The Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2018 (the "Amendment Act") transposes the majority1 of the Fourth Money Laundering Directive (EU) 2015/849 ("4MLD") into Irish law.
The Amendment Act came into force on 26 November 2018. It updates the current Irish framework of legislation for the prevention of the use of the financial system for the purpose of money laundering or terrorist financing ("ML/TF"). Irish anti-money laundering ("AML") and counter terrorist financing ("CTF") legislation is now contained in the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 to 2018 (the "CJAs").
This update summarises the key changes under the Amendment Act and how it affects Designated Persons2.
The scope of Designated Person has not been expanded in the Amendment Act. Accordingly, any person or entity that was deemed to be a Designated Person under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 shall continue to be a Designated Person and is required to comply with the new requirements of the Amendment Act.
New Registration Requirements for AML Purposes
The Amendment Act requires certain financial institutions to register for AML purposes with the Central Bank of Ireland ("Central Bank").
From 26 November 2018, financial institutions that offer any of the services set out at Schedule 2 of the Amendment Act, act in the State, in the course of business carried on in the State and are not otherwise authorised or licensed to carry on business by the Central Bank will need to register with the Central Bank.
Information on the type of financial institution that will need to register, including how to register with the Central Bank, can be read here.
Business Risk Assessment
Designated Persons are required to perform a business risk assessment to identify and assess the risks of ML/TF inherent in carrying out their business activities. This must consider factors including: (i) type of customer; (ii) type of product; (iii) geographical risk; (iv) type of transaction; (v) delivery channel; and (vi) other risks.
When carrying out the business risk assessment, each Designated Person must pay due regard to the National Risk Assessment, any guidance on risk issued by the relevant competent authority (i.e. the Central Bank) and any guidelines issued by the European Banking Authority, the European Securities and Markets Authority or the European...