Regulation (EU) 2024/1624 of the European Parliament and of the Council of 31 May 2024 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Central Bank (1),

Having regard to the opinion of the European Economic and Social Committee (2),

Acting in accordance with the ordinary legislative procedure (3),

Whereas:

(1) Directive (EU) 2015/849 of the European Parliament and of the Council (4) constitutes the main legal instrument for the prevention of the use of the Union’s financial system for the purposes of money laundering and terrorist financing. That Directive sets out a comprehensive legal framework, which Directive (EU) 2018/843 of the European Parliament and the Council (5) further strengthened by addressing emerging money laundering and terrorist financing risks and increasing transparency of beneficial ownership. Notwithstanding the achievements under that legal framework, experience has shown that further improvements should be introduced to adequately mitigate money laundering and terrorist financing risks and to effectively detect criminal attempts to misuse the Union’s financial system for criminal purposes.

(2) The main challenge identified in respect of the application of the provisions of Directive (EU) 2015/849 that lay down obligations for obliged entities, is the lack of direct applicability of the rules set out in those provisions and a fragmented approach along national lines. Although those rules have existed and evolved over three decades, they are still implemented in a manner not fully consistent with the requirements of an integrated internal market. Therefore, it is necessary that rules on matters currently covered in Directive (EU) 2015/849 which could be directly applicable by the obliged entities concerned are addressed in a Regulation in order to achieve the desired uniformity of application.

(3) This new instrument is part of a comprehensive package that aims to strengthen the Union’s framework for anti-money laundering and countering the financing of terrorism (‘AML/CFT’). Together, this Regulation, Directive (EU) 2024/1640 of the European Parliament and of the Council (6) and Regulations (EU) 2023/1113 (7) and (EU) 2024/1620 (8) of the European Parliament and of the Council will form the legal framework governing the AML/CFT requirements to be met by obliged entities and underpinning the Union’s AML/CFT institutional framework, including the establishment of an Authority for anti-money laundering and countering the financing of terrorism (AMLA).

(4) Money laundering and terrorist financing are frequently carried out in an international context. Measures adopted at Union level, without taking into account international coordination and cooperation, would have very limited effect. The measures adopted by the Union in that field should therefore be compatible with, and at least as stringent as, actions undertaken at international level. Union action should continue to take particular account of the Financial Action Task Force (FATF) Recommendations and instruments of other international bodies active in the fight against money laundering and terrorist financing. With a view to reinforcing the efficacy of the fight against money laundering and terrorist financing, the relevant Union legal acts should, where appropriate, be aligned with the International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation adopted by the FATF in February 2012 (the ‘revised FATF Recommendations’) and the subsequent amendments to such standards.

(5) Since the adoption of Directive (EU) 2015/849, recent developments in the Union’s criminal law framework have contributed to strengthening the prevention of and fight against money laundering, its predicate offences and terrorist financing. Directive (EU) 2018/1673 of the European Parliament and of the Council (9) has led to a common understanding of the money laundering crime and its predicate offences. Directive (EU) 2017/1371 of the European Parliament and of the Council (10) defined financial crimes affecting the Union’s financial interest, which should also be considered predicate offences to money laundering. Directive (EU) 2017/541 of the European Parliament and of the Council (11) has achieved a common understanding of the crime of terrorist financing. As those concepts are now clarified in Union criminal law, it is no longer necessary for the Union’s AML/CFT rules to define money laundering, its predicate offences or terrorist financing. Instead, the Union’s AML/CFT framework should be fully coherent with the Union’s criminal law framework.

(6) Harmonisation in the relevant area of criminal law enables a strong and coherent approach at Union level to the prevention of and fight against money laundering and its predicate offences, including corruption. At the same time, such an approach ensures that Member States that have adopted a broader approach to the definition of criminal activities which constitute predicate offences for money laundering can continue to apply such an approach. For that reason, in line with Directive (EU) 2018/1673, any kind of punishable involvement in the commission of a predicate offence for money laundering as criminalised in accordance with national law should also be considered as a criminal activity for the purposes of that Directive and of this Regulation.

(7) Technology keeps evolving, offering opportunities to the private sector to develop new products and systems to exchange funds or value. While this is a positive phenomenon, it can generate new money laundering and terrorist financing risks, as criminals continuously manage to find ways to exploit vulnerabilities in order to hide and move illicit funds around the world. Crypto-asset service providers and crowdfunding platforms are exposed to the misuse of new channels for the movement of illicit money and are well placed to detect such movement and mitigate risks. The scope of Union legislation should therefore be expanded to cover such entities, in line with FATF standards in relation to crypto-assets. At the same time, advances in innovation, such as the development of the metaverse, provide new avenues for the perpetration of crimes and for the laundering of their proceeds. It is therefore important to exercise vigilance as regards the risks associated with the provision of innovative products or services, whether at Union or national level or at the level of obliged entities.

(8) The institutions and persons covered by this Regulation play a crucial role as gatekeepers of the Union’s financial system and should therefore take all necessary measures to implement the requirements of this Regulation with a view to preventing criminals from laundering the proceeds of their illegal activities or from financing terrorism. Measures should also be put in place to mitigate any risk of non-implementation or evasion of targeted financial sanctions.

(9) The definition of an insurance intermediary under Directive (EU) 2016/97 of the European Parliament and of the Council (12) covers a broad range of natural or legal persons that take up or pursue the activity of insurance distribution. Some insurance intermediaries take up insurance distribution activities under the full responsibility of insurance undertakings or intermediaries and carry out activities subject to their policies and procedures. Where those intermediaries do not collect premia or amounts intended for the customer, the policy holder or the beneficiary of the insurance policy, they are not in a position to conduct meaningful due diligence or to detect and report suspicious transactions. In view of that limited role and of the fact that full application of AML/CFT requirements is ensured by the insurance undertakings or intermediaries under whose responsibility they provide services, intermediaries that do not handle funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 of the European Parliament and of the Council (13) should not be considered obliged entities for the purposes of this Regulation.

(10) Holding companies that carry out mixed activities and have at least one subsidiary that is an obliged entity should themselves be included as obliged entities in the scope of this Regulation. To ensure consistent supervision by financial supervisors, in cases where the subsidiaries of a mixed activity holding company include at least one credit institution or financial institution, the holding company itself should also qualify as a financial institution.

(11) Financial transactions can also take place within the same group as a way of managing group finances. However, such transactions are not undertaken vis-à-vis customers and do not require the application of AML/CFT measures. In order to ensure legal certainty, it is necessary to recognise that this Regulation does not apply to financial activities or other financial services which are provided by members of a group to other members of that group.

(12) Independent legal professionals should be subject to this Regulation when participating in financial or corporate transactions, including when providing tax advice, because there is risk of the services provided by those legal professionals being misused for the purpose of laundering the proceeds of criminal activity or for the purpose of terrorist financing. There should, however, be exemptions from any obligation to report information obtained before, during or after judicial proceedings, or in the course of ascertaining the legal position of a client, as such information is covered by legal privilege. Therefore, legal advice should remain subject to the obligation of professional secrecy, except where the legal professional is taking part in money laundering or terrorist financing, the legal advice is provided for the purposes of money laundering or terrorist financing, or where the legal professional knows that the client is seeking legal advice for the purposes of money laundering or terrorist financing. Such knowledge and purpose can be inferred from objective factual circumstances. As legal advice might already be sought at the stage of perpetrating the proceeds-generating criminal activity, it is important that cases excluded from legal privilege extend to situations where legal advice is provided in the context of the predicate offences. Legal advice sought in relation to ongoing judicial proceedings should not be deemed to constitute legal advice for the purposes of money laundering or terrorist financing.

(13) In order to ensure respect for the rights guaranteed by the Charter of Fundamental Rights of the European Union (the ‘Charter’), in the case of auditors, external accountants and tax advisors who, in some Member States, are entitled to defend or represent a client in the context of judicial proceedings or to ascertain a client’s legal position, the information they obtain in the performance of those tasks should not be subject to reporting obligations. However, the same exceptions that apply to notaries and lawyers should also apply to those professionals where they act in the exercise of the right of defence or when they ascertain the legal position of a client.

(14) Directive (EU) 2018/843 was the first legal instrument to address the risks of money laundering and terrorist financing posed by crypto-assets in the Union. It extended the scope of the AML/CFT framework to two types of crypto-asset service providers: providers engaged in exchange services between virtual currencies and fiat currencies, and custodian wallet providers. Due to rapid technological developments and the advancement in FATF standards, it is necessary to review that approach. A first step to complete and update the Union legal framework has been achieved with Regulation (EU) 2023/1114 of the European Parliament and of the Council (14), which set requirements for crypto-asset service providers wishing to apply for an authorisation to provide their services in the internal market. It also introduced a definition of crypto-assets and crypto-asset service providers encompassing a broader range of activities. In addition, Regulation (EU) 2023/1113 has extended traceability requirements to transfers of crypto-assets carried out by crypto-asset service providers covered by Regulation (EU) 2023/1114, and amended Directive (EU) 2015/849 to require Member States to make those crypto-asset service providers obliged entities. Those crypto-asset service providers should also be covered by this Regulation, to mitigate any risk of misuse of crypto-assets for money laundering or terrorist financing purposes.

(15) The creation of markets in unique and non-fungible crypto-assets is still recent and has not resulted in legislation regulating their functioning. The evolution of those markets is being monitored and it is important that it does not result in new money laundering and terrorist financing risks that would not be properly mitigated. By 30 December 2024, the Commission is to submit a report to the European Parliament and to the Council on the latest developments with respect to crypto-assets, including an assessment of the development of markets in unique and non-fungible crypto-assets, the appropriate regulatory treatment of such crypto-assets, including an assessment of necessity and feasibility of regulating providers of services related to unique and non-fungible crypto-assets. If appropriate, the Commission is to accompany that report with a legislative proposal.

(16) Crowdfunding platforms’ vulnerabilities to money laundering and terrorist financing risks are horizontal and affect the internal market as a whole. To date, diverging approaches have emerged across Member States as to the management of those risks. While Regulation (EU) 2020/1503 of the European Parliament and of the Council (15) harmonises the regulatory approach for business investment and lending-based crowdfunding platforms across the Union and introduces several safeguards to deal with potential money laundering and terrorist financing risks, such as due diligence of crowdfunding platforms in respect of project owners and within authorisation procedures, the lack of a harmonised legal framework with robust AML/CFT obligations for crowdfunding platforms creates gaps and weakens the Union’s AML/CFT safeguards. It is therefore necessary to ensure that all crowdfunding platforms, including those already licensed under Regulation (EU) 2020/1503, are subject to Union AML/CFT legislation.

(17) Crowdfunding intermediaries, which operate a digital platform in order to match or facilitate the matching of funders with projects owners such as associations or individuals that seek funding, are exposed to money laundering and terrorist financing risks. Undertakings that are not licensed under Regulation (EU) 2020/1503 are currently left either unregulated or are subject to diverging regulatory approaches across Member States, including in relation to rules and procedures to tackle money laundering and terrorist financing risks. Such intermediaries should therefore be subject to the obligations of this Regulation, in particular to avoid the diversion of funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 or crypto-assets raised for illicit purposes by criminals. In order to mitigate such risks, those obligations apply to a wide range of projects, including, inter alia, educational or cultural projects and the collection of those funds or crypto-assets to support more general causes, for example in the humanitarian field, or to organise or celebrate a family or social event.

(18) Directive (EU) 2015/849 set out to mitigate the money laundering and terrorist financing risks posed by large cash payments by including persons trading in goods among obliged entities where they make or receive payments in cash above EUR 10 000, whilst allowing Member States to introduce stricter measures. Such an approach has shown to be ineffective in light of the poor understanding and application of AML/CFT requirements, lack of supervision and limited number of suspicious transactions reported to the Financial Intelligence Unit (FIU). In order to adequately mitigate risks deriving from the misuse of large cash sums, a Union-wide limit to large cash payments above EUR 10 000 should be laid down. As a consequence, persons trading in goods no longer need to be subject to AML/CFT obligations, with the exception of persons trading in precious metals, precious stones, other high value goods and cultural goods.

(19) Some categories of persons trading in goods are particularly exposed to money laundering and terrorist financing risks due to the high value of the often small, transportable goods they deal with. For that reason, persons dealing in precious metals and precious stones and other high value goods should be subject to AML/CFT requirements where such trading is either a regular or a principal professional activity.

(20) Motor vehicles, watercraft and aircraft in the higher market segments are vulnerable to risks of misuse for money laundering and terrorist financing given their high value and transportability. Therefore, persons trading in such goods should be subject to AML/CFT requirements. The transportable nature of those goods is particularly attractive for the purposes of money laundering and terrorist financing given the ease with which such goods can be moved across or outside Union borders, and the fact that access to information on such goods where registered in third countries might not be easily accessible to competent authorities. To mitigate risks that Union high-value goods may be misused for criminal purposes and to ensure visibility on the ownership of such goods, it is necessary to require persons trading in high-value goods to report transactions concerning the sale of motor vehicles, watercraft and aircraft. Credit institutions and financial institutions provide services that are essential for the conclusion of the sale or transfer of ownership of such goods, and should also be required to report those transactions to the FIU. While goods intended solely for the pursuit of commercial activities should not be subject to such disclosure, sales for private, non-commercial use should not be limited to instances where the customer is a natural person, but should also relate to sales to legal entities and arrangements, in particular where they are set up to administer the wealth of their beneficial owner.