As part of the EU commitment to improving AML controls, the European Commission and its individual member states are required to produce regular reports on the levels and typologies of AML and TF threats which exist and are active in the EU.
This is because individual firms alone are not capable of assessing all of the current and active threats and trends across Europe, purely because they do not have access to the intelligence or data that could allow them to develop such a risk assessment.
The resulting report assesses the different industries and assesses how significant (on a scale of lowly significant (1) to very significant (4)) the Commission believes the money laundering and terrorist financing threat and vulnerabilities within the product are and highlighting the typologies that firms should be aware of.
It should be noted that the final report for 2017 was produced
pre-4 MLD and highlights the weaknesses that come from simplified due diligence, which is a loophole that has been reduced heavily under 4MLD and will be compacted even further by 5MLD. As such our focus has been on aspects not already addressed by 4MLD.
The following is a summary of the prime risks associated with payments, e-money and currency exchange.
The report states it includes a number of different payment services including money value transfer services' (MVTS) and card issuing, but covers a number of different industries inside of the heading of payments, which impedes the strength and useability of the assessment for firms slightly.
The prime risk noted is that 'payment services allow cross-border transactions that may rely on different mechanisms of identification (depending on national legislation) that may lead the terrorists to use false identity'. While it is noted that specific skills are needed by terrorist and criminal groups to do this, these skills are widespread and known within terrorist groups and money laundering circles.
The risks identified are ascribed to the use of new payment methods and delivery channels such as mobile or internet payment, which increase the capacity of individuals to be anonymous. This, when combined with the interactions of high-risk customers in high-risk locations are considered to be the biggest risks.
Further consideration was also paid to payment service providers who utilise agent relationships, focusing on ensuring agents are fully aware of and committed to their AML requirements and ensuring member states put emphasis on the supervisor of the agent relationship to regularly inspect and review both the onsite provisions and the training of the agents in the relationship.
Overall the risk of payment services is considered to be only moderately significant, whereas the risks associated with MVTS is considered to be very significant. The prime difference in outcomes is that MVTS are typically associated with high street, cash based remittance services that allow funds to be sent anonymously to higher risk locations with limited due diligence.
The provisions of 4MLD and revised EU wire regulations sought to reduce these risks further by requiring that ID is provided for all transactions which are initiated in cash and so this risk has been largely closed.
The report also suggests that all member state supervisors should carry out an inspection of the sector within the next two years, which could lead to a large increase in the level of regulatory oversight that remittance firms are seeing.
It should be noted that for electronic money, the assessment points out that 'certain e-money products require identification of the owner, others allow owners to remain anonymous,' which is a risk that has been reduced under
4MLD. However, the report highlights that non-anonymous products where limited or no identification processes are performed are open to abuse through 'circumvention of verification measures by using fake or stolen identities, or using straw men or nominees etc.'.