News

France’s financial regulator has consolidated its three separate teams of anti-money laundering staff for banks, insurance companies and other institutions into a single unit of 88 full-time examiners and plans to complete 43 inspections by the end of 2021.

The Autorite de Controle Prudentiel et de Resolution, or ACPR, disclosed in an annual report Friday that the reorganization will first impact the insurance sector, where the number of onsite inspections will double to 20 this year, then shift towards banks, which will undergo 28 inspections in 2022 and another 28 in 2023.

ACPR’s survey of the 24,000 intermediaries, or brokers, operating in France last year identified 7,100 as selling life insurance or investment bonds, and found that “only a minority” had designated a money laundering reporting officer, or MLRO, to flag suspicious transactions to Tracfin, the country’s financial intelligence unit.

ACPR’s shift in focus towards insurance follows findings that professionals in the sector file far fewer suspicious transaction reports, or STRs, than banks, credit unions and other mainstream financial institutions despite facing at least moderate exposure to illicit finance and keeping comparable volumes of know-your-customer data.

Insurance companies were responsible for only 6 percent of the 96,000 STRs that Tracfin received from all financial institutions in 2019. Almost 60 percent of the total originated from banks, and 25 percent originated from payment services providers and electronic money institutions.

Smaller insurance companies often lack familiarity with France’s complex and frequently updated rules against financial crime, whereas larger firms too often follow the letter, but not the spirit, of the requirements, said Alain Curtet, a former MLRO for a top-tier French insurance provider.

“Their [larger insurance companies] compliance is mostly technical … they have put in place risk assessments, AML procedures and training, but when it comes to effectiveness, the results are not there,” Curtet told ACAMS moneylaundering.com. “They think that not detecting suspicious cases is good news, instead of a sign that their system is faulty.”

ACPR this year will separately assess whether financial institutions have pursued a risk-based approach to vetting legal entities and nongovernmental organizations for AML purposes, especially those operating in jurisdictions prone to corruption and other financial crimes.

The regulator also expects to recommend more penalties in response to AML violations in 2021 after having made six recommendations for punitive action in 2018, eight in 2019 and 11 last year.

Cautionary tale

ACPR hopes the consolidation into a single unit will eliminate supervisory overlap and lead to a broader, more comprehensive view of financial crime-related risks, especially those presented by the ever-expanding universe of cryptocurrency companies and other financial technology-centric firms, or fintechs.

“We were inspired by what existed elsewhere to be able to have this more transversal, more global vision [and] maintain an in-depth dialogue on the different fields in which fintechs may find themselves,” Jean-Paul Faugere, ACPR’s vice president, told moneylaundering.com during a press conference Friday.

The regulator issued licenses to seven cryptocurrency exchanges and other virtual asset services providers, or VASPS, in 2020, and 10 other operators have already received licenses in the first five months of this year.

Representatives of ACPR and the fintech industry meet twice a year to discuss AML-related developments and other issues.

“This revamp is a very good step in the right direction because competition to attract fintechs is fierce and our British counterpart, now out of the EU, is a good performer in that area,” Nathalie Bosse, a consultant in Paris who recently helped a fintech company apply for licenses in both France and the United Kingdom, told moneylaundering.com.

Enticing fintechs remains an uncertain, potentially high-risk proposition even with robust controls in place, and it is no accident that ACPR’s annual report mentions Wirecard, the now-defunct payment processor responsible for a $2 billion accounting fraud, the largest in German history.

“We learn from our own mistakes but also from those made by our neighbors,” said Bosse. “ACPR clearly does not want a similar case to occur in France.”

Contact Gabriel Vedrenne at gvedrenne@acams.org