Already in effect in EU member states since 3 December 2020, financial institutions must implement the Sixth Anti-Money Laundering Directive (6AMLD) by 3 June 2021.

While it requires less changes than previous anti-money laundering directives, 6AMLD brings clarity to specific regulatory details to close loopholes, toughen penalties, and encourage greater cooperation. Importantly, the Directive empowers financial institutions and states to do more in the fight against money laundering and the financing of terrorism.

It has been ushered through quickly because of the pandemic speeding up the digitalisation of financial services, and therefore increased opportunities for savvy cybercriminals.

Harmonises the definition of money laundering across borders

6AMLD delivers greater clarity around the definition of money laundering – a growing problem – by removing gaps in member states' domestic legislation that could see criminals avoid prosecution. To achieve this the list of predicate offences has been expanded to 22 different crimes which now directly constitute money laundering.

This new list is significant because it’s the first time that time cybercrime has been featured in this context in an EU Money Laundering Directive. 6AMLD also lists as offences insider trading, aiding and abetting money laundering, environmental crime, and human trafficking and migrant smuggling. This makes it much easier for member states to investigate and prosecute these offences.

In response, financial services organisations need to train or retrain employees and adjust their AML and know your customer (KYC) programmes to ensure that they can successfully detect suspicious activities linked to these predicate offences.

Extension of criminal liability

No longer will only individuals be prosecuted for money laundering offences. With 6AMLD criminal liability is extended to cover any ‘legal persons’ involved – like companies and partnerships. ‘Legal persons’ might be consultants, lawyers, or accountants, an individual or business, acting on a company’s behalf. Individuals and firms can both be prosecuted for money laundering crimes simultaneously or separately.

The new Directive also takes into account ‘acts of omission’ too. Therefore, when individuals in key, senior positions, such as a director, have failed to ensure that proper compliance controls are in place to identify and prevent a crime from occurring they could be liable to prosecution.

Tougher punishments

6AMLD requires EU member states to implement harsher penalties. The set minimum prison term for money laundering offences will be extended from one year to at least four years. There will also be tougher punishments for corporate offenders with much stricter sanctions in line with those for individual offenders. These include: being disqualified from the practice of commercial activities, whether permanently or temporarily; going under judicial supervision; or the closure of the business used for committing the offence.

Increased cooperation and jurisdiction

Criminality, when it comes to money laundering, can often take place across the borders. A crime might be committed in one country with the laundering of the financial proceeds in another.

6AMLD addresses this issue of dual criminality by introducing specific information sharing requirements. This will see EU member states involved in a prosecution cooperating to centralise legal proceedings within a single jurisdiction.

Also, with 6AMLD member states must criminalise money laundering linked to six specified predicate offences, even if that conduct is lawful in the jurisdiction where it was committed. These six offences include: participation in an organised crime group and racketeering; terrorism; human trafficking and migrant smuggling; sexual exploitation (including children); illicit trafficking in narcotics and psychotropic substances; and corruption.

What about UK-based financial institutions?  

The British Government has taken the decision to opt-out of complying with further AML regulation. It believes that domestic legislation is already largely compliant with the Directive’s measures and, in many cases, goes further than what the 6AMLD proposes. For instance, in the UK the maximum penalty for money laundering is fourteen years, exceeding the new four-year minimum required by 6AMLD; and aiding and abetting offences of assisting, encouraging, and attempting to launder money is already a criminal matter.

Nevertheless, UK-based businesses in the financial sector that operate within the EU’s jurisdiction will need to comply with the changes set out in 6AMLD.

For successful AML / KYC screening access clean global consumer data

To be ready for 6AMLD, those in financial services need to know their customers, whoever they are. This requires access to billions of consumer records worldwide from reputable data streams. These include Government agency, credit agency, and utility records for cross-check and verification purposes. Having access to such data will ensure vital proof of address information is obtained – a key part of any KYC / AML screening. Additionally, access to up-to-date watch lists, such as politically exposed persons (PEP) data as part of this dataset, is crucial.

Importantly, the checks leveraging this data must take place in real time to avoid slowing the customer onboarding process, and avoid a negative impact on the customer experience.

It should be data that originates from a single source to avoid the need for numerous costly suppliers in different markets, which can often result in inconsistent ID data and supply chain management issues.

Support 6AMLD compliance with MRZ and ORC ID document scanning and biometrics

With remote onboarding financial institutions must use machine readable zone (MRZ) and optical character recognition (OCR) technologies to collect customer ID and obtain crucial information. This makes sure the ID is genuine as well as validated in real time. The photo ID embedded in these scanned documents supports biometric ID verification, such as facial recognition, which can also help securely speed up customer engagement.

Liveness checks, such as eye movement, must be delivered by biometric technology for proof of life confirmation. It’s because fraudsters are increasingly using creative methods like 2D images and video playback to try to trick facial recognition technology and ‘prove’ they are the person they are impersonating. In fact, this process can lead to financial services organisations receiving a due diligence report related to AML and KYC that can be used to demonstrate their compliance when it comes to regulatory checks.

6AMLD demonstrates the EU's resolve to crack down on money laundering to bring consistency to AML and CFT (Combatting the Financing of Terrorism) regulations across all member states. To prevent money laundering and avoid the severe sanctions this Directive brings, it's time for financial services organisations operating within the EU to ensure they are prepared for it by the June deadline day. The best place to start is to have access to billions of consumer records worldwide for ID verification purposes. This will ensure financial institutions effectively identify and verify individuals across borders. They should also undertake document scanning with MRZ and ORC technology, which will also enable delivery of biometrics that will securely speed up engagement with customers. By implementing these processes those in financial services not only lessen the burden of compliance, but ensure they are well prepared for more stringent global regulations in the future.