Customer Due Diligence Experiences from the Eurozone Antonio Ghirlando Legal & Compliance Manager Customer Due Diligence & Corporate Governance Forum October 2014
The Scenario Global Enhanced Due Diligence Regional National Obliged Entities Enhanced Due Diligence Risk-Based Approach Customer Due Diligence Simplified Due Diligence
Global Standards APG CFATF MONEYVAL EAG ESAAMLG GIABA GAFISUD MENAFATF
Global Standards 1990 1996 2001 2003 2012 The revised FATF Recommendations issued on the 16th February 2012 include a number of significant and important changes that have strengthened the standards in a number of key areas.
Global Standards “Although the financial services industry is increasingly moving towards a globally standardised approach, there is still notable inconsistency with regard to implementation of AML controls at regional and local levels. This is not too dissimilar from the fragmented approach regulators continue to display in their global efforts to manage financial crime. Despite some positive steps and evident strides in coming to grips with the 21st century challenges posed by money laundering threats, regulators and the financial services industry continue to lag behind today’s globally connected money launderers. Inconsistent regulations have left gaps in which money launderers thrive, and as such, it will become essential that regulators implement a consistent regulatory approach, but also foster a closer working relationship with industry professionals in order to leverage each other’s resources, align mutual interests, and effectively tackle financial crime”. KPMG Global Anti-Money Laundering Survey 2014
Regional Measures The 3rd Anti-Money Laundering Directive has been adopted by all 28 EU Members States, as well as a number of other European countries. There are a total of 18 EU Member States that have, to date, adopted the €uro. Most others are obliged to do so. The use of the currency extends beyond the Eurozone, either through monetary agreements or through unilateral adoption of the €uro.
Regional Measures
Regional Measures The 3rd Anti-Money Laundering Directive (Directive 2005/60) is part of a broader set of legislative measures aimed at the prevention of money laundering and terrorist financing. These include: Directive 2006/70; Regulation 1781/2006; Regulation 1889/2005; EU Council Decision 2000/642; and A number of EU legal instruments imposing sanctions and restrictive measures on governments of third countries, or non-state entities and individuals.
National Measures Prevention of Money Laundering Act Criminal Code (Articles 328A to 328M) Prevention of Money Laundering & Funding of Terrorism Regulations Implementing Procedures Guidance Notes
Obliged Entities Customer Due Diligence Risk Assessment & Risk Management Record Keeping Procedures Reporting Procedures & Obligations Awareness, Training & Vetting of Employees Internal Controls
CDD Measures Customer Due Diligence Identification & Verification Ongoing Monitoring Purpose & Intended Nature Identification & Verification
Applicant for Business A legal or natural person Whether acting as principal or agent Who seeks to form a business relationship, or carry out an occasional transaction With a person who is acting in the course of either relevant financial business or relevant activity.
Beneficial Owner (BO) General Definition: A natural person who ultimately owns or controls the customer. A natural person on whose behalf or for the benefit of whom a transaction is being conducted. Specific Instances: Body corporate or body of persons. Legal entity or legal arrangement which administers and distributes funds. Long term insurance business.
Beneficial Owner (BO) Body corporate or body of persons A natural person who owns or controls, whether directly or indirectly, more than 25% of the shares or voting rights (including through bearer shares). A natural person who otherwise exercises control over the management. Body corporate or body of persons A natural person who is the beneficiary of at least 25% of the property. In the case of non-determined beneficiaries, the class of persons. A natural person who controls at least 25% of the property. Legal entity or legal arrangement The beneficiary under the policy. Long term insurance business
Applicant for business Identification & Verification Identify Official full name Date & place of birth Permanent residential address Identity reference number Nationality Verify Government-issued document with photographic evidence to verify identity Document to verify address Applicant for business Beneficial owners
Principal Identification and verification procedures depend on whether: Obliged entities must ensure that the applicant is duly authorised in writing to act on behalf of the principal. Applicant is acting on behalf of a natural person Applicant is acting on behalf of a company or partnership Applicant is acting on behalf of a foundation or association Applicant is a trustee of a trust
CFT Obligation Obliged entities should have a system in place which detects whether an applicant for business is subject to any financial sanctions: UN Security Council Resolution 1267/1999 UN Security Council Resolution 1373/2001 Related EU Regulations Obliged entities need to remain updated with all sanctions that might have an impact on their business operations: Independent research ‘International Sanctions’ section on the MFSA website (= prudential regulator) Commercial databases, etc.
Purpose & Intended Nature Establish Business & Risk Profile Business/ occupation/ employment Source(s) of wealth Expected source & origin of funds Anticipated level of activity Anticipated nature of activity
Ongoing Monitoring Scrutiny of transactions: On the basis of the business and risk profile of the customer. In response to activities of a similar peer group. In response to specific types of transactions. Complex or large transactions. Transactions from a non-reputable jurisdiction. Updating CDD documentation: Updating expired documentation. Collecting new documentation as necessary.
Source of Wealth & Funds At the beginning of the business relationship As part of the ongoing monitoring process Source of Wealth Source of Funds The economic activity generating the total net worth of the customer The activity, event, business, occupation or employment from which funds used in a transaction originate
Customer Due Diligence Application of CDD SDD EDD Customer Due Diligence
Enhanced Due Diligence General Circumstances Customer Risk Product/ Service Risk Interface Risk Geographic Risk Specific Circumstances Non Face-to-Face Correspondent Banking Politically Exposed Persons New/ Developing Technologies Customer Due Diligence
Simplified Due Diligence Applicants Relevant financial business Listed entities BOs of pooled accounts Public authorities/ bodies Certain low-risk entities Products Certain insurance policies Certain pensions or similar schemes Electronic money Certain low-risk products Customer Due Diligence Specific criteria/ limits apply in most instances
Implementation of 3rd AML Directive There are significant differences in the way the 3rd Anti-Money Laundering Directive has been implemented within the Eurozone and the EU as a whole. Differences relating to CDD (including BOs) include: Calculation of the 25% threshold for corporates; Categories of persons considered to otherwise exercise control over corporate entities; Calculation of the 25% threshold for legal entities; Control and ownership structure; Verification of identity; High-risk indicators and enhanced due diligence; Requirement to keep BO information up-to-date; and Use of BO information obtained for CDD purposes.
Towards the 4th AML Directive Scope Align EU legislation with the revised FATF Recommendations. Address issues that have arisen within a European context. Timeline Official proposal published by the Commission – 5th February 2013. 1st compromise text issued by the Presidency – 30th August 2013. 2nd compromise text issued by the Presidency – 22nd November 2013. 3rd compromise text issued by the Presidency – 28th January 2014. 3rd compromise text (revised) issued by the Presidency – 21st February 2014. European Parliament amendments – 11th March 2014. 4th compromise text issued by the Presidency – 8th May 2014. 4th compromise text (revised) issued by the Presidency – 22nd May 2014. 5th compromise text issued by the Presidency – 10th June 2014.
Beneficial Owner In the case of corporate entities the definition is clarified, and further guidance on how to identify beneficial ownership is outlined in the text. In case of trusts and similar arrangements the settlor, trustee, protector, beneficiaries or class of beneficiaries (or similar positions) or any other person exercising control shall be regarded as a beneficial owner.
Beneficial Owner Company A Company B 10% Person 2 100% Company C 60% Legal persons Natural persons not required to be identified as a beneficial owner Natural persons required to be identified as a beneficial owner
Beneficial Owner Company V Company W 18% Company Y 100% Person 4 100% Company X 52% Person 2 20% Person 3 50% Company Z 30% Person 1 30% Legal persons Natural persons not required to be identified as a beneficial owner Natural persons required to be identified as a beneficial owner
Beneficial Owner Company A Person 1 Shares 20% Voting 10% Legal persons Natural persons not required to be identified as a beneficial owner Natural persons required to be identified as a beneficial owner Natural persons required to be identified as a beneficial owner
Beneficial Ownership Information 5th Presidency Compromise Text (Articles 29 – 30) What information should be retained? Corporate entities – essential information, including beneficial ownership information. Trusts or similar arrangements – identity of settlor, trustee, protector, beneficiaries or class of beneficiaries (or similar positions) and any other person exercising effective control. How should information be made available? To obliged entities – on request when these would be conducting CDD. To competent authorities and FIUs – information should be stored in a specified location through central registries or by virtue of data retrieval systems. (Obliged entities may be granted access as well).
Beneficial Ownership Information European Parliament Amendments (Articles 29 – 30) What information should be retained? Corporate entities – essential information, including beneficial ownership information. Trusts or similar arrangements – identity of settlor, trustee, protector, beneficiaries or class of beneficiaries (or similar positions) and any other person exercising effective control. How should information be made available? Through public registers, commercial or company registers. Accessible by competent authorities, FIUs, obliged entities and the public at large (subject to identification).
Politically Exposed Persons (PEPs) Members of governing bodies of political parties will also be regarded as PEPs. EDD will not be limited to PEPs residing in other Member States or foreign jurisdictions, but will also be applicable to domestic PEPs.
Customer Due Diligence Simplified Due Diligence No longer considered to mean “no CDD”. Entirely risk-based. Enhanced Due Diligence Still mandatory in specific circumstances. Inclusion of further specific circumstances where the application of EDD is mandatory (for example, domestic PEPs and certain complex transactions). Reliance on third parties No longer strictly rules-based. Introduction of group-wide reliance.
Risk-Based Approach May determine the extent of customer due diligence (CDD) measures on a risk-sensitive basis depending on the type of customer, business relationship, product or transaction. Shall have policies, controls and procedures to mitigate and manage effectively the money laundering and terrorist financing risks identified at Union level, Member State level, and at the level of obliged entities. Current Proposed
Risk Assessments – Overview Supra-National EU Commission National National Authority Obliged Entities Subject Persons EU Member States, ESAs, FIUs & others ---------- Recommendations Public & private entities ---------- Direction & Guidance
Antonio Ghirlando antonio.ghirlando@fiumalta.org