Over the past two decades, the European Union (EU) has sought to establish a coherent and effective approach to prevent the misuse of the financial system for money laundering and terrorist financing (ML/TF).[1] That approach, which began with the EU’s First Anti-Money Laundering (AML) Directive,[2] gradually expanded into an extensive regulatory framework.
By 2018, that framework included setting up publicly available registers for companies; enhancing the powers of EU Financial Intelligence Units, which serve as national centers to receive and analyze suspicious transaction reports and other information relevant to money laundering and terrorist financing[3]; broadening the criteria for the assessment of high-risk third countries; and improving cooperation and enhancing information-sharing between AML supervisors.[4]
That same year, however, the Danske Bank scandal revealed that the bank’s Estonian branch had processed approximately $234 billion in suspicious transactions by thousands of non-resident customers between 2007 and 2015.[5] That scandal sharply exposed the weaknesses and limitations of the EU framework and of oversight by national AML and bank regulators.
In 2019, after the EU issued the Sixth AML Directive,[6] which established minimum rules on criminal liability for money laundering, the EC issued a communication on better implementation of the EU’s anti-money laundering and countering the financing of terrorism (AML/CFT) framework, along with four reports.
Those reports provided (1) a supranational risk assessment of the ML/TF risks affecting the EU, (2) an assessment of the framework for FIUs’ cooperation with third countries, (3) an assessment relating to EU Member States’ national registries and national central electronic data retrieval systems on bank accounts, and (4) an assessment of recent alleged money-laundering cases involving EU credit institutions.[7] Together, the communication and reports “highlighted fragmentation of rules, uneven supervision and limitations in the cooperation among financial intelligence units across the EU.”[8]
On May 9, 2020, the EC announced its latest initiative to strengthen the EU’s ML/TF response: an action plan for a comprehensive European Union policy on ML/TF prevention.[9] That Action Plan described the EU’s ML/TF regulatory framework as “solid,” but conceded that “there is growing consensus that the framework needs to be significantly improved.”[10] To that end, the Action Plan organized its proposed course of action under six points (designated as “pillars”).
Pillar 1: Effective Application of EU Rules
In this pillar, the EC stated that its first priority “is to ensure that EU AML/CFT rules are rigorously and effectively implemented by Member States, competent authorities and obliged entities.”[11] In a press release, it commented that it “encourages” the European Banking Authority (EBA) to make full use of its new powers under Regulation (EU) 2019/2175 [12] to tackle money laundering and terrorist financing.[13] The Action Plan stated, more emphatically, that the EC “expects the EBA to make full use of its strengthened powers, particularly in relation to investigating whether a national supervisor has breached Union law in carrying out its tasks.”[14]
Pillar 2: A Single EU Rulebook
This pillar stems from the EC’s concern that EU Member States tend to apply EU AML/CFT rules “in a wide variety of different manners,” and that diverging interpretations of those rules lead to loopholes in the EU system, which criminals can exploit. In response, the EC said that it will propose “a more harmonised set of rules.”[15] It set out various measures designed to achieve greater harmonization, including turning certain parts of AML directives “into directly applicable provisions set out in a Regulation.”[16]
Pillar 3: EU-Level Supervision
In this pillar, the EC stated that “currently it is up to each Member State to individually supervise EU rules in this area and as a result, gaps can develop in how the rules are supervised.”[17] The EC therefore announced its intention to propose setting up an EU-level AML/CFT supervisor. It explained that the EU-level supervisor “will need to be entrusted with very clear powers to oversee and instruct national authorities to carry out different AML/CFT related tasks, and to enhance coordination with supervisors from outside the EU.”[18] It also proposed various options for the authority to be vested in the EU-level supervisor, the scope of that supervision, and the EU body through which that supervision would be ensured.
Pillar 4: Coordination and Support Mechanism for Member State Financial Intelligence Units
In this pillar, the EC pointed out that with regard to FIUs’ responsibility for reviewing suspicious transaction reports, “[m]ost suspicious transactions reported to FIUs have a cross-border dimension, but joint analysis remains limited,” which “results in missing links to identify cross-border cases.”[19] To remedy those weaknesses, the EC proposed an FIU coordination and support mechanism at EU level. That mechanism “would take a leading role to coordinate the work of national FIUs,” including “identification of suspicious transactions with a cross-border dimension, joint analysis of cross-border cases, identification of trends and factors relevant to assessing the risks of money laundering and terrorist financing at national and supranational level.”[20]
Pillar 5: Enforcement of EU-Level Criminal Law Provisions and Information Exchange
In this pillar, the EC deemed it “critical to build capacity at EU level to investigate and prosecute financial crime.” It expressed its full support for the new Europol European Economic and Financial Crimes Centre (EFECC), touting it as “a natural counterpart to the EU support and coordination mechanism for FIUs.”[21]
Pillar 6: Strengthening the International Dimension of the AML/CFT Framework
In this Pillar, the Action Plan stated that “the new, comprehensive approach to AML/CFT that the EU needs requires a stronger role for the EU in setting” international standards such as those the Financial Action Task Force (FATF) successfully has created for many years.[22] It noted that the EC will identify countries that pose a specific threat to the EU’s financial system, using an autonomous revised methodology “that takes due account of the synergy with the FATF listing process, an enhanced dialogue with third countries carried out in cooperation with the European External Action Service (EEAS), and close consultation of Member States experts.”
Based on the revised methodology, which the EC published at the same time as the Action Plan,[23] this proposed process will involve the EC, in cooperation with the EEAS (the EU’s diplomatic service), “engaging with third countries where shortcomings are identified on a preliminary basis, in view of developing, where possible, an action plan to address those concerns.”[24]
Timing
The Action Plan makes clear that the EC intends to pursue all six pillars within the next year.[25] In addition, the EC announced that it is conducting a public consultation in parallel with the Action Plan.[26] That consultation, which will extend from May 9 to July 29, 2020, particularly welcomes comments from “Member States, national and EU competent authorities, as well as businesses and service providers that are subject to [AML/CFT] rules.”[27]
Conclusion
The Action Plan provides a highly ambitious roadmap for strengthening the EU’s ML/TF capacity. In issuing the Action Plan at this time, the EC is implicitly putting great faith in the ability of EU agencies and national authorities to carry out these measures during a period when the devastating effects of the coronavirus pandemic on EU and national budgets have yet to be fully tallied.
Moreover, it is not yet clear whether the EBA is truly ready and able to live up to the EC’s expectations that the EBA will make full use of its enhanced AML/CFT supervisory powers across the EU. Only last year, in connection with the Danske Bank scandal, the EBA board of supervisors voted to close down an investigation into reported supervisory failings by Danish and Estonian regulators, without adopting any findings.[28] Even after the EBA subsequently received its expanded powers, its 2020 report on national regulators’ implementation of AML/CFT measures mildly remarked that “most competent authorities experienced challenges in operationalising the risk-based approach to AML/CFT,” and that “competent authorities’ approaches to the AML/CFT supervision of banks were not always effective.”[29]
Companies and financial institutions doing business within the EU may take some comfort from the EC’s statement that, in pursuing its Action Plan, “it will be important to keep additional financial and administrative burdens for Member States and obliged entities to a minimum, and to follow a risk-based approach.”[30] Even so, they should peruse the Action Plan and consider filing comments with the EC during the public consultation period. Because the economic blight of coronavirus will likely continue to afflict the private and public sectors well beyond the second quarter of 2021,[31] the EC will need informed commentary and guidance on the Action Plan’s recommendations and options if it is to set realistic expectations about any new or increased regulatory burdens that implementation of the Action Plan may create.
Footnotes
[1] See European Commission, Anti-money laundering and counter terrorist financing, available at https://ec.europa.eu/info/business-economy-euro/banking-and-finance/financial-supervision-and-risk-management/anti-money-laundering-and-counter-terrorist-financing_en (accessed May 28, 2020).
[2] Council Directive 91/308/EEC, of 10 June 1991, Prevention and Use of the Financial System for the Purpose of Money Laundering, 1991 O.J. (L 166) 77.
[3] See Egmont Group, Financial Intelligence Units (FIUs), https://egmontgroup.org/en/content/financial-intelligence-units-fius (accessed May 28, 2020).
[4] See European Commission, supra note 1.
[5] See, e,g., Richard Milne and Daniel Winter, Danske: anatomy of a money laundering scandal, FINANCIAL TIMES, December 19, 2018, available at https://www.ft.com/content/519ad6ae-bcd8-11e8-94b2-17176fbf93f5.
[6] Directive (EU) 2019/1153 of the European Parliament and of the Council of 20 June 2019, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences, 2018 O.J. (L. 186) 122, available at https://eur-lex.europa.eu/eli/dir/2019/1153/oj.
[7] See Communication from the Commission to the European Parliament and the Council, Towards better implementation of the EU’s anti-money laundering and countering the financing of terrorism framework, COM(2019) 360 final (July 24, 2019), available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52019DC0360.
[8] See European Commission, Release: Action plan for a comprehensive Union policy on preventing money laundering and terrorism financing (May 7, 2020), available at https://ec.europa.eu/info/publications/200507-anti-money-laundering-terrorism-financing-action-plan_en.
[9] See id.
[10] European Commission, Communication from the Commission on an Action Plan for a comprehensive Union policy on preventing money laundering and terrorist financing, C(2020) 2800 final at 2 (May 7, 2020) (Action Plan), available at https://ec.europa.eu/finance/docs/law/200507-anti-money-laundering-terrorism-financing-action-plan_en.pdf (PDF: 500.56 KB).
[11] Action Plan, supra note 10, at 3.
[12] Regulation (EU) 2019/2175 of the European Parliament and of the Council of 18 December 2019, 2019 O.J. (L 334) 1, available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32019R2175.
[13] European Commission, Release: Commission steps up fight against money laundering and terrorist financing (May 7, 2020), https://ec.europa.eu/commission/presscorner/detail/en/ip_20_800.
[14] Action Plan, supra note 10, at 4.
[15] European Commission, Release, supra note 13.
[16] Action Plan, supra note 10, at 5.
[17] European Commission, Release, supra note 13.
[18] Action Plan, supra note 10, at 8.
[19] Id. at 11.
[20] Id.
[21] Id. at 13.
[22] Id. at 14.
[23] See European Commission, Commission Staff Working Document, Methodology for identifying high-risk third countries under Directive (EU) 2015/849, SWD(2020) 99 final (May 7, 2020), available at https://ec.europa.eu/info/sites/info/files/business_economy_euro/banking_and_finance/documents/200507-anti-money-laundering-terrorism-financing-action-plan-methodology_en.pdf (PDF: 1.49 MB).
[24] Action Plan, supra note 10, at 15.
[25] See id. at 16-17.
[26] See European Commission, Public Consultation: Money laundering & terrorism financing – action plan (May 7, 2020), https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12176-Action-Plan-on-anti-money-laundering/public-consultation.
[27] Id.
[28] See Jim Brunsden, EBA faces calls to reform after dropping Danske Bank probe, FINANCIAL TIMES, April 28, 2019, available at https://www.ft.com/content/377f4b60-698f-11e9-80c7-60ee53e6681d.
[29] European Banking Authority, EBA Report on Competent Authorities’ Approaches to the Anti-Money Laundering and Countering the Financing of Terrorism Supervision of Banks, EBA/Rep/2020/06 at 4 (February 2020), available at https://www.abbl.lu/content/uploads/2020/02/Report-on-CA-approaches-to-AML-CFT1.pdf (PDF: 1.61 MB).
[30] Action Plan, supra note 10, at 6.
[31] See, e.g., Centre for Risk Studies, Cambridge Judge Business School, Economic impact, May 19, 2020, (accessed May 29, 2020).
Jonathan J. Rusch is Principal of DTG Risk & Compliance, a consulting firm specializing in corporate-compliance issues, and a Senior Fellow of the Program on Corporate Compliance and Enforcement at New York University School of Law.
Disclaimer
The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of New York University School of Law. PCCE makes no representations as to the accuracy, completeness and validity of any statements made on this site and will not be liable for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with the author.