Changes in Financial Monitoring. Businesses Bound to Disclose Full Ownership Structure.
On April 28 Ukraine is to enact the new law – Law No.361-IX “On Prevention and Counteraction to Legalization (Laundering) of Proceeds from Crime, Terrorism Financing, and Financing of Proliferation of Weapons of Mass Destruction”.
This new law regulating the financial monitoring procedures provides for enhanced measures designed to ensure the disclosure of business structure information to primary reporting entities. So what is in store for the Ukrainian business following the amendments?
What is financial monitoring?
Financial monitoring is a set of controls applicable to financial transactions that are subject to monitoring and involves customer identification and verification, tracking of transactions, and collection of transaction party data. The task is to control risk-related financial transactions and identify attempts of money laundering or terrorism financing.
The current financial monitoring legislation is based on the Law of Ukraine “On Prevention and Counteraction to Legalization (Laundering) of Proceeds from Crime”. It should be noted that financial monitoring measures only apply to financial transactions.
What are the obligations of reporting entities?
The financial monitoring function is performed by primary reporting entities. The law provides for an extensive list of entities, including banks, insurance companies, pawnshops, all financial institutions (including representative offices of foreign institutions), securities market participants, notaries, attorneys, auditors, accountants, lawyers etc.
The main task of reporting entities is customer identification and verification (KYC – Know Your Customer). The verification is based on international AML (anti-money laundering) standards. All suspicious transactions must be reported to the State Financial Monitoring Service for further investigation.
The KYC process is mandatory when first establishing customer relations, for instance when an account is set up or a financial transaction is conducted. The aim of KYC is to collect data about the ultimate beneficial owner. For this purpose, the information supplied by the customer or extracted from government registers and other open sources is used.
To identify Ukrainian residents, the reporting entity may request the full name, date of birth, passport data, and taxpayer number (for individuals). If the customer is a sole proprietor, he/she will be required to provide the registration number and bank account details. For legal entities, the required data includes the entity name, location, registration number, identification data of persons authorized to dispose of company assets, and bank account details.
As for non-resident entities, the above list is extended to include information about management bodies, ultimate beneficial owner data, and the entity’s certificate of registration certified by a notary. Where the business structure involves a trust, the reporting entity may request information about principals and trustees.
Who belongs to the ultimate beneficial owners?
The financial monitoring law includes a definition of the ultimate beneficial owner: any individual who irrespective of formal ownership exerts a decisive influence on the entity’s management or operations, directly or through other persons by owning directly or indirectly a 25%+ share in the entity’s authorized capital.
The above criteria are applicable to identify the ultimate beneficiary holding a substantial share of assets or rights either independently or jointly with other persons. The only exception is made when the person holds 25% or more of the capital but acts as a nominee, agent or intermediary.
How is the entity’s ownership structure disclosed?
The ownership structure is a system of relations between individuals and entities allowing identification of the ultimate beneficiary owner. The ownership information disclosed by customers during the KYC process conducted by primary reporting entities is further transmitted to the State Financial Monitoring Service. An exception is made for companies whose founders are private individuals. However, if such individuals are politically exposed persons (PEPs), the complete verification process applies.
Transactions subject to financial monitoring
Financial monitoring is mandatory for:
- transactions exceeding UAH 150 thousand;
- transactions with anonymous foreign accounts;
- offshore transactions;
- any transactions with countries on the Cabinet of Ministers’ blacklist;
- funds transfer under international business contracts;
- funds transfers by non-profitable organizations.
High-risk transactions can also be included in the above list. With the latter category being blurred, any transaction may be considered as risk-related by the reporting entity.
Documents involved in the KYC, AML, ultimate owner and company structure disclosure
Those may include corporate documents of the company and its owners, as well as identity documents of the ultimate beneficial owners, documents of other companies maintained by them, data confirming connections with publicly exposed persons, trust agreements, customer data from offshore jurisdictions. In addition, any other data enabling the control of transactions which need closer attention can be requested.
Guided by the documents provided, the reporting entity reviews the customer’s transactions and financial situation. Clients with a non-transparent ownership structure may be refused the services at once.
Consequences of refusal to disclose data
If a customer refuses to supply information necessary for identification and verification (and determination of beneficial owners), analysis and identification of financial transactions which are subject to monitoring, he/she will be denied the account opening. Besides, the client will not be able to carry out financial transactions. So all necessary data must be provided to the primary reporting entity.
How will financial monitoring change?
The amended law adapts the Ukrainian legislation to the regulations of the fourth EU Directive 2015/849 and EU Regulation 2015/847, and to the standards of the Financial Action Task Force (FATF).
The following changes will be implemented in the financial monitoring regulations:
1. Narrowing of the range of financial transactions subject to financial monitoring
The new law provides for an increased threshold amount of financial transactions that are subject to financial monitoring: from 150,000 to 400,000 hryvnias.
Further, according to the new law the number of attributes which make financial transactions subject to mandatory monitoring is reduced from 17 to 4:
- transactions involving offshores;
- transactions involving PEPs (or their family members);
- funds transfer overseas;
- transactions with cash.
2. Implementation of the risk-based approach for financial monitoring.
The risk-based approach involves a set of measures designed to identify money laundering risks. Primary reporting entities now must use this approach to determine risks associated with their clients. By default, the high risk of business relations is assigned to:
- customers registered in “prohibited” jurisdictions (Cabinet of Ministers’ blacklist);
- customers belonging to publicly exposed persons (PEPs), to their family members and related parties;
- beneficiaries included in the sanction lists of Ukraine;
- clients registered in offshore zones.
3. Customer due diligence and verification mechanism
The concept of “due diligence” is introduced, expanding the client identification and verification process. Reporting entities must continuously monitor the financial transactions of their customers to identify potential risks and keep their data updated. Besides, it is prohibited to open and maintain anonymous accounts.
The due diligence is performed before business relations with the client are established, before carrying out transactions exceeding UAH 30 thousand (where no account is set up), before effecting transactions with virtual assets exceeding UAH 30 thousand, and also when there are doubts or suspicions as to the truthfulness of the data provided.
The client data collection approach has also changed. Information sources will be more specific. Customers will have to provide certified copies of documents and bank account details, confirm their place of residence and supply any other data required to determine the nature of future business relations.
The list of data the customer must provide to the reporting entity has not changed significantly. One item has been added – the unique entry number in the Unified State Demographic Registry.
The amended law has substantially expanded requirements to trusts and similar entities. Previously, reporting entities only had to collect information about principals and trustees; but the list is much longer now and includes the full name, purpose of operations, managed assets, country of incorporation, bank account details, identification number and a certified copy of the trust’s incorporation document or an equivalent thereof.
To identify the ultimate beneficial owner, the reporting entity should receive the full business ownership structure from the client. Where the business structure includes a trust or a similar organization, the relevant information must be disclosed, including data regarding founders, trustees, protectors (if any) and beneficiaries.
From now on, reporting entities should not rely exclusively on registry data or public sources. The customer must provide complete information about the structure, supplemented with documented evidence. If inaccurate data are provided, the customer will be refused the services, with relevant information communicated to the State Financial Monitoring Service.
Reporting entities must have a risk management system in place to determine whether clients or their beneficiaries belong to PEPs. If they do, the reporting entity has to obtain its executive’s permission to work with the client. Where the permission is granted, the reporting entity must identify the source of wealth involved in the client transactions and continuously conduct in-depth monitoring of the business relations.
If a publicly exposed person ceases to perform their public functions, he/she will be considered a high risk customer for at least one year after that.
4. New funds transfer requirements.
The amended law enhances the financial monitoring procedure applicable to transactions. For all funds transfers detailed information about the funds’ sender and recipient must be provided.
The reporting entity rendering funds transfer services shall check the data provided in connection with the payer’s transaction, using official documents or information from official sources. Reporting entities are prohibited from making the transfer if the required financial transaction data are not provided.
So what is in store for the businesses?
The Financial Monitoring Law has both positive and negative implications for businesses. Substantial improvements have been made in the legislation concerning the control of financial transactions in compliance with international anti-money laundering regulations.
More anonymous or dubious structures will no longer be serviced by banks and other financial institutions. From now on, interactions with reporting entities will require complete business disclosure and overwhelming control of beneficiaries.
SBSB International Law Firm has immense experience with various banks and payment systems. Our lawyers have an extensive portfolio of successful unfreezing and unblocking of bank and payment system accounts. We will be happy to offer you detailed advice on the matter. By the way, you can get a free online consultation in our Telegram chat.