Overview and update on AMLD 5 implementation in the Netherlands — November 8, 2019
The European 5th Anti Money Laundering Directive ((EU) 2018/843) explicitly provides for a registration mechanism for crypto-service providers (those who offer fiat-crypto exchange services or provide hosted crypto wallets). While the Directive started out with the obligation of a license or registration regime for cryptoplayers, the possibility of a license regime has been explicitly been struck out in the final text, for considerations of proportionality.
Transposition into Dutch law: simple at first, but supervisory add-ons later
The Dutch Ministry of Finance started transposing the directive and consulted a licensing regime with the market in December 2018. As the actual rules of the license still bore resemblance to the registration regime mentioned in the Directive, the industries comments focused on unworkable technicalities and explanations by the Ministry. The formal legal advice of the Council of State however, was quite explicit and it advised against the introduction of the law as long as a supervisory license mechanism and supervisory rules would be part of it. It stated that the transposition of this EU Directive is not the place for such rules.
In response the Dutch Ministry of Finance changed the law and made a new version. In this new version, the label of the license regime was changed to registration, but the essence became more of a supervisory regime. As a new set of rules the Ministry included further inspections and checks of business plan, organisation, risk management etc originating from the Act on Supervision of the Financial Sector. The actual legal construct includes a detailed evaluation of the company, a revocation of registration when a company is no longer compliant with the rules and a prohibition to operate on the market without a registration. This is a supervisory regime in disguise, which is beyond the necessities of the AMLD5 and goes against the advice of the Council of State.
Lower level rules confirm intention and nature of supervisory add-ons
The consultation of lower level legislation to implement this law, confirmed that fact that the law was a supervisory regime in disguise. The umbrella supervisory clauses on organisation and integrity of the Act on Financial Supervision were copied into the proposed new legislation (while the formal statements of the Ministry of Finance to the Dutch Parliament denied this). A number of individual companies then responded to the consultation with their concerns, outlining the discrepancy between the EU-requirements and the actual copy-paste of this banklike supervisory regime into Dutch anti-money laundering rules (See for example response 1, response 2, response 3).
In my personal response to the consultation of lower legislation implementing the directive I provided a historical overview and background of the different nature of the anti-money laundering law (WWFT) and the financial supervision law (WFT) outlining their different intent, scope and purpose. I outlined my concerns (also in this podcast with Satoshi Radio- in Dutch) with respect to due process and content of the legislation. My suggestion to the Ministry of Finance was to take a time-out to reconsider the situation and change course towards a pure EU transposition.
Industry warns parliament commission on Finance
One week later, on October 31, 2019 — the 11-th anniversary of the publication of the Bitcoin whitepaper — the association of bitcoin companies in the Netherlands (VBNL) sent an urgent message to the Parliament Commission on Finance outlining that the proposed Dutch text moves well beyond the EU directive by including prudential and supervisory rules (see letter and annex — Dutch). The VBNL requested true minimal implementation of the Directive and explicitly contradicted the statement of the Ministry of Finance to Parliament that the industry would find the law workable and do-able.
A number of days later, an independent legal opinion, confirmed that the proposed Dutch rules and lower legislation are not a minimal implementation of the EU directive, but an implementation which is beyond the rules of the Directive and its proportional intention.
Desinformation to Parliament
Quite interestingly, in the communications to parliament, the Ministry of Finance repeatedly states that the implementation law is a plain and simple EU transposition with no more rules added. The Ministry even states to parliament that no prudential rules or rules originating from the Act on Financial Supervision are proposed. This is a contradiction with the fact that article 3.17 of that law — which is in the prudential part 3 of Act on Supervision for the Financial Sector — is literally copied into the current anti-money laundering law, the so called WWFT.
The legal opinion mentioned earlier, actually points out at least 10 of those contradictions in the communications of the Ministry of Finance and states that the Ministry presents a wrong representation of the matter at hand. Still, if I understand the Ministry representative dealing with the issue correctly, the Ministry feels that it is correctly informing parliament (it is clear that on this matter I beg to agree with the expert lawyer instead).
Recent further communications by the Dutch intended supervisor (De Nederlandsche Bank) on November 8, confirm the plan of the Ministry to invoke prudential rules/supervision. The observations and fundamental objections of industry have not resonated whatsoever. There will be a supervisory regime with integrity/organisation rules that are identical to the regime for regular payment institutions and banks. The net result will be disproportional high costs for local players possibly leading to a shakeout of the local market and certainly not aiding innovation in this area.
Debate in parliament — postponed and pending
Last week should have been the moment that Parliament would discuss the law. The discussion was postponed however and is rescheduled for a couple of weeks later. How the debate will end is unclear, but it can be expected that the usual ‘bitcoin=criminality’ card will be played by the Minister. Undoubtedly there will be some data thrown at parliament on bitcoin money laundering that might sound impressive, but the biggest relevant money laundering number in the Netherlands is unknown. ING has not paid attention to Money Laundering during 6 years and the public authorities have been officially unable to assess the amount of value that was related to money laundering via ING. So a claim that a disproportionate amount of money laundering happens via crypto cannot sensibly be made.
What may also be done in parliament is to overexagerate the need to comply with the required timeline for AMLD5 implementation by January 2020. This is not convincing, coming from a Ministry that was well over a year late with the implementation of PSD2. But this would demonstrate that focus of the Ministry is more on timing and pushing things through Parliament than on achieving a balanced and legal transposition of the AMLD5-Directive.
Ramifications for government and legislation
To be clear: I don’t challenge the general policy aims and goals of the Ministry to strive for an optimal and safe society. But what strikes me as incorrect is to ignore the Council of State, to desinform parliament and to extend the supervisory reach beyond what is reasonably allowed and intended by EU-legislator. The Ministry of Finance (and Justice by the way, as they are the co-author) do not do justice to the roles of the EU, our Court of State and parliament. And all of this will be justified by the worn-out political spin: who can object to the goal of catching criminals?
If this law really passes parliament unchanged, the process sends a very clear (and alarming) message to the public. The rules of the legislative game will have become that a Ministry can freely spin any kind of legislation through parliament without paying respect to the legal and constitutional principles that bind us a nation. I think this does not contribute to further trust in our government.
It also leads to an interesting philosophical question going on in terms of integrity. If regulation on integrity for transactional processes is pushed through parliament by a process and communication that lack the proper integrity of the involved Ministers of Finance and Justice, can we then consider the outcome to be a lawful law?
Update, November 16, 2019
The central bank has now published its rules and guidance, with the caveat that the new law is still pending in parliament. The information provided is not always correct.
As an example, the website states:
‘The risk analysis in the WWFT is limited to the exposure of an institution to the risks on money laundering and terrorist finance, while the systematic integrity risk analysis has a wider scope’.
This systematic risk analysis, is a term literally copied from article 10 of lower level legislation (BPR: Decree Prudential Regulation) of the supervisory rules that apply to licensed financial institutions. A similar analysis will be required under the new law, and it would be more accurate for the central bank to clarify that this is not based on article 2b but on the lower level regulation of the AML-law under new article 23j of the law (if the EU transposition law passes parliament unchanged).
Such a statement would be more in line with the legal reality, but would have a serious disadvantage. It would openly clarify that the legislator has not taken into account the Court of State advice that said that the inclusion of prudential regulation cannot be done as an implementation of this EU Directive. Now, why is it so hard to be open about this?
Could it be that the foreseen supervisor is helping out by phrasing and presenting the upcoming rules in such a way that it may not embarass the Ministry of Finance and put them on the spot during upcoming discussions in parliament?
Initially, the legislative proposal of the Ministry was almost a clean cut EU implementation when consulted with the market (end 2018). Then late 2018 the supervisors published their vision that a license regime is necessary for crypto (instead of the registration as outlined in AMLD5). And the Ministry took the advice on board, put it in legal texts, while suggesting otherwise to parliament and ignoring the advice of our Court of State.
Among legal experts in the field the Ministries behaviour is taken not so much with a feeling of excitement but rather: ‘there we go again’. The sad story here is that this is not the first time that the Ministry of Finance thumbs its nose at the Court of State. So the net result may be that Dutch crypto players will be subject to prudential supervisory rules and will have to prepare for paying a direct supervisory annual fee of at least 25000 euro with annual compliance cost leading up to at least 100.000 euro or beyond.
Impact for foreign crypto-service providers
Non NL or EU-based providers of services to Dutch customers should take note by the way. Even if you have a registration in another EU state, you may still have to register at the Dutch supervisor as well. If you are seen to serve, accomodate or target Dutch customers from abroad, you will need to apply. Companies with a seat in another Member State of the EU may not use the local registration but must acquire this additional registration for the Netherlands.
Companies without a seat in the EU are — under this new law — not allowed at all to target and service Dutch cryptocustomers. Targeted ads for the Dutch market, the use of Dutch payment instrument or Dutch terms and conditions all function as indicators that invoke the ‘registration’ requirement and applicability of the law. So make sure to tread carefully here.