Time to act: EU Funds Transfer Regulation 2015
The EU Funds Transfer Regulation 2015 (FTR 2015), which has been in effect since 26 June 2017, aims to deliver full traceability of payments. A lack of regulatory clarity is, however, leading to significant implementation hurdles that require urgent action from all stakeholders, says Christian Westerhaus, head of product and strategy, institutional cash management, Deutsche Bank.
At a time when money laundering transactions equate to 2-5% of global GDP annually (according to the PwC data), governments and regulators are understandably intensifying their fight against illicit financial flows. Staying a step ahead of the criminals is increasingly difficult, however, as technological advances give rise to more sophisticated methods of money laundering.
Greater global interconnectedness also means that more cross-border transactions are being transmitted than ever before – and they are becoming harder to monitor end-to-end for suspicious activity. Against this backdrop, the co-ordination of anti-money laundering (AML) and counter terrorist financing (CTF) efforts has never been so important.
FTR, which became applicable on 26 June, sets out to ensure traceability of payments transactions – and is therefore a powerful tool in the prevention, detection, and investigation of criminal activity. Despite being a regional regulation applicable to payment service providers (PSPs) established in the European Economic Area (EEA), FTR 2015 is, in fact, global in scope. It covers all transfers of funds – in any currency – within the EEA, as well as those sent from within the EEA to another region and vice versa. In other words, for FTR 2015 to apply, only one PSP in the payment chain must be established in the EEA.
Yet, while a step forwards, challenges persist, especially because of the remaining open questions regarding the interpretation and proper application of FTR 2015’s requirements. Rapid action is subsequently essential to prevent unnecessary disruption to payment flows or unintended breaches of the regulation.
Beneath the surface
The new regulation not only updates but also expands the requirements of its predecessor, FTR 2006. For example, FTR 2015 imposes additional requirements on intermediary PSPs to implement effective procedures to detect whether regulatory required information is transmitted with a transfer of funds.
Intermediary and beneficiary PSPs must detect whether regulatory required information is transmitted with a transfer of funds. Going forward, this also includes information on the payee – with the payer’s PSP holding responsibility for communicating all regulatory required information. While there are some exceptions, in principle, the following information must be transmitted:
- name of the payer;
- payer’s account number;
- payer’s address;
- name of the payee;
- payee’s account number.
Furthermore, this information must be transmitted in the designated data fields of the payment message scheme used. Under FTR 2015, if any mandatory information is not provided in the corresponding designated data fields by the sending PSP, it will be considered insufficient.
FTR 2015 also sets higher qualitative standards on PSPs to implement effective procedures to detect missing/insufficient information (see Figure 1 below). These standards vary depending on the role the PSP plays in the transaction. The payer’s PSP must verify that information transmitted on the payer (not payee) is accurate if the transaction amount exceeds €1,000.
In addition, both the intermediary PSP and the payee’s PSP must detect whether the designated payment message data fields (relating to the payer and payee) are populated accurately. The payee’s PSP must then detect and verify the accuracy of the information transmitted on the payee. There are also certain obligations to report breaches in the information requirements to the competent authorities.
Figure 1: Handling of missing information pursuant to FTR 2015 (click on the image to enlarge)
Grey areas ahead
These additional requirements represent something of a challenge for PSPs, but perhaps the most significant implementation hurdle is the fact that FTR 2015 leaves significant room for interpretation. It does not set out in detail what PSPs should do to comply.
At the beginning of April 2017, the European Supervisory Authorities (ESAs) issued draft guidelines, which the industry hoped would provide clarity. The draft guidelines are limited in their scope, however, notably around the detection requirements of FTR 2015 and handling of transfers with missing information.
They do not, for instance, provide a definition of what constitutes a “repeated failure” by the payer’s PSP to send regulatory required information to the payee’s PSP (as per Figure 1 above). Instead, the ESAs’ draft guidelines, state that PSPs may decide to treat other PSPs as repeatedly failing for different reasons, which may include either/or a combination of quantitative and qualitative criteria. Since the potential consequences attached to repeated failures are significant (for PSPs and senior managers alike), PSPs and the respective competent authorities must establish a consistent understanding of how these are triggered.
Additional grey areas include the regulation’s application to SEPA Direct Debits, the requirement for a name-number check under FTR 2015, and a loose definition of linked transactions. While the ESAs’ draft guidelines provide some guidance on the latter, outlining a six-month timeframe for monitoring linked transactions, significant IT capabilities would be required to achieve this.
Given that the ESAs’ draft guidelines do not aim to achieve maximum harmonisation of PSPs’ approaches to complying with FTR 2015, this could lead to a fragmented regulatory landscape and cause unnecessary disruption to global payment flows
To avoid these outcomes, and to ensure the safest possible regulatory framework for combatting money laundering and terrorist financing, further detailed guidance is required – sooner rather than later – to ensure a common interpretation of FTR 2015, both by national authorities and market participants.