Cyber-Attacks Regime

Council Decision (CFSP) 2023/964 of 15 May 2023 amending Decision (CFSP) 2019/797 concerning restrictive measures against cyber-attacks threatening the Union or its Member States

On 16 May 2023 the Council of the European Union extended the Decision concerning restrictive measures against cyber-attacks threatening the Union or its Member States until 18 May 2025. The measures set out in Articles 4 and 5 of the Decision shall apply as regards the natural and legal persons, entities and bodies listed in the Annex until 18 May 2024.

Read more.

On 26 April 2023, the Sanctions Committee of the United Nations Security Council established pursuant to UN Security Council Resolutions 1267(1999), 1989(2011) and 2253(2015) added two entries to the list of persons, groups and entities to whom the freezing of funds and economic resources should apply. Further to a technical review of the Annex I to Regulation (EC) No 881/2002, two entries have been amended in the list of persons, groups and entities to whom the freezing of funds and economic resources should apply. Annex I to Regulation (EC) No 881/2002 has therefore be amended accordingly.

Read more.

On 1 March 2023, the United Nations Security Council Committee established pursuant to United Nations Security Council Resolution 1533 (2004) updated the information relating to one person subject to restrictive measures. Annex I to Regulation (EC) No 1183/2005 has therefore be amended accordingly.

Read more.

Amendments to the EU/UN Sanctions Lists

Kindly note that amendments have been made to the following EU and/or UN Sanctions Regimes:

MOLDOVA
MYANMAR (BURMA)
SYRIA

For more information on these amendments, kindly access the links above to see the respective changes. A general overview of recent updates to sanctions regimes can be seen on the website of the Sanctions Monitoring Board. Click here.

Should any of your clients be a person or entity who is listed under UN/EU or national sanctions or who is directly or indirectly owned or controlled by a listed person or entity, please immediately inform the Sanctions Monitoring Board on sanctions.smb@gov.mt.

UNSC ISIL (Da’esh) and Al-Qaida Regime

On 26 April 2023, the Security Council Committee pursuant to resolutions 1267 (1999), 1989 (2011) and 2253 (2015) concerning ISIL (Da’esh), Al‑Qaida and associated individuals, groups, undertakings and entities approved the addition of two entries to its ISIL (Da’esh) and Al-Qaida Sanctions List of individuals and entities subject to the assets freeze, travel ban and arms embargo set out in paragraph 1 of Security Council Resolution 2610 (2021) and adopted under Chapter VII of the Charter of the United Nations.

Read more.

ISIL (Da’esh) and Al-Qaida Regime

• Council Implementing Regulation (EU) 2023/845 of 24 April 2023 implementing Regulation (EU) 2016/1686 imposing additional restrictive measures directed against ISIL (Da’esh) and Al-Qaeda and natural and legal persons, entities or bodies associated with them

On 20 September 2016, the Council adopted Regulation (EU) 2016/1686.

In view of the continued threat posed by ISIL (Da’esh) and Al-Qaeda and natural and legal persons, entities or bodies associated with them, two persons and one group should be added to the list of natural and legal persons, entities and bodies set out in Annex I to Regulation (EU) 2016/1686.

Regulation (EU) 2016/1686 has therefore been amended accordingly.

Read more.

Syria Regime

• Council Implementing Regulation (EU) 2023/844 of 24 April 2023 implementing Regulation (EU) No 36/2012 concerning restrictive measures in view of the situation in Syria

On 18 January 2012, the Council adopted Regulation (EU) No 36/2012. The Council remains deeply concerned about the situation in Syria. After more than a decade, the conflict in Syria is far from over and remains a source of suffering and instability.

The Council notes that the Syrian regime continues to pursue its policy of repression. In view of the gravity of the situation which persists, the Council considers it necessary to maintain and ensure the effectiveness of the restrictive measures in place by further developing them while maintaining their targeted and differentiated approach, and bearing in mind the humanitarian conditions of the Syrian population. The Council considers that certain categories of persons and entities are of particular relevance for the effectiveness of those restrictive measures, given the specific context prevailing in Syria.

In view of the gravity of the situation, the Council considers that 25 persons and 8 entities should be added to the list of natural and legal persons, entities or bodies subject to restrictive measures set out in Annex II to Regulation (EU) No 36/2012. Regulation (EU) No 36/2012 has therefore been amended accordingly.

Read more.

Iran Regime

• Council Implementing Regulation (EU) 2023/846 of 24 April 2023 implementing Regulation (EU) No 359/2011 concerning restrictive measures directed against certain persons, entities and bodies in view of the situation in Iran

On 12 April 2011, the Council adopted Regulation (EU) No 359/2011.

On 25 September 2022, the High Representative of the Union for Foreign Affairs and Security Policy issued a declaration on behalf of the Union deploring the widespread and disproportionate use of force by the Iranian security forces against non-violent protestors, noting that it had resulted in the loss of lives as well as a large number of injuries. The declaration also spelled out that those responsible for the killing of Mahsa Amini must be held accountable, and called on the Iranian authorities to ensure transparent and credible investigations to clarify the number of deaths and arrests, to release all non-violent protestors and to provide due process to all detainees.

In this context, and in line with the Union’s commitment to address all issues of concern with Iran, including the human rights situation, as confirmed in the Council Conclusions of 12 December 2022, eight persons and one entity should be included in the list of natural and legal persons, entities and bodies subject to restrictive measures set out in Annex I to Regulation (EU) No 359/2011.

Regulation (EU) No 359/2011 has therefore been amended accordingly.

Read more.

• Council Implementing Regulation (EU) 2023/853 of 24 April 2023 implementing Regulation (EU) No 267/2012 concerning restrictive measures against Iran

On 23 March 2012, the Council adopted Regulation (EU) No 267/2012.

On the basis of a review of Annex II to Council Decision 2010/413/CFSP (2), the entry concerning one person designated in Annex IX to Regulation (EU) No 267/2012 should be removed from that Annex. One entry included in Annex IX to Regulation (EU) No 267/2012 should be updated.

Regulation (EU) No 267/2012 has therefore been amended accordingly.

Read more.

The Financial Intelligence Analysis Unit (FIAU) would like to notify subject persons that the European Banking Authority (EBA) has recently published the following documents:

1. EBA consultation paper on amendments to the Guidelines on the AML/CFT Risk-Based Supervision to include crypto-asset service providers.

On 20 July 2021, the EU issued an AML/CFT legislative package of four proposals to strengthen the EU’s institutional and legal AML/CFT framework. One of these four proposals is a recast of Regulation (EU) 2015/847 on information accompanying transfers of funds and repealing Regulation (EC) No 1781/2006. This Recast of the Regulation extends the scope of the rules to crypto-assets transfers, regarding the information on payers and payees, required to support the transfers of funds.

Through the ‘Provisional Agreement Resulting from Interinstitutional Negotiations’ dated 5^th October 2022, the EBA is envisioning the development of guidelines on the AML/CFT risk-based supervision approach applied by competent authorities in the context of crypto-asset service providers. In the meantime, the EBA is inviting all relevant stakeholders to provide their contributions on this revised Risk-Based Supervision Guidelines. Amongst other policies and controls, the revised guidelines stress the importance of cooperation between the relevant stakeholders in the fight against ML/FT. In the context of multiple competent authorities responsible for the AML/CFT supervision, there needs to be a consistent approach when establishing supervisory expectancies. Guidance and training are also highlighted within these revised guidelines, so that competent authorities have the technical skills and expertise to execute their supervisory functions. 

The EBA is inviting interested parties to put forward any comments on the Consultation Paper, particularly on the specific questions summarised in Section 5.2 of the document.

The deadline is the 29th of June 2023. Kindly click on the following link for further information on the submission of responses.

2. Guidelines for effective ML/FT risk management and safeguard access to financial services by vulnerable customers.

On 31 March 2023, the EBA issued two sets of guidelines related to de-risking. De-risking is defined by the EBA as ‘a refusal to enter into or a decision to terminate business relationships with individual customers or categories of customers associated with higher ML/TF risk, or to refuse to carry out higher ML/TF risk transactions.’

In the beginning of last year, the EBA published an opinion on de-risking promoting financial inclusion of groups of customers that are particularly affected by unnecessary de-risking. Through this opinion, the EBA also reiterated the need to create conditions to provide access to financial services to legitimate customers which nurtures their involvement in the internal market. Following this opinion, the European Commission asked the EBA to issue guidelines addressed to the institutions to assist certain categories of customers vulnerable to unnecessary de-risking to access financial services.

Consequently, the EBA has issued the following two sets of Guidelines with the purpose of clarifying regulatory expectations, and tackle unwarranted de-risking:

a).Guidelines amending the ML/FT Risk Factors Guidelines in relation to NPO

Through the first set of guidelines, the EBA added an Annex to the ML/FT Risk Factors Guidelines. The Annex establishes a set of criteria which are to be applied when a customer is a Not-For-Profit organisation (NPO).

When evaluating such prospective customers` risk profile, subject persons are to establish a good understanding of the NPO’s governance and control, funding, activities, the jurisdiction/s in which it operates and who the beneficiaries are on a risk-sensitive basis. The Annex also provides a number of risk factors which need to be considered when identifying the risks associated with these particular customers. The risk factors include governance and exertion of control, reputation/adverse media findings, funding methods, operations in jurisdictions associated with higher ML/FT risks and high-risk third countries. These guidelines provide subject persons with further knowledge on the operations of each particular NPO.

b). Guidelines on effective ML/FT Risk Management and access to Financial Services

This second set of guidelines complements the EBA’s ML/FT Risk Factors Guidelines and is wider in nature when compared to the first set of guidelines mentioned above. These guidelines establish the steps that subject persons should take before determining whether to refuse or end a business relationship with a customer, based on ML/FT risk or AML/CFT compliance obligations. The guidelines delve into the risk assessment obligations, CDD measures, reporting obligations, record-keeping obligations and provisions in relation to the right of access to a payment account with basic features. It also explains how to calibrate the monitoring measures based on the product and services features available to a customer according to the risk of ML/FT. 

A draft of these two sets of guidelines was published for a consultation process which took place between the 6 December 2022 and 6 February 2023.

These Guidelines will enter into force 3 months after the publication in all EU official languages. Subject persons can access the document on the FIAU website, or the EBA website.

Kindly note that the SMB has issued a Guidance Note on the listing of one Maltese entity under the OFAC Sanctions Regime.

To access this Guidance Note, please follow this link.

Please be reminded that all EU/UN sanctions are directly applicable under Maltese law under the National Interest (Enabling Powers) Act, Cap 365 of the Laws of Malta as linked here.

Should any of your clients be a person or entity who is listed under UN/EU or national sanctions or who is directly or indirectly owned or controlled by a listed person or entity, the freezing measures mentioned under Article 17 of the Act apply.

The Sanctions Monitoring Board is to be informed immediately of the actions that have been taken in relation to the assets of such listed persons.

The Sanctions Monitoring Board may be contacted on sanctions.smb@gov.mt on any issue relating to sanctions.

Please find below links to the:

EU Financial Sanctions Database

Consolidated UN Sanctions List

EU Sanctions Map

Sanctions Monitoring Board