The European Union 5th Money Laundering Directive

On 10 January 2020, the European Union’s (EU) 5th Money Laundering Directive (5MLD) became effective. Officially known as EU Directive (EU) 2018/843, 5MLD was proposed by the EU Commission in July 2016 following the “Panama Papers” scandal and “as part of its Action Plan to enhance measures to better counter the financing of terrorism and to ensure increased transparency of financial transactions.” Additional reasons for introducing 5MLD include the adoption of cryptocurrencies and other digital channels in money laundering, changes in terrorist modus operandi, and implementing Financial Action Task Force recommendations. 5MLD amends and expands on the fourth Money Laundering Directive and increases “transparency of beneficial ownership information, gives Financial Intelligence Units wider access to information, enhances the cooperation between supervisors, and regulates virtual currencies and prepaid cards to better prevent terrorist financing.”

Summary of Changes

On 9 July 2018, the European Commission published a Fact Sheet regarding the amendments for 5MLD. Five prominent changes from the Fact Sheet include: 

Extending Anti-Money Laundering (AML) and Counter Terrorism Financing (CTF) regulations to virtual currencies and limiting use of prepaid cards.

  • Enhancing transparency of beneficial ownership information for companies and trusts by establishing Member State beneficial ownership registers. 
  • Broadening access to information for national Financial Intelligence Units through the creation of Member States’ bank account registers, centralised at the EU level. 
  • Improving information-sharing between anti-money laundering supervisors and with the European Central Bank.
  • Establishing standardised criteria for assessing high-risk third countries and Enhanced Due Diligence on transactions involving high-risk third countries. 

5MLD requires EU Member States to have had “beneficial ownership registers set up for corporate and other legal entities by 10 January 2020 and for trusts and similar legal arrangements by 10 March  2020. Central registers should be interconnected via the European Central Platform by 10 March 2021. Member States should also set up centralised automated mechanisms allowing the identification of holders of bank and payment accounts and safe-deposit boxes by 10 September 2020.” 5MLD also requires Member States and international organisations accredited to them to issue and maintain a list of offices and functions that qualify as politically exposed persons (PEP).

Additionally, 5MLD expands the types of obliged entities defined under 4MLD that must comply with the new AML/CTF regulations. Some of the newly added obliged entities under 5MLD include: (1) providers engaged in exchange services between virtual currencies, fiat currencies, and custodial wallets; (2) certain persons involved in the works of art trade; and (3) external accountants and tax advisors that provide advice on tax matters as principal business or professional activity.”

What This Means for Financial Institutions

All obliged entities within the newly regulated scope should know how 5MLD impacts their risk appetite, controls, procedures, and processes. However, it is especially crucial for entities currently operating in the cryptocurrency markets and doing business with cryptocurrency service providers. 
To that end, failure to take steps to comply with 5MLD puts obliged entities at risk of fines or other types of civil penalties. As Member States strengthen their roles as competent authorities with designated AML/CTF responsibilities for cryptocurrency platforms, obliged entities should consider the following:

  • Adopting and maintaining a risk-based policy framework that meets 5MLD regulatory guidelines.
  • Identifying and addressing, where necessary, perceived vulnerabilities to their policy frameworks, ensuring that when a risk-based approach indicates a higher level of risk, the appropriate checks are defined and in line with the 5MLD.
  • Applying a risk-based approach when assessing and categorising high-risk customers, relationships, and products, particularly those associated with cryptocurrency. 

What You Should Be Doing Now

Obliged entities should now be evaluating the effectiveness of their policies, procedures, and technological infrastructure responsible for adequately mitigating risks as applicable to 5MLD. Specifically, obliged entities such as firms involved with cryptocurrency will need to review their policies and procedures for effectiveness related to the collection of Ultimate Beneficiary Ownership Data, reporting of cryptocurrency-related suspicious transactions and activities, and maintaining adequate PEP lists. Obliged entities should also be assessing their business operating model to adapt to the new regulatory environment and evaluating other potential areas of inquiry by EU regulatory authorities associated with 5MLD.

How Guidehouse Can Help You

Guidehouse can rapidly review and assess your financial crime framework to determine whether it is operationally effective and meets the new regulatory expectations. Guidehouse can identify financial crime framework gaps, advise on optimal solutions to weaknesses identified, and identify areas (e.g., products, services, clients, and relationships) that pose a higher degree of risk. 

Guidehouse has in-depth knowledge of the regulatory environment and financial institution processes and regulatory requirements in the EU and globally. Guidehouse’s relevant expertise includes the following: 

  • Framework Risk Assessments 
  • Transaction and Customer Reviews
  • Operational Effectiveness
  • Compliance Technology Services 
  • Investigational and Operational Services
  • Training
Special thanks to Timothy Gore who contributed to this alert.
Back to top