UK Government explores AML reform for Open Banking payment service providers


The perceived disconnect between the compliance burden on account information service providers (AISPs), who provide “information only” services to customers to enable them to view consolidated financial information about multiple accounts, and the actual ML/TF risks their services are exposed to has been observed by market participants for some time. This had led to different approaches in practice as to the level of customer due diligence that AISPs carry out. The European Banking Authority (EBA) has also recently consulted on and issued updates to its Guidelines on ML/TF risk factors (link), explaining that it had received the largest number of responses in relation to the risks posed by AISPs and PISPs, acknowledging that “the inherent ML/TF risk associated with them is limited”. PISPs are involved in the payment chain but do not execute payment transactions themselves and do not hold payment service users’ funds. However, it appears at least initially that HM Treasury is potentially less inclined to remove PISPs from the scope of the MLRs.

The consultation paper also covers various other potential changes to the AML framework, including:

  • The potential removal of bill payment service providers, and telecom, digital, and IT payment servicer providers from the scope of the MLRs.
  • Clarification of the scope of the MLRs with regards to artists selling works of art that they have created over the EUR 10,000 threshold, and the potential creation of a clear artists’ exemption.
  • Certain other clarificatory changes to strengthen supervision, including potentially allowing AML/counter terrorism financing (CTF) supervisors to access the content of firm’s suspicious activity reports (SARs), and clarifying the application of the MLRs to credit and financial institutions.
  • Introducing new requirements to do with proliferation financing (i.e. financing of nuclear, chemical or biological weapons), to align the MLRs with the international Financial Action Taskforce’s standards, and to bring the formation of limited partnerships which are registered in England and Wales or Northern Ireland within the scope of the services listed for Trust and Company Service Providers (Scottish limited partnerships are already included as they are “legal persons”).
  • Improving the effectiveness of intelligence and information sharing, including by expanding the list of relevant authorities in the MLRs to explicitly include government agencies such as Companies House.
  • Replicating the requirements for financial institutions to send and record information on the originator and beneficiary of a wire transfer so that this is extended to cover the cryptoasset sector, in particular cryptoasset exchange providers and custodian wallet providers who facilitate the transfer of cryptoassets.