AML: Customer Due Diligence

The money laundering process usually consists of three stages: placement, layering, and integration. Placement involves the division of the illegal funds into various entities which may include bank accounts, companies, overseas banking systems, or nominee entities. At the integration stage, the money is integrated into the legitimate economic financial system and is assimilated with all other assets within the system. Handoll opines that the “best chance” of combating money laundering is at the placement stage. Similarly, methods of due diligence are usually applied at the layering stage. At the layering stage, due diligence measures assist designated persons in the carrying out of their roles by providing available information on
customers or activities being investigated. Article 13(1) of AMLD4 provides that the measures shall comprise: identifying the customer and verifying their identity with credible means; identifying the beneficial owner; gathering information on the purpose and intended nature of the business relationship; monitoring the currency of the business relationship; and assessing the “risk profile, including where necessary the source of funds and ensuring that the documents, data or information held are kept up-to-date.”

Section 13 of the 2018 Act inserts a new s.34A into the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (the “2010 Act”) which now places an obligation on a designated person when opting for simplified due diligence, to identify the relevant risk associated with the transaction; furthermore, if the designated person is satisfied in applying the simplified customer due diligence assessment, it must “(a) keep a record of the reasons for its determination and the evidence on which it is based, and (b) carry out sufficient monitoring of the transactions and business relationships”.

Another layer of due diligence is customer verification, which is dealt with in Article 14 of AMLD4. In particular, Article 14(1) provides: “Member States shall require that verification of the identity of the customer and the beneficial *86 owner take place before the establishment of a business relationship or the carrying out of the transaction. Whenever entering into a new business relationship with a corporate or other legal entity, or a trust or a legal arrangement having a structure or functions similar to trusts (‘similar legal arrangement’) which are subject to the registration of beneficial ownership information pursuant to Article 30 or 31, the obliged entities shall collect proof of registration or an excerpt of the register.”

The rules of customer verification are somewhat more relaxed in later provisions which allow for verification of identity to take place as soon as practicable after initial contact where there is little risk of money laundering or terrorist financing.

Section 11 of the 2018 Act, inter alia, inserts a new subs. (2A) into s.33 of the 2010 Act, which provides: “When applying the measures specified in subsection (2), a designated person shall verify that any person purporting to act on behalf of the customer is so authorised and identify and verify the identity of that person in accordance with subsection (2).”

Section 11 further inserts subs.(7B) into s.33, which provides: “A credit institution or financial institution shall verify the identity of a beneficiary referred to in paragraph (a) or (b) of subsection (7A) at the time of the pay-out in accordance with subsection (2).”

Furthermore, s.38 of the 2010 Act, as substituted by s.17 of the 2018 Act, targets relationships with third-country institutions. Section 38(1)(f)(i) provides for the identification of customers whereby a credit or financial institution must identify and verify the identity of customers (from a third-country institution) and the third-country institution must be “able to provide to the institution, upon request, the documents (whether or not in electronic form) or information used by the [respondent] institution to identify and verify the identity of those customers”.

When dealing with persons or entities in third countries identified by the European Commission as “high risk”, AMLD4 imposes a mandatory obligation to apply enhanced customer due diligence measures to “manage and mitigate” those risks appropriately. These enhanced due diligence measures include the assessment of transaction patterns and increased monitoring when dealing with complex and “unusually large” transactions. Other measures include the obligation to obtain certain information surrounding the third-country institution, including the nature of its business, quality of supervision, the institution’s anti-money laundering controls and confirmation that it has verified the identity of the customer. When a legal entity is dealing with subsidiaries, enhanced due diligence measures do not need to be invoked automatically. These provisions have been directly adopted into Irish law in virtue of s.18 of the 2018 Act which inserts s.38A into the 2010 Act.

Leave a Reply