Banks’ internal governance obligations vis-à-vis money laundering risks emerging from the new technology-enabled means to transfer funds or value (“crypto assets”)

Abstract

PurposeThe new technology-enabled means to transfer funds or value via crypto assets have prompted regulators and supervisors to question the effectiveness of the anti-money laundering (AML) regulatory framework. This paper aims to examine the recent developments of the EU AML legislation – leading up to the 2021 AML package – focusing in particular on the banks’ internal governance obligations.Design/methodology/approachThe analysis is based on the legal dogmatic methodology and is therefore conducted thanks to a critical exam of the current and upcoming EU policy and legislation, taking into account the relevant literature and case-law.FindingsThe recent regulatory developments, culminating in the AML regulation, are strengthening the causal links between ML risk assessment–ML risk exposure–ML risk management, via internal governance procedures. One of the major AML regulatory strategies to react to the new challenges brought up by crypto assets amounts to a stricter and more demanding AML risk management regime imposed on banks.Originality/valueThe originality of this article lies in the analysis of the causal connection between money laundering risk identification and internal governance obligations. In particular, this article examines how the risk assessment will be shaping the organizational procedures, processes and internal functions necessary to manage the money laundering risks.