Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

4.1 The AML Supervision of Payment Institutions that Operate Across Borders by Agents

The European Union (EU) Fourth anti-money laundering Directive (AMLD) is now putting in place a framework which focuses on greater effectiveness and improved transparency in order to make it harder for criminals to abuse the financial system. Significant progress has been achieved on the review package the EU Third AMLD,1 which, as known, consists of two legal instruments: the new Directive on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing and a Regulation on information accompanying transfers of funds to secure “due traceability” of these transfers. These two legal instruments take into account the 2012 Recommendations of the Financial Action Task Force (FATF), and go further to promote the highest standards for anti-money laundering (AML) and counter terrorism financing (CFT).

The new regulatory framework welcomes the risk-based approach:2 it acknowledges that the levels and types of action required to be taken by Member States, supervisors, and firms will differ according to the nature and severity of risks in particular jurisdictions and sectors, clarifying the types of situations in which simplified customer due diligence will be appropriate, as well as those situations where it is necessary for firms to conduct enhanced checks.

We have new rules concerning the extended definition of politically exposed persons—PEPs (here is clarified that enhanced due diligence will always be appropriate where transactions involve politically exposed persons), inclusion of tax crimes as predicate offences, national and Europe-wide risk assessments, reinforcement of sanctioning powers and requirements to co-ordinate cross-border action, lower exemptions for one-off transactions and expansion of the perimeter, new requirements on beneficial ownership information, to increase transparency by requiring companies and trusts to hold information on their beneficial ownership, and to make this information available to supervisors and parties conducting due diligence on them.

In this new regulatory framework, we have the problem of supervision of payment institutions (PIs) that operate across borders by agents.3 In fact, most Member States result host some agents operating on a European passport under the Directive 2007/64/EC (the so-called Payment Services Directive or PSD),4 in the context of the creation of a Single Payments Area in Europe (so-called SEPA);5 a large number of Member States act as the home regulator for cross-border PIs.

Risks associated with the Money Transfer sector, especially operating through agents, are considered very high.6

For example, in Italy, money laundering and financing terrorism risks associated with the Money Transfer sector are considered very high, due also to the size of the Italian money remittance market: amongst the EU countries, the Italian market is the second biggest one in terms of money remittance flows directed abroad (EUR 7.39 mld in the 2011). In 2011, the market share of the money remitters based in another EU country operating in Italy through very extensive networks of agents was equal to 55 %. In this framework, various criminal investigations found out that the money transfer networks are misused for money laundering purposes or for terrorist financing purposes by criminal organisations.

In Portugal, Payment System (PS) agents, whenever they are not financial institutions, are considered as presenting an inherent ML/FT high risk. This is the case due to their absence of control mechanisms in terms of the prevention of AML/CFT on the overwhelming number of agents operating in these conditions (gas stations, subway stations, supermarkets).

According to FATF’s new Recommendation 14 on money or value transfer services providers, money or value transfer services (MVTS) providers should be required to be licensed or registered. MVTS providers should be subject to monitoring for AML/CFT compliance. Agents for MVTS providers should be required to be licensed or registered by a competent authority, or the MVTS provider should be required to maintain a current list of its agents accessible by competent authorities in the countries in which the MVTS provider and its agents operate. According to para. 14.5, MVTS providers that use agents should be required to include them in their AML/CFT programmes and monitor them for compliance with these programmes.

Agents pursuing their activities on the basis of PSD rule, regarding the exercise of the right of establishment and freedom to provide services. According to this rule, any authorised PI wishing to provide payment services for the first time in a Member State other than its home Member State, in exercise of the right of establishment or the freedom to provide services, shall so inform the competent authorities in its home Member State. Within one month of receiving that information, the competent authorities of the home Member State shall inform the competent authorities of the host Member State the name and address of the PI, the names of those responsible for the management of the branch, its organisational structure, and the kind of payment services it intends to provide in the territory of the host Member State. In order to carry out the controls in respect of the agent, branch, or entity to which activities are outsourced of a payment institution located in the territory of another Member State, the competent authorities of the home Member State shall cooperate with the competent authorities of the host Member State. The competent authorities of the home Member State shall notify the competent authorities of the host Member State whenever they intend to carry out an on-site inspection in the territory of the latter. However, if they so wish, the competent authorities of the home Member State may delegate to the competent authorities of the host Member State the task of carrying out on-site inspections of the institution concerned. The competent authorities shall provide each other with all essential and/or relevant information, in particular in the case of infringements or suspected infringements by an agent, a branch, or an entity to which activities are outsourced. In this regard, the competent authorities shall communicate, upon request, all relevant information and, on their own initiative, all essential information.

4.2 The Requirement of Central Contact Points in Some European National Legislations

In EU Member States, there have been reported some cases of countries where the requirement of a central contact point (CCP) has been set up by their national legislation.

In Italy, the reference to CCPs has been included in Article 42 of the Legislative Decree 231/2007 (Italian AML law) after its amendment by the Legislative Decree 164/2012.7 According to para. 3, the suspicious transaction report (STR) shall be submitted to the Financial Intelligence Unit (FIU) by the agents of the PIs directly or through the CCP created in Italy by the EU electronic money institution (EMI) or PI. The creation of the contact point is mandatory in case of plurality of agents.

PIs’ agents operating in Italy are subject to the Italian AML regulations, so they are obliged to comply also with the Italian customer due diligence and record keeping requirements. At the moment, the Italian law provides a role for the CCP only in relation with the STRs. But, in their understanding, PIs are very likely to assign to the CCP also coordination and supervisory role with regard to the other pieces of the AML obligations applicable to the agents operating in Italy.

In Belgium, Belgian AML law applies to PIs/ EMIs “providing payment services in Belgium through a person established there and representing the institution to this end”. PIs/EMIs with such an establishment in Belgium are subject to all the provisions of the Belgian AML law, including article 18 which provides that the obliged entities “shall assign responsibility for the implementation of this Law to one or more persons within their institution or profession. These persons shall primarily be responsible for implementing the policies and procedures referred to in Articles 16 and 17, as well as for examining the written reports drawn up in accordance with Article 14, § 2, second subparagraph, in order that appropriate action may be taken, where necessary, in accordance with Articles 23 to 28. […] In the cases referred to in Article 2, § 1, 4ter, c) and 4quater, e) [i.e. in the case of PIs /EMIs providing payment services in Belgium through a person established there and representing the institution to this end] a person responsible for the implementation of this Law should be established in Belgium.” This person responsible for the implementation by the EEA PIs/EMIs of the Belgian AML law is the Belgian CCP, even if the Belgian Legislation does not make use of that expression. Belgian AML law applies to all PIs/EMIs providing payment services in Belgium “through a person established there and representing the institution to this end”. The wording “through a person established there and representing the institution to this end” is meant to capture any form of establishment in Belgium (other than branches, already mentioned in another subparagraph), provided the establishment has the power to represent the PI/EMI.

Functions of the CCP result from Article 18 of the Belgian AML law. The main functions of an officer responsible for preventing money laundering and the financing of terrorism—and hence of a Belgian CCP—consist in: examining the written reports relating to atypical transactions which are communicated to it and drawn up in accordance with Article 14, § 2, second subparagraph of the Law; deciding if such atypical transactions are suspicious and in filing, if this is the case, an STR to the Belgian FIU (CTIF-CFI) in accordance with Articles 23 to 28 of the Law; implementing the policies and procedures referred to in Articles 16 and 17. This includes the implementation of the internal measures and control procedures set out by the PI/EME in order to ensure compliance with Belgian AML law, the implementation of the group AML policy and the implementation of the measures taken by the EME/PI to train their representatives in terms of AML obligations.

In Spain, according to the Spanish legislation, if an EU payment/e-money institution designates more than one agent in Spain for the provision of payment services, the agents would constitute a network of agents. In accordance with Articles 4.2 and 10.4 of Royal Decree 712/2010, Banco de Espana shall hold a register of persons responsible for the network of agents, and its establishment will be subject to the same procedure established in regard to branches of EU PIs. That means it is necessary for the PIs/EMIs to designate and communicate to Banco de Espana both a person in charge of the agents’ network and contact address in Spain. The provisions above are included in the template of communication that Bank of Spain sends to the PI, once it has received notice from the Home Supervisor.

The legislation does not explicitly mention a “central contact point”, but since the agents’ network are considered similar to a branch, a CCP is therefore a mandatory requirement. Furthermore, according to the regulation, agents of foreign PI must, in the exercise of their activity in Spain, observe the same rules of law that the agents of any Spanish PI must observe.

In Portugal, the draft rule through which the Portuguese Supervisory Authority intend to implement the requirement of the CCP for PIs is an Aviso do Banco de Portugal. A preliminary version was published in March 2013. In a more up-to-date version of the Article 7 of the draft Aviso do Banco de Portugal, which regulates the agents of foreign PIs or e-money institutions, according to its third paragraph, in order to facilitate the exercise of AML/CFT supervision and improve compliance with the related regulation, EU PI or e-money institutions must promote the creation in Portugal of a CCP, whenever they operate in Portugal through one or more agent or third party with operational functions.

The appointment must be done before providing such activities in Portugal through one or more agent/third party with operational functions. This CCP must also be ensured by a natural or legal person who has a physical structure permanently adequate to meet the functions and who must be any of the financial institutions identified in Article 3 (among them, credit institutions or PIs, including branches of foreign ones) or act as an agent on a local or foreign PI or EMI.

4.3 The New Fourth AMLD and PSD 2 Rules

In this context, now we are facing the new Fourth AML EU Directive and PSD 2 rules. About the relationship between home and host supervisory authorities, the new Fourth AML Directive provides clear provisions on AML supervision where cross-border cases are concerned, whereas the Third AML EU Directive did not explicitly cover.

The host country’s supervisory authority has jurisdiction over the branches and agents located in its own territory for AML supervision; these branches must comply with local money laundering legislation.

The host country can now demand that the PI or the e-money institution, operating multiple branches or agents in its own territory, designate a CCP, responsible for ensuring that the institution complies with AML and terrorist financing laws. This CCP must provide any documents or data upon request of the competent supervision authority or any other support.

According to Recital (50) of the new Fourth AML Directive, where Member States require issuers of electronic money and payment service providers which are established in their territory in forms other than a branch and the head office of which is situated in another Member State, to appoint a CCP in their territory, they should be able to require that such a CCP, acting on behalf of the appointing institution, ensure the establishments’ compliance with AML/CFT rules. They should also ensure that that requirement is proportionate and does not go beyond what is necessary to achieve the aim of compliance with AML/CFT rules, including by facilitating the respective supervision.

According to Recital (38b) of the new Fourth AML Directive, where an obliged entity operates establishments in another Member State, including through a network of agents, the competent authority of the home Member State should be responsible for supervising the obliged entity’s application of group-wide AML/CFT policies and procedures. This could involve on-site visits in establishments based in another Member State. The competent authority of the home Member State should cooperate closely with the competent authority of the host Member State and should inform the latter of any issues that could affect their assessment of the establishment’s compliance with the host AML/CFT rules.

According to Article 45, para. 9, of the new Fourth AML Directive, Member States may require electronic money issuers as defined in point (3) of Article 2 of Directive 2009/110/EC and payment service providers as defined in point (9) of Article 4 of Directive 2007/64/EC established on their territory in forms other than a branch, and whose head office is situated in another Member State, to appoint a CCP in their territory to ensure, on behalf of the appointing institution, compliance with AML/CFT rules and to facilitate supervision by competent authorities, including by providing competent authorities with documents and information on request.

According to Article 45, para. 10, of the new Fourth AML Directive, the European Supervisory Authorities (ESAs) shall develop draft regulatory technical standards on the criteria for determining the circumstances when the appointment of a CCP pursuant to paragraph 9 is appropriate, and what the functions of the CCPs should be. The ESAs shall submit the draft regulatory technical standards to the Commission by 26 June 2017. According to Article 45, para. 11, power is delegated to the Commission to adopt the regulatory technical standards referred to in paragraph 9 in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010, of Regulation (EU) No 1094/2010 and of Regulation (EU) No 1095/2010.

According to Article 48, para. 4, of the new Fourth AML Directive Member States shall ensure that competent authorities of the Member State in which the obliged entity operates establishments supervise that these establishments respect the national provisions of that Member State pertaining to this Directive. In the case of the establishments referred to in Article 45(9), such supervision may include the taking of appropriate and proportionate measures to address serious failings that require immediate remedies. These measures shall be temporary and be terminated when the failings identified are addressed, including, with the assistance of or in cooperation with the home country’s competent authorities.

According to Article 48, para. 5, of the new Fourth AML Directive, Member States shall ensure that the competent authorities of the Member State in which the obliged entity operates establishments shall cooperate with the competent authorities of the Member State in which the obliged entity has its head office, to ensure effective supervision.

Also according new PDS 2, Member States may decide to require that PIs operating on their territory under the right of establishment, and whose head office is situated in another Member State, appoint a CCP in their territory, in order to facilitate the supervision of networks of agents. The EBA will develop draft regulatory standards setting out the criteria to determine when the appointment of a CCP is appropriate and what its functions should be.

In this sense, Article 26a, para. 5, 6, and 7, of new PSD 2, regarding supervision of PIs exercising the right of establishment and freedom to provide services, Member States may require PIs operating on their territory through agents under the right of establishment, and whose head office is situated in another Member State, to appoint a CCP in their territory to ensure adequate communication and information reporting on compliance with new rules, without prejudice to any AML provisions and to facilitate supervision by home and host competent authorities, including by providing competent authorities with documents and information on request. EBA shall develop draft regulatory technical standards setting out criteria for determining the circumstances when the appointment of a CCP is appropriate, and what the functions of CCPs should be. EBA shall submit these draft regulatory technical standards to the Commission within one year of the date of entry into force of this Directive.8 Power is delegated to the Commission to adopt the regulatory technical standards referred to in paragraph 6 in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1093/2010.

Then, the set-up of such a contact point can be requested for the purpose of ensuring compliance with the money laundering and antiterrorist financing rules under AML EU Directive,9 while the Member States option under PSD2 can only be invoked for the purpose of adequate communication and information by the PI on compliance with the rules under PSD2.

4.4 Some Problems Arising from the Application of the New Rules in EU Member States

From this new system of rules derive various problems related to the supervision of the money services agents.

Now a first issue concerns how and whether PSD 2 could be implemented in some uniform way so as to allow Home Supervisors to delegate AML/CFT inspections of PS agents work to Host Supervisors. A second, but not secondary, issue concerns which jurisdiction’s (home or host) AML/CFT law should apply when such delegated inspections took place.

When will enter a regime the opportunity to request payment service providers as defined by Directive 2007/64/EC established on their territory in forms other than a branch, and whose head office is situated in another Member State, to appoint a CCP in their territory to ensure on behalf of the appointing institution compliance with AML/CFT rules and to facilitate supervision by competent authorities, we will run the serious risk of an asymmetric supervision of agents. It seems at least they should be co-ordinates the activities of the CCP, imposed for the two different purposes that we have explained above.

Paradoxically, the application, as well appropriate, of the principle of proportionality10 could lead—as unintended consequence—to expectations of national “administrative” regimes any different.11 To avoid this practice, the ruling task assigned to the EBA will be crucial.12

In my opinion, we would need—just to avoid reduced competition between the laws of the Member States in the implementation of the new EU Directives—as fast as possible harmonisation of procedures for the supervision of PIs operating by agents.

In the European Banking Union and the EU single financial market,13 a common approach to the regulation of cross-border PS agents within Europe at present, to counter the risk of violation domestic law and distortion of competition within a local market because of uncontrolled AML/CFT measures by using a huge network of agents, appears at this point no longer be postponed.

We need a “standardised” and uniform approach, so as to consider the justified interests of the PS industry to get predictable regulatory conditions, also to get to the configuration of a common European legal framework among EU Member States, that is, the “Europeanisation” of the fight against crime and money laundering within the area of freedom, security, and justice.14

4. Notes

  1. 1.

    About the EU Third AMLD see, among others, M. Pellegrini (2005), “Anti-Money Laundering Legislation in the light of the Proposal of the Third EC Directive” European Business Law Review, Vol. 5, p. 1181; E. Katz (2007), “Implementation of the Third Money Laundering Directive. An Overview” Law and Financial Markets Review, Vol. 1, No. 3; V. Mitsillegas and B. Gilmore (2007), “The EU Legislative Framework against Money Laundering and Terrorist Finance: A Critical Analysis in the Light of Evolving Global Standards” International and Comparative Law Quarterly, Vol. 56 (1), p. 119; S. Buisman (2011), “The Influence of the European Legislator on the National Criminal Law of Member States: It is All in the Combination Chosen”, Utrecht Law Review, Vol. 7, No. 3; S. Costa (2013), Implementing the New Anti-Money Laundering Directive in Europe: Legal and Enforcement Issues—The Italian Case (Milan: Paolo Baffi Center on International Markets, Money and Regulation) No. 2008-13; E. Herlin-Karnell (2014), “Constructing Europe’s Area of Freedom, Security and Justice Through the Framework of ‘Regulation’: A Cascade of Market Based Challenges in the EU’s Fight Against Financial Crime” German Law Journal, p. 49.

  2. 2.

    See A. Proctor (2005), “Supporting a risk-based anti-money laundering approach through enforcement action” Journal of Financial Regulation and Compliance, Vol. 13, No. 1, p. 10; S. Ross and M. Hannan (2007), “Money Laundering Regulation and risk-based decision making” Journal of Money Laundering Control, Vol. 10, No. 1, p. 106.

  3. 3.

    See, in this respect, ESA’s Joint Committee Sub-Committee on Anti Money Laundering, Supervisory Cooperation Protocol between “Home Supervisor” and “Host Supervisor(s) of Agents and Branches of Payment Institutions in Host Member State”, July 2012; Joint Committee of the European Banking Authority (EBA), European Securities and Markets Authority (ESMA) and European Insurance and Occupational Pensions Authority (EIOPA), Report on the application of AML/CTF obligations to, and the AML/CTF supervision of e-money issuers, agents and distributors in Europe, December 2012.

  4. 4.

    See Kokert, J. and Held, M. (2014) “Payment Services Directive II: Risks and serious consequences for users and banks”, BaFin section for IT infrastructure of banks, June 2014; Valcke, Peggy and Vandezande, Niels and Van de Velde, Nathan, The Evolution of Third Party Payment Providers and Cryptocurrencies Under the EU’s Upcoming PSD2 and AMLD4 (23 September 2015). SWIFT Institute Working Paper No. 2015-001.

  5. 5.

    See A. Janczuk-Gorywoda (2010) “The Single Payments Area in Europe” Columbia Journal of European Law, Vol. 16, No. 2, 321.

  6. 6.

    About illegal cash brought to an alternative remittance provider for the placement outside of the banking system (e.g., “money-transfers” agents), G. Ardizzi, C. Petraglia, M. Piacenza, F. Schneider and G. Turati (2013), Money Laundering as a Financial Sector Crime—A New Approach to Measurement, with an Application to Italy CESifo Working Paper Series No. 4127, p. 6, observe that “since bank money is essential to transform capital into profitable investments in the global formal economy, it is reasonable to assume that a relevant share of illegal funds placed outside the banking system will be subsequently deposited in cash on a bank account”.

  7. 7.

    About Italian AML law see P. Fratangelo, Prevention and Countering of Money Laundering and Terrorism Financing, in D. Siclari (ed.), Italian Banking and Financial Law. I. Supervisory Authorities and Supervision, Palgrave Macmillan, 2015, p. 105; I. Borrello, Financial Intelligence Unit (FIU), in D. Siclari (ed.), Italian Banking and Financial Law. I. Supervisory Authorities and Supervision, Palgrave Macmillan, 2015, p. 261.

  8. 8.

    Those draft regulatory technical standards shall, in particular, take account of: (a) the total volume and value of transactions carried out by the payment institution in host Member States; (b) the type of payment services provided; and (c) the total number of agents established in the host Member State.

  9. 9.

    For example, in Italy the legislative decree implementing EU AML Directive (European Delegation Law 2015) requires now, as a criterion for the exercise of legislative delegation, the obligation to establish a CCP (art. 14, para. 2, letter. C, no. 3), giving the Bank of Italy to adopt an enforcement regime.

  10. 10.

    About the principle of proportionality see recently the proceedings of the EBA Workshop “The application of the principle of proportionality in the context of Institutional and Regulatory Reforms”, London, 3 July 2015.

  11. 11.

    For example, in Belgium by Circular of the National Bank No. 11 of 22 October 2014, the Bank introduced an obligation for financial institutions established in Belgium to annually fill in an electronic questionnaire on AML/CFT. Payment institutions and EMIs, including branches and central contact points in Belgium of payment institutions and EMIs authorised in other Member States of the European Economic Area, fall within the scope of this Circular and must therefore normally complete the full questionnaire annually. However, in accordance with the principle of proportionality, the Bank has decided to ease its requirements regarding the periodic information which must be provided on the arrangements put in place by the institutions to meet the legal obligations regarding AML/CFT, taking into account the specific characteristics or the scale of the establishment in Belgium of the payment institution or EMI concerned. Are therefore exempted from the obligation to complete the full questionnaire attached to Circular NBB_2014_11 of 22 October 2014: PIs and EMIs governed by Belgian law which, by virtue of Articles 48 or 105 of the Law of 21 December 2009, are exempted from application of the provisions of this law; “Central contact points” in Belgium of European payment institutions which have established in Belgium a network of fewer than 100 agents or distributors, and which have executed in Belgium over the past year, through their agent network, less than 100,000 payment transactions on behalf of their clients; “Central contact points” in Belgium of European EMIs, which have established in Belgium a network of fewer than 100 agents or distributors, and which have distributed, over the past year and through their network of distributors in Belgium, electronic money amounting to less than EUR 5,000,000, and which have executed, through their agent network in Belgium, less than 100,000 payment transactions on behalf of their clients (see Banque Nationale de Belgique, Circular No. 12, Brussels, 22 October 2014).

  12. 12.

    See S. Cappiello (2015), The Interplay between the EBA and the Banking Union, Robert Schuman Centre for Advanced Studies Research Paper No. RSCAS 2015/77.

  13. 13.

    See, in this regard, Moloney S (2014) “European Banking Union: Assessing its risks and resilience” Common Market Law Review, 51, 1609 ss.; E. Ferran (2014) European Banking Union and the EU Single Financial Market: More Differentiated Integration, or Disintegration?, University of Cambridge Faculty of Law Research Paper nr. 24; C. Brescia Morra (2014) From the Single Supervisory Mechanism to the Banking Union, Working Paper LUISS Guido Carli.

  14. 14.

    About the “Europeanisation” of the fight against crime and the role of the EU in fighting crime within the area of freedom, security and justice, the impact of EU policies in the Member States, the progressive convergence of Member States’ criminal law systems, the emergence of mutual recognition as an alternative to harmonisation, and the incremental development of the ECJ’s jurisdiction see C. Eckes and T. Konstadinides (eds.), Crime within the Area of Freedom, Security and Justice. A European Public Order, Cambridge University Press, 2011.