Voice of the Industry

AMLD5 and prepaid cards: what has changed?

Tuesday 28 September 2021 07:53 CET | Editor: Anda Kania | Voice of the industry

The changes with regards to AMLD5 on prepaid card transactions represent key information for the payments ecosystem, especially on the way it could impact the payment acceptance rate. Using his expertise in the field of legal consulting, Timelex's Niels Vandezande sheds light on the new rules and exceptions around this law
In 2018, the European legislator adopted a new anti-money laundering directive (AMLD), the fifth of its name. The directive had to be transposed by the Member States by early 2020. Amongst various changes is the reduced possibility of anonymous prepaid card transactions. In this contribution, we will explore these changes and what they mean for obliged entities in practice. 

What does the law say?

The European framework regarding anti-money laundering and terrorist financing (AML/TF) is set by a series of anti-money laundering directives. These are regularly updated to reflect changes in the field and recommendations such as those by the Financial Action Task Force (FATF). The main text is currently the Fourth Anti-Money Laundering Directive (AMLD4), adopted in 2015. 

Article 12 AMLD4 provides an exception to the principal obligation to conduct customer due diligence (CDD). Member States may allow obliged entities not to conduct CDD under the following conditions:  

1. It must concern a non-reloadable payment instrument or one with a maximum monthly payment transactions limit of EUR 250 which can only be used in that Member State.
2. The maximum amount stored electronically does not exceed EUR 250.
 3. The payment instrument is used exclusively to purchase goods or services.
4.  The payment instrument cannot be funded with anonymous electronic money.
5. The issuer carries out sufficient monitoring of the transactions or business relationship to enable the detection of unusual or suspicious transactions. 

Member States may increase the EUR 250 limit to EUR 500 for payment instruments that can be used only in that Member State. Important to note is that this exception does not apply in the case of redemption in cash or cash withdrawal of the monetary value of the electronic money where the amount redeemed exceeds EUR 100.

As noted in the introduction, a Fifth Anti-Money Laundering Directive (AMLD5) was adopted in 2018. This directive makes a number of changes to AMLD4. For instance, it adds a number of new obliged entities to the existing money laundering legislation, including the exchange services and wallet providers for virtual currencies. AMLD5 also limits the possibilities for anonymous prepaid cards and gives financial intelligence units wider access to information through closer cooperation between Member States. Relations with high-risk third countries are subject to harmonized rules for enhanced customer due diligence. The register of beneficial owners and access to it is being expanded, mainly with regard to trusts and similar arrangements.

Specifically with regard to prepaid cards, AMLD5 lowers the EUR 250 limit to EUR 150. For cash redemption and withdrawals, the limit is lowered from EUR 100 to EUR 50. This EUR 50 limit now also applies to remote payment transactions where the amount paid exceeds EUR 50 per transaction. Member States may no longer increase these limits for national instruments. Member States must furthermore ensure that credit institutions and financial institutions acting as acquirers only accept payments carried out with anonymous prepaid cards issued in third countries where such cards meet requirements equivalent to those set out here. Member States may also decide not to accept on their territory payments carried out by using anonymous prepaid cards.

In the recitals to AMLD5, the European legislator justifies these changes by confirming that prepaid cards have legitimate uses and constitute an instrument contributing to social and financial inclusion. Nevertheless, they could be easily used in financing terrorist attacks and logistics. To curb such use, the legislator found it essential to reduce the limits under which no CDD would be necessary. It therefore not prohibits the use of prepaid cards, but only limits the threshold for their anonymous use. Furthermore, cards issued outside of the EU should comply with equivalent requirements. 

So what does this mean in practice? 

For obliged entities, it means that whenever a customer wants to pay using an e-money prepaid card – even when paying remotely – obliged entities will more likely than before have to conduct CDD. This is due to the lower limits, the inclusion of remote payments, and the abolishment of the derogation for national payment options. Additionally, it should be noted that Member States may even impose lower thresholds. More CDD of course means more administrative work for obliged entities. For instance, they will have to conduct more KYC assessments and deal with the increased burden of identity verifications required under it. Moreover, appropriate actions must be taken in response of the customer’s risk profile. 

Furthermore, obliged entities will have to take specific care when accepting e-money prepaid cards issued outside of the EU. Either they must confirm that the issuing country imposes equivalent AML/TF legislation, or they have to refuse the card. This will likely require a few changes in their processes, as it may not always initially be clear where a card was issued. This problem could be countered by only accepting specific types of prepaid cards only issued within Europe, but that of course comes at the cost of limiting payment options for non-EU customers. It is therefore up to obliged entities to assess their customer base and make the appropriate decision on how to move forward with this. 

For customers, the increased application of CDD when using e-money prepaid cards of course means less anonymity. That is because, as noted, any CDD will inevitably entail a KYC assessment. While with cash payments anonymity was fairly default, anonymous electronic payments are increasingly becoming a rarity. 

While prepaid card fraud is indeed a significant problem worldwide, the AMLD4’s limits already greatly reduced the potential scope of such fraud in the EU. The even tighter limits under AMLD5 will of course reduce this a bit further, but also comes at the cost of increased compliance burdens on obliged entities and lesser anonymity for customers. 

About Niels Vandezande

Niels Vandezande is specialised in fintech law, in particular virtual currencies, electronic payments, and blockchain. Niels also has extensive experience in privacy and data protection law (GDPR), security and trust services, identity management, digital archiving, e-government, ecommerce, e-health, and public information availability and re-use.


About Timelex

Timelex is a leading niche law firm specialised in the legal aspects of information technology (IT), privacy & data protection (GDPR), intellectual property, and media & electronic communications.  While we focus on the areas in which we excel, we also advise clients on various issues of general commercial and business law, such as about distribution and franchising networks, commercial agency, unfair competition and market practices, consumer protection, product safety and product liability, general sales and purchase terms and conditions, etc. Our private-sector clients are multinationals, large companies, SMEs and start-ups, and our public-sector clients include European, federal, regional, local and foreign governments and governmental bodies. 

 


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: AML, prepaid card, money laundering, regulation, CDD
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Countries: Europe
This article is part of category

Securing Transactions