Money Laundering Compliance: Current Requirements and How to Meet Them

Money Laundering Compliance:
Current Requirements and How to Meet Them

The German Anti-Money Laundering Act (AMLA) places a heavy burden of responsibility on those subject to its provisions in the fight against money laundering and terrorist financing

As a result of the recent financial scandals (e.g. Panama Papers) and the financing of terrorist groups in the terrorist attacks in Paris and Brussels, the EU has taken countermeasures with the 5th EU Money Laundering Directive. With it, money laundering prevention is now centered around a new risk-based approach. Obliged entities are required to implement effective risk management that addresses money laundering concerns and includes (group-wide) risk analytics and internal safeguards. Since January 1, 2020, based on the 5th EU Money Laundering Directive, the requirements for money laundering-related risk management have again increased, in particular also for goods traders and real estate agents. With the new Anti-Money Laundering Act, these requirements have now been enacted in Germany.

The main changes are outlined in the following chart.

Die Grafik zeigt die wichtigsten Änderungen, durch die 5.EU-Geldwäscherichtlinie. Diese sind: Erweiterung Verpflichtetenkreis, Transparenzregister, verschärfte Sorgfaltspflichten, gruppenweite Geldwäschepflichten, Stärkung der Befugnisse der FIU, Verpflichtung der öffentlichen Hand bei Versteigerungen.

The group of obligated parties under the AMLA

The first question that arises is which companies are deemed obliged entities within the meaning of the AMLA. These are named conclusively in section 2 (1) AMLA. In addition to companies in the financial services sector – credit and financial services institutions and certain insurance companies – this also includes a number of companies in the non-financial sector.

These include:

  • lawyers and notaries
  • real estate agents
  • goods traders

Particularly in the case of companies with a group structure, it stands to reason that such identification across all subsidiaries can be quite challenging. Even more so if parts of the company are located abroad and the applicable national regulations must also be observed. In addition, there are numerous exceptions that make the identification of obliged entities increasingly difficult: for example, social insurance carriers or the Federal Employment Agency are not among the addressees of the AMLA, even if they would be subject to the Money Laundering Act according to the criteria set out in section 1 of the German Banking Act (KWG).

Risk analysis: starting point and focal point of money laundering compliance

Risk analysis is the starting point of money laundering compliance. Pursuant to s5 AMLA, obliged entities are required to identify and assess the money laundering-related risks of their transactions through risk analysis. The specific design of the risk analysis is the responsibility of the obliged company. However, the AMLA provides some indications as to when the analysis is to be considered appropriate.

The challenge for obliged entities is now to apply the risk indicators to their specific company and to prepare a coherent analysis from which appropriate measures can be derived.

Internal safeguards

The internal security measures are based on the risk analysis mentioned above. They are the procedural focus and serve the purpose of effectively preventing money laundering. Companies that fail to implement the new legislation on security measures run the risk of high fines.

The foundation of internal safeguards is formed by internal policies, procedures, and controls. They are the framework within which all other measures are put into context and integrated to achieve specific money laundering-related compliance.

On top of that, the legislation includes several additional measures in section 6 et seq. AMLA, which are listed below as examples:

  • Fulfillment of customer-related due diligence obligations (section 10 et seq. AMLA). This includes verifying the existence of a beneficial owner “behind” the contractual partner and clarifying the latter’s possible status as a “politically exposed person”.
  • Group-wide compliance with obligations (section 9 AMLA): The Group Compliance Rule states that risk analysis and resulting measures must be carried out and implemented uniformly for all companies belonging to the group. According to section 9 AMLA, obliged companies that are parent companies of a group, as well as subordinate branches, branch offices and companies in Germany or abroad, are now subject to obligations under money laundering legislation. If the group companies are located in a third country whose minimum requirements for money laundering prevention are less stringent, the requirements of the German Anti-Money Laundering Act must be implemented to the extent permitted by the law of the third country.
  • Independent review of adequacy and effectiveness: The independent review of the aforementioned measures constitutes the conclusion of effective money laundering compliance.
  • Appointment of an Anti-Money Laundering Officer.
  • Diligence in the selection and briefing of employees.

Step by step to effective money Laundering compliance: the individual steps

The following steps must be considered when setting up or rolling out an effective and appropriate money laundering prevention system:

  • Determine whether and to what extent your company is affected by the legal requirements for money laundering prevention. This is best done by means of an assessment that covers all aspects of the relevant section 2 of the German Anti-Money Laundering Act (AMLA)
  • Perform a gap analysis of the existing money laundering prevention system
  • Derive due diligence obligations and internal security measures based on the current legal requirements and a company-specific catalog of measures
  • Design and develop internal policies, procedures, and controls in terms of an effective and compliant risk management system for money laundering concerns
  • Develop and implement a company-specific risk analysis
  • Prepare relevant governance documents, such as work instructions, guidelines, etc.
  • Query publicly available registers
  • Check embargo and terror lists
  • Check status as a politically exposed person (PEP)
  • Identify and verify beneficial owners
  • Categorize transactions into risk classes

Can we support you? Contact our experts!

With WAVESTONE, you have a strong partner at your side.
We look forward to your challenge!