A Guide to Anti-Money Laundering for Crypto Firms
Today, is the deadline for the 4th Money Laundering Directive (4MLD) to be implemented across Europe. As European companies rush to integrate key changes needed for KYC processes such as domestic PEP screening and other due diligence practises we highlight the changes affecting transaction monitoring programmes.
Transaction monitoring allows firms to identify suspicious financial activity by evaluating whether or not a pattern of transactions is expected for a certain customer. If a customer deviates from “normal activity”, such as dealing in values of money they wouldn’t be able to earn, this could be an indication that an illicit activity is occurring. Transaction monitoring has always been a recommended part of an AML/CTF regime, but now its requirement is much more clearly stated.
The requirement to perform transaction monitoring remains as an element of effective Customer Due Diligence expected to be carried out by all regulated firms. The exact wording for this requirement is below. 4MLD also brings in transaction monitoring changes to the pre-existing requirements for both simplified and enhanced due diligence at onboarding and for ongoing monitoring, these are also listed below.
Where is the Transaction Monitoring requirement in 4MLD?:
In 4MLD, the main section relating to the need to perform Transaction Monitoring is Article 13 part 1(d), which reads as follow:
Part 1 , Customer due diligence measures shall comprise:
(d) conducting ongoing monitoring of the business relationship including scrutiny of transactions undertaken throughout the course of that relationship to ensure that the transactions being conducted are consistent with the obliged entity’s knowledge of the customer, the business and risk profile, including where necessary the source of funds and ensuring that the documents, data or information held are kept up-to-date.
In the UK 4MLD is being transposed via the Money Laundering Regulation 2017. In the current draft of the 2017 Money Laundering Regulations, the wording relevant to transaction monitoring will remain the same as in the Money Laundering Regulations 2007 but move from Section 8(2)(a) to Section 28(11)(a). The transposed version appears differently than in the Directive, and will read as follows:
11) The relevant person must conduct ongoing monitoring of a business relationship, including –
Scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person’s knowledge of the customer, his business and risk profile;
What’s new in the directive?
Simplified Due Diligence – Article 15
The exemption from the need to carry out ongoing monitoring of transactions for customer relationships subject to Simplified Due Diligence (SDD) procedures has been replaced with an express requirement to carry out sufficient monitoring of such transactions. While SDD is only applicable in low-risk scenarios, now firms must also consider whether a transaction monitoring system is necessary or desirable to ensure the detection of suspicious behaviour in such transactions.
3) Member States shall ensure that obliged entities carry out sufficient monitoring of the transactions and business relationships to enable the detection of unusual or suspicious transactions.
Enhanced Due Diligence – Article 18
Enhanced Due Diligence (EDD) must be performed in high risk scenarios. These might be transactions or relationships involving high-risk geographies and the high risks listed in Appendix III of 4MLD. As part of EDD, covered entities must have systems in place to spot and monitor unusual patterns of transactions, such as through the use of a Transaction Monitoring system. This clarifies that regulators will now expect a formal Transaction Monitoring system to be in place when conducting EDD.
2. Member States shall require obliged entities to examine, as far as reasonably possible, the background and purpose of all complex and unusually large transactions, and all unusual patterns of transactions, which have no apparent economic or lawful purpose. In particular, obliged entities shall increase the degree and nature of monitoring of the business relationship, in order to determine whether those transactions or activities appear suspicious.
Due Diligence for E-Money Issuers – Article 12
For electronic money issuers who have a transaction monitoring system in place, 4MLD offers the potential to reduce some of the compliance burden associated with CDD. The directive removes the requirement to perform CDD in low-risk uses of electronic money when the below requirements are met.
1. By way of derogation from points (a), (b) and (c) of the first subparagraph of Article 13(1) and Article 14, and based on an appropriate risk assessment which demonstrates a low risk, a Member State may allow obliged entities not to apply certain customer due diligence measures with respect to electronic money, where all of the following risk mitigating conditions are met:
(a) the payment instrument is not reloadable, or has a maximum monthly payment transactions limit of EUR 250 which can be used only in that Member State;
(b) the maximum amount stored electronically does not exceed EUR 250;
(c) the payment instrument is used exclusively to purchase goods or services;
(d) the payment instrument cannot be funded with anonymous electronic money;
(e) the issuer carries out sufficient monitoring of the transactions or business relationship to enable the detection of unusual or suspicious transactions.
What is interesting about this requirement is that it explicitly stipulates the need for a sufficient transaction monitoring system to be in place. E-money issuers who are not conducting comprehensive transaction monitoring yet, or are stuck in manual spreadsheets, should use this as an opportunity to migrate to an automated transaction monitoring solution to make it easier to comply with this new and complex regulation.
Transaction Monitoring regulations worldwide
Transaction Monitoring is increasingly becoming a necessary requirement for regulators around the world. Earlier in the year, New York’s Department of Financial Services implemented Rule 504, which made having a proven Transaction Monitoring solution necessary for compliance. Last month the Wolfsberg Group issued guidance on PEPs which also promoted the “enhanced monitoring” of the accounts of high-risk PEPs. 4MLD echos these recommendations by including Transaction Monitoring in all levels of due diligence.
At ComplyAdvantage we work with companies to help them automate their transaction monitoring to identify suspicious activity in real time or retrospectively, whilst minimising unnecessary alerts. Our solution is available through a modern, flexible REST API or batch upload, to implement quickly, easily and securely.
To find out more about ComplyAdvantage’s industry leading Transaction Monitoring solution download our brochure here.
Originally published June 26, 2017, updated November 17, 2021
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).