Does the Sixth Money Laundering Directive apply in the UK?

6th money laundering directive UK

The Sixth Anti-Money Laundering Directive (6AMLD) is an EU directive that aims to enhance the existing anti-money laundering (AML) and counter-terrorism financing (CTF) regulations within the European Union. The United Kingdom has implemented the provisions of 6AMLD into its domestic legislation. Some key points the UK was able to implement were: an expanded scope, stricter penalties, beneficial ownership registers, enhanced due diligence measures, information exchange, and criminalisation of aiders and abettors.

Does 6AMLD apply to the UK?

Yes. The 6AMLD is a European Union directive that aims to combat money laundering, terrorist financing, and other related financial crimes. Although the UK officially left the EU on January 31, 2020, it adopted the 6AMLD into its national legislation before that date. Therefore, the 6AMLD is still applicable in the UK, and its provisions have been incorporated into the country’s legal framework to ensure the prevention and detection of money laundering activities.

Understanding the new anti-money laundering regulations

The Sixth Money Laundering Directive was required to be implemented into national law across the EU by 3 December 2020. In some countries, such as Germany who implemented the Sixth Directive last month, this required a paradigm shift in how money laundering offences are prosecuted in Germany. The German law abandoned the concept of a catalogue of predicate offenses in favour of an ability to capture profits derived from any criminal activity. 

What is the impact of the Sixth Money Laundering Directive in the UK?

In the UK, money laundering has already included the proceeds of any criminal activity for a few years. That’s why the UK has been less impacted by the Sixth Directive than other European nations as much of the AML regime in the UK is already compliant with the Sixth Directive. 

One of the big things in the Sixth Directive is the extension of criminal liability for money laundering to cover corporate persons. Essentially, a ‘failure to prevent’ money laundering law in a similar vein to the ‘failure to prevent tax evasion’ which was implemented by the Criminal Finances Act 2017.

The UK Ministry of Justice has said they will put corporate criminal liability under fresh scrutiny in 2021. This means firms will need to consider how their AML procedures are embedded within company culture, as opposed to just a list of policies and procedures. Significantly more attention will likely be required for staff training at all levels, not just for regulated persons. Further, more of an effort from the board level and senior management will likely be required to demonstrate compliance.

However, given the Brexit transition process and the fact that the UK is already compliant with a great deal of the Sixth Directive, the UK withdrew from the transposition of 6AMLD. UK law also goes considerably further than the Sixth Directive requires in many areas. But the key ‘new’ offence of a failure to prevent money laundering law is not something that has been introduced into the UK yet, but certainly could be in the next year. 

Money laundering regulators have been cracking down on firms that fail to have completed risk assessments. The results could run into fines, but also potentially criminal action under a ‘failure to prevent’ money laundering law. This would mean bosses and businesses who don’t invest time and effort in undertaking risk assessments and acting on those risks with mitigation procedures and strong AML compliance programmes, could face prosecution.

VinciWorks’ anti-money laundering training suite

Our latest anti-money laundering training includes an interactive assessment that takes users through a series of client emails

VinciWorks strives to make its AML training more than simply a tick-box exercise. Our courses are packed with realistic scenarios, real-life case studies and every customisation option you can think of. We have everything from in-depth induction training to refresher courses and five minute knowledge checks.

AML training suite

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.