European Union: Transposing The 4th AML Directive

Last Updated: 26 July 2019
Article by Andreea Badea

Law No. 129/2019 on the prevention and sanctioning of money laundering and terrorism financing transposing the 4th AML Directive finally adopted by the Parliament on 26 June 2019 was published on 18 July 2019


The Law No 129/2019 on the prevention of money laundering and terrorism financing (AML Law) was adopted by the Romanian Parliament on 26 June 2019, precisely with a 2 years term delay from the 4th AML Directive transposition deadline and was published in the Official Gazette of Romania No 589 of 18 July 2019. The AML Law will enter into force on 21 July 2019. It repels the former Law No 656/2002 on the prevention of money laundering and terrorism financing (Former AML Law).

The main provisions of the draft law are summarized below:

1. Extension of the scope of "reporting entities" subject to the AML requirements

New entities become subject to the AML Law, including (a) all gambling services providers (as opposed to just casinos under the Former AML Law); (b) service providers for trusts; and (c) distributors and agents of e-money institutions.

Moreover, the threshold for traders in goods performing cash transactions subject to anti-money laundering (AML) requirements has been lowered from the RON equivalent of EUR 15,000 to that of EUR 10,000.

2. Lowering the threshold of transactions triggering reporting obligations

The value of cash transactions triggering a reporting obligation (except where there is a suspicion of AML which requires immediate reporting irrespective of the value of a transaction) has decreased from the RON equivalent of EUR 15,000 to EUR 10,000. As a result, entities (Reporting Entities) subject to the AML Law are required to notify the Office for the Prevention of Money Laundering and Terrorism Financing of all cash transactions (in RON or foreign currency) which involve amounts of at least the RON equivalent of EUR 10,000 irrespective on whether the transaction is made via one (ie an occasional operation) or several operations which seem to be linked and where such transactions are not made via credit or financial institutions.

Also, a new reporting obligation is provided in case of money remittance operations with funds exceeding the RON equivalent of EUR 2,000.

3. Beneficial owner registries

The AML Law provides that central registries containing adequate, accurate and up-to-date information on the beneficial owners will be organized at the level of:

  • the National Trade Register for commercial companies
  • the Ministry of Justice for associations and foundations
  • the National Agency for Fiscal Administration in the case of trusts (Romanian, fiducie).

Access must be guaranteed to the following: (a) the competent authorities and the Office for the Prevention of Money Laundering and Terrorism Financing; (b) Reporting Entities when applying customer identification measures; and (c) any person or organisation which can demonstrate a legitimate interest.

Legal entities registered with the National Office for the Trade Registry (except for autonomous state companies, national companies or companies wholly or majority owned by the Romanian State) have the obligation to declare annually or each time a change occurs on their own responsibility the identity of their beneficial owner including details on its first name and surname, birth date, personal identification number, series and number of identity card, citizenship, domicile or residence.

The own responsibility statement signed by the legal representative must be filed with the National Office for the Trade Registry within 15 days from the approval of the legal entity's financial statements or within 15 days as of the occurrence of any changes. The statement may be made in front of the trade register officers or filed in authentic form after being signed in this form in front of a notary public.

The breach by the legal representative of the above obligation constitutes an administrative offence and he is sanctioned with fines amounting to RON5,000 (approximate EUR1,040) to RON10,000 (approximate EUR2,080). The fines are imposed by the competent controlling bodies within the National Agency for the Fiscal Administration or its territorial units. The failure of the legal representative to remedy the breach within the next 30 days, entitles the National Office for the Trade Registry to request the dissolution of the company.

4. Simplified due diligence measures

As opposed to the Former AML Law, the new AML framework no longer prescribe the categories of clients which qualify for simplified customer due diligence measure (SDD). As opposed to the approach under the Former AML Law, if a Reporting Entity finds, after conducting a risk assessment, that the risks associated with a particular business relationship or a particular occasional transaction is reduced, the respective Reporting Entities must apply the standard customer due diligence measures (CDD) measures tailored in a way that is proportionate to the risks actually identified.

The AML Law provides a non-exhaustive list of low risk factors which Reporting Entities should consider when assessing the risk associated with a business relationship or an occasional transaction.For any other cases where SDD measures could be applied in view of the low risk identified, it belongs to the Reporting Entities to determine and apply on a risk-based approach the actual SDD measures.

5. Enhances due diligence measures

Similarly as in the case of SDD measures, the AML Law provides for a non-exhaustive list of circumstances when EDD measures are required in addition to CDD measures.

The AML Law only prescribes the type of EDD measures that Reporting Entities must apply when dealing with politically exposed persons (either customers or their beneficial owners) or in case of correspondent relationship with credit institutions and financial institutions in countries which are not members of EU or EEA.

For any other cases where EDD measures must be applied in view of the high risks identified, it belongs to the Reporting Entities to determine and apply on a risk-based approach the actual EDD measures which must be proportionate to the risks effectively identified.

6. Internal norms and policies

Depending on the nature and size of their business, Reporting Entities must establish internal norms and policies, internal control mechanisms and risk management procedures to be approved at senior management level. Such internal norms and policies must contain:

  • Customer due diligence measures
  • Reporting, records keeping and procedures for prompt provision of data upon request by the competent authorities
  • Internal control, risk assessment and management, conformity and communication management
  • Protection measures for the employees involved in the implementation of the policy against discrimination and threat
  • Employees screening and employees' periodical evaluation

Depending on the size and nature of the business as well on the supervisory authorities's requirements, Reporting Entities an independent audit function to test their internal norms, policies and procedures.

7. Data retention

Reporting Entities are required to keep within their records:

  • for customer due diligence - a copy (either hard copy or electronic form admissible in judicial proceedings) of the documents and information, for a period of 5 years following the end of the business relationship / the date of an occasional transaction
  • for the supporting evidence and records of transactions - original documents or copies admissible in judicial proceedings, for a period of 5 years after the end of a business relationship with their customer / after the date of an occasional transaction

8. AML rules for extraterritorial activities

Romanian Reporting Entities operating branches in other EU Member States must ensure that such branches observe the legislation of those EU Member States relating to the prevention of using the financial system for ML purposes.

Reporting Entities that are part of a group must implement group-wide policies, procedures and instructions, including data protection policies and policies and procedures for sharing information within the group for AML purposes. Those policies and procedures must be implemented effectively at the level of branches and majority-owned subsidiaries located in EU Member States and third countries.

Additional measures must be implemented to effectively handle the risk of ML / TF where a third country law does not permit the implementation of group-wide polices.

Romanian credit or financial institutions operating branches in third countries must ensure that they apply know your customer and records-keeping procedures at least equivalent to those provided under the AML Law.

9. Prohibition from issuing new bearer shares

Romanian companies are forbidden from issuing new bearer shares starting from 21 July 2019 as well to the trade on the existing ones. Existing bearer shares must be converted into nominative shares within the next 18 months.

Failure by concerned legal entity to convert the bearer shares into nominative shares may lead to the dissolution of the entity at the request of any interested party or of the National Trade Registry Office.

10. Significantly more severe administrative sanctions

The AML Law provides significantly more severe administrative sanctions in case of breaches of the legal provisions by the Reporting Entities as opposed to the Former AML Law.

For individuals: Administrative sanctions may consist of a warning or an administrative fine (ranging from minimum RON10,000 (approx. EUR2,300) to maximum RON150,000 (approx. EUR34,000)

For legal entities: Administrative sanctions may consist of a warning or fine of 10% of the total revenue declared for the previous fiscal period above the fines applicable for individuals. Separate sanctions may also be applied to the members of the management bodies or other individuals responsible for the breach.

For breaches by non-banking financial institutions (other than those supervised by the National Bank of Romania: In case of breaches by credit or financial institutions which are serious, repeated and/or systematic, administrative fines of up to RON 5,000,000 (approx. EUR 1,057,000) for legal entities and up to RON 50,000 (approx. EUR 11,000) for individuals.

Ancillary sanctions: In addition to fines, one or more additional ancillary administrative sanctions may be imposed, including, licence withdrawal (either temporary or definitive), freezing the bank account for a period of 10 days up to one month or closing down the unit, issuing an injunction, forfeiting of goods used or resulting from the breach.

For credit institutions or non-banking financial institutions (supervised by the National Bank of Romania), the following types of sanctions may be imposed: (i) supervision measures, (ii) administrative measures and (iii) sanctioning measures.

Supervisory measures to be imposed by the National Bank of Romania may consist in: (i) requesting the legal entity to improve the management framework, the policies, the procedures with a view to decrease the risks and remedy the deficiencies or causes of the breach; (ii) to request the legal entity to apply standard customer due diligence measures instead of simplified customer due diligence measures or enhanced due diligence measures instead of the standard customer due diligence measures; (iii) to restrict the activity, operations or delivery channels; (iv) to request the legal entity to decrease the risk related to its operations, services, IT systems; (v) to request the replacement of the persons appointed to ensure the management of the compartments and / or the branches with responsibilities for the AML Law enforcement.

Administrative sanctions to be applied by the National Bank of Romania may consist in: (i) written warning; (ii) public warning; (iii) fines of up to 10% of the total annual turnover according to the latest financial statements available or up to RON 23 million; and (iv) withdrawal of the approval for its directors and/or managers.

Sanctioning measures to be imposed by the National Bank of Romania may consist in: (i) order for termination of the illicit conduct; (ii) temporary restriction for individuals to occupy certain job positions; (iii) withdrawal of the authorization.

The National Bank of Romania ensures the publicity of the sanctions applied by it by posting on its official web-site information on the number and type of measures and sanctions applied, the type and nature of the breach, identity of the individuals responsible for the breach. The information is kept for a period of 5 years.

The National Bank of Romania also informs the European Supervisory Authorities on the supervision measures, administrative sanctions and sanctioning measures applied to credit / financial institutions.

11. AML Secondary legislation

According to AML Law, certain secondary legislation is to be adopted with a view to implementing the law, including:

  • an implementing regulation to be adopted by the Romanian Government based on a draft to be proposed by the Office for the Prevention of Money Laundering and Terrorism Financing
  • a regulation to be issued by the Office for the Prevention of Money Laundering and Terrorism Financing regarding the content and form of reports of transactions
  • a guide to be issued by the Office for the Prevention of Money Laundering and Terrorism Financing providing criteria and rules for recognizing high or low AML risk situations
  • sectorial regulations to be issued by supervisory authorities (including by the National Bank of Romania for credit and financial institutions and the National Agency for Fiscal Administration) and self-regulatory bodies.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

In association with
Related Topics
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions