What does a digital bank, an Israeli financial institution working with Spanish crypto customers and a payment service provider situated in Naples have in common? Supposedly these companies have no collective basis, yet the new anti-money laundering (AML) regulatory system of the EU deems these companies under the same risk of money laundering.
In July 2022 the new AML regulatory framework of the EU has been transposed, which affects greatly businesses that operate in non-EU jurisdictions and creates the new EU AML Agency.
Whether it is financial institutions, art galleries, defence companies or even cargo companies, there is a need to adapt to the new rules with regards to compliance and regulations for money laundering and terrorist financing. Hence, companies that until now operated with clients, or are considered sides for business deals, in the EU which do not fall under any regulatory framework, or with the wrong or inadequate regulatory framework, are exposed to increased fines and are flagged as a high risk. This situation is considered a turning point in the market, mainly because many financial institutions used the licensing of a different entity under an agreement, or under a similar regulatory framework and are not able to do so anymore.
The main emphasis is on financial institutions that offer payment options in governmental currency (fiat) and digital currency. A company will be able to hold multiple licenses for payment options, yet it is important to assess the correct licensing required for each operation within the company, especially when there are multiple payment methods. It is important to point out that due to sever scandals (e.g. ABN AMRO in April 2021 and Swedbank in January 2022), the new regulation sets criminal liability not just on the involved corporations but also on individuals directly or indirectly related to the activities of the respective corporations.
Furthermore, the fact that the EU issued a conscious decision to “upgrade” the new regulatory framework for anti-money laundering and counter terrorist financing from the Member State level to the Union level, and in cases of high risk to be the direct authority (in instances of incoming cases and for enforcement for companies and private individuals), proves that the Union decided not to ignore money laundering and terrorist financing events that have grown drastically in the past years. Thus, a financial institution that does not qualify under the new regulations, will not only be exposed to fines, but also to enhanced enforcement by the newly founded Authority for AML in the EU, that will deal with these topics ad-hoc and without the need to involve the local authority.
The new regulatory framework demands reassessment towards the enhanced enforcement that has already commenced and to ensure that there is a proper regulatory and compliance framework for the corporation, training for employees and the board of directors, implementation of processes and policy papers, in addition to technological adaptation to the new set of rules. It is important to mention that corporation that have received licensing in the United Kingdom will also need to apply for an EU license, due to the fact that the UK regulator, the FCA, no longer falls under the framework of the EU. Because the new directive also creates personal liability for directors, it is recommended to follow the advice of a law firm specializing in EU regulation, in order to avoid personal liability.