• wblogo
  • wblogo
  • wblogo

Time to prepare for MLD V – before the ink is dry on MLD IV!

Michael Southgate, FSCom, Head of Financial Crime, London, 15 August 2017

articleimage

Because organised criminals and terrorist funding groups have become more sophisticated in their money laundering activities, and for other political reasons, the EU is going to revise its fourth money laundering directive, which came into force on 26th June.

Officially entitled the “proposal for a directive of the European Parliament and of the Council amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and amending Directive 2009/101/EC”, it is more commonly known as the fifth money laundering directive, 5 MLD or MLD V. A text of it is now in the public domain but it is still very much in a state of flux. This article, which is being published in two parts, looks at the proposals as they stand and attempts to predict what is going to happen next.

MLD V is intended, among other things, to close gaps that the EU identified in the light of recent terrorist attacks, having analysed recent trends in terrorists' financial behaviour and the ways in which they now use financial services. It is also intended to introduce new regulations that the EU had not prepared in time for 26th June. As the EU puts it, “Certain modern technology services are becoming more and more popular as alternative financial systems and remain outside the scope of [European] union legislation or benefit from exemptions that may no longer be justified”.

Key issues

The EU has identified five overarching problems that it wants to remedy.

1. The financial institutions of the EU do not monitor transactions involving ‘high risk third countries' (today’s official list of them contains Afghanistan, Bosnia & Herzegovina, Guyana, Iran, Iraq, Laos, North Korea, Syria, Uganda, Vanuatu and Yemen) effectively because anti-money laundering requirements differ slightly between member-states in an inconsistent way.

2. The financial institutions of the EU do not monitor suspicious transactions that use virtual currencies because they are not required to (and, in any case, they would be unable to link people’s identities with their transactions).

3. The EU’s current measures to offset money laundering/terrorist financing risks associated with anonymous prepaid instruments are insufficient.

4. Financial intelligence units (FIUs) do not have timely access to – and do not exchange – information held by reporting entities (which the EU and the Financial Action Task Force, the world’s AML standard-setter, call "obliged entities").

5. FIUs lack access, or at least quick access, to information that identifies the holders of bank accounts and payment accounts.

Points for heads of compliance

Here are the main parts of MLD V, as it stands at the moment, for which heads of compliance at wealth management firms ought to start preparing. Each part is listed under a quotation from MLD V in its present form.

Quotation 1: Anonymous prepaid cards are easy to use in financing terrorist attacks and logistics”

MLD IV has reduced firms' opportunities to use "simplified due diligence" (SDD) dramatically and this has a bearing on MLD V’s attitude towards prepaid cards. Previously, someone could load a card with up to €2,500 before the financial firm in question had to verify his identity. MLD IV reduced this to an initial load of €250 or €500 for domestic cards. 'Higher risk' cards, i.e. those that allowed people to load cash up on them or withdraw it from them, were restricted further to a limit of €100. In transposing MLD IV into their own law, the French chose to 'gold plate' this further, setting a blanket €100 limit.

The current iteration of MLD V now seeks to reduce limits even further, in keeping with the French limits, to a monthly spending limit of €150 and, for any card on which the value of some cash can be loaded electronically and then withdrawn in cash, or vice versa, to €50. The €150 limit now also depends upon the account being operable only in the EU.

The result is that prepaid travel cards and e-money accounts will probably require "customer due diligence" (CDD) in all cases. This is because card issuers only know the “delivery destinations” (i.e. where to send the cards) of their clients at the point of card issuance. The usage locations, which drive the SDD threshold, cannot be known in advance as the customer can choose to use the card anywhere. From a practical perspective, this means that only such cards as gift cards that only buy things at a specific retail outlet such as HMV or that only buy goods in all the shops in one shopping centre, i.e. cards which “use a limited number of geographies or locations,” in the EU’s phrase, are likely to benefit from SDD in any practical form.

Quotation 2: “A short common list of high-risk third countries, in relation to which financial transactions should be subject to particular attention”

The EU has decided that when financial firms handle transactions and relationships involving highly risky jurisdictions inconsistently, they increase the likelihood that money laundering might occur. With this in mind, it has proposed a series of specific steps for them to take whenever a transaction or relationship involves a country identified in “commission delegated regulation (EU) 2016/1675.” This contains the list mentioned in point 1 above. Alone among them, only Bosnia and Herzegovina might someday apply for EU membership.

If MLD V comes into force in its present form, any transactions or relationships with these countries will be subject to "enhanced scrutiny" as defined in its newly introduced article 18a which lays down the following requirements.

  • Obtaining additional information on the customer, including beneficial owner(s).
  • Obtaining additional information on the intended nature of the business relationship.
  • Obtaining information on the source of funds or source of wealth of the customer, including the beneficial owner(s).
  • Obtaining information on the reasons for the intended or performed transactions.
  • Obtaining the approval of senior managers for the establishment or continuance of the business relationship.
  • Conducting "enhanced monitoring" of the business relationship by applying more controls more often and by selecting patterns of transactions that need further examination.
  • Requiring the first payment to be carried out through an account in the customer's name with a bank subject to similar CDD standards.


Article 18a also states that any entity with a subsidiary or branch in one of these countries should ensure "that increased levels of external audit take place in those locations." This should result in the firm in question making a geographic risk assessment – something it is already obliged to make – that pays extensive attention to these locations whenever transactions take money into these countries or whenever the firm has anything to do with these locations.

Quotation 3: “Virtual currencies are a marginal phenomenon at present, but it is possible that they will become increasingly important”

MLD V, as it is at the moment, says that issuers, administrators, intermediaries and distributors of virtual currencies, as well as custodian wallet holders, will have to sign a register and be regulated. This will result in an obligation on the various virtual currency exchanges (i.e. forex companies or bureaux de change to which consumers come to exchange dollars for bitcoins and vice versa, on the bureau-de-change model) to carry out AML and CDD checks on their clients, while also verifying the sources of prospective customers' funds and wealth and monitoring business relationships continually.

MLD V, in its present and highly-changeable form, admits that people can use virtual currencies in peer-to-peer transactions outside regulated exchanges and that this, coupled with the fact that they can create anonymous wallets in unlimited numbers, could facilitate money laundering. MLD V, however, does not deal with this problem.

Although MLD V states that FIUs should be able “to associate virtual currency addresses to the identity of the owner of virtual currencies,” the text does not say how this would or could work in any detail, although it does say that it is a good idea for users to declare their ownership.

The reality is that since trades for virtual currencies can take place “off exchange,” with users paying each other through bank transfers or in cash, it is quite possible that the proposals to regulate exchanges will result in the creation of a black-market exchange network, or push individuals back to selling their bitcoins directly to other users.

To be fair, this is a first attempt at regulating the virtual currency market. ICOs – which at the moment are outstripping IPOs or initial public offerings in number – are entirely unregulated. The US Securities and Exchange Commission has said that it wants to regulate them, but it has so far taken no action. That said, regulation is unlikely to stop criminals from using such currencies to a significant degree. Instead, MLD V will affect that small number of firms that issue Bitcoin-backed prepaid cards in the EU. This may simply force criminals to revert to peer-to-peer offerings.

* Michael Southgate can be reached on +44 28 9042 5451 or at michael.southgate@fscom.co.uk

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll