The AML5 Directive – How it Connects with the GDPR & CFT Policies in 2020

5 min read >

The AML5 Directive – How it Connects with the GDPR & CFT Policies in 2020

Banking & Blog

AML5 is a new anti-money laundering policy that has become effective in Europe on January 10, 2020. This directive has managed to create something no other AML regulation was able to do before – a totally unique space for client identification. 

AML5 was a game-changer for hundreds of banks and FinTechs in the European space, enabling them to gain access to over 500 million citizens. This directive erased all financial barriers and allowed European banks to stay on top of any previous fragmentation. 

These changes in EU anti-money laundering legislation have been passed at a break-neck speed. What this shows is the commitment of the European Union to create a safer environment for businesses to work together with their customers, while also enabling European consumers to gain the peace of mind that their financial information is safe.

Under this policy, identifying the customer and verifying their identity requirements has significantly evolved. This updated process is now supported by the option of using electronic identification means, relevant trust services, and remote or electronic identification process regulations that are recognized & approved by the relevant national authorities.

The GDPR Era

AML5 was created to integrate seamlessly with the GDPR. Although it has been two years since GDPR came into force, its impact on the market continues to grow. The AML5 has finally clarified a retention issue – data collected for AML purposes may now be stored for 5 years exactly plus possible extension under special circumstances introduced by domestic law.

Because AML5 requires an intense focus on personal data, the vast range of restrictions introduced by the GDPR in this “financial equation” may represent quite a challenge for financial institutions. To be more exact, the legal scope of the GDPR may clash with the way banks and FinTechs use AML5. 

There’s no doubt that, as a financial institution, your goal should be to deliver GDPR compliance while at the same time managing your AML5 obligations as best as possible. Failure to do that may expose you to harsh GDPR-related penalties of up to €20 million, or 4% of yearly global revenue.

Fighting Money Laundering in 2020

The AML5 directive establishes a clear ground on how financial institutions should fight money laundering. Countering financial terrorism (CFT) is a must-have for banks and financial institutions that want to be on the right side of the fence.

The European Supervisory Authorities have released numerous AML/CFT policies to improve the effectiveness and efficiency of using these procedures. For instance, in the case of Bitcoin, the blockchain provides a public ledger of each transaction which, in combination with good know-your-customer (KYC) procedures, may actually improve anti-money laundering checks.

At the end of 2019, European law enforcement authorities from 31 countries, supported by Europol, Eurojust, and the European Banking Federation (EBF), stepped up their efforts to uncover and expose money mule schemes

Money mules take part, often unknowingly, in money laundering activities by receiving and transferring illegally obtained money between bank accounts and/or countries. The recruiters of money mules are using unorthodox and somewhat ingenious ways to lure their prospects, including romance scams, grooming over time, or get-rich-quick scams.

More than 650 banks, 17 bank associations, and other financial institutions helped to report 7520 fraudulent money mule transactions, preventing a total loss of EUR 12.9 million. They have managed to catch thousands of cyber criminals during a period of just a couple of years.

It’s important for financial institutions to be aware of how advanced financial crime and fraud have become in order to better protect their clients and their own operations. For example, lone-wolf terrorists purchase weapons and vehicles in low-cost transactions that are difficult to detect. For that, fast response times and advanced onboarding processes are critical. 

At the same time, cyber-enabled criminals are globally coordinated, using sophisticated technology and insider information to target technology weak spots. That’s where banks and FinTechs need to invest in upgrading their infrastructure by leveraging the best financial services offered on the market in 2020

Compliance modernization is no longer optional, but mandatory, due to the increased number and value of the regulatory fines applied to large US and EU universal banks, the high volume of regulatory changes and amendments, plus the outdated IT infrastructure and error-prone processes.

As financial institutions aim to build long-lasting brands, they aspire to be associated with financial success and excellent service, not drugs smuggling or war funding. All in all, one thing is clear — the days of box-ticking are over when it comes to compliance practices related to Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT).

Get in touch

We are always happy to talk





165 Splaiul Unirii, Timpuri Noi Square,
TN Office 2 building, 4th floor,
District 3, Bucharest, Romania, 030134