Less than two weeks remain (at the time of writing) until the 3 June deadline for implementation of the EU’s most recent piece of AML legislation – its sixth directive since the bloc was formed in the early 1990s. This set of regulations is just the latest attempt to contain and prevent financial crime as modern economies, their legal structures and technology continue to rapidly evolve.
But instead of legislation evolving dynamically in line with criminal behaviour, the release of each directive over the years can be likened to the periodic and sudden shock of tightening a belt in a pair of trousers, adjusted each time as regulators struggle to engirdle and check the continuous spread of immoderate and unhealthy behaviour. Just as excess weight causes the human body to slow down and perform less efficiently, few financial experts would dispute that fraud, corruption and illicit activity can act as a major drag on economic activity.
To extend this analogy almost to its elastic limit, the cost of trying to control the ever-expanding trousers, by means of periodic belt tightening, is equivalent to the time spent on putting more national legislation in place, more resources spent on new systems and processes, more bureaucracy for customers, and almost certainly more unintended technology and legal loopholes to be exploited in the future. There has to be a better way.
In the same way we all know that having a larger or stronger belt is not a sustainable way of addressing the root causes of obesity, we need to look at the underlying behaviours of criminals and reduce the opportunities to feed the system. It is incumbent on all of us – data providers, fraud risk practitioners, technology developers, governments – to share knowledge, stress test the systems and spot the behaviours that have criminals reaching for that extra doughnut. Not just because we are required to by the regulations but because it makes good, efficient business sense. Otherwise regulators will keep adding more notches in the belt, while providers and practitioners in the market will continue trying to avoid being caught with their trousers down.
So what are the key areas to look for among the EU’s most recent belt-tightening initiatives? Diligencia’s James Redfern lists (by pure coincidence) six points:
1. Greater clarity – the definition of money-laundering has been refined and extended to now include 22 predicate offences (e.g., cybercrime, human trafficking, tax crimes) in an effort to make it easier for members states to investigate and prosecute these offences1
2. Extraterritorial reach – money laundering offences will now extend to conduct outside the EU, that benefits an EU national or a company based in the EU, even if the activity is not considered an offence in that country2
3. Data quality – there is an emphasis in the directive on institutions needing to review the quality and timeliness of their data sources to ensure robust transaction monitoring and entity screening3
4. High-risk third countries – the EU has imposed additional regulations on 21 jurisdictions which have strategic deficiencies in their AML/CFT regimes that pose significant threats to the financial system of the bloc4
5. Failure to prevent – similar to the FCPA and the UK Bribery Act, the failure to prevent money laundering offences will also now be an offence, and organisations (rather than only individuals) can also now be charged5
6. UK not included – since its departure from the EU, the UK has chosen not to implement 6AMLD, saying that existing measures and penalties already comply, if not go further, than the new regulations6