Money
laundering (ML) has devastating consequences. It promotes crime and
corruption that weaken our economies and damage social wellbeing.
Citizens and governments lose over €110 billion to financial crime and 2
to 5% of global GDP is estimated to be laundered every year. It is
critical to ensure that the fight against money laundering and terrorist
financing (TF) is effective and efficient.
This has led Accountancy Europe to issue the publication Building an effective anti-money laundering ecosystem which recommends how to better implement the existing anti-money laundering (AML) legislation.
We do this ahead of the European Commission (EC) proposals (expected
in July 2021) to strengthen these rules and how they are supervised.
AML as an ecosystem
Our recommendations have a wider remit than the enhanced EU AML
rules. Complying with these is not enough to effectively stand up to
criminals. We look at AML as an ecosystem where obliged entities (OEs),
supervisors and policy makers cooperate and take charge of their
responsibilities to mitigate AML risks.
Who are the obliged entities?
OEs are grouped in financial entities such as banks and insureres and
non-financial such as auditors, external accountants, lawyers. They are
required by the EU AML legislation to have procedures in place designed
to assess and mitigate ML/TF risks.
Check our 9 recommendations to build a more effective AML ecosystem:
Obliged entities need to proactively manage AML risks
Recent AML scandals such as Luanda Leaks, FinCEN Leaks and the Panama
Papers highlighted deficiencies in how OEs implement AML policies. We
believe that they should take a more risk-based approach to understand
the ML threats and take the right action.
We propose three actions for OEs to shift from reactive, to proactive and preventive AML risk management:
1. better recognise and mitigate AML risks
through discussing with supervisors and policy makers, AML training and better understanding sector specific risks.
2. strengthen risk-based systems and controls
to assess whether they can deal with the risks identified, regardless of OEs’ size and complexity.
3. leverage technology
to increase AML efficiency and quality. For example, in remote client onboarding and collecting client information on clients.
Obliged entities need to improve governance to strengthen AML
Integrating AML in the governance structures can improve an OE’s risk
overview and management. It can also allow an OE to be proactive on AML
risks and ensure ongoing monitoring, reporting and oversight. We
recommend the following 3 actions for boards and management.
4. boards should build a strong AML culture
Boards should foster a culture that supports AML risk awareness,
behaviours and judgments about risk and provide escalation mechanisms.
They need to challenge AML policies to ensure these align with their
business activities’ inherent risks.
5. management should implement effective risk management
In line with the board’s guidance, management’s role is to implement
effective risk management and risk reporting obligations. Management
should be able to recognise AML risks, monitor these and allocate
adequate resources to establish a control framework that can manage and
mitigate those risks.
6. Obliged Entities should establish three lines of defence
Entities should establish three lines of defence to ensure sound ML/TF risk management:
- management control over business operations
- risk controls and compliance
- internal audit to evaluate the risk management and controls
Reinforcing the regulatory and supervisory framework
Supervision and regulation need to be modernised as well to ensure
the AML ecosystem functions properly. To further reinforce the
regulatory and supervisory framework we recommend for supervisors and policymakers to:
7. enhance cooperation amongst member states
Information and knowledge sharing between national supervisory
authorities is critical for the AML system to be effective. Member
states should also ensure OEs have sufficient access to information
through data sharing and inter-operable systems.
8. facilitate collaboration between the private and public sector
National actors should overcome the ‘taboo’ of cooperating with the
private sector to combat financial crime. Enhanced cooperation between
OEs and authorities can improve understanding of common threats. These
partnerships should be cross-sector, involving financial institutions,
other private-sector organisations and law enforcement agencies.
9. consider sector specific divergencies
The current AML legislation seems to be designed primarily for the
financial sector. Its requirements are not adapted to the nature of
non-financial OEs’ activities. This poses difficulties in interpretation
and may cause gaps in its application. The legislation needs to be
better adapted for OEs in the non-financial sector. The rules should
acknowledge there are different types of OEs and identify and target the
factors to consider.