The EU's 5th Money Laundering Directive took effect on 10 January 2020. It has resulted in amendments to the 2017 Regulations, actioned within The Money Laundering and Terrorist Financing (Amendments) Regulations 2019, which is Statutory Instrument 2019/1511.
Although the changes are not especially far-reaching, they do extend the regulated sector and the situations in which enhanced due diligence (EDD) must be carried out. They also clarify that electronic identification is a suitable means of confirming identity in many situations, though note it does not require you to use electronic identification, whatever some of the companies that sell this service might tell you.
Regulated sector changes
The changes extend the regulated sector to include the following:
- Art market participants (where transactions amount to €10,000 or more, or a freeport operator)
- Cryptoasset exchange providers
- Custodian wallet providers (services to safeguard or administer crypotassets)
- Letting agents (for terms of a month or more and with a monthly rent of €10,000 or more)
Whilst this will not affect accountants directly, if they have clients in this area it will be important to ensure that they are aware of, and complying with, their new responsibilities.
In addition to these new sectors, the definition of tax advisors has been widened to include material aid, assistance or advice in connection with the tax affairs of another, whether provided directly or through a third party. This means that tax advisors, whether regulated as such or not, will be caught by the Regulations, thus creating a level playing field.
As we know, accountants and other regulated persons must identify their clients and verify their identity using a reliable and independent source. There is now an explicit clause in the Regulations that information obtained by electronic identification processes may be regarded as a reliable, independent source, as long as that process is secure from fraud and misuse and capable of providing an appropriate level of assurance that the person claiming a particular identity is, in fact, that person.
Whilst electronic means of identification had previously been permitted not meeting the client was a potentially high-risk factor. The wording in the amended Regulations makes it clear that as long as the electronic service meets the criteria for reliability verification of identity can be done remotely and does not lead to a higher risk.
If you are thinking about switching to an electronic identity service make sure that you check the service meets the requirements for reliability. Issues to consider in this respect can be found in the 2018 CCAB Money Laundering Guidance 5.3.42. You also need to check that the name you are checking electronically is the name of the person you are dealing with. In practice you may achieve this by still asking for a passport or driving licence, meeting the client or corresponding with them at their home address for example. Or if you are filing their tax returns, using the name and address used by the tax authorities will generally give sufficient assurance of identity.
Beneficial Owner Registers
The Regulations requires Member States to keep a beneficial owner register for trusts, as well as companies or similar entities. In addition, the 5th MLD requires that the register cannot now be limited to trusts with tax consequences. Details of how these additional trusts will need to register will be issued later in 2020, with the expectation that such trusts will need to be registered by 31 March 2020 or within 30 days of their creation if not already in existence.
The 5th MLD also includes a requirement to report discrepancies found in the Persons of Significant Control (PSC) register. This is to help improve the accuracy of the register as any discrepancies between the information about ownership provided by the client or potential client and the register, must be reported to the Registrar.
Guidance on how such discrepancies should be reported to the Registrar have been provided by Companies House. The guidance clarifies that a discrepancy is regarded as a material difference in the information, including missing PSCs or other inconsistencies. Spelling or similar minor errors, where it is clear what is meant, would not count as material differences, but the entity should be encouraged to update their own PSC register if this sort of mistake is noticed.
If a discrepancy is found an online form is completed to report it to Companies House, who will not inform the company that such a report has been made. They will, however, let the obliged entity (ie the firm of accountants or other regulated person making the report) know the outcome of their investigation.
Enhanced Due Diligence
The situations in which Enhanced Due Diligence (EDD) are required has been expanded by the directive. In addition to the previous situations EDD is required where either party to a transaction are established in a high-risk third country. The list of high-risk jurisdictions is that set out by the EU and may be more extensive than the FATF list.
As well as geography other risk factors now lead to a requirement for EDD, such as transactions related to oil, arms, previous metals, tobacco, ivory and protected species. Golden visa applicants (ie those seeking a visa to live in the member state in exchange for investments in business) will automatically be regarded as high risk and require EDD. There is also a requirement for EDD where transactions are complex or unusually large, whereas previously the Regulations required EDD only when both these factors were present.
The work to be done as part of EDD has also been listed in more detail and must now include:
- Obtaining additional information on the customer and their beneficial owner;
- Obtaining additional information on the intended nature of the business relationship
- Obtaining information on the source of funds and wealth of the customer and their beneficial owner;
- Obtaining information on the reasons for the transactions;
- Obtaining the approval of senior management for establishing or continuing with the business relationship;
- Conducting enhanced monitoring of the business relationship by increasing the number and timing of controls applied and selecting patterns of transactions that need further examination.
Can't identify beneficial owners?
The steps to take if you cannot identify the beneficial owners have been altered slightly. Once the firm has exhausted all possible means to identify the beneficial owner, they must take reasonable measures to verify the identity of the senior managing official in the company. There are also strict record-keeping requirements to demonstrate the work done to attempt to verify the beneficial owners or the senior person responsible for managing the entity.
Amendments to policies
Currently firms must amend their policies when new technology is adopted (Regulation 19(4)(c)), but this has been expanded to require amendments to policies where new products, new business practices (including new delivery mechanisms) or new technology are adopted. This is to ensure that anything likely to require changes to policies and procedures is considered and updated in a timely manner.
Whilst all of this is clearly a compliance burden, do remember that the purpose is to help limit the success of criminal activity, including organised crime. You are therefore doing your bit to help make criminals' lives harder!
Accountancy Europe has produced a useful factsheet on the changes
The original Regulations are in SI 2017/692
The amendments are in SI 2019/1511
ICAEW guidance on the changes can be found here
The guidance for reporting a discrepancy in the PSC register can be found here
Use this online form to make a discrepancy report
CIoT Article regarding the progress on changes expected for the registration of trusts with the TRS