On 10th January 2020, the EU’s Fifth Money Laundering Directive (5MLD) came into force. Designed to close the gaps and fill the cracks that remained after the four previous directives, 5MLD aims to close down the financial means of criminals without preventing the effective functioning of payment systems and markets.
But having been introduced just over two years after 4MLD, many organisations are struggling to ensure their practice meets the requirements of this new regulation whilst maintaining operational efficiencies, says Wayne Johnson, CEO of KYC automation firm, Encompass corporation.
The sheer pace of regulatory change makes it hard to keep up
5MLD builds on 4MLD, with several significant updates, but one of the core differences is that member states of the EU will now need to issue and maintain a list of the public functions that qualify as ‘prominent public functions’. This additional clarity will support Obliged Entities (OE) – institutions that are required to comply with the Money Laundering Directives – like financial organisations, helping them to refine their risk-based approach to compliance and due diligence, and increase efficiencies in their screening and ongoing monitoring processes.
However, says Johnson, in addition to updates that aim to simplify aspects of anti-money laundering (AML) compliance, 5MLD also requires regulated firms to step up when it comes to having their customer account information in order. 5MLD allows law enforcement agencies to track potential terrorists without Suspicious Activity Reports (SARs), which are reports filed by OEs that have caught on to potential money laundering activity. Moving forward, OEs will need to be able to provide timely, accurate and relevant customer account information as and when it is needed.
“Banks should now be well versed in adapting to evolving regulation, with often large teams of lawyers and compliance professionals on hand to advise on policy updates, as well as a variety of resources available to make things happen quickly,” says Johnson. “However, as customer demand for slick, digital experiences have become the norm, even in business-to-business scenarios, it has become harder to balance regulatory requirements with expectations in this digital era.”
Fortunately, RegTech has emerged as a potential solution to these current compliance challenges. But, notes Johnson, it can be difficult to champion change in large institutions. “As regulatory procedures pile up, it will only be a matter of time before these institutions are inundated and forced to enlist external specialist help,” he adds. “It’s better to lay the groundwork now before this is the case.”
New sectors are now subject to regulation
It’s no longer just traditional financial institutions that must embrace the Money Laundering Directive, as new sectors are now subject to regulation, for the protection of consumers.
As banks have beefed up their compliance efforts and become more effective at detecting money laundering, criminals have had to look elsewhere. As a result, new sectors, including property, art and cryptocurrencies, are now increasingly appealing to money launderers and criminals, thus AML regulation has become relevant to a wider scope of industries.
“Many of these firms do not have the same resources or expertise as the big banks and therefore are still trying to fully understand what is expected of them,” comments Johnson. Indeed, the challenges for many newly regulated firms is finding the money and resources needed to implement adequate compliance programmes while maintaining customer satisfaction levels.
This can be an advantage, however, he believes, as these firms can get started using the most advanced RegTech solutions, “unlike banks, which are often burdened with outdated but expensive legacy technology.”
Competing priorities
It’s not all about AML – GDPR (General Data Protection Regulation), MiFID II (Markets in Financial Instruments Directive) and a host of other regulatory developments are competing for attention and resources, to the point where treasurers, directors and managers in charge of operations are faced with a balancing act.
“Many fintech, SMEs, scale-ups and banks are even having to come to terms with the fact that not all regulations can immediately be tended to as their budget, time and workforce simply won’t allow it,” notes Johnson.
Moving forward, these organisations need to understand that regulatory legislation rarely springs out of nowhere, and there will always be either notice or a set transition period. Johnson argues that it’s up to decision makers to keep a tab on all upcoming legislation which affect their operations and introduce a proper strategy to meet requirements over time.
Once AML compliance programmes have been updated to comply with 5MLD there is a need to review all existing customer files and ensure they have been brought up to the new standards. This is a time-consuming and costly process, notes Johnson, but regulators will expect firms to be able to demonstrate that all customer relationships have gone through adequate KYC and due diligence.
“Many organisations that don’t have the necessary processes in place to do this can find themselves neglecting the issue or manually reviewing each and every case at the cost of employee and client time.”
6MLD and Brexit
As has become the norm with Brexit, its outcome is still uncertain, but the UK is currently fighting to retain its position as a leading financial services centre, and Johnson believes that it is “certain to want to be aligned with the highest standards of financial regulation, including that relating to financial crime”.
Of course, post-Brexit, it remains to be seen how much information can and will be shared across borders to support global investigations into money laundering, tax evasion and other financial crime.