The European Union directive 2015/849 (4th AML Directive) made it mandatory for all legal entities, which are created in accordance with the laws of any European Union Member State, to register their ultimate beneficial owners (also referred to as UBO(s)).
In Estonia approximately 215 000 entities were obliged to provide information of UBOs. Many of these entities have registered their ultimate beneficial owners, while 91 000 obliged parties have not yet made their UBOs public. The entities which have not submitted information of their UBOs or those of which have given out false data are not in danger to be sanctioned in the near future.
There are currently no measures in Estonian law that would allow to penalize entities which do not register their ultimate beneficial owners. The ability to sanction entities which have ignored their obligations will be implemented in 2019. As from 2019 the Estonian Financial Intelligence Unit (FIU) and the Estonian Financial Supervision Authority will have the authorization to conduct misdemeanor proceedings if an entity has submitted false information or completely ignored their obligations. Here it is important to note that currently Estonia has no means or due process which would help to detect whether entities have submitted inaccurate information about their UBOs.
Additionally, according to the Estonian Financial Intelligence Unit it is highly unlikely that all entities which have not registered or have submitted false data of their UBOs will be massively sanctioned. Misdemeanor proceedings could be conducted in cases where false data has impeded service providers to identify the ultimate beneficial owners or a complaint has been submitted to the Estonian Financial Intelligence Unit.
The Financial Supervision Authority who conducts supervision over financial institutions in Estonia already has all the necessary information of the UBOs and for them nothing changes. While credit institutions have to deal with the rise of administrative burden since they must submit UBO data to multiple parties separately.
When talking of the rise of administrative burden it is worth to mention that many international entity groups have really struggled to identify their ultimate beneficial owners. For many entities pinpointing the correct persons means months long work and many trial and errors. Ironically the Estonian legislators did a poor job when transposing the 4th AML Directive, this left an opportunity to file data of entity’s board members as UBOs (who actually are not the ultimate beneficiaries). Let us clarify, the 4th AML Directive text is transposed into the Estonian national law with a translation error. The Estonian national text § 9 (1) says: ¨/…/, ‘beneficial owner’ means a natural person who, taking advantage of their influence, makes a transaction, act, action, operation or step or otherwise exercises control over a transaction, act, action, operation or step or over another person and in whose interests or favor or on whose account a transaction or act, action, operation or step is made.¨ While the original 4th AML Directive text Article 3 (6) says: /…/beneficial owner’ means any natural person(s) who ultimately owns or controls the customer and/or the natural
person(s) on whose behalf a transaction or activity is being conducted /…/.¨ Many of these struggling companies have opted to submit data of their board members’ in order to comply with the legislation, while these individuals may not be the actual UBOs. The submission of board members’ data defeats the purpose of the 4th AML Directive which was to have fairer and more transparent economic environment.
Curiously, in accordance with the in-force legislation, it is possible to declare an individual, who has no relation to an entity, as an UBO. More intriguingly person whose personal data has been made public by an entity has basically no legal protection from this and can only turn to the entity, which has submitted his/her data in the register and ask to be removed as an UBO. In the light of the General Data Protection Regulation this seems extremely contradicting that the data subject is basically left without any protection.
Unfortunately, we have to acknowledge that thus far the 4th AML Directive is failing in Estonia. There is no ability to sanction entities for submission of wrongful data or ignoring the obligation completely. Secondly, there are no means to detect whether legitimate information has been submitted. Furthermore, due to the Estonian legislation’s translation error, entities may opt to submit dishonest information of their ultimate beneficial owners and essentially hide the truth.
Liis Peedu
lawyer
Turnstone Law Office
