Contributors
The spring has brought a rush of government initiatives aimed at further improving the financial crime prevention regime in the UK.
Who knows what the relationship between the UK and the EU will be come 10 January 2020 when MLD5 falls to be implemented? Regardless, Treasury is pressing on with its plans to implement it, not least as it was one of the prime movers behind it and supports the initiatives taken in it. The consultation will help Treasury decide how to balance a proportionate approach to implementation that manages the burden on business while actively discouraging ML/TF activity.
Emma Radmore looks at the key areas of change, and what Treasury proposes to do.
Scope
- Tax advisors: Any person providing material aid, assistance or advice on tax matters as a professional activity or principal business will now fall within the MLD definition of "obliged entity". This goes wider than the current MLRs that regulate accountants, auditors and tax advisors (which is currently defined as a firm or sole practitioner who by way of business provides advice about the tax affairs of other persons, when providing such services). Treasury is seeking views on which activities should be caught within a wider definition of "tax advisor"
- Letting agents: Estate agents as defined by the Estate Agents Act 1979 are currently within scope when they carry out estate agency work. Estate agency does not, for these purposes, include letting agency. MLD5 extends application to letting agents in respect of high value transactions with a monthly rent of €10,000 or more. The Government, though, is seeking views on whether this threshold is too high and should be reduced. Treasury now seeks views on which of the activities that letting agencies traditionally carry out should be within scope and whether there should be exemptions. Treasury has also noted that the new scope would not catch direct (unintermediated) lettings, and asks for views on the risks of direct landlord-tenant relationships. Another quirk of letting agent business is the question of on whom CDD should be carried out. Although usually it is the landlord who is the agency's customer, Treasury is asking for views on the impact of requiring the letting agent to carry out CDD on both landlord and tenant where the agent acts as intermediary. It also seeks views on the timing of CDD – which could be problematic if the business relationship comes before the determination of the amount of the rent. Finally, Treasury proposes HMRC would be the appropriate supervisor for letting agents
- Cryptoassets: it is now generally accepted that cryptoassets come in three broad types – exchange tokens, security tokens and utility tokens. Treasury thinks all three should be captured by AML/CFT regulation and seeks views on whether they all fall within the MLD5 definition of "cryptocurrency". It also asks whether anything is included within the MLD5 definition but not within the domestic proposals. Treasury plans to regulate not only providers of fiat-crypto exchanges, but also any provider of alternative exchange services, as well as custodian wallet providers. The requirement is to apply CDD measures before the point of establishment of a business relationship or before carrying out transactions with over €10,000 (or of course where there is a suspicion). Treasury is currently considering whether it should merely transpose MLD5, or whether it should apply higher standards. If it merely transposes MLD5, it has asked FCA to be the appropriate supervisor. If it goes further, it would consider including within scope of the new MLRs crypto-to-crypto service providers, peer-to-peer exchange providers, cryptoasset ATMs, issuance of new cryptosaaset (like ICOs) and publication of open-source software such as non-custodian wallet software. The Government is also aware of the particular cross-border risks presented by this type of business and seeks views on any measures that might effectively mitigate them
- Art intermediaries: Many art intermediaries are already captured by the MLRs as high value dealers, but MLD5 extends to payments above the €10,000 threshold regardless of whether they are made in cash or not, and also includes art galleries, auction houses and free ports as well as broadening the applicability to intermediaries. Treasury is seeking views on how it should define an "art intermediary" to capture all relevant businesses, which will also mean defining "works of art". Treasury also comments that the UK has no free ports but wonders whether it should define the term anyway. The paper also seeks views on how should carry out CDD and when, and poses specific questions, including on how auctions can address the issue, as buyers may not be known until after the sale has concluded and the final price will only then be known. Also, Treasury asks whether it should consider lowering this threshold. Finally, as a supervisor, it proposes HMRC.
E-money
MLD5 has changed (and lessened the application of) the exemptions for low value e-money products. Treasury is minded to transpose MLD5 as is, without imposing any additional restrictions, but welcomes views on the risk of ML and TF from e-money products. It also asks for views on how institutions will be able to detect what requirements anonymous card issuers from outside the EU are subject to, and whether payments using anonymous cards should be allowed.
CDD – electronic verification
There is nothing in UK law that stops firms using electronic means of identification anyway, but Treasury wonders whether the MLD5 clarifications are helpful – and, if so, whether standards for electronic processes set out in government-approved guidance like the JMLSG guidance would constitute the implicit recognition or approval referred to in MLD5. Treasury is also interested in views on whether firms are more likely to use electronic means of identification because of MLD5 and if so whether it will bring them savings.
Management of body corporate
Stemming not from MLD5 but from the FATF evaluation of the UK is a proposed change to MLR Regulation 28, which will now require firms (rather than to say they should take reasonable measures) to determine key facts about corporate clients. MLD5 then imposes additional requirements where firms have identified a company's senior managing official as its beneficial owner, and the MLR will again be amended to require that person to have their identity verified. Treasury also proposes to make changes to stress the requirement that ownership and control must be understood as a part of CDD.
SARs
The MLRs currently mandate that firms cease transactions and consider making a SAR if they cannot apply CDD under Regulation 28 (CDD measures). But it does not cover what happens where the measures that cannot be applied are required under a different regulation (on credit/financial institutions or EDD). Treasury proposes to clarify that the basic requirement applies to these other measures, but also that where EDD measures have their own inbuilt follow up actions the requirement should not apply).
Beneficial ownership requirements
In addition to the requirements already in place because of MLD4, MLD5 requires:
- A check that any company or trust subject to beneficial ownership registration requirements is on the appropriate register and the obtaining of an extract from the register. Treasury proposes this will apply to new business, and to place the onus to provide it on the customer;
- That CDD be reviewed when the obliged entity has a legal duty to contact the customer to review its beneficial ownership information or where it has a duty under the International Tax Compliance Regulations for identifying reportable offshore financial accounts. Treasury proposed to add this requirement to the MLRs;
Treasury plans to leave it to the relevant firm to determine what is "relevant information" in line with its risk assessment and considers the scope of the legal duty depends on the UK law that requires entities to contact customers for the purposes of reviewing any information which is relevant to the risk assessment of the customer for CDD purposes and which relates to its beneficial ownership information.
EDD
MLD5 sets out a series of requirements intended to harmonise EDD in relation to high risk third countries, and includes some requirements that are not currently in the MLRs. Treasury notes the EU's list of high risk countries will have legal effect during any Brexit implementation period, after which SAMLA will allow the UK to maintain its own list of jurisdictions in relation to which EDD must be applied.
Changes to the MLD4 requirements will require a defined set of EDD measures to be applied to business relationships and transactions involving high risk third countries. Firms must get additional information on the customer and beneficial owner, the intended purpose of the business relationship, the source of funds and wealth of the customer and beneficial owners and the reasons for the intended or performed transactions. Firms must also carry out enhanced monitoring of any business relationship or transaction involving such a country (not just, as present, relationships with persons established in such a country). Similarly, the requirement for senior management approval is broadened to cover instructions "involving" such a country. Treasury will implement these changes, but not the additional optional requirement to mandate that a first payment must be from an account in the customer's name with a credit institution subject to the MLDs.
Firms must also apply at least one of a menu of other measures, including additional EDD, reporting and placing limits on business relationships, and national authorities must take mitigating measures (such as refusing the establishment of entities or putting in place increased supervision.
Treasury is seeking views on how it should define "involved" and how it can implement the MLD5 requirements in a proportionate but effective manner. It is also seeking views on whether "beneficiary of a life insurance policy" should be a relevant risk factor in terms of determining whether EDD is necessary.
PEPs
The key requirements around PEPs are unchanged from MLD4 and will not require changes to UK regulatory requirements or guidance. However, there is now a requirement for government guidance on identifying PEPs and Treasury proposes to adopt FCA's existing guidance to address this.
Discrepancies in beneficial ownership information
MLD5 makes several changes to the MLD4 requirement on ensuring beneficial ownership information is correct and accessible. The UK's PSC regime already meets most of the new requirements, and the main change that needs implementation is the obligation on obliged entities to report any discrepancies they find between information they have and information on the central register. Treasury seeks views on whether both entities and regulators should report these discrepancies through Companies House, and on how discrepancies should be handled and resolved. It asks whether a public warning on the register could potentially create tipping off issues.
Trust registration service
HMRC set up the Trust Registration Service in response to MLD4. MLD5 now requires that the scope of registration be expanded, both in relation to what must be registered and what data must be collected. Treasury wants to protect legitimate, low-risk UK trusts, but MLD5 requires that all UK resident express trusts must be registered, as must non-EU resident express trusts that acquire UK land or property or enter into new business relationships with an obliged entity after 10 January 2020. The government also has a duty to share certain information with other agencies. HMRC will consult in more detail on the TRS changes, and the requirements should be complementary to the requirements of the draft Registration of Overseas Entities Bill, but Treasury asks for comment on how it plans to approach assessing what trusts fall within the registration requirement.
National register of bank account ownership
MLD5 requires the establishment of national mechanisms for retrieving ownership information on bank and payment accounts, to be held in a manner immediately accessible in an unfiltered manner to financial investigation units. UK incorporated credit and payment institutions, and UK branches of non-UK credit institutions would need to provide information on accounts identified by IBAN, and on safe-deposit boxes held within the UK. Treasury is considering requirement card issues, e-money institutions that issue prepaid cards, and credit unions and building societies that issue accounts not identified by IBAN also to submit information to the register. The consultation seeks views on this, and on the precise information that should be included. It is proposing information should be submitted weekly, but seeks views also on whether it should introduce a system whereby the register would be able to get information directly from the relevant institution's systems.
Pooled client accounts
There is recognition that pooled client accounts present risks, and current detailed guidance from the ESAs on how to address them. In particular, there are different types of account – those held, for example, by professionals who will themselves have had to carry out CDD on their underlying clients, and those held by customers who are not (or not currently in the case of, say, letting agents) covered by the MLR and will therefore not have done so. Treasury now needs views from banks on how they have addressed these risks, and what risks they consider they face from these accounts, especially when held by unregulated entities.
Miscellaneous other changes
MLD5 will require some other changes to the MLRs, and creates some other talking points, for example around complex arrangements that MSBs in particular may have with networks of agents, and how this impacts on the fit and proper assessment. Treasury wants to ensure that the MLRs require the right people to be subject to the fit and proper test and that the right individuals are properly trained.
What next?
For a directive that wasn't supposed to change all that much except broaden the scope of "obliged entity", there seems an awful lot to do! There are over 100 consultation questions, many of them seeking detailed views on experiences and alternatives.
By the way, consultation closes on 10 June, so anyone wishing to respond should be drafting their views now.
For more information on MLD5 and its wider implications, please check out these following articles:
