Source: Bundesanstalt für Finanzdienstleistungsaufsicht
When there is reason to suspect that the Estonian branch of a Danish bank has transferred tainted funds from Russian businessmen to an overseas account via a correspondent bank, it becomes clear: money laundering is a complex subject that does not stop at national borders – and this makes combating it all the more difficult. So why not take advantage of the promising opportunities offered by digitalisation – ideally across Europe?
BaFin, which has long been in favour of leveraging digitalisation in the fight against money laundering (see BaFin Perspectives Issue 1 I 2018), also thinks this would be an excellent idea. While the supervisory authority itself does not investigate money launderers, it oversees the prevention of money laundering and terrorist financing in the financial sector. After all, about 90% of all suspicious transaction reports received by the FIU, the Financial Intelligence Unit, are submitted by this sector.
Keeping it realistic
In a discussion marked by hopes and promises, BaFin has always focused on finding realistic solutions. Which digital tools could actually improve the efforts to prevent money laundering? What is feasible in the current legal and IT security landscape – and where are the pitfalls? In BaFin’s view, these questions must be clarified first. At the outset, one thing was certain: not only would technical and regulatory questions arise, but also issues in other legal areas.
With this in mind, BaFin set up a working group on digitalising money laundering prevention. Besides the supervisors, the group includes all the other key authorities concerned, such as the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit – BfDI), the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik – BSI), the Federal Criminal Police Office (Bundeskriminalamt – BKA), the Financial Intelligence Unit (FIU) and the public prosecutor’s office.
The group addressed a topic which BaFin considers to have great potential for digitalisation: the pooling and use of data in shared utilities. The aim is to store data and make it available to several users. In the efforts to prevent money laundering, this would particularly mean data which obliged entities (in terms of anti-money laundering law – see info box “Obliged entities under the GwG”) must obtain in their know-your-customer (KYC) process to identify their clients. One basic principle of the process is the verification of the client’s identity and that of any beneficial owner (see info box “Beneficial owner”) before the obliged entity enters into business relationships with them.
Meanwhile, there are legal requirements for data protection and IT security that oppose the unlimited use of data that has been pooled in this fashion. This is a conflict that needs to be addressed.
Definition:Obliged entities under the GwG
Section 2 of the German Money Laundering Act (Geldwäschegesetz – GwG) lists the entities obliged to comply with the requirements of the law. These include the entities supervised by BaFin, such as credit institutions, financial services institutions, payment and e-money institutions, insurance undertakings and asset management companies.
Is a European transparency register possible?
The group examined different approaches of this kind, focusing on the current legal options and any potential for conflict. The conclusion: a European shared utility – a centralised transparency register fed by KYC data from the identification of legal entities and their beneficial owners – could serve as a medium-term solution.
Such a register could contribute significantly to optimising the prevention of money laundering in Europe. It would also further promote the harmonisation of the internal market. Financial entities and other stakeholders doing business in Europe could use it to identify their clients and beneficial owners quickly, efficiently and transparently. The ability to access the data within seconds and trust the quality of the data would also mean significant advantages for supervisory and law enforcement authorities in their work. It is hoped that this would make it easier in future for the authorities to detect and investigate money laundering and terrorist financing – especially the complex international cases.
The beneficial owner under section 3 (1) of the GwG is “1.) the natural person who ultimately owns or controls the contracting party, or 2.) the natural person at whose instruction a transaction is ultimately carried out or a business relationship is ultimately established. (…) In cases of legal persons other than foundations with legal capacity and of other corporate entities that are not listed on an organised market as defined in section 2 (11) of the Securities Trading Act and that are not subject to transparency requirements with regard to voting rights consistent with Community laws or to equivalent international standards, beneficial owners include any natural person who, directly or indirectly, 1.) holds more than 25 per cent of the capital, 2.) controls more than 25 per cent of the voting rights or 3.) exercises control in a comparable manner.”
In essence, this rule is intended to achieve transparency about who is in the background pulling strings and controlling those whose actions are externally visible.
For such a centralised register to become a reality, however, European laws would have to be amended. For example, there would have to be new rules on data protection: What data can be collected and where? How can it be collected? How long can it be kept? Who can use it and for what purposes? These are just some of the questions that would have to be answered at the European level. Furthermore, the technical challenge of coordinating 27 member states should not be underestimated.
BaFin advocates making the necessary adjustments, since the real benefits of shared utilities involving KYC data will only be created once a cross-border model is in place. In Brussels, Germany is arguing the case for additionally using current anti-money laundering harmonisation efforts to resolve the tension between data protection and the fight against money laundering. Moreover, BaFin views the interlinking of the national transparency registers, envisaged in the 5th European Anti-Money Laundering Directive, as a potential step towards a centralised register. However, it will ultimately be up to European lawmakers to decide in favour of or against such a register.
How Executive Director Dr Thorsten Pötzsch intends to boost money laundering prevention
The fight against money laundering, having been stepped up before, is again gaining momentum: legislators and supervisors are taking action, and entities in the financial sector are also intensifying their efforts to track down suspicious cases. This is evident in the increasing number of suspicious transaction reports being submitted. And yet even more is possible – and necessary: more Europe, for example. In other words, more transparency. From a medium-term perspective, this could take the form of a centralised transparency register for KYC data.
More Europe also means more uniformity. We need a truly harmonised European legal framework – a regulation that is directly applicable, not just directives that grant the member states too much leeway for implementation, as in the past. A rambling patchwork of supervisory practices will not adequately equip us to combat money laundering effectively, much less prevent it.
But more Europe also means closer collaboration between the national supervisors and – for particularly high-risk cases – setting up a central European anti-money laundering supervisory authority. Money laundering is often international. Situations arise time and again where a European supervisory authority could more effectively intervene while we national supervisors have to stop at national borders – unlike the perpetrators we wish to fight. This has to change.
This article reflects the situation at the time of publication and will not be updated subsequently. Please take note of the Standard Terms and Conditions of Use.