AML challenges for 2021: 6MLD, Brexit and Covid-19
The New Year message on money laundering could hardly have been clearer. Just seven days into 2021, HM Revenue & Customs published its latest list of businesses fined for breaches of money laundering regulations – including a record £23.8m penalty for money transfer company MT Global. It was quite a statement of intent for the year ahead.
The next 12 months will certainly present further challenges as banks and other regulated financial institutions strive to stay on top of anti-money laundering (AML) regulation. UK-based businesses not only have to get to grips with the post-Brexit regulatory landscape, but also face compliance challenges in a number of other jurisdictions.
The European angle
In the case of Brexit, leaving the European Union will not exempt UK institutions from compliance with the bloc’s 5th Money Laundering Directive (5MLD), which came into force last January and has already been transposed into UK law. The biggest headache remaining on that front is the 5MLD requirement to create an Ultimate Beneficial Owner (UBO) register by the end of June 2021. So far, the UK authorities have published little or no guidance on what they will require in this regard, potentially leaving little time to meet the new UBO rules.
There is also the EU’s 6th Money Laundering Directive (6MLD) to worry about. In large part, the UK opted out of much of this legislation, which came into force last month – and requires full compliance by 3 June – on the grounds that most of its provisions were already enshrined in UK law. However, the government is still considering whether to change the law to make it easier to find companies criminally liable for the money laundering activities of their employees. There is an argument that the Bribery Act 2010 and the Criminal Finances Act 2017 already include sufficient provisions, but the law may yet be strengthened further, with the Law Commission currently conducting a review.
The other Brexit reality to recognise is that UK businesses that want to continue operating in the UK – through local branches, for example – will still need to comply with the letter of EU regulation on AML, including both 5AML and 6AML. There will also be regulatory work to do even for domestic businesses; the definition of “third country” under UK AML regulation is now any country outside the UK, rather than outside the European Economic Area, increasing the burden when UK banks deal with clients based in the EU.
The international outlook
Further afield, the compliance regime is also set to change in a number of jurisdictions during 2021. The stand-out example is the US, where the Anti Money Laundering Act, passed into law in December as part of a broader package of defence legislation, is widely regarded as the most significant shake-up of American AML regulation in two decades.
The legislation substantially increases the powers of the US’s Financial Intelligence Unit (FinCEN). Those institutions covered by the legislation will face additional reporting and disclosure requirements, and the regulation also creates a new whistleblower scheme. From an international perspective, one notable feature of the regulation is that it gives the US authorities new powers to subpoena foreign banks that maintain correspondent accounts in the US; the US will even be able to demand records held outside the country.
Other international territories moving forward with AML reforms include Australia and Hong Kong. Regulators in the latter jurisdiction in particular have embarked on a wave of high-profile disciplinary actions linked to AML over the past couple of years; they are now consulting on legislative changes that would incorporate recommendations made by the international Financial Action Task Force.
Meeting the challenge
With so much change on the horizon, compliance officers may be forgiven for feeling daunted by the year ahead. All the more so given the ongoing operational challenges posed by the Covid-19 pandemic. With compliance teams still largely working remotely in many jurisdictions, updating systems and practices may be problematic, particularly given the large volumes of sensitive data involved in AML compliance work.
Nevertheless, banks and other financial institutions do not have the option of ignoring legislative change. Incorporating new technologies, particularly in the areas of automation and machine learning, continues to represent banks’ best chance of fulfilling their obligations.
In a system where regulators are now emphasising a risk-based approach, such technologies become even more crucial. Artificial intelligence tools, for example, enable banks to flag transactions on the basis of contextual, real-time data. Analytics tools provide a means with which to interrogate a broader and deeper range of datasets in new ways.
With the use of such tools, the regulatory change agenda begins to look a little less intimidating. The year ahead may yet see more fines and penalties for compliance fines – both in the UK and internationally – but for institutions able to leverage innovation and technology, there are reasons to be optimistic.