The European Union Fourth Money Laundering Directive (4AMLD) was ratified by the European Parliament in 2015 and was implemented in all EU states on the 26th June 2017. It was transposed into UK law on the same date via the The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. Like previous iterations of the Money Laundering Directive, 4AMLD aims to prevent the EU’s financial system being abused for the purposes of money laundering and terrorist financing.
History of EU Money Laundering Legislation
The first Money Laundering Directive (1AMLD) was enacted by the European Union (EU) in 1991. 1AMLD’s primary focus was drugs-related offences and it introduced requirements for credit and financial institutions to verify the identity of their customers and report any suspicions of money laundering.
2AMLD replaced the first Directive in 2001 and aimed to bring the EU’s anti-money laundering framework in line with the Financial Action Task Force (FATF) recommendations of the time. 2AMLD expanded both the business covered and the predicate offences in relation to which money laundering could apply.
3AMLD, introduced by the EU in 2005, extended the scope of the AML framework by including coverage of certain non-financial businesses and professions such as legal services and accountancy. 3AMLD introduced the risk-based approach (RBA) to customer due diligence (CDD), and introduced the concept of simplified due diligence (SDD) and enhanced due diligence (EDD).
4AMLD bolsters various provisions of 3AMLD in order to curb money laundering and terrorist financing, as well as increasing ownership transparency in firms. These steps bring the EU into compatibility with the latest guidelines from the FATF, helping to ensure global consistency across AML policies.
Wider Scope of Obliged Entities:
Many firms and individuals who previously went unregulated are considered to be “obliged entities” under 4AMLD (referred to in the UK as the “regulated sector”). This means that more firms will have to comply with the Directive’s various regulations, including Customer Due Diligence (CDD) requirements. Obliged entities under 4AMLD include all credit and financial institutions, various Designated Non-Financial Businesses and Professions (DNFBPs), and gambling services (under 3AMLD, only casinos were covered).
Occasional transactions—that is, any transaction outside of a business relationship—of €10,000 or more are also covered under the regulations, as are transactions that the EU defines as a “transfer of funds” exceeding €1,000. Individual member states can set lower thresholds if they choose.
In short, 4AMLD’s revisions mean that more transactions will need to be monitored and CDD will have to be performed for more clients.
Additionally, e-money products are, for the first time, specifically regulated under The 4th AML Directive. Countries do have discretion to allow some exclusions to this regulation as long as certain conditions are met. These include restrictions that the payment instrument, such as a prepaid card, cannot hold more than €250, cannot enable more than €250 in monthly transactions, is used solely to purchase goods or services, and cannot be funded anonymously. If a country chooses to relax CDD requirements for e-money, it must still ensure that issuers carry out sufficient transaction monitoring and issuers must demonstrate that the risks associated with e-money are low.
Regardless of any thresholds or exemptions, CDD must always be performed if there is a suspicion of potential money laundering or terrorist financing. Moreover, CDD must be conducted again if there are any doubts about the adequacy and/or veracity of previously obtained information.
Updates to Ultimate Beneficial Ownership (UBOs):
EU countries must now require entities in their jurisdiction to keep up-to-date ownership information in a central registry that is accessible to authorities, obliged entities, and public persons with a legitimate interest, such as journalists or NGOs.
Additionally, the definition of an ultimate beneficial owner (UBO) has been modified. The key factor in determining who is the UBO is still owning or controlling more than 25% of the shares or voting rights in a legal entity, but 4AMLD allows for senior managing officials to be treated as beneficial owners in cases where the above criteria cannot be determined.
Expansion of the Risk-Based Approach:
4AMLD further stresses the necessity of a risk-based approach (RBA) and strengthens RBA requirements. Obliged entities will need to identify and assess risk, considering factors such as customers, countries or geographic areas, products, services, transactions or delivery channels. These risk assessments will need to be kept up-to-date and made available to regulators. Larger companies may also be required to commission an independent audit of their compliance procedures.
4AMLD also removes blanket exemptions that allow automatic use of Simplified Due Diligence (SDD). To use SDD, firms must now actively demonstrate low risk and provide a robust rationale for its use. The expectation is that fewer customers will qualify for SDD and more will require either CDD or EDD.
The revised regulations also mandate that obligated entities have in place risk-based procedures to determine whether customers or ultimate beneficial owners are politically exposed persons (PEPs). They clarify that Enhanced Due Diligence (EDD) must always be applied to PEPs and that senior management approval is required to establish or continue a business relationship with a PEP. In addition, both domestic and foreign PEPs are now covered under 4AMLD (previously, domestic PEPs were not subject to EDD). EDD procedures must continue for at least 12 months after a PEP leaves office, although member states may impose a longer period.
4AMLD makes tax crimes predicate offences and brings tax advice provided by lawyers within the scope of their reporting obligations.
Trustees of express trusts are required to obtain and hold adequate, accurate and current information about the trust’s settlor, trustees, protector, and beneficiaries (or classes of beneficiaries) and to make this information available to obliged entities.
The sanctions for firms and individuals who don’t comply with the Fourth Money Laundering Directive have also been updated – and it is now mandatory for EU countries to impose these sanctions. Those who violate 4AMLD’s provisions will face a maximum fine of at least twice the amount of the benefit derived from the breach or at least €1 million.
For breaches involving credit or financial institutions, the penalties are even steeper: legal persons will receive a maximum fine of at least €5 million or 10% of total annual turnover, while natural persons will receive a maximum fine of at least €5 million.
Politically Exposed Persons:
4AMLD expanded the criteria of a politically exposed person to now include domestic politically exposed person.
EU legislators have already signalled plans for amendments to 4AMLD in the form of the 5th Money Laundering Directive and the 6th Money Laundering Directive.