On 30 May 2024, the Council of the EU adopted a package of new anti-money laundering and counter-terrorist financing (AML/CTF) rules. The AML Package contains an EU Single Rulebook Regulation, a new Directive and a regulation establishing a new AML Authority. The new regulations introduce several key measures aimed at enhancing effectiveness and creating uniform AML/CFT frameworks across member states. The package has already been adopted by the EU parliament on 24 April.
Some of the key changes introduced as part of the new EU AML Package include:
Read on to learn more about the new package and why OSINT is key in implementing it.
Under the new package, the list of obliged entities has been expanded to include:
All these firms will have to start thinking about how to meet the requirements for customer due diligence and identifying suspicious behaviour, often for the first time. Football clubs, in particular, may be building out a formal anti-financial crime framework from scratch. Obligated firms must tackle both rules-based procedures (like identifying customers) and more open-ended, risk-based activities like conducting enhanced due diligence and investigations. Figuring out best practice and how to balance effectiveness with efficiency will be a steep learning curve.
The new package also introduces specific, enhanced due diligence requirements for situations where there is a higher money laundering risk. This includes cross-border correspondent relationships for CASPs, handling substantial assets for high-net-worth individuals (HNWIs), and transactions and relationships involving high-risk third countries.
Enhanced due diligence is about going beyond tick-box requirements to gain a real understanding of a customer. This involves diving deeper into their background and activities, potentially uncovering hidden risks that standard checks would miss. By leveraging a much wider range of information and engaging in sophisticated analysis, EDD provides a clearer, more detailed picture of who firms are doing business with, enabling better decision-making and fostering more secure relationships.
One of the most tangible ways for a firm to show it is applying meaningful EDD to higher-risk scenarios is to use open source intelligence (OSINT). Due diligence checks that rely on limited datasets only cover a tiny fragment of the information available, leaving gaps in firms’ knowledge of their customers. Using the full range of publicly available information helps firms better understand their customers and identify unwanted risks. As such, this approach demonstrates a commitment to meeting the standards of the EU’s AML Directive and managing risks proactively.
Within this approach, firms might use sources such as live, unstructured internet data, corporate records, media databases and PEP lists.
HNWIs demand heightened scrutiny and present unique challenges for firms conducting due diligence and risk assessments. Their substantial assets, complex financial portfolios and diverse business interests can be hard to piece together, demanding thorough and nuanced investigation to uncover any hidden liabilities.
Suggested reading: Discover how leading financial institutions are already using OSINT in our free handbook.
On the one hand, HNWIs are often high-profile figures. They generate so much media coverage and appear in so many official records, it is hard to manually sift through to identify key information and produce a clear picture. On the other hand, many of their activities and corporate interests may be undocumented or even deliberately hidden. It is not unusual to find very little information on HNWIs’ early years, especially how they started acquiring their wealth. Unearthing these insights requires more intelligent use of a wider range of open sources.
OSINT plays a crucial role in conducting comprehensive reviews of HNWIs by aggregating and analysing many different types of publicly available information. Examples of open source data that is useful in HNWI due diligence includes:
One of the most powerful aspects of OSINT is its ability to uncover inconsistencies or gaps in the accounts of an individual’s sources of wealth, background, and career history. These red flags are crucial for spotting risky customers. For example, unexplained wealth, sudden changes in career trajectories, or discrepancies between reported and actual assets can indicate potential financial crime risks.
HNWIs often have connections to influential business figures, politicians, and other key individuals. OSINT can track these connections using news articles, social media and other public records. Understanding these relationships is important for assessing individuals’ influence within certain networks and potential bribery and corruption risks. It also helps identify any hidden relationships that might pose a conflict of interest or suggest potential collusion.
Another area where OSINT can be extremely valuable is investigating an individual’s involvement in litigation. OSINT uses public court records and news reports to provide insights into past and ongoing legal battles, shedding light on potential liabilities and disputes. This information is essential for understanding the individual’s legal standing and any risks associated with their litigation history.
The reputation and operations of companies linked to HNWIs are also pivotal in understanding their risk profile. OSINT enables firms to analyse market reports and industry reviews of these companies to understand their business practices. Reviewing all the relevant information helps firms find inconsistencies or red flags and decide if further investigation into a client’s legitimacy is needed.
Suggested reading: read our blog, Why Banks Need OSINT, to understand what you can learn from recent AML scandals.
With its new AML Package, the EU has set out clear expectations for enhanced due diligence and in-depth investigations in high-risk scenarios. OSINT provides an invaluable tool for conducting such investigations and gaining a meaningful understanding of riskier customers including HNWIs, offering a multidimensional view of their backgrounds, assets, and associations. Using OSINT, firms can do more to find and reduce risks linked to these important clients. This approach not only ensures compliance but also safeguards the firm’s reputation and financial stability, enabling it to make better-informed decisions.
Suggested reading: Learn more about why OSINT is key in the new package by reading this blog.