An Opportunity to Cut Costs and Increase Effectiveness? The Potential Impact of Brexit on Financial Crime Compliance

Two areas where opinions diverge sharply between those who favour staying in the EU and those who favour a Brexit (of whatever form) are the UK’s security and the future of its financial services industry. Even well informed and eminent former intelligence and law enforcement chiefs cannot agree on the potential security impact of a Brexit: some argue that quitting the EU would leave the UK more vulnerable to serious organised crime and terrorism, while others say that it would make barely a jot of difference. Similarly, economists and bankers, both commercial and central, cannot agree on whether the City of London and the wider financial services industry would boom or bust outside the EU; partly because no one knows what form of access to the European Single Market in financial services UK firms would have in the event of a Brexit.

Financial crime compliance (FCC), and particularly anti-money laundering/counter-terror finance (AML/CTF) efforts, straddle these areas of great uncertainty. The question therefore has to be asked: can any sensible assessment be made of the potential impact of a Brexit on the AML/CTF compliance obligations discharged by all financial institutions and professional services firms?

The British Bankers’ Association estimates that AML/CTF compliance efforts cost their members alone at least £5 billion a year. It could be argued that much of this could be recouped by throwing off costly and restrictive EU regulation in this area, and that this considerable sum should therefore be added to the putative ’national dividend’ which proponents of Brexit suggest the UK would accrue in leaving the EU.

It is certainly true that AML/CTF regulation in the UK is derived significantly from the EU acquis (the body of law and regulation applicable to all EU member states), and in particular from the successive Anti-Money Laundering Directives (AMLDs). All member states have been required to transpose these Directives into their national laws; in the case of the UK, the current primary transposition vehicle is the Money Laundering Regulations 2007 (MLRs).

As a consequence of these regulations, banks and other financial institutions, as well as firms in many other sectors, are required to carry out extensive customer due diligence checks on anyone with whom they have a business relationship, and to monitor their customers’ transactions. In the UK, reports have to be made under the Proceeds of Crime Act 2002 or the Terrorism Act 2000 of any transactions that appear suspicious – a relatively low definitional threshold that led to over 350,000 reports to Britain’s National Crime Agency last year. Adding to the cost are requirements for associated record-keeping and training of all relevant members of staff.

Perhaps this is an area that would be suitable for root-and-branch regulatory reform in the case of a Brexit? Once EU law no longer applied to the UK, the country could grasp the opportunity to reduce the burden and costs of the regulation. Moreover, there are widely held views that the AML/CTF system achieves little by way of outcomes, compared to the cost to the private sector. And the system will soon gain a new layer of complexity: a new AMLD (the fourth, no less) was agreed last year and is scheduled to be implemented by June 2017 (although an ambitious, accelerated timetable agreed in the aftermath of the recent terrorist outrages in Europe means that it may be implemented by the end of this year).

A closer look suggests that things are not quite so simple, and that the perceived gains which may be derived from leaving the EU are not so straightforward. Although the third AMLD may be the proximate cause for the introduction of the 2007 MLRs, it was not the root cause. The AMLDs themselves serve to transpose international AML/CTF standards into EU law, particularly the 40 Recommendations of the Financial Action Task Force (FATF). The UK is a member of the FATF and, along with almost 200 other jurisdictions around the world, has committed to effectively implementing its Recommendations. Failure to do so results in the FATF ultimately calling for countermeasures against ‘non-cooperative jurisdictions’ – a list that currently consists of Iran and North Korea, unlikely bedfellows for even the most ardent Brexiters.

The FATF Recommendations themselves are a response to, and amplification of, requirements under international treaties, such as the UN’s Vienna and Palermo conventions. The UK is, and will remain in the event of leaving the EU, a member of the UN, of the FATF, and of the international community, committed to playing its part in the global fight against serious organised crime and terrorism, including AML/CTF efforts. So should it choose to leave the EU, it is clear that the UK would still need to have a comprehensive AML/CTF regime, incorporating extensive requirements on the private sector.

In any case, initiatives to improve the regime are already underway within the framework of the EU Directives. The UK’s Department for Business, Innovation and Skills has opened a ‘Cutting Red Tape Review’ of AML/CTF regulation; the Home Office and Treasury recently announced an AML/CTF Action Plan which, inter alia, seeks to improve the supervisory regime to ensure that compliance resources are focused on the highest risks and are not troubling low-risk clients with unnecessary red tape.

One reform proposed in the Action Plan is the abolition of the ‘consent’ regime, which requires firms to seek consent from the National Crime Agency to proceed with transactions they suspect in advance relate to the proceeds of crime. The UK has long been an outlier in the international community by implementing this specific requirement, which is not part of the EU Directives. Similarly, the reach of the UK’s AML/CTF regime is partly defined by the ‘all crimes’ approach it has long adopted as policy – all acquisitive crimes, of whatever size, are regarded as generating the proceeds of crime, and therefore any suspicion of even the smallest theft leads to a requirement to report. More recently, the UK’s decision to introduce a public register of beneficial owners of companies goes beyond the minimum expected in the fourth AMLD.

In short, therefore, the boundaries of the UK regime are set by Westminster, not Brussels. While improvements can likely be made to the system, potentially reducing costs, it is not possible to say this for certain: costs tend to be underestimated in this area, with the Regulatory Impact Assessment of the 2007 MLRs suggesting additional total costs in the region of £50 million, which seem low compared to current estimates of compliance spending. Still, it is far from clear that no longer having to comply with the AMLDs would make much difference to the reformed UK regime.

For example, there may be scope for some post-Brexit divergence in various areas. The requirements on ‘domestic’ Politically Exposed Persons (PEPs) – people who have been entrusted with prominent public functions in the UK – may be one area of divergence: the new AMLD applies enhanced measures on such customers domestically, in the same way that they have long been applied to PEPs from other countries. Although the government has recently taken account of political concern in this area, it has stopped short of ruling out this requirement, but has committed to more guidance for firms. In any case, some UK banks, particularly those operating globally, already apply enhanced due diligence to domestic PEPs as part of their risk-based approach to financial crime compliance, irrespective of the specific provisions of the AMLDs and the MLRs.

Banks operating in different jurisdictions operate to a group global standard of AML/CTF, as well as ensuring detailed compliance with the specific obligations in each country where they have a presence. UK firms seeking to do business in the EU post-Brexit will have to apply the provisions of the fourth AMLD to those operations. On a wider scale, the UK will either have to demonstrate compliance with the Directive as it does now, should the post-Brexit financial services settlement require adoption of EU legislation, or it would be likely (and in the national interest) to seek to be regarded by the EU as at least implementing equivalent standards in terms of AML/CTF in order to facilitate financial transactions with and through member states.

Given that imperative, and the UK’s history of independently implementing strong AML/CTF legislation above and beyond EU requirements, it seems that the scope for regulatory reform and cost savings (beyond current initiatives) in this area are not great, and so the impact of Brexit would be minimal on financial crime compliance.