On 25 September 2024, the Central Bank of Ireland (Central Bank) Deputy Governor, Derville Rowland, delivered remarks on the evolving approach to combatting financial crime under the EU package on Anti-Money Laundering (AML) / Countering the Financing of Terrorism (CFT).
We analyse the comments made at a Future of Financial Intelligence Sharing Event in Dublin.
Requirements to make the new AML package a success
- The EU Authority for AML/CFT (AMLA) and national supervisors need to encourage and support the establishment of Partnerships for Information Sharing.
- Partnerships for Information Sharing under the AML Regulation (AMLR) require participation from both the authorities and the private sector.
- AMLA and national authorities, including law enforcement authorities, must collaborate to raise standards and facilitate innovative solutions – including data sharing – to support the fight against money laundering and terrorist financing.
Partnerships for Information Sharing
Countries leading by example
The UK, the US (e.g., the Patriot 2001 Act) and Singapore enable information sharing between private sector operators. Singapore’s digital platform, COSMIC, enables six major commercial banks to securely share information on customers who exhibit multiple “red flags” that may indicate potential financial crime concerns.
Article 75 AMLR provides for Partnerships for Information Sharing
Data held by credit and financial institutions is the most useful in detecting and preventing financial crime. Article 75 of the new AML Regulation, while not as broad as the information sharing provisions in the USA and Singapore, enables the sharing of certain confidential information between private sector operators in the EU under the auspices of what is known as Partnerships for Information Sharing.
Safeguards under Article 75 AMLR
Article 75 establishes guardrails designed to strike a balance between effectively combatting money laundering and terrorist financing and protecting the privacy and the data of all EU citizens. For example, information can only be shared within a Partnership for Information Sharing if it relates to customers deemed to be higher risk and the sharing is strictly necessary to meet AML/CFT obligations. Also, Partnerships for Information Sharing must be verified in advance of their establishment by the AML/CFT supervisory authorities in collaboration with Data Protection Authorities.
Stakeholders
AML/CFT supervisors must:
- Develop clear guidance and a verification process that is accessible, transparent and capable of evolving over time. Although the AML Regulation will not be applicable until July 2027, the Central Bank is developing the necessary framework and governance procedures. This will be done in consultation with the Office of Data Protection Commissioner and the Financial Intelligence Unit, as necessary.
- Foster and support the development and adoption of Privacy-Enhancing Technologies (PETs), which facilitate the sharing of sensitive information through anonymisation. PETs have the potential to revolutionise information sharing between private sector operators.
- Act as a catalyst for innovation. AMLA and national authorities must collaborate to raise standards and facilitate innovative solutions in the fight against money laundering and terrorist financing. This includes establishing an Innovation Sandbox Programme to inform the early-stage development of selected innovative initiatives that are consistent with public policy objectives such as combatting financial crime.
Information
For further information on the EU AML/CFT reform package please see our article here. For further information on the Innovation Sandbox, please see our related articles here and here.
Contact Us
If you wish to discuss any of the above, please contact Shane Kelleher, Louise McNabola, or your usual William Fry contact.
Contributed by Jane Balfe.