Introduction
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017) represent a cornerstone of the United Kingdom’s efforts to combat financial crime. Introduced to transpose the EU’s Fourth Anti-Money Laundering Directive (4AMLD) into UK law, the MLR 2017 imposes stringent obligations on regulated entities, particularly through Customer Due Diligence (CDD) and the Risk-Based Approach (RBA). These measures aim to identify and mitigate risks of money laundering and terrorist financing by requiring firms to verify customer identities and assess risk profiles. However, while these mechanisms are designed to safeguard the financial system, they have inadvertently led to the exclusion of legitimate customers, particularly those unable to meet rigorous documentation requirements or those deemed high-risk under broad categorisations. This essay explores the framework of the MLR 2017, focusing on CDD and the RBA, and critically examines how their implementation has resulted in the unintended consequence of financial exclusion. Key arguments will address the balance between regulatory compliance and access to financial services, supported by relevant evidence and analysis of the broader implications for vulnerable populations.
The Framework of MLR 2017: CDD and RBA
The MLR 2017, enacted following the EU’s 4AMLD, mandates that regulated entities—such as banks, law firms, and accountancy services—implement robust measures to prevent illicit financial activities. Central to this framework are Customer Due Diligence (CDD) requirements, which compel firms to verify customer identities, understand the nature of their business, and monitor transactions for suspicious activity (HM Treasury, 2017). The Risk-Based Approach (RBA), meanwhile, requires firms to assess and prioritise risks based on factors such as customer profiles, geographic locations, and transaction types, applying enhanced due diligence (EDD) to high-risk scenarios and simplified due diligence (SDD) to lower-risk ones.
The RBA is intended to allow flexibility, ensuring resources are directed toward the most significant threats. However, the subjective nature of risk assessments often results in overly cautious interpretations by firms, driven by fears of regulatory penalties. As noted by de Koker (2011), the RBA, while conceptually sound, can lead to inconsistent application across institutions, with some adopting overly stringent policies to mitigate any perceived risk. This cautious approach directly impacts the implementation of CDD, where the demand for extensive documentation—such as proof of identity and address—can become a barrier for certain customer groups.
Financial Exclusion through CDD Requirements
CDD measures under the MLR 2017 have been widely critiqued for contributing to financial exclusion, particularly among vulnerable or marginalised populations. For instance, individuals without traditional forms of identification, such as refugees, the homeless, or those in temporary accommodation, often struggle to provide the necessary documentation to open bank accounts or access financial services. A report by the Financial Conduct Authority (FCA) highlighted that stringent CDD processes have led to account denials for legitimate customers who pose no discernible risk of money laundering (FCA, 2016). Indeed, the requirement for utility bills or government-issued identification can disproportionately affect low-income individuals who may lack such records.
Moreover, small businesses and startups, which often operate with unconventional financial structures, frequently face enhanced scrutiny under CDD protocols. The process of verifying the beneficial ownership of these entities can be time-consuming and resource-intensive, leading some financial institutions to decline service altogether rather than undertake the required due diligence. This exclusionary effect is arguably an unintended consequence of a regulatory framework that prioritises risk aversion over inclusivity. Critics argue that while the MLR 2017 aims to create a secure financial environment, it fails to adequately address the practical barriers faced by legitimate customers (Ryder, 2018).
The Role of the Risk-Based Approach in Exclusion
The Risk-Based Approach, while designed to allow proportionality in addressing threats, often exacerbates exclusionary practices. Financial institutions, wary of fines and reputational damage, tend to adopt conservative risk assessments, categorising entire demographics or regions as high-risk without individualised evaluation. For example, customers from certain countries deemed high-risk under international sanctions or corruption indices may be automatically flagged for EDD, even if their personal circumstances suggest no illicit intent. This blanket approach undermines the principle of proportionality inherent in the RBA and results in the exclusion of legitimate clients who are unable to navigate the intensified scrutiny (FATF, 2014).
Furthermore, the RBA’s reliance on algorithmic and automated systems to identify risk has drawn significant criticism. These systems often lack the nuance to differentiate between genuine threats and benign anomalies, leading to false positives. A study by the European Banking Authority (EBA) noted that automated risk profiling tools frequently misclassify low-risk customers as high-risk, prompting account closures or service denials (EBA, 2020). This overzealous application of the RBA, while compliant with the letter of the MLR 2017, arguably diverges from its spirit, which seeks to balance risk management with fair access to financial services.
Balancing Regulation and Inclusion
The exclusion of legitimate customers under the MLR 2017 raises important questions about the balance between regulatory objectives and financial inclusion. While the prevention of money laundering and terrorist financing remains paramount, the unintended consequences of CDD and the RBA suggest a need for reform. One potential solution lies in the adoption of alternative identification methods, such as digital IDs or reliance on community-based verification for those without traditional documentation. Additionally, regulators could provide clearer guidance on the application of the RBA to prevent overly defensive practices by financial institutions.
It is also worth considering the broader societal implications of exclusion. Financial exclusion can exacerbate inequality, pushing vulnerable individuals toward informal or unregulated financial systems that may, ironically, increase their exposure to financial crime. Therefore, while the MLR 2017 has achieved measurable success in strengthening the UK’s anti-money laundering framework, its limitations in addressing access must be acknowledged and addressed through targeted policy interventions (Ryder, 2018).
Conclusion
In conclusion, the MLR 2017, through its implementation of Customer Due Diligence and the Risk-Based Approach, has played a significant role in bolstering the UK’s defences against financial crime. However, this essay has demonstrated that these mechanisms have also led to the unintended exclusion of legitimate customers, particularly among vulnerable groups and small businesses unable to meet stringent requirements. The challenges posed by CDD documentation and the overly cautious application of the RBA highlight a critical tension between compliance and inclusivity. Moving forward, regulators and financial institutions must strive to address these shortcomings by exploring alternative verification methods and refining risk assessment practices to ensure proportionality. Ultimately, while the MLR 2017 remains a vital tool in combating illicit finance, its broader impact on access to financial services underscores the need for a more balanced approach that safeguards both security and fairness in the financial system.
References
- de Koker, L. (2011) Aligning anti-money laundering, combating of financing of terror and financial inclusion: Questions to consider when FATF standards are clarified. Journal of Financial Crime, 18(4), pp. 361-386.
- European Banking Authority (EBA). (2020) Report on the impact of fintech on incumbent credit institutions’ business models. European Banking Authority.
- Financial Action Task Force (FATF). (2014) Guidance for a Risk-Based Approach: The Banking Sector. FATF.
- Financial Conduct Authority (FCA). (2016) Access to Financial Services in the UK. FCA Occasional Paper No. 17.
- HM Treasury. (2017) Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. UK Government.
- Ryder, N. (2018) The Financial War on Terror: A Review of Counter-Terrorist Financing Strategies since 2001. Routledge.
