ESA Report Examines Withdrawal of Authorization for AML Rule Breaches

Past cases have drawn attention to the significant impact that serious breaches of AML/CFT rules may have on the sound and prudent management of supervised financial entities and their ability to continue meeting the conditions for authorization (or registration. Thus, the EU Council Action Plan on AML of 2018 had requested ESAs to clarify some aspects of the interaction between serious breaches of AML/CFT rules. This report examines the four action points articulated in Objective 5 of the AML Council Action Plan and illustrates the findings on supervisory practices and national legislation. With respect to identifying measures available to prudential authorities to address prudential concerns, the report specifies an overview of how the assessment of money laundering/terrorist financing risks is embedded in prudential regulation and how supervision within the recently updated and revised Capital Requirements Directive and Regulation (CRD and CRR) framework is carried out. The report also provides a preliminary analysis of the interaction between serious breaches of AML/CFT rules and the crisis management and resolution frameworks as well as a first mapping of operational and legislative criticalities. Depending on the specific action point, the report identifies areas where the framework could be improved and puts forward the elements for a uniform interpretation, in respect of the notion of serious breach of AML/CFT. 

The joint report notes that only the CRD sets out an express ground to withdraw the authorization for serious breaches of AML/CFT rules. The competent authorities across the financial sector may rely on non-specific grounds based on European Union or national law. However, for sake of legal certainty, this report advocates for the introduction, in all relevant European Union sectoral laws, of a specific legal ground to revoke licenses for serious breaches of AML/CFT rules. The report also calls for the inclusion of assessments by competent authorities of the adequacy of the arrangements and processes to ensure AML/CFT compliance as one condition for granting authorization or registration. For this purpose, cooperation and information exchange between prudential supervisors and AML/CFT supervisors should be ensured. The report highlights the importance of the appropriate integration of AML/CFT issues into prudential regulation and supervision, including in the proposal for the Markets in Crypto-Assets Regulation (MiCA), currently under negotiation. Furthermore, the report clarifies the nature of the decision to revoke licenses as a last resort measure, subject to a discretionary and proportionality assessment. It also lays down uniform criteria for the notion of serious breach of AML/CFT rules, highlighting that the identification of a serious breach is subject to a case-by-case assessment by the AML/CFT supervisor.

Related Links

• Press Release
• Report (PDF)

Keywords: Europe, EU, Banking, CRD, CRR, Basel, AML CFT, ML TF Risk, Resolution Framework, Compliance Risk, Crypto-Assets, ESAs