• European authorities are starting 2021 with a naming and shaming offensive against member countries not transposing compliance directives quickly enough, while at the same time getting defensive about the politics and methodologies for listing regions outside the bloc for perceived fincrime failings.
• The European Union Commission in its latest Infringements Package is again chastising jurisdictions for tarrying on implementing anti-money laundering (AML) directives, but the latest fusillade coming this month has a fresh twist – criticism of countries for weaknesses tied to earlier versions of overlapping directives.
• The message to countries is clear: even if you cleared the transposition hurdle, and have turned your attention to new and updated rules, EU banking regulators are looking more closely at implementation of current and prior AML directives, still bruised and cognizant of the battering the bloc took tied to the Danske Bank scandal.
• But just as the EU tries to throw stones internally to nudge countries into compliance with buttressed counter-crime controls, it must also protect its own glass house from criticism tied to its latest listing for countries accused of a being a tax haven, easily adding the small Caribbean country of Dominica, but leaving off serial scofflaw, but powerful ally Turkey.

By Brian Monroe
bmonroe@acfcs.org
February 24, 2021

European authorities are starting 2021 with a naming and shaming offensive against member countries not transposing compliance directives quickly enough, while at the same time getting defensive about the politics and methodologies for listing regions outside the bloc for perceived fincrime failings.

The European Union Commission in its latest Infringements Package is again chastising jurisdictions for tarrying on implementing anti-money laundering (AML) directives, but the latest fusillade coming this month has a fresh twist – criticism of countries for weaknesses tied to earlier versions of overlapping directives.

What does this mean?

Authorities are expressing frustration not with the incoming Sixth Directive (AMLD6), fretting about preparation for the quickly encroaching June 2021 deadline or prior Fifth Directive (AMLD5), with a January 2020 deadline, but the focus now is on the Fourth AML directive (AMLD4), which had a transposition deadline of June 2017.

The message to countries is clear: even if you cleared the transposition hurdle, and have turned your attention to new and updated rules, EU banking regulators are looking more closely at implementation of current and prior AML directives, still bruised and cognizant of the battering the bloc took tied to the Danske Bank scandal.

But just as the EU tries to throw stones internally to nudge countries into compliance with buttressed counter-crime controls, it must also protect its own glass house from criticism tied to its latest listing for countries accused of a being a tax haven, easily adding the small Caribbean country of Dominica, but leaving off serial scofflaw, but powerful ally Turkey.

As for internal problems, the EU has taken aim at several countries in its latest infringements package released last week, even one considered the economic heart of the union.

The EU commission has sent letters of formal notice to Germany, Portugal and Romania for “incorrectly transposing the 4^th Anti-Money Laundering Directive (AMLD4). The transposition deadline for AMLD4 was 27 June 2017,” the EU stated, noting several gaps that could open the door to criminal groups and terror cells to cleanse ill-gotten gains or fund attacks.

The EU found fault with “fundamental aspects of the anti-money laundering framework,” in the named countries, including failings tied to the proper exchange of information with Financial Intelligence Units (FIUs), requirements of customer due diligence and adequate cooperation between FIUs and the transparency of the central beneficial ownership registers.

In recent iterations, the directives have ratcheted up fincrime compliance in different focus areas, spurred by criminal and terror trends, the changing payments landscape, like cryptocurrencies, or to address longstanding gaps and investigative barriers, such as blind spots in corporate ownership transparency.

A weakness for one is a vulnerability for all

The countries have two months to reply with a satisfactory reply to the arguments raised by the Commission, according to the commission, or they will notch up to the next step of a reasoned opinion.

If the commission still doesn’t like what it sees, the countries could be sent before the EU Court of Justice and, finally, face expensive daily fines until compliance rules are updated and implemented to the satisfaction of EU evaluators.

To read the full EU Commission February Infringements Package on country AML issues, click here.

“The fight against money laundering and terrorist financing is key to ensuring financial stability and security in Europe,” the commission stated in its package. “Nevertheless, in recent times, money laundering scandals have revealed the need for stricter rules at EU level. Legislative gaps occurring in one Member State have an impact on the EU as a whole.”

The scandals the EU is referring to have their still-rumbling epicenter tied to Danske Bank, which is under investigation in several countries, including the United States, tied to more than 200 billion euros ($220 billion) of transactions through its branch in Estonia between 2007 and 2015.

Many of those transfers the bank has openly admitted were suspicious in nature and tied to higher risk regions, including Russia.

Media outlets, pundits and prognosticators have estimated Danske could face billions of dollars in fincrime compliance penalties and many times more than that in remediation and consultation engagements in the jurisdictions it operates.

Other banks linked to Danske and the Russian funds flows, including Swedbank, SEB and others have paid nearly half a billion dollars in AML penalties and seen top executives and board members sacrificed at the altar of progress in a show of force and fealty to please regulators and pledge obeisance to investigators.

Some EU member states face unenviable task of juggling updates to multiple AML directives

Just roughly a year ago – which seems like a decade with the COVID-19 pandemic upending personal and professional lives across the public and private sectors in 2020 – the EU commission took aim at a different crop of countries for failing to live up to AML ideals, that time around tied to the AMLD5.

In February 2020, the EU formally threatened Cyprus, the Netherlands, Spain and five other countries for tarrying on implementing updated financial crime compliance defenses, an effort further complicated by another banking watchdog at the time also bolstering guidelines on how institutions should broadly calculate financial crime risks.

At that time, the EU sent letters of formal notice to Cyprus, Hungary, the Netherlands, Portugal, Romania, Slovakia, Slovenia and Spain for not having properly updating and transposing measures for AMLD5 – rules updated more than two years ago with, as we noted above, a January 2020 deadline.

The 27 EU states were required to enact by January tighter rules to counter dirty-money risks in a wide range of sectors, including cryptocurrency exchanges, prepaid cards and shell companies, with failures in implementing AMLD5 made all the more galling by the Danske Bank scandal, which shook the foundations of the bloc and perception it is a safe and stable place for clean money.

At the supranational level, the Danske scandal has caused European Union financial oversight bodies and regulators, at the country and bloc level, to engage in a game of naming, blaming and shaming, with accusations and recriminations at all levels on how and why the Danske Bank scandal could occur in the first place and fester for so long under the noses of examiners.

In 2019 and into 2020, the EU pushed more forcefully to create a dedicated pan-bloc AML oversight and enforcement body that would put regional regulators in the hot seat and better attempt to see fincrime vulnerabilities happening across multiple member states.

That would address the tactics of large, sophisticated organized criminal groups, corrupt oligarchs and terror networks, cabals that purposefully spread transaction trails through the real and virtual worlds and across multiple banks, jurisdictions and payment types, like prepaid cards and money remitters, to make seeing their full financial mosaic as difficult as possible.

Taken together, the tacit message to banks in Europe is one that should not be ignored: Get your fincrime compliance house in order because more regulators will be looking more aggressively at your program and if they don’t like what they see, be prepared to react, and act, quickly – or face harsher sanctions and less leeway than in years past.

Fear of terror attacks, focus on finance again on the minds of EU authorities

One of the driving reasons for the updates to the updates under AMLD5 was a focus on terror finance, one of the most challenging areas of investigations as in many cases the source of the funds is legal and attacks can be financed for hundreds of dollars – and move in wire and cash transactions far under reporting thresholds.

The rules were proposed in 2016 by the EU Commission after the Paris terrorist attacks, which killed more than 130 people, causing rage to bubble over in the form of broader and deeper compliance rules in a bid to make it more difficult for terror groups to fund attacks on foreign soil.  

How to respond to terror groups has risen again to be a top agenda item for the EU.

In December, the EU released an updated “Counter-Terrorism Agenda” with overarching themes tied to being able to “anticipate, prevent, protect and respond” to actual or potential attacks.

To read the full EU counter-terror update, click here.

“The recent spate of attacks on European soil have served as a sharp reminder that terrorism remains a real and present danger,” the commission stated. “As this threat evolves, so too must our cooperation to counter it.”

The Counter-Terrorism Agenda includes several measures:

• Identifying vulnerabilities and building capacity to anticipate threats: Security research will help enhance early detection of new threats, whilst investing in new technologies will help Europe’s counter terrorism response stay ahead of the curve.
• Preventing attacks by addressing radicalization: this will include measures to counter the spread of extremist ideologies online, as well as actions to strengthen preventive action in prisons, rehabilitation and reintegration of radical inmates, and actions to improve knowledge sharing.
• Promoting security by design and reducing vulnerabilities to protect cities and people: the EU will step up efforts to ensure physical protection of public spaces including places of worship, and critical infrastructures. The Commission will support Member States in ensuring such systematic checks at borders.
• Stepping up operational support, prosecution and victims’ rights to better respond to attacks: the Agenda puts forwards several initiatives to improve police cooperation, including an EU police cooperation code.
• Removing legal stumbling blocks: The Commission will work with Member States to identify possible legal, operational, and technical solutions for lawful access to encrypted digital evidences, while protecting privacy and security of communications, The Commission will work to enhance the protection of victims of terrorist acts, including to improve access to compensation.

Part and parcel of this effort is a stronger mandate for Europol to act as a data gateway and information sharing hub both in and out of Europe.

In December, the commission also proposed strengthening the mandate of Europol, the EU Agency for law enforcement cooperation.

In addition, in the context of on-going efforts to detect Foreign Terrorist Fighters, the Commission proposes to enable Europol to enter information on terrorist suspects based on third-country sourced information in the Schengen Information System, the “most widely used information-sharing database in the EU,” with the goal of providing real-time information to police officers and border guards.

“Given that terrorists often abuse services offered by private companies to recruit followers, plan attacks, and disseminate propaganda inciting further attacks, the revised mandate will help Europol cooperate effectively with private parties, and transmit relevant evidence to Member States,” according to the commission.

EU must defend tax haven blacklist against playing politics

When it comes to fighting the full spectrum of financial crime, the same gaps, impenetrable ownership structures and regions with weak compliance defenses that help terror groups raise and move funds also help entities evade tax authorities.

This month also saw the latest update to the EU’s “list of non-cooperative jurisdictions for tax purposes,” commonly referred to as the tax haven blacklist.

To read the full briefing, click here.

The tax blacklist was an initiative started in late 2017 along with other efforts to create a related AML blacklist to both help financial institutions in the bloc risk rate jurisdictions and for the EU to be seen as a global thought leader in compliance and investigations.  

The current list adopted by the Council on Monday is composed of:

• American Samoa
• Anguilla
• Dominica (new)
• Fiji
• Guam
• Palau
• Panama
• Samoa
• Trinidad and Tobago
• US Virgin Islands
• Vanuatu
• Seychelles

But officials and tax watchdog groups wondered: Why is turkey not on the list, according to the Organized Crime and Corruption Reporting Project. To read the full story, click here.

“After repeatedly missing deadlines to exchange tax information with EU Member States, Turkey remained on the ‘gray list’ due to what Paul Tang, Chair of the European Parliament’s subcommittee on tax matters, insinuated to be its political leverage,” according to the OCCRP.

In a statement on Tuesday, he said that the list is “confusing and ineffective,” and that “political games need to be removed from the listing process so that a country can avoid being listed only through reforms rather than through a diplomatic offensive,” the group noted.

Portugese Finance Minister Joao Leao defended the Council’s decision, saying that member states “were able to make progress in cooperation with Turkey on tax matters, so it was not added to the list,” according to the transparency champion.  

His explanation did not sway critics.

Rasmus Corlin Christensen, an economist at the Copenhagen Business School said on Twitter that the EU’s real motivation was the following: “We’re close to Turkey so, despite them objectively qualifying, we’ll do anything to keep them off the blacklist – unlike if it’s a far-off island economy.”

“The EU tax haven blacklist remains a farce,” he added, as noted by the OCCRP.