Entry into Force of EU’s AML Reforms: Key to a Secure, Efficient, Digital Payments Ecosystem with the LEI
- Clare Rowley, the Head of Business Operations at the Global Legal Entity Identifier Foundation (GLEIF)
- 13.08.2024 02:30 pm #EU #AMLReforms #PaymentsEcosystem
Landmark Anti-Money Laundering (AML) legislation, finalized by the EU in Q2 2024, calls for the LEI to be used by financial institutions for customer identification and verification of legal entities during onboarding procedures. This is a key piece needed in the legislative puzzle that will support the development of a digitally enabled EU payments system that helps increase efficiency for all actors involved in transactions. The inclusion of the LEI in the EU’s AML package, recast Transfer of Funds Regulation and Instant Payments Regulation means that organisational identity can now transform the EU payments ecosystem, enabling more secure, faster, cheaper, less burdensome, and more transparent payments ecosystem. Now, financial institutions, financial software solution providers and treasury management solution providers across this jurisdiction must begin the process of integrating the LEI within the technologies and workflows used to facilitate payments.
The legal foundation and, consequently, the business case for integrating the LEI into financial institutions’ entity identification processes and cross-border payment technologies have now been firmly established.
A groundbreaking package of legislative reforms to the EU’s anti-money laundering / counter-terrorist financing framework was recently published in the EU’s Official Journal. Its constituent parts will come into force in June and July 2024, with the core of the implementation planned for July 2027. Among the reforms are new Know-Your-Customer (KYC) measures concerning legal entities, which require the disclosure of their LEI, where available.
With the conclusion of the AML package, the European Union has established a workable legislative foundation for using the LEI in cross-border payments. Specifically, the new AML Regulation references the LEI as part of identifying and verifying customers and beneficial owners for legal persons.
Additionally, the 2023 recast of the EU’s Transfer of Funds Regulation (TFR), first adopted in 2015, ensures that transfers are accompanied by key data points on both originating and beneficiary entities, including, where available, the LEI.
In parallel with the AML reform package, the EU’s Instant Payments Regulation (IPR) will enable Payment Service Providers (PSPs) to utilize the LEI to verify beneficiaries for instant credit transfers in Euros.
An illustrative use-case: QR codes in e-invoicing
Combined, the EU’s AML reform package, TFR, and IPR have laid the foundation for the easy integration of the LEI into automated payment technologies already in use by the account owner.
The use of payment QR codes in e-invoicing serves as a useful example. Here, the LEI can now be readily communicated to the originator (payer) by the beneficiary (payee) using standard facilities of modern bank accounts. Once the payee’s LEI is incorporated into the QR code of an e-invoice delivered to the payer, this can also be communicated to their supporting PSP. This process leverages both the Transfer of Funds and the Instant Payments regulations which together suggest the LEI as an attribute for payment originators and beneficiaries and the LEI as a tool to support the new IBAN-account name matching requirement.
In particular, the LEI is the only solution to effectively implement IBAN-account name matching. Names are a terrible proxy for identity. The LEI, an international identity standard linked to public data describing the entity, is a precise code that enables machine-to-machine communication and straight-through processing.
Therefore, introducing the LEI as for originator/beneficiary identification provides a new level of entity identification and verification that dramatically elevates the whole system’s capacity to protect against fraud while providing the requisite visibility and traceability needed to combat money laundering and terrorist financing.
Simplified integration via the GLEIF API
Making back-end system adjustments is rarely simple for financial institutions. Usefully, however, for these purposes, the attribution of the LEI to the legal person’s account can be straightforwardly accomplished using GLEIF’s Application Programming Interface (API) or service providers like those participating in the GLEIF Vendor and Service Providers Relationship Group.
GLEIF’s API gives developers access to full LEI data search engine functionality, including filters, together with full-text and single-field searches of LEI record data, and the ability to retrieve LEI records based on both relationship data and the matching of other important data fields, such as names and addresses.
An ‘LEI Challenge’ facility is also available should any LEI reference data be deemed out-of-date or require further investigation.
The GLEIF API enables financial institutions or ERP service providers to create valuable efficiencies by automatically pre-populating customer data from corresponding LEI records. Once all LEI-holding clients have been tagged, alerts can be set to provide notifications of changes made to the client’s LEI record that may warrant closer scrutiny.
The rise of Validation Agents
A growing number of financial institutions and other supervised organizations involved in legal entity identification and verification are assuming the role of Validation Agent in the Global LEI System, with the goals of enabling cost and process efficiencies and the delivery of an enhanced client lifecycle experience,
Today, there are more than 15 Validation Agents globally, with a network spanning Africa, Australia, China, Europe, India, the Middle East, and North America. Each can utilize their business-as-usual client onboarding processes to obtain and maintain LEIs for their clients in cooperation with accredited LEI Issuers.
The advent of the EU's AML legislative package provides a clear invitation for more to follow.
2023-24 has been a milestone period for the LEI in cross-border payments, which has seen support for the LEI to be included in ISO 20022 payment messages ringing out from key financial stakeholder groups, including, among others, the Financial Stability Board, the Financial Action Task Force, the BIS-CPMI, the Bank of England, SWIFT's Payments Market Practice Group, The Wolfsberg Group, and the London Stock Exchange.
The value of financial institutions enabling deeper engagement with the Global LEI System skyrockets as the LEI's utility continues to broaden beyond capital markets compliance – driven by both voluntary adoption and rapidly evolving payments and identity-related regulations. Indeed, the more widely the LEI is utilized across business identification use cases globally, the more value it will deliver to all payment ecosystem participants – the world's regulators, financial institutions, and law-abiding legal entities. Ultimately, this will accelerate the financial system toward faster, cheaper, more transparent, and more inclusive cross-border transactions and a cleaner global economy as a result.
Deploying vLEI to further Support the Payment Industry
In addition to the foundational benefits of the LEI, the advent of the verifiable LEI (vLEI) brings an enhanced layer of security and efficiency to the payment industry. For example, vLEI can facilitate verifiable digital invoice signing between clients and suppliers, significantly reducing invoicing fraud.
By adding a vLEI signature to a digital invoice, the authenticity of the invoice can be verified, ensuring that it has been issued by a legitimate entity. This can be particularly beneficial in preventing common fraudulent activities, such as invoice redirection fraud, where fraudulent actors intercept and alter invoice payment details. This is only one example of vLEI further improving trust and transparency in transaction processes, thereby fortifying the integrity of the payment ecosystem.