Fourth Money Laundering Directive - What's the risk?
The risk assessment proposals are a prime example and are in line with the Financial Action Task Force Recommendations. They are intended to ensure that at national level and at "regulated entity" level, resources are targeted at the areas of greater anti money laundering (AML)/counter terrorism financing risk.
Under the Third Directive, there was a requirement for regulated entities to undertake risk assessments, but the current proposals go further.
Every Member State must undertake a national risk assessment (NRA) to identify and assess the risks of money laundering and terrorist financing in their country. Supranational risk assessments may be required in due course in certain areas.
The UK's NRA is expected to be completed during 2014. HM Treasury, in close partnership with the Home Office, is engaging closely with the regulators. The aim is that the NRA will ensure the government's understanding of ML/TF risks is informed by sector specific insights and expertise. The NRA should also provide valuable insights for supervisors as to the concerns of law enforcement and the wider AML/CFT risk profile within the UK.
Regulated entities in other countries will no doubt seek information from the relevant authority about the current position.
The NRA will be an important tool for regulated entities and should inform their own risk assessments. Regulated entities, such as banks, are unlikely to see the new requirements as a major concern, because they will already be assessing their risks, documenting the risk assessments and may already be required to share those risk assessments with their regulator.
However, other regulated entities, particularly the designated non-financial professions and businesses such as casinos, accountants, lawyers and estate agents may not be undertaking written risk assessments in all Member States at present. Even if they are, are they required to show them to the regulator?
The obligation as currently drafted is to take appropriate steps to identify and assess the ML/TF risks, taking into account risk factors including customers, countries or geographic areas, products, services, transactions or delivery channels. There is a proportionality provision and the assessment must be documented, kept up to date and made available to the regulator. Therefore now is a good time to review your risk assessment and make sure it is up to date.