Decorative page background

A revolution in AML? New developments in anti-money laundering aimed at crypto-businesses and fintechs

A revolution in AML? New developments in anti-money laundering aimed at crypto-businesses and fintechs

On 1 May 2024, an amendment to the AML Act and the related decree came into force. These amendments kicked off a flood of new developments affecting anti-money laundering which will be encountered in the years to come. They are intended to respond to the rapid development in the field of crypto-related services and financial services, while addressing the shortcomings of the existing regulation. Below is a chronological summary of everything you need to know about the new AML regulation.

But first things first. To begin with, it is worth summarising that the aim of the AML regulation is to prevent money laundering and terrorist financing. In fact, this branch of law consists of obligations that must be performed by financial market entities as well as, for example, gambling operators or real estate companies – in short, entities that come into contact with large amounts of money on a daily basis. Money laundering law uses the term ‘obliged entities’ for these persons. Their duties include, in particular, client identification and checks to establish the origin of their funds.

AML legislation is largely – but not completely – harmonised across EU Member States. The model for the individual national anti-money laundering regulations is the AML Directive which the Member States incorporate into their own legislation (in our case, the AML Act). The main Czech administrative authority in the field of money laundering law is the Financial Analytical Office (FAU).

1 May 2024 – Amendment to the AML Act and the AML Decree

AML Act

The first piece of legislation we will look at in more detail is the amendment to the AML Act, which responds in particular to the rapid spread of the use of crypto-assets. As a result, for AML purposes, cryptocurrency payments will now be considered cash payments. Persons facilitating such payments will thus become obliged entities when conducting a transaction with a value of EUR 10,000 or more. Another relevant change is the inclusion of crypto entrepreneurs in the category of entities who are obliged to send the FAU an internal regulation called ‘a system of internal policies’.

A welcome step is that, after many years of interpretive ambiguity regarding the scope of AML obligations of foreign obliged entities operating in the Czech Republic on a temporary basis, the amendment to the AML Act makes it clear that these entities have only one obligation under Czech law – to provide information to the FAU upon request.

Client identification has also been modified. The AML Act allows this to be done in various ways. For example, online identification by means of ‘penny drop verification’ is very popular with fintech companies. It is this method that will expand the range of bank accounts that can be used for the purposes of penny drop verification. Specifically, it will be any accounts, provided they are not held in countries at risk of money laundering (North Korea, Syria or Russia, for example), which is a significant extension from the original restriction to bank accounts held in the EU and the EEA.

AML Decree

The revision of the AML Decree is not that abundant in changes compared to the AML Act. Moreover, it should be noted that, compared to the AML Act, the AML Decree must only by complied with by entities subject to administrative supervision by the Czech National Bank, such as banks, payment service providers or insurance companies.

A new rule related to the above-described penny drop identification is in particular the introduction of an explicit obligation to take into account within internal mechanisms the risk associated with the possibility of using a payment account held with a foreign bank for crown payment purposes.

Perhaps the most significant change to the AML Decree, however, is the explicit obligation to introduce the position of an AML compliance officer in the case of obligated entities for whom this is appropriate given the large scale and risky nature of their AML activities.

30 December 2024 – Regulation on the transfer of funds and certain crypto-assets

This regulation, which is part of the anti-money laundering measures and originally applied only to transfers of funds in the form of banknotes and coins and non-cash and electronic money, has been significantly recast. It will now also apply to crypto entrepreneurs licensed under the Markets in Crypto-assets Regulation (MiCA Regulation) if they carry out crypto-asset transfers for their clients.

From 30 December 2024, companies providing such services will be required to accompany transfers of crypto-assets with detailed information on the originators and beneficiaries of the transfers. Crypto-currency businesses will also be required to retain the information accompanying transfers, share it with their counterpart on the other end of the crypto-currency transfer (typically another crypto-currency business) or provide it to anti-money laundering authorities upon request.

30 December 2024? – (Another) amendment to the AML Act

The second amendment to the AML Act in the same year is linked to the effect of the revision of the above Regulation on the transfer of funds and certain crypto-assets, which also amends the existing AML Directive. The changes introduced by the AML Directive will have to be incorporated into the national law by 30 December 2024. However, the bill is still awaiting its first reading in the Chamber of Deputies and it is uncertain whether it will be adopted by the end of the year given the length of the Czech legislative process.

This amendment changes the classification of obliged entities who are crypto-entrepreneurs. Now, the status of such obliged entities will be primarily linked to the licence of a ‘crypto-asset service provider’ under the MiCA Regulation. At the same time, in addition to the FAU, the CNB will also exercise administrative supervision over the compliance of crypto-entrepreneurs with their obligations under the AML Act.

Crypto-entrepreneurs will also be obliged to find out further information about the status and business of such entity before entering into a business relationship with another non-EU crypto-entrepreneur. If the relationship is found to pose a money-laundering risk, the business relationship cannot be established with such an entity.

At the same time, the scope of obligations of foreign obliged entities who operate in the Czech Republic only temporarily will be amended again. In addition to the reporting obligation towards the FAU, this type of obliged entities will be subject to a confidentiality obligation in relation to relevant facts in the field of money laundering.

It cannot be ruled out that the AML Decree will be further amended in connection with the amendment of the AML Act. However, no legislative proposal has yet been published in this respect.

2027/2028? – AML Regulation, AML Directive and AMLA Regulation

The next few years should see a revolution, namely a complete overhaul of the legislative framework on money laundering through a package of three new legislative proposals currently being discussed by the EU institutions.

AML Regulation

If the AML Regulation is adopted, it will contain all the rules relating to the requirements applicable to obliged entities in money laundering. These obligations will thus be unified across the EU. This should avoid the exploitation of regulatory loopholes in Member States with more relaxed AML rules.

Compared to the original AML Directive, the Regulation will describe in more detail the measures for carrying out client identification and checks and will expand the list of obliged entities. The Regulation is expected to be adopted later this year and obliged entities are to start complying with it three years after its entry into force, i.e. in 2027.

AML Directive

If the requirements for obliged entities are transferred to the AML Regulation, what will remain in the AML Directive? Primarily the rules for exercising the administrative supervision over the obliged entities, which the amended AML Directive aims to further harmonise. For example, the AML Directive is to lay down a minimum set of information to which supervisory authorities should have access or to define rules for their cooperation.

The AML Directive is also expected to be adopted later this year, with EU Member States expected to bring their national legislation (i.e. in this case AML Act) into line with the Directive no later than three years from the date of entry into force of the AML Directive, which is 2027 at the latest.

AMLA Regulation

The final proposal in the legislative package is the AMLA Regulation which establishes the Anti-Money Laundering and Terrorism Financing Authority based in Frankfurt.

The newly established EU authority is expected to coordinate cooperation between Member States on anti-money laundering measures, but also to directly supervise the riskiest obliged entities, such as banks operating in at least seven EU Member States. If the planned time schedule is met, the authority is expected to start administrative supervision overs these entities in 2028.

We are here for you

It is obvious that the various pieces of legislation will bring a high number of changes that will need to be incorporated into the internal mechanisms of obliged entities, especially crypto-entrepreneurs and fintech companies.

At HAVEL & PARTNERS, our team of money laundering specialists is ready to assist you with any regulatory challenge. We have experience in preparing expert opinions, qualified questions to the FAU, preparing internal AML policy systems as well as organising training sessions in this area.

Therefore, do not hesitate to contact us. We will be happy to help you understand and effectively adapt to this regulatory storm – whether you are a start-up firm or a traditional company with a long history.

Related articles