August 22, 2018
With the modernisation of the payment market and the emergence of fintech companies, confusion and uncertainty have increased as to the proper implementation of legislation designed to prevent money laundering and the financing of terrorism. In particular, businesses whose activities relate to virtual currencies – their exchange and/or sale, with the aim of simplifying and speeding up the provision of services to customers – find it in complicated to comply with the strict legal requirements in this sphere. Even companies that have operated in the financial market for several years still experience problems.
On 13 July 2017, a new edition of the Law of the Republic of Lithuania on the Prevention of Money Laundering and the Financing of Terrorism was passed. This implements the Directive of the European Parliament and of the Council (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing. The new Directive imposes additional obligations on financial institutions. First, it brings changes to the customer/beneficiary identification processes and customer risk assessment, as well as imposing appropriate preventive measures in response to identified risks. So far, not all participants in the financial market and other associated entities have succeeded in enforcing the legislation.
The current Law of the Republic of Lithuania on the Prevention of Money Laundering and the Financing of Terrorism defines the procedure to be used by financial institutions and other entities required under the law, to identify clients and beneficiaries. In accordance with the requirements of the law, the responsible entities must collect, verify and preserve statutory data and documents, as well as ensure the continuing accuracy of the customer’s data via regular reviews and updates. Under the law, in cases where the identity of the client is established in his/her physical absence, the responsible entities must undertake additional checks. The responsibility for fulfilling the requirements established by law for the identification of the client or beneficiary in such cases lies with the financial institutions or other responsible entities.
Although it is indisputably necessary to prevent money laundering and the financing of terrorism, the requirements discussed above often complicate the operations of participants in the financial market, especially in cases where a client’s identity is verified in his/her physical absence. In these cases, the financial institution or other responsible entities must verify the client’s identity from documents provided by the client. Meanwhile, verifying the authenticity and legality of these documents remotely may be quite complicated. Existing legal regulations also oblige financial institutions and other responsible entities to verify the identity of a client or beneficiary on the basis of documents, data or information obtained from a reliable and independent source. In cases where the client is a citizen of Lithuania or an enterprise registered in Lithuania, it is possible to verify information provided by the client in public registers such as the Centre of Registers, the Register of Legal Entities and other publicly available databases. Where a client is a foreign entity, the identification process is considerably more complicated: data sources must be used from the country of the client’s registration. In some cases, it may be difficult to ascertain the independence and reliability of these sources.
Measures directed against money laundering and the financing of terrorism may also result in inconvenience to clients: to establish business relations with financial institutions and / or other responsible entities, clients are not only required to submit documents in the relevant legal form, but in some cases they must also provide information about the sources of income, or provide independent and reliable sources via which their data can be verified.
A potential client must undertake a number of actions in order to open a payment account with a participant in the financial market. This may encourage the potential client, especially if it is a foreign entity, to instead choose a payment service provider in its own country of registration, or in a more favourable jurisdiction. Along with strict client identification requirements, financial institutions and other responsible entities must fulfil other duties prescribed by law. Among these are the continuous monitoring of customer relations, which includes the examination of transactions concluded during the business relationship, in order to confirm that transactions executed are in line with the information available to the financial institution or other responsible entity about the client, its business, the nature of the risk and the source of funds.
In order to meet all of the requirements discussed, financial institutions and other responsible parties must not only implement appropriate systems of internal control, but also ensure sufficient human resources. As the prevention of money laundering and terrorist financing is a continuous process, financial institutions and other responsible parties usually employ an internal team to ensure compliance with the law. However, because requirements for the prevention of money laundering are relatively new, and are constantly being tightened, it is not always easy to find professionals in this field. Setting up a compliance team of competent specialists may become a long and complicated process. For smaller and new companies, it may also represent a substantial administrative burden.
It should be noted that on 30 May 2018, the European Parliament and the Council (EU) issued Directive 2018/843, amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purpose of money laundering or terrorist financing. This Directive imposes additional requirements upon responsible entities, and makes certain changes to the process of identifying final beneficiaries, as well as to other processes for the prevention of money laundering and terrorist financing. The requirements of the new Directive will be also mandatory for service providers involved in handling virtual currencies and those decreed as cryptocurrencies.
Evidently, the implementation of current legislation to prevent money laundering and terrorist financing impose many obligations on financial institutions and other responsible entities. Compliance requires not only resources, but also effective and continuous process management. As a rule, it is easier for established participants in the financial markets to comply with the regulations than it is for smaller companies and new entrants to the market. Even so, cases occur in which even established banks fail to meet the new regulations. With the ongoing modernisation of financial markets and the rapid development of new technologies, new possibilities will open up for money laundering and terrorist financing. This will require further tightening of the legal regulation imposed on financial institutions and other responsible entities. These entities must therefore introduce effective preventive measures. Inevitably, the prevention of money laundering and terrorist financing will become no less important an activity for these institutions than their other core functions.
By Snaigė Židonytė, Junior Associate at CEE Attorneys Lithuania
