In July of last year, the European Commission announced a package of legislative proposals designed to strengthen the EU's framework of laws on anti-money laundering and countering the financing of terrorism (AML/CFT).
The package consists of four legislative proposals:
a regulation establishing a new EU AML/CFT Authority (the AMLA Regulation)
a regulation on AML/CFT, containing directly-applicable rules, including in the areas of customer due diligence and beneficial ownership (the AML/CFT Regulation)
a sixth directive on AML/CFT (6AMLD) to replace the existing Fourth Anti-Money Laundering Directive, containing provisions that will be transposed into national law, such as rules on national supervisors and Financial Intelligence Units
a revision of the Regulation on transfers of funds to trace transfers of crypto-assets (Regulation 2015/847/EU)
Where are they now?
The proposals are still in the early stages of the EU legislative process. In the European Parliament, the Economic and Monetary Affairs Committee (ECON) and the Civil Liberties, Justice and Home Affairs Committee (LIBE) are jointly responsible for each of the proposals. In the Council of the EU, the Working Party on Financial Services and the Banking Union has responsibility for the proposals.
Once both sides have reached their positions on the draft texts, it is likely that interinstitutional (trilogue) negotiations will commence between representatives from the Parliament, the Council and the Commission with a view to reaching agreement on the final texts.
There is still a long road ahead before the legislation is finalised and implementation dates will depend on the swiftness of the legislative process. The Commission is “hopeful for a speedy legislative process” and has set ambitious targets for the AMLA to be operational by 2024 and fully resourced by 2026.
A number of European Parliament committees and other EU bodies, including the European Data Protection Board (EDPB) and the European Central Bank (ECB), have issued opinions on the proposals in recent months. The opinions have been broadly positive and include the typical recommendations for changes and improvements that one would expect at this stage.
The ECON and LIBE committees also held a public hearing on the AML package on 22 March. The Committees heard from six external experts, including the President of the Financial Action Task Force (FATF), the Heads of the French and Latvian Financial Intelligence Units, and representatives from Refinitiv.
Most recently, the European Banking Authority (EBA) published a letter sent to the EU legislators, which includes a summary of the views and recommendations drawn from AML/CFT experts in a number of competent authorities.
Some common themes are emerging from scrutiny of the legislative proposals, including the following:
The scope of AMLA's direct supervision and the selection criteria currently proposed
The ECB recommends that a wider pool of obliged entities in each Member State be directly supervised by AMLA, which would "foster a common supervisory culture and convergence of AML/CFT supervisory practices" and decrease the risk of regulatory arbitrage.
The AML/CFT experts call on the co-legislators to consider whether the eligibility criteria should be extended to those entities which, due to the nature of their business, may expose the internal market to significant risks, such as crypto-asset service providers.
The experts also suggest that the obligations on competent authorities' in relation to risk profiling of obliged entities should be aligned across the AMLA Regulation and 6AMLD.
Cooperation and information exchange
All of the bodies suggest amendments to further facilitate cooperation and information exchange between AMLA and competent authorities, prudential supervisors and third country authorities. They emphasise the importance of clearly delineating the roles of supervisors and ensuring consistency and coherency of approach where their remits converge (e.g. in the coordination of administrative sanctions).
Both the ECB and the AML/CFT experts call for the key terms in the legislation to be defined unequivocally and to be used consistently across the legislative package.
Data protection concerns
The EDPB called for greater clarity and specificity as to what obliged entities should be monitoring from a reasonable risk-based approach.
The trigger events as to when enhanced due diligence and monitoring should occur should be distinct and clear in order to avoid any disproportionate and therefore unlawful processing of personal data.
The legislation should also specify what personal data is being processed and retained and set data retention periods.
FATF and high-risk third countries
The President of FATF, Dr Marcus Pleyer, made some pointed remarks on the listing of high-risk third countries. He commented that the EU's listing process should be "complementary" to the FATF list rather than working in parallel to it and "it's harming the FATF's authority".