financial markets allows terrorism financing. The European Council conclusions of 17-18 December 2015 also stressed the need to take rapidly further action against terrorist finance in all domains.

(4)The Commission has adopted an Action Plan to further step up the fight against the financing of terrorism 26  which underscores the need to adapt to new threats and to amend Directive (EU) 2015/849 to that effect.

(5)Union measures must also accurately reflect developments and commitments undertaken at international level. UN Security Council Resolution 2199 (2015) urges States to prevent terrorist groups from gaining access to international financial institutions.

(6)Providers of exchange services between virtual currencies and fiat currencies (that is to say currencies declared to be legal tender) as well as custodian wallet providers for virtual currencies are under no obligation to identify suspicious activity. Terrorist groups are thus able to transfer money into the Union's financial system or within virtual currency networks by concealing transfers or by benefiting from a certain degree of anonymity on those platforms. It is therefore essential to extend the scope of Directive (EU) 2015/849 so as to include virtual currency exchange platforms and custodian wallet providers. Competent authorities should be able to monitor the use of virtual currencies. This would provide a balanced and proportional approach, safeguarding technical advances and the high degree of transparency attained in the field of alternative finance and social entrepreneurship.

(7)The credibility of virtual currencies will not rise if they are used for criminal purposes. In this context, anonymity will become more a hindrance than an asset for virtual currencies taking up and their potential benefits to spread. The inclusion of virtual exchange platforms and custodian wallet providers will not entirely address the issue of anonymity attached to virtual currency transactions, as a large part of the virtual currency environment will remain anonymous because users can also transact without exchange platforms or custodian wallet providers. To combat the risks related to the anonymity, national Financial Intelligence Units (FIUs) should be able to associate virtual currency addresses to the identity of the owner of virtual currencies. In addition, the possibility to allow users to self-declare to designated authorities on a voluntary basis should be further assessed.

(8)Local currencies (also known as complementary currencies) that are used in very limited networks such as a city or a region and among a small number of users should not be considered as virtual currencies.

(9)When dealing with natural persons or legal entities established in high-risk third countries, Member States must require obliged entities to apply enhanced customer due diligence measures to manage and mitigate risks. Each Member State therefore determines at national level the type of enhanced due diligence measures to be taken towards high-risk third countries. Those different approaches between Member States create weak spots on the management of business relationships involving high risk third countries identified by the Commission. Those gaps can be exploited by terrorists to channel funds in and out the Union financial system. It is important to improve the effectiveness of the list of high-risk third countries established by the Commission by providing for a harmonised treatment of those countries at Union level. This harmonised approach should primarily focus on enhanced customer due diligence measures. Nevertheless, Member States and obliged entities should be allowed to apply additional mitigating measures in addition to enhanced customer due diligence measures, in accordance with international obligations. International organisations and standard setters with competence in the field of preventing money laundering and combating terrorist financing may call to apply appropriate counters measures to protect the international financial system from the on-going and substantial money laundering and terrorist financing risks emanating from countries. Member States should enact and apply additional mitigating measures regarding high risk third countries identified by the Commission by taking into account calls for countermeasures such as those expressed by the Financial Action Task Force (FATF).

(10)Given the evolving nature of ML/TF threats and vulnerabilities, the Union should adopt an integrated approach on the compliance of national AML/CFT regimes with the requirements at Union level, by taking into consideration an effectiveness assessment of those national regimes. For the purpose of monitoring the correct transposition of the Union requirements in the national regimes, their effective implementation and their capacity to accomplish a strong preventive regime in the field, the Commission should base its assessment on the national risk regimes, which shall be without be without prejudice to those conducted by international organisations and standards setters with competence in the field of preventing money laundering and combating terrorist financing, such as the FATF or Committee of Experts on the Evaluation of Anti-Money Laundering Measures (MONEYVAL).

(11)General purpose prepaid cards have legitimate uses and constitute an instrument contributing to financial inclusion. However, anonymous prepaid cards are easy to use in financing terrorist attacks and logistics. It is therefore essential to deny terrorist this means of financing their operations, by further reducing the limits and maximum amounts under which obliged entities are allowed not to apply certain customer due diligence measures provided by Directive (EU) 2015/849. Thus, while having due regard to consumers' needs in using general purpose prepaid instruments and not preventing the use of such instruments for promoting social and financial inclusion, it is essential to lower the existing thresholds for general purpose anonymous prepaid cards and suppress the customer due diligence exemption for their online use.

(12)While the use of anonymous prepaid cards issued in the Union is essentially limited to the Union territory only, that is not always the case with similar cards issued in third countries. It is therefore important to ensure that anonymous prepaid cards issued outside the Union can be used in the Union only where they can be considered to comply with requirements equivalent to those set out in Union legislation. The rule should be enacted in full compliance with Union obligations in respect of international trade, especially the provisions of the General Agreement on Trade in Services.

(13)FIUs play an important role in identifying the financial operations of terrorist networks, especially across borders, and in detecting their financial backers. Due to a lack of prescriptive international standards, FIUs maintain significant differences as regards their functions, competences and powers. Those differences should however not affect an FIU's activity, particularly its capacity to develop preventive analyses in support of all the authorities in charge of intelligence, investigative and judicial activities, and international cooperation. FIUs should have access to information and be able to exchange it without impediments, including through appropriate cooperation with law enforcement authorities. In all cases of suspected criminality and, in particular, in cases involving terrorism financing, information should flow directly and quickly without undue delays. It is therefore essential to further enhance FIUs' effectiveness and efficiency, by clarifying the powers of and cooperation between FIUs.

(14)FIUs should be able to obtain from any obliged entity all the necessary information relating to their functions. Unfettered access to information is essential to ensure that flows of money can be properly traced and illicit networks and flows detected at an early stage. When FIUs need to obtain additional information from obliged entities based on a suspicion of money laundering, such suspicion may be triggered by a prior suspicious transaction report reported to the FIU, but also through other means such as FIU's own analysis, intelligence provided by competent authorities or information held by another FIU. FIUs should therefore be able to obtain information from any obliged entity, even without a prior report being made by the individual obliged entity. A FIU should also be able to obtain such information on a request made by another Union FIU and to exchange the information with the requesting FIU.

(15)Delayed access to information by FIUs and other competent authorities on the identity of holders of bank and payment accounts hampers the detection of transfers of funds relating to terrorism. National data allowing the identification of bank and payments accounts belonging to one person is fragmented and therefore not accessible to FIUs and other competent authorities in a timely manner. It is therefore essential to establish centralised automated mechanisms, such as a register or data retrieval system in all Member States as an efficient means to get timely access to information on the identity of holders of bank and payment accounts, their proxy holders, and their beneficial owners.

(16)In order to respect privacy and protect personal data, such registries should store the minimum data necessary to the performance of AML investigations. The concerned data subjects should be informed that their data are recorded and accessible by FIUs and should be given a contact point for exercising their rights of access and rectification. When transposing these provisions, Member States should set out maximum retention periods (supported by adequate reasoning as to their duration) for the registration of personal data in registries and provide for their destruction once the information is no longer needed for the stated purpose. Access to the registries and databases should be limited on a need to know basis.

(17)Accurate identification and verification of data of natural and legal persons is essential for fighting money laundering or terrorist financing. Latest technical developments in the digitalisation of transactions and payments enable a secure remote or electronic identification. Those means of identification as set out in Regulation (EU) No 910/2014 of the European Parliament and of the Council 27 should be taken into account, in particular with regard to notified electronic identification schemes and means that offer high level secure tools and provide a benchmark against which assessing the identification methods set up at national level may be checked. Therefore, it is essential to recognise secure electronic copies of original documents as well as electronic assertions, attestations or credentials as valid means of identity.

(18)The beneficial ownership threshold set out in Article 3(6)(a) of Directive (EU) 2015/849 does not distinguish between genuine commercial corporate entities and those that have no active business and are mostly used as an intermediary structure between the assets or income and the ultimate beneficial owner. For the latter, the set threshold is easily circumvented, leading to no identification of the natural persons who ultimately own or control the legal entity. In order to better clarify beneficial ownership information as regards intermediary structures that adopt a corporate form, it is necessary to establish a specific threshold from which indication of ownership is inferred.

(19)The approach for the review of existing customers in the current framework relies on a risk-based approach. However, given the higher risk for money laundering, terrorist financing and associated predicate offenses associated with some intermediary structures, that approach may not allow the timely detection and assessment of risks. It is therefore important to ensure that certain clearly specified categories of already existing customers are also monitored on a methodical basis.

(20)Member States are currently required to ensure that legal entities incorporated within their territory obtain and hold adequate, accurate and current information on their beneficial ownership. The need for accurate and up-to-date information on the beneficial owner is a key factor in tracing criminals who might otherwise be able to hide their identity behind a corporate structure. The globally interconnected financial system makes it simple to hide and move funds around the world, and money launderers and terrorist financers as well as other criminals have increasingly made use of that possibility.

(21)The specific factor determining the Member State responsible for the monitoring and registration of beneficial ownership information of trusts and similar legal arrangements should be clarified. In order to avoid that, due to differences in the legal systems of Member States, certain trusts are not monitored or registered anywhere in the Union, all trusts and similar legal arrangements should be registered where they are administered. In order to ensure the effective monitoring and registration of information on the beneficial ownership of trusts, cooperation among Member States is also necessary.

(22)Public access by way of compulsory disclosure of certain information on the beneficial ownership of companies provides additional guarantees to third parties wishing to do business with those companies. Certain Member States have taken steps or announced their intention to make information contained in registers of beneficial ownership available to the public. The fact that not all Member States would make information publicly available or differences in the information made available and its accessibility may lead to different levels of protection of third parties in the Union. In a well-functioning internal market, there is a need for coordination to avoid distortions.

(23)Public access also allows greater scrutiny of information by civil society, including by the press or civil society organisations, and contributes to preserving trust in the integrity of business transactions and of the financial system. It can contribute to combating the misuse of legal entities and legal arrangements both by helping investigations and through reputational effects, given that anyone who could enter into transactions with them is aware of the identity of the beneficial owners. It also facilitates the timely and efficient availability of information for financial institutions as well as authorities, including authorities of third countries, involved in the fight against these offences.

(24)Confidence in financial markets from investors and the general public depends in large part on the existence of an accurate disclosure regime that provides transparency in the beneficial ownership and control structures of companies. This is particularly true for corporate governance systems that are characterized by concentrated ownership, such as the one in the Union. On the one hand, large investors with significant voting and cash-flow rights may encourage long-term growth and firm performance. On the other hand, however, controlling beneficial owners with large voting blocks may have incentives to divert corporate assets and opportunities for personal gain at the expense of minority investors.

(25)Member States should therefore allow access to beneficial ownership information in a sufficiently coherent and coordinated way, through the central registers in which beneficial ownership information is set out, by establishing a clear rule of public access, so that third parties are able to ascertain, throughout the Union, who are the beneficial owners of companies. It is therefore necessary to amend Directive 2009/101/EC of the European Parliament and the Council 28 in order to harmonise the national provisions on disclosure of information on the beneficial ownership of companies, particularly for the purpose of protecting the interests of third parties.

(26)A fair balance should be sought in particular between the general public interest in corporate transparency and in the prevention of money laundering and the data subjects' fundamental rights. The set of data to be made available to the public should be limited, clearly and exhaustively defined, and should be of a general nature, so as to minimize the potential prejudice to the beneficial owners. At the same time, information made accessible to the public should not significantly differ from the data currently collected. In order to limit the interference with the right to respect for their private life in general and to protection of their personal data in particular, that that information should relate essentially to the status of beneficial owners of businesses and trusts, and should strictly concern the sphere of economic activity in which the beneficial owners operate.

(27)The disclosure of beneficial ownership information should be designed to give governments and regulators the opportunity to respond quickly to alternative investment techniques, such as cash-settled equity derivatives. On the other hand, legitimate majority shareholding should not be deterred from taking an active role in monitoring management in listed companies. For the functioning of financial markets that have become increasingly internationally-oriented and complex, it is essential that legal rules and requirements that enable information sharing on an international level be available and effectively implemented by national supervisory authorities.

(28)The personal data of beneficial owners should be publicly disclosed in order to enable third parties and civil society at large to know who the beneficial owners are. The enhanced public scrutiny will contribute preventing the misuse of legal entities and legal arrangements, including tax avoidance. Therefore, it is essential that this information remains publicly available through the national registers and through the system of interconnection of registers for 10 years after the company has been struck off from the register. However, Member States should be able to provide by law for the processing of the information on beneficial ownership, including personal data for other purposes if such processing meets an objective of public interest and constitutes a necessary and proportionate measure in a democratic society to the legitimate aim pursued.

(29)Moreover, with the same aim of ensuring a proportionate and balanced approach and to guarantee the rights to private life and personal data protection, Member States should provide for exemptions to the disclosure of and to the access to beneficial ownership information in the registers, in exceptional circumstances, where the information would expose the beneficial owner to the risk of fraud, kidnapping, blackmail, violence or intimidation.

(30)Directive 95/46/EC of the European Parliament and of the Council 29 , which will be replaced by Regulation (EU) 2016/679 of the European Parliament and of the Council 30 , applies to the processing of personal data under this Directive.

(31)As a consequence, natural persons whose personal data are held in the national registers as beneficial ownership information should be informed of the publication of their personal data before that publication takes place. Furthermore, only the personal data that is up to date and corresponds to the actual beneficial owners should be made available and the beneficiaries should be informed about their rights under the current Union legal data protection framework, as set out in Regulation (EU) 2016/679 and Directive (EU) 2016/680 31 , and the procedures applicable for exercising these rights.

(32)This Directive is without prejudice to the protection of personal data processed by competent authorities in accordance with Council Framework Decision 2008/977/JHA 32 , which will be replaced by Directive (EU) 2016/680 of the European Parliament and of the Council 33 .

(33)Currently, companies and similar legal entities active in the Union are under an obligation to register their beneficial ownership information, whereas the same obligation does not apply to all trusts and other legal arrangements which present similar characteristics such as Treuhand, fiducies or fideicomiso set up in the Union. With a view to ensure that the beneficial owners of all legal entities and legal arrangements operating in the Union are properly identified and monitored under a coherent and equivalent set of conditions, rules regarding the registration of the beneficial ownership information of trusts by their trustees should be consistent with those in place in respect of the registration of beneficial ownership information of companies.

(34)It is essential to take into account the particularities of trusts and similar legal arrangements, as far as publicly available information on their beneficial owner is concerned. Irrespective of their qualification under national law, a distinction should be drawn between, on the one hand, trusts which consist of any property held by or on behalf of a person carrying on a business which consists of or includes the management of trusts, and acting as trustee of a trust in the course of that business with a view to gain profit, and, on the other hand, any other trusts. Given the nature of the first category of trusts, information on their beneficial owners should be made publicly available through compulsory disclosure. Access should be given to the same limited set of data on the beneficial owner as in the case of companies.

(35)In order to ensure proportionality, the beneficial ownership information in respect of any other trusts than those which consist of any property held by, or on behalf of, a person carrying on a business which consists of or includes the management of trusts, and acting as trustee of a trust in the course of that business with a view to gain profit should only be available to parties holding a legitimate interest. The legitimate interest with respect to money laundering, terrorist financing and the associated predicate offences should be justified by readily available means, such as statutes or mission statement of non-governmental organisations, or on the basis of demonstrated previous activities relevant to the fight against money laundering and terrorist financing or associated predicate offences, or a proven track record of surveys or actions in that field.

(36)With a view to ensure a coherent and efficient registration and information exchange, Member States should ensure that their authority in charge of the register set up for the beneficial ownership information of trusts cooperates with its counterparts in other Member States, sharing information concerning trusts governed by the law of the first Member State and administered in another Member State.

(37)It is important to ensure that anti-money laundering and terrorist financing rules are correctly implemented by obliged entities. In that context, Member States should strengthen the role of public authorities acting as competent authorities with designated responsibilities for combating money laundering or terrorist financing, including the FIUs, the authorities that have the function of investigating or prosecuting money laundering, associated predicate offences and terrorist financing, and seizing or freezing and confiscating criminal assets, as well as anti-corruption authorities, tax authorities, authorities receiving reports on cross-border transportation of currency and bearer-negotiable instruments and authorities that have supervisory or monitoring responsibilities aimed at ensuring compliance by obliged entities.

(38)In accordance with the Joint Political Declaration of 28 September 2011 of Member States and the Commission on explanatory documents 34 , Member States have undertaken to accompany, in justified cases, the notification of their transposition measures with one or more documents explaining the relationship between the components of a directive and the corresponding parts of national transposition instruments. With regard to this Directive, the legislator considers the transmission of such documents to be justified.

(39)Since the objective of this Directive, namely the protection of the financial system by means of prevention, detection and investigation of money laundering and terrorist financing, cannot be sufficiently achieved by the Member States, as individual measures adopted by Member States to protect their financial systems could be inconsistent with the functioning of the internal market and with the prescriptions of the rule of law and Union public policy, but can rather, by reason of the scale and effects of the action, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Directive does not go beyond what is necessary in order to achieve that objective.

(40)This Directive respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular the right to respect for private and family life (Article 7 of the Charter), the right to the protection of personal data (Article 8 of the Charter), the freedom to conduct a business (Article 16 of the Charter).

(41)Given the need to urgently implement measures adopted with a view to strengthen the Union's regime set in place for the prevention of money laundering and terrorism financing, and seeing the commitments undertaken by Member States to quickly proceed with the transposition of Directive (EU) 2015/849, this Directive should be transposed by 1 January 2017. For the same reasons, the amendments to Directive (EU) 2015/849 and Directive 2009/101/EC should also be transposed by 1 January 2017.

(42)The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 of the European Parliament and of the Council 35 [and delivered an opinion on … 36 ],

(43)Directives (EU) 2015/849 and 2009/101/EC should therefore be amended accordingly,

HAVE ADOPTED THIS DIRECTIVE:

Article 1

Amendments to Directive (EU) 2015/849

Directive (EU) 2015/849 is amended as follows:

(1)in point (3) of Article 2(1), the following points (g) and (h) are added:

"(g) providers engaged primarily and professionally in exchange services between virtual currencies and fiat currencies;

(h) wallet providers offering custodial services of credentials necessary to access virtual currencies.";

(2)Article 3 is amended as follows:

(a) in point (6)(a)(i), the following subparagraph is added:

"For the purposes of Article 13(1)(b) and Article 30 of this Directive, the indication of ownership or control set out in the second paragraph is reduced to 10% whenever the legal entity is a Passive Non-Financial Entity as defined in Directive 2011/16/EU.";

(b) point (16) is replaced by the following:

"(16) 'electronic money' means electronic money as defined in point (2) of Article 2 of Directive 2009/110/EC, but excluding monetary value as referred to in Article 1(4) and (5) of that Directive;" ;

(c) the following point (18) is added:

"(18) 'virtual currencies' means a digital representation of value that is neither issued by a central bank or a public authority, nor necessarily attached to a fiat currency, but is accepted by natural or legal persons as a means of payment and can be transferred, stored or traded electronically.";

(3)Article 12 is amended as follows:

(a)    paragraph 1 is amended as follows:

(i) in the first subparagraph, points (a) and (b) are replaced by the following:

"(a) the payment instrument is not reloadable, or has a maximum monthly payment transactions limit of EUR 150 which can be used only in that Member State;

(b) the maximum amount stored electronically does not exceed EUR 150;";

(ii) the second subparagraph is deleted;

(b)    paragraph 2 is replaced by the following:

"2. Member States shall ensure that the derogation provided for in paragraph 1 is not applicable in the case either of online payment or of redemption in cash or cash withdrawal of the monetary value of the electronic money where the amount redeemed exceeds EUR 50.";

(c)    the following paragraph 3 is added:

"3 Member States shall ensure that Union credit institutions and financial institutions acting as acquirers only accept payments carried out with prepaid cards issued in third countries where such cards meet requirements equivalent to those set out in points (a), (b), (c) of the first subparagraph of Article 13(1) and Article 14, or can be considered to meet the requirements in paragraphs 1 and 2 of this Article.";

(4) in Article 13(1), point (a) is replaced by the following:

"(a)    identifying the customer and verifying the customer's identity on the basis of documents, data or information obtained from a reliable and independent source, including, where available, electronic identification means as set out in Regulation (EU) No 910/2014*;

_________________________________________________________________

* Regulation (EU) No 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (OJ L 257, 28.8.2014, p. 73)."

(5)in Article 14, paragraph 5 is replaced by the following:

"5. Member States shall require that obliged entities apply the customer due diligence measures not only to all new customers but also at appropriate times to existing customers on a risk-sensitive basis, or when the relevant circumstances of a customer change, or when the obliged entity has a duty in the course of the relevant calendar year, to contact the customer for the purpose of reviewing any information related to the beneficial owner(s), in particular under Directive 2011/16/EU.";

(6)in Article 18 (1), the first subparagraph is replaced by the following:

"In the cases referred to in Articles 19 to 24, as well as in other cases of higher risk that are identified by Member States or obliged entities, Member States shall require obliged entities to apply enhanced customer due diligence measures to manage and mitigate those risks appropriately.";

(7)The following Article 18a is inserted:

"Article 18a

1. With respect to transactions involving high risk third countries, Member States shall require that, when dealing with natural persons or legal entities established in the third countries identified as high-risk third countries pursuant to Article 9 (2), obliged entities shall apply at least all the following enhanced customer due diligence measures:

(a)obtaining additional information on the customer;

(b)obtaining addition information on the intended nature of the business relationship;

(c)obtaining information on the source of funds or source of wealth of the customer;

(d)obtaining information on the reasons for the intended or performed transactions;

(e)obtaining the approval of senior management for establishing or continuing the business relationship;

(f)conducting enhanced monitoring of the business relationship by increasing the number and timing of controls applied, and selecting patterns of transactions that need further examination;

(g)requiring the first payment to be carried out through an account in the customer's name with a bank subject to similar CDD standards.

2. In addition to the measures provided in paragraph 1 and in compliance with international obligations of the Union, Member States may require obliged entities, when dealing with natural persons or legal entities established in the third countries identified as high-risk third countries pursuant to Article 9(2) to apply one or several additional mitigating measures:

(a)    requiring financial institutions to apply additional elements of enhanced due diligence;

(b)    introducing enhanced relevant reporting mechanisms or systematic reporting of financial transactions;

(c)     limiting business relationships or financial transactions with natural persons or legal entities from the identified country.

3. In addition to the measures provided in paragraph 1, Member States may apply one of the following measures to third countries identified as high-risk third countries pursuant to Article 9(2) in compliance with international obligations of the Union:

(a)    refusing the establishment of subsidiaries or branches or representative offices of financial institutions from the country concerned, or otherwise taking into account the fact that the relevant financial institution is from a country that does not have adequate AML/CFT systems;

(b)    prohibiting financial institutions from establishing branches or representative offices in the country concerned, or otherwise taking into account the fact that the relevant branch or representative office would be in a country that does not have adequate AML/CFT systems;

(c)    prohibiting financial institutions from relying on third parties located in the country concerned to conduct elements of the customer due diligence process;

(d)    requiring financial institutions to review and amend, or if necessary terminate, correspondent relationships with financial institutions in the country concerned;

(e)    requiring increased supervisory examination or external audit requirements for branches and subsidiaries of financial institutions based in the country concerned;

(f)    requiring increased external audit requirements for financial groups with respect to any of their branches and subsidiaries located in the country concerned.

4. When enacting or applying the measures set out in paragraphs 2 and 3, Member States shall take into account, as appropriate relevant evaluations, assessments or reports drawn up by international organisations and standard setters with competence in the field of preventing money laundering and combatting terrorist financing, in relation to the risks posed by individual third countries.

5. Member States shall notify the Commission before enacting or applying the measures set out in paragraphs 2 and 3.";

(8)in Article 27, paragraph 2 is replaced by the following:

"2.   Member States shall ensure that obliged entities to which the customer is referred take adequate steps to ensure that the third party provides immediately, upon request, relevant copies of identification and verification data, including, where available, data obtained through electronic identification means as set out in Regulation (EU) No 910/2014, and other relevant documentation on the identity of the customer or the beneficial owner.";

(9)Article 30 is amended as follows:

(a) in paragraph 5, point (c) of the first subparagraph and the second subparagraph are deleted;

(b) paragraph 6 is replaced by the following:

"6. The central register referred to in paragraph 3 shall ensure timely and unrestricted access by competent authorities and FIUs to all information held in the central register without any restriction and without alerting the entity concerned. It shall also allow timely access by obliged entities when taking customer due diligence measures in accordance with Chapter II.

Competent authorities granted access to the central register referred to in paragraph 3 shall be those public authorities with designated responsibilities for combating money laundering or terrorist financing, including tax authorities and authorities that have the function of investigating or prosecuting money laundering, associated predicate offences and terrorist financing, tracing and seizing or freezing and confiscating criminal assets.";

(c) paragraphs 9 and 10 are replaced by the following:

"9.   In exceptional circumstances to be laid down in national law, where the access referred to in point (b) of paragraph 5 would expose the beneficial owner to the risk of fraud, kidnapping, blackmail, violence or intimidation, or where the beneficial owner is a minor or otherwise incapable, Member States may provide for an exemption from such access to all or part of the information on the beneficial ownership on a case-by-case basis.

Exemptions granted pursuant to this paragraph shall not apply to credit institutions and financial institutions, and to the obliged entities as referred to in point (3)(b) of Article 2(1) that are public officials.

10. Member States shall ensure that the central registers referred to in paragraph 3 of this Article are interconnected via the European Central Platform established by Article 4a(1) of Directive 2009/101/EC. The connection of the Member States' central registers to the platform shall be set up in accordance with the technical specifications and procedures established by implementing acts adopted by the Commission in accordance with Article 4c of Directive 2009/101/EC.

Member States shall ensure that the information referred to in paragraph 1 of this Article is available through the system of interconnection of registers established by Article 4a(2) of Directive 2009/101/EC, in accordance with Member States' national laws implementing paragraph 5 of this Article.

Member States shall cooperate among themselves and with the Commission in order to implement the different types of access in accordance with paragraph 5.";

(10)Article 31 is amended as follows:

(a)    paragraph 1 is replaced by the following:

"1. Member States shall ensure that this Article applies to trusts and other types of legal arrangements having a structure or functions similar to trusts, such as, inter alia, fiducie, Treuhand or fideicomiso.

Each Member State shall require that trustees of any express trust administered in that Member State obtain and hold adequate, accurate and up-to-date information on beneficial ownership regarding the trust. That information shall include the identity of:

(a) the settlor;

(b) the trustee;

(c) the protector (if any);

(d) the beneficiaries or class of beneficiaries;

(e) any other natural person exercising effective control of the trust.";

(b)    the following paragraph 3a is inserted:

"3a.   The information referred to in paragraph 1 shall be held in a central register set up by the Member State where the trust is administered.";

(c)    paragraph 4 is replaced by the following:

"4. Member States shall ensure that the information held in the register referred to in paragraph 3a is accessible in a timely and unrestricted manner by competent authorities and FIUs, without alerting the parties to the trust concerned. They shall also ensure that obliged entities are allowed timely access to that information, pursuant to the provisions on customer due diligence laid down in Chapter II. Member States shall notify to the Commission the characteristics of those mechanisms.

Competent authorities granted access to the central register referred to in paragraph 3a shall be those public authorities with designated responsibilities for combating money laundering or terrorist financing, including, tax authorities and authorities that have the function of investigating or prosecuting money laundering, associated predicate offences and terrorist financing and seizing or freezing and confiscating criminal assets.";

(d)    the following paragraphs 4a and 4b are inserted:

"4a. The information held in the register referred to in paragraph 3a of this Article with respect to any other trusts than those referred to in Article 7b (b) of Directive (EC) 2009/101 shall be accessible to any person or organisation that can demonstrate a legitimate interest.

The information accessible to persons and organisations that can demonstrate a legitimate interest shall consist of the name, the month and year of birth, the nationality and the country of residence of the beneficial owner as defined in Article 3(6)(b).

4b. Whenever entering into a new customer relationship with a trust or other legal arrangement subject to registration of beneficial ownership information pursuant to paragraph 3a, the obliged entities shall collect proof of registration whenever applicable.";

(e)    the following paragraph 7a is inserted:

"7a.   In exceptional circumstances laid down in national law, where the access referred to in paragraphs 4 and 4a would expose the beneficial owner to the risk of fraud, kidnapping, blackmail, violence or intimidation, or where the beneficial owner is a minor or otherwise incapable, Member States may provide for an exemption from such access to all or part of the information on the beneficial ownership on a case-by-case basis.

Exemptions granted pursuant to the first subparagraph shall not apply to the credit institutions and financial institutions, and to obliged entities referred to in point (3)(b) of Article 2(1) that are public officials.

Where a Member State decides to establish an exemption in accordance with the first subparagraph, it shall not restrict access to information by competent authorities and FIUs.";

(f)    paragraph 8 is deleted;

(g)    paragraph 9 is replaced by the following:

"9. Member States shall ensure that the central registers referred to in paragraph 3a of this Article are interconnected via the European Central Platform established by Article 4a(1) of Directive 2009/101/EU. The connection of the Member States' central registers to the platform shall be set up in accordance with the technical specifications and procedures established by implementing acts adopted by the Commission in accordance with Article 4c of Directive 2009/101/EC.

Member States shall ensure that the information referred to in paragraph 1 of this Article is available through the system of interconnection of registers established by Article 4a(2) of Directive 2009/101/EU, in accordance with Member States' national laws implementing paragraphs 4 and 5 of this Article.

Member States shall ensure that only the information referred to in paragraph 1 that is up to date and corresponds to the actual ownership beneficiaries is made available through their national registers and through the system of interconnection of registers, and the access to that information shall be in accordance with data protection rules.

Member States shall cooperate with the Commission in order to implement the different types of access in accordance with paragraphs 4 and 4a of this Article.";

(h)    the following paragraph 10 is added:

"10. For the purposes of this Article, a trust is considered to be administered in each Member State where the trustees are established.";

(11)Article 32 is amended as follows:

(a)    in the first subparagraph of paragraph 3, the fourth sentence is replaced by the following:

"It shall be able to obtain and use information from any obliged entity.";

(b)    the following paragraph 9 is added:

"9. In the context of its functions, each FIU shall be able to obtain from any obliged entity information for the purpose set in paragraph 1 of this Article , even if such obliged entity did not file a prior report pursuant to Article 33(1)(a).";

(12)the following Article 32a is inserted:

"Article 32a

1. Member States shall put in place automated centralised mechanisms, such as central registries or central electronic data retrieval systems, which allow the identification, in a timely manner, of any natural or legal persons holding or controlling payment accounts as defined in Directive 2007/64/EC and bank accounts held by a credit institution within their territory. Member States shall notify the Commission of the characteristics of those national mechanisms.

2. Member States shall ensure that the information held in the centralised mechanisms referred to in paragraph 1 is directly accessible, at national level, to FIUs and competent authorities for fulfilling their obligations under this Directive. Member States shall ensure that any FIU is able to provide information held in the centralised mechanisms referred to in paragraph 1 to any other FIUs in a timely manner in accordance with Article 53.

3. The following information shall be accessible and searchable through the centralised mechanisms referred to in paragraph 1:

–for the customer-account holder and any person purporting to act on behalf of the customer: the name, complemented by the other identification data required under the national provisions transposing Article 13(1) (a) or a unique identification number;

–for the beneficial owner of the customer-account holder: the name, complemented by the other identification data required under the national provisions transposing Article 13(1)(b) or a unique identification number;

–for the bank or payment account: the IBAN number and the date of account opening and closing.";

(13)in Article 33(1), point (b) is replaced by the following:

"(b)    providing the FIU directly, at its request, with all necessary information.";

(14)in Article 39, paragraph 3 is replaced by the following:

"3. The prohibition laid down in paragraph 1 shall not prevent disclosure between the credit institutions and financial institutions from the Member States provided that they belong to the same group, or between these entities and their branches and majority owned subsidiaries established in third countries, provided that these branches and majority-owned subsidiaries fully comply with the group-wide policies and procedures, including procedures for sharing information within the group, in accordance with Article 42 and that the group-wide policies and procedures comply with the requirements set out in this Directive.";

(15)in Article 40, paragraph 1 is amended as follows:

(a)    points (a) and (b) are replaced by the following:

"(a)    in the case of customer due diligence, a copy of the documents and information which are necessary to comply with the customer due diligence requirements laid down in Chapter II, including, where available, information obtained through electronic identification means as set out in Regulation (EU) No 910/2014, for a period of five years after the end of the business relationship with their customer or after the date of an occasional transaction;

(b)    the supporting evidence and records of transactions, consisting of the original documents or copies admissible in judicial proceedings under the applicable national law, including, where available, information obtained through electronic identification means as set out in Regulation (EU) No 910/2014, which are necessary to identify transactions, for a period of five years after the end of a business relationship with their customer or after the date of an occasional transaction.";

(b)    the following subparagraph is added:

"The second subparagraph shall also apply in respect of the data accessible through the centralised mechanisms referred to in Article 32a.";

(16)in Article 47, paragraph 1 is replaced by the following:

"1. Member States shall ensure that providers of exchanging services between virtual currencies and fiat currencies, custodian wallet providers, currency exchange and cheque cashing offices, and trust or company service providers are licensed or registered, and that providers of gambling services are regulated.";

(17)Article 49 is replaced by the following:

"Article 49

Member States shall ensure that policy makers, the FIUs, supervisors and other competent authorities involved in AML/CFT, such as tax authorities, have effective mechanisms to enable them to cooperate and coordinate domestically concerning the development and implementation of policies and activities to combat money laundering and terrorist financing, including with a view to fulfilling their obligation under Article 7.";

(18)in Section 3 of Chapter VI, the following subsection IIa is added:

"Subsection IIa

Cooperation between competent authorities

Article 50a

Member States shall not prohibit or place unreasonable or unduly restrictive conditions on the exchange of information or assistance between competent authorities. In particular Member States shall ensure that competent authorities do not refuse a request for assistance on the grounds that:

(a) the request is also considered to involve tax matters;

(b) national legislation requires obliged entities to maintain secrecy or confidentiality, except where the relevant information that is sought is held in circumstances where legal privilege or legal professional secrecy applies;

(c) there is an inquiry, investigation or proceeding underway in the requested Member State, unless the assistance would impede that inquiry, investigation or proceeding;

(d) the nature or status of the requesting counterpart authority is different from that of requested competent authority.";

(19)in Article 53, paragraph 1 is replaced by the following:

"1. Member States shall ensure that FIUs exchange, spontaneously or upon request, any information that may be relevant for the processing or analysis of information by the FIU related to money laundering or terrorist financing and the natural or legal person involved, regardless of the type of associated predicate offences and even if the type of associated predicate offences is not identified at the time of the exchange.";

(b) in the second subparagraph of paragraph 2, the second sentence is replaced by the following:

"That FIU shall obtain information in accordance with Article 32(9) and transfer the answers promptly.";

(20)In Article 55, paragraph 2 is replaced by the following:

"2. Member States shall ensure that the requested FIU's prior consent to disseminate the information to competent authorities is granted promptly and to the largest extent possible, regardless of the type of associated predicate offences. The requested FIU shall not refuse its consent to such dissemination unless this would fall beyond the scope of application of its AML/CFT provisions, could lead to impairment of a criminal investigation, would be clearly disproportionate to the legitimate interests of a natural or legal person or the Member State of the requested FIU, or would otherwise not be in accordance with fundamental principles of national law of that Member State. Any such refusal to grant consent shall be appropriately explained.";

(21)Article 57 is replaced by the following:

"Article 57

Differences between national law definitions of tax crimes shall not impede the ability of FIUs to provide assistance to another FIU and shall not limit the exchange, dissemination and the use of information pursuant to Articles 53, 54 and 55.";

(22)in Article 65, the following second paragraph is added:

"The report shall be accompanied, if necessary, by appropriate proposals, including, where appropriate, with respect to virtual currencies, empowerments to set-up and maintain a central database registering users' identities and wallet addresses accessible to FIUs, as well as self-declaration forms for the use of virtual currency users.";

(23)in Article 66, the first paragraph is replaced by the following:

"Directives 2005/60/EC and 2006/70/EC are repealed with effect from 1 January 2017.";

(24)in Article 67(1), the first subparagraph is replaced by the following:

"Member States shall bring into force the laws, regulations and administrative provisions necessary to comply with this Directive by 1 January 2017. They shall immediately communicate the text of those measures to the Commission.“;

(25)in point (2) of Annex III, point (c) is replaced by the following:

"(c) non-face-to-face business relationships or transactions, without certain safeguards, such as electronic identification means or relevant trust services as defined in Regulation (EU) 910/2014;".

Article 2

Amendments to Directive 2009/101/EC

Directive 2009/101/EC is amended as follows:

(1) in Chapter 1, the following Article 1a is inserted:

Article 1a

Scope

The measures on the disclosure of information on the beneficial ownership apply in in respect of the laws, regulations and administrative provisions of the Member States relating to:

(a) corporate and other legal entities referred to in Article 30 of Directive 2015/849 of the European Parliament and of the Council*, including the types of companies referred to in Article 1 of this Directive, save for those which are non profit-making;

(b) trusts which comprise any property held by, or on behalf of, a person carrying on a business which consists of or includes the management of trusts, and acting as trustee of a trust in the course of that business with a view to gain profit, and other types of legal arrangements having a structure or functions similar to such trusts.

___________________________________________________________________

* Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).";

(2) in Chapter 2, the following Article 7b is inserted:

"Article 7b

Disclosure of beneficial ownership information

1.    Member States shall take the measures required to ensure compulsory disclosure by the entities referred to in Article 1a(a) and (b) of this Directive of adequate, accurate and current information on their beneficial ownership, in accordance with Articles 30 and 31 of Directive 2015/849.

The information shall consist of the name, the month and year of birth, the nationality and the country of residence of the beneficial owner as well as the nature and extent of the beneficial interest held.

2.    The disclosure of beneficial ownership information as referred to in paragraph 1 shall be ensured through the central registers referred to in Article 30(3) and Article 31(3a) of Directive 2015/849.

3.    Member States shall ensure that the beneficial ownership information referred to in paragraph 1 of this Article shall also be made publicly available through the system of interconnection of registers referred to in Article 4a(2).

4.    In exceptional circumstances laid down in national law, where the access to the information set out in paragraph 1 would expose the beneficial owner to the risk of fraud, kidnapping, blackmail, violence or intimidation, or where the beneficial owner is a minor or otherwise incapable, Member States may provide for an exemption from the compulsory disclosure of to all or part of the information on the beneficial ownership on a case-by-case basis.

5.    The personal data of beneficial owners referred to in paragraph 1 shall be disclosed for the purpose of enabling third parties and civil society at large to know who are the beneficial owners, thus contributing to prevent the misuse of legal entities and legal arrangements through enhanced public scrutiny. For this purpose the information shall be publicly available through the national registers and through the system of interconnection of registers for no longer than 10 years after the company has been struck off from the register.".

Article 3

Transposition

1.Member States shall bring into force the laws, regulations and administrative provisions necessary to comply with this Directive by 1 January 2017 at the latest. They shall forthwith communicate to the Commission the text of those provisions.

When Member States adopt those provisions, they shall contain a reference to this Directive or be accompanied by such a reference on the occasion of their official publication. Member States shall determine how such reference is to be made.

2.Member States shall communicate to the Commission the text of the main provisions of national law which they adopt in the field covered by this Directive.

Article 4

Entry into force

This Directive shall enter into force on the third day following that of its publication in the Official Journal of the European Union.

Article 5

Addressees

This Directive is addressed to the Member States.

Done at Strasbourg,

(1) Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).

(2) Directive 2009/101/EC of the European Parliament and of the Council of 16 September 2009 on coordination of safeguards which, for the protection of the interests of members and third parties, are required by Member States of companies within the meaning of the second paragraph of Article 48 of the Treaty, with a view to making such safeguards equivalent (OJ L 258, 1.10.2009, p. 11)

(3) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions "The European Agenda on Security", COM(2015) 185 final.

(4) http://www.consilium.europa.eu/en/press/press-releases/2015/11/20-jha-conclusions-counter-terrorism/

(5) http://www.consilium.europa.eu/en/press/press-releases/2015/12/08-ecofin-conclusions-corporate-taxation/

(6) http://www.consilium.europa.eu/en/press/press-releases/2015/12/18-euco-conclusions/

(7) Communication from the Commission to the European Parliament and the Council on an Action Plan for strengthening the fight against terrorist financing, COM(2016) 50 final.

(8) http://english.eu2016.nl/documents/publications/2016/04/22/informal-ecofin---line-to-take-nl-presidency .

(9) http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fTEXT%2bTA%2bP8-TA-2015-0457%2b0%2bDOC%2bXML%2bV0%2f%2fEN&language=EN

(10) COM(2015) 625 final.

(11) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010.

(12) Regulation 2015/751 of the European Parliament and of the Council of 29 April 2015 on interchange fees for card-based payment transactions.

(13) Council Directive 2014/107/EU of 9 December 2014 amending Directive 2011/16/EU as regards mandatory automatic exchange of information in the field of taxation, OJ L 359, 16.12.2014, p. 1.

(14) Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

(15) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

(16) Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89).

(17) COM(2015) 192 final.

(18) Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (OJ L 257, 28.8.2014, p. 73).

(19) COM(2016) 451

(20) Directive 2009/101/EC of the European Parliament and of the Council of 16 September 2009 on coordination of safeguards which, for the protection of the interests of members and third parties, are required by Member States of companies within the meaning of the second paragraph of Article 48 of the Treaty, with a view to making such safeguards equivalent (OJ L 258, 1.10.2009, p. 11).

(21) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).

(22) OJ C […], […], p. […].

(23) OJ C […], […], p. […].

(24) Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).

(25) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions "The European Agenda on Security",  COM(2015) 185 final.

(26) Communication from the Commission to the European Parliament and the Council on an Action Plan for strengthening the fight against terrorist financing, COM(2016) 50 final.

(27) Regulation (EU) No 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (OJ L 257, 28.8.2014, p. 73).

(28) Directive 2009/101/EC of the European Parliament and of the Council of 16 September 2009 on coordination of safeguards which, for the protection of the interests of members and third parties, are required by Member States of companies within the meaning of the second paragraph of Article 48 of the Treaty, with a view to making such safeguards equivalent (OJ L 258, 1.10.2009, p. 11).

(29) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281 , 23.11.1995, p.31).

(30) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

(31) Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89).

(32) Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters (OJ L 350, 30.12.2008, p. 60).

(33) Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89).

(34) OJ C 369, 17.12.2011, p. 14.

(35) Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (OJ L 8, 12.1.2001, p.1).

(36) OJ C …