FinanceDublin.com - Sponsor Article


Financial Law Update	Back to article summary.

Delay to Third Money Laundering Directive helps industry to plan for implementation

Joe Beashel

The Third Money Laundering Directive's delayed enactment will have been met with some approval from industry, given the recent efforts taken to implement MiFID and the Capital Requirements Directive in 2007. The Bill will now hopefully be passed into law before the summer recess of the Oireachtas, and give firms time to plan for implementation, writes Joe Beashel.

It is probably true to say that the delayed enactment of the Third Money Laundering Directive (2005/60/EC) (the ‘Directive’) was welcomed by industry given the intense efforts to implement the Markets in Financial Instruments Directive and the Capital Requirements Directive last year. Due for implementation on 15 December last, it is now likely to be implemented in quarter 3 of this year. The Department of Justice, Equality and Law Reform published the General Scheme of a Criminal Justice (Money Laundering) Bill 2008 (the ‘Bill’) on 12 February 2008 and invited submissions on the text up to 14 April next. It is hoped to have the Bill passed into law before the summer recess of the Oireachtas and to allow a lead in time for affected firms to plan for implementation.

Joe Beashel

The Bill updates Irish legislation in line with the revised Financial Action Task Force (FATF) 40 Recommendations and was published at a time when FATF will review its assessment of Ireland following its last formal review in July 2005. In its February 2006 Report FATF found some Irish anti-money laundering and counter terrorist financing (‘AML/CTF’) provisions lacked precision in critical areas, in particular the FATF inspectors focuses on certain aspects of the current customer due diligence process, the enforceability of the industry guidance notes and the relative lack of powers of the Financial Regulator.

We welcome the fact that the Bill seeks to implement the Directive with no, so called, ‘gold plating’ planned even though this is expressly permitted in Article 5. The Bill addresses almost all of the issues raised by FATF. In addition, it will repeal sections of the current Criminal Justice Act, 1994 (principally section 31, 32, 57, 57A and 58(2)) to provide a consolidated AML statute. As currently drafted, the Bill does not also consolidate those parts of the Criminal Justice Act 1995 which deal with the financing of terrorism. We would suggest that it would be preferable if there could be a single consolidated statute which covered both anti-money laundering and the financing of terrorism.

Risk Based Approach
A key change to current AML/CTF requirements will be the ability to adopt a risk based approach to the customer due diligence process. By providing for risk sensitivity, the draft legislation enables designated bodies to target resources towards areas identified as being at high risk of money laundering and terrorist financing, while reducing the requirements where the risks are substantially mitigated. Implementing measures of risk sensitivity will require planning and systems changes to incorporate each variable such as customer type, product range, processes as well as other external factors. This will require some forward planning including:

(a)the identification of risks within the external environment in which they operate;
(b)the assessment of the risks presented by customers, products, delivery channels, geographical area of operation;
(c)the design and implementation of controls to manage and mitigate those risks;
(d)the monitoring and improvement operational controls; and
(e)the recording what was done and why.

The old Guidance Notes issued by the Money Laundering Steering Committee will be updated. There will be a core set of guidance for all industry sectors and separate industry specific additions. The current draft of the new Guidance Notes are less prescriptive in many ways than the current Guidance Notes, as they necessarily reflect the risk based approach described above.

It will be important for designated bodies to identify and document the full range of risks that their firm is exposed to. FATF published, in June 2007, a useful guide entitled ‘Guidance on the Risk-Based Approach to Combating Money Laundering and Terrorist Financing’ which is available from the FATF website. Elements of this document are also contained in the latest draft of the new Guidance Notes.

Like many recent regulatory developments the Bill emphasises the importance of the board of directors taking ultimate responsibility to be able to demonstrate that they have implemented ‘adequate and proportionate [AML/CFT] policies and procedures’. In terms of implementing the risk based approach certain strategic decisions will need to be taken and we would recommend that firms document how and why particular decisions are made and present those decisions to the board of directors for discussion and approval.

Although a formal sign-off is not specifically required this statutory provision will ensure that AML/CFT will need to be addressed at board level both in the context of adopting to the new requirements imposed by the Directive and on an ongoing basis.

Beneficial Owner
The Directive requires the identification of the beneficial owners of each customer which is the ’natural person’ who ultimately owns or controls the customer. This will likely be problematic in some cases not least because existing systems will require upgrading to capture the required information.

Politically Exposed Persons (‘PEP’s’)
With many international banks, investment firms and investment funds operating across multiple jurisdictions, the identification of PEP’s will present challenges. The Bill requires that a designated body must determine whether a customer is a PEP, identify source of wealth, conduct enhanced ongoing monitoring of the business relationship for at least one year after they stop qualifying as a PEP and to obtain senior management approval for each relationship.

A ‘politically exposed person’ means a natural person who is or has been entrusted with prominent public functions, their immediate family members, or persons known to be close associates of them.’

The Bill is clear that enhanced CDD measure need not be performed on domestic (i.e. Irish) PEPs.

Reliance on Third Parties
The Bill proposes to introduce a clear statutory basis for a designated body to rely on third parties to carry out the customer due diligence process. The key requirement is that the third party must immediately make available copies of the documentation they obtained as part of their due diligence on request. This statutory requirement to produce copy documentation immediately on request will restrict the ability to rely on third parties in countries such as Switzerland and Luxembourg which have strict bank secrecy laws.

Powers of Financial Regulator
One of the more important observations of FATF in its report was that the ‘…guidance notes do not impose mandatory requirements with sanctions for non-compliance as required by the FATF Recommendations’ and further that ‘..the range of sanctions available specifically for AML/CFT breaches is limited….’
Both are addressed in the Bill, the Financial Regulator will have the power to issue and/or approve guidance notes and to apply the full rigour of its administrative sanctions to any breaches.

Conclusion
The implementation of the Directive is the most significant change in the law and practice related to AML/CFT in many years. The introduction of a risk based approach to customer due diligence will allow designated bodies the ability to tailor the amount of documentation required to identify and verify customers which is to be welcomed. Before a risk based approach can be applied a detailed risk assessment will need to be undertaken. While less work might be required in some areas, more might be required in others, for example obtaining details of the beneficial owner, and more ongoing monitoring of the client relationship. The Bill will strengthen the powers of the Financial Regulator as the competent authority for financial services providers, as well as law enforcement generally.

Like almost all new regulatory developments the responsibility of the board of directors is emphasised. We recommend that firms address the implementation of the Directive at board level and start the implementation project now. Although the effective date for implementation is still several months away, indeed it is not entirely clear yet, it is clear that processes, procedures, and systems will have to be updated and staff re-trained all of which take time to plan and implement.

While implementation of the Directive will be a challenge this year at least it didn’t have to be done at the same time as the CRD and MiFID!

Joe Beashel is a partner in the Banking and Financial Services Department at Matheson Ormsby Prentice and is Head of the Regulatory Risk Management and Compliance Group. Joe can be contacted at +353 1 232 2000 or at joe.beashel@mop.ie