EUR-Lex Access to European Union law
This document is an excerpt from the EUR-Lex website
Document 52017XX0318(01)
Summary of the Opinion of the European Data Protection Supervisor on a Commission Proposal amending Directive (EU) 2015/849 and Directive 2009/101/EC — Access to beneficial ownership information and data protection implications
Summary of the Opinion of the European Data Protection Supervisor on a Commission Proposal amending Directive (EU) 2015/849 and Directive 2009/101/EC — Access to beneficial ownership information and data protection implications
Summary of the Opinion of the European Data Protection Supervisor on a Commission Proposal amending Directive (EU) 2015/849 and Directive 2009/101/EC — Access to beneficial ownership information and data protection implications
OJ C 85, 18.3.2017, p. 3–5
(BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
|
18.3.2017 |
EN |
Official Journal of the European Union |
C 85/3 |
Summary of the Opinion of the European Data Protection Supervisor on a Commission Proposal amending Directive (EU) 2015/849 and Directive 2009/101/EC
Access to beneficial ownership information and data protection implications
(The full text of this Opinion can be found in English, French and German on the EDPS website www.edps.europa.eu)
(2017/C 85/04)
On 5 July 2016, the Commission published a set of proposed amendments to the AML Directive and to Directive 2009/101/EC that aim at tackling directly and incisively tax evasion, in addition to anti-money laundering practices, in order to establish a fairer and more effective tax system. This Opinion assesses the data protection implications of such amendments.
In general, they seem to take a stricter approach than before to the problem of effectively countering anti-money laundering and terrorism financing. In this respect, among other measures proposed, they focus on new channels and modalities used to transfer illegal funds to the legal economy (e.g. virtual currencies, money exchange platforms, etc.).
While we do not express any merit judgment on the policy purposes pursued by the law, in this specific case, we are concerned with the fact that the amendments also introduce other policy purposes — other than countering anti-money laundering and terrorism financing — that do not seem clearly identified.
Processing personal data collected for one purpose for another, completely unrelated purpose infringes the data protection principle of purpose limitation and threatens the implementation of the principle of proportionality. The amendments, in particular, raise questions as to why certain forms of invasive personal data processing, acceptable in relation to anti-money laundering and fight against terrorism, are necessary out of those contexts and on whether they are proportionate.
As far as proportionality is concerned, in fact, the amendments depart from the risk-based approach adopted by the current version of the AML Directive, on the basis that the higher risk for anti-money laundering, terrorism financing and associated predicate offences would not allow its timely detection and assessment.
They also remove existing safeguards that would have granted a certain degree of proportionality, for example, in setting the conditions for access to information on financial transactions by Financial Intelligence Units.
Last, and most importantly, the amendments significantly broaden access to beneficial ownership information by both competent authorities and the public, as a policy tool to facilitate and optimise enforcement of tax obligations. We see, in the way such solution is implemented, a lack of proportionality, with significant and unnecessary risks for the individual rights to privacy and data protection.
1. INTRODUCTION
1.1. Background on the anti-money laundering Directive
|
1. |
In May 2015 a new EU Directive against anti-money laundering (‘AML Directive’) (1) was adopted. The stated objective of the new legislation is to improve the tools to counter money laundering, as flows of illicit money threaten to damage the integrity, stability and reputation of the financial sector, as well as the internal market of the Union and international development. |
|
2. |
The protection of the soundness, integrity and stability of credit institutions and financial institutions and the confidence in the financial system are not the only policy goals pursued by the AML Directive. Indeed, in June 2003, the Financial Action Task Force (FATF (2)) revised its Recommendations to cover terrorist financing, and provided more detailed requirements in relation to customer identification and verification. It pointed to the situations where a higher risk of money laundering or terrorist financing might justify enhanced policy measures and also to situations where a reduced risk might justify less rigorous controls. |
|
3. |
The AML Directive, as a consequence, provides an articulated set of rules designed to prevent both anti-money laundering and terrorism financing through illicit financial flows. It enacts a risk-based application of customer due diligence to suspicious transactions. It relies on the acquisition and analysis of beneficial ownership information and on the coordinated investigative activities of FIUs (Financial Intelligence Units) established in Member States. |
1.2. The Proposal: addressing tax evasion and terrorism financing
|
4. |
On 2 February 2016, the European Commission published a Communication laying down an Action Plan for strengthening the fight against terrorism financing, including amendments to the AML Directive to target anti-money laundering through transfer platforms and virtual currencies and re-designing the role of FIUs (3). |
|
5. |
Also, financial scandals (4) and an increased risk of tax evasion seem to have drawn the attention of the Commission to the need to re-calibrate the action of the AML Directive and aim it more directly towards tax evasion, which, under the current version of the Directive, is just seen as a source of illicit funds, but not directly targeted. |
|
6. |
On 5 July 2016, the Commission published a set of proposed amendments (the ‘Proposal’) to the AML Directive and to Directive 2009/101/EC that, in the context of a coordinated action with the G20 and the OECD, aim at tackling directly and incisively tax evasion by both legal and natural persons with the purpose of establishing a fairer and more effective tax system (5). We note in this context that, contrary to recital 42, the EDPS was not consulted prior to the adoption of the Proposal (6). |
|
7. |
The Opinion of the EDPS was later solicited by the Council of the European Union, which, on 19 December adopted a compromise text on the Proposal (‘Council Position’ (7)). The Council Position aims at amending only the AML Directive (and not Directive 2009/101/EC) and focuses mainly on anti-money laundering and terrorism financing. While the purpose of fighting tax evasion is no longer explicitly mentioned, tools that, in the Proposal, were designed to achieve that purpose (e.g. public access to beneficial ownership information and access by tax authorities to anti-money laundering information) remain in place, although modified to a certain extent. |
1.3. Scope of this Opinion
|
8. |
This Opinion analyses the impact of the Proposal on the fundamental rights to privacy and data protection. We also give account on how such impact changes, following the adoption of the Council Position. |
|
9. |
The Opinion also assesses the necessity and proportionality of personal data processing taking place under the proposed amendments to the AML Directive in the light of the policy purposes identified by the law. When we refer to the Proposal, although it proposes amendments to two distinct directives, we treat it as a single, integrated policy tool. |
|
10. |
The interaction of public policy with fundamental rights has already come to the attention of the courts. In its Digital Rights Ireland case (8), the Court of Justice recognises that the fight against international terrorism and serious crime constitutes an objective of general interest (9). Since, however, the legal tools enacted to pursue that objective interfere with the fundamental rights to privacy and data protection, it is necessary, according to the Court, to assess the proportionality of such measures (10). |
|
11. |
The purpose of this Opinion, therefore, is not to express any merit judgment on the choice of the policy objectives the legislator decides to pursue. Our attention, instead, focuses, in the tools and modes of action that the law adopts. It is our purpose to ensure that legitimate policy goals are effectively and timely pursued, with the minimum interference with the exercise of fundamental rights and in full respect to the requirements of Article 52(1) of the Charter of Fundamental Rights of the EU. |
4. CONCLUSION
|
65. |
The Commission is proposing new amendments to the AML Directive, in order to put it up to speed with technical and financial innovation and new means to perform money laundering and terrorism financing. At the same time, the Proposal aims at improving the transparency of the financial markets for a number of purposes that we identify, among others, in the fight to tax evasion, protection of investors and fight against abuses of the financial system. |
|
66. |
We have reviewed the Proposal and we consider that it should have:
|
Brussels, 2 February 2017.
Wojciech Rafał WIEWIÓROWSKI
European Data Protection Supervisor
(1) Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).
(2) The Financial Action Task Force (FATF) is an inter-governmental body established in 1989 by the Ministers of its Member jurisdictions. The objectives of the FATF are to set standards and promote effective implementation of legal, regulatory and operational measures for combating money laundering, terrorist financing and other related threats to the integrity of the international financial system.
(3) COM/2016/050 final.
(4) The Commission explicitly makes reference to the ‘Panama papers’ scandal in its Communication on further measures to enhance transparency and the fight against tax evasion and avoidance, COM(2016) 451, final.
(5) Proposal for a Directive of the European Parliament and of the Council amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and amending Directive 2009/101/EC, COM/2016/0450 final.
(6) No text was submitted in draft to the EDPS before the publication on 5 July 2016.
(7) See http://data.consilium.europa.eu/doc/document/ST-15468-2016-INIT/en/pdf
(8) ECJ judgment of 8 April 2014 in Joined Cases C-293/12 and C-594/12, Digital Rights Ireland.
(9) Digital Rights Ireland, paras 41-42.
(10) Moreover, the Court clarifies, ‘in view of the important role played by the protection of personal data in the light of the fundamental right to respect for private life and the extent and seriousness of the interference with that right caused by Directive 2006/24/EC, the EU legislature’s discretion is reduced, with the result that review of that discretion should be strict’, Digital Rights Ireland, paras 45-48.