Assessment of the risks of money laundering

and terrorist financing in

EU

Chisinau
2017
This project is funded by the
European Union
SNRA Report
Report from the EC to the European Parliament and to the
Council on the assessment of the risks of money laundering
and terrorist financing affecting the internal market and
relating to cross-border situations (published on 26th of June
2017)

The aim - to identify the circumstances according to which the

services and products it delivers or provides could be
abused for TF or ML purposes.

This project is funded by the

European Union
SNRA Report

On the basis of FATF recommendations and EU AML

requirements on the prevention of the use of the financial
system for the purposes of money laundering or terrorist
financing EC obliged to conduct the review of specific risks
or supranational risk that could arise at European level
and could affect the internal market.

This project is funded by the

European Union
SNRA Actors
Experts group on money laundering and terrorist financing (permanent EC
expert group of composed of national administrations.
European Supervisory Authorities
Other financial supervisory authorities not represented by the ESAs
EU Financial Intelligence Units (FIU Platform)
Sectorial specific expert groups
Europol
Eurostat
Financial Action Task Force and FATF-Style Regional Bodies
Other relevant stakeholders such as Non-Governmental Organisations (NGOs)

This project is funded by the

European Union
SNRA Methodology
The EC drew up a specific methodology for conducting this
assessment as a guarantee of a robust and reliable process.

The methodology provides a common understanding for assessing the

risks. The risks are defined as the ability of a threat to exploit the
vulnerability of a sector for the purpose of ML or TF:

Level of threat - the "likelihood" of terrorist groups or organized crime

organizations misusing products/services provided by this relevant sector for illicit
purposes
Level of vulnerability - the potential weaknesses of these same products or
services which allow terrorist groups or organized crime organizations to misuse
them for illicit purposes

This project is funded by the

European Union
SNRA Methodology
Based on the criteria for the threat and vulnerability, each
product/service is qualified from a low to moderately to
highly significant level of risk.

Those ratings are determined on a scale from 1 to 4 as follows:

1) Lowly significant (value: 1)

2) Moderately significant (value: 2)
3) Significant (value: 3)
4) Very significant (value: 4)

This project is funded by the

European Union
SNRA Methodology
The analysis was based both on quantitative data (statistics) and qualitative
information (consultation of experts).

EC identified 40 products or services covered 11 professionals sectors that are

considered potentially vulnerable to ML/TF risks at the level of the internal market:

The sectors defined by Directive 2015/849, i.e. credit and financial institutions, money remitters, currency
exchange offices, high value goods and assets dealers, estate agents, trust and company service providers,
auditors, external accountants and tax advisors, notaries and other independent legal professionals, gambling
service providers.

The sectors that are not included in the scope of the Directive (EU) 2015/849 but were considered relevant
for the risk assessment, such as use of cash, virtual currencies, crowdfunding or non-profit organisations. It
also covers certain illegal means used by perpetrators such as Hawala and other similar informal value
transfer services providers.

This project is funded by the

European Union
SNRA Methodology
Main directions of assessment

I. Cash products
II. Financial sector products
III. Non-financial products
IV. Gambling sector products
V. Non-for-profit Organizations
VI. Horizontal vulnerabilities

This project is funded by the

European Union
Main Threats and Vulnerably
1.Cash couriers

Threat: TF/ML – 4
LEAs have gathered evidence that cash couriers are recurrently used by terrorist
groups to finance their activities or fund FTF travels. Organized crime
organizations also recurrently make use of cash couriers for the same reasons:
easily accessible, no expertise, no planning and low cost.

Vulnerabilities: TF/ML - 3(Natural persons)/4 (post/freight).

The use of cash couriers or methods to ship in/out of the EU unaccompanied cash
coupled with the anonymity of cash and (at least with respect to unaccompanied
cash) an imperfect control mechanism presents a significant challenge

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

EC will present a legislative proposal revising the cash

control:
 enable authorities to act on amounts lower than the declaration threshold of
EUR10 000, where there are suspicions of criminal activity;
 improve the exchange of information between authorities and Member States;
 extend the definition of 'cash' to also include precious commodities acting as
highly liquid stores of value such as gold, and to prepaid payment cards.

This project is funded by the

European Union
Main Threats and Vulnerably
2. Cash intensive business

Threat: TF – 2, ML – 3
Sleeper terrorist cells are active in cash intensive businesses. Cash
intensive businesses are favored by criminal organizations to
launder proceeds of crime.

Vulnerabilities: TF/ML - 4
Widespread use of cash in EU economies. The sector seems being
not aware of this risk. Investigative capacities from LEAs are then
quite limited.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

The EC examines launching an initiative to swiftly reinforce the EU

framework on the prevention of TF by enhancing transparency of
cash payments through an introduction of a restriction of cash
payments or by any other appropriate means.

By restricting the possibilities to use cash, the proposal would

contribute to disrupt the financing of terrorism, as the need to use
non anonymous means of payment would either deter the activity
or contribute to its easier detection and investigation.

This project is funded by the

European Union
Main Threats and Vulnerably
3. Payments in cash

Threat: TF/ML - 4
Terrorist groups use recurrently cash, as this modus operandi is widely accessible and
low cost. Cash is at the basis of all illicit trafficking and illicit purchase of products.
For ML, cash is also the preferred option for criminals, which allows hiding illicit
proceeds of crime easily and moving funds rapidly, including cross border.

Vulnerabilities: TF/ML - 4
Cash payments may engage large transactions speedily and anonymously, including
cross-border. Usually low level of framework/controls in place, or enforcement of the
controls is not efficient. Organized crime and terrorism financing rely on cash
payments for carrying out their illegal activities and benefitting from them.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

EC will continue to monitor the application of AML/CFT

obligations by dealers in goods covered by the 4th AMLD and
further assess risks posed by providers of services accepting cash
payments.

It would additionally foster the fight against money laundering,

tax fraud and organised crime.

This project is funded by the

European Union
Main Threats and Vulnerably
4. Currency exchange

Threat: TF/ML - 3
Terrorist groups show some intent and capability to use currency exchange to sustain/carry out
their operations. This scenario does not require specific planning or expertise and has been used
already. High volumes of money can be easily converted and make the access to "clean"
currency easy for these criminal organizations.

Vulnerabilities: TF/ML - 3
Currency exchange offices deal most of the time with transactions in cash. Large denomination
notes are involved, and these are not properly monitored. High risk customers are recurrently
involved in such transactions. Competent authorities do not consider that the regulation and the
supervision work effectively.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

 MS should ensure that supervisors conduct a sufficient number of

on-site inspections that is commensurate to the ML/TF risks
identified.
 Competent authorities should provide further risk awareness and
risk indicators relating to terrorist financing.
 MS should define a threshold below EUR 15 000 triggering CDD
obligations in case of occasional transactions, which is
commensurate to the AML/CFT risk identified at national level.

This project is funded by the

European Union
Main Threats and Vulnerably
5. E-money sector

Threat: TF/ML - 3/4.

E-money is attractive for criminal organizations and terrorist groups, especially when loaded
onto prepaid cards, as it allows terrorist activities to be financed/money laundering easily and
with a low level of planning/expertise. LEAs have evidence that this modus operandi has been
used recurrently. However, it seems that it is still less attractive than cash.

Vulnerabilities: TF – 3/4, ML – 2/3

The level of awareness of the sector is growing but not in a sufficient way to allow FIUs to
acquire enough data from suspicions transactions. The structure of the sector and its capability
to provide for dedicated resources and training is quite low. The legal framework in place has
increased the controls applied in this sector, but these controls remain inadequate (monitoring
only).

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

The EC proposes in its proposal for amending Directive 2015/849 to

lower (from 250 to 150 EUR) the thresholds in respect of non-
reloadable pre-paid payment instruments to which such CDD measures
apply and suppress the CDD exemption for online use of prepaid cards.

Limiting the anonymity of prepaid instruments will provide an

incentive to use such instruments for legitimate purposes only, and will
make them less attractive for terrorist and criminal purposes.

This project is funded by the

European Union
Main Threats and Vulnerably
6. Transfers of funds

Threat: TF/ML - 4.
Money Value Transfer Services (MVTS) are recurrently used to finance terrorist activities/ to
launder money and do not require specific knowledge or planning. LEAs and FIUs have
gathered strong evidence that these services are used to collect and transfers funds which
support the criminal activities. MVTS are, depending on their organization, easy to access
and do not require specific expertise or techniques to launder proceeds of crime.

Vulnerabilities: TF/ML – 3/4

MVTS vulnerability to TF is similar to MVTS vulnerability to ML. Even if the private sector
is more aware about the risk of being abused for TF purposes, the detection of suspicious
transactions remains difficult due to the low amounts concerned. The cross-border exchange
of information is still challenging, in particular due to the reliance on agents.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

MS should ensure that supervisors conduct a number of on-site

inspections commensurate to the level of ML/TF risks identified.

These inspections should include a review of training carried out by

agents of obliged entities.

Competent authorities should provide further risk awareness and risk

indicators relating to terrorist financing to the MVTS sector.

This project is funded by the

European Union
Main Threats and Vulnerably
7. Virtual currencies

Threat: TF/ML - 2/2.

LEAs have gathered some information according to which terrorist groups may use virtual
currencies to finance terrorist activities. However, the use of virtual currencies requires
technical expertise which makes it less attractive. Few investigations have been conducted on
virtual currencies which seem to be rarely used by criminal organizations. While they may
have a high intent to use due to VCs characteristics (anonymity in particular), the level of
capability is lower due to high technology required.

Vulnerabilities: TF/ML – 3/4

VC’s providers are not regulated in the EU and cannot be properly monitored. The
inherent risk exposure is also very high due to the features of the virtual currencies (internet,
cross border and anonymity). The sector is currently not organized well enough to receive
guidance or relevant information on AML/CFT requirements

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

The EC proposed in its proposal for amending Directive 2015/849 that VC exchange
platforms as well as custodian wallet providers are added to the list of obliged
entities under 4AMLD.

The EC would issue a report to be accompanied, if necessary, by proposals,

including, where appropriate, with respect to VC’s, empowerments to set-up and
maintain a central database registering users' identities and wallet addresses
accessible to FIUs, as well as self-declaration forms for the use of virtual currency
users.

This project is funded by the

European Union
Main Threats and Vulnerably
8. Couriers in precious metals and stones

Threat: TF – 2, ML - 3.
Gold and precious metals couriers do not represent a preferred option for terrorist groups who tend to
favor more the use of cash. Unlike terrorist organizations, organized crime groups consider it as an
attractive way to launder proceeds of crime. It requires more planning than cash couriers but without
the need for major expertise as long as it concerns easy-tradable assets. LEAs report that other types
of precious metals have been used (silver, platinum) but these are not frequent because they are less
easily tradable and have higher exchange costs than gold/diamond.

Vulnerabilities: TF/ML – 4
Gold and other precious metals couriers are not properly monitored because of the limited awareness
of the sector. The controls in place are weak and the reliance on cash increases the vulnerability. There
are not enough controls in place for declaring movement of precious metals/stones at the EU external
border.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures
The Commission will present a legislative proposal revising the cash control
Regulation to further mitigate those risks:

 Enable authorities to act on amounts lower than the declaration threshold of EUR 10 000, where
there are suspicions of criminal activity;

 Improve the exchange of information between authorities and Member States;

 Extend the definition of 'cash' so as to also include precious commodities acting as highly liquid
stores of value such as gold, and to prepaid payment cards which are currently not covered by the
standard cash control declaration.

This project is funded by the

European Union
Main Threats and Vulnerably
9. Investment real estate

Threat: TF/ML - 4.
The assessment of the TF threat related to investment in real estate has been considered in
conjunction with ML schemes related to investment in real estate in order to hide the illegal
origin of the funds. Reliance on real estate does not require specific expertise or knowledge,
and may be rather financially attractive depending on the services provided. Strong
evidence gathered by LEAs identifying real estate as recurrently used in ML schemes.

Vulnerabilities: TF/ML – 4.
The real estate sector is not sufficiently organized to ensure raising a correct level of risk
awareness. The involvement of different kinds of obliged entities in a real estate
transactions/ business relationships tend to dissuade the sector to conduct its own customer
due diligence. The level of STR is not satisfactory; the controls difficult to implement and
there is a weak information trail.

This project is funded by the

European Union
Main Threats and Vulnerably

Mitigating measures

MS should ensure that competent authorities/self-regulatory bodies supervising real

estate sector produce an annual report on supervisory measures put in place to
ensure that the sector accurately apply its AML/CFT obligations.

MS should provide guidance on risk factors arising from real estate transactions and
specific training to face situations where several professionals are involved in the
real estate transaction (estate agent, legal professional, financial institution).

This project is funded by the

European Union
Main Threats and Vulnerably
10. Services from accountants, auditors, tax advisors

Threat: TF/ML - 4.
The assessment of the TF threat related to services from accountants, auditors, tax advisors
has been considered in conjunction with ML schemes related to services from accountants,
auditors, tax advisors in order to hide the illegal origin of the funds. Services from tax
advisors/auditors/accountants are recurrently used in ML schemes, are considered as easily
accessible and seen by organized crime organizations as a way to compensate their lack of
expertise.

Vulnerabilities: TF/ML – 3.
Accountants, auditors and tax advisors are better organized than other legal professionals.
However, they suffer from the same weaknesses as far as the controls and the management of
the risks (BO in particular) are concerned.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

MS should notify technical elements of their national AML/CFT

regime ensuring transparency requirements for beneficial ownership
information.

MS should provide guidance on risk factors arising from transactions

involving auditors, external accountants and tax advisors.

This project is funded by the

European Union
Main Threats and Vulnerably
11. Horizontal vulnerabilities - Financial Supervision

Vulnerability

 Relevant AML/CFT supervisory information is not/not sufficiently/not timely shared amongst the
competent AML/CFT supervisors at national and EU level.
 Failure effectively to oversee agents and networks of agents for AML/CFT compliance purposes, in
particular where agents are based in another MS, risks leaving breaches or cases of abuse for financial
crime purposes undetected.
 Supervisors do not dedicate sufficient human and organizational resources to AML/CFT supervision
of FI's, which undermines an effective supervision and sanctioning in the field of AML/CFT.
 Supervisors have insufficiently identified the AML/CFT risks linked to the sectors they supervise,
and/or do not have risk based procedures in place to supervise these risks.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

Raise awareness on ML/TF risks and identify the appropriate actions to further build
supervisors’ capacity in AML/CFT supervision.
Take further initiatives to improve cooperation between supervisors.
Provide updated guidelines on internal governance further clarifying expectations with
regard to the functions of compliance officers in financial institutions.
Provide an analysis of operational AML/CFT risks linked to the business/business model in
the corporate banking, private banking and institutional investment sector, as well as money
value transfer services and e-money.

This project is funded by the

European Union
Main Threats and Vulnerably
12. Horizontal vulnerabilities – Financial Intelligence Unit

Vulnerability

EU FIUs may have uneven powers allowing them to access relevant financial,
administrative and law enforcement information (especially those held by obliged entities
and/or law enforcement authorities).
There is a lack of available means in order to identify beneficial owners and holders of bank
account within a jurisdiction.
This may limit their operational capacity to carry out their intelligence functions and to
reply to requests made by another EU FIU.

This project is funded by the

European Union
Main Threats and Vulnerably
Mitigating measures

Effective implementation of 4AMLD will be essential for addressing

key deficiencies.
Setting up centralized bank account registers or retrieval systems
will allow better targeted requests.
With this approach, FIUs will have a minimum common set of
information sources.

This project is funded by the

European Union