Money laundering and sanctions enforcement remain high on regulators’ agendas in the first quarter of 2024.
Anti-money laundering and countering the financing of terrorism (AML/CFT) regulations as well as sanctions regulations have rapidly and significantly expanded in the wake of Russia’s war against Ukraine and the Middle East conflict. As a logical next step regulators are tightening their AML/CFT regimes and improving sanctions enforcement
Regulators continue to focus on money laundering:
- Regulators are identifying jurisdictions with AML/CFT deficiencies: The Financial Action Task Force (FATF) updated its lists of jurisdictions with money laundering (ML), terrorist financing (TF) and proliferation financing (PF) deficiencies. Firms should consider FATF’s stance toward these jurisdictions when reviewing their obligations, risk-based policies, procedures, and practices.
- Regulators are strengthening their AML/CFT regimes:
- FATF recently set out AML/CFT transparency obligations in its guidance on beneficial ownership and trusts.
- In the European Union (EU), a provisional agreement was reached on parts of its AML package (i.e., AML Directive and Regulation). The new rules will require all crypto-asset service providers (CASPs) to conduct due diligence on their customers and report suspicious activity. Financial institutions will need to undertake enhanced due diligence measures when business relationships with high net-worth individuals involve the handling of large amounts of assets. In addition, beneficial ownership transparency is being enhanced by setting a 25% threshold for ownership disclosure. Furthermore, the future EU AML authority, AMLA, will be based in Frankfurt and begin operations in mid-2025. It will have direct and indirect supervisory powers over financial sector firms with the highest cross-border risk and the power to impose sanctions and measures.
- The US Financial Crimes Enforcement Network (FinCEN) proposed a new rule (comment period closes on 15 April 2024) that would require certain investment advisers (IAs) to apply AML/CFT requirements pursuant to the Bank Secrecy Act. IAs would be required to implement risk-based AML/CFT programs, report suspicious activity to FinCEN, and fulfill recordkeeping requirements. Also, many firms are now required to report information to FinCEN about their beneficial owners. Reporting firms created or registered to do business in the US before 1 January 2024 must file reports by 1 January 2025, while those created or registered 2024 have 90 calendar days to file after their registration is effective.
- The Australian government aims to expand AML/CFT obligations to lawyers, accountants, and real estate firms. The proposed changes would require reporting entities to have a single program for AML and CFT, instead of two, include requirements to assess AML/CFT risks and cover digital currencies. The reforms are expected to be introduced to parliament in 2024.
- Canada plans to increase its reliance on artificial intelligence (AI) to detect suspicious transactions, while in Hong Kong AML guidance on the use of AI is expected in the coming weeks. Hong Kong’s regulator also consulted on rules for information sharing among authorized institutions to prevent financial crime.
- he UK is improving the effectiveness of its money laundering regulations and aims to make customer due diligence more proportionate. UK firms are also required to complete a gap analysis against weaknesses in their AML frameworks within the next six months.
Regulators are considering a diverse spectrum of financial crime typologies and threats:
- US national risk assessments highlighted potential AML deficiencies at firms and firms should review these to remain aligned with government’s expectations. The assessments could also help firms that are required to maintain an AML program prepare for long overdue regulations on how to implement the national AML/CFT priorities, published by the FinCEN in 2021. In addition, the US Treasury’s “2024 National Strategy for Combatting Terrorist and Other Illicit Finance” is expected to provide recommendations on issues highlighted in the national risk assessments.
- Meanwhile, in the UK, the Financial Conduct Authority (FCA) identified four areas that firms should focus on to combat financial crime. Firms should: 1) Ensure systems and controls keep up with an increasing technological sophistication of criminals and constantly adjust to new financial crime techniques and typologies; 2) Explore the latest advances in data sharing technology to ensure personal data is protected; 3) Prioritize fraud awareness to empower their customers to identify red flags; and 4) Be able to measure their own effectiveness at preventing financial crime by using metrics.
Regulators are driving sanctions compliance through enforcement and extending export controls:
- In February 2024, the EU adopted its 13th package of sanctions against Russia which further limits Russia’s access to military technologies and sanctions additional companies and individuals involved in Russia’s war. To prevent the circumvention of EU sanctions via third countries the 14th sanction package is expected to broaden restrictions from individual companies to wider sectors.
- In the US, foreign financial institutions risk losing access to the financial system if they facilitate transactions relating to Russia’s military industrial base. These firms are expected to communicate sanction compliance expectations to their customers, determine their customers’ exposure to sanctioned individuals or activities, assess their customers’ counterparties and update their sanction risk assessments. Domestic and foreign institutions must comply with US sanctions and export controls, which were recently extended, if they intend to continue accessing the US financial system.
- In the UK, a new agency for trade sanctions enforcement will commence operations in 2024 and is expected to lead to an increase in enforcement activity related to alleged non-compliance with trade restrictions connected to Russia.