EUROPEAN COMMISSION
Brussels, 24.7.2019
COM(2019) 370 final
REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL
on the assessment of the risk of money laundering and terrorist financing affecting the internal market and relating to cross-border activities
{SWD(2019) 650 final}
1.INTRODUCTION
Article 6 of the 4th Anti-Money Laundering Directive mandates the Commission to conduct an assessment of money laundering and terrorist financing risks affecting the internal market and relating to cross border activities and to update it every two years (or more frequently if appropriate). This report updates the Commission’s first supranational risk assessment published in 2017.
It assesses the implementation of the Commission’s recommendations and evaluates remaining risks, including in new products and sectors.
The report provides a systematic analysis
of the money laundering or terrorist financing risks of specific products and services. It focuses on vulnerabilities identified at EU level, both in terms of legal framework and in terms of effective application and provides recommendations for addressing them.
This supranational risk assessment takes into account the requirements of the 4th Anti-Money Laundering Directive,
which was due to be transposed by July 2017. Additional changes brought by the 5th Anti-Money Laundering Directive, due to be transposed by January 2020, have been anticipated when defining the new mitigating measures.
2.OUTCOMES OF THE SUPRANATIONAL RISK ASSESSMENT
In this second supranational risk assessment, the Commission identified 47 products and services that are potentially vulnerable to money laundering/terrorist financing risks, up from 40 in 2017. These products and services fall under 11 sectors, including the 10 sectors or products identified by the 4th Anti-Money Laundering Directive along with 1 additional category of products and services relevant for the risk assessment.
2.1.Main risks in the sectors covered by the supranational risk assessment
2.1.1.Cash and cash-like assets
Law enforcement agencies’ findings show that, while cash is falling out of favor among consumers, it remains criminals’ money laundering instrument of choice as they can use cash to transfer funds rapidly from one location to another, including in air transit. Use of cash is the main trigger for the filing of suspicious transaction reports.
Criminals who accumulate cash proceeds seek to move them to locations where they can more easily be integrated into the legal economy, i.e. those characterised by predominant use of cash, lax supervision of the financial system and strong bank secrecy regulations.
Since the 2017 supranational risk assessment, the relevant legal framework has been strengthened.The 4th Anti-Money Laundering Directive covers traders of goods who make or receive cash payments of EUR 10,000 or more. Member States can adopt lower thresholds, additional general restrictions on the use of cash and stricter provisions.
The revised Cash Controls Regulation applicable from 3 June 2021 extends the obligation of any traveller entering or leaving the EU and carrying cash to a value of EUR 10,000 or more to declare it to the customs authorities. It also extends the definition of cash, to cover not only banknotes but also other instruments or highly liquid commodities, such as cheques, traveller's cheques, prepaid cards and gold.
Assets with similar properties to cash (e.g. gold, diamonds) or high-value ‘lifestyle’ goods (e.g. cultural artefacts, cars, jewellery, watches) are also high-risk, due to weak controls. Specific concerns have been expressed as regards the looting and trafficking of antiquities and other artefacts. In this regard, the recently adopted Regulation on import of cultural goods complements the existing EU legal framework on their trade, which until now has only included legislation covering the export of cultural goods and the return of cultural objects unlawfully removed from the territory of an EU country.
2.1.2.Financial sector
The report on the assessment of recent alleged money laundering cases involving EU credit institutions identifies the factors that contributed to, as well as lessons learnt from, recent money laundering cases in EU banks, with a view to informing further policy actions. It assesses failures related to credit institutions’ anti-money laundering and defences and highlights challenges associated with different approaches to anti-money laundering/countering the financing of terrorism supervision at national level (see point 2.2.3).
Moreover, some other financial subsectors or products that deal with cash (e.g. foreign exchange offices, transfers of funds, and some e‑money products) still pose significant money laundering risks, especially in case of unscrupulous behaviour on the part of third parties who act in their delivery channels, as agents or distributors.
The use of new technologies (FinTech)that enable speedy and anonymous transactions with increasingly non‑face‑to‑face business relationships, while bringing considerable benefits, may pose a higher risk if customer due diligence and transaction monitoring are not conducted efficiently across the delivery channel. While the 5th Anti-Money Laundering Directive provisions on virtual currency providers and custodian wallet providers are a first regulatory step, the increasing use of such instruments is posing higher risks and further regulatory steps may be needed.
2.1.3.Non-financial sector and products — Designated Non-Financial Businesses and Professions
Manufacturers, distributors, legal professionals and other non-financial institutions are increasingly attracting the attention of would-be money launderers. One study indicates that 20‑30% of all proceeds from crime are laundered in the non-financial sector. The sector’s exposure to risks is therefore considered significant to very significant overall.
Failure to identify the client’s beneficial owner appears to be the main weakness affecting this sector. When entering into a business relationship, some parties do not always properly understand the concept of ‘beneficial owner’ or fail to check their identity.
In addition, Member State may designate self-regulatory bodies to supervise tax advisors, auditors, external accountants, notaries and other independent legal professionals and estate agents. Member States may task these bodies with receiving Suspicious Transactions Reports from obliged entities and sending them to the Financial Intelligence Units. However, some obliged entities and self-regulatory bodies do not report many suspicious transactions to the Financial Intelligence Units, especially in certain Member States. This may indicate that suspicious transactions are not correctly detected and reported. Moreover, with the inclusion of non-financial sector and products as obliged entities by the 4th Anti-Money Laundering Directive, there is a need to clarify that the principle of legal privilege is not impacted by appropriate application of the relevant measures.
Following consultations with experts, it seems that the real‑estate sector is also increasingly exposed to significant money laundering risks. Other common means of laundering proceeds are over-invoicing in commercial trade and fictitious loans. Law enforcement authorities consider such risks significant.
2.1.4.Gambling sector
Under the 4th Anti-Money Laundering Directive, all providers of gambling services are obliged entities; however Member States may decide to grant full or partial exemptions to providers of gambling services other than casinos, on the basis of proven low risk. Certain gambling products are considered significantly exposed to money laundering risk. In the case of land-based betting and poker, this appears to be due to ineffective controls. For online gambling there is a high risk exposure due to very large numbers of transaction- flows and the lack of face-to-face interaction. Although casinos present inherently high‑risk exposure, their inclusion in the anti-money laundering/countering the financing of terrorism framework since 2005 has had a mitigating effect.
Lotteries and gaming machines (outside casinos) present a moderate level of money laundering/terrorist financing risk. For the former, certain controls are in place, in particular to address the risks associated with high winnings. Land‑based bingo is seen as presenting a low level of money laundering/terrorist financing risk due to the relatively low stakes and winnings involved.
2.1.5.Collection and transfers of funds through non-profit organisations
This report covers the categories of non-profit organisations defined in the Recommendation of the Financial Action Task Force. The risk scenario is linked to non-profit organisations’ collection and transfers of funds to partners/beneficiaries both within and outside the Union.
Risk analysis from a threat perspective is complicated by the diversity of the sector. "Expressive non-profit organisations" present some vulnerability because they may be infiltrated by criminal or terrorist organisations that can hide the beneficial ownership making the traceability of the collection of funds less easy.
Some types of "Service non-profit organisations" are more directly vulnerable due to the intrinsic nature of their activity. This is due to the fact they may involve funding to and from conflict areas or third countries identified by the Commission as presenting strategic deficiencies in their anti-money laundering/terrorist financing regimes. Non-profit organisations are vitally important for providing humanitarian assistance around the world. To safeguard the legitimate objectives of such assistance, more information about terrorist financing risks is needed within non-profit organisations to improve risk awareness. The Commission will launch still in 2019 a call for proposals for a preparatory project on capacity building, programmatic development and communication in the context of the fight against money laundering and terrorist financing.
Regulated financial service providers may be reluctant to engage with certain non-profit organisations in order to de-risk. This could lead to financial exclusion or rejected customers turning to underground banking or transfer services instead.
2.1.6.New products/sectors
This report looks at several new products or sectors that were exposed in recent publicly-reported incidents and operations of law enforcement authorities. In addition to FinTech, exchange platforms and wallet providers (see section 2.1.2), professional football, free ports, and investor citizenship and residence schemes (‘golden passports/visas’) were all identified as new sectors posing risks.
2.1.6.1.Overview of new sectors
2.1.6.1.1.Professional football
Risks associated with sport have long been recognised at EU level. Professional football has been assessed since whilst it remains a popular sport it is also a global industry with significant economic impact. Professional football’s complex organisation and lack of transparency have created fertile ground for the use of illegal resources. Questionable sums of money with no apparent or explicable financial return or gain are being invested in the sport.
2.1.6.1.2.Free ports
A free port is a part of the customs territory of the Union designated as such by a Member State. Free ports are lawful, but must respect EU state aid rules and the Code of Conduct on business taxation. Free-trade zones may pose a risk as regards counterfeiting, as they allow counterfeiters to land consignments, adapt or otherwise tamper with loads or associated paperwork, and then re-export products without customs intervention, and thus to disguise the nature and original supplier of the goods.
The misuse of free-trade zones may be related with infringing intellectual property rights, and engaging in VAT fraud, corruption and money laundering. In most EU free ports or customs warehouses (with the exception of the Luxembourg Freeport), precise information on the beneficial owners is not available. Under the 5th Anti-Money Laundering Directive free port operators and other actors in the art market become obliged entities and therefore subject to customer due diligence requirements.
2.1.6.1.3.Investor citizenship and residence schemes
Recent years have seen a growing trend in schemes by which countries attract investment by granting investors citizenship or residence rights. Concerns have been raised about inherent risks as regards security, money laundering, tax evasion and corruption.
In January 2019, the Commission published a report on national schemes granting Union citizenship to investors. Following the publication of the report, the Commission has set up a group of experts from Member States with the task of considering risks that arise from investor citizenship and residence schemes and addressing transparency and governance issues.
The 5th Anti-Money Laundering Directive requires enhanced customer due diligence for third-country nationals who apply for residence or citizenship in Member States in exchange for capital or investment in property, government bonds or corporate entities.
2.2.Horizontal vulnerabilities common to all sectors
2.2.1.Anonymity in financial transactions
Criminals try to avoid leaving an information trail and to remain undetected. Sectors with a high level of cash transactions are considered particularly at risk, for example traders in goods and services accepting payments in cash and economic operators accepting payments in large‑value denominations, such as EUR 500 and EUR 200 banknotes.
Financial products offering similar anonymity in certain circumstances (e.g. some e‑money products, virtual currencies and unregulated crowdfunding platforms) are also vulnerable to money laundering/terrorist financing. The same applies to assets like gold and diamonds that are easily tradable or can be safely stored and are easy to transfer.
2.2.2.Identification and access to beneficial ownership information
Criminals use the financial system to feed illicit proceeds into financial markets, real estate or the legitimate economy in a more structured way than they do with cash or anonymous financial transactions. All sectors are vulnerable to infiltration, integration or ownership by organised crime organisations and terrorist groups. A common technique for criminals is to create shell companies, trusts or complex corporate structures to hide their identities. This is not limited to certain jurisdictions or types of legal entity or legal arrangements. Perpetrators use the most convenient, easiest and securest vehicle depending on their expertise, location and market practices in the jurisdiction in question.
In recent years there has been an increasing focus on the need to ensure effective beneficial owner identification both in the EU and at international level through the Financial Action Task Force and the Organisation for Economic Co-operation and Development Global Forum on tax transparency. The Directive on Administrative Cooperation in Direct Taxes facilitates information exchange between tax authorities of Member States.
Most Member States have put in place a central register or database to collect beneficial ownership information, even though the 5th Anti-Money Laundering Directive postpones the deadline for setting up the registers to January 2020. The latter Directive also provides for additional transparency and wider access to beneficial ownership information.
However, major vulnerabilities remain:
-Criminals might use complex corporate structures registered in third countries given that the registers foreseen in the Anti-Money Laundering Directive only cover legal entities and legal arrangements in Member States.
-Criminals might wilfully use false information or documentation in order to hide their identity.
-The national registers on beneficial ownership might have weak spots with regard to their technical implementation or management. Criminals might shift their business to Member States with a less effective framework.
2.2.3.Supervision in the internal market
Anti-money laundering and countering the financing of terrorism supervisors are responsible for monitoring the correct application of obligations by the private sector. In most Member States, such supervision of credit and financial institutions is carried out by the authorities also tasked with prudential supervision. In some other Member States, Financial Intelligence Units are responsible for this task.
The report on the assessment of recent alleged money laundering cases involving EU credit institutions examines actions undertaken by supervisory authorities and presents findings in relation to their actions taken from an anti-money laundering/countering the financing of terrorism perspective, as well as from a prudential perspective. The report focuses on powers, organisation and resources of the authorities, supervision of local entities, supervision of cross-border entities and effectiveness of supervisory measures.
In non-financial sectors, Member States may allow self-regulatory bodies to supervise tax advisors, auditors, external accountants, notaries and other independent legal professionals and estate agents. Analysis indicates that, in the large majority of Member States, supervision in these sectors still suffers from weaknesses in term of controls, guidance, and the level of reporting by legal professionals, in particular to the Financial Intelligence Unit.
2.2.4.Cooperation between Financial Intelligence Units
The Financial Intelligence Unit Platform mapping report of December 2016 identified obstacles to accessing, exchanging and using information and to operational cooperation between Member States’ Financial Intelligence Units. The Commission proposed mitigation measures in its 2017 supranational risk assessment report and outlined further ways of improving cooperation between Financial Intelligence Units. The proposed measures are partly reflected in the 5th Anti-Money Laundering Directive. Access to information held by obliged entities or competent authorities has been improved and certain aspects relating to the tasks of the Financial Intelligence Units and to the exchange of information between Financial Intelligence Units have been clarified.
The report on cooperation between Financial Intelligence Units identifies existing gaps and assesses opportunities to further enhance the framework for cooperation.
2.2.5.Other vulnerabilities common to all sectors
The supranational risk assessment shows that all identified sectors are exposed to some additional vulnerabilities:
-infiltration by criminals – criminals can become owners of an obliged entity or find obliged entities willing to assist them in their money laundering activities. This calls for ‘fit and proper’ tests in financial sectors covered by the Directive;
-forgery – modern technology is making it easier to forge documents and all sectors are struggling to put in place robust detection mechanisms;
-insufficient information-sharing between the public and the private sectors –the need for improved mechanisms for feedback from Financial Intelligence Units to obliged entities remains;
-insufficient resources, risk-awareness and know-how to implement anti-money laundering/countering the financing of terrorism rules – while some obliged entities invest in sophisticated compliance tools, many have more limited awareness, tools and capacities in this field; and
-risks emerging from FinTech – the use of online services is expected to increase further in the digital economy, boosting demand for online identification. The use and reliability of electronic identification is crucial in this respect.
3.MITIGATING MEASURES
3.1.Mitigating measures under the 5th Anti-Money Laundering Directive
The 5th Anti-Money Laundering Directive, to be transposed by January 2020, will equip the EU with tools allowing it to more effectively prevent its financial system from being used for money laundering/terrorist financing, in particular through:
Øimproving transparency through public beneficial ownership registers for companies, and publicly available registers for trusts and other legal arrangements;
Ølimiting anonymity offered by virtual currencies, wallet providers and pre‑paid cards;
Øbroadening the criteria for the assessment of high-risk countries and improving the safeguards for financial transactions to and from such countries;
Ørequiring Member States to set up central bank account registries or retrieval systems;
Øimproving anti-money laundering supervisors’ cooperation and information exchange with each other and with prudential supervisors and the European Central Bank.
These measures are expected to further contribute to lowering risk levels in the concerned sectors and products. The Commission will review compliance with the new provisions and publish an implementation report mid-2021.
3.2.EU mitigating measures already in place or in the pipeline
3.2.1.Legislative measure
Most legislative measures referred to in the 2017 supranational risk assessment have been adopted, notably the 5th Anti-Money Laundering Directive, the new Cash Control Regulation, the Directive on Countering Money Laundering by Criminal Law, and the Regulation on the import of cultural goods. The Directive on access to financial and other information provides for direct access to the national centralised bank account registries or data retrieval systems by competent authorities, including tax authorities, anti-corruption authorities and Asset Recovery Offices.
The revision of the European Supervisory Authorities Regulations strengthened the European Banking Authority's mandate for collecting, analysing and further disseminating information to ensure all relevant authorities effectively and consistently supervise the risks of money-laundering. The European Banking Authority's power to act where Union law is breached has also been clarified and enhanced. The adoption of the 5th Capital Requirements Directive removes the obstacles to cooperation between prudential and anti-money laundering/countering the financing of terrorism supervisors.
3.2.2.Policy initiatives
The Commission established in December 2017 an expert group on electronic identification and remote Know-Your-Customer processes. The expert group will provide expertise to the Commission as it explores issues relating to the use by financial services providers of electronic identification (e-ID) schemes and other innovative digital processes to comply with anti-money laundering rules.
In June 2018, the Commission published a report on restrictions on cash payments.
The report concluded that restrictions on cash payments would not significantly address terrorism financing, although preliminary findings also indicated that prohibition of high value cash payments in cash could positively impact the fight against money laundering.
3.2.3.Further supporting measures
ØImproving statistical data collection;
ØTraining for professionals carrying out activities covered by ‘legal privilege’, providing guidance and practical insights to help them recognise possible money laundering/terrorist financing operations and how to proceed in such cases. The Commission will assess options for improving compliance in this sector in line with relevant case law. An EU funded project for training of lawyers is foreseen to start by early 2020. In 2018, notaries received an EU funded grant covering anti-money laundering/countering the financing of terrorism training needs;
ØRaising public awareness about anti-money laundering/countering the financing of terrorism risks;
ØFurther analysis of the risks posed by Hawala and informal value transfer services – the scale of the problem and possible law enforcement solutions;
ØFurther monitoring of currency counterfeiting and its possible links to money laundering. The Commission presented a proposal for a Regulation establishing an exchange, assistance and training programme for the protection of the euro against counterfeiting for the period 2021-2027 (the ‘Pericles IV’ programme) and its extension to the non-euro area Member States , expected to be adopted in 2020;
ØFurther work to enhance supervision in the EU. The report on the assessment of the recent alleged money laundering cases involving EU credit institutions points to possible additional actions to further strengthen the EU legislative anti-money laundering framework and hereby reinforce the Banking and Capital Markets Unions.
4.Recommendations
Having assessed the risks in light of the updated legal framework, the Commission considers that a series of mitigating measures should be taken at EU and Member State level, taking into account:
-money laundering/terrorist financing risk levels;
-the need to take action at EU level or to recommend that Member States take action (subsidiarity);
-the need for regulatory or non-regulatory measures (proportionality); and
-the impact on privacy and fundamental rights.
The Commission has also taken into account the need to avoid any abuse or misinterpretation of its recommendations that would result in the exclusion of entire classes of customers and the termination of customer relationships, without taking full and proper account of the level of risk in a particular sector.
4.1.Recommendations to the European Supervisory Authorities
4.1.1.Follow-up to the 2017 Supranational Risk Assessment Recommendations
In the 2017 report, the Commission recommended that the European Supervisory Authorities should:
(1)raise awareness as to money laundering/terrorist financing risks and identify the appropriate actions to further enhance the capacity of national supervisors in anti-money laundering/countering the financing of terrorism supervision;
The European Supervisory Authorities have responded in the following way by:
Øissuing eight draft technical standards,
guidelines,
and opinions
to support the effective implementation of the risk-based approach to anti-money laundering/countering the financing of terrorism by credit and financial institutions and their supervisors. A ninth instrument on improving cooperation between anti-money laundering/countering the financing of terrorism supervisors is currently under consultation;
Øproviding training and organising workshops on the anti-money laundering/countering the financing of terrorism aspects of the risk-based approach, risk-based supervision; e-money risks; and money remittance risks. The workshops were attended by over 300 supervisors from all Member States; and
Øfostering the exchange of information and good practices through the European Supervisory Authorities’ internal committees and boards of supervisors, and setting clear expectations of supervisory practices in relation to specific issues, e.g. the Panama Papers.
(2)take further initiatives to improve cooperation between supervisors;
In November 2018, the European Supervisory Authorities consulted on draft guidelines to improve cooperation among anti-money laundering/countering the financing of terrorism supervisors. The draft guidelines clarify practical aspects of supervisory cooperation and information exchange and set out rules governing new anti-money laundering/countering the financing of terrorism colleges of supervisors. It is expected that they will be finalised in 2019.
On 10 January 2019, the European Supervisory Authorities approved the content of a multilateral agreement on the practical aspects of information exchange between the European Central Bank acting in its supervisory capacity and all competent EU authorities responsible for the supervision of credit and financial institutions’ compliance with anti-money laundering/countering the financing of terrorism obligations.
(3)develop further solutions for supervising operators acting under the ‘passporting’ regime;
The European Banking Authority has set up a task force to clarify when agents and distributors that operate in a Member State other than that in which the appointing institution is authorised are ‘establishments’ for the purposes of Directives (EU) 2015/2366, Directive 2009/110/EC, and 4th Anti-Money Laundering Directive. Work is under way and expected to be concluded in 2019.
(4)provide updated guidelines on internal governance so as to further clarify expectations around the functions of compliance officers in financial institutions;
In September 2017, the European Supervisory Authorities’ Joint Sub-committee on anti-money laundering/countering the financing of terrorism decided, in light of their own and national competent authorities’ limited resources, to postpone the drafting of guidelines on the functions of compliance officers and to focus on supervisory cooperation, which was deemed a priority as risks in this area had already materialised;
(5)provide further guidance on beneficial ownership identification for investment funds providers, especially in situations presenting a higher risk of money laundering or terrorist financing;
In June 2017, the European Supervisory Authorities published ‘risk factor guidelines’ on simplified and enhanced customer due diligence and factors credit and financial institutions should consider when assessing the money laundering/terrorist financing risk associated with individual business relationships and occasional transactions.
The guidelines contain sectoral guidance for providers of investment funds and set out, for the first time at EU level, measures that funds and fund managers should take to comply with their customer due diligence obligations (including in respect of beneficial owners) and how to adjust the extent of the measures on a risk‑sensitive basis;
(6)analyse operational anti-money laundering/countering the financing of terrorism risks linked to the business/business model in the corporate banking, private banking and institutional investment sectors on the one hand, and in money or value transfer services and e-money on the other.
The European Banking Authority took stock of the findings from competent authorities’ thematic reviews of credit institutions and investment firms. The findings are reflected in the joint opinion on the money laundering/terrorist financing risks affecting the Union’s financial system that the European Supervisory Authorities’ are obliged to issue for each suprarnational risk assessment exercise.
4.1.2.Current state of play
The recommendations addressed to the European Supervisory Authorities in the 2017 supranational risk assessment have been addressed, except recommendation (4) on the provision of updated guidelines on internal governance aimed at further clarifying expectations around the functions of compliance officers in financial institutions. The Commission reiterates that recommendation (4) remains to be completed.
Furthermore, the European Banking Authority is invited to complete the relevant actions under the EU Action Plan on Anti-Money Laundering annexed to the Council Conclusions of 4 December 2018.
4.2.Recommendations to non-financial supervisors
For the non-financial sector, there are no bodies at EU-level corresponding to the European Supervisory Authorities. Under the EU’s anti-money laundering framework, Member States may allow self-regulatory bodies to perform supervisory functions for tax advisors, auditors, external accountants, notaries and other independent legal professionals and estate agents.
The Commission reiterates the recommendations of the 2017 supranational risk assessment for self-regulatory bodies, notably to carry out more thematic inspections, raise the level of reporting; and continue to organise training schemes to develop understanding of risks and anti-money laundering/countering the financing of terrorism compliance obligations.
4.3.Recommendations to Member States
4.3.1.Follow-up to the 2017 Supranational Risk Assessment Recommendations
Under Article 6(4) of the 4th Anti-Money Laundering Directive, if Member States decide not to apply any of the recommendations, they should notify the Commission of their decision and provide a justification for it (‘comply or explain’). To date, no Member State has made such a notification to the Commission as concerns the 2017 recommendations.
The Commission followed up on the 2017 Recommendations to Member States through checks on the transposition of the 4th Anti-Money Laundering Directive, questionnaires to Member States on the follow up of 2017 recommendations and the update of the national risk assessments.
For some Recommendations the input received is either not significant or national authorities stressed the limited time available to implement them. The Commission underlines the need to maintain or intensify current efforts. Furthermore, it is important to note that the legal obligations of the 5th Anti-Money Laundering Directive supersede, either totally or in part, some of the Recommendations in the 2017 report, in particular as regards increased transparency of beneficial ownership, reduced thresholds for customer due diligence in some sectors, or extending the list of obliged entities.
(1)Scope of national risk assessments
The 2017 report identified cash intensive business and payment in cash, the non-profit organisation sector and electronic money products as areas to which Member States should give due consideration in their national risk assessments and define appropriate mitigating measures.
Most of the national risk assessments take into account the risks posed by cash-related operations and those arising from traffic in cultural artefacts and antiques, have incorporated non-profit organisations in the scope of their national risk assessments and addressed the risks of e-money products, in line with 4th and the 5th Anti-Money Laundering Directive.
However, several Member States have not yet adopted any national risk assessment, while others have not addressed the risk posed by the concerned products. These Member States are encouraged to urgently act on this Recommendation.
This report maintains the 2017 Recommendation and calls on all Member States to cover in their national risk assessments the risks associated with the mentioned products and to provide the appropriate mitigating measures.
(2)Beneficial ownership
The 2017 report recommended to Member States that the information on the beneficial ownership of legal entities and legal arrangements should be adequate, accurate and up to date. In particular, tools should be developed to ensure that the identification of beneficial ownership is done when applying customer due diligence measures and that the sectors most exposed to risks from opaque beneficial ownership schemes are effectively monitored and supervised.
The 4th Anti-Money Laundering Directive had already provided for an obligation for Member States to set up beneficial ownership registers for companies, trusts and similar legal arrangements, but the 5th Anti-Money Laundering Directive changed the context and deadline for transposition of these registers. Most Member States have notified the Commission that they have set up such registers.
This report maintains the 2017 recommendation and encourages Member States to ensure the timely implementation of the provisions set out in the 5th Anti-Money Laundering Directive related to beneficial ownership registers.
(3)Appropriate resources for supervisors and Financial Intelligence Units
The 2017 supranational risk assessment called on Member States to allocate "adequate" resources to their competent authorities. Most Member States confirm that they have allocated adequate resources to their competent authorities, as required under Article 48(2) of the Directive. However, the report on the assessment of recent alleged money laundering cases involving EU credit institutions shows that many supervisors were critically understaffed.
This report maintains the recommendation that Member States further intensify their efforts in this area and demonstrate that anti-money laundering/countering the financing of terrorism supervisors can fully carry out their tasks.
(4)Increased on-site inspections by supervisors
Financial sector
The 2017 report recommended that Member States put in place a risk-based supervision model according to the 2016 joint guidelines on risk-based supervision of the European Supervisory Authorities.
Several Member States indicated that they conduct regular thematic supervisory inspections on investment firms. Others report that they carry out a general risk assessment.
The report on the assessment of recent alleged money laundering cases involving EU credit institutions shows that often supervisors did not carry out adequate on-site inspections.
Supervisors should continue to conduct on-site inspections that are commensurate, in terms of frequency and intensity, to the identified money laundering/terrorist financing risks. These must focus on specific operational money laundering/terrorist financing risks, depending on the specific vulnerabilities inherent to a product or service, in particular: institutional investment (especially through brokers); private banking, where supervisors should in particular assess compliance with beneficial ownership rules; and currency exchange offices and money or value transfer services, where inspections should include a review of agents’ training.
Non-financial sector
The 2017 supranational risk assessment called on Member States to ensure that their competent authorities conduct sufficient unannounced spot‑checks on high‑value dealers, real‑estate professionals and antique traders.
Member States follow different approaches when it comes to inspections in the non-financial sectors and the quality of such supervision tends to vary more.
This report maintains the recommendation to conduct a sufficient number of on-site inspections.
(5)Supervisory authorities to carry out thematic inspections
The 2017 supranational risk assessment recommended that supervisors develop a better understanding of the anti-money laundering/countering the financing of terrorism risks to which a specific segment of the business is exposed to.
According to replies from Member States, when inspecting sectors of obliged entities, most supervisors allocate supervisory resources on the basis of risk. Supervisors’ inspections usually cover compliance with beneficial owner and training requirements among others. In most replies, there is no mention of thematic inspections in the money or value transfer services sector in the last two years. Supervisors should continue to improve their understanding of the money laundering/terrorist financing risks to which a specific segment of the business is exposed. They should specifically assess compliance with beneficial ownership rules in the sectors identified in 2017.
This report maintains the recommendation that Member States further ensure that supervisors carry out thematic inspections. In addition, supervisors should better focus their resources in thematic inspections.
(6)Considerations for extending the list of obliged entities
The 2017 report pointed at some services/products which were not covered by the EU anti-money laundering/countering the financing of terrorism framework and called on Member States to extend the scope of the anti-money laundering/countering the financing of terrorism regime to professionals particularly at risk.
The 4th Anti-Money Laundering Directive extended the scope of the anti-money laundering/countering the financing of terrorism regime to those professionals. Most Member States’ replies and the transposition check show that generally this recommendation was followed. Moreover, some Member States already apply the 5th Anti-Money Laundering Directive provisions as regards new obliged entities.
This report maintains the recommendation to pay close attention to professionals particularly at risk, including new obliged entities introduced by the 5th Anti-Money Laundering Directive (estate agents, art and antiques dealers and specific traders in high-value goods if they accept cash payments above a certain threshold; virtual currencies exchange platforms and wallet providers).
(7)An appropriate level of customer due diligence for occasional transactions
The 2017 report drew attention to the exemption from customer due diligence of occasional transactions below EUR 15 000 and called on Member States to define a lower threshold as appropriate given the anti-money laundering/countering the financing of terrorism risks at national level.
The threshold for occasional transactions varies across Member States. Some apply thresholds for money or value transfer services or currency exchange offices that could still be considered high. As a result, efficient monitoring of transactions is more difficult.
This report maintains the 2017 recommendation and calls on Member States to provide guidance on the definition of ‘occasional transactions’ and to set out criteria that ensure that the customer due diligence rules applicable to business relationships are not circumvented for currency exchange offices and money remittances;
(8)Appropriate level of customer due diligence for safe custody and similar services
The 2017 report recommended that appropriate safeguards are put in place to monitor safe custody services properly, in particular those provided by financial institutions and similar storage services provided by non-financial providers.
Replies from Member States show that these activities are subject to anti-money laundering/countering the financing of terrorism regulation regardless of whether developed by a credit institution or not. In some Member States only financial institutions are providing these services.
This report maintains the recommendation to ensure an appropriate level of customer due diligence for safe custody and similar services.
(9)Regular cooperation between competent authorities and obliged entities
The 2017 report recommended enhanced cooperation in order to make detecting suspicious transactions simpler, to increase the number and the quality of the Suspicious Transactions Reports, to provide guidance on risks, customer due diligence, and reporting requirements. This can be mainly achieved through feedback from Financial Intelligence Units to the obliged entities on the quality of reporting but also on typologies. Several sectors have stressed the lack of feedback as a problem in particular: gambling, tax advisors, auditors, external accountants, notaries and other independent legal professionals and money or value transfer services.
The analysis and the assessment for the purposes of the report assessing the framework for cooperation between Financial Intelligence Units showed that in many Member States feedback from Financial Intelligence Units to obliged entities is still deficient, despite the existence of internal regulations and sectoral guidelines as regards this requirement.
This report partly maintains the recommendation and calls for enhanced cooperation between competent authorities and obliged entities.
(10)Special and ongoing training for obliged entities
The 2017 report recommended that training by competent authorities should address the risk of infiltration or ownership by organised crime groups, in particular for the gambling sector, trust and company services providers, tax advisors, auditors, external accountants, notaries and other independent legal professionals, some service providers (on capital structure, industrial strategy, mergers and the purchase of undertakings), real estate and money or value transfer services.
Most Member States reported that training has been provided as recommended, as well as guidance on anti-money laundering/countering the financing of terrorism obligations for different sectors.
This report maintains the recommendation to provide further training, especially with regard to obliged entities particularly at risk, as identified in the 2017 supranational risk assessment, or for newly designated obliged entities.
(11)Annual reporting from competent authorities/self-regulatory bodies on the anti-money laundering/countering the financing of terrorism activities of the obliged entities under their responsibilities
The 2017 supranational risk assessment showed that this reporting obligation helped national authorities to conduct National Risk Assessments and allowed for more proactive action to deal with weaknesses or failures to comply with anti-money laundering/countering the financing of terrorism requirements in particular in the real estate sector and for tax advisors, auditors, external accountants, notaries and other independent legal professionals.
In some Member States, self-regulatory bodies have only recently begun their supervisory activity because certain sectors, mainly designated non-financial business and professions, have only been added through the 4th Anti-Money Laundering Directive. Therefore there are as yet detailed statistics as requested in the recommendation to designated non-financial business and professions. Some Member States disagree on the utility of annual reporting on supervisory activities.
This report maintains the recommendation and encourages self-regulatory bodies to perform a more proactive role in anti-money laundering supervision.
4.3.2.Risk analysis by product/service — specific recommendations
In addition to the above recommendations, there is a need for the following product/sector-specific action:
(1)Cash and cash-like assets
ØIn their national risk assessments, Member States should take into account risks posed by cash payments and take appropriate mitigating measures.
ØAuthorities should act on amounts below the EUR 10,000 declaration threshold where they suspect criminal activity.
(2)Financial sector
ØMember States should improve the monitoring and detection systems applying to products which are more exposed to terrorist financing risks. Financial institutions usually do not have access to relevant information (often held by law enforcement authorities) that would help them identify terrorist financing risks before they materialise. Likewise, law enforcement authorities’ efforts to disrupt terrorist activities and networks can be hampered by their inability to obtain information on financial flows that only financial institutions can provide;
ØAs regards money laundering risks, it is essential that Member States develop and improve their beneficial ownership registers to assist in carrying out robust customer due diligence processes;
ØMember States should continue to conduct thematic inspections, focusing on different areas depending on the sector/product. For on-site inspections in relevant companies in a particular sector, it is more time‑efficient to select risk areas than to conduct an overall inspection; this gives supervisors a clear picture of best practices and the most significant shortcomings;
ØProvision of training and guidance on risk factors such as non-face-to-face interaction, offshore professional intermediaries/customers and complex/shell structures: and
ØFollow up on the findings of the report on the assessment of recent alleged money laundering cases involving EU credit institutions.
(3)Non-financial sector and products — Designated non-financial businesses and professions
ØMember States should ensure that competent authorities/self-regulatory bodies provide training and guidance on risk factors, with a specific focus on non‑face-to-face business relationships, offshore professional intermediaries/customers or jurisdictions, and complex/shell structures;
ØMember States should ensure that self-regulatory bodies/competent authorities conduct thematic inspections on compliance with beneficial owner identification requirements;
ØCompetent authorities/self-regulatory bodies should provide Member States with annual reports on measures carried out to verify the obliged entities’ compliance with their customer due diligence obligations, including beneficial owner requirements, Suspicious Transaction Reports and internal controls; and
ØMember States should ensure that service providers offering advice to undertakings on capital structure, industrial strategy and related questions, and advice and services relating to mergers and the purchase of undertakings comply with their beneficial owner obligations.
(4)Gambling sector
ØCompetent authorities should put in place programmes to raise awareness among (online) gambling operators of the emerging risk factors that may affect the vulnerability of the sector, including the use of anonymous e-money and virtual currencies and the emergence of unauthorised online gambling operators. Feedback from Financial Intelligence Units on the quality of the Suspicious Transaction Reports would improve the reporting and the use made of the information provided. Financial Intelligence Units should take account of the specificities of the gambling sector when developing standard Suspicious Transaction Report templates at EU level.
ØIn addition to training sessions, Member States should ensure adequate training focusing on appropriate risk assessments of relevant products/business models for staff, compliance officers and retailers; and
ØFurther guidance should be given to obliged entities on the concept of ‘several operations which appear to be linked’.
(5)Collection and transfers of funds through a non-profit organisation
ØMember States should ensure that non-profit organisations are more involved in national risk assessments;
ØMember States should develop information and awareness‑raising programmes on the risk of non-profit organisations being abused and provide awareness‑raising materials for them; and
ØMember States should further analyse the risks faced by non-profit organisations.
(6)New products/sectors — professional football, free ports, investor citizenship and residence schemes
ØProfessional football – Member States should consider which actors should be covered by the obligation to report suspicious transactions and what requirements should apply to the control and registration of the origin of the account holders and the beneficiaries of money.
ØFree ports – Member States should implement independent, regular anti-money laundering audits of agreed free zone operators’ compliance functions and ensure adequate and consistent enforcement of the anti-money laundering procedures and oversight already enshrined in law.
ØInvestor citizenship and residence schemes – Member States should consider the money laundering risks of investor citizenship and residence.
5.CONCLUSION
The Commission will continue to monitor the implementation of the recommendations of this supranational risk assessment and report again by 2021. The review will also assess how EU and national measures affect risk levels, and will examine the impact of more recent changes to the regulatory framework. The Commission will also conduct a study on the effective implementation of the 4th Anti-Money Laundering Directive by Member States.