EBA says Payments Institutions do not Manage ML/TF Effectively

The European Banking Authority (EBA)  published its Report [Date 16/06/2023] on money laundering and terrorist financing (ML/TF) risks associated with EU payment institutions.

Its findings suggest that ML/TF risks in the sector may not be assessed and managed effectively by institutions and their supervisors.

In 2022, the EBA assessed the scale and nature of ML/TF risk in the payment institutions sector. It considered how payment institutions identify and manage ML/TF risks and what supervisors do to mitigate those risks when considering an application for the authorisation of a payment institution and during the life of a payment institution.

The EBA's findings suggest that institutions generally do not adequately manage ML/TF risk.

AML/CFT internal controls in payment institutions are often insufficient to prevent ML/TF, despite the high inherent ML/TF risk to which the sector is exposed.

The EBA's findings also suggest that not all competent authorities do enough to supervise the sector effectively.

As a result, payment institutions with weak AML/CFT controls can operate in the EU, for example, by establishing themselves in Member States where authorisation and AML/CFT supervision processes are less stringent to passport their activities cross-border afterwards.

Failure to manage ML/TF risks in the payment institutions sector can impact the integrity of the EU's financial system. The EBA's work on access to financial services further suggests that failure to address those risks will also undermine efforts to improve access by payment institutions to payment accounts.

Several of these findings relate to issues addressed in EBA Guidelines. A more robust implementation by supervisors and institutions of provisions in these guidelines will mitigate the sector's exposure to ML/TF risks.

Legal basis and background

Article 9a(5) of Regulation (EU) 1095/2010 ('EBA founding regulation') mandates the EBA to perform risk assessments on significant ML/TF risks affecting the EU's financial sector.

The EBA drew on several sources to inform this risk assessment. These include the findings of the EBA peer review on the authorisation of payment institutions under PSD2, data extracted from the EBA's AML/CFT database, EuReCA (available here), questionnaire responses, bilateral interviews with selected EU supervisors, national and supervisory assessments of ML/TF risks in the sector, and any other information available to EBA through its work on ML/TF risks and supervision.

The findings of this risk assessment will feed into the EBA's bi-annual ML/TF risk assessment exercise under Article 6(5) of Directive (EU) 2015/849.

In line with its legal duty to lead, coordinate and monitor the AML/CFT efforts of all EU financial services providers and supervisors, the EBA remains committed to holistically tackling ML/TF risks across all economic sectors within its remit.

DOCUMENTS

Report on ML TF risks associated with payment institutions

https://www.eba.europa.eu/sites/default/documents/files/document_library/Publications/Reports/2023/1056453/Report%20on%20ML%20TF%20risks%20associated%20with%20payment%20institutions.pdf

LINKS

Anti-Money Laundering and Countering the Financing of Terrorism

https://www.eba.europa.eu/regulation-and-policy/anti-money-laundering-and-countering-financing-terrorism