Developments are underway as the EU fortifies its AML/CFT framework with a robust legislative package designed to standardize rules across member states and enhance oversight. The package includes key elements such as the AML/CFT Regulation (AMLR), the 6th AML/CFT Directive (AMLD6), the establishment of the AML/CFT Authority (AMLAR) for EU-wide supervision, and the recast Transfer of Funds Regulation (TFR) to improve crypto-asset transfer traceability.
Notable AMLA functions cover supervisory methodologies, a central AML/CFT data repository, and collaboration with national supervisors via joint supervisory teams for inspections and reviews.
However, we continue to encounter specific questions daily as a team, discussing how to proceed once the Package is fully implemented across the EU:
- What are the implications of introducing annual supervisory fees on OEs directly supervised by AMLA? Will this approach be fair compared to institutions that do not fall under AMLA’s direct supervision? What difficulties will the introduction of beneficial ownership, bank account, and real estate registers pose for the private sector? Additionally, what will be the anticipated implementation timeline?
- What implications will the private sector face should the FIAU increase the current maximum 3 day period of withholding or suspending the execution of a transaction to the maximum 10 day timeframe being possibly allowed by the new AML package?
- New obliged entities:
· Dealers in precious metals and stones
· Dealers in high value goods
· Traders or intermediaries of cultural goods
· Crowdfunding service providers and crowdfunding intermediaries
· Credit intermediaries
· Investment migration operators
· Professional football clubs and agents
This introduces a fresh array of challenges for both the private sector and the FIAU. What resources and timelines are anticipated for new OEs to align themselves with these regulatory requirements?
- How will OEs be able to determine that the sibling of one of their customers is a PEP, especially in situations where there are issues between the PEP and their sibling (such as no relationship or lack of communication)? Should the sibling still be considered a PEP?
- There should be a clearer regulatory framework established for Virtual IBANs, with authorities providing additional guidance on what qualifies as a virtual IBAN.
- What impact will this new AML package have on ongoing monitoring obligations? Will OEs be expected to carry out an immediate review of their entire customer base, or can updates be made during the routine ongoing monitoring reviews?
- It is stated that the frequency of updating customer information should be determined by the risk associated with the business relationship, with a maximum interval of 1 year for higher-risk customers and 5 years for others. Is this a start for moving away from the Risk Based Approach?
- Given the constitutional issues currently being faced by sanctions issued by the FIAU, what implications will the issuance of sanctions by AMLA have on the Maltese jurisdiction?
Considering the numerous grey areas noted, there are high expectations that all stakeholders receive further clarifications before the new regulatory framework becomes applicable.