REPORT on the proposal for a regulation of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing

Text proposed by the Commission

Amendment

(1) Directive (EU) 2015/849 of the European Parliament and of the Council23 constitutes the main legal instrument for the prevention of the use of the Union financial system for the purposes of money laundering and terrorist financing. That Directive sets out a comprehensive legal framework, which Directive (EU) 2018/843 of the European Parliament and the Council24 further strengthened by addressing emerging risks and increasing transparency of beneficial ownership. Notwithstanding its achievements, experience has shown that further improvements should be introduced to adequately mitigate risks and to effectively detect criminal attempts to misuse the Union financial system for criminal purposes.

(1) Directive (EU) 2015/849 of the European Parliament and of the Council23 constitutes the main legal instrument for the prevention of the use of the Union financial system for the purposes of money laundering and terrorist financing. That Directive sets out a comprehensive legal framework, which Directive (EU) 2018/843 of the European Parliament and the Council24 further strengthened by addressing emerging risks and increasing transparency of beneficial ownership. Notwithstanding the achievements of Directive (EU) 2015/849, divergent practices regarding its enforcement and the lack of correct implementation of minimum standards have led to a fragmented, incomplete and partially inefficient regulatory framework in the Union. Therefore, experience has shown that further improvements should be introduced to adequately mitigate risks, tackle divergences regarding its enforcement and implementation and to effectively detect criminal attempts to misuse the Union financial system for criminal purposes.

__________________

__________________

23 Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).

23 Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).

24 Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU (OJ L 156, 19.6.2018, p. 43).

24 Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU (OJ L 156, 19.6.2018, p. 43).

Text proposed by the Commission

Amendment

(2) The main challenge identified in respect to the application of the provisions of Directive (EU) 2015/849 laying down obligations for private sector actors, the so-called obliged entities, is the lack of direct applicability of those rules and a fragmentation of the approach along national lines. Whereas those rules have existed and evolved over three decades, they are still implemented in a manner not fully consistent with the requirements of an integrated internal market. Therefore, it is necessary that rules on matters currently covered in Directive (EU) 2015/849 which may be directly applicable by the obliged entities concerned are addressed in a new Regulation in order to achieve the desired uniformity of application.

(2) The main challenge identified in respect to the application of the provisions of Directive (EU) 2015/849 laying down obligations for private sector actors, the so-called obliged entities, is the lack of direct applicability of those rules and a fragmentation of the approach along national lines. Whereas those rules have existed and evolved over three decades, as a rule they are still implemented in a manner not fully consistent with the requirements of an integrated internal market. Therefore, it is necessary that rules on matters currently covered in Directive (EU) 2015/849 which may be directly applicable by the obliged entities concerned are addressed in this Regulation in order to achieve the desired uniformity of application.

Text proposed by the Commission

Amendment

(2a) In the current unstable situation of increased security threats, the Union legal framework for combating money laundering and terrorist financing should be strengthened and harmonised so as to close existing gaps and tighten up current regulations in order to hinder criminal activity in that area.

Text proposed by the Commission

Amendment

(2b) The illegal, unprovoked and unjustified military aggression against Ukraine has been strongly condemned by the Union and has led it to impose a severe embargo on Russian banks and oligarchs, while also highlighting schemes whereby money is laundered by Russian banks through Union banks services. It is important in that regard to recognise the potential that the long-term maintenance of sanctions has to reduce the risk of Russian money laundering in the Union.

Text proposed by the Commission

Amendment

(3a) The United Nations Office of Drugs and Crime (UNODC) estimates that between 2 and 5  % of global gross domestic product (GDP) is laundered each year. In addition, it is estimated that about 1,5% of the Union's GDP is subject to money laundering and only about 1 % of the money is ultimately confiscated1a. Therefore, it is essential that Member States, in addition to reinforcing the prevention of money laundering and terrorist financing, devote substantial efforts to recover ill-gotten money.

__________________

1a https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX%3A52021SC0190

Text proposed by the Commission

Amendment

(5) Since the adoption of Directive (EU) 2015/849, recent developments in the Union’s criminal law framework have contributed to strengthening the prevention and fight against money laundering, its predicate offences and terrorist financing. Directive (EU) 2018/1673 of the European Parliament and of the Council25 has led to a common understanding of the money laundering crime and its predicate offences. Directive (EU) 2017/1371 of the European Parliament and of the Council26 defined financial crimes affecting the Union’s financial interest, which should also be considered predicate offences to money laundering. Directive (EU) 2017/541 of the European Parliament and of the Council27 has achieved a common understanding of the crime of terrorist financing. As those concepts are now clarified in Union criminal law, it is no longer needed for the Union’s AML/CFT rules to define money laundering, its predicate offences or terrorist financing. Instead, the Union’s AML/CFT framework should be fully coherent with the Union’s criminal law framework.

(5) Since the adoption of Directive (EU) 2015/849, recent developments in the Union’s criminal law framework have contributed to strengthening the prevention and fight against money laundering, its predicate offences and terrorist financing. Directive (EU) 2018/1673 of the European Parliament and of the Council 25 has led to a common understanding of the money laundering crime and its predicate offences. Directive (EU) 2017/1371 of the European Parliament and of the Council 26 defined financial crimes affecting the Union’s financial interest, which should also be considered predicate offences to money laundering. Directive (EU) 2017/541 of the European Parliament and of the Council 27 has achieved a common understanding of the crime of terrorist financing. As those concepts are now clarified in Union criminal law, it is no longer needed for the Union’s AML/CFT rules to define money laundering, its predicate offences or terrorist financing. Instead, the Union’s AML/CFT framework should be fully coherent with the Union’s criminal law framework with the aim of improving public safety and protecting Union citizens.

__________________

__________________

25 Directive (EU) 2018/1673 of the European Parliament and of the Council of 23 October 2018 on combating money laundering by criminal law (OJ L 284, 12.11.2018, p. 22).

25 Directive (EU) 2018/1673 of the European Parliament and of the Council of 23 October 2018 on combating money laundering by criminal law (OJ L 284, 12.11.2018, p. 22).

26 Directive (EU) 2017/1371 of the European Parliament and of the Council of 5 July 2017 on the fight against fraud to the Union's financial interests by means of criminal law (OJ L 198, 28.7.2017, p. 29).

26 Directive (EU) 2017/1371 of the European Parliament and of the Council of 5 July 2017 on the fight against fraud to the Union's financial interests by means of criminal law (OJ L 198, 28.7.2017, p. 29).

27 Directive (EU) 2017/541 of the European Parliament and of the Council of 15 March 2017 on combating terrorism and replacing Council Framework Decision 2002/475/JHA and amending Council Decision 2005/671/JHA (OJ L 88, 31.3.2017, p. 6).

27 Directive (EU) 2017/541 of the European Parliament and of the Council of 15 March 2017 on combating terrorism and replacing Council Framework Decision 2002/475/JHA and amending Council Decision 2005/671/JHA (OJ L 88, 31.3.2017, p. 6).

Text proposed by the Commission

Amendment

(6) Technology keeps evolving, offering opportunities to the private sector to develop new products and systems to exchange funds or value. While this is a positive phenomenon, it may generate new money laundering and terrorist financing risks, as criminals continuously manage to find ways to exploit vulnerabilities in order to hide and move illicit funds around the world. Crypto-assets service providers and crowdfunding platforms are exposed to the misuse of new channels for the movement of illicit money and are well placed to detect such movements and mitigate risks. The scope of Union legislation should therefore be expanded to cover these entities, in line with the recent developments in FATF standards in relation to crypto-assets.

(6) Technology keeps evolving, offering opportunities to the private sector to develop new products and systems to exchange funds or value. While this is a positive phenomenon, it may generate new money laundering and terrorist financing risks, as criminals continuously manage to find ways to exploit vulnerabilities in order to hide and move illicit funds around the world. Crypto-assets service providers, non-fungible token (NFT) platforms and crowdfunding platforms are exposed to the misuse of new channels for the movement of illicit money and are well placed to detect such movements and mitigate risks. The scope of Union legislation should therefore be expanded to cover these entities, in line with the recent developments in Financial Action Task Force (FATF) standards in relation to crypto-assets. NFT platforms are not covered by the current definition of crypto-assets service providers under Regulation (EU) 2023/... [the MiCA Regulation] because they do not provide services in crypto-assets that are fungible and non unique. In order to close that gap and mitigate the associated risks of money laundering and terrorist financing, NFT platforms should therefore be included in the horizontal AML/CFT framework as a separate category of obliged entities.

Text proposed by the Commission

Amendment

(6a) Decentralised Autonomous Organisations (DAO) and other Decentralised Finance (DeFi) arrangements should also be subject to Union AML/CFT rules to the extent they perform or provide, for or on behalf of another person, crypto-asset services which are controlled directly or indirectly, including through smart contracts or voting protocols, by identifiable natural and legal persons. In such cases, DAO or DeFi arrangements should be considered to be crypto-asset service providers falling within the scope of Regulation (EU) 2023/... [please insert reference – proposal for a Regulation on Markets in Crypto-assets, and amending Directive (EU) 2019/1937 - COM/2020/593 final] and this Regulation, regardless of the commercial label or their self-identification as DAO or DeFi. Developers, owners or operators which fall within the scope of this Regulation should assess the risks of money laundering and terrorist financing before launching or using a software or platform and should take appropriate measures in order to mitigate the risks of money laundering and terrorist financing on an ongoing and forward-looking manner.

Text proposed by the Commission

Amendment

(6b) The virtual world offers new opportunities for criminals to hide and channel illicit funds by exploiting it to purchase and resell virtual items, such as virtual real estate, virtual lands and other high-demand goods. While there is currently no specific regulatory framework for the metaverse as the adoption of the metaverse expands and evolves, the risks of money laundering, terrorist financing and sanctions evasion substantially increase. Obliged entities should be aware of such risks and continue to comply with AML/CFT obligations when operating in virtual worlds, in relation to the activities and operations covered by this Regulation, such as legal professionals with experience in real estate, finance and intellectual property, which may get increasingly involved in such transactions, including when providing legal assistance or advice.

Text proposed by the Commission

Amendment

(9) Independent legal professionals should be subject to this Regulation when participating in financial or corporate transactions, including when providing tax advice, where there is the risk of the services provided by those legal professionals being misused for the purpose of laundering the proceeds of criminal activity or for the purpose of terrorist financing. There should, however, be exemptions from any obligation to report information obtained before, during or after judicial proceedings, or in the course of ascertaining the legal position of a client, which should be covered by the legal privilege. Therefore, legal advice should remain subject to the obligation of professional secrecy, except where the legal professional is taking part in money laundering or terrorist financing, the legal advice is provided for the purposes of money laundering or terrorist financing, or where the legal professional knows that the client is seeking legal advice for the purposes of money laundering or terrorist financing.

(9) This Regulation does not aim to regulate independent legal and tax professions, which take different forms across Member States, or to interfere with the essence of the role of defence of such professionals in the administration of justice and the rule of law, which underpins legal professional privilege. However, independent legal professionals, auditors, external accountants and tax advisors, who, in some Member States, are entitled to defend or represent a client in the context of judicial proceedings or to ascertain a client's legal position, also perform activities that are remote from the role of defence. Therefore, they should be subject to this Regulation when participating in financial or corporate transactions, including when providing tax advice or advice relating to citizenship or residence by investment schemes, where there is the risk of the services provided by those legal professionals being misused for the purpose of laundering the proceeds of criminal activity or for the purpose of terrorist financing. There should, however, be exemptions from any obligation to report information obtained before, during or after judicial proceedings which should be covered by the legal privilege. Exemptions should also be provided for activities performed in the course of ascertaining the legal position of a client, which should also be covered by the legal privilege to the strict extent that such activities aim at establishing the rights and obligations of clients, in contrast to non-legal advice. Therefore, legal advice should remain subject to the obligation of professional secrecy, except where the legal professional is taking part in money laundering or terrorist financing, where the legal advice, including in relation to tax matters or citizenship or residence by investment schemes, is provided for the purpose of money laundering or terrorist financing, or where the legal professional knows or suspects, on the basis of factual and objective circumstances, that the client is seeking legal advice, for the purposes of money laundering or terrorist financing or for the purposes of applying for residence rights or citizenship through investment schemes. It should be possible for Member States to adopt or maintain, with regard to specific transactions that involve a particularly high risk to be used for money laundering or terrorist financing, customer due diligence obligations for independent legal professionals, auditors, external accountants and tax advisors.

Text proposed by the Commission

Amendment

(10) In order to ensure respect for the rights guaranteed by the Charter of Fundamental Rights of the European Union (the ‘Charter’), in the case of auditors, external accountants and tax advisors, who, in some Member States, are entitled to defend or represent a client in the context of judicial proceedings or to ascertain a client's legal position, the information they obtain in the performance of those tasks should not be subject to reporting obligations.

(10) In order to ensure respect for the rights guaranteed by the Charter of Fundamental Rights of the European Union (the ‘Charter’), in the case of auditors, external accountants and tax advisors, who, in some Member States, are entitled to defend or represent a client in the context of judicial proceedings or to ascertain a client's legal position, the information they obtain in the performance of those tasks should not be subject to reporting obligations, except where the auditors, external accountants or tax advisors are taking part in money laundering or terrorist financing, the legal advice, is provided for the purposes of money laundering or terrorist financing, or where the auditor, external accountant or tax advisor knows has a well-grounded suspicion, on the basis of factual and objective circumstances, that the client is seeking legal advice, including in relation to tax matters or citizenship or residence by investment schemes, for the purposes of money laundering or terrorist financing and the legal advice sought is not connected to judicial proceedings. Member States should be able to adopt or maintain with regard to specific transactions that involve a particularly high risk of money laundering or terrorist financing additional reporting obligations to which the exemption from the requirements to transmit information does not apply. For that purpose, it should be possible for Member States to introduce specific provisions in national law on the application of the requirements applicable to such professionals under this Regulation.

Text proposed by the Commission

Amendment

(12) Crowdfunding platforms’ vulnerabilities to money laundering and terrorist financing risks are horizontal and affect the internal market as a whole. To date, diverging approaches have emerged across Member States as to the management of those risks. Regulation (EU) 2020/1503 of the European Parliament and of the Council28 harmonises the regulatory approach for business investment and lending-based crowdfunding platforms across the Union and ensures that adequate and coherent safeguards are in place to deal with potential money laundering and terrorist financing risks. Among those, there are requirements for the management of funds and payments in relation to all the financial transactions executed on those platforms. Crowdfunding service providers must either seek a license or partner with a payment service provider or a credit institution for the execution of such transactions. The Regulation also sets out safeguards in the authorisation procedure, in the assessment of good repute of management and through due diligence procedures for project owners. The Commission is required to assess by 10 November 2023 in its report on that Regulation whether further safeguards may be necessary. It is therefore justified not to subject crowdfunding platforms licensed under Regulation (EU) 2020/1503 to Union AML/CFT legislation.

(12) Crowdfunding platforms’ vulnerabilities to money laundering and terrorist financing risks are horizontal and affect the internal market as a whole. To date, diverging approaches have emerged across Member States as to the management of those risks. While Regulation (EU) 2020/1503 of the European Parliament and of the Council 28 harmonises the regulatory approach for business investment and lending-based crowdfunding platforms across the Union and sets up some AML/CFT requirements limited to due diligence of crowdfunding platforms in respect of project owners and within authorisation procedures, the lack of an harmonised legal framework with robust AML/CFT obligations for crowdfunding platforms creates gaps and weakens the Union AML/CFT safeguards. It is therefore necessary to ensure that all crowdfunding platforms, including those already licensed under Regulation (EU) 2020/1503, are subject to Union AML/CFT legislation.

__________________

__________________

28 Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (OJ L 347, 20.10.2020, p. 1).

28 Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (OJ L 347, 20.10.2020, p. 1).

Text proposed by the Commission

Amendment

(13) Crowdfunding platforms that are not licensed under Regulation (EU) 2020/1503 are currently left either unregulated or to diverging regulatory approaches, including in relation to rules and procedures to tackle anti-money laundering and terrorist financing risks. To bring consistency and ensure that there are no uncontrolled risks in that environment, it is necessary that all crowdfunding platforms that are not licensed under Regulation (EU) 2020/1503 and thus are not subject to its safeguards are subject to Union AML/CFT rules in order to mitigate money laundering and terrorist financing risks.

deleted

Text proposed by the Commission

Amendment

(15) Some categories of traders in goods are particularly exposed to money laundering and terrorist financing risks due to the high value that the small, transportable goods they deal with contain. For this reason, persons dealing in precious metals and precious stones should be subject to AML/CFT requirements.

(15) Persons trading in precious metals and stones as well as luxury goods are particularly exposed to very significant money laundering risks, regardless of the means of payment. Criminal organisations have repeatedly used that method, which is easily accessible and does not require specific expertise, to convert criminal proceeds into goods that are in high demand in foreign markets. For this reason, persons dealing in precious metals and precious stones and luxury goods should be subject to AML/CFT requirements.

Text proposed by the Commission

Amendment

(16) Investment migration operators are private companies, bodies or persons acting or interacting directly with the competent authorities of the Member States on behalf of third-country nationals or providing intermediary services to third-country nationals seeking to obtain residence rights in a Member State in exchange of any kind of investments, including capital transfers, purchase or renting of property, investment in government bonds, investment in corporate entities, donation or endowment of an activity contributing to the public good and contributions to the state budget. Investor residence schemes present risks and vulnerabilities in relation to money laundering, corruption and tax evasion. Such risks are exacerbated by the cross-border rights associated with residence in a Member State. Therefore, it is necessary that investment migration operators are subject to AML/CFT obligations. This Regulation should not apply to investor citizenship schemes, which result in the acquisition of nationality in exchange for such investments, as such schemes must be considered as undermining the fundamental status of Union citizenship and sincere cooperation among Member States.

(16) Investment migration operators are private companies, bodies or persons acting or interacting directly with the competent authorities of the Member States on behalf of third-country nationals or providing intermediary services to third-country nationals seeking to obtain residence rights in a Member State in exchange of any kind of investments, including capital transfers, purchase or renting of property, investment in government bonds, investment in corporate entities, donation or endowment of an activity contributing to the public good and contributions to the state budget. Investor residence and citizenship schemes present risks and vulnerabilities in relation to money laundering, corruption and tax evasion. Such risks are exacerbated by the cross-border rights associated with residence in a Member State. Therefore, it is necessary that investment migration operators are subject to AML/CFT obligations. In view of the risks and vulnerabilities presented by investor schemes, which result in the acquisition of either residence rights or nationality in exchange for such investments, it is necessary to provide for a ban on citizenship by investment schemes and for minimum requirements in the assessment of applicants by Member States’ public authorities with regards to residence by investment schemes, to ensure that enhanced due diligence measures are applied with regard to applicants and to ensure that nationals from certain countries with AML/CFT-related risks identified in accordance with this Regulation, are not granted any status on the basis of such schemes.

Text proposed by the Commission

Amendment

(18a) According to a report from the FATF of July 2009 entitled ‘Money Laundering through the Football Sector’, “the professional football market has undergone an accentuated growth due to a process of commercialisation. Money invested in football surged mainly as a result from increases in television rights and corporate sponsorship. Simultaneously, the labour market for professional football players has experienced unprecedented globalisation – with more and more football players contracted by teams outside their country and transfer payments of astounding dimensions. The cross border money flows that are involved may largely fall outside the control of national and supranational football organisations, giving opportunities to move and launder money. At the same time money from private investors is pouring into football clubs to keep them operating and can give the investor long term returns in terms of media rights, ticket sales, proceeds of sales of players and merchandising.” In its report of 24 July 2019 to the European Parliament and the Council on the assessment of the risk of money laundering and terrorist financing affecting the internal market and relating to cross-border activities, the Commission assessed professional football and stated that “whilst it remains a popular sport it is also a global industry with significant economic impact. Professional football’s complex organisation and lack of transparency have created fertile ground for the use of illegal resources. Questionable sums of money with no apparent or explicable financial return or gain are being invested in the sport.” Professional football is therefore a new sector posing high risks and high-level professional football clubs, along with sports agents in the football sector and football associations in Member States which are members of the Union of European Football Associations, should be considered to be obliged entities for the purposes of this Regulation.

Text proposed by the Commission

Amendment

(19) It is important that AML/CFT requirements apply in a proportionate manner and that the imposition of any requirement is proportionate to the role that obliged entities can play in the prevention of money laundering and terrorist financing. To this end, it should be possible for Member States in line with the risk base approach of this Regulation to exempt certain operators from AML/CFT requirements, where the activities they perform present low money laundering and terrorist financing risks and where the activities are limited in nature. To ensure transparent and consistent application of such exemptions across the Union, a mechanism should be put in place allowing the Commission to verify the necessity of the exemptions to be granted. The Commission should also publish such exemptions on a yearly basis in the Official Journal of the European Union.

(19) It is important that AML/CFT requirements apply in a proportionate manner and that the imposition of any requirement is proportionate to the role that obliged entities can play in the prevention of money laundering and terrorist financing. To this end, it should be possible for Member States in line with the risk-based approach of this Regulation to exempt certain operators from AML/CFT requirements, where the activities they perform present low money laundering and terrorist financing risks and where the activities are limited in nature. To ensure transparent and consistent application of such exemptions across the Union, a mechanism should be put in place allowing the Commission to verify the necessity of the exemptions to be granted. The Commission should also publish such exemptions on a yearly basis in the Official Journal of the European Union.

Text proposed by the Commission

Amendment

(20) A consistent set of rules on internal systems and controls that applies to all obliged entities operating in the internal market will strengthen AML/CFT compliance and make supervision more effective. In order to ensure adequate mitigation of money laundering and terrorist financing risks, obliged entities should have in place an internal control framework consisting of risk–based policies, controls and procedures and clear division of responsibilities throughout the organisation. In line with the risk-based approach of this Regulation, those policies, controls and procedures should be proportionate to the nature and size of the obliged entity and respond to the risks of money laundering and terrorist financing that the entity faces.

(20) A consistent set of rules on internal systems and controls that applies to all obliged entities operating in the internal market will strengthen AML/CFT compliance and make supervision more effective. In order to ensure adequate mitigation of money laundering and terrorist financing risks, obliged entities should have in place an internal control framework consisting of risk–based policies, controls and procedures and clear division of responsibilities throughout the organisation. In line with the risk-based approach of this Regulation, those policies, controls and procedures should be proportionate to the nature, activity and size of the obliged entity and respond to the risks of money laundering and terrorist financing that the entity faces.

Text proposed by the Commission

Amendment

(23) The FATF has developed standards for jurisdictions to identify, and assess the risks of potential non-implementation or evasion of the targeted financial sanctions related to proliferation financing, and to take action to mitigate those risks. Those new standards introduced by the FATF today do not substitute nor undermine the existing strict requirements for countries to implement targeted financial sanctions to comply with the relevant United Nations Security Council Regulations relating to the prevention, suppression and disruption of proliferation of weapons of mass destruction and its financing. Those existing obligations, as implemented at Union level by Council Decisions 2010/413/CFSP31 and (CFSP) 2016/84932 as well as by Council Regulations (EU) No 267/201233 and (EU) 2017/150934 , remain strict rule-based obligations binding on all natural and legal persons within the Union.

(23) The FATF has developed standards for jurisdictions to identify, and assess the risks of potential non-implementation or evasion of the targeted financial sanctions related to proliferation financing, and to take action to mitigate those risks. Those new standards introduced by the FATF today do not substitute nor undermine the existing strict requirements for countries to implement targeted financial sanctions to comply with the relevant United Nations Security Council Regulations relating to the prevention, suppression and disruption of proliferation of weapons of mass destruction and its financing. Those existing obligations, as implemented at Union level by Council Decisions 2010/413/CFSP31 and (CFSP) 2016/84932 as well as by Council Regulations (EU) No 267/201233 and (EU) 2017/150934, remain strict rule-based obligations binding on all natural and legal persons within the Union. The same approach should apply with regard to other targeted financial sanctions including targeted financial sanctions relating to terrorism and terrorist financing.

__________________

__________________

31 2010/413/CFSP: Council Decision of 26 July 2010 concerning restrictive measures against Iran and repealing Common Position 2007/140/CFSP (OJ L 195, 27.7.2010, p. 39).

31 2010/413/CFSP: Council Decision of 26 July 2010 concerning restrictive measures against Iran and repealing Common Position 2007/140/CFSP (OJ L 195, 27.7.2010, p. 39).

32 Council Decision (CFSP) 2016/849 of 27 May 2016 concerning restrictive measures against the Democratic People's Republic of Korea and repealing Decision 2013/183/CFSP (OJ L 141, 28.5.2016, p. 79).

32 Council Decision (CFSP) 2016/849 of 27 May 2016 concerning restrictive measures against the Democratic People's Republic of Korea and repealing Decision 2013/183/CFSP (OJ L 141, 28.5.2016, p. 79).

33 Council Regulation (EU) No 267/2012 of 23 March 2012 concerning restrictive measures against Iran and repealing Regulation (EU) No 961/2010 (OJ L 88, 24.3.2012, p. 1).

33 Council Regulation (EU) No 267/2012 of 23 March 2012 concerning restrictive measures against Iran and repealing Regulation (EU) No 961/2010 (OJ L 88, 24.3.2012, p. 1).

34 Council Regulation (EU) 2017/1509 of 30 August 2017 concerning restrictive measures against the Democratic People's Republic of Korea and repealing Regulation (EC) No 329/2007 (OJ L 224, 31.8.2017, p. 1).

34 Council Regulation (EU) 2017/1509 of 30 August 2017 concerning restrictive measures against the Democratic People's Republic of Korea and repealing Regulation (EC) No 329/2007 (OJ L 224, 31.8.2017, p. 1).

Text proposed by the Commission

Amendment

(23a) Union legislation does not include provisions that describe the systems and controls that credit and financial institutions should have to have in place in order to comply with targeted financial sanctions obligations. In its report on the future EU AML/CFT framework, the European Supervisory Authority (European Banking Authority) (EBA), established by Regulation (EU) No 1093/2010 of the European Parliament and of the Council, noted that, in situations where the legislation provides for exemptions from certain AML/CFT requirements, such as in relation to occasional transactions, there is an apparent conflict between risk-based exemptions and the absolute requirement to comply with applicable sanctions regimes, which is an obligation of result. EBA also found that there are different interpretations across Member States on the obligations on payment service providers to screen the payer or the payee against sanctions lists. That situation could create regulatory arbitrage and gaps which could weaken the Union targeted financial sanctions regime. It is therefore necessary to establish common standards on the measures that credit and financial institutions should take in order to comply with their financial sanctions obligations.

Text proposed by the Commission

Amendment

(24) In order to reflect the latest developments at international level, a requirement has been introduced by this Regulation to identify, understand, manage and mitigate risks of potential non-implementation or evasion of proliferation financing-related targeted financial sanctions at obliged entity level.

(24) In order to reflect the latest developments at international level, a requirement has been introduced by this Regulation to identify, understand, manage and mitigate risks of potential non-implementation, divergent implementation or evasion of all targeted financial sanctions including targeted financial sanctions relating to terrorism and terrorist financing and proliferation financing-related targeted financial sanctions at obliged entity level.

Text proposed by the Commission

Amendment

(24a) Sanctions adopted by the United Nations are relevant risk factors for money laundering, predicate offences and terrorist financing since they aim to address threats of terrorism and terrorist financing, crimes related to human rights violations and proliferation of nuclear weapon of mass destruction. Therefore, appropriate risk-mitigating measures need to be taken in high-risk situations in that regard, without prejudice to the application of rule-based obligations imposed under the Union targeted financial sanctions regime;

Text proposed by the Commission

Amendment

(25) It is important that obliged entities take all measures at the level of their management to implement internal policies, controls and procedures and to implement AML/CFT requirements. While a person at management level should be identified as being responsible for implementing the obliged entity’s policies, controls and procedures, the responsibility for the compliance with AML/CFT requirements should rest ultimately with the governing body of the entity. Tasks pertaining to the day-to-day implementation of the obliged entity’s AML/CFT policies, controls and procedures should be entrusted to a compliance officer.

(25) It is important that obliged entities take all measures at the level of their management to implement internal policies, controls and procedures and to implement AML/CFT requirements. While a person at management level should be identified as being responsible for implementing the obliged entity’s policies, controls and procedures, the responsibility for the compliance with AML/CFT requirements should rest ultimately with the management body of the entity. Tasks pertaining to the day-to-day implementation of the obliged entity’s AML/CFT policies, controls and procedures should be entrusted to a compliance officer.

Text proposed by the Commission

Amendment

(27a) Obliged entities might employ staff who by virtue of their professional activities could qualify as obliged entities themselves. As the AML/CFT framework is based on the role of firms or sole practitioners as gatekeepers of the financial system, it does not aim to target such employees. In order to facilitate the implementation of this Regulation, it is appropriate to clarify the situation of employees such as in-house lawyers, who should not be subject to the requirements of this Regulation when performing their function as employees of obliged entities.

Text proposed by the Commission

Amendment

(27b) Given that AML/CFT requirements are applicable to a wide range of obliged entities in both nature and size, AMLA should have the task of developing draft regulatory technical standards concerning minimum requirements and standards by obliged entities which are sole traders, single operators or microenterprises taking due account of the principle of proportionality and alleviation of administrative and financial burden.

Text proposed by the Commission

Amendment

(28) The consistent implementation of group-wide AML/CFT policies and procedures is key to the robust and effective management of money laundering and terrorist financing risks within the group. To this end, group-wide policies, controls and procedures should be adopted and implemented by the parent undertaking. Obliged entities within the group should be required to exchange information when such sharing is relevant for preventing money laundering and terrorist financing. Information sharing should be subject to sufficient guarantees in terms of confidentiality, data protection and use of information. AMLA should have the task of drawing up draft regulatory standards specifying the minimum requirements of group-wide procedures and policies, including minimum standards for information sharing within the group and the role and responsibilities of parent undertakings that are not themselves obliged entities.

(28) The consistent implementation of group-wide AML/CFT policies and procedures is key to the robust and effective management of money laundering and terrorist financing risks within the group. To this end, group-wide policies, controls and procedures should be adopted and implemented by the parent undertaking. Obliged entities within the group should be required to exchange information when such sharing is relevant for preventing money laundering and terrorist financing. Information sharing should be subject to sufficient guarantees in terms of confidentiality, data protection and use of information. AMLA should have the task of drawing up draft regulatory standards specifying the minimum requirements of group-wide procedures and policies, including minimum standards for information sharing within the group and the role and responsibilities of parent undertakings that are not themselves obliged entities, and taking into account the principle of proportionality.

Text proposed by the Commission

Amendment

(29) In addition to groups, other structures exist, such as networks or partnerships, in which obliged entities might share common ownership, management and compliance controls. To ensure a level playing field across the sectors whilst avoiding overburdening it, AMLA should identify those situations where similar group-wide policies should apply to those structures.

(29) In addition to groups, other structures exist, such as networks or partnerships, in which obliged entities might share common ownership, management and compliance controls. To ensure a level playing field across the sectors whilst avoiding overburdening it, AMLA should identify those situations where similar group-wide policies should apply to those structures, taking into account the principle of proportionality.

Text proposed by the Commission

Amendment

(30) There are circumstances where branches and subsidiaries of obliged entities are located in third countries where the minimum AML/CFT requirements, including data protection obligations, are less strict than the Union AML/CFT framework. In such situations, and in order to fully prevent the use of the Union financial system for the purposes of money laundering and terrorist financing and to ensure the highest standard of protection for personal data of Union citizens, those branches and subsidiaries should comply with AML/CFT requirements laid down at Union level. Where the law of a third country does not permit compliance with those requirements, for example because of limitations to the group's ability to access, process or exchange information due to an insufficient level of data protection or banking secrecy law in the third country, obliged entities should take additional measures to ensure the branches and subsidiaries located in that country effectively handle the risks. AMLA should be tasked with developing draft technical standards specifying the type of such additional measures.

(30) There are circumstances where branches and subsidiaries of obliged entities are located in third countries where the minimum AML/CFT requirements, including data protection obligations, are less strict than the Union AML/CFT framework. In such situations, and in order to fully prevent the use of the Union financial system for the purposes of money laundering and terrorist financing and to ensure the highest standard of protection for personal data of Union citizens, those branches and subsidiaries should comply with AML/CFT requirements laid down at Union level. Where the law of a third country does not permit compliance with those requirements, for example because of limitations to the group's ability to access, process or exchange information due to an insufficient level of data protection or banking secrecy law in the third country, obliged entities should take additional measures to ensure the branches and subsidiaries located in that country effectively handle the risks. AMLA should be tasked with developing draft technical standards specifying the type of such additional measures, taking into account the principle of proportionality.

Text proposed by the Commission

Amendment

(32a) Credit and financial institutions should ensure that the application of due diligence measures is carried out on the basis of an individual risk assessment and does not result in unduly denying legitimate customers access to financial services, in particular with regard to specific categories of individual customers associated with higher risk, such as refugees and asylum seekers as well as human rights defenders, and non-governmental organisations and their representatives and associates. To that end, credit and financial institutions should ensure that their internal policies, controls and procedures are commensurate to the risks identified and do not unduly undermine financial inclusion. Access to basic financial products and services allows refugees and people seeking temporary or international protection to participate in the economic and social life of the Union, in line with the right to protection enshrined in Article 18 of the Charter of Fundamental Rights. At the same time, financial inclusion avoids transactions being driven underground through informal channels, thereby making the detection and reporting of suspicious transactions more difficult. Therefore, financial inclusion contributes significantly to the fight against money laundering and terrorist financing. This Regulation provides sufficient flexibility to financial institutions to perform the identification and verification of prospective clients who are refugees or seek protection and to adopt, in line with the risk-based approach, proportionate and effective measures to manage and mitigate risks linked to these clients. To ensure such flexibility is exploited to the fullest, credit and financial institutions should accept documents issued by Member States stating legal residence as a valid means for the purposes of customer identity verification. In order to ensure the effective implementation of AML/CFT rules, financial institutions should address the situation of refugees and persons seeking temporary or international protection within their internal policies and procedures of refugees and persons seeking temporary or international protection within their internal policies and procedures AMLA and EBA should issue joint guidelines to specify how to maintain a balance between the financial inclusion of the categories of customers particularly affected by de-risking and AML/CFT requirements and clarify how risk can be mitigated in relation to these customers and ensure transparent and fair processes for customers.

Text proposed by the Commission

Amendment

(32b) Obliged entities should take appropriate measures to verify the identity of the beneficial owners of their customers in order to know who the beneficial owner is and understand the ownership and control structure of the customer. When verifying a beneficial owner’s identity, obliged entities should determine the extent and frequency of additional information consulted on a risk-basis. To that end, they should consult the necessary information, documents and data from the customer or reliable and independent sources, such as business registers or other relevant corporate documents, and should also consult beneficial owners registers as provided for in Article 10 of Directive (EU) ,,,/,,, [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final]. When verifying a person’s identity, the robustness of the evidence provided and the risk of identity theft must be considered. It is therefore important that, when obliged entities suspect that the beneficial ownership information declared by the customer is false or that the proof of identity provided is falsified or stolen, or where there is any related risk that the identity of the beneficial owner may not coincide with the documentation provided, they should take steps to check whether the claimed identity reasonably belongs to the person declared by the customer and whether those persons actually are the beneficial owners of the legal entity or arrangement.

Text proposed by the Commission

Amendment

(33) Obliged entities should not be required to apply due diligence measures on customers carrying out occasional or linked transactions below a certain value, unless there is suspicion of money laundering or terrorist financing. Whereas the EUR 10 000 threshold applies to most occasional transactions, obliged entities which operate in sectors or carry out transactions that present a higher risk of money laundering and terrorist financing should be required to apply customer due diligence for transactions with lower thresholds. To identify the sectors or transactions as well as the adequate thresholds for those sectors or transactions, AMLA should develop dedicated draft regulatory technical standards.

(33) Obliged entities should not be required to apply due diligence measures on customers carrying out occasional or linked transactions below a certain value, unless there is suspicion of money laundering or terrorist financing. Whereas the EUR 10 000 threshold applies to most occasional transactions, obliged entities which operate in sectors or carry out transactions that present a higher risk of money laundering and terrorist financing should be required to apply customer due diligence for transactions with lower thresholds, and should, in particular, verify whether those thresholds are met within linked transactions with lower amounts. To identify the sectors or transactions as well as the adequate thresholds for those sectors or transactions, AMLA should develop dedicated draft regulatory technical standards.

Text proposed by the Commission

Amendment

(33a) Business relationships are defined in this Regulation and refer to business, professional or commercial relationships connected with the professional activities of an obliged entity. They are expected, at the time when the contact is established, to have an element of duration. In the case of real estate transactions, for entities other than credit and financial institutions, a business relationship means the provision of services which involve the sale or brokerage of more than one property over a period of time. A sale also includes the services of notaries or lawyers where such services are required under national law in order to conduct the transactions or transfer of immovable property.

Text proposed by the Commission

Amendment

(34) Some business models are based on the obliged entity having a business relationship with a merchant for offering payment initiation services through which the merchant gets paid for the provision of goods or services, and not with the merchant’s customer, who authorises the payment initiation service to initiate a single or one-off transaction to the merchant. In such a business model, the obliged entity’s customer for the purpose of AML/CFT rules is the merchant, and not the merchant’s customer. Therefore, customer due diligence obligations should be applied by the obliged entity vis-a-vis the merchant.

(34) Some business models are based on the obliged entity having a business relationship with a merchant for offering payment initiation services through which the merchant gets paid for the provision of goods or services, and not with the merchant’s customer, who authorises the payment initiation service to initiate a single or one-off transaction or several transactions to the merchant. In such a business model, the obliged entity’s customer for the purpose of AML/CFT rules is the merchant, and not the merchant’s customer. Therefore, customer due diligence obligations should be applied by the obliged entity only vis-a-vis the merchant. If the same obliged entity also provides payment services to the merchant, which brings it into the possession of funds, then the obliged entity’s customer is also the merchant as regards the combined offering of payment initiation services, account information services and payment services.

Text proposed by the Commission

Amendment

(40) To ensure the effectiveness of the AML/CFT framework, obliged entities should regularly review the information obtained from their customers, in accordance with the risk-based approach. Obliged entities should also set up a monitoring system to detect atypical transactions that might raise money laundering or terrorist financing suspicions. To ensure the effectiveness of the transaction monitoring, obliged entities’ monitoring activity should in principle cover all services and products offered to customers and all transactions which are carried out on behalf of the costumer or offered to the customer by the obliged entity. However, not all transactions need to be scrutinised individually. The intensity of the monitoring should respect the risk-based approach and be designed around precise and relevant criteria, taking account, in particular, of the characteristics of the customers and the risk level associated with them, the products and services offered, and the countries or geographical areas concerned. AMLA should develop guidelines to ensure that the intensity of the monitoring of business relationships and of transactions is adequate and proportionate to the level of risk.

(40) To ensure the effectiveness of the AML/CFT framework, obliged entities should regularly review the information obtained from their customers, in accordance with the risk-based approach. This does not mean that the obliged entity should repeatedly identify and verify the identity of each customer every time that a customer conducts a transaction. An obliged entity should be able to rely on the identification and verification steps that it has already undertaken in low risk situations, provided that there is no suspicion of money laundering or terrorist financing, or no reasonable doubt that the information is no longer accurate and up to date and provided that there is no material change in the way that the customer’s account is operated, which is not consistent with the customer’s business profile. Obliged entities should also set up a monitoring system to detect atypical transactions that might raise money laundering or terrorist financing suspicions. To ensure the effectiveness of the transaction monitoring, obliged entities’ monitoring activity should in principle cover all services and products offered to customers and all transactions which are carried out on behalf of the costumer or offered to the customer by the obliged entity. However, not all transactions need to be scrutinised individually. The intensity of the monitoring should respect the risk-based approach and be designed around precise and relevant criteria, taking account, in particular, of the characteristics of the customers and the risk level associated with them, the products and services offered, and the countries or geographical areas concerned.. AMLA should develop guidelines to ensure that the intensity of the monitoring of business relationships and of transactions is adequate and proportionate to the level of risk.

Text proposed by the Commission

Amendment

(47) Cross-border correspondent relationships with a third-country’s respondent institution are characterised by their on-going, repetitive nature. Moreover, not all cross-border correspondent banking services present the same level of money laundering and terrorist financing risks. Therefore, the intensity of the enhanced due diligence measures should be determined by application of the principles of the risk based approach. However, the risk based approach should not be applied when interacting with third-country’s respondent institutions that have no physical presence where they are incorporated. Given the high risk of money laundering and terrorist financing inherent in shell banks, credit institutions and financial institutions should refrain from entertaining any correspondent relationship with such shell banks.

(47) Cross-border correspondent relationships with a third-country’s respondent institution are characterised by their on-going, repetitive nature. Moreover, not all cross-border correspondent banking services present the same level of money laundering and terrorist financing risks. Therefore, the intensity of the enhanced due diligence measures should be determined by application of the principles of the risk based approach. However, the risk based approach should not be applied when interacting with third-country’s respondent institutions that have no physical presence where they are incorporated or with unregistered and unlicensed entities providing crypto-asset services. Given the high risk of money laundering and terrorist financing inherent in shell banks and unregistered and unlicensed entities, credit institutions and financial institutions should refrain from entertaining any correspondent relationship with such shell banks and with unregistered and unlicensed entities providing crypto-asset services. In order to facilitate compliance by obliged entities, AMLA should establish and maintain a non-exhaustive public register of entities identified as shell banks or unregistered or unlicensed crypto-asset service providers on the basis of information submitted by competent authorities, supervisors and other obliged entities. The inclusion of a specific entity in the public register is merely indicative and should not replace the obligation on obliged entities to take adequate and effective measures to comply with the prohibition on entering into a correspondent relationship with those entities.

Text proposed by the Commission

Amendment

(48a) Self-hosted addresses enable their users to receive, send and exchange crypto-assets across the world, without revealing their identity or being subject to any customer due diligence measures. While transactions recorded on the distributed ledger can be traced back to a particular self-hosted address, it may be very difficult or impossible to link such address to a real person. For that reason, it is possible to misuse self-hosted addresses to conceal criminal activities or circumvent targeted financial sanctions. In order to manage and mitigate those risks appropriately, crypto-asset service providers should be required to establish, to the extent possible, the identity of the originator or beneficiary of a transaction made from or to a self-hosted address and apply any additional enhanced due diligence measures adequate to the level of risk identified. Crypto-asset service providers can rely on secure and trusted means of verification performed by third parties. The verification requirement should not be interpreted as implying onboarding the person who owns or controls the self-hosted address as a customer. In order to ensure consistent application of this Regulation, AMLA should develop draft regulatory technical standards to specify, taking into account the latest technological developments, the criteria and means for the identification and verification of the originator or beneficiary of a transaction with a self-hosted address.

Text proposed by the Commission

Amendment

(49) In order to protect the proper functioning of the Union financial system from money laundering and terrorist financing, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union (TFEU) should be delegated to the Commission to identify third countries, whose shortcomings in their national AML/CFT regimes represent a threat to the integrity of the Union’s internal market. The changing nature of money laundering and terrorist financing threats from outside the Union, facilitated by a constant evolution of technology and of the means at the disposal of criminals, requires that quick and continuous adaptations of the legal framework as regards third countries be made in order to address efficiently existing risks and prevent new ones from arising. The Commission should take into account information from international organisations and standard setters in the field of AML/CFT, such as FATF public statements, mutual evaluation or detailed assessment reports or published follow-up reports, and adapt its assessments to the changes therein, where appropriate.

(49) In order to protect the proper functioning of the Union financial system from money laundering and terrorist financing, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union (TFEU) should be delegated to the Commission to identify third countries, whose shortcomings in their national AML/CFT regimes represent a threat to the integrity of the Union’s internal market. The changing nature of money laundering and terrorist financing threats from outside the Union, facilitated by a constant evolution of technology and of the means at the disposal of criminals, requires that quick and continuous adaptations of the legal framework as regards third countries be made in order to address efficiently existing risks and prevent new ones from arising. The Commission should take into account information from other Union institutions, bodies and agencies, competent authorities, civil society organisations, academia, and by international organisations and standard setters in the field of AML/CFT, such as FATF public statements, mutual evaluation or detailed assessment reports or published follow-up reports, and adapt its assessments to the changes therein, where appropriate.

Text proposed by the Commission

Amendment

(52) Countries that are not publicly identified as subject to calls for actions or increased monitoring by international standard setters might still pose a threat to the integrity of the Union’s financial system. To mitigate those risks, it should be possible for the Commission to take action by identifying, based on a clear set of criteria and with the support of AMLA, third countries posing a specific and serious threat to the Union’s financial system, which may be due to either compliance weaknesses or significant strategic deficiencies of a persistent nature in their AML/CFT regime, and the relevant mitigating measures. Those third countries should be identified by the Commission. According to the level of risk posed to the Union’s financial system, the Commission should require the application of either all enhanced due diligence measures and country-specific countermeasures, as it is the case for high-risk third countries, or country-specific enhanced customer due diligence, such as in the case of third countries with compliance weaknesses.

(52) Countries that are not publicly identified as subject to calls for actions or increased monitoring by international standard setters might still pose a threat to the integrity of the Union’s financial system and the orderly functioning of the internal market. AMLA should monitor developments in third countries and assess the related threats and risks for the Union. To mitigate those risks, it should be possible for AMLA to take action by identifying, based on a clear set of criteria and with the support of other Union institutions, bodies and agencies, and competent authorities, analysis by civil society organisations and academia, as well as assessments or reports drawn up by international organisations and standard setters with competence in the field of preventing money laundering and combating terrorist financing, third countries or territories posing a specific and serious threat to the Union’s financial system, which may be due to either compliance weaknesses or significant strategic deficiencies of a persistent nature in their AML/CFT regime, and the relevant mitigating measures. For that purpose, AMLA should develop draft regulatory technical standards to identify specific enhanced due diligence measures to be applied by obliged entities to mitigate risks related to business relationships or occasional transactions involving natural or legal persons from a high third country that poses a specific and serious threat to the Union. According to the level of risk posed to the Union’s financial system, AMLA should require the application of either all enhanced due diligence measures or country-specific enhanced customer due diligence, If the threat to the Union’s financial system persists and no effective measures have been taken by the third country to mitigate the high risks, the Commission, after consulting with AMLA, should be able to require the application of additional countermeasure.

Text proposed by the Commission

Amendment

(53) Considering that there may be changes in the AML/CFT frameworks of those third countries or in their implementation, for example as result of the country’s commitment to address the identified weaknesses or of the adoption of relevant AML/CFT measures to tackle them, which could change the nature and level of the risks emanating from them, the Commission should regularly review the identification of those specific enhanced due diligence measures in order to ensure that they remain proportionate and adequate.

(53) Considering that there may be changes in the AML/CFT frameworks of those third countries in their implementation, for example as result of the country’s commitment to address the identified weaknesses or of the adoption of relevant AML/CFT measures to tackle them, which could change the nature and level of the risks emanating from them, the Commission should regularly review the identification of those specific enhanced due diligence measures in order to ensure that they remain proportionate and adequate. The Commission should publish such reviews.

Text proposed by the Commission

Amendment

(53a) Certain credit or financial institutions not established in the Union could also pose a specific and serious threat to the financial system of the Union. To mitigate that threat, AMLA should be able, on its own initiative or at the request of the specific bodies set out in this Regulation, to take action by identifying credit or financial institutions not established in the Union which pose a specific and serious threat to the Union’s financial system. Depending on the level of risk posed to the Union’s financial system, AMLA should require selected obliged entities to apply concrete measures to mitigate risks and should be able to adopt decisions addressed to financial supervisors to ensure that non-selected obliged entities apply uniform mitigating measures to the ones identified by AMLA.

Text proposed by the Commission

Amendment

(54) Potential external threats to the Union’s financial system do not only emanate from third countries, but can also emerge in relation to specific customer risk factors or products, services, transactions or delivery channels which are observed in relation to a specific geographical area outside the Union. There is therefore a need to identify money laundering and terrorist financing trends, risks and methods to which Union’s obliged entities may be exposed. AMLA is best placed to detect any emerging ML/TF typologies from outside the Union, to monitor their evolution with a view to providing guidance to the Union’s obliged entities on the need to apply enhanced due diligence measures aimed at mitigating such risks.

(54) Potential external threats to the Union’s financial system do not only emanate from third countries, but can also emerge in relation to specific customer risk factors or products, services, transactions or delivery channels which are observed in relation to a specific geographical area outside the Union. There is therefore a need to identify money laundering and terrorist financing trends, risks and methods to which Union’s obliged entities may be exposed. AMLA, with the support of other Union bodies and agencies, including Europol, already involved in the AML/CFT framework, and competent authorities, is best placed to detect any emerging ML/TF typologies from outside the Union, to monitor their evolution with a view to providing guidance to the Union’s obliged entities on the need to apply enhanced due diligence measures aimed at mitigating such risks.

Text proposed by the Commission

Amendment

(57) When customers are no longer entrusted with a prominent public function, they can still pose a higher risk, for example because of the informal influence they could still exercise, or because their previous and current functions are linked. It is essential that obliged entities take into consideration those continuing risks and apply one or more enhanced due diligence measures until such time that the individuals are deemed to pose no further risk, and in any case for not less than 12 months following the time when they are no longer entrusted with a prominent public function.

(57) When customers are no longer entrusted with a prominent public function, they can still pose a higher risk, for example because of the informal influence they could still exercise, or because their previous and current functions are linked. It is essential that obliged entities take into consideration those continuing risks and apply one or more enhanced due diligence measures until such time that the individuals are deemed to pose no further risk, and in any case for not less than 24 months following the time when they are no longer entrusted with a prominent public function.

Text proposed by the Commission

Amendment

(60a) Business relationships and occasional transactions involving high-net-worth customers who present one or several factors of high risk could seriously compromise the integrity of the Union’s financial system and cause serious vulnerabilities in the internal market. Obliged entities should therefore determine on a risk-sensitive basis whether the customer or the beneficial owner of the customer is a high-risk high net worth individual in the course of due diligence procedures. Where an obliged entity identifies that a customer or the beneficial owner of a customer is a high-risk high net worth individual, it should apply specific enhanced customer due diligence measures as laid down in this Regulation with respect to those customers.

Text proposed by the Commission

Amendment

(62) Obliged entities may outsource tasks relating to the performance of customer due diligence to an agent or external service provider, unless they are established in third countries that are designated as high-risk, as having compliance weaknesses or as posing a threat to the Union’s financial system. In the case of agency or outsourcing relationships on a contractual basis between obliged entities and external service providers not covered by AML/CFT requirements, any AML/CFT obligations upon those agents or outsourcing service providers could arise only from the contract between the parties and not from this Regulation. Therefore, the responsibility for complying with AML/CFT requirements should remain entirely with the obliged entity itself. The obliged entity should in particular ensure that, where an outsourced service provider is involved for the purposes of remote customer identification, the risk-based approach is respected.

(62) Obliged entities may outsource tasks relating to the performance of customer due diligence to an agent or external service provider unless they are established in third countries that are designated as high-risk, as having compliance weaknesses or as posing a threat to the Union’s financial system. Those outsourcing activities should support obliged entities, to obtain complete, timely and accurate information by using decision-making tools, such as global news, business, regulatory and legal databases. In the case of agency or outsourcing relationships on a contractual basis between obliged entities and external service providers not covered by AML/CFT requirements, any AML/CFT obligations upon those agents or outsourcing service providers could arise only from the contract between the parties and not from this Regulation. Therefore, the responsibility for complying with AML/CFT requirements should remain entirely with the obliged entity itself. The obliged entity should in particular ensure that, where an outsourced service provider is involved for the purposes of remote customer identification, the risk-based approach is respected. The outsourcing of tasks deriving from requirements under this Regulation for the purpose of performing customer due diligence to an agent or external service provider should not exempt the obliged entity from any obligation under Regulation (EU) 2016/679, including under Article 28 thereof.

Text proposed by the Commission

Amendment

(63) In order for third party reliance and outsourcing relationships to function efficiently, further clarity is needed around the conditions according to which reliance takes place. AMLA should have the task of developing guidelines on the conditions under which third-party reliance and outsourcing can take place, as well as the roles and responsibilities of the respective parties. To ensure that consistent oversight of reliance and outsourcing practices is ensured throughout the Union, the guidelines should also provide clarity on how supervisors should take into account such practices and verify compliance with AML/CFT requirements when obliged entities resort to those practices.

(63) In order for third party reliance and outsourcing relationships to function efficiently, further clarity is needed around the conditions according to which reliance takes place. AMLA should have the task of developing guidelines on the conditions under which third-party reliance and outsourcing can take place, as well as the roles and responsibilities of the respective parties. To ensure that consistent oversight of reliance and outsourcing practices is ensured throughout the Union, the guidelines should also provide clarity on how supervisors should take into account such practices and verify compliance with AML/CFT requirements when obliged entities resort to those practices.

Text proposed by the Commission

Amendment

(65) Detailed rules should be laid down to identify the beneficial owners of corporate and other legal entities and to harmonise definitions of beneficial ownership. While a specified percentage shareholding or ownership interest does not automatically determine the beneficial owners, it should be one factor among others to be taken into account. Member States should be able, however, to decide that a percentage lower than 25% may be an indication of ownership or control. Control through ownership interest of 25% plus one of the shares or voting rights or other ownership interest should be assessed on every level of ownership, meaning that this threshold should apply to every link in the ownership structure and that every link in the ownership structure and the combination of them should be properly examined.

(65) Detailed rules should be laid down to identify the beneficial owners of corporate and other legal entities and to harmonise definitions of beneficial ownership. While a specified percentage shareholding or ownership interest does not automatically determine the beneficial owners, it should be one factor among others to be taken into account. Control through ownership interest should be assessed on every level of ownership, meaning that the specific threshold should apply to every link level in the ownership structure and that every level in the ownership structure and the combination of them should be properly examined. In the event of indirect shareholding, the beneficial owners should be identified by multiplying the shares in the ownership chain. To that end, all shares directly or indirectly owned by the same natural person should be added together.

Text proposed by the Commission

Amendment

(66) A meaningful identification of the beneficial owners requires a determination of whether control is exercised via other means. The determination of control through an ownership interest is necessary but not sufficient and it does not exhaust the necessary checks to determine the beneficial owners. The test on whether any natural person exercises control via other means is not a subsequent test to be performed only when it is not possible to determine an ownership interest. The two tests, namely that of control through an ownership interest and that of control via other means, should be performed in parallel. Control through other means may include the right to appoint or remove more than half of the members of the board of the corporate entity; the ability to exert a significant influence on the decisions taken by the corporate entity; control through formal or informal agreements with owners, members or the corporate entities, as well as voting arrangements; links with family members of managers or directors or those owning or controlling the corporate entity; use of formal or informal nominee arrangements.

(66) A meaningful identification of the beneficial owners requires a determination of whether control is exercised via other means. The determination of control through an ownership interest is necessary but not sufficient and it does not exhaust the necessary checks to determine the beneficial owners. The test on whether any natural person exercises control via other means is not a subsequent test to be performed only when it is not possible to determine an ownership interest. The two tests, namely that of control through an ownership interest and that of control via other means, should be performed in parallel. Control through other means may include the right to appoint or remove more than half of the members of the board of the corporate entity; the ability to exert a significant influence on the decisions taken by the corporate entity; control through formal or informal agreements with owners, members or the corporate entities, as well as voting arrangements; links with family members of managers or directors or those owning or controlling the corporate entity; use of formal or informal nominee arrangements or control through debt instruments or other financing arrangements.

Text proposed by the Commission

Amendment

(72) There is a need to ensure a level playing field among the different types of legal forms and to avoid the misuse of trusts and legal arrangements, which are often layered in complex structures to further obscure beneficial ownership. Trustees of any express trust administered in a Member State should thus be responsible for obtaining and holding adequate, accurate and current beneficial ownership information regarding the trust, and for disclosing their status and providing this information to obliged entities carrying out costumer due diligence. Any other beneficial owner of the trust should assist the trustee in obtaining such information.

(72) There is a need to ensure a level playing field among the different types of legal forms and to avoid the misuse of trusts and legal arrangements, which are often layered in complex structures to further obscure beneficial ownership. Trustees of any express trust administered in a Member State should thus be responsible for obtaining and holding adequate, accurate and current beneficial ownership information regarding the trust and for disclosing their status and providing this information to obliged entities carrying out costumer due diligence, taking into account the specificities and risks of different legal systems, including common law jurisdictions Any other beneficial owner of the trust should assist the trustee in obtaining such information.

Text proposed by the Commission

Amendment

(73) In view of the specific structure of certain legal entities such as foundations, and the need to ensure sufficient transparency about their beneficial ownership, such entities and legal arrangements similar to trusts should be subject to equivalent beneficial ownership requirements as those that apply to express trusts.

(73) In view of the specific structure of certain legal entities such as foundations, and the need to ensure sufficient transparency about their beneficial ownership, such entities and legal arrangements similar to trusts should be subject to equivalent beneficial ownership requirements as those that apply to express trusts, with due account to the specificities inherent to the different legal entities, in particular civil society organisations.

Text proposed by the Commission

Amendment

(77) Suspicious transactions, including attempted transactions, and other information relevant to money laundering, its predicate offences and terrorist financing, should be reported to the FIU, which should serve as a single central national unit for receiving and, analysing reported suspicions and for disseminating to the competent authorities the results of its analyses. All suspicious transactions, including attempted transactions, should be reported, regardless of the amount of the transaction. Reported information may also include threshold-based information. The disclosure of information to the FIU in good faith by an obliged entity or by an employee or director of such an entity should not constitute a breach of any restriction on disclosure of information and should not involve the obliged entity or its directors or employees in liability of any kind.

(77) Suspicions, suspicious transactions, including attempted transactions, and other information relating to money laundering, its predicate offences and terrorist financing, should be reported to the FIU, which should serve as a single central national unit for receiving and, analysing reported suspicions and for disseminating to the competent authorities the results of its analyses. FIUs shall strengthen cooperation with other competent authorities to ensure that meaningful information is exchanged in a timely and constructive manner in accordance with the applicable legal framework. All suspicious transactions, including attempted transactions, should be reported, regardless of the amount of the transaction. Reported information may also include threshold-based information. The disclosure of information to the FIU in good faith by an obliged entity or by an employee or director of such an entity should not constitute a breach of any restriction on disclosure of information and should not involve the obliged entity or its directors or employees in liability of any kind.

Text proposed by the Commission

Amendment

(78) Differences in suspicious transaction reporting obligations between Member States may exacerbate the difficulties in AML/CFT compliance experienced by obliged entities that have a cross-border presence or operations. Moreover, the structure and content of the suspicious transaction reports have an impact on the FIU’s capacity to carry out analysis and on the nature of that analysis, and also affects FIUs’ abilities to cooperate and to exchange information. In order to facilitate obliged entities’ compliance with their reporting obligations and allow for a more effective functioning of FIUs’ analytical activities and cooperation, AMLA should develop draft regulatory standards specifying a common template for the reporting of suspicious transactions to be used as a uniform basis throughout the Union.

(78) Differences in suspicious transaction reporting obligations between Member States may exacerbate the difficulties in AML/CFT compliance experienced by obliged entities that have a cross-border presence or operations. Moreover, the structure and content of the suspicious transaction reports have an impact on the FIU’s capacity to carry out analysis and on the nature of that analysis, and also affects FIUs’ abilities to cooperate and to exchange information. In order to facilitate obliged entities’ compliance with their reporting obligations and allow for a more effective functioning of FIUs’ analytical activities and cooperation, AMLA should develop draft regulatory standards specifying a common template for the reporting of suspicions to be used as a uniform basis throughout the Union. To simplify and accelerate reporting of suspicions by obliged entities and communications and exchange of information between FIUs, AMLA should establish a secure and reliable electronic filing system (“FIU.net one-stop-shop") for reporting suspicions of money laundering, predicate offences and terrorist financing, including on attempted transactions via a standardised form to the FIU of the Member State in whose territory the obliged entity transmitting the information is established. Such interface should also allow for the immediate transmission of this information to any other FIU which is concerned by a suspicious transaction report. The FIU.net one-stop-shop should also enable communication between the competent FIUs and obliged entities, and for information and intelligence sharing between FIUs on submitted reports of suspicions. The FIU.net one-stop-shop should be established within three years of the entry into force of this Regulation. The use of the FIU.net one-stop-shop should be introduced gradually over time in order to allow a smooth and uninterrupted reporting of suspicion transaction reports and to leave sufficient time for FIUs and obliged entities to implement the necessary technical changes. FIUs might therefore decide to instruct obliged entities to report information via the FIU.net one-stop-shop as of ... [five years after entry into force of this Regulation]. The use of FIU.net one-stop-shop should be mandatory for obliged entities as of ... [six years after entry into force of this Regulation].

Text proposed by the Commission

Amendment

(79) FIUs should be able to obtain swiftly from any obliged entity all the necessary information relating to their functions. Their unfettered and swift access to information is essential to ensure that flows of money can be properly traced and illicit networks and flows detected at an early stage. The need for FIUs to obtain additional information from obliged entities based on a suspicion of money laundering or financing of terrorism might be triggered by a prior suspicious transaction report reported to the FIU, but might also be triggered through other means such as the FIU’s own analysis, intelligence provided by competent authorities or information held by another FIU. FIUs should therefore be able, in the context of their functions, to obtain information from any obliged entity, even without a prior report being made. Obliged entities should reply to a request for information by the FIU as soon as possible and, in any case, within five days of receipt of the request. In justified and urgent cases, the obliged entity should be able to respond to the FIU’s request within 24 hours. This does not include indiscriminate requests for information to the obliged entities in the context of the FIU's analysis, but only information requests based on sufficiently defined conditions. An FIU should also be able to obtain such information on a request made by another Union FIU and to exchange the information with the requesting FIU.

(79) FIUs should be able to obtain swiftly from any obliged entity all the necessary information relating to their functions. Their unfettered and swift access to information is essential to ensure that flows of money can be properly traced and illicit networks and flows detected at an early stage. The need for FIUs to obtain additional information from obliged entities based on a suspicion of money laundering or financing of terrorism might be triggered by a prior suspicious transaction report reported to the FIU, but might also be triggered through other means such as the FIU’s own analysis, intelligence provided by competent authorities or information held by another FIU. FIUs should therefore be able, in the context of their functions, to obtain information from any obliged entity, even without a prior report being made. Obliged entities should reply to a request for information by the FIU as soon as possible and, in any case, within five working days, unless the FIU determines a different deadline. In justified and urgent cases, the obliged entity should be able to respond to the FIU’s request as soon as possible, and within a deadline that should not be longer than one working day. This does not include indiscriminate requests for information to the obliged entities in the context of the FIU's analysis, but only information requests based on sufficiently defined conditions. An FIU should also be able to obtain such information on a request made by another Union FIU and to exchange the information with the requesting FIU.

Text proposed by the Commission

Amendment

(81) Where a Member State decides to designate such a self-regulatory body, it may allow or require that body not to transmit to the FIU any information obtained from persons represented by that body where such information has been received from, or obtained on, one of their clients, in the course of ascertaining the legal position of their client, or in performing their task of defending or representing that client in, or concerning, judicial proceedings, including providing advice on instituting or avoiding such proceedings, whether such information is received or obtained before, during or after such proceedings.

(81) Notaries, lawyers and other independent legal professionals, auditors, external accountants and tax advisors should be allowed not to transmit to the FIU or a self-regulatory body any information obtained from persons where such information has been received from, or obtained on, one of their clients, in the course of ascertaining the legal position of their client except where the legal advice is provided for the purpose of money laundering or terrorist financing, or where those persons know or suspect, on the basis of factual and objective circumstances, that the client is seeking legal advice, including in relation to tax matters or citizenship or residence by investment schemes, for the purposes of money laundering or terrorist financing and the advice is not sought in relation to judicial proceedings, or in performing their task of defending or representing that client in, or concerning, judicial proceedings, including providing advice on instituting or avoiding such proceedings, whether such information is received or obtained before, during or after such proceedings. Member States should be able to adopt or maintain additional reporting obligations with regard to specific transactions that involve a particularly high risk to be used for money laundering or terrorist financing to which the exemption from the requirements to transmit information does not apply.

Text proposed by the Commission

Amendment

(82) Obliged entities should exceptionally be able to carry out suspicious transactions before informing the competent authorities where refraining from doing so is impossible or likely to frustrate efforts to pursue the beneficiaries of a suspected money laundering or terrorist financing operation. However, this exception should not be invoked in relation to transactions concerned by the international obligations accepted by the Member States to freeze without delay funds or other assets of terrorists, terrorist organisations or those who finance terrorism, in accordance with the relevant United Nations Security Council resolutions.

(82) Obliged entities should exceptionally be able to carry out suspicious transactions before informing the competent authorities where refraining from doing so is impossible or likely to frustrate efforts to pursue the beneficiaries of a suspected money laundering or terrorist financing operation, including in duly justified cases, where this is provided in national law. However, this exception should not be invoked in relation to transactions concerned by the international obligations accepted by the Member States to freeze without delay funds or other assets of terrorists, terrorist organisations or those who finance terrorism, in accordance with the relevant United Nations Security Council resolutions.

Text proposed by the Commission

Amendment

(86) It is essential that the alignment of the AML/CFT framework with the revised FATF Recommendations is carried out in full compliance with Union law, in particular as regards Union data protection law and the protection of fundamental rights as enshrined in the Charter. Certain aspects of the implementation of the AML/CFT framework involve the collection, analysis, storage and sharing of data. Such processing of personal data should be permitted, while fully respecting fundamental rights, only for the purposes laid down in this Regulation, and for carrying out customer due diligence, ongoing monitoring, analysis and reporting of unusual and suspicious transactions, identification of the beneficial owner of a legal person or legal arrangement, identification of a politically exposed person and sharing of information by credit institutions and financial institutions and other obliged entities. The collection and subsequent processing of personal data by obliged entities should be limited to what is necessary for the purpose of complying with AML/CFT requirements and personal data should not be further processed in a way that is incompatible with that purpose. In particular, further processing of personal data for commercial purposes should be strictly prohibited.

(86) It is essential that the alignment of the AML/CFT framework with the revised FATF Recommendations is carried out in full compliance with Union law, in particular as regards Union data protection law and the protection of fundamental rights as enshrined in the Charter. Certain aspects of the implementation of the AML/CFT framework involve the collection, analysis, storage and sharing of data. Such processing of personal data should be permitted, while fully respecting fundamental rights, only for the purposes laid down in this Regulation, and for carrying out customer due diligence, ongoing monitoring, analysis and reporting of unusual and suspicious transactions, identification of the beneficial owner of a legal person or legal arrangement, identification of a politically exposed person and sharing of information by credit institutions and financial institutions and other obliged entities. The collection and subsequent processing of personal data by obliged entities should be limited to what is necessary for the purpose of complying with AML/CFT requirements and personal data should not be further processed in a way that is incompatible with that purpose. In particular, the processing of special categories of personal data and of personal data relating to criminal convictions and offences should be subject to appropriate safeguards laid down in this Regulation. Further processing of personal data for commercial purposes should be strictly prohibited.

Text proposed by the Commission

Amendment

(93) The anonymity of crypto-assets exposes them to risks of misuse for criminal purposes. Anonymous crypto-asset wallets do not allow the traceability of crypto-asset transfers, whilst also making it difficult to identify linked transactions that may raise suspicion or to apply to adequate level of customer due diligence. In order to ensure effective application of AML/CFT requirements to crypto-assets, it is necessary to prohibit the provision and the custody of anonymous crypto-asset wallets by crypto-asset service providers.

(93) The anonymity of crypto-assets exposes them to risks of misuse for criminal purposes. Anonymous crypto-asset accounts as well as other anonymising instruments, do not allow the traceability of crypto-asset transfers, whilst also making it difficult to identify linked transactions that may raise suspicion or to apply to adequate level of customer due diligence. In order to ensure effective application of AML/CFT requirements to crypto-assets, it is necessary to prohibit the provision and the custody of anonymous crypto-asset accounts allowing for the anonymisation of the customer account holder or the increased obfuscation of transactions. Anonymising instruments or services, should be treated by obliged entities as factors of higher risk. Given their potential misuse to obfuscate transactions for illicit purposes, the Commission should assess whether the provision of anonymising instruments and services, such as mixers and tumblers, by crypto-asset service providers for or on behalf of another person should also be subject to a prohibition. Those provisions should not apply to providers of hardware and software or providers of self-hosted wallets to the extent they do not possess access to or control over the crypto-assets of another person.

Text proposed by the Commission

Amendment

(94) The use of large cash payments is highly vulnerable to money laundering and terrorist financing; this has not been sufficiently mitigated by the requirement for traders in goods to be subject to anti-money laundering rules when making or receiving cash payments of EUR 10 000 or more. At the same time, differences in approaches among Member States have undermined the level playing field within the internal market to the detriment of businesses located in Member States with stricter controls. It is therefore necessary to introduce a Union-wide limit to large cash payments of EUR 10 000. Member States should be able to adopt lower thresholds and further stricter provisions.

(94) The use of large cash payments is highly vulnerable to money laundering and terrorist financing; this has not been sufficiently mitigated by the requirement for traders in goods to be subject to anti-money laundering rules when making or receiving cash payments of EUR 10 000 or more. At the same time, differences in approaches among Member States have undermined the level playing field within the internal market to the detriment of businesses located in Member States with stricter controls. It is therefore necessary to introduce a Union-wide limit to large cash payments of EUR 7000. Member States should be able to adopt lower thresholds and further stricter provisions. The Union-wide limit should not be applicable to payments between natural persons who are not acting in a professional function, except for transactions related to land and real estate, precious metals and stones and other luxury goods, and to payments or deposits made at the premises of credit institutions. In the case of payments or deposits made at the premises of credit institutions, however, the credit institution should report the payment or deposit above the limit to the FIU. Such reporting should not replace reporting in case of suspicious activities and transactions. Unusually large transactions in cash even below the threshold, including the withdrawal, should be subject to enhanced customer due diligence measures in cases of higher risk and, if necessary, to reporting of suspicions.

Text proposed by the Commission

Amendment

(94a) Technological developments enable merchants to accept payments in crypto-assets for the provision of goods and services either in store or online. Where such payments are not carried out by means of a regulated service providers, the level of traceability to a verified identity might not be sufficient for the purpose of preventing their misuse for money laundering, terrorist financing or predicate offences. The use of such means of payment, in the context of increasing digitalisation, might create a loophole and undermine the effectiveness of the cash limit. While maintaining the possibility to make payments in crypto-assets for goods and services, it is therefore necessary to require merchants to rely on a crypto-asset service provider authorised under MiCA, when accepting payments in crypto-assets. Such limitation should apply to persons trading in goods or providing services and should not be interpreted as a restriction on private transactions by means of self-hosted wallets nor as a restriction to the use of self-hosted wallets in the context of commercial transactions, as long as a crypto-asset service provider is involved.

Text proposed by the Commission

Amendment

(97) In order to ensure consistent application of AML/CFT requirements, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission to supplement this Regulation by adopting delegated acts identifying high-risk third countries, third countries with compliance weaknesses and countries that pose a threat to the Union’s financial system and defining harmonised and proportionate enhanced due diligence measures as well as, where relevant, mitigating measures as well as the regulatory technical standards setting out the minimum requirements of group-wide policies, controls and procedures and the conditions under which structures which share common ownership, management or compliance controls are required to apply group-wide policies, controls and procedures, the actions to be taken by groups when the laws of third countries do not permit the application of group-wide policies, controls and procedures and supervisory measures, the sectors and transactions subject to lower thresholds for the performance of customer due diligence and the information necessary for the performance of customer due diligence. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making39 . In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.

(97) In order to ensure consistent application of AML/CFT requirements, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission to supplement this Regulation by adopting delegated acts identifying high-risk third countries, third countries with compliance weaknesses and defining harmonised and proportionate enhanced due diligence measures as well as, where relevant, mitigating measures as well as the regulatory technical standards setting out the minimum requirements of group-wide policies, controls and procedures and the conditions under which structures which share common ownership, management or compliance controls are required to apply group-wide policies, controls and procedures, the actions to be taken by groups when the laws of third countries do not permit the application of group-wide policies, controls and procedures and supervisory measures, the sectors and transactions subject to lower thresholds for the performance of customer due diligence and the information necessary for the performance of customer due diligence, as well as specific rules and criteria to identify the beneficial owner or owners of legal entities other than corporate entities. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making39. In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States' experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.

__________________

__________________

39 OJ L 123, 12.5.2016, p. 1.

39 OJ L 123, 12.5.2016, p. 1.

Text proposed by the Commission

Amendment

(aa) the measures to be applied by obliged entities to mitigate and manage the risks of non-implementation and evasion of targeted financial sanctions;

Text proposed by the Commission

Amendment

(ab) the measures to prevent money laundering and terrorist financing in Member States which allow for citizenship or residence rights in exchange for any kind of investment, including capital transfers, purchase or renting of property, investment in government bonds, investment in corporate entities, donation or endowment of an activity contributing to the public good and contributions to the state budget;

Text proposed by the Commission

Amendment

(c) measures to limit the misuse of bearer instruments.

(c) measures to mitigate risks deriving from anonymous instruments and limit the misuse of bearer instruments.

Text proposed by the Commission

Amendment

(4) ‘property’ means property as defined in Article 2(2) of Directive (EU) 2018/1673;

(4) ‘funds’ or ‘property’ means property as defined in Article 2(2) of Directive (EU) 2018/1673;

Text proposed by the Commission

Amendment

(a) an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council43 , including the activities of currency exchange offices (bureaux de change), or the principal activity of which is to acquire holdings, including a financial holding company and a mixed financial holding company;

(a) an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council43, including the activities of currency exchange offices (bureaux de change) and activities of creditors as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council, and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council, or an undertaking whose principal activity is to acquire holdings, including a financial holding company and a mixed financial holding company, but excluding the activities listed in point (8) of Annex I to Directive (EU) 2015/2366 of the European Parliament and of the Council;

__________________

__________________

43 Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

43 Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

Text proposed by the Commission

Amendment

(aa) a central securities depository as defined in Article 2 point (1) of Regulation (EU) No 909/2014 of the European Parliament and of the Council;

Text proposed by the Commission

Amendment

(fa) crypto-asset service providers;

Text proposed by the Commission

Amendment

(6a) ‘crypto-asset service providers’ means a crypto-asset service provider as defined in Article 3(1), point (15), of Regulation (EU) 2023/... [please insert reference – proposal for a Regulation on Markets in Crypto-assets, and amending Directive (EU) 2019/1937 - COM/2020/593 final] where performing one or more crypto-asset services as defined in Article 3(1), point (16), of that Regulation, with the exception of providing advice on crypto-assets as referred to in Article 3(1), point (16) (h) of that Regulation;

Text proposed by the Commission

Amendment

(6b) 'bearer share’ means a negotiable instrument that accords ownership in a legal person to the person who possesses the bearer share certificate, or any other similar instrument which does not allow the identification or traceability of the ownership of the share; however, it does not refer to dematerialised or registered forms of share certificates whose owners are traceable and identifiable;

Text proposed by the Commission

Amendment

(6c) ‘bearer share warrant’ means a negotiable instrument that accords entitlement to ownership in a legal person who possesses the bearer share warrant, or any other similar warrant or instrument which does not allow the identification or traceability of the ownership of the share; however, it does not refer to dematerialised or registered warrants or other instruments whose owners are traceable and identifiable, or to any other instrument that only confers a right to subscribe for ownership in a legal person at specified conditions, but not ownership or entitlement to ownership, unless and until the instruments are exercised;

Text proposed by the Commission

Amendment

(b) acting as, or arranging for another person to act as, a director or secretary of a company, a partner of a partnership, or a similar position in relation to other legal persons;

(b) acting as, or arranging for another person to act as, a director or secretary of a company, namely as a nominee, a partner of a partnership, a president of a management board or a similar position in relation to other legal persons;

Text proposed by the Commission

Amendment

(7a) ‘wealth or asset manager’ means a natural or legal person that, by way of that person’s business, provides services and offers products designed to grow, protect, utilise and disseminate the wealth of third parties;

Text proposed by the Commission

Amendment

(8) ‘gambling services’ means a service which involves wagering a stake with monetary value in games of chance, including those with an element of skill such as lotteries, casino games, poker games and betting transactions that are provided at a physical location, or by any means at a distance, by electronic means or any other technology for facilitating communication, and at the individual request of a recipient of services;

(8) ‘gambling services’ means a service which involves wagering a stake with monetary value, inter alia in the form of chargeable communications, in games of chance, including those with an element of skill such as lotteries, casino games, poker games and betting transactions that are provided at a physical location, or by any means at a distance, by electronic means or any other technology for facilitating communication, and at the individual request of a recipient of services;

Text proposed by the Commission

Amendment

(14) ‘crypto-asset service provider’ means a crypto-assets service provider as defined in Article 3(1), point (8) of Regulation [please insert reference – proposal for a Regulation on Markets in Crypto-assets, and amending Directive (EU) 2019/1937 - COM/2020/593 final] where performing one or more crypto-asset services as defined in Article 3(1) point (9) of that Regulation;

deleted

Text proposed by the Commission

Amendment

(14a) ‘high-level professional football club’ means a legal entity established in a Member State which owns or manages a professional football club of which at least one team plays in the championship or championships of the two highest level of competition in that Member State and has an annual turnover of at least EUR 7 000 000;

Text proposed by the Commission

Amendment

(14b) ‘sports agent in the football sector’ means a natural person who provides private job placements in the football sector for prospective paid football players or for employers with a view to signing employment contracts for paid football players;

Text proposed by the Commission

Amendment

(15a) 'precious metals' means gold, silver, platinium, iridium, osmium, palladium, rhodium and rhutenium;

Text proposed by the Commission

Amendment

(15b) ‘precious stones’ means diamonds, rubies, sapphires and emeralds;

Text proposed by the Commission

Amendment

(16) ‘business relationship’ means a business, professional or commercial relationship which is connected with the professional activities of an obliged entity and which is expected, at the time when the contact is established, to have an element of duration, including a relationship where an obliged entity is asked to form a company or set up a trust for its customer, whether or not the formation of the company or setting up of the trust is the only transaction carried out for that customer;

(16) business relationship’ means a business, professional or commercial relationship which is directly connected with the professional activities of an obliged entity and which is expected, at the time when the contact is established, to have an element of duration, including a relationship where an obliged entity is asked to form a company or set up a trust for its customer, whether or not the formation of the company or setting up of the trust is the only transaction carried out for that customer; or in the case of real estate transactions, a relationship where an obliged entity other than a credit or financial institution is provided with services which involve the sale or brokerage of more than one property over a period of time;

Text proposed by the Commission

Amendment

(16a) ‘occasional transaction’ means a transaction that is not carried out as part of a business relationship;

Text proposed by the Commission

Amendment

(16b) 'atypical transaction or fact' means a transaction or a fact which does not appear to be consistent with the customer's characteristics and with the purpose and intended nature of the business relationship or the proposed transaction;

Text proposed by the Commission

Amendment

(b) the relationships between and among credit institutions and financial institutions including where similar services are provided by a correspondent institution to a respondent institution, and including relationships established for securities transactions or funds transfers;

(b) the relationships between and among credit institutions and financial institutions including where similar services are provided by a correspondent institution to a respondent institution, and including relationships established for securities transactions or funds transfers or relationships established for transactions in crypto-assets or transfers of crypto-asset;

Text proposed by the Commission

Amendment

(20a) 'unregistered or unlicenced entity providing crypto-asset services’ means an entity which provides crypto-asset services and that is not established in any jurisdiction within the Union or does not have a central contact point or substantive management presence in any jurisdiction within the Union;

Text proposed by the Commission

Amendment

(22) ‘beneficial owner’ means any natural person who ultimately owns or controls a legal entity or express trust or similar legal arrangement, as well as any natural person on whose behalf or for the benefit of whom a transaction or activity is being conducted;

(22) ‘beneficial owner’ means any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement, or an organisation that has legal capacity under national law, as well as any natural person on whose behalf or for the benefit of whom a transaction or activity or business relationship is being conducted;

Text proposed by the Commission

Amendment

(24) ‘formal nominee arrangement’ means a contract or a formal arrangement with an equivalent legal value to a contract, between the nominee and the nominator, where the nominator is a legal entity or natural person that issues instructions to a nominee to act on their behalf in a certain capacity, including as a director or shareholder, and the nominee is a legal entity or natural person instructed by the nominator to act on their behalf;

(24) ‘formal nominee arrangement’ means a contract or a formal equivalent arrangement with an equivalent legal value to a contract, between the nominee and the nominator, where the nominator is a legal entity or natural person that issues instructions to a nominee to act on their behalf in a certain capacity, including as a director or shareholder, and the nominee is a legal entity or natural person instructed by the nominator to act on their behalf;

Text proposed by the Commission

Amendment

(25) ‘politically exposed person’ means a natural person who is or has been entrusted with the following prominent public functions:

(25) ‘politically exposed person’ means a natural person who is or has been entrusted with prominent public functions including:

Text proposed by the Commission

Amendment

(viia) heads of regional and local authorities including groupings of municipalities and metropolitan regions of at least 30.000 inhabitants;

Text proposed by the Commission

Amendment

(ia) other prominent public functions as defined by Member States;

Text proposed by the Commission

Amendment

(c) the parents;

(c) the parents and the siblings

Text proposed by the Commission

Amendment

(a) ‘high-net-worth customer’ means a customer who is a natural person or the beneficial owner of a legal entity that holds in total a minimum of EUR 1 000 000 in financial or investable wealth or assets, excluding that person’s main private residence, in accordance with this Regulation;

Text proposed by the Commission

Amendment

a) a parent undertaking of a group, other than that mentioned in point a), which is subject to prudential supervision on a consolidated basis, at the highest level of prudential consolidation in the Union, including a 'financial holding company' as defined in Article 4(1), point (20), of Regulation (EU) No 575/2013 and an ‘insurance holding company’ as defined in Article 212(1), point (f), of Directive 2009/138/EC;

Text proposed by the Commission

Amendment

(29a) ‘parent undertaking’ means :

(a)  a parent undertaking of a financial conglomerate, including a 'mixed financial holding company' as defined in Article 2, point (15), of Directive 2002/87/CE of the European Parliament and of the Council;

(b)  a parent undertaking of a group which is subject to prudential supervision on a consolidated basis, at the highest level of prudential consolidation in the Union, including a 'financial holding company' as defined in Article 4(1), point (20), of Regulation (EU) No 575/2013 and an ‘insurance holding company’ as defined in Article 212(1), point (f), of Directive 2009/138/EC;

(c)  a parent undertaking of a group which includes at least two obliged entities as defined in Article 3 of this Regulation, and which is not itself a subsidiary of another undertaking in the Union;

however where several parent undertakings are identified within the same group, in accordance with points (a), (b) and (c), the parent undertaking is the entity within the group which is not a subsidiary of another undertaking in the Union.

Text proposed by the Commission

Amendment

(d) a public authority with designated responsibilities for combating money laundering or terrorist financing;

(d) a public authority with designated responsibilities for preventing and combating money laundering or terrorist financing;

Text proposed by the Commission

Amendment

(a) auditors, external accountants and tax advisors, and any other natural or legal person that undertakes to provide, directly or by means of other persons to which that other person is related, material aid, assistance or advice on tax matters as principal business or professional activity;

(a) auditors, external accountants, and tax advisors, and any other natural or legal person that undertakes to provide, directly or by means of other persons to which that other person is related, material aid, assistance or advice on tax, investment or personal finance matters as principal business or professional activity;

Text proposed by the Commission

Amendment

(aa) certified debt collectors, wealth or asset managers;

Text proposed by the Commission

Amendment

(b) notaries and other independent legal professionals, where they participate, whether by acting on behalf of and for their client in any financial or real estate transaction, or by assisting in the planning or carrying out of transactions for their client concerning any of the following:

(b) notaries, lawyers and other independent legal professionals, where they participate, whether by acting on behalf of and for their client in any financial or real estate transaction, or by assisting in the planning or carrying out of transactions for their client concerning any of the following:

Text proposed by the Commission

Amendment

(i) buying and selling of real property or business entities;

(i) buying and selling of real or virtual property or business entities;

Text proposed by the Commission

Amendment

(iii) opening or management of bank, savings or securities accounts;

(iii) opening or management of bank, savings, securities or crypto-assets accounts;

Text proposed by the Commission

Amendment

(d) estate agents, including when acting as intermediaries in the letting of immovable property for transactions for which the monthly rent amounts to EUR 10 000 or more, or the equivalent in national currency;

(d) estate agents, including when acting as intermediaries in the letting of immovable property for transactions for which the monthly rent amounts to EUR 5 000 or or the equivalent in national currency or other accepted form of payment;

Text proposed by the Commission

Amendment

(da) property developers;

Text proposed by the Commission

Amendment

(ea) persons trading in luxury goods other than metals and stones, as listed in Annex III a;

Text proposed by the Commission

Amendment

(h) crowdfunding service providers other than those regulated by Regulation (EU) 2020/1503;

(h) crowdfunding service providers

Text proposed by the Commission

Amendment

(i) persons trading or acting as intermediaries in the trade of works of art, including when this is carried out by art galleries and auction houses, where the value of the transaction or linked transactions amounts to at least EUR 10 000 or the equivalent in national currency;

(i) persons trading or acting as intermediaries in the trade of works of art, including when this is carried out by art galleries and auction houses, where the value of the transaction or linked transactions amounts to at least EUR 5 000 or the equivalent in national currency;

Text proposed by the Commission

Amendment

(ia) persons providing services for the sale and purchase of unique and not fungible crypto-assets;

Text proposed by the Commission

Amendment

(j) persons storing, trading or acting as intermediaries in the trade of works of art when this is carried out within free zones and customs warehouses, where the value of the transaction or linked transactions amounts to at least EUR 10 000 or the equivalent in national currency;

(j) persons storing, trading or acting as intermediaries in the trade of works of art and luxury goods listed in Annex III a when this is carried out within free zones and customs warehouses, where the value of the transaction or linked transactions amounts to at least EUR 5 000 or the equivalent in national currency;

Text proposed by the Commission

Amendment

(ja) online platforms within the meaning of Regulation (EU) .../... [Proposal for a Regulation on a Single Market for Digital Services (Digital Services Act) and amending Directive 2000/31/EC] which make it possible for consumers and traders to conclude distance contracts for physical goods in so far as payments of EUR 10 000 or more are made or received, regardless of whether the transaction is carried out in a single operation or in several operations which appear to be linked;

Text proposed by the Commission

Amendment

(la) sports agents in the football sector;

Text proposed by the Commission

Amendment

(lb) high-level professional football clubs;

Text proposed by the Commission

Amendment

(lc) football associations in Member States which are members of the Union of European Football Associations

Text proposed by the Commission

Amendment

1. With the exception of casinos, Member States may decide to exempt, in full or in part, providers of gambling services from the requirements set out in this Regulation on the basis of the proven low risk posed by the nature and, where appropriate, the scale of operations of such services.

1. With the exception of casinos, online gambling platforms, gambling services offered on a cross-border basis and sports betting providers, Member States may decide to exempt, in full or in part, providers of gambling services such as state providers or state-owned and private lotteries, from the requirements set out in this Regulation on the basis of the proven low risk posed by the nature, the principle of proportionality and, where appropriate, the scale of operations of such services, following consultation of AMLA.

Text proposed by the Commission

Amendment

3. Member States shall establish risk-based monitoring activities or take other adequate measures to ensure that the exemptions granted pursuant to this Article are not abused.

3. Member States, in cooperation with AMLA, shall establish risk-based monitoring activities or take other adequate measures to ensure that the exemptions granted pursuant to this Article are not abused.

Text proposed by the Commission

Amendment

Article 4a

Exemptions for certain providers of crowdfunding services

1.  With the exception of crowdfunding service providers covered by Regulation (EU) 2020/1503, Member States may decide to exempt certain providers of crowdfunding services from the requirements set out in this Regulation on the basis of an individual risk assessment resulting in a proven low risk posed by the nature and, where appropriate, the scale of operation of such services, provided that all the following conditions are met:

a)  the crowdfunding service provider exclusively promotes projects with a public benefit purpose, it does not have as a primary aim the generation of profits and, where a profit is generated, it is invested by the provider for the pursuit of the objectives of the service and not distributed among members, founders or any other private parties;

b)  the crowdfunding service provider implements minimum due diligence requirements in respect of project owners that propose their projects to be funded through the crowdfunding platform in a manner consistent with Article 5 of Regulation (EU) 2020/1503 and all the natural persons involved in the senior management fulfill the criteria set out in Article 6 of Directive (EU) 2023/... [AMLD VI Proposal];

c)  all the natural persons involved in the management of the crowdfunding service provider respect fit and proper requirements which are consistent with the requirements laid down with Article 12(3), point (b), of Regulation (EU) 2020/1503;

d)  the crowdfunding service provider sets up and maintains arrangements to ensure that project owners accept funding of crowdfunding projects, or any other payment, only by means of a payment service provider in accordance with Directive (EU) 2015/2366;

e)  the crowdfunding service provider is established in the Union.

2.  Member States, in cooperation with AMLA, shall establish risk-based monitoring activities or take other adequate measures to ensure that the exemptions granted pursuant to this Article are not abused.

Text proposed by the Commission

Amendment

1a. Member States shall require payment service providers as defined in Article 4(11) of Directive (EU) 2015/2366 to ensure that they do not carry out transactions for gambling service providers which do not possess a licence in the Union.

Text proposed by the Commission

Amendment

1. Member States shall notify the Commission of any exemption that they intend to grant in accordance with Articles 4 and 5 without delay. The notification shall include a justification based on the relevant risk assessment for the exemption.

1. Member States shall notify the Commission of any exemption that they intend to grant in accordance with Articles 4 and 5 without delay. The notification shall include a detailed justification based on the relevant risk assessment carried out by the Member State to sustain the exemption. If deemed appropriate, Member States shall provide further evidence to support the exemption.

Text proposed by the Commission

Amendment

(a) confirm that the exemption may be granted;

(a) confirm that the exemption may be granted on the basis of the justification given by the Member State;

Text proposed by the Commission

Amendment

3. Upon reception of a decision by the Commission pursuant to paragraph 2(a), Member States may adopt the decision granting the exemption. Such decision shall state the reasons on which it is based. Member States shall review such decisions regularly, and in any case when they update their national risk assessment pursuant to Article 8 of Directive [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final].

3. Upon reception of a decision by the Commission pursuant to paragraph 2(a), Member States may adopt the decision granting the exemption. Such decision shall state the reasons on which it is based. Member States shall review such decisions regularly, but no later than one year after the exemption has been granted for the first time and in any case when they update their national risk assessment pursuant to Article 8 of Directive [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final].

Text proposed by the Commission

Amendment

5. The Commission shall publish every year in the Official Journal of the European Union the list of exemptions granted pursuant to this Article.

5. The Commission shall publish every year in the Official Journal of the European Union the list of exemptions granted and an analytical and factual overview of the exemptions granted pursuant to this Article.

Text proposed by the Commission

Amendment

Article 6a

Ban on citizenship by investment and minimum requirements regarding citizenship and residence by investment schemes

1.  Member States shall not put in place schemes under national law which allow for citizenship rights in exchange for any kind of investment, including capital transfers, the purchase or renting of property, investment in government bonds, investment in corporate entities, donation or endowment of an activity contributing to the public good and contributions to the state budget, and without a genuine link with the Member States concerned.

2.  A Member State whose national law grants citizenship or residence rights in exchange for any kind of investment, such as capital transfers, purchase or renting of property, investment in government bonds, investment in corporate entities, donation or endowment of an activity contributing to the public good and contributions to the state budget, shall ensure that public authorities that process applications for such residence rights carry out at least the following measures before a decision is taken:

(a)  require that transactions are carried out by means of a business relationship with an obliged entity established in that Member State;

(b)  request and assess information from involved obliged entities about customer due diligence measures carried out;

(c)  obtain and record detailed information, substantiated by verified documents, on the identity of the applicant, on the applicant’s business interests and employment activities in the previous 10 years, and on the applicant’s source of funds and source of wealth;

(d)  require clearance from relevant law enforcement authorities, substantiated by evidence of the absence of any criminal activities on the part of the applicant.

(e) require that applicants are subject to requirements of minimum physical presence and minimum active involvement in the investment, quality of investment, added value and contribution to the economy;.

(f)  have in place a monitoring mechanism for ex post control of successful applicants’ continued compliance with the legal requirements of the schemes.

The applicant's physical presence as referred to in point (e) of the first subparagraph shall be regularly monitored by relevant authorities and non-compliance with that requirement shall result in the non-granting or withdrawal of citizenship or residence rights.

3.  Applicants with documented connections with suspicious activities, including close business relationships with persons having a criminal record related to money laundering, terrorist financing or predicate offences, or close personal or business relationships with individuals subjected to targeted financial sanctions shall not be granted residence rights under such schemes.

4.  Applicants who are nationals of countries referred to in Articles 23, 24 or 25 shall not be granted residency right under such schemes.

Text proposed by the Commission

Amendment

(b) in addition to the obligation to apply targeted financial sanctions, mitigate and manage the risks of non-implementation and evasion of proliferation financing-related targeted financial sanctions.

(b) in addition to the obligation to apply targeted financial sanctions, mitigate and manage the risks of non-implementation, divergent implementation and evasion of all targeted financial sanctions including targeted financial sanctions relating to terrorism and terrorist financing and proliferation financing-related targeted financial sanctions.

Text proposed by the Commission

Amendment

Those policies, controls and procedures shall be proportionate to the nature and size of the obliged entity.

Those policies, controls and procedures shall be proportionate to the nature, activity and size of the obliged entity. Those policies, controls and procedures shall take into account supranational and national risk assessments and the guidelines of financial intelligence units (FIUs) and supervisors, including the results of controls by the competent authorities.

Text proposed by the Commission

Amendment

(c) an independent audit function to test the internal policies, controls and procedures referred to in point (a);

(c) an independent audit function to assess whether the internal policies, controls and procedures referred to in point (a) operate effectively;

Text proposed by the Commission

Amendment

(d) the verification, when recruiting and assigning staff to certain tasks and functions and when appointing its agents and distributors, that those persons are of good repute, proportionate to the risks associated with the tasks and functions to be performed;

(d) the verification, when recruiting and assigning staff to certain tasks and functions and when appointing its agents and distributors, that those persons are of good repute, have the skills and knowledge proportionate to the risks associated with the tasks and functions to be performed;

Text proposed by the Commission

Amendment

4. By [2 years after the entry into force of this Regulation], AMLA shall issue guidelines on the elements that obliged entities should take into account when deciding on the extent of their internal policies, controls and procedures.

4. By [two years after the entry into force of this Regulation], AMLA, after consulting the European Supervisory Authority (European Banking Authority) (EBA), established by Regulation (EU) No 1093/2010 of the European Parliament and of the Council, shall develop draft regulatory technical standards and submit them to the Commission for adoption. Those draft regulatory technical standards shall specify the elements that obliged entities should take into account when deciding on the extent of their internal policies, controls and procedures based on their assessed level of risk. They shall also include guidance on how to determine the number of staff to be entrusted with compliance functions as set out in Article 9, taking into account the nature, activity and size of obliged entities and the inherent risks of the sector in which they operate.

Text proposed by the Commission

Amendment

4a. The Commission is empowered to supplement this Regulation by adopting the regulatory technical standards referred to in paragraph 4 of this Article in accordance with Articles 38 to 41 of Regulation (EU) 2023/... [please insert reference – proposal for establishment of an Anti-Money Laundering Authority - COM/2021/421 final].

Text proposed by the Commission

Amendment

1. Obliged entities shall take appropriate measures, proportionate to their nature and size, to identify and assess the risks of money laundering and terrorist financing to which they are exposed, as well as the risks of non-implementation and evasion of proliferation financing-related targeted financial sanctions, taking into account:

1. Obliged entities shall take appropriate measures, proportionate to their nature, activity and size, to identify and assess the risks of money laundering and terrorist financing to which they are exposed, as well as the risks of non-implementation and evasion of all targeted financial sanctions including targeted financial sanctions relating to terrorism and terrorism financing and proliferation financing-related targeted financial sanctions, taking into account at least the following:

Text proposed by the Commission

Amendment

(ca) relevant guidelines, recommendations and opinions issued by AMLA in accordance with Articles 43 and 44 of Regulation (EU) 2023/... [please insert reference – proposal for establishment of an Anti-Money Laundering Authority - COM/2021/421 final];

Text proposed by the Commission

Amendment

(cb) the conclusions drawn from past infringements of AML/CFT rules by the obliged entity in question or any connection of the obliged entity in question with a case of money laundering or terrorist financing;

Text proposed by the Commission

Amendment

(cc) information from FIUs and law enforcement agencies;

Text proposed by the Commission

Amendment

(cd) information obtained as part of the initial customer due diligence process and ongoing monitoring;

Text proposed by the Commission

Amendment

(ce) own knowledge and professional experience.

Text proposed by the Commission

Amendment

1a. Obliged entities may, depending on the level of risk identified and the principle of proportionality, consider at their sole discretion additional sources of information, including:

(a)  information from organisations of obliged entities on typologies and on emerging risks;

(b)  information from civil society organisations, including corruption perception indices and other country reports;

(c)  information from international standard-setting bodies such as mutual evaluation reports or other reports and reviews;

(d)  information from credible and reliable open sources and the media;

(e)  information from credible and reliable commercial organisations, such as risk reports;

(f)  information from statistic organisations and the academia.

Text proposed by the Commission

Amendment

1. Obliged entities shall appoint one executive member of their board of directors or, if there is no board, of its equivalent governing body who shall be responsible for the implementation of measures to ensure compliance with this Regulation (‘compliance manager’). Where the entity has no governing body, the function should be performed by a member of its senior management.

1. Obliged entities shall appoint one executive member of their management body in its management function who shall be responsible for the implementation and monitoring of measures to ensure compliance with this Regulation (‘compliance manager’). Where the entity has no management body, the function should be performed by a member of its senior management. This paragraph is without prejudice to national provisions on joint civil or criminal liability of management bodies.

Text proposed by the Commission

Amendment

2. The compliance manager shall be responsible for implementing the obliged entity’s policies, controls and procedures and for receiving information on significant or material weaknesses in such policies, controls and procedures. The compliance manager shall regularly report on those matters to the board of director or equivalent governing body. For parent undertakings, that person shall also be responsible for overseeing group-wide policies, controls and procedures.

2. The compliance manager shall ensure that the obliged entity’s policies, controls and procedures are fully implemented and shall receive information on significant or material weaknesses in such policies, controls and procedures. The compliance manager shall regularly report on those matters to the management body. For parent undertakings, that person shall also be responsible for overseeing group-wide policies, controls and procedures.

Text proposed by the Commission

Amendment

3. Obliged entities shall have a compliance officer, to be appointed by the board of directors or governing body, who shall be in charge of the day-to-day operation of the obliged entity’s anti-money laundering and countering the financing of terrorism (AML/CFT) policies. That person shall also be responsible for reporting suspicious transactions to the Financial Intelligence Unit (FIU) in accordance with Article 50(6).

3. Obliged entities shall have a compliance officer, to be appointed by the management body in its management function, who shall be in charge of the day-to-day operation of the obliged entity’s anti-money laundering and countering the financing of terrorism (AML/CFT) policies including being a contact point for competent authorities. That person shall also be responsible for reporting suspicious transactions to the FIU in accordance with Article 50(6). The compliance officer shall be independent in its function and responsibilities.

Text proposed by the Commission

Amendment

An obliged entity that is part of a group may appoint as its compliance officer an individual who performs that function in another entity within that group.

An obliged entity that is part of a group may appoint as its compliance officer an individual who performs that function in another entity within that group, provided that the other entity is established in the same Member State as the obliged entity.

Text proposed by the Commission

Amendment

3a. A compliance officer shall not be penalised in any way in the context of employment for the carrying out of duties. A compliance officer shall not be dismissed prior to the end of the term of appointment unless facts emerge that make it unreasonable for the obliged entity concerned to retain the person. Obliged entities shall notify supervisors of the dismissal of compliance officers and the reason therefor.

Text proposed by the Commission

Amendment

3b. Where the suitability of a compliance manager or compliance officer is verified by a non-AML/CFT authority, that authority shall, without undue delay, inform the supervisor in the Member State where the obliged entity concerned is established of the receipt of the application for suitability verification and of the date by which the decision on the suitability needs to be taken. The supervisor shall, in cooperation with other competent authorities as appropriate, provide the non-AML/CFT authority with any input necessary within its supervisory competence, within an appropriate deadline taking into account the date by which the decision on the suitability needs to be taken.

The input referred to in the first subparagraph shall consist of an assessment as to whether the knowledge, skills and experience of the appointee suffice for the performance of the function of compliance manager or compliance officer for which the appointee was nominated and such assessment shall become a part of the decision of the authority verifying the suitability.

Where the supervisor concludes, that the appointee does not have adequate knowledge, skills and experience to perform the tasks set out in the first and second subparagraphs in respect of the function of a compliance manager, or the third subparagraph in respect of the function of a compliance officer, the authority verifying the suitability shall not take a decision that would allow the appointee to perform those tasks.

The procedure for identifying the relevant supervisor, specific deadlines for providing the input referred to in this paragraph and other technical details regarding supervisors’ cooperation with authorities verifying the suitability, including the ECB acting in accordance with Regulation (EU) No 1024/2013 of the European Parliament and of the Council and other authorities thereunder, shall be set out in the guidelines contained in Article 52 of Directive (EU) 2023/...  [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final].’

Text proposed by the Commission

Amendment

4. Obliged entities shall provide the compliance functions with adequate resources, including staff and technology, in proportion to the size, nature and risks of the obliged entity for the implementation of compliance functions, and shall ensure that the powers to propose any measures necessary to ensure the effectiveness of the obliged entity’s internal policies, controls and procedures are granted to the persons responsible for those functions.

4. Obliged entities shall provide the compliance functions with adequate resources, including staff and technology, in proportion to the size, nature, activity and risks of the obliged entity for the implementation of compliance functions, and shall ensure that the access to all information, data, records and systems that might be of relevance in connection with the performance of their duties and the powers to propose any measures necessary to ensure the effectiveness of the obliged entity’s internal policies, controls and procedures are granted to the persons responsible for those functions.

Text proposed by the Commission

Amendment

5. The compliance manager shall submit once a year, or more frequently where appropriate, to the governing body a report on the implementation of the obliged entity’s internal policies, controls and procedures, and shall keep the management body informed of the outcome of any reviews. The governing body shall take the necessary actions to remedy any deficiencies identified in a timely manner.

5. The compliance manager shall submit once a year, or more frequently where appropriate, to the management body a report on the implementation of the obliged entity’s internal policies, controls and procedures, and shall keep the management body informed of the outcome of any reviews. The management body shall take the necessary actions to remedy any deficiencies identified in a timely manner.

Text proposed by the Commission

Amendment

6. Where the size of the obliged entity justifies it, the functions referred to in paragraphs 1 and 3 may be performed by the same natural person.

6. Where the size of the obliged entity justifies it, the functions referred to in paragraphs 1 and 3 may be performed by the same natural person. The compliance officer may cumulate functions referred to in paragraphs 1 and 3 with other functions.

Text proposed by the Commission

Amendment

2. Employees entrusted with tasks related to the obliged entity’s compliance with this Regulation shall inform the compliance officer of any close private or professional relationship established with the obliged entity’s customers or prospective customers and shall be prevented from undertaking any tasks related to the obliged entity’s compliance in relation to those customers.

2. Employees entrusted with tasks related to the obliged entity’s compliance with this Regulation shall inform the compliance officer of any close private or professional relationship established with the obliged entity’s customers or prospective customers, who have indicated their intention to be legally bound by a contract in their statements or conduct as they were reasonably understood by the other party, and shall be prevented from undertaking any tasks related to the obliged entity’s compliance in relation to those customers.

Text proposed by the Commission

Amendment

2a. Obliged entities shall have in place adequate procedures to ensure that responsibility for a business relationship changes from one employee to another at appropriate intervals. Where the size of the obliged entity or the need for special qualifications does not allow for the establishment of such a procedure, the compliance officer shall carry out, in a risk-based manner, a special examination of the affected business relationships at appropriate intervals.

Text proposed by the Commission

Amendment

3. Obliged entities shall have in place appropriate procedures for their employees, or persons in a comparable position, to report breaches of this Regulation internally through a specific, independent and anonymous channel, proportionate to the nature and size of the obliged entity concerned.

3. Obliged entities shall have in place appropriate procedures for their employees, or persons in a comparable position, to report breaches of this Regulation internally through a specific, independent and anonymous channel, proportionate to the nature, activity and size of the obliged entity concerned.

Text proposed by the Commission

Amendment

Obliged entities shall take measures to ensure that employees, managers or agents who report breaches pursuant to the first subparagraph are protected against retaliation, discrimination and any other unfair treatment.

Obliged entities shall take measures to ensure that employees, managers, agents, and other persons referred to in Article 4 of Directive (EU) 2019/1937 of the European Parliament and of the Council5a who report breaches pursuant to the first subparagraph are protected in accordance with that Directive and other applicable legal acts

__________________

5a Directive (EU) 2016/97 of the European Parliament and of the Council of 20 January 2016 on insurance distribution (recast) (OJ L 26, 2.2.2016, p. 19).

Text proposed by the Commission

Amendment

Article 12a

Minimum requirements for sole traders, single operators or microenterprises

1.  By ... [two years from the date of entry into force of this Regulation], AMLA shall develop draft regulatory technical standards and submit them to the Commission for adoption concerning minimum requirements and standards for compliance with this Chapter by obliged entities which are sole traders, single operators or microenterprises. In particular, AMLA shall develop requirements and standards in relation to execution of compliance functions. When developing the draft regulatory technical standards referred to in the first subparagraph, AMLA shall take due account of the inherent levels of risks of the business models of the different types of obliged entities in order to ensure that the requirements and standards for compliance are proportionate to the risks identified.

2.  The Commission is empowered to supplement this Regulation by adopting the regulatory technical standards referred to in paragraph 1 of this Article in accordance with Articles 38 to 41 of Regulation (EU) .../... [please insert reference – proposal for establishment of an Anti-Money Laundering Authority - COM/2021/421 final].

Text proposed by the Commission

Amendment

1. A parent undertaking shall ensure that the requirements on internal procedures, risk assessment and staff referred to in Section 1 of this Chapter apply in all branches and subsidiaries of the group in the Member States and, for groups whose parent undertaking is established in the Union in third countries. The group-wide policies, controls and procedures shall also include data protection policies and policies, controls and procedures for sharing information within the group for AML/CFT purposes.

1. Each parent undertaking established in the Union shall put in place group-wide policies, controls and procedures to comply with this Regulation and shall ensure that the requirements on internal procedures, risk assessment and staff referred to in Section 1 of this Chapter apply in all branches and subsidiaries of the group in the Member States as well as in third countries. To that end, a parent undertaking shall carry out a group-wide risk assessment, taking into account the risks identified by all branches and subsidiaries of the group, and on the basis of that assessment establish and implement group-wide policies, controls and procedures. The group-wide policies, controls and procedures shall also include data protection policies and policies, controls and procedures for sharing information within the group for AML/CFT purposes. Obliged entities that are part of a group shall implement the group-wide policies, controls and procedures, taking into account their specificities and the risks to which they are exposed.

Text proposed by the Commission

Amendment

2. The policies, controls and procedures pertaining to the sharing of information referred to in paragraph 1 shall require obliged entities within the group to exchange information when such sharing is relevant for preventing money laundering and terrorist financing. The sharing of information within the group shall cover in particular the identity and characteristics of the customer, its beneficial owners or the person on behalf of whom the customer acts, the nature and purpose of the business relationship and the suspicions that funds are the proceeds of criminal activity or are related to terrorist financing reported to FIU pursuant to Article 50, unless otherwise instructed by the FIU.

2. The policies, controls and procedures pertaining to the sharing of information referred to in paragraph 1 shall require obliged entities within the group to exchange information when such sharing is relevant for preventing money laundering and terrorist financing, including customer due diligence and risk management. The sharing of information within the group shall cover in particular the identity and characteristics of the customer, its beneficial owners or the person on behalf of whom the customer acts, the nature and purpose of the business relationship and of the transactions, as well as, where applicable, the analysis of atypical transactions and the suspicions that funds are the proceeds of criminal activity or are related to terrorist financing reported to FIU pursuant to Article 50, unless otherwise instructed by the FIU.

Text proposed by the Commission

Amendment

Groups shall put in place group-wide policies, controls and procedures to ensure that the information exchanged pursuant to the first subparagraph is subject to sufficient guarantees in terms of confidentiality, data protection and use of the information, including to prevent its disclosure.

The group-wide policies, procedures and controls shall require that entities within a group which are not obliged entities pursuant to Article 3 of this Regulation provide relevant information to obliged entities within the same group in order to comply with the requirements set out in this Regulation. Groups shall put in place group-wide policies, controls and procedures to ensure that the information exchanged pursuant to the first and second subparagraph is subject to sufficient guarantees in terms of confidentiality, data protection and use of the information, including to prevent its disclosure.

Text proposed by the Commission

Amendment

2a. Entities within the same group shall be entitled to use the information received as up-to-date information for the intra-group business relationship, provided that:

(a)  the information or documents are provided by another entity within the same group;

(b)  the receiving entity within the same group and the providing entity within the same group are not aware that the information is no longer up to date

Text proposed by the Commission

Amendment

3. By [2 years from the entry into force of this Regulation], AMLA shall develop draft regulatory technical standards and submit them to the Commission for adoption. Those draft regulatory technical standards shall specify the minimum requirements of group-wide policies, including minimum standards for information sharing within the group, the role and responsibilities of parent undertakings that are not themselves obliged entities with respect to ensuring group-wide compliance with AML/CFT requirements and the conditions under which the provisions of this Article apply to entities that are part of structures which share common ownership, management or compliance control, including networks or partnerships.

3. By … [2 years from the entry into force of this Regulation], AMLA, after consulting EBA, shall develop draft regulatory technical standards and submit them to the Commission for adoption. Those draft regulatory technical standards shall specify the minimum requirements of group-wide policies, including minimum standards for information sharing within the group, the role and responsibilities of parent undertakings that are not themselves obliged entities with respect to ensuring group-wide compliance with AML/CFT requirements and the conditions under which the provisions of this Article apply to entities that are part of structures which share common ownership, management or compliance control, including networks or partnerships.

Text proposed by the Commission

Amendment

1. Where branches or subsidiaries of obliged entities are located in third countries where the minimum AML/CFT requirements are less strict than those set out in this Regulation, the obliged entity concerned shall ensure that those branches or subsidiaries comply with the requirements laid down in this Regulation, including requirements concerning data protection, or equivalent.

1. Where branches or subsidiaries of obliged entities are located in third countries where the minimum AML/CFT requirements are less strict than those set out in this Regulation, the parent undertaking shall ensure that those branches or subsidiaries comply with the requirements laid down in this Regulation, including requirements concerning data protection, or equivalent.

Text proposed by the Commission

Amendment

2. Where the law of a third country does not permit compliance with the requirements laid down in this Regulation, obliged entities shall take additional measures to ensure that branches and subsidiaries in that third country effectively handle the risk of money laundering or terrorist financing, and the head office shall inform the supervisors of their home Member State. Where the supervisors of the home Member State consider that the additional measures are not sufficient, they shall exercise additional supervisory actions, including requiring the group not to establish any business relationship, to terminate existing ones or not to undertake transactions, or to close down its operations in the third country.

2. Where the law of a third country does not permit compliance with the requirements laid down in this Regulation, the parent undertaking shall take additional measures to ensure that branches and subsidiaries in that third country effectively handle the risk of money laundering or terrorist financing, and shall inform the supervisors of their home Member State of those additional measures. Where the supervisors of the home Member State consider that the additional measures are not sufficient, they shall exercise additional supervisory actions, including requiring the group not to establish any business relationship, to terminate existing ones or not to undertake transactions, or to close down its operations in the third country.

Text proposed by the Commission

Amendment

3. By [2 years after the date of entry into force of this Regulation], AMLA shall develop draft regulatory technical standards and submit them to the Commission for adoption. Those draft regulatory technical standards shall specify the type of additional measures referred to in paragraph 2, including the minimum action to be taken by obliged entities where the law of a third country does not permit the implementation of the measures required under Article 13 and the additional supervisory actions required in such cases.

3. By … [2 years after the date of entry into force of this Regulation], AMLA shall develop draft regulatory technical standards and submit them to the Commission for adoption. Those draft regulatory technical standards shall specify the type of additional measures referred to in paragraph 2, including the minimum action to be taken by obliged entities where the law of a third country does not permit the implementation of the measures required under Article 13 and the additional supervisory actions required in such cases. The draft regulatory technical standards shall include a list of third countries where the minimum AML/CFT requirement are deemed equivalent to those laid down in this Regulation. This list shall be regularly updated.

Text proposed by the Commission

Amendment

2. In addition to the circumstances referred to in paragraph 1, credit and financial institutions and crypto-asset service providers shall apply customer due diligence when either initiating or executing an occasional transaction that constitutes a transfer of funds as defined in Article 3, point (9) of Regulation [please insert reference – proposal for a recast of Regulation (EU) 2015/847 - COM/2021/422 final], or a transfer of crypto-assets as defined in Article 3, point (10) of that Regulation, exceeding EUR 1 000 or the equivalent in national currency.

2. In addition to the circumstances referred to in paragraph 1, credit and financial institutions shall apply customer due diligence when initiating or executing an occasional transaction that constitutes a transfer of funds as defined in Article 3, point (9) of Regulation [please insert reference – proposal for a recast of Regulation (EU) 2015/847 - COM/2021/422 final], amounts to EUR 1 000 or more or the equivalent in national currency.

Credit and financial institutions which are obliged entities shall also apply customer due diligence measures when involved in or carrying out an occasional transaction involving crypto-assets that amounts to EUR 1 000 or more, or the equivalent in national currency, whether the transaction is carried out in a single operation or through linked transactions.

Text proposed by the Commission

Amendment

3. Providers of gambling services shall apply customer due diligence upon the collection of winnings, the wagering of a stake, or both, when carrying out transactions amounting to at least EUR 2 000 or the equivalent in national currency, whether the transaction is carried out in a single operation or in linked transactions.

3. Providers of gambling services shall apply customer due diligence upon the collection of winnings, the wagering of a stake, or both, when carrying out transactions amounting to at least EUR 2 000 or the equivalent in national currency, or, in the case of online gambling services, transactions amounting to at least EUR 1 000 or the equivalent in national currency, whether the transaction is carried out in a single operation or in linked transactions.

Text proposed by the Commission

Amendment

3a. By way of derogation from paragraph 1, based on an appropriate risk assessment which demonstrates a low risk, a supervisor may allow obliged entities not to apply certain customer due diligence measures with respect to electronic money that can be used only in a limited way, where all of the following risk-mitigating conditions are met:

a)  the maximum amount stored does not exceed EUR 150;

b)  the payment instruments can be used exclusively to purchase, either in store or online, goods or services in a single Member State, from the issuer, or within a network of service providers under direct commercial agreement with a professional issuer;

The payment instruments referred to in point b) of the first subparagraph shall not be linked to a bank account, shall not allow for balance top-ups and shall not exchangeable for cash.

Text proposed by the Commission

Amendment

4. In the case of credit institutions, the performance of customer due diligence shall also take place, under the oversight of supervisors, at the moment that the institution has been determined failing or likely to fail pursuant to Article 32(1) of Directive 2014/59/EU of the European Parliament and of the Council52 or when the deposits are unavailable in accordance with Article 2(1)(8) of Directive 2014/49/EU of the European Parliament and of the Council53 . Supervisors shall decide on the intensity and scope of such customer due diligence measures having regard to the specific circumstances of the credit institution.

4. In the case of credit institutions, the performance of customer due diligence shall also take place, where necessary under the oversight of supervisors, at the moment that the institution has been determined failing or likely to fail pursuant to Article 32(1) of Directive 2014/59/EU of the European Parliament and of the Council52 or when the deposits are unavailable in accordance with Article 2(1)(8) of Directive 2014/49/EU of the European Parliament and of the Council53 . Supervisors shall decide on the intensity and scope of such customer due diligence measures having regard to the specific circumstances of the credit institution.

__________________

__________________

52 Directive 2014/59/EU of the European Parliament and of the Council of 15 May 2014 establishing a framework for the recovery and resolution of credit institutions and investment firms and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU) No 1093/2010 and (EU) No 648/2012, of the European Parliament and of the Council Text with EEA relevance (OJ L 173, 12.6.2014, p. 190).

52 Directive 2014/59/EU of the European Parliament and of the Council of 15 May 2014 establishing a framework for the recovery and resolution of credit institutions and investment firms and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU) No 1093/2010 and (EU) No 648/2012, of the European Parliament and of the Council Text with EEA relevance (OJ L 173, 12.6.2014, p. 190).

53 Directive 2014/49/EU of the European Parliament and of the Council of 16 April 2014 on deposit guarantee schemes Text with EEA relevance (OJ L 173, 12.6.2014, p. 149).

53 Directive 2014/49/EU of the European Parliament and of the Council of 16 April 2014 on deposit guarantee schemes Text with EEA relevance (OJ L 173, 12.6.2014, p. 149).

Text proposed by the Commission

Amendment

(ba) the criteria to be taken into account for identifying occasional transactions, including those involving crypto-assets;

Text proposed by the Commission

Amendment

(bb) the criteria to be taken into account to identify business relationships;

Text proposed by the Commission

Amendment

(ba) identify and record the identity of nominee shareholders and nominee directors of a corporate or other legal entity and identify their status as such, where applicable;

Text proposed by the Commission

Amendment

(ca) verify whether the customer or the beneficial owner are subject to targeted financial sanctions relating to terrorism and terrorism financing and proliferation financing, and to other applicable Union targeted financial sanctions;

Text proposed by the Commission

Amendment

2a. Without prejudice to any other measures required to comply with the obligation to apply targeted financial sanctions, for credit and financial institutions the measures laid down in paragraph 1, point (ca), shall include the regular screening of the customer’s identity as well as the beneficial owner’s identity against the relevant sanctions lists of designated persons in order to verify that the customer is not a designated individual, entity or group subject to targeted financial sanctions.

Text proposed by the Commission

Amendment

3. By [2 years after the date of application of this Regulation], AMLA shall issue guidelines on the risk variables and risk factors to be taken into account by obliged entities when entering into business relationships or carrying out occasional transactions.

3. By … [two years after the date of application of this Regulation], AMLA, after consulting Europol and the European Supervisory Authorities (ESAs) shall issue guidelines on:

Text proposed by the Commission

Amendment

(a) the risk variables and risk factors to be taken into account by obliged entities when entering into business relationships or carrying out occasional transactions;

Text proposed by the Commission

Amendment

(b) measures to be applied by obliged entities for assessing whether the customer or the beneficial owner is subject to targeted financial sanctions including how to identify entities controlled by persons subject to targeted financial sanctions.

Text proposed by the Commission

Amendment

1. Where an obliged entity is unable to comply with the customer due diligence measures laid down in Article 16(1), it shall refrain from carrying out a transaction or establishing a business relationship, and shall terminate the business relationship and consider filing a suspicious transaction report to the FIU in relation to the customer in accordance with Article 50.

1. Where an obliged entity is unable to comply with the customer due diligence measures laid down in Article 16(1), it shall not carry out a transaction or establish a business relationship, and shall terminate the business relationship and consider filing a suspicious transaction report to the FIU in relation to the customer in accordance with Article 50. Where there is a suspicion of money laundering or terrorist financing, the obliged entity shall file a suspicious transaction report to the FIU.

Text proposed by the Commission

Amendment

The first subparagraph shall not apply to notaries, lawyers and other independent legal professionals, auditors, external accountants and tax advisors, to the strict extent that those persons ascertain the legal position of their client, or perform the task of defending or representing that client in, or concerning, judicial proceedings, including providing advice on instituting or avoiding such proceedings.

Paragraph 1 shall not apply to notaries, lawyers and other independent legal professionals, auditors, external accountants and tax advisors, to the strict extent that those persons:

Text proposed by the Commission

Amendment

(a) ascertain the legal position of their client, except where the legal advice, is provided for the purpose of money laundering, or terrorist financing, or where those persons know or have a have a well-grounded suspicion that the client is seeking legal advice for the purposes of money laundering or terrorist financing or for the purposes of applying for residence rights or citizenship through investment schemes, and the advice is not sought in relation to judicial proceedings; or

Text proposed by the Commission

Amendment

(b) perform the task of defending or representing that client in, or concerning, judicial proceedings, including providing advice on instituting or avoiding such proceedings.

Text proposed by the Commission

Amendment

Identification and verification of the customer’s identity

Identification and verification of the customer’s identity and the beneficial owner’s identity

Text proposed by the Commission

Amendment

(iv) the usual place of residence or, if there is no fixed residential address with legitimate residence in the Union, the postal address at which the natural person can be reached and, where possible, the occupation, profession, or employment status and the tax identification number;

(iv) the usual place of residence or, if there is no fixed residential address with legitimate residence in the Union, the postal address at which the natural person can be reached and, where relevant for the purposes of customer due diligence, possible, the occupation, profession, or employment status and the tax identification number;

Text proposed by the Commission

Amendment

(iii) the names of the legal representatives as well as, where available, the registration number, the tax identification number and the Legal Entity Identifier. Obliged entities shall also verify that the legal entity has activities on the basis of accounting documents for the latest financial year or other relevant information;

(iii) the names of the legal representatives as well as, where available, the registration number, the tax identification number and the Legal Entity Identifier. On a risk sensitive basis, obliged entities shall also consider the need to verify that the legal entity has activities on the basis of accounting documents for the latest financial year or other relevant information;

Text proposed by the Commission

Amendment

(iiia) where a legal entity is established in more than one jurisdiction, the Legal Entity Identifier;

Text proposed by the Commission

Amendment

Where, after having exhausted all possible means of identification pursuant to the first subparagraph, no natural person is identified as beneficial owner, or where there is any doubt that the person(s) identified is/are the beneficial owner(s), obliged entities shall identify the natural person(s) holding the position(s) of senior managing official(s) in the corporate or other legal entity and shall verify their identity. Obliged entities shall keep records of the actions taken as well as of the difficulties encountered during the identification process, which led to resorting to the identification of a senior managing official.

Where, after having exhausted all possible means of identification pursuant to the first subparagraph, no natural person is identified as beneficial owner, or where there are doubts that the person(s) identified is/are the beneficial owner(s), obliged entities shall record that no beneficial owner is identified and identify the natural person(s) holding the position(s) of senior managing official(s) in the corporate or other legal entity and shall verify their identity. Obliged entities shall keep records of the actions taken as well as of the difficulties encountered during the identification process, which led to resorting to the identification of a senior managing official.

Text proposed by the Commission

Amendment

4. Obliged entities shall obtain the information, documents and data necessary for the verification of the customer and beneficial owner identity through either of the following:

4. Obliged entities shall obtain the information, documents and data necessary for the verification of the customer through either of the following:

Text proposed by the Commission

Amendment

(a) the submission of the identity document, passport or equivalent and the acquisition of information from reliable and independent sources, whether accessed directly or provided by the customer;

(a) the submission of the identity document, passport or equivalent and, where relevant, the acquisition of information from reliable and independent sources, whether accessed directly or provided by the customer, via reliable and trustworthy means, either physically or electronically, whereby the extent of the consultation for the verification shall be commensurate to the risk;

Text proposed by the Commission

Amendment

(b) the use of electronic identification means and relevant trust services as set out in Regulation (EU) 910/2014.

(b) the use of electronic identification means and relevant trust services as set out in Regulation (EU) 910/2014 of the European Parliament and of the Council, in a reliable and trustworthy form via secure authentication processes, where appropriate, or other secure remote or electronic identification procedures regulated, recognised, approved or accepted by competent authorities, provided that the level of security designated is at least 'high' or equivalent;

Text proposed by the Commission

Amendment

(ba) where applicable, the submission of proof of registration in the central register referred to in Article 10 of Directive [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final] for customers who are legal entities incorporated outside the Union, in accordance with Article 48 of this Regulation.

Where a customer is a legal entity or a trustee or person in equivalent position acting on behalf of the legal arrangement, obliged entities shall take appropriate measures to verify the identity of the beneficial owner(s) of a legal entity or legal arrangement, including, where possible, on the basis of identity documents or by means of electronic identification, in order to know who the beneficial owner is and understand the ownership and control structure of the legal entity or legal arrangement.

Text proposed by the Commission

Amendment

For the purposes of verifying the information on the beneficial owner(s), obliged entities shall also consult the central registers referred to in Article 10 of Directive [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final] as well as additional information. Obliged entities shall determine the extent of the additional information to be consulted, having regard to the risks posed by the transaction or the business relationship and the beneficial owner.

For the purposes of verifying the information on the beneficial owner(s), obliged entities shall also consult (531, 532) the central registers referred to in Article 10 of Directive (EU) .../... [please insert reference – proposal for 6th Anti-Money Laundering Directive - COM/2021/423 final], irrespective of the Member State of the central register in which the beneficial ownership information is held. Where appropriate, and on a risk sensitive basis, obliged entities shall also consult additional information from the customer or from reliable and independent sources, in particular where the information in central registers does not match the information available to them under Article 18, where they have doubts as to the accuracy of the information or where there is a higher risk of money laundering or terrorist financing.

Obliged entities shall determine the extent of the additional information to be consulted on a risk basis, having regard to the risks posed by the transaction or the business relationship and the beneficial owner, or the unusual or complex nature of the ownership structures given the nature of the company’s business.

Obliged entities shall report to the entity in charge of the central registers any discrepancies they find between the beneficial ownership information available therein and the beneficial ownership information available to them pursuant to this Article. National law pertaining to banking secrecy and confidentiality shall not hinder compliance with the obligation set out in this subparagraph.

Text proposed by the Commission

Amendment

1. Verification of the identity of the customer and of the beneficial owner shall take place before the establishment of a business relationship or the carrying out of an occasional transaction. Such obligation shall not apply to situations of lower risk under Section 3 of this Chapter, provided that the lower risk justifies postponement of such verification.

1. Verification of the identity of the customer and of the beneficial owner shall take place before the establishment of a business relationship or the carrying out of an occasional transaction. Such obligation shall not apply to situations of lower risk under Section 3 of this Chapter, provided that the lower risk justifies postponement of such verification.

By way of derogation from the first subparagraph, obliged entities other than credit and financial institutions involved in real estate transactions shall carry out verification of the customer identity, whether the buyer or seller or both, at the point that there is a formal offer.

Text proposed by the Commission

Amendment

1. Obliged entities shall conduct ongoing monitoring of the business relationship, including transactions undertaken by the customer throughout the course of that relationship, to control that those transactions are consistent with the obliged entity’s knowledge of the customer, the customer’s business activity and risk profile, and where necessary, with the information about the origin of the funds and to detect those transactions that shall be made subject to a more thorough analysis pursuant to Article 50.

1. Obliged entities shall conduct ongoing monitoring of the business relationship, including transactions undertaken by the customer throughout the course of that relationship, to control that those transactions are consistent with the obliged entity’s knowledge of the customer, the customer’s business activity and risk profile, and where necessary, with the information about the origin and destination of the funds and to detect those transactions that shall be made subject to a more thorough analysis pursuant to Article 50.

Text proposed by the Commission

Amendment

The frequency of updating customer information pursuant to the first sub-paragraph shall be based on the risk posed by the business relationship. The frequency of updating of customer information shall in any case not exceed five years.

The frequency of updating customer information pursuant to the first sub-paragraph shall be based on the risk posed by the business relationship. The frequency of updating of customer information shall be established on a risk sensitive basis, particularly taking into account changes of relevant circumstances and shall in any case not exceed five years. In case of high-risk business relationships customer information shall be updated at least every two years.

Text proposed by the Commission

Amendment

Article 21a

Timing of the assessment of whether the customer and the beneficial owner is subject to targeted financial sanctions

1.  Obliged entities shall assess whether the customer or the beneficial owner is subject to targeted financial sanctions when verifying the identity of the customer and the beneficial owner pursuant to Article 19.

2.  In addition to the requirements set out in paragraph 1, and without prejudice to any other measures required to comply with the obligation to apply targeted financial sanctions, credit and financial institutions shall screen the identity of their existing customers or beneficial owners against the relevant Union sanctions lists of designated persons on a regular basis, and each time targeted financial sanctions are adopted by the Union.

3.  In addition to the requirements set out in paragraph 1 and without prejudice to any other measures provided for by Union law relating to targeted financial sanctions, obliged entities other than credit and financial institutions shall assess on a regular basis whether any existing customer or beneficial owner is subject to targeted financial sanctions.

4.  Where an obliged entity identifies, when performing its customer due diligence, that a customer or beneficial owner is subject to targeted financial sanctions, it shall immediately notify the competent authority accordingly.

5.  By … [two years after the entry into force of this Regulation], AMLA shall issue guidelines on the measures to be applied by obliged entities for assessing whether the customer or the beneficial owner is subject to targeted financial sanctions. Those guidelines shall include the following elements:

a)  risk-based procedures to be established by obliged entities in order to assess whether the customer or the beneficial owner is subject to targeted financial sanctions;

b)  the extent, timing and procedures for screening measures to be applied by credit and financial institutions and crypto-asset service providers with regard to existing customers or when entering into a new business relationship;

c)  the conditions to be fulfilled for identifying entities controlled by persons subject to targeted financial sanctions; d) the notification measures to competent authorities in case an obliged entity identifies a customer or a beneficial owner subject to targeted financial sanctions.

Text proposed by the Commission

Amendment

(ba) the type of exemptions that may apply to certain customer due diligence measures with respect to electronic money, on the basis of an appropriate risk assessment which demonstrates a low risk;

Text proposed by the Commission

Amendment

(c) the reliable and independent sources of information that may be used to verify the identification data of natural or legal persons for the purposes of Article 18(4);

(c) the reliable and independent sources of information that may be used to verify the identification data of natural or legal persons for the purposes of Article 18(4) in addition to minimum requirements to be complied with and necessary steps to be taken by obliged entities where discrepancies are found;

Text proposed by the Commission

Amendment

(ca) the residual risk, taking into account a proper risk assessment, the risk mitigating measures put in place by the obliged entities, including innovation and technical developments to detect and prevent suspicious transactions.

Text proposed by the Commission

Amendment

Article 22a

Special provisions regarding online gambling

1.  Gambling services, that are provided at a distance, by electronic means or any other technology for facilitating communication, shall be subject to this Article.

2.  Providers of gambling services shall ensure that transfers from players to gambling accounts are made only from an account held at a credit or financial institution referred to in Article 3 paragraph 1 and 2.

3.  A provider of gambling services shall refund a player only by executing a payment transaction within the meaning of Article 4, point (5), of Directive (EU) 2015/2366 to a payment account set up in the name of that player with a payment service provider as referred to in Article 1, point (1)(a) and (d), of that Directive.

4.  In addition to the circumstances referred to in Article 15(3) providers of gambling services referred to in paragraph 1 shall perform customer due diligence in the context of a business relationship at the opening of a gambling account

Text proposed by the Commission

Amendment

Those delegated acts shall be adopted within one month after the Commission has ascertained that the criteria in point (a), (b) or (c) are met.

Those delegated acts shall be adopted within one month of  the publication of a public statement or a compliance document concerning the third country by international organisations and standard setters, after the Commission has ascertained that the criteria in point (a), (b) or (c) are met.

Text proposed by the Commission

Amendment

3. For the purposes of paragraph 2, the Commission shall take into account calls for the application of enhanced due diligence measures and additional mitigating measures (‘countermeasures’) by international organisations and standard setters with competence in the field of preventing money laundering and combating terrorist financing, as well as relevant evaluations, assessments, reports or public statements drawn up by them.

3. For the purposes of paragraph 2, the Commission shall take into account calls for the application of enhanced due diligence measures and additional mitigating measures (countermeasures) by international organisations and standard setters with competence in the field of preventing money laundering and combating terrorist financing, as well as relevant evaluations, assessments, reports or public statements drawn up by them. For the purposes of establishing whether a third country has significant strategic deficiencies in its national AML/CFT regime, the Commission shall also consider, where appropriate, any relevant assessments by AMLA or other Union institutions, bodies and agencies, competent authorities, civil society organisations, and academia. The Commission shall make its assessments of high-risk third countries publicly available.

Text proposed by the Commission

Amendment

6. The Commission shall review the delegated acts referred to in paragraph 2 on a regular basis to ensure that the specific countermeasures identified pursuant to paragraph 5 take account of the changes in the AML/CFT framework of the third country and are proportionate and adequate to the risks.

6. The Commission shall review the delegated acts referred to in paragraph 2 on a regular basis, within one month of any relevant change in the assessment by international organisations and standard setters, and at least every two years to ensure that the specific countermeasures identified pursuant to paragraph 5 take account of the changes in the AML/CFT framework of the third country and are proportionate and adequate to the risks.