Last month the EU adopted a new anti-money laundering and countering financing of terrorism package.
The sixth Anti-Money Laundering Directive (6AMLD), formally known as Directive (EU) 2018/1673, is part of the European Union’s legislative framework to combat money laundering and terrorist financing. These reforms are expected to create a more robust and transparent financial environment in the EU, enhancing the fight against financial crime and protecting the integrity of the internal market. This directive refers to mandatory registration of beneficial ownership for all foreign entities owning real estate in the EU since 2014.
Of particular interest to Malta’s economy, we find how the list of entities required to conduct due diligence and report suspicious activities has been expanded to include most of the crypto sector, luxury goods traders and high-risk sectors such as professional football clubs. Crypto-asset service providers (CASPs) will now need to apply due diligence measures for transactions of €1,000 or more.
Financial institutions, online gaming companies and cash-intensive businesses are particularly exposed to the risk of money laundering or terrorist financing. These company types are examples of obliged entities under AML (Anti-Money Laundering) rules and regulations, with legal obligations to implement measures to prevent themselves from being used for criminal activities. FIUs will have enhanced powers and access to financial, administrative and law enforcement information.
The basis of effective AML work begins with a good understanding of one’s risks, threats and vulnerabilities, with the general risk assessment being of the utmost importance. What are the key features of the 6AMLD?
To start with, this aims to harmonise the definition of money laundering offenses across EU member states, it has not been applied in the UK. This provides a unified list of 22 predicate offenses that constitute money laundering, including tax crimes, environmental crime and cybercrime. Again, here we see an extension of liability to legal persons. This means that not only individuals but also companies can be held accountable for money laundering activities if they benefit from these crimes.
As can be expected there are stricter penalties for money laundering offenses. Natural persons convicted of money laundering can face a minimum of four years imprisonment. Legal persons can face various sanctions, including exclusion from public benefits and judicial winding-up orders. A novel switch in the new directive is that it criminalises the aiding, abetting, inciting and attempting of money laundering offences. Nothing can be properly understood fully unless there is cooperation and information-sharing between member states.
This is to ensure a more coordinated approach to investigating and prosecuting money laundering offenses across the EU. Now we come across a new principle of dual criminality, meaning that the predicate offense must be a crime in both the EU member state, where the prosecution is taking place, and the country where the offense was committed.
The extension of liability to legal persons ensures that companies cannot evade responsibility for involvement in money laundering. Therefore, both individuals and entities are more likely to take AML regulations seriously due to the heightened risk of severe penalties to align with the new requirements. There is a stronger accent over emerging threats. These include crimes like environmental crime and cybercrime as predicate offenses. Framework keeps pace with evolving criminal activities.
The 6AMLD represents a significant step in strengthening the EU’s framework for combating money laundering and terrorist financing. In a data-driven financial landscape, cybercrime has become a significant concern for regulators and institutions alike, with criminals exploiting computer systems and online financial services to perpetrate money laundering, fraud and other crimes. The cost of cybercrime money laundering is expected to reach around $10.5 trillion by 2025.
The Covid-19 pandemic exacerbated the threat posed by cybercrime and money laundering methodologies. With increased online financial activity and changes in customer behaviour, criminals could target vulnerable individuals and institutions more easily and take advantage of regulatory blind spots. Cybercrime is defined as any illegal activity that involves a computer, the internet or a networked device. With the emergence and growing ubiquity of online commercial and financial services (especially since the Covid-19 crisis and in case of Malta a brief period of Grey Listing status), criminals have had greater opportunities to derive profits from online fraud and theft and, with that, a greater need to conceal the source of their illegal funds.
Given the threats and the potential for significant penalties, banks, financial institutions, gaming companies and other obligated entities should ensure that they understand the compliance risks they face and be prepared to deploy a suitable cybercrime and money laundering response. Cybercrime is considered a predicate offense because it generates illegal proceeds that need to be disguised by laundering before they can be entered into the legitimate financial system. By harmonising offences, extending liability and increasing penalties, it aims to create a more robust and consistent approach across member states. However, it also requires significant efforts from businesses and regulatory authorities to ensure effective implementation and compliance. The directive emphasises a risk-based approach, requiring entities to implement enhanced due diligence measures for high-risk clients and transactions.
Should readers require any advice or guidance on the upcoming transposition of 6AMLD and how it shall impact your firm, as well as any of your firm’s regulatory obligations, then please do not hesitate to contact PKF Academy at academy@pkfmalta.com. Lectures and individual guidance are being offered on a one-to-one basis.