In 2015, the European Parliament passed a directive “on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing”. Under this article, member states were obliged to ensure access to beneficial ownership to those with a legitimate interest.
In 2018, this was extended to any member of the general public without having the requirement to show this interest. Anti-money laundering (AML) progress was being made.
But all of a sudden, the European Court of Justice (ECJ) is backpedalling on these rulings. The ECJ has now ruled that access to any beneficial ownership register is “invalid for any member of the general public”.
Why has it suddenly arrived at this opinion? And what does this mean for compliance professionals in the fight against dirty money?
The ECJ has announced that the general public's access to information on beneficial ownership constitutes "a serious interference with the fundamental rights to respect for private life and to the protection of personal data".
In short, a case in Luxembourg involving a company, one of its beneficial owners and a request “to restrict the general public’s access to information concerning them” was first presented to Luxembourg District Court. The court then referred questions around the case to the ECJ for a ruling on the interpretation of the European anti-money laundering directive.
The ruling is specific to the EU context and legislation. The ECJ considered that the public's general access to the register is not "strictly necessary" for combating money laundering and terrorist financing and that it could lead to potential abuse of personal data for beneficial owners.
The ECJ has stated that the legal approach taken in the EU 5th Anti-Money Laundering Directive does not appropriately balance privacy and public access, and that public access was not sufficiently justified solely for the purpose of fighting financial crime.
What does this mean for compliance professionals?
Initiating AML and Customer Due Diligence (CDD) on European corporate entities is going to become much more difficult: it will take more time to identify any beneficial owners for verification.
The ruling was made on the 22nd of November and, as of 30th of November, the following European Ultimate Beneficial Ownership (UBO) registers are now offline:
- Luxembourg (RBE)
- Netherlands (KVK)
- Germany (Transparenzregister)
- Austria (BORA)
- Ireland (RBO)
- Malta (MBR)
Compliance professionals should also consider other sources to obtain this information, such as shareholding registers and beneficial ownership structure charts, and explore how they might verify this information, for example, with certification.
The time taken to onboard customers from these jurisdictions is also likely to increase - this needs to be accounted for in the onboarding process. For these jurisdictions, it's integral to begin the due diligence process as early as possible to account for the manual collection of information.
Concluding thoughts: a blow
It feels as if we’ve taken a backwards step in the fight against illicit money laundering activity. Public UBO registers are a key tool in identifying and understanding beneficial ownership structures. They help provide an initial picture of who is involved in the entity in terms of control and ownership. The loss of transparency and access to this data is a blow for reporting entities who onboard European customers and presents another barrier to compliance.
In light of these changes, compliance professionals need to maintain a culture of compliance in their entities and provide education and training on the details and effects of the ruling. It’s hard to know if this ruling will stick or how it will unfold in the longer term. For now, it simply triggers the necessity for reporting entities to take stock of and refresh their AML and CDD processes.
About First AML
First AML is an AML technology provider, and the maker of Source, an all-in-one AML platform. Source powers thousands of compliance experts around the globe to reduce the time and cost burden of complex and international entity KYC. Its enterprise-wide, long term approach to the KYC / CDD data lifecycle addresses time and cost challenges while minimising compliance, reputational and security risks.