14th July 2021

What does Brexit mean for compliance programs?

The introduction of the first Anti Money Laundering Directive in the early 1990s meant the UK and the EU spent the last thirty years largely aligned in their efforts to prevent money laundering and terrorism financing. But since Brexit, the two sides have failed to establish any mechanisms to facilitate further cooperation or regulatory equivalence. Instead, they have settled for a broad agreement on shared norms.

The new landscape 

After losing the ability to passport their services, financial institutions operating in both the UK and EU have had to set up operations in what are new jurisdictions. This has doubled the amount of work for compliance teams, as they need to provide evidence that their anti-money laundering (AML) and combating the financing of terrorism (CFT) programs satisfy two different sets of criteria. For instance, due diligence on overseas customers must now meet UK and EU standards. To complicate matters further, the Brexit agreement provided little detail on the harmonization of blacklisted countries, which could lead to regulatory arbitrage as firms cut costs by servicing customers in a jurisdiction where they’re considered lower risk.  

Separate sanctions regimes also pose problems for firms operating across borders. The UK has already introduced a new regime, adding some parties to the EU’s list while removing others. Even when both authorities sanction the same person, timing and measures may diverge, as happened with Belarusian President Alexander Lukashenko in September. 

The downgrade of the UK’s status to a liaison partner of Europol and its withdrawal from Eurojust has impacted law enforcement and intelligence sharing. The UK also lost access to criminal databases and tools including the European Arrest Warrant and European Investigation Orders. Regulators may require financial institutions to help fill the intelligence gap, increasing the demands on compliance teams. 

Finally, Brexit was expected to fuel cross-border predicate crimes, making it harder for firms to track the reputation of their customers. The pandemic has slowed this effect, but other predicate crimes have thrived. Online scams soared in 2020, while fraudsters took advantage of schemes rushed out by governments to support businesses struggling through lockdown. 

Looking ahead 

The decisions made by UK regulators in the aftermath of Brexit will determine the future trajectory of the country’s compliance regime. The Financial Conduct Authority is taking a progressive approach by promoting the use of technology to tackle financial crime and giving firms access to a digital sandbox. However, the UK government’s proposed development of freeports may cause tensions as the EU believes they foster money laundering, tax evasion, and corruption.  

From the EU’s perspective, Brussels continues with its efforts to harmonize AML and CFT across the region, which has become even more urgent after the recent Wirecard scandal in Germany. The European Banking Authority has taken responsibility for publishing a single rulebook to help member states effectively implement existing rules and promote the sharing of financial intelligence. 

What are the implications? 

As long as the UK and EU remain committed to meeting the global standards set out by the Financial Action Task Force (FATF), their approaches to compliance should broadly align. That said, firms must take steps to make sure they stay on the right side of the regulators. One of the most important is to monitor changes in both jurisdictions, including sanctions updates. Identifying the countries that employ best practices can help, particularly those embracing technological innovation.   

To learn more about Brexit’s impact on the compliance landscape and the implications for your firm, download our report