The European Union had a tough year. As if the refugee crisis, the rise of nationalist and far-right parties, and the Brexit affair weren’t enough, the 2018 headlines of European newspapers were crowded with a seemingly endless parade of money laundering scandals. Perhaps the most egregious was the case of Danske Bank, the largest bank in Denmark and a major retail bank in northern Europe. According to Danske Bank’s own report, between 2007 and 2015 the bank’s Estonian branch processed more than US$230 billion in suspicious transactions. The investigation, which is still ongoing, has already been dubbed the largest money laundering scandal in history. And there are plenty of others. In September 2018, for example, the Dutch bank ING Groep NV admitted that criminals used its accounts to launder money and agreed to pay a record US$900 million in penalties. And then in October 2018, after a string of scandals, Malta became the first EU Member State to receive an official European Commission (EC) order to strengthen enforcement of its anti-money laundering (AML) rules. By the end of 2018, it became apparent that the EU’s entire AML system needed a major overhaul.
The EU’s current AML legal framework is comprised of several components:
- The first element is the set of so-called AML Directives, the most recent of which (the sixth) was adopted in 2018. These Directives require Member States to achieve certain legal results, but do not specify the particular measures that Member States must adopt.
- Second, following the AML Directives, all EU Member States have adopted national AML laws and regulations that provide detailed guidance on a variety of topics, including the specification of different entities’ AML responsibilities, the sanctions for AML system breaches, and so forth.
- The third important component of the EU’s AML framework is the EU Regulation on information accompanying transfers of funds, which is meant to harmonize across Member States the provision of payers’ and payees’ information when persons are transferring and receiving funds. In contrast to the AML Directives, this EU regulation, like other such regulations, has a direct legal effect on all Member States. Therefore, the information accompanying transfers of funds is identical in all Member States.
Taken together, these various instruments comprise one of the most stringent AML systems in the world, at least on paper. Perhaps for that reason, many commentators, including EU and EC officials themselves, attribute the spate of money laundering scandals plaguing EU countries not so much to weaknesses in the substantive regulations but rather to poor implementation—in particular, the fragmentation of AML oversight. Last October, Bruegel, an influential European think tank, presented a report calling for the establishment of a new centralized European AML authority—one that would work closely with national law enforcement agencies and be empowered to impose fines. ECB Chief Supervisor Danièle Nouy, who is intimately familiar with the problem, seems to agree at least to some extent. After one of last year’s many money laundering scandals, she suggested that “we need a European institution that is implementing in a thorough, deep, consistent fashion this legislation in the Euro area.” In fact, the proposal to create a more centralized EU AML architecture has been around for a while. It seems that the EU has finally decided that the time has come to do something like this, as the European Central Bank (ECB) announced last November that it would set up a central AML supervision office.
To understand the justification for creating a new centralized EU AML agency, one must first understand the extent to which, under the current system, supervisory and enforcement responsibility for the EU’s AML system is divided among several institutions, and the problems that this can create:
- First, the EC carries out risk assessments in order to identify risks affecting the EU internal market. Since money laundering is one of such risks, a high-level overview of the situation in this field in each Member State is usually part of this process. This high-level overview, however, usually does not include a detailed, in-depth analysis of the AML risks in the Member States (or individual national banks). The high-level overview may be good for diagnosing that certain problems exist, but not for understanding the extent, reasons or importance of those problems.
- Second, the ECB—particularly through its supervision arm, the Single Supervisory Mechanism (SSM)—acts as a prudential supervisor of the EU financial system, and the ECB’s obligation to ensure that systemically relevant banks are financially stable includes, as a part of the SSM Supervisory Review and Evaluation Process, an assessment of whether the banks have in place a comprehensive system for the prudential treatment of AML risks. However, the ECB does not have the investigative powers to uncover AML deficiencies; rather, the ECB can only react to uncovered breaches by withdrawing an authorization of credit institutions in Member States.
- Third, the European Supervisory Authorities (ESAs)—which include the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA), and the European Insurance and Occupational Pensions Authority (EIOPA)—facilitate the cooperation of competent AML authorities across the EU, and they also develop guidelines and issue opinions that are sometimes related to AML. But while the EBA can investigate a breach of EU law and issue recommendations, the mandate of the institution is too broad to focus on AML in particular, and, as the EBA’s Director himself declared, the ECB cannot pick up the slack when supervisory practices are weak or ineffective.
- Finally, the responsibility for day-to-day AML supervision falls primarily on the national authorities designated by Member States that conduct that work. Yet in many EU Member States, there is little political will to take AML seriously, and the national AML authorities often lack proper tools, authority, and in some cases funding, to properly ensure that financial institutions in their countries comply with AML rules. Additionally, although national agencies are supposed to share information with each other, in practice the cooperation between authorities has been described as “very much depending on the good will of national authorities,” which is too often lacking.
The big problem with this fragmented approach is that an effective AML regime requires strong leadership and focus. It is not entirely clear what the ECB’s new AML central supervision office will do, though media reports indicate that the new office will be responsible for collecting and sharing AML-related information from supervisors and other authorities, and would serve as “a point of liaison with the US and other key authorities around the world and with which national competent authorities could liaise with as part of their due diligence checks at authorization as well as on an on-going basis.” Thus it seems that the new office would mainly be a way to centralize competences and resources dedicated to AML.
That falls short of what Bruegel proposed last year—the new agency would not, for example, be able to issue fines—but it’s still a good start. Currently, the institutions responsible for AML at the EU level have many other responsibilities, and no existing body is well-positioned to take on the responsibilities of a central AML agency. The proposed ECB office would at least help to ensure that there are enough resources and attention to the issue of AML at the EU level, and might be able to put more pressure on Member State governments to take action in their own countries, for example by conducting more thorough AML risk assessments. So while establishing this new watchdog will not be enough to solve the money laundering crisis shaking Europe, it’s a step in the right direction.
GAB | The Global Anticorruption Blog 
Ruta, this is such an educational post; thanks. You seem to be pretty squarely in favor of a new EU AML regulator, and you’ve certainly brought me along for the ride. You do admit in the post though that, at this point, “it is not entirely clear what the ECB’s new AML central supervision office will do.” Given this uncertainty, and the already (somewhat bewilderingly) large number of institutions and actors in this space, do you worry at all that creating a new AML regulatory body could just wind up creating an extra layer of bureaucracy, increasing reporting and compliance costs without a concomitant increase in enforcement? I understand that the new supervisory body is supposed to do the opposite—fill gaps between existing regulators and streamline cooperation between them—but I guess it strikes me that institutional design will be really important to get right here if this new body is to be as effective as we hope. Put another way, I’d love to hear your thoughts on how the EU should design and empower this new regulator so as to most effectively ensure “strong leadership and focus” in the EU’s AML efforts.
In my opinion, this current agency EU seems about to establish (the communication has been a bit hectic) will help to make a better use of the resources that are currently divided among different institutions. True, they need more resources to work on the issue in general, but I believe that at this moment all those people who partly work on AML in all the agencies already are really not making the best use of their time, given how scattered it is. Besides, currently there is no real ownership of the problem of money laundering in the EU. This new agency can change that.
But don’t get me wrong – I am not expecting that this will be a groundbreaking reform. I guess, this is partly because they may be trying to operate without having to go through adopting new legal acts. EU cannot go on establishing agencies and increasing EU competences without having the Member States agree on that. And that usually is very complex (some Member States have historically always opposed increasing EU powers in any field, citing concerns about their sovereignty). Obviously, an agency that would have more powers would make a bigger difference. But if my guess is correct, that is not an easy fight to win. That is why I think that for now, simply by asserting more pressure on Member States, the EU can actually make a difference. To answer your question, this could be achieved by requesting more detailed reports from the Member States (for that, some sort of assessment procedures need to be drafted), employing more analysts to look into the data from the Member States, publishing overviews and comparative Member States reviews to assert pressure.
In the long run, of course, what Bruegel is calling for – an agency with powers to impose fines and investigate – is a more reliable solution.
That’s really interesting and makes a lot of sense. Reminds me of the phenomenon in the U.S. of administrative agencies—in the face of legislative gridlock—using old laws to solve new problems. The solutions are seldom an ideal fit, but they can be better than nothing.
Thank you for the post, Ruta! You really helped us to navigate through this very complicated puzzle of authorities. Your description seems to indicate that a more centralized regime is likely to be more effective than the current one. I’d love to hear more about two points that are somehow in your post. First, is how do you expect EU members to react to approach this proposal. In the beginning of the post, you talked about the political environment within the EU and the rise of these nationalist movements affecting politics directly. As a centralized AML authority seems to be a step towards a more integrated regime, this seem the kind of reform that those far-right parties would resist to support and would use as something endorsing their “anti-globalism” agenda. Do you see any possible backlashes for trying to implement a new AML authority in this sense? Second, you talked about not being able to impose sanctions. Which other sort of enforcement mechanisms could be available to the new AML authority to make its decisions and recommendations effective?
Regarding your first question – it is spot on. I have already touched upon this in my response to Jason above. Not only the rising nationalist political sentiments in the member states can affect how sensitive the member states are towards any increase of powers designated to the EU. In general, there is a tradition of strong opposition to the increase of any EU powers. However, I think that the recent AML scandals that shook the EU might be a good incentive for the member states to agree on some changes in the field.
Regarding the other enforcement mechanisms the stronger new centralized EU AML authority could have (not the one I am discussing in the post here, but the one suggested by Bruegel) – of course, they would also need to have powers to investigate.
For the “softer” model where an agency with no new powers would be created, but rather an agency centralizing all the current powers – I suggested a couple of ideas on what they could do exactly in my response to Jason above.