Money laundering (ML) has devastating consequences. It promotes crime and corruption that weaken our economies and damage social wellbeing. Citizens and governments lose over €110 billion to financial crime and 2 to 5% of global GDP is estimated to be laundered every year. It is critical to ensure that the fight against money laundering and terrorist financing (TF) is effective and efficient.
This has led Accountancy Europe to issue the publication Building an effective anti-money laundering ecosystem which recommends how to better implement the existing anti-money laundering (AML) legislation.
We do this ahead of the European Commission (EC) proposals (expected in July 2021) to strengthen these rules and how they are supervised.
AML as an ecosystem
Our recommendations have a wider remit than the enhanced EU AML rules. Complying with these is not enough to effectively stand up to criminals. We look at AML as an ecosystem where obliged entities (OEs), supervisors and policy makers cooperate and take charge of their responsibilities to mitigate AML risks.
Who are the obliged entities?
OEs are grouped in financial entities such as banks and insureres and non-financial such as auditors, external accountants, lawyers. They are required by the EU AML legislation to have procedures in place designed to assess and mitigate ML/TF risks.
Check our 9 recommendations to build a more effective AML ecosystem:
Obliged entities need to proactively manage AML risks
Recent AML scandals such as Luanda Leaks, FinCEN Leaks and the Panama Papers highlighted deficiencies in how OEs implement AML policies. We believe that they should take a more risk-based approach to understand the ML threats and take the right action.
We propose three actions for OEs to shift from reactive, to proactive and preventive AML risk management:
1. better recognise and mitigate AML risks
through discussing with supervisors and policy makers, AML training and better understanding sector specific risks.
2. strengthen risk-based systems and controls
to assess whether they can deal with the risks identified, regardless of OEs’ size and complexity.
3. leverage technology
to increase AML efficiency and quality. For example, in remote client onboarding and collecting client information on clients.
Obliged entities need to improve governance to strengthen AML
Integrating AML in the governance structures can improve an OE’s risk overview and management. It can also allow an OE to be proactive on AML risks and ensure ongoing monitoring, reporting and oversight. We recommend the following 3 actions for boards and management.
4. boards should build a strong AML culture
Boards should foster a culture that supports AML risk awareness, behaviours and judgments about risk and provide escalation mechanisms. They need to challenge AML policies to ensure these align with their business activities’ inherent risks.
5. management should implement effective risk management
In line with the board’s guidance, management’s role is to implement effective risk management and risk reporting obligations. Management should be able to recognise AML risks, monitor these and allocate adequate resources to establish a control framework that can manage and mitigate those risks.
6. Obliged Entities should establish three lines of defence
Entities should establish three lines of defence to ensure sound ML/TF risk management:
- management control over business operations
- risk controls and compliance
- internal audit to evaluate the risk management and controls
Reinforcing the regulatory and supervisory framework
Supervision and regulation need to be modernised as well to ensure the AML ecosystem functions properly. To further reinforce the regulatory and supervisory framework we recommend for supervisors and policymakers to:
7. enhance cooperation amongst member states
Information and knowledge sharing between national supervisory authorities is critical for the AML system to be effective. Member states should also ensure OEs have sufficient access to information through data sharing and inter-operable systems.
8. facilitate collaboration between the private and public sector
National actors should overcome the ‘taboo’ of cooperating with the private sector to combat financial crime. Enhanced cooperation between OEs and authorities can improve understanding of common threats. These partnerships should be cross-sector, involving financial institutions, other private-sector organisations and law enforcement agencies.
9. consider sector specific divergencies
The current AML legislation seems to be designed primarily for the financial sector. Its requirements are not adapted to the nature of non-financial OEs’ activities. This poses difficulties in interpretation and may cause gaps in its application. The legislation needs to be better adapted for OEs in the non-financial sector. The rules should acknowledge there are different types of OEs and identify and target the factors to consider.