The year is almost over, so there’s no better time to recap all the most important anti-money laundering (AML) regulations of 2021.
Countries all over the world are constantly amending their AML regulations to counter the latest money laundering and terrorist financing strategies. Recent innovations like non-fungible tokens (NFTs) and stablecoins—while generating considerable hype and investment—have presented new security challenges, and regulators are taking note. This has led to a range of new AML laws worldwide, which businesses must follow to avoid heavy fines and penalties.
The Financial Action Task Force (FATF) is a global AML standard-setting authority that aims to combat terrorist financing and prevent organized crime. While FATF recommendations are not legally binding, an increasing number of countries are becoming FATF members and following the authority’s recommendations. Therefore, when it comes to local regulators, chances are they’re also following FATF recommendations. So businesses should monitor the FATF’s changing AML policies to avoid penalties in the jurisdictions where they operate.
In 2015, the FATF released guidance which extended its recommendations to the crypto sector. The guidance was updated in 2018 and 2019, clarifying requirements for centralized platforms operating as intermediaries in transactions.
This past year, the FATF renewed its guidance to account for the increasing adoption of NFTs and stablecoins. On October 28th, 2021, the FATF finalized these updates, clarifying the terms “virtual assets” (VA) and “virtual assets service provider” (VASP):
In addition to the above, the FATF also clarified its position in several other areas:
Stablecoins have become a popular alternative to national currencies, with more investors using them in financial transactions. Therefore, the FATF now considers stablecoins as either VAs or traditional assets, recommending that providers of stablecoin-related services comply with AML regulations.
The latest guidelines specify the obligations of decentralized services. Accordingly, owners and operators of decentralized services must comply with AML regulations if they perform financial operations using VAs on behalf of their customers. However, developers of decentralized services don’t fall under the regulations.
The Travel Rule requires financial institutions and VASPs to collect and share the personal data of participants in transactions exceeding 1,000 USD/EUR. The FATF has consistently amended this rule to prevent money laundering and terrorist financing in peer-to-peer transactions. The new guidelines expand the number of obligated businesses and require financial institutions and crypto businesses to collect information on senders and recipients of virtual assets.
The FATF now encourages national authorities in member countries to share information about VASPs with each other. With these changes, the FATF aims to create a higher level of transparency among its members, as well as stronger protections against money laundering. For businesses, these new guidelines will mean greater implementation of KYC to avoid fines and penalties.
You can learn more about the updated FATF regulations in another Sumsub article: FATF Targets Decentralized Finance in Its Revised Guidance on Virtual Assets
The Federal Financial Institutions Examinations Council (FFIEC) is a U.S. interagency body established to promote uniform supervision of financial institutions, holding companies, and non-financial institution subsidiaries. Among other areas, FFIEC is in charge of updating the Bank Secrecy Act (BSA) to fight money laundering activities. In 2021, the BSA, also known as the “Anti-Money Laundering Examination Manual”, was updated twice—in June and December.
Upon releasing its June 2021 updates, the FFIEC specified that “updates should not be interpreted as new instructions or as a new or increased focus on certain areas.” Instead, these updates aim to “offer further transparency into the examination process and support risk-focused examination work.” The release focuses on four AML topics:
The first four measures can now be enforced without prior notice, but for a limited period. Meanwhile, the last measure can only be imposed after the public has had an opportunity to comment on the proposed rule.
If the BSA’s June update focused on the examination processes, the December updates concentrated on customers. The manual introduces a new chapter devoted to customers, which states that no given customer should automatically fall into a high-risk category. Instead, each case should be analyzed individually by financial institutions. Moreover, the institutions should not be prohibited from providing services to customers that fall into a high-risk category.
In addition, the FFIEC updated chapters on three higher-risk types of customers:
Under the updated manual, the above customers are supposed to meet customer due diligence (CDD) requirements imposed by specific financial institutions.
To comply with the updated manual, businesses should pay attention to their risk assessment systems and ensure that their internal controls are designed to meet all examination requirements. If you want to learn more about BSA, check our article on the topic.
The Sixth Anti-Money Laundering Directive (6AMLD) was due to come into force on December 3, 2020, but businesses had time to implement them until June 3, 2021. Unlike FATF recommendations, 6AMLD has to be implemented by all EU Member States (except Denmark and Ireland). By introducing the new Directive, the EU aims to bring consistency to AML procedures across the bloc.
6AMLD expands on 5AMLD by recommending remote customer identification methods and legal online onboarding (making it equal to the face-to-face method). Besides that, 6AMLD clarifies certain terms and sets common AML standards across the EU. In particular, the new Directive introduces:
Similar to all other harmonizing initiatives in the EU, this one aims to define what falls under money laundering activities (e.g. tax crimes). 6AMLD provides a list of 22 such activities, introducing two new types of crime—environmental and cyber crime.
Under 5AMLD, penalties were applied only to those profiting from money laundering. 6AMLD expands penalties to include businesses “aiding and abetting” money laundering.
The new Directive states that only individuals can be punished for money laundering activities. At the same time, the definition of “individual” has been extended to legal persons and companies, making them liable for money laundering activities.
Under 6AMLD, the minimum prison sentence for money laundering activities is set at four years, up from a minimum of one year under 5AMLD.
In addition to 6AMLD, the EU has presented an AML legislative package that focuses on creating a new authority to fight money laundering and terrorist financing. The authority is planned to begin operating in 2024.
You can learn more about complying with the new Directive in the article 6AMLD is Here: Key Requirements and Compliance Challenges for Businesses written by Sumsub.
In 2021, the Securities and Futures Commission (SFC), an independent statutory body that regulates Hong Kong’s securities and futures markets, updated its AML guidelines for licensed corporations in Hong Kong. The updated SFC Guidelines introduce several initiatives:
As these updates show, the importance of identifying high-risk customers and fighting money laundering is increasing in Hong Kong. Therefore, businesses that operate there need to take additional measures to comply with AML requirements.
Read Sumsub’s article, Everything You Need to Know About Hong Kong’s New Crypto Exchange Licensing Regime, about the SFC’s cryptocurrency policy updates of 2021.
The Monetary Authority of Singapore (MAS) is Singapore’s central bank and integrated financial regulator. The biggest recent project of MAS was the introduction of a digital platform called “Collaborate Sharing of ML/TF Information & Cases” (COSMIC). The platform aims to help financial institutions share information on customers and transactions, preventing the spread of money laundering and minimizing information gaps between financial institutions.
The COSMIC initiative was published on October 1, 2021. The platform is in the early stages of development, and is supposed to launch in the first half of 2023. Moreover, the launch process will also be done in phases. The first phase will deal with the main issues regarding AML procedures, detecting the following activities:
It should be noted that not all information will be shared through COSMIC. This information will be shared only in cases if a financial institution is suspicious of a customer’s activities. Within COSMIC, financial institutions will be able to request and share information about such customers, as well as put out alerts on COSMIC’s watchlist.
While it’s difficult to provide updates on every single country’s AML regulations in one article, this overview can clarify some major global trends in the fight against money laundering and terrorist financing. If you want to learn more about updates in other countries, check out our blog. You can also subscribe to our newsletter to get all the latest news on compliance as well as our in-depth research articles.