UK: Getting Out Of Europe – The "Equivalence" Question

The practical (and in some respects intended) effect of the Third Directive and the Money Laundering Regulations 2007 is to make it much more difficult for regulated firms to do business outside the EU, and vice versa. The response to the charge that the Third Directive is simply an expensive trade barrier is the concept of "equivalence", a word which first appears in the Third Directive, and is transposed into the UK Money Laundering Regulations, though in neither document is there a definition. Instead, the EU Committee on the Prevention of Money Laundering and Terrorist Financing has produced a list of third countries which the EU regulated sector is able to regard as equivalent 1 but it is far from a panacea. The list has been vigorously attacked by STEP and some offshore lawyers, but has been labelled 'appropriate' by an association calling itself the Tax Justice Network 2.

"Equivalence" should allow non EU member states and institutions access to EU regulated services under the gateways of Simplified Due Diligence (SDD) 3 (for certain categories of customer) and/or Reliance 4 (for introductions by certain categories of person). Regulation 13 contains two such gateways and a third indirect one.

Equivalence and Simplified Due Diligence

In short, a relevant person is not required to apply customer due diligence (CDD) measures where the customer is a credit or financial institution (or "equivalent" institution) situated in a non-EEA state, which imposes requirements equivalent to those laid down in the Money Laundering Directive and is supervised for compliance with those requirements. CDD is equally not required where the customer is a company whose securities are listed on a "regulated market subject to specified disclosure obligations." The phrase "regulated market" has a specific meaning within the EEA but outside the EEA means the following: "A regulated financial market which subjects companies whose securities are admitted to trading to disclosure obligations which are contained in international standards and are equivalent to the specified disclosure obligations." 5

"Specified disclosure obligations" are then further defined to mean disclosure requirements consistent with a number of Directives and community legislation dealing with insider dealing, market manipulation, prospectuses, public offerings and harmonisation of transparency requirements. 6

You will have already noted that there appear to be two kinds of equivalence at work here; the first, equivalence with the Third Directive and the second, equivalence to (or indeed consistency with) "international standards". Insofar as the concept of a regulated market is concerned, this is explicable if one considers that the Third Money Laundering Directive does not deal with disclosure standards for the regulated markets and thus reference is required to international or community standards. Nonetheless those international standards must be "equivalent" to the relevant EU directives and law as set out above.

However, this second requirement does not appear in the third, indirect gateway to Regulation 13 at Regulation 13(4). This excuses a relevant person from carrying out CDD where the customer is an independent legal professional and the product is an account into which monies are pooled provided that (where the account is held in a non-EEA state) the non-EEA state imposes requirements to combat money laundering and terrorist financing which are "consistent with international standards". The professional must be supervised in that state for compliance with those requirements and information on the identity of the persons on whose behalf monies are held in the pooled account is available to the institution which acts as a depository institution for the account.

Should it be assumed that by the very specific use of the phrase "consistent with international standards" as opposed to "equivalent to the Money Laundering Directive" it was intended that a different standard should apply to non-EEA territories holding pooled accounts? Such a conclusion is illogical in the context of money laundering compliance and no one would argue that by 'international standards' a lower threshold than the Third Directive was meant to apply to this part. However, if "international standards" really was a concept interchangeable with "EEA equivalent", there would be no need for money laundering regulations, much less a concept of equivalence. 7 Presumably a person applying this section will simply read in the words "equivalent to the Third Directive" – or will he?

Equivalence and Reliance

In broadly similar fashion, CDD carried out by others may be "relied on" by a relevant person in certain circumstances. Those others include certain non-EEA entities and professionals who are subject to mandatory professional registration recognised by law, and

  • "subject to requirements equivalent to those laid down in the Money Laundering Directive; and

  • are supervised for compliance with those requirements in a manner equivalent to section 2 of Chapter V of the Money Laundering Directive."

The concept of reliance has been significantly upgraded in the 2007 Regulations compared to previous incarnations, and for those businesses that are able to make use of it, Regulation 17 represents a significant cost saving tool. Firms doing repeat business with clients or obtaining repeat referrals from intermediaries will wish to use the Regulation whenever possible. Given the potential risk it is no surprise that a relevant person's ability to rely on CDD carried out by another within the EEA is strictly circumscribed. 8 Most importantly, who can be relied on is strictly defined. A "reliable" person must be a credit or financial institution which is an authorised person, or a relevant person who is an auditor, insolvency practitioner, external accountant, tax adviser or independent legal professional. Not just any accountant, tax adviser or legal professional can be relied on: only those with certain letters appearing after their name, such as ACCA, ICAEW, 9 etc.

No such fine distinctions are made as to which non-EEA professional bodies' members may or may not be relied on for purposes of Regulation 17: the only filter is that they be subject to 'equivalent' requirements. One could well understand the explanations of a Treasury official about the Sisyphean task of identifying, listing and assessing myriad overseas professional bodies; the fact remains that the current law arguably discriminates against the "Part 2" 10 UK professional bodies who are unlucky enough to find themselves listed as, effectively, "not reliable"; and discriminates in favour of members of those "Part 1" UK bodies (who can be relied on) and overseas professional bodies whose jurisdictions are able to find their way, as we shall see below, onto the EU's non-binding list of equivalent jurisdictions. The difference is more than theoretical: Part 2 UK professionals will be less competitive through not being able to have their CDD relied on by others, but bear no less a burden of compliance in relation to the Money Laundering Regulations and the Third Directive than Part 1 professionals, and arguably a greater burden than non-EU professionals from "equivalent" jurisdictions.

Equivalent standards at non-EEA branches

Credit or financial institutions must require their non-EEA branches and subsidiaries to apply CDD, ongoing monitoring and record-keeping measures 'at least equivalent' to those in the Regulations, 'to the extent permitted by the law of that state'. 11 In other words, we must export our law whenever we can. This 'whenever possible' standard for CDD, ongoing monitoring and record-keeping in overseas branches may clash with the unqualified 'equivalent' requirements mentioned above. As an example, the substantive anti-money laundering law in the Cayman Islands 12 has a very similar structure to UK law, except that entities who make a suspicious transaction report to the territory's FIU (The Financial Reporting Authority) need not seek consent before doing what would in the UK be a prohibited transaction. 13

Nonetheless compliance with Regulation 15 in respect of the Caymans would not be a particular problem, because the 'branch equivalence' requirement only applies to CDD, ongoing monitoring and record keeping. Thus provided these were carried out to the UK standard, the institution would not have to inform its supervisory authority and take 'additional measures' to handle the AML risk. 14 But further than this maintaining UK standards for these three areas would be of no practical use at all if another branch (or any EU regulated person for that matter) was not able to deal with the Cayman branch via the simplified due diligence or reliance gateways. 15

So who is equivalent?

Article 11(4) of the Third Directive states that member states shall inform each other and the Commission "of cases where they consider that a third country meets the conditions [of equivalence to the Third Directive]". The response to this has been a series of meetings at European level to try to agree a list of jurisdictions deemed equivalent. 1

As mentioned above, it finally succeeded in April this year, much to the chagrin of the UK Crown Dependencies, who only 'may' be considered to be equivalent to EU states' standards, effectively leaving them with an intermediate or qualified status. The position is worse still for the British overseas territories, such as the Cayman Islands and the British Virgin Islands, who have been excluded altogether. The recent announcement that the EU is to pursue infringement proceedings against 15 member states for failing to implement the Third Directive has only served to bolster the suggestion, already widely canvassed, that the decision to exclude certain jurisdictions, such as Jersey, whose latest FATF report made a finding of 76% full compliance with the recommendations, or the Cayman Islands who in 2007 had a 78% compliant or largely compliant rating, was a political one. In recent Guidance on equivalent jurisdictions, discussed with HM Treasury and reflecting their input, the JMLSG is keen to point out that the basis for the exemption both within the EU abd without, is the existence of relevant legislation rather than "what actually happens in practice". In other words, the Reliance and Simplified Due Diligence Gateways do not of themselves mean there is no AML risk. Therefore, the fact that Greece is an 'EEA State" for the purposes of Regulation (17)(2)(c) means nothing from the point of view of reliance if Greece has not in fact implemented the Third Directive (as of August 2008 it had not).

The Treasury intends shortly to write to all UK overseas territories with financial centres, outlining a process by which they may be considered equivalent by the UK. In due course, if merited, the UK is prepared to propose overseas territories for inclusion in the EU list of equivalent third countries. The Government have, when challenged on the exclusion of the British overseas territories, indicated that there was greater difficulty with these territories, because Europeans have some suspicions about the problems of tax havens. This comes amid investigations by the Commons public accounts committee, the Treasury committee and the foreign affairs committee into overseas territories and offshore financial centres respectively.

The first Money Laundering Directive 16 grew out of the (then forty) recommendations of FATF, and of course that organisation continues to monitor EU and non-EU countries for compliance with international AML standards. 17 It is something of a missed opportunity that regulated institutions are now burdened with yet another layer of compliance, yet another list, instead of beginning with what does or does not pass the stringent standards of FATF.18 The Government have indicated that the criteria for inclusion on the list are based primarily on performance against the Financial Action Task Force's (FATF) 40 + 9 recommendations; thus if a country is viewed benignly by FATF, then calling it an "equivalent jurisdiction" under the Directive is surely to call a rose a rugosa magnifica.

Except of course, that no jurisdiction, not even within the EU, is rated as fully compliant by FATF. According to a recent report 19 even the most fully compliant countries have had their efforts to implement FATF's 40 recommendations marked as "PC" (partially compliant) 20, and several, including Norway, Portugal and the UK, have at least one "NC" assessment. The article continues: "These results imply that there are a lot of holes in the financial framework through which a money launderer could operate, even with FATF members. This is not an acceptable situation given that FATF members would be expected to have the best AML systems in the global financial network". 21

We may therefore end up with a different problem. Irrespective of the composition of the list or lists (see below), every self-respecting compliance officer viewing an application for business from the newly minted 'equivalent' jurisdiction will nonetheless be mindful of FATF's much more thorough (and most likely more grudging) view (if there is one) of that country's anti-money laundering legislation. This is relevant because the simplified due diligence and reliance gateways are subject to the 'hair trigger' of Regulation 14(1), which imposes enhanced due diligence "in any other situation which by its nature can present a higher risk of money laundering or terrorist financing."

Does a 'Partially Compliant' or 'non-Compliant' rating by FATF in respect of one of its recommendations constitute such a situation? By definition that must be so, otherwise there would be no need for the rating. But follow it to its logical conclusion and in a stroke the 'equivalence' gateway is rendered meaningless. To take an extreme example, surely no one would argue that enhanced due diligence must be conducted on all American customers because, despite their inclusion on the EU's 'white list,' the USA is deemed partially compliant in respect of two of the FATF Forty recommendations and non-compliant in respect of four? 22 The gap between the law and reality is ever widening.

The 'hair trigger' problem is underlined by the fact that the EU list is not binding – and EU member countries will probably resort to creating their own lists. 23 Individual member states may, at their discretion, supplement the EU list at a domestic level, and we are told HM Treasury is currently considering whether such a supplement is desirable. Others have noted 24 that there is discussion over allowing EU countries to designate different countries as equivalent or non-equivalent according to their own views. As pointed out in that article, this could lead to regulatory arbitrage with companies regulating their business so as to go through EU countries who consider the source country to be equivalent.

We are told that assessments made through the mutual evaluation process conducted by the Financial Action Task Force, the IMF and the World Bank were taken into account, and that we can expect periodic reviews of the list. But on past evidence there seems to be no guarantee that a positive assessment will mean automatic addition to the 'white list.'

Worse, a proliferation of (and inconsistency between) equivalence lists will turn the gateway into a Kafkaesque compliance nightmare for EU multinationals. There is real danger that a well-meaning attempt to reduce the compliance burden where risk is lowest may end up rendering the equivalence gateway meaningless. After all, a non-binding list of equivalent jurisdictions really just means "Use at Your Own Risk."

Sincere thanks to Rachna Gokani for her help in preparing this article

Footnotes

1. The list comprises: Argentina, Australia, Brazil, Canada, Hong Kong, Japan, Mexico, New Zealand, the Russian Federation, Singapore, Switzerland, South Africa, and the United States. The following text forms a footnote to the Common Understanding: "The list does not apply to Member States of the EU/EEA which benefit de jure from mutual recognition through the implementation of the 3rd AML Directive. The list also includes the French overseas territories (Mayotte, New Caledonia, French Polynesia, Saint Pierre and Miquelon and Wallis and Futuna) and the Dutch overseas territories (Netherlands Antilles and Aruba). Those overseas territories are not member of the EU/EEA but are part of the membership of France and the Kingdom of the Netherlands of the FATF. The UK Crown Dependencies (Jersey, Guernsey, Isle of Man) may also be considered as equivalent by Member States." Gibraltar is likewise to be regarded as equivalent.

The Joint Money Laundering Steering Group (JMLSG) has since published guidance to assist firms in determining whether other jurisdictions are equivalent.

2. Written evidence to the House of Commons Treasury Committee inquiry into Offshore Financial Centres. Available at: http://www.parliament.uk/documents/upload/OFCWrittenEvidence140708.pdf

3. Regulation 13

4. Regulation 17

5. Part (b) of the definition of "Regulated Market" at Regulation 2.

6. See the definitions at Regulation 2. The relevant Directives are 2003/6/EC,2003/71/EC, and 2004/109/EC.

7. Article 11 (2) (b) of the Third Directive is the genesis of the phrase "consistent with international standards" in this section.

8. A person being relied on must first consent (Regulation 17 (1) (a)), and responsibility for failures of CDD remains with the relevant person. The person being relied on must also agree to retain records in compliance with Regulation 19.

9. Regulation 17(2)(b)(ii) and Schedule 3 Part 1. By definition members of those bodies listed in part 2 cannot be relied on for the purposes of Regulation 17.

10. Ibid.

11. Regulation 15

12. Proceeds of Criminal Conduct Law.

13. The reporter obtains immunity by the making of the report and the authorities instead have the power to unilaterally freeze accounts for up to 21 days.

14. R15(2)

15. The JMLSG Guidelines at 5.6.26 ("Group Introductions") state that where a customer has been introduced by one part of a financial sector group to another, it is not necessary for his identity to be re-verified, provided that the CDD is to a UK, EU or equivalent standard and the group that carried out the CDD can be relied on under Regulation 17(2). No Caribbean jurisdiction features on the equivalent list, which suggests that CDD will have to be repeated for customers of a group from the Cayman Islands who wish to do business in the EEA other than in the UK.'

16. 91/308/EC of 10 June 1991.

17. Mutual evaluations are conducted of the 34 FATF members, while the NCCT programme monitors other potential high-risk jurisdictions.

18. Regulation 18 already provides that the Treasury may effectively ban transactions with non-EEA persons and entities where FATF has decided to apply countermeasures to that jurisdiction.

19. See Jackie Johnson, "Third round FATF mutual evaluations indicate declining compliance", Journal of Money Laundering Control 47 generally and at page 4.

20. Compliance with each recommendation is rated "NC" (Non-compliant), "PC" (Partially Compliant), "LC"(Largely Compliant) or "C"(fully compliant). On recent assessments only Belgium has no "NC" ratings, though it has five "PC". Ibid.

21. Ibid.

22. Johnson, ibid at 3.

23. At the Committee meetings the Commission has made clear that "it has no power to create a legally binding positive list of equivalent third countries and that it could only act as an honest broker when striving for the creation of a common European list." Summary records 4th October and 6th December 2006.

24. See MLB Issue 151 March 2008, "After policy, practice".

(c) David McCluskey, Peters & Peters May 2008. This is an updated version of an article that first appeared in the Money Laundering Bulletin, May 2008. The author may be contacted on tel: +44 (0) 20 7822 7750; email: DMcCluskey@petersandpeters.com

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
 
In association with
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Position
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Compliance
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.