AML Policy

As one of the world’s largest economies, France plays a prominent role in the fight against financial crime and imposes strict money laundering and counter financing of terrorism regulations on its financial institutions. As a bank or financial services firm operating within French jurisdiction, it’s vital that you understand your compliance obligations. With that goal in mind, we’ve put together a list of the most important things to know about anti-money laundering in France.

1. Autorité des Marchés Financiers

The Autorité des Marchés Financiers (AMF) is France’s primary financial regulator with oversight of all financial institutions and a responsibility to prevent financial crime, money laundering, and the financing of terrorism. An independent body, the AMF has a range of powers to identify and prevent money laundering, including setting new rules, conducting investigations, and issuing penalties.

In a wider context, the AMF works with other French national and international authorities to contribute to the global fight against money laundering and to set AML policy. France is a member of the intergovernmental Financial Action Task Force (FATF), so the AMF also works to implement FATF’s 40 Recommendations as part of French AML/CFT policy.

2. Anti-Money Laundering Legislation

The French Monetary and Financial Code (Book V, Title VI) and the French Criminal Code (Article 324-1, and Article 421-1-6) set out AML and CFT regulations in France. As an EU member state, France has to implement EU law as part of its domestic legislation. This means that France must abide by the EU anti-money laundering Directives (AMLD), which are issued periodically by the EU Commission.  

EU member states are currently operating under the 4th AMLD (4AMLD). 5AMLD will come into full legal effect on January 10, 2020, while 6AMLD will be introduced in June 2021.

3. Data Protection

French data protection laws are applied in compliance with the EU’s General Data Protection Regulation (GDPR), which was introduced in 2018. GDPR compliance is a significant data protection consideration, especially since penalties for noncompliance can rise to €20 million (or 4% of global revenue). Under the GDPR, firms must: 

• Establish a lawful basis for processing personal data — and process that data fairly and transparently
• Only keep and use data for the specific purposes for which it was collected
• Ensure that they only collect data necessary for their business function
• Ensure that the data they collect is kept accurate and up to date
• Remove data that is no longer needed for their business function
• Treat personal data with complete integrity and confidentiality

The GDPR has consequences for the way firms implement money laundering regulations, which necessarily involve a focus on personal information. In particular, the GDPR introduces a “right to be forgotten,” which allows customers to request that firms delete their personal data under certain circumstances. While this rule clashes with AML record-keeping rules, the GDPR accounts for this by having legal requirements take precedence over the right to be forgotten. Accordingly, firms must only delete data after they’ve met their AML obligations.

4. Transaction Monitoring

Under AMF and FATF regulations, banks and financial institutions in France must facilitate transaction monitoring as part of their AML policy. The monitoring process should automatically flag transactions that present a high risk of money laundering or terrorism financing and should factor in:

• The origin and destination of funds (to or from high risk countries)
• The nature or size of the transaction (unusual deposits or customer behavior)
• The legal structures or schemes connected to the transaction

5. AML Onboarding and Monitoring

Under French law and EU and FATF requirements, banks and financial institutions in France must perform customer due diligence (CDD) procedures when onboarding new customers. They must also monitor their customers for potential money laundering activity throughout the relationship. These procedures are central to a risk-based approach to AML, helping firms to verify customers’ identities and the business in which they are involved.

6. Upcoming Regulation Changes

5AMLD: The most important upcoming anti-money laundering regulation in France is 5AMLD, which will come into effect on January 10, 2020. 5AMLD places a strong focus on the regulation of cryptocurrency:

• 5AMLD introduces a legal definition of cryptocurrency and extends existing AML/CFT regulations to cryptocurrency exchanges.  
• Under 5AMLD, Financial Intelligence Units are given greater authority to obtain information about cryptocurrency owners. 
• Under 5AMLD, cryptocurrency exchanges must be registered with the appropriate authorities. In France, they must register with the AMF.

6AMLD: The EU published the Sixth Anti-Money Laundering Directive on November 12, 2018. 6AMLD must be transposed into law by EU member states by December 3, 2020 and implemented by banks and financial institutions by June 3, 2021. The measures that 6AMLD will introduce include: 

• A harmonized definition of money laundering offenses for EU member states’ domestic legislation.
• Clarification of 22 predicate offenses for money laundering, including cybercrime and environmental crime. 
• Classification of “aiding and abetting money laundering” and “self-laundering” as criminal acts.