A Guide To Money Laundering Compliance In Panama

The key challenges of AML compliance in Latin America and the Caribbean

Whether conducting risk assessments or reviewing client due diligence, it is vital to understand the risks and responsibilities of money laundering challenges for different jurisdictions.

In this article, VinciWorks considers the key AML challenges and laws in Panama, and what organisations should consider when assessing customer, geographic or matter risk.

For more on the key AML risks and challenges in Latin America and the Caribbean, download our free guide to compliance.

Click here to download a free copy.

Key risks

  • Grey listing / blacklisting – Panama was grey listed by the FATF in 2014, removed in 2016, and returned in 2019. It has been blacklisted by the EU as a non-cooperative tax jurisdiction. 
  • Political will – despite a sense Panama knows what needs to be done to improve, there is a lack of political will to progress stemming from political stalemate and a lack of inter-agency coordination. 
  • Financial sector – the country is a finance hub for the region, but its financial sector is a key risk, with corporate services, real estate, and remittance services being key channels for money laundering. Foreign funds are more likely to be sent to the country and laundered than domestic sources. There is a well-documented nexus between anonymous shell companies, aircraft registration, and drug smuggling.
  • Corruption – corruption is seen as the main illicit activity that generates dirty money. Panama is rated as 111 out of 180 in the corruption perception index. 
  • Misinvoicing – the value gap of trade due to misinvoicing amounts to at least $2.6 billion each year. Trade based money laundering plays a prominent role in generating illicit funds.

Criminal proceeds

An estimated $935 million – $2.3 billion is laundered every year in Panama.

AML policy summary

Panama is seen as having a weak AML regime, with laws existing on paper rarely being enforced. There is a lack of inter-agency coordination and a poor rate of convictions. 

Legal summary

Panama passed a host of new AML laws in an effort to be removed from the FATF grey list, although implementation is severely lacking. Panama recently adopted beneficial ownership registries, a vital legislative step given vulnerabilities in corporate structures, however significant loopholes and the slow pace of implementation mean corporate ownership structures remain a key vehicle to launder money. 

Panamanian money laundering laws are often designed to be weak, as often those writing the laws are working to ensure they can never be used against them given the endemic corruption in politics. Enforcement is also severely lacking. 

Panama’s main money laundering laws are:

  • Law 23 of 2015 – this is aimed at preventing money laundering and the proliferation of weapons of mass destruction
  • Law 11 of 2015 – this deals with international judicial assistance in criminal cases
  • Law 21 of 2017 – this adopted rules to regulate trusts under the supervision of the banking sector regulatory
  • Law 70 of 2017 – this criminalized tax evasion as a predicate crime
  • Law 129 of 2020 – this approved the creation of a beneficial ownership registry

Weaknesses

Lawyers are seen as the key facilitator in money laundering. Banking, real estate, international trade and bulk cash smuggling are also key weaknesses. Fake and fraudulent corporate structures are often used to conceal illicit funds. It’s strategic role as a financial hub links almost every country in the Western Hemisphere to Panama’s financial system.

Unlicensed money remittance services are the tip of an unregulated, poorly supervised iceberg. Professional services are highly influential in the economic and political life of Panama, but efforts to bring them under the AML regime are described as timid. Nominee shareholders are another key vulnerability, as is the ongoing failure to implement a beneficial ownership register. 

The US has criticized the country’s anti-terror efforts, saying that Panama “does not have comprehensive counterterrorism legislation or a robust counter terrorism framework.”

Strengths

The UK and US are working with Panama on building investigative capacity to tackle money laundering. The US is also engaging with Panama through the Corporate Transparency Act passed in the US, which aims to improve collaboration on corporate structures and beneficial ownership. 

More information

VinciWorks has created a guide designed to support businesses that currently operate in Latin America and the Caribbean, or are planning to, or seeking to expand to new countries in the region. This guide provides an overview of some of the key AML challenges and issues and includes a country-by-country assessment of AML risks and laws. 

Click here to download a free copy.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.