This Commission staff working document accompanies the report from the Commission on the assessment of the risk of money laundering and terrorist financing affecting the internal market and relating to cross-border activities.

The report recalled that the Financial Action Task Force (FATF) recommends that countries conduct risk assessments that take account of their capacity and experience in each sector subject to requirements on anti-money laundering and countering Terrorist Financing (AML/CFT). They should identify, assess and understand money laundering (ML) and terrorist financing (TF) risks, and take commensurate preventive measures.

The Commission is required to conduct an assessment of specific ML/TF risks affecting the internal market and relating to cross border activities. The Commission published its first supranational risk assessment in 2017.

The 4th Anti-money Laundering Directive also requires the Commission to update its report every two years (or more frequently if appropriate). The current exercise updates the information in the 2017 report, analyses the present ML/TF risks and proposes comprehensive action to address them. It assesses the degree to which the Commission’s recommendations for mitigating measures have been implemented and evaluates the remaining risks, taking into account new products and sectors.

More specifically, this staff working document details the risk analysis for the following sectors and products:

Cash products; Financial sector; Non-financial products; Gambling; Non-profit organisations; Professional sports; Free-trade zones; Citizenship/residency.

The legal framework

The risk assessment needs to provide a snapshot of the money laundering and terrorist financing risks and requires a clear-cut timing. The assessment of risks affecting the EU was carried out at a time when the relevant legislative framework was still the 4th Anti-money Laundering Directive. Even though the 5th Anti-Money Laundering Directive was adopted, its transposition has not been completed yet.

Therefore the supranational risk assessment is based on the EU legislation implemented at the time of the assessment. This is particularly important to stress since some sectors were not, or only limitedly, covered by the obligations in the 4th Anti-money Laundering Directive. Therefore the risk level may be assessed differently for those Member States having already applied the stricter regime. Nevertheless, changes brought by the 5th Anti-money Laundering Directive to be transposed by January 2020 have been anticipated when defining the new mitigating measures.

In accordance with the requirements of Directive 2015/849 (Fourth Money Laundering Directive), the Commission is required to conduct an assessment of money laundering and terrorist financing risks affecting the internal market and relating to cross border activities and to update it every two years (or more frequently if appropriate). This report updates the Commission’s first supranational risk assessment published in 2017.

It assesses the implementation of the Commission’s recommendations and evaluates remaining risks, including in new products and sectors.

The report provides a systematic analysis of the money laundering or terrorist financing risks of specific products and services. It focuses on vulnerabilities identified at EU level, both in terms of legal framework and in terms of effective application and provides recommendations for addressing them.

This supranational risk assessment takes into account the requirements of the 4th Anti-Money Laundering Directive, which was due to be transposed by July 2017. Additional changes brought by the 5th Anti-Money Laundering Directive, due to be transposed by January 2020, have been anticipated when defining the new mitigating measures.

Outcomes of the assessment

In this second supranational risk assessment, the Commission identified 47 products and services that are potentially vulnerable to money laundering/terrorist financing risks, up from 40 in 2017. These products and services fall under 11 sectors, including the 10 sectors or products identified by the 4th Anti-Money Laundering Directive along with one additional category of products and services relevant for the risk assessment.

Main risks in the sectors

The main risks for the internal market in the sectors concerned are as follows:

- cash and cash-like assets : although cash is falling out of favour among consumers, it remains criminals’ money laundering instrument of choice. The use of cash is the main trigger for the filing of suspicious transaction reports.

Since the 2017 supranational risk assessment, the relevant legal framework has been strengthened. The 4th Anti-Money Laundering Directive covers traders of goods who make or receive cash payments of EUR 10 000 or more. Member States can adopt lower thresholds, additional general restrictions on the use of cash and stricter provisions.

The revised Cash Controls Regulation applicable from 3 June 2021 extends the obligation of any traveller entering or leaving the EU and carrying cash to a value of EUR 10 000 or more to declare it to the customs authorities.

It also extends the definition of cash, to cover not only banknotes but also other instruments or highly liquid commodities, such as cheques, traveller's cheques, prepaid cards and gold.

Assets with similar properties to cash (e.g. gold, diamonds) or high-value ‘lifestyle’ goods (e.g. cultural artefacts, cars, jewellery, watches) are also high-risk, due to weak controls.

- financial sector : the report on the assessment of recent alleged money laundering cases involving EU credit institutions identifies the factors that contributed to, as well as lessons learnt from, recent money laundering cases in EU banks, with a view to informing further policy actions.

The use of new technologies (FinTech) that enable speedy and anonymous transactions with increasingly non-face-to-face business relationships, while bringing considerable benefits, may pose a higher risk if customer due diligence and transaction monitoring are not conducted efficiently across the delivery channel.

- non-financial sector and products : it is estimated that 2030% of all proceeds from crime are laundered in the non-financial sector. The sector’s exposure to risks is therefore considered significant to very significant overall.

- new products/sectors : exchange platforms and wallet providers, professional football, free ports, and investor citizenship and residence schemes (‘golden passports/visas’) were all identified as new sectors posing risks.

EU mitigating measures

Most legislative measures referred to in the 2017 supranational risk assessment have been adopted, notably the 5th Anti-Money Laundering Directive, the new Cash Control Regulation , the Directive on Countering Money Laundering by Criminal Law, and the Regulation on the import of cultural goods .

The revision of the European Supervisory Authorities Regulations strengthened the European Banking Authority's mandate for collecting, analysing and further disseminating information to ensure all relevant authorities effectively and consistently supervise the risks of money-laundering.

The European Banking Authority's power to act where Union law is breached has also been clarified and enhanced. The adoption of the 5th Capital Requirements Directive 38 removes the obstacles to cooperation between prudential and anti-money laundering/countering the financing of terrorism supervisors.

Recommendations to Member States

The Commission followed up on the 2017 Recommendations to Member States through checks on the transposition of the 4th Anti-Money Laundering Directive, questionnaires to Member States on the follow up of 2017 recommendations and the update of the national risk assessments.

For some Recommendations the input received is either not significant or national authorities stressed the limited time available to implement them. The Commission underlines the need to maintain or intensify current efforts.

Conclusion

The Commission will continue to monitor the implementation of the recommendations of this supranational risk assessment and report again by 2021. The review will also assess how EU and national measures affect risk levels, and will examine the impact of more recent changes to the regulatory framework. The Commission will also conduct a study on the effective implementation of the 4th Anti-Money Laundering Directive by Member States.

In accordance with Article 65(2) of the 5th Anti-Money Laundering Directive, the Commission is required to assess the framework for Financial Intelligence Units’ cooperation with third countries and obstacles and opportunities to enhance cooperation between Financial Intelligence Units (FIUs) in the European Union, including the possibility of establishing a coordination and support mechanism.

This is the aim of this report.

As a reminder, Financial Intelligence Units (FIUs) are central players in the Union’s anti-money laundering and countering the financing of terrorism framework. They are operationally independent and autonomous units that have been established under the EU anti-money laundering and countering the financing of terrorist framework and their functioning and tasks are mainly regulated by the Anti-Money Laundering Directive.

This report should be looked at in conjunction with the Commission’s Supranational Risk Assessment report, the Commission’s report on the interconnection of national centralised automated mechanisms and the Commission’s report on the assessment of recent alleged anti-money laundering cases involving EU credit institutions, all published at the same time as this report.

Main findings related to actions by Financial Intelligence Units

Increased cooperation : the EU - and the international - anti-money laundering and counter terrorist financing framework rely on the reporting of suspicions by the private sector, analysis by the Financial Intelligence Units and cooperation between FIUs and relevant authorities. It is imperative that the private sector fulfil their legal obligation to report suspicious transactions and receive support and assistance of relevant authorities in doing so. It is also essential that FIUs are able to carry out their tasks and that, given the cross-border nature of many transactions, they cooperate with each other and with competent authorities, including law enforcement, but also tax and customs authorities and the European Anti-Fraud Office, in a more meaningful and efficient manner.

The lack of regulation of exchanges of information between Member States’ FIUs and FIUs of third countries led to a non-harmonised approach to such exchanges and there are questions on the compliance of such exchanges with the Union’s data protection framework.

Reporting : the report stressed that reporting by the private sector is hampered by the lack of a common template for the reporting of Suspicious Transaction Reports and the lack of a mandatory electronic filing of such reports. Regular feedback by FIUs to the private sector on the quality of their reports and a structural dialogue between them in order to share typologies, trends and general guidance is imperative in order to enhance the ability of the private sector to correctly identify suspicions and file the most meaningful reports. In dealing with threats common to all Member States, FIUs need to establish a common approach.

Inadequate IT tools : FIUs also sometimes lack the proper IT tools to efficiently import and export information to/from the FIU.net that would allow them to analyse effectively the Suspicious Transaction Reports they receive and have divergent access to national databases, which hinders them from carrying out analysis the broadest and most useful way. However, a number of FIUs have started to develop IT tools, which make their national analysis more efficient and bring benefit to joint analysis of cross-border cases. Common tools based on artificial intelligence (e.g. for joint analysis or identification of trends) and machine learning (e.g. for feedback to the private sector and development of typologies) could be developed centrally and be made available to Member States’ FIUs through a cooperation and support mechanism.

FIU.net : there are recurrent technical difficulties in the functioning of the FIU.net which make it cumbersome for FIUs to share information. In the meantime, Europol is working to maintain FIU.net and has developed a proposal for a new system that will be the successor of the FIU.net.

Remaining obstacles

To remedy the identified shortcomings, the Commission will continue to reflect on possible further steps and assess different or complementary options to the existing system. It is likely that many of the identified shortcomings will continue to exist until the tasks and cross-border cooperation obligations of the FIUs are more clearly spelled out in the EU anti-money laundering and countering the financing of terrorism framework legal framework.

In addition, the present assessment shows a need for a stronger mechanism to coordinate and support cross-border cooperation and analysis. This mechanism could, as a minimum, include powers to adopt legally binding standards, templates and guidelines in the area of work of FIUs. It could also include certain aspects of centralised reporting and a more central capacity building based on new IT tools (based on artificial intelligence and machine learning technologies) to strengthen and facilitate joint analysis.

The Commission presents this report on the interconnection of national centralised automated mechanisms (central registries or central electronic data retrieval systems) of the Member States on bank accounts.

In accordance with Article 32a of the Anti-Money Laundering Directive 2015/849/EU, Member States are required to put in place b y 10 September 2020 national centralised automated mechanisms, such as central registries or central electronic data retrieval systems, which allow the identification of any natural or legal persons holding or controlling payments accounts, bank accounts and safe deposit boxes.

Objective of the centralised mechanisms

Under the Anti-Money Laundering Directive, the purpose of the centralised mechanisms on bank accounts is to improve the fight against money laundering and terrorist financing and access is limited to certain public authorities. The Directive defines a minimum set of information that should be included in such centralised mechanisms. It also provides that Financial Intelligence Units (FIUs) should have immediate and unfiltered access to them, while the other competent authorities should also have access for fulfilling their tasks obligations under the Anti-Money Laundering Directive.

Access by competent authorities to central bank account registers or retrieval systems will be an important component in the fight against money laundering; associate predicate offences and terrorist financing, as well as more generally in combatting serious crimes. Bearing in mind the objectives of the Anti-Money Laundering Directive and the Directive on facilitating access to financial and other information, a future EU-wide interconnection of bank account registries and data retrieval systems would facilitate the cross-border cooperation of the competent authorities involved in the fight against money laundering, terrorist financing and other serious crimes.

The Commission is required to assess the conditions and the technical specifications and procedures for ensuring secure and efficient interconnection of the centralised automated mechanisms. Therefore, this report assesses the various IT solutions at EU level, already operational or being currently under development, which may serve as models for a possible interconnection of the centralised mechanisms. For an interconnection to be achieved, a legislative instrument would be required.

This report should be looked at in conjunction with the Commission’s Supranational Risk Assessment report, the Commission’s report on Financial Intelligence Units and the Commission’s report on the assessment of recent alleged anti-money laundering cases involving EU credit institutions, which are presented in parallel.

State of play

Centralised registries or electronic data retrieval systems on bank accounts in the Member States

For the time being, centralised mechanisms containing bank account information are operational in 15 Member States. From the replies received from the Member States, there is a slight preference in favour of the technical solution of the central registry: whereas 17 Member States are having or going to have central registries, 9 Member States declared to have or to envisage central data retrieval systems. There is also a preference for the systems which contain data additionally to the minimum set of information relating to the account profile.

EU systems interconnecting national decentralised electronic databases

There are several EU projects ensuring the EU-wide decentralised interconnection of national electronic databases. The IT systems that are considered relevant for this report are the following:

· ECRIS : the European Criminal Records Information System (ECRIS) became operational in April 2012 in order to improve the exchange of information on criminal records throughout the EU. All Member States are currently connected to ECRIS. ECRIS ensures that information on convictions is exchanged between Member States in a uniform, fast and compatible way and provides judges and prosecutors with easy access to comprehensive information on the criminal history of persons concerned.

· EUCARIS : the European car and driving licence information system (EUCARIS) connects countries so they can share vehicle and driving licence information and other transport related data. EUCARIS is a mechanism that connects the Vehicle and Driving Licence Registration Authorities in the Union through which vehicle owner and vehicle insurance can be exchanged between National Contact Points of Member States.

· IRI : the EU-wide interconnection of insolvency registers (IRI), which includes two different projects. The first version of the system (IRI 1.0) has been available on the European eJustice Portal14 since July 2014. It was developed as a pilot-project with the voluntary participation of certain Member States. The second version (IRI 2.0) will interconnect the national insolvency registries of all Member States (with the exception of Denmark). All Member States should be compliant with the interconnection by June 2021.

· BRIS : the Business Registers Interconnection System (BRIS) is the interconnection of business registers, allowing business registers to exchange cross-border messages on mergers and branches, and the users of the e-Justice portal to obtain multilingual information on EU companies.

· LRI : the Land Registers Interconnection (LRI) is an on-going voluntary project, which aims to provide a single access point within the European e-Justice Portal to the land registers of participating EU countries. It is planned to become operational in the second quarter of 2020.

· E-CODEX : the e-CODEX system (e-Justice Communication via Online Data Exchange) facilitates secure communication in civil and criminal proceedings by providing a decentralised system for cross-border electronic messages

Interconnecting banking registeries

The system to interconnect banking registries will need to exchange data between different databases, each with its own data models and semantic standards. Common semantic standards will need to be set up, either natively in the systems or as a mapping layer between the different standards in the Member States. However, before creating any new semantic standard, reuse of already existing standards needs to be considered.

Next steps

This reports sets out a number of elements to be considered for a possible interconnection of bank account registries and data retrieval systems and illustrates that the interconnection of those centralised mechanisms is technically feasible. Such a system could possibly be a decentralised system with a common platform at EU level. Technology already developed by the European Commission in the context of the various analysed models could be used.

Over the last years different systems have followed the reuse of common building blocks. These building blocks are essentially a set of well-known standards and technical specifications that can be applied to recurrent challenges such as the secure exchange of information. Consistently resorting to these building blocks is an approach advocated by current digital policy of the Commission, to which the Member States have committed themselves in the Tallinn Declaration on eGovernment.

A future interconnection of national centralised automated mechanisms could leverage the use of the same building blocks to accelerate its creation and alignment to relevant EU regulations such as eIDAS.

Given that a future EU-wide interconnection of the centralised mechanisms would speed up access to financial information and facilitate the cross-border cooperation of the competent authorities, the Commission intends to further consult with the relevant stakeholders, governments, as well as the Financial Intelligence Units, law enforcement authorities and Asset Recovery Offices as potential "end-users" of a possible interconnection system.

In accordance with the requirements of Directive 2015/849 (Fourth Money Laundering Directive), the Commission presents a report on the supra-national risk assessment of the risks of money laundering and terrorist financing (ML/TF) affecting the internal market and relating to cross-border activities. It analyses the risks of ML/TF that the EU could face and proposes a comprehensive approach to address them.

Conclusions on the supranational risk assessment: the assessment shows that the EU internal market is still vulnerable to ML/TF risks. The Commission has identified 40 products or services that are considered potentially vulnerable to ML/TF risks affecting the internal market. These cover 11 professional sectors .

The main risks for the internal market in the sectors concerned are as follows:

· financial sector , particularly private banking and institutional investment, safe custody services, electronic money or money value transfer services. Emerging products – such as crowd funding platforms and virtual currencies – also appear to be significantly exposed;

· certain gambling products such as land-based betting and poker, and gambling online;

· the non-financial sector , with the identification of the beneficial owner of the customer seeming to be the main weakness in this sector, especially for trust and company services, (providers, tax advisors, auditors, external accountants, and notaries); and the real property sector;

· cash remains the most recurring means used for ML/TF purposes, since it allows criminals to conceal their identity. Assets offering similar facilities to cash ( gold, diamonds ) or high-value, easily tradable "lifestyle" goods, (e.g. cultural artefacts, cars, jewellery, watches) are also high-risk.

All sectors discussed are vulnerable to additional risks : (i) criminal infiltration; (ii) false documents ; (iii) insufficient information-sharing between the public and the private sector: (iv) insufficient resources, risk-awareness and know-how to implement AML/CFT rules: (v) new risks emerging from FinTech and online services.

Mitigating measures: as of 26 June 2017 the EU legal framework includes new requirements under the fourth Anti-Money Laundering directive. However, the evaluation has confirmed that more needs to be done to improve certain legislative measures and strengthen the capacity of public and private actor to meet their obligations. Amongst these legislative measures and other initiatives, the following are notable:

· the Commission proposal amending the Fourth Money Laundering Directive under which both virtual currencies exchange platforms and wallet providers should become obliged entities to reduce anonymity in transactions;

· the proposal on the revision of the Cash Control Regulation , which intends to enable authorities to act on amounts lower than the current declaration threshold of EUR 10000 where there are suspicions of criminal activity ;

· adoption, in the summer of 2017, of a proposal aiming at combatting terrorism financing via illicit trafficking in cultural goods ;

· an initiative to enhance transparency of cash payments;

· an internal task force to assess technological developments, and technology-enabled services;

· improving the collection of statistical data;

· training for professionals carrying out activities covered by the legal privilege principle;

· further work to enhance supervision in the EU.

Recommendations: the Commission sets out a series of recommendations for the European Supervisory Authorities (ESAs), bearing in mind the pivotal role plated by the ESAs in raising the EU's capacity to meet the challenges in this sector.

Amongst other things, it recommends that Member States :

· define appropriate mitigating measures concerning cash-intensive business and payments in cash , cultural artefacts and antiques, and electronic money products;

· ensure that the information on the beneficial ownership of legal entities and legal arrangements is adequate, accurate and current;

· allocate adequate resources to their competent authorities so that the latter might carry out their tasks;

· ensure that the scope of on-site inspections is focused on specific operational AML/CFT risks depending on the specific vulnerabilities inherent to a product or a service, and ensure authorities carry out thematic inspections;

· define a lower than EUR 15 000 CDD threshold applicable to occasional transactions and ensure an appropriate level of CDD for safe custody services.

Lastly, there should be strengthened regular cooperation between competent authorities and obliged entities to make detecting suspicious transactions simpler, particularly in the gambling sector, on risk factors arising from transactions involving tax advisors, and transfer of funds.

The Commission invites Member States to implement the recommendations issued in this report expediently . Under the Fourth Money Laundering Directive, Member States that decide not to apply any recommendations in their national AML/CFT regimes, should notify the Commission of their decision and provide a justification for it ("comply or explain"). In the absence of such notifications, Member States are expected to implement those recommendations.

The Commission will monitor the actions taken by Member States based on the findings of the supranational evaluation and report on these findings at the latest by June 2019.

PURPOSE: to protect the financial system against money laundering and terrorist financing through measures on prevention, investigation, and detection.

LEGISLATIVE ACT: Directive (EU) 2015/849 of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC.

CONTENT: this Directive updates and revises the existing 3rd anti-money laundering Directive with the aim of further strengthening the EU’s defences against money laundering and terrorist financing and of ensuring the soundness, integrity and stability of the financial system. It aims to ensure consistency between the EU approach and the international one - in particular, alignment with the most recent (February 2012) Recommendations of the Financial Action Task Force (FATF).

The anti-money laundering Regulation , adopted at the same time as the Directive, concerns in particular the information accompanying transfers of funds.

Scope : this Directive shall apply to:

credit institutions; financial institutions; auditors, external accountants and tax advisors; notaries and other independent legal professionals, where they participate, whether by acting on behalf of and for their client in any financial or real estate transaction, other persons trading in goods to the extent that payments are made or received in cash in an amount of EUR 10 000 or more; providers of gambling services.

Gambling : with the exception of casinos , and following an appropriate risk assessment, Member States may decide to exempt , in full or in part, providers of certain gambling services from national provisions transposing this Directive on the basis of the proven low risk posed by the nature and, where appropriate, the scale of operations of such services. Such exemptions should be subject to a specific risk assessment which also considers the degree of vulnerability of the applicable transactions.

Tighter rules on customer due diligence : Member States shall ensure that obliged entities apply customer due diligence measures in the following circumstances:

when establishing a business relationship; when carrying out an occasional transaction that amounts to EUR 15 000 or more; in the case of persons trading in goods, when carrying out occasional transactions in cash amounting to EUR 10 000 or more ; for providers of gambling services , upon the collection of winnings, the wagering of a stake, or both, when carrying out transactions amounting to EUR 2 000 or more ; when there is a suspicion of money laundering or terrorist financing, regardless of any derogation, exemption or threshold; when there are doubts about the veracity or adequacy of previously obtained customer identification data.

Where a Member State or an obliged entity identifies areas of lower risk, that Member State may allow obliged entities to apply simplified customer due diligence measures. Before applying simplified customer due diligence measures, obliged entities shall ascertain that the business relationship or the transaction presents a lower degree of risk.

The use of electronic money products is increasingly considered to be a substitute for bank accounts, which, justifies subjecting those products to anti-money laundering and countering the financing of terrorism obligations. However, in certain proven low-risk circumstances and under strict risk-mitigating conditions, Member States should be allowed to exempt electronic money products from certain customer due diligence measures.

Risk-based approach : the importance of a supranational approach to risk identification has been recognised at international level. The Commission shall conduct an assessment of the risks of money laundering and terrorist financing affecting the internal market and relating to cross-border activities. To that end, the Commission shall, by 26 June 2017, draw up a report identifying, analysing and evaluating those risks at Union level.

Beneficial ownership information : Member States shall ensure that the information is held in a central register in each Member State or a public register. It shall be accessible to competent authorities, financial intelligence units and obliged entities such as banks. The Directive also enables persons who can demonstrate a legitimate interest to access the following stored information: (i) name; (ii) month and year of birth; (iii) nationality; (iv) country of residence; (v) nature and approximate extent of the beneficial interest held.

As for trusts , the central registration of beneficial ownership information will be used where the trust generates consequences as regards taxation.

Sanctions : the Directive provides for a maximum pecuniary fine of at least twice the amount of the benefit derived from the breach or at least EUR 1 million. For breaches involving credit or financial institutions, it provides for:

a maximum pecuniary sanction of at least EUR 5 million or 10% of the total annual turnover in the case of a legal person; a maximum pecuniary sanction of at least EUR 5 million in the case of a natural person.

By 26 June 2019, the Commission shall draw up a report on the implementation of this Directive and submit it to the European Parliament and to the Council.

ENTRY INTO FORCE: 25.6.2015.

TRANSPOSITION: 26.6.2017.

DELEGATED ACTS: the Commission may adopt delegated acts in order to identify high-risk third countries , taking into account strategic deficiencies. The power to adopt delegated acts referred to in Article 9 shall be conferred on the Commission for an indeterminate period of time from 25 June 2015. The European Parliament or the Council may object to a delegated act within a period of one month from the date of notification (this period may be extended by one month). If the European Parliament or the Council objects to the delegated act, it shall not enter into force.

The European Parliament adopted a legislative resolution on the Council position at first reading with a view to the adoption of a directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC.

Parliament approved the Council position at first reading without amendment.

The proposed directive aims to update and improve the EU’s existing 3rd Anti-Money Laundering Directive in order to further strengthen the EU’s defences against money laundering and terrorist financing and of ensuring the soundness, integrity and stability of the financial system.

The Committee on Economic and Monetary Affairs Committee on Civil Liberties, Justice and Home Affairs jointly adopted the recommendation for second reading contained in the report by Krišjānis KARIŅŠ (EPP, LV) and Judith SARGENTINI (Greens/EFA, NL), on the Council position at first reading with a view to the adoption of a directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC.

The committees recommended that the European Parliament approve the Council position at first reading without amendment.

The Commission approved the results of the inter-institutional negotiations and can therefore accept the Council's position at first reading on the adoption of a Directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing.

The Commission recognised that the text reflects the political agreement that was reached between the European Parliament and the Council, which represents a delicate but acceptable balance, as part of the overall compromise, as regards:

the provisions related to beneficial ownership information : this information will be held in a central register in each Member State, which constitutes an enhancement of transparency which is in line with the broader Commission's policies. However, as regards the specific provisions on the access to this information, the Commission considers that the notion of "legitimate interest" must be construed and understood in the light of the requirements flowing from Articles 7 and 8 of the Charter of Fundamental Rights, in full respect of the rules on protection of personal data and the right to privacy. When transposing the Directive, the Member States will need to pay particular attention to such requirements in order to ensure that the access of third parties pursues an objective of general interest and that the necessity and proportionality which would justify the restriction of protection of personal data and right to privacy are fully established; the provisions related to the level of administrative pecuniary sanctions applicable to financial institutions and to non-financial institutions; the use of delegated acts , and not implementing acts, to identify third-country jurisdictions which have strategic deficiencies in their anti-money laundering (AML) and counter terrorist financing (CTF) regimes.

The Commission can accept the additional elements introduced in the position of the Council, in particular that:

all gambling service providers , not only casinos, are required to apply customer due diligence measures for single transactions of EUR 2000 or more. In strictly limited and justified circumstances and on the basis of a proven low risk of money laundering or terrorist financing, Member States will be allowed to provide for some exemptions; the provision on the definition of beneficial ownership constitutes a well-balanced result which will allow an overall understanding of what beneficial ownership means; considering the need for consistency of the EU framework applicable to cash , the Commission supports that the threshold applying to natural or legal persons trading in goods or services is raised from EUR 7 500 to EUR 10 000; the removal of the distinction between “foreign” and “domestic” politically exposed persons (PEPs), resulting in automatic enhanced due diligence measures to be required in the case of any PEP, regardless of where they originate from, represents a fair balance between the Council's concerns, the European Parliament's reservations and existing recommendations by FATF; and the role given to the Commission to conduct a supranational risk assessment of the money laundering and terrorist financing risks that could affect the internal market and relating to cross-border phenomena will bring about a coherent approach towards anti-money laundering (AML) and counter terrorist financing (CTF) requirements at European level.

The Council's position at first reading reflects the compromise reached in negotiations between the Council and the European Parliament, with the support of the Commission.

The purpose of the Anti-Money Laundering Regulation (AMLR), which was adopted at the same time as the Anti-Money Laundering Directive, is to update and revise the existing 3rd AMLR with the aim of further strengthening the EU’s defences against money laundering and terrorist financing and of ensuring the soundness, integrity and stability of the financial system.

The amendments of the Council aim to strengthen the EU’s defences against money laundering and terrorist financing while ensuring consistency with the approach followed at international level, notably the FATF recommendations. On some issues, the new EU rules expand on the FATF's requirements and provide additional safeguards.

The amendments introduced by the Council and accepted by the Parliament concern the following issues:

Gambling : for gambling services posing higher risks, the Directive requires service providers to conduct due diligence for transactions of € 2000 or more. With the exception of casinos, Member States will be allowed to exempt gambling services from some or all requirements, in strictly limited and justified circumstances. Such exemptions will be subject to an appropriate risk assessment.

Furthermore, in certain proven low-risk circumstances and under strict mitigating conditions, Member States are allowed to exempt electronic money products from certain customer due diligence measures.

Risk assessment : the Directive applies a risk-based approach to better target risks. The Commission has been entrusted with the responsibility of coordinating the assessment of money laundering and terrorist financing risks affecting the internal market and relating to cross-border activities.

Treatment of politically exposed persons : the Council’s position does not distinguish between persons who hold or have held prominent functions domestically and those who hold or have held such functions abroad.

Beneficial ownership information on corporate and other legal entities : this information will have to be held in a central register in each Member State. Member States that so wish may use a public register.

Beneficial ownership information will be accessible to competent authorities and financial intelligence units and, in the framework of the conduct of customer due diligence, to obliged entities.

The Directive also enables persons or organisations that can demonstrate a legitimate interest to access at least the following information on the beneficial owner: its name, month and year of birth, nationality and country of residence, as well as the nature and extent of the beneficial interest held.

As for trusts , central registration of beneficial ownership information will be used when the trust generates tax consequences.

Sanctions : the text provides for maximum administrative pecuniary sanctions of at least twice the amount of the benefit derived from the breach, where that benefit can be determined, or at least €1 million. For breaches involving credit or financial institutions, it provides for:

a maximum pecuniary sanction of at least €5 million or 10% of the total annual turnover in the case of a legal person; a maximum pecuniary sanction of at least €5 million in the case of a natural person.

Delegated acts : the Commission will identify, by means of delegated acts, third country jurisdictions which have strategic deficiencies in their national regimes in the field of anti-money laundering and countering the financing of terrorism.

The European Parliament adopted by 643 votes to 30 with 12 abstentions, a legislative resolution on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing.

Parliament’s position adopted at first reading under the ordinary legislative procedure amended the Commission proposal as follows:

Scope : the directive which is grounded in a risk-based approach, will apply to credit institutions, financial institutions, auditors, lawyers, external accountants and tax advisors, who will be expected to be more vigilant regarding suspect transactions made by clients. It will also apply to estate agents including letting agents, in so far as they are involved in financial transactions. It will apply to providers of gambling services. With the exception of casinos, Member States may decide to exempt in full or in part certain gambling services from national provisions on the basis of the low risk posed by the nature of the services on the basis of risk assessments.

Increased vigilance regarding politically exposed persons : the Commission proposal covers both domestic politically exposed persons and foreign politically exposed persons. Parliament proposed that the Commission, in cooperation with Member States and international organisations, shall draw a list of domestic politically exposed persons and persons who are residents of the Member States, who are or have been entrusted with a prominent function by an international organisation. The list shall be accessible by competent authorities and by obliged entities.

The Commission shall notify the persons concerned that they have been placed on or removed from the list.

Public registers : Parliament proposed that companies and other entities having legal personality established or incorporated within their territory, or governed under their law obtain, hold and transmit to a public central register, commercial register or companies register within their territory adequate, accurate, current and up-to-date information on them and on their beneficial ownership, at the moment of establishment as well as any changes thereof.

Parliament sets out the list of minimum information that must be kept in the register to clearly identify the company and its beneficial owner.

The information shall be available online to all persons in an open and secure data format, in line with data protection rules.

The company registers shall be interconnected by means of the European platform, the portal and optional access points established by Member States. The latter shall lay down the rules on penalties for natural or legal persons applicable to infringements of the national provisions adopted pursuant to the Directive.

The Commission shall seek cooperation with third countries to encourage that equivalent central registers containing beneficial ownership information are established and information on beneficial owners is made publically accessible in their countries.

Risk assessment : Members proposed that the Commission should produce an assessment on the money laundering and terrorist financing risks affecting the internal market, with particular reference to cross-border activities. In order to produce such an assessment, it should consult the Member States, the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), the European Securities and Markets Authority (ESMA), the EDPS, Article 29 Working Party, Europol and other relevant authorities.

The risk assessment should cover at least the following aspects: the overall extent of money laundering and the areas of the internal market that are at greater risk; the most widespread means used by criminals to launder illicit proceeds as well as the recommendations to the competent authorities on the effective deployment of resources.

The evaluation should be done every six months and more often if necessary.

Targeted and proportionate approach : Member States could adopt or retain in force stricter provisions in the field covered by this Directive to prevent money laundering and terrorist financing, provided that such provisions are in full compliance with Union law , especially as regards Union data protection rules and the protection of fundamental rights as enshrined in the Charter of Fundamental Rights of the European Union. Such provisions should not unduly prevent consumers from accessing financial services and shall not constitute an obstacle to the functioning of the Single Market.

Non-cooperative jurisdictions : in order to develop a common approach and common policies against non-cooperative jurisdictions with deficiencies in the field of combating money laundering, Member States should periodically endorse and adopt the lists of countries published by the Financial Action Task Force (FATF).

The Commission should coordinate preparatory work at the European level on the identification of third countries with grave strategic deficiencies in their money laundering systems that pose significant risks to the financial system of the Union.

Parliament stated in the text that the Commission should increase the pressure that it brings to bear on the tax havens to improve their cooperation and exchange of information in order to combat money laundering and terrorist financing.

The Committee on Economic and Monetary Affairs, jointly with the Committee on Civil Liberties, Justice and Home Affairs, adopted the report by Krišjānis KARIŅŠ (EPP, LV) and Judith SARGENTINI (Greens/EFA, NL) on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing.

The parliamentary committee recommended that the European Parliament’s position adopted at first reading, following the ordinary legislative procedure, should amend the Commission proposal. The main improvements suggested by the Members concerned the following issues:

Function of company registers: Member States should ensure that companies and other entities having legal personality, established or incorporated within their territory, or governed under their law obtain, hold and transmit to a public central register, commercial register or companies register within their territory adequate, accurate, current and up-to-date information on them and on their beneficial ownership, at the moment of establishment as well as any changes thereof.

The register shall contain the minimum information to clearly identify the company and its beneficial owner , namely : (i) the name, number, legal form and status of the entity, proof of incorporation, address of the registered office (and of the principal place of business if different from the registered office), (ii) the basic regulatory powers (such as those contained in the Memorandum and Articles of Association), (iii) the list of directors and shareholder/beneficial owner information, such as the names, dates of birth, nationality or jurisdiction of incorporation, contact details, number of shares, categories of shares and proportion of shareholding or control, if applicable/

The registers should be interconnected and accessible by the authorities and the obliged entities. Member States may grant access to the information to other parties and establish rules based on which the register can be accessed.

Member States shall lay down the rules on effective, proportionate and dissuasive penalties for natural or legal persons applicable to infringements of the national provisions adopted pursuant to this Directive.

Risk assessment : Members proposed that the Commission should produce an assessment on the money laundering and terrorist financing risks affecting the internal market, with particular reference to cross-border activities. In order to produce such an assessment, it should consult the Member States, the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), the European Securities and Markets Authority (ESMA), the EDPS, Article 29 Working Party, Europol and other relevant authorities.

The risk assessment should cover at least the following aspects: the overall extent of money laundering and the areas of the internal market that are at greater risk; the most widespread means used by criminals to launder illicit proceeds as well as the recommendations to the competent authorities on the effective deployment of resources.

Due to the ever changing business environment, the evaluation should be done periodically and at least on a biannual basis.

Targeted and proportionate approach : Member States could adopt or retain in force stricter provisions in the field covered by this Directive to prevent money laundering and terrorist financing, provided that such provisions are in full compliance with Union law , especially as regards Union data protection rules and the protection of fundamental rights as enshrined in the Charter of Fundamental Rights of the European Union. Such provisions should not unduly prevent consumers from accessing financial services and shall not constitute an obstacle to the functioning of the Single Market.

Non-cooperative jurisdictions : in order to develop a common approach and common policies against non-cooperative jurisdictions with deficiencies in the field of combating money laundering, Member States should periodically endorse and adopt the lists of countries published by the Financial Action Task Force (FATF).

The Commission should coordinate preparatory work at the European level on the identification of third countries with grave strategic deficiencies in their money laundering systems that pose significant risks to the financial system of the Union.

Opinion of the European Data Protection Supervisor on a proposal for a

Directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing.

On 5 February 2013, the Commission adopted two proposals: this proposal for a Directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing and the parallel proposal for a Regulation of the European Parliament and of the Council on information on the payer accompanying transfers of funds. The proposals were sent to the EDPS for consultation on 12 February 2013.

The EDPS underlines that the legitimate aim of achieving transparency of payments sources, funds deposits and transfers for purpose of countering terrorism and money laundering has to be pursued while ensuring compliance with data protection requirements.

The following issues should be addressed in both proposals:

· an explicit reference to applicable EU data protection law should be inserted in a substantive and dedicated provision, mentioning in particular Directive 95/46/EC and the national laws implementing Directive 95/46/EC, and Regulation (EC) No 45/2001;

· a definition of ‘competent authorities’ and ‘financial intelligence units (FIUs)’ should be added in the proposed Directive;

· it should be clarified that the legal ground for the processing would be the necessity to comply with a legal obligation by the obliged entities, competent authorities and FIUs;

· it should be recalled that the sole purpose of the processing must be the prevention of money laundering and terrorist financing, and that data must not be further processed for incompatible purposes ;

· the specific prohibition to process data for commercial purposes should be laid down in a substantive provision;

· a dedicated recital should be added to clarify that the fight against tax evasion is only inserted as predicate offences;

· substantive provisions on the transfers of personal data should be introduced which provide for an appropriate legal basis for the intra-group/PSP to PSP transfers that would respect the text and interpretation of Directive 95/46/EC; the proportionality of requiring the mass transfer of personal and sensitive information to foreign countries for the purpose of fighting AML/TF should be re-assessed

· an evaluation of alternative and less intrusive options to the general publication obligation should be undertaken and, in any case, specification in the proposed Directive the purpose of such a publication as well as the personal data that should be published;

· a substantive provision should be added that sets forth a maximum data retention period that must be respected by Member States.

In respect of the proposed Directive, the EDPS further recommends to:

· add a specific provision to recall the principle of providing data subjects with information about the processing of their personal data and to specify who will be responsible for such data subjects' information;

· add a specific provision to specify the conditions under which the data subjects' rights may be limited;

· add a precise list of the information that should and should not be taken into account in carrying out the Customer Due Diligence;

· limit more clearly the situations in which the risks are so substantial that they justify enhanced due diligence and to provide for procedural safeguards against abuse;

· include a reference to confidentiality, which should be respected by all employees involved in the CDD procedures;

· list in a substantive provision the types of identification data to be collected on the beneficial owner, also when no trust is involved.

·

Opinion of the European Central Bank on a proposal for a directive on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing and on a proposal for a regulation on information accompanying transfers of funds.

The ECB received two requests for an opinon from the Council: the first one concerns the proposal for a directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing, the other concerns a proposal for a regulation of the European Parliament and of the Council on information accompanying transfers of funds . The ECB also received requests from the European Parliament for an opinion on the proposed Union instruments.

The ECB welcomes the proposed Union instruments .

As regards the proposed directive , the ECB notes that its legal basis is Article 114 of the Treaty and that it accordingly aims to approximate relevant national provisions and minimise inconsistencies between them across the Union. Article 5 of the proposed directive would permit Member States to choose to apply stricter measures than merely requiring the dealer to satisfy the customer due diligence, reporting and other relevant obligations under the proposed directive. Any such measures should be carefully weighed against the expected public benefits.

Furthermore, the ECB notes that according to recital 35 of the proposed directive, it is not the Union legislators’ intention to include within the scope of the regulation persons who provide ‘credit or financial institutions solely with a message or other support systems for transmitting funds or with clearing and settlement systems’ such as the ECB operated TARGET2 system. Whilst supporting this approach, the ECB recommends providing for this exemption in the enacting terms of the proposed Union instruments, rather than in the recitals.

PURPOSE: protecting the financial system against money laundering and terrorist financing through measures on prevention, investigation, and detection.

PROPOSED ACT: Directive of the European Parliament and of the Council.

PARLIAMENT’S ROLE : Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council

BACKGROUND: Money laundering and terrorism financing create thus a high risk to the integrity, proper functioning, reputation and stability of the financial system. The changing nature of money laundering and terrorist financing threats requires a permanent adaptation of the legal framework to counter such threats.

At EU level, Directive 2005/60/EC (the Third Anti Money Laundering Directive or AMLD ) sets out the framework designed to protect financial institutions against the risks of money laundering and terrorist financing. The EU rules are to a large extent based on international standards adopted by the Financial Action Task Force (FATF).

At international level, the FATF has undertaken a fundamental review of international standards and adopted a new set of Recommendations in February 2012. In parallel to the international process, the European Commission has been undertaking its own review of the European framework. The proposed revision of the Directive is complementary to the revised FATF Recommendations, which represent a substantial strengthening of the anti-money laundering and combating terrorist financing framework.

IMPACT ASSESSMENT: the Commission has undertaken an impact assessment, where it analysed the potential consequences of money laundering and terrorism financing. It also analysed the impact of the legislative proposals on fundamental rights.

In order to rectify the problems identified, the assessment concluded that the following operational objectives must be achieved:

ensure consistency between national rules and, where appropriate, flexibility in their implementation by strengthening and clarifying current requirements; ensure that the rules are risk-focused and adjusted to address new emerging threats, by strengthening and clarifying current requirements; ensure that the EU approach is consistent with the approach followed at international level by extending the scope of application, and strengthening and clarifying the current requirements.

LEGAL BASIS: Article 114 of the Treaty on the Functioning of the European Union (TFEU).

CONTENT: the proposal incorporates and repeals Commission Directive 2006/70/EC laying down implementing measures for Directive 2005/60/EC1, thus improving the comprehensibility and accessibility of the anti-money laundering legislative framework.

The Commission proposes to make the following amendments to the Third Anti-Money Laundering Directive:

broaden the scope of the Directive beyond casinos to cover the gambling services involving wagering a stake with monetary value in games of chance; include an explicit reference to tax crimes as a predicate offence ; reduce the scope of the Directive and customer due diligence thresholds for traders in high value goods from EUR 15 000 to EUR 7 500 for cash transactions ; introduce a requirement for Member States to carry out a risk assessment at national level and take measures to mitigate risks; Member States are required to ensure that enhanced due diligence must be conducted in certain situations of high risk, while allowing them to permit simplified due diligence in lower risk situations; require all companies to hold information on their beneficial owners ; maintain the approach which requires identification of the beneficial owner from a 25% ownership threshold , but clarify what the "25% threshold" refers to; introduce new rules clarifying that branches and subsidiaries situated in Member States other than the head office must apply host state anti-money laundering rules and reinforce cooperation arrangements between home and host supervisors; remove the provisions relating to positive "equivalence " with third countries, as the use of exemptions on the grounds of purely geographical factors is less relevant; provide a range of sanctions that Member States should ensure are available for systematic breaches of key requirements of the Directive; bring in the provisions of Council Decision 2000/642/JHA concerning arrangements for cooperation between financial intelligence units of Member States in respect of exchanging information and also extend and strengthen cooperation; entrust certain tasks to the European Supervisory Authorities (EBA, EIOPA and ESMA): (i) carry out an assessment and provide an opinion on money laundering and terrorist financing risks; (ii) produce guidance for financial institutions on what factors should be taken into account when applying simplified customer due diligence and enhanced customer due diligence and when applying a risk-based approach to supervision; introduce provisions to clarify the interaction between anti-money laundering/combating terrorist financing and data protection requirements ; introduce new requirements for the treatment of domestic politically exposed persons (PEPs) and PEPs working in international organisations.

BUDGETARY IMPLICATIONS: the proposal has no implications for the Union budget.