HRIF.EU seeks the retraction of unlawful Dutch AML-rules via EU infringement procedure

Human Rights in Finance.EU, the organization advocating for the protection of fundamental rights within the financial sector, seeks the retraction of of unlawful Dutch anti-money laundering legislation via the EU infringement procedure. On Thursday, October 12, 2023, HRIF.EU filed the formal infringement complaint with the European Commission.

Screenshot of submission of infringement complaint against Dutch unlaw rules on anti-money laundering

The complaint, submitted in response to recent developments within the Dutch financial regulatory landscape, addresses two key areas of concern:

1. Unlawful access rules and access regime in Dutch market going beyond registration.

Human Rights in Finance.EU has filed its first complaint, building on a recent verdict of the Rotterdam Court that declared several clauses in the Dutch Anti-Money Laundering Law (Wet ter voorkoming van witwassen en financieren van terrorisme or Wwft) in violation of the Anti-Money Laundering Directive (AMLD5). The court judgment, identified as ECLI:NL:RBROT:2023:9157, found that the Dutch regulatory framework for crypto-companies exceeded the prescribed AMLD5 registration model, leading to the formal invalidation of related articles. The court’s decision highlights a pivotal shift in the interpretation and application of AMLD5 in the Netherlands.

The decision concludes a five-year debate in the Netherlands on the scope of the Dutch law. During this time, legal experts, led by the founder of HRIF.EU, consistently emphasized the significance of the Council of State’s advice, which asserted that EU law did not allow for an implementation law to extend beyond the AMLD5 registration framework. Behind the scenes, however, the Dutch central bank resisted these constraints and urged the Ministry of Finance to introduce various supplementary measures, referred to as an ‘enhanced registration’ system.

Screenshot of e-mail by Dutch AML-supervisor outlining that it sees it as no option to comply with the legal advice of the Dutch council of state, (which limited the possibilities of implementing anything else than a registration regime for crypto in the implementation law for AMLD5). The reuqest of DNB to introduce a license-like enhanced registration regime is remarkable and lead to the introduction of legal articles which were unlawful.

Considering the fact that the Dutch judge has done the groundwork, HRIF.EU expects the Commission to open up the proceedings rather quickly and check if indeed the required remedies are in place that turn the Dutch law into what is allowed/prescribed under EU law. But there is more to it.

Lithmus test: does the infringement procedure constitute an effective remedy?

By submitting this complaint, HRIF.EU builds upon three previous infringement complaints (2019, 2020, 2021) concerning the same issue, all of which were dismissed by the Commission services. The dismissals, influenced and dismissed by the EU bureaucracy, raise questions about the effectiveness of the infringement procedure. It prompts us to assess whether the infringement procedure is indeed a practical and effective remedy for addressing human rights violations, legal ambiguities, and failures to adhere properly to EU law.

HRIF.EU is now effectively initiating a practical examination of this matter. The infringement complaint also encompassed a second issue, essentially creating a litmus test for the European Commission. This issue, which is a clear violation of EU law as well, allows the Commission to demonstrate that the infringement procedure is not merely a formality, but a robust mechanism to rectify improper implementations of EU law. A decisive response from the Commission in this regard will allow HRIF.EU to draw more definitive conclusions about the infringement procedure’s relevance as an effective legal remedy for EU citizens and companies.

2. Extensive Dutch implementation of AMLD-reporting obligation for suspicious transactions

Our second infringement complaint addresses the Dutch government’s implementation of the reporting obligation for suspicious transactions in article 33 of the AMLD directive. In the Dutch Wwft this is implemented in the form of an obligation to report unusual transactions in article 15 and 16 of the Wwft. This extension of the obligation to report transactions that are suspicious and related to money laundering or terrorism finance specifically should not be widened to anything that is unusual. Yet, the Dutch regulator has chosen to do the latter. This widening has lead to an excessive monitoring and zero-tolerance supervisory regime where the failure to report even 15 unusual transactions may lead to hefty fines. Also, just reaching a certain threshold of amounts in a transaction will automatically infringe the citizens privacy and trigger a report to the authorities.

One of the founders of HRIF.EU, Simon Lelieveldt, has repeatedly and pro-actively proposed in the Dutch community that, in order to stop the unnecessary privacy infringements by the use of ‘unusual’ transactions as the norm, we quickly revert back to the EU definitions and models by sticking to suspicious transactions. He did so as the key note speaker at the Dutch national anti-money laundering conference in June 2022 (slides in Dutch) during which he educated the Dutch compliance community on a range of relevant Court of Justice rulings and EDPB policy statements.

The good news was that the Dutch central bank actually acted on this call for action. In September 2022, in an evaluation of supervisory practices, the Dutch central bank issued a report outlining that for efficiency reasons it would be wiser to shift the overly extensive reporting approach to the more restriced formal EU-requirements:

The effectiveness of the chain of reporting and investigating unusual transactions can be enhanced. The legislator could choose to request institutions not to report merely when transactions are ‘unusual,’ but to focus the reporting on ‘suspicious’ transactions, where the institution suspects that the customer’s behavior is related to money laundering or the financing of terrorism. This can improve the quality of reports and reduce the number of reports. The FIU can then concentrate on a proper transmission to law enforcement agencies. This way, the Netherlands would also deviate less from the international custom of reporting suspicious transactions.

With the supervisor’s advice laid out so plainly, it becomes evident that there is no compelling necessity to maintain such a broad scope within the Dutch law. Each report on an unusual transaction contains private user data, making it a human rights issue that hinges on the balance between this privacy infringement and any other human rights or state obligations to prosecute serious crimes. For HRIF.EU and numerous scientists and scholars, the use of the ‘unusual’ concept is undeniably problematic.

Furthermore, real-world practice demonstrates that the Dutch Financial Intelligence Unit (FIU) isn’t hesitant to request or obligate companies to provide more information than what is permitted by law. The current supervisory climate is so coercive that very few companies dare to refuse these information requests. As a consequence, the majority of institutions in the Netherlands are in violation of the General Data Protection Regulation (GDPR) on a daily basis. This happens both by transmitting unusual transactions (when only suspicious transactions are required under EU rules) and by divulging more data than Article 16 of the Wwft mandates.

Example of data fiels required in transaction reporting in the Netherlands. The question marks point to data fields which are unlawful while the reporting has a far wider scope than EU rules require (unusual instead of suspicious)

HRIF.EU remains hopeful that this practice will be quickly rectified as a result of the second part of our infringement complaint and this would be to the benefit of both the customers of all institutions and the institutions themselves (which of course can already choose to no longer comply with the extensive Dutch rules here). We are particularly hopeful give that initially, in September 2022, the Ministry of Finance was indeed going to change-over to the new system, but in a strange paradox, the intervention by law enforcement bureaucrats and/or the Financial Intelligence Unit stood in the way of complying with EU law.

About Human Rights in Finance . EU

Human Rights in Finance.EU’s commitment to upholding fundamental rights in the financial sector and for economic transactions in general is central to its mission. This infringement complaint seeks to rectify these deviations in Dutch financial regulations and ensure compliance with EU law and standards. It is part of a work programme, via which we seek to ensure that regulations and actions do not disproportionately infringe upon the rights of individuals and entities while promoting the rule of law and adherence to international treaties and conventions.