The UK has one of the strictest and most complicated set of laws to combat money laundering and terrorist financing in the world. It criminalises a lot of behaviour that many people would not realise was criminalised, and places huge burdens on the private sector – particularly, but not just, the banking sector – to help detect and disrupt that behaviour. Despite all that, of course, money laundering remains a huge problem in this country, which remains an attractive destination for criminals around the world to put their assets. So what is going wrong?
The Sources of the Law
One misconception to deal with at the outset is that the source of our anti-money laundering (AML) laws is the European Union (EU). Though it is true that our membership of the EU has given us a duty to put its AML directives into domestic law, the substance of those laws ultimately comes from a different intergovernmental agency, the Financial Action Task Force (FATF), which has established a set of recommendations on AML and counter-terrorist financing (CTF) that are updated from time to time. Notably though, these recommendations are a baseline for member states to comply with and the UK has always gone further, ‘gold-plating’ the recommended rules to make them stronger than the international standards require.
In domestic terms, the source of our AML and CTF laws is a pair of statutes – the Terrorism Act 2000 (TA) and the Proceeds of Crime Act 2002 (POCA) – and the rather cumbersomely named Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Regulations). Broadly speaking, these laws create a set of principal offences that apply to everyone, as well as an extra set of obligations that apply to the ‘regulated sector’ – including financial institutions, accountants and most lawyers – and include obligations to report suspicious activity to the National Crime Agency (NCA).
The Principal Offences
The interesting thing about those principal offences is that they criminalise much more behaviour than many people would realise. Insofar as the concept of money laundering has entered mainstream consciousness, most people would surely think of it as doing something with money (physical bank notes, funds in a bank account, or virtual currency perhaps) that is the proceeds of some serious crime, with the intention of disguising its criminal origin and making it look legitimate, or ‘clean’. But in legal terms the offences in POCA include doing literally anything – even just possessing – any property (so not just money, but for instance a painting, or a house) that represents the proceeds of any crime, no matter how trivial. The person doing it need not have any intention to disguise that fact, but would be guilty if they knew or even merely suspected it.
A couple of features serve to make the law even stricter. One is that the property need not completely represent the proceeds of crime, but can be a mix of ‘dirty’ and ‘clean’ property. The other is that it can include a ‘pecuniary advantage’, such as a saving of money from evading taxes. So, putting this all together, an example of a person committing a money laundering offence could be a wife who co-owns a house with her husband, where part of the deposit came from his income, on which he deliberately failed to pay tax. To be guilty of the offence, the wife would not have to do anything with the house, or even know about his tax evasion; it would be enough that she formed a suspicion (perhaps long after the purchase itself) that it had taken place.
Unsurprisingly perhaps, the law is stricter still where it concerns terrorist property, which under the TA includes property that is used for the purposes of committing terrorist offences, or that belongs to a proscribed organisation. There the test is not subjective suspicion but ‘reasonable grounds to suspect’, so if for instance a friend asked you to run a bank account for a charity that was a front for a terrorist organisation, if the warning signs were there it would be no answer to say that you personally did not spot them.
The Consent Regime
With laws framed this broadly, it is important to have a system to enable people who form suspicions about property to be able to report that fact, and obtain defences where appropriate. Both POCA and the TA include provisions that do just that, which are based on a concept of requesting consent to do acts which would otherwise amount to offences (referred to as the ‘consent regime’). So for instance, the suspicious wife in the above example would request consent to continue to possess the house (or, as the case may be, to sell it or let it out), while the naïve friend might request consent to return the charity’s funds to their original source.
What this does in practice of course is give the authorities the opportunity to investigate any offences that may have taken place, and to use their various powers to freeze the property while they do it. Importantly, however, the law places time limits on that opportunity. Provided the person submits their request as soon as reasonably practicable, they can assume consent after an initial notice period of seven working days unless they receive a refusal within that period. Where there is a refusal, they can still assume consent after a further moratorium period of 31 calendar days; any freezing of property beyond that date will need some sort of court order.
The Regulated Sector
The regulated sector, meanwhile, has additional obligations under POCA and the TA to make Suspicious Activity Reports (SARs) where they have reasonable grounds to suspect offences of money laundering or terrorist financing. Under the Regulations, they are also obliged to conduct risk assessments on their own businesses, to apply Know Your Customer (KYC) and Customer Due Diligence (CDD) measures on their customers (and, where the customer is a company or a trust, their beneficial owners as well), and to conduct ongoing monitoring.
These measures will include seeking information and documents about their identity and source of wealth generally, as well as the source of any particular funds involved in the transaction at hand. The nature of the obligations means that some customers will face stricter KYC and CDD measures than others, including for example where they come from or deal with a ‘high risk’ country, or where they are classed as a Politically Exposed Person (PEP).
What this means in practice is that a bank, for example, will typically ask various questions of its customers when they set up their account, as well as – to a greater or lesser extent, depending on the customer – keep a careful eye on what goes on in the account in case it needs to make a report about a possible offence by someone, and/or request consent to avoid committing one itself. To the customer who does business in Iran, say, or is the spouse or relative of a politician, the experience of seeing their banks close or freeze their accounts, usually without any explanation at all, is all too common. While of course there will be circumstances where this does disrupt criminal activity, it can also disrupt lawful activity where the bank’s suspicions are unfounded.
The root of this problem is an understandably cautious approach from the bank, whose priority will naturally be to avoid committing an offence by failing to report such activity. (Conversely, if the bank honestly makes a report that turns out to be wrong, the law protects it from any claim by the customer for any damages caused.) The lack of explanation, similarly, comes from an imperative not to commit a separate offence of ‘tipping off ’ a customer that a report has been made about them, or that an investigation is on going.
Issues and Reforms
The context of all of this of course is the government’s efforts to tackle financial crime and terrorist activity. The AML and CTF regimes do not exist in isolation, but serve to increase the prospects of such crimes being detected or prevented, and of relevant assets being seized and forfeited. To a great extent, the huge numbers of SARs that banks and others now submit to the NCA are very useful to these efforts, often providing the vital information that triggers or assists an investigation. But it is also true that, in a time of limited resources, the system has also become a victim of its own success, by generating such high volumes of reports that the NCA (by its own admission) struggles to process and prioritise them. Dealing with SARs, particularly consent requests, is very resourceintensive, and the Law Commission has been looking at reforms to the SARs regime to tackle that problem.
The issue of law enforcement having to prioritise the data in these reports raises another key point about the system. The broad nature of the offences under POCA in particular means that the vast majority of reports are likely to reflect relatively low-level suspicions about relatively low-level offences (or, indeed, where it’s not clear what offence, if any, has been committed). If we consider for instance the prospect of a bank detecting the proceeds of really high-value offences of corruption or fraud in its accounts, it might seem obvious that the people laundering the proceeds of such offences in the UK are relatively likely to know how the system works, and to be taking steps to ensure they have a convincing (if false) narrative and evidence to pass through it undetected. Alternatively, they may find ways of bypassing the system altogether, perhaps using informal payment methods, or alternative forms of property such as virtual currencies. So there is something of an arms race between the constant need to reform the system, and the efforts of criminals to work around it.
Some Recent Changes
With that in mind, the sheer volume of recent changes to the AML and CTF regimes, and various aspects of related laws, is understandable. It also means though that the complexity of the law in this area is forbidding, presenting a challenge even to the best-resourced compliance departments of the major banks, let alone smaller businesses and new entrants to the regulated sector. To provide a flavour, the following are just a few of the developments in the last two years:
1. A wholesale rewrite of the Regulations, with tighter obligations for the regulated sector, the establishment of a beneficial ownership register, new requirements for estate agents to do KYC and CDD on both sides of the transaction, and a redefinition of PEPs to include those within the European Economic Area (EEA) as well as outside it;
2. Various reforms to POCA, including the advent of Unexplained Wealth Orders (UWOs, which are designed to force non-EEA PEPs and others to explain the source of funds used to buy property), a mechanism to extend the moratorium period following a consent request, and leaner systems for freezing and forfeiting funds in bank accounts;
3. New obligations on the regulated sector to report breaches of targeted sanctions;
4. New offences of failing to prevent the facilitation of tax evasion (separate to the AML and CTF regimes, though often dealt with by the same compliance officers);
5. A new body to oversee the supervisors of professional members of the regulated sector (such as accountants and lawyers);
6. A new (fifth) EU directive (which the UK has committed to enforcing next year), which among other things will broaden rights of access to the beneficial ownership register, and brings into the regulated sector some businesses that work with virtual currencies; and
7. A new legal mechanism for reforming the Regulations after the UK’s exit from the EU.
The Scope for Reform
Assuming it remains a member of FATF, the UK’s departure from the EU seems unlikely to prompt a wholesale rethink of AML and CTF laws. Indeed, for practical reasons as well as on principle (if only because the relevant businesses are so integrated with their EU counterparts), we are likely to implement not only the fifth directive, but also whatever directives follow it. That is not to say, however, that some of the details may not be the cause of debate, with the extent, timescales and cost of beneficial ownership registers likely to be the subject of discussion later in 2019. A separate debate, about potential new offences of failing to prevent money laundering (not a FATF or EU requirement, but an example of the UK’s ‘gold-plating’), has been on hold for some time, but may return before too long.
The bigger picture, and the reason why the laws in this area are not as effective as they might be, is one of needing to ensure the system has the resources it needs to operate effectively, a process to prioritise efforts to combat the most egregious crimes, and the ability to adapt to new forms and methods of criminality in the future. Few would argue that we are getting all these things right at the moment: law enforcement, particularly financial crime, remains far from the front of the queue in terms of government spending; the provisions of POCA and the TA (including, despite the efforts of the Law Commission, SARs and the consent regime) are likely to remain such that they throw too large a net over ‘suspicious activity’ to be manageable in the real world; and reforms to the regime have historically been slow.
The difficulty of course with addressing these issues is very largely political. Any government will want to be seen as ‘tough on crime’, with organised fraudsters, corrupt (foreign) politicians and terrorist groups high up on the list of public enemies. But the time and resources to make changes are limited, and less likely to be spent on pragmatic or prosaic reforms that might make a real difference in practice, than on eyecatching initiatives that make good headlines and help to win votes. The challenge, perhaps, is to square that circle by ensuring that these issues, though undoubtedly complex, are properly understood by voters and policy-makers alike.
John Binns BCL Solicitors LLP, - 16 January 2019 Many thanks to John and BCL for this article