newsletter compliance & investigations issue 02/18
TRANSCRIPT
1
NEWSLETTER COMPLIANCE & INVESTIGATIONSISSUE 02/18
We provide you with regular updates on the latest developments in compliance and investigations. In the followingarticles we have summarised some of the highlights of recent months for you.
We wish you an enjoyable read.
• Attempts to uncover the identity of a whistleblower may lead to a fine as well as enhanced monitoringand scrutiny
• Sanction list screening of employees is permissible without the participation of the works council
• The Risk Advisory Group’s Corruption Challenges Index – a reliable source for assessing the risk ofcorruption
• Publication of the 5th EU Anti-Money Laundering Directive
• Risk of tax criminal proceedings in wage tax audits – fines to replace interest?
Attempts to uncover the identity of a whistleblower may lead to a fine as well as enhanced monitoringand scrutiny
The British Financial Conduct Authority (“FCA”) and Prudential Regulation Authority (“PRA”) recently fined theChief Executive Officer of Barclays Group GBP 642,430 (approx. EUR 732,000). The reason for this was theCEO’s attempts to identify a whistleblower. In the opinion of the financial regulators, the CEO had breached thestandard of care required and an investigation against him was therefore launched. As a consequence of theincident, Barclays is now subject to special monitoring and scrutiny by the British financial regulators and mustreport annually to them about its internal whistleblower systems and controls. This is the first time that theBritish financial regulators have taken such measures against a regulated company in connection with
2
whistleblowing.
Background
In June 2016, Barclays received an anonymous letter from a whistleblower. The letter contained information andallegations concerning, among other things, the recruitment by Barclays’ CEO of an employee and former colleagueat JP Morgan Chase & Co. Because of “irregularities” at his last job at JP Morgan Chase & Co, this colleague wassupposedly not a suitable candidate for the position of senior executive.
The CEO then tried repeatedly to uncover the identity of the whistleblower, also with the help of the bank's internalsecurity unit.
Reaction of the financial regulators
According to the British financial regulators, the CEO had a conflict of interest. They argued that, because of thisconflict of interest, he should have maintained an appropriate distance from the internal investigation and inparticular should not have attempted to identify the whistleblower. Instead, he should have obtained explicitconfirmation of the permissibility of his behaviour from those with responsibility for whistleblowing at Barclays.The CEO had not done this.
Based on the investigation, the regulators concluded that his behaviour represented a serious misjudgement, andthat given the crucial role of the CEO, the standard of due skill, care and diligence was more demanding than forother employees.
They found that the CEO had breached this standard of care in a way that risked undermining confidence inBarclays’ whistleblowing procedures. According to the regulators, whistleblowers play a vital role in exposing poorpractice and misconduct in the financial services sector. Protection for them is an essential part of keeping thefinancial system safe and sound, and it is therefore critical for individuals to be able to speak up anonymously andwithout fear of retaliation if they want to raise concerns.
While the CEO ultimately made no personal gain through his conduct, the FCA and the PRA considered a fine of10% of his annual income (!) to be appropriate. They therefore set the total fine at GBP 917,800. Given that the CEOhad reached agreement with the regulators at an early stage in the process and was prepared to settle, the finewas reduced by 30%, in the end totalling GBP 642,430.
The regulators decided that he could continue to serve as CEO of Barclays. This is due in particular to the fact thatthe whistleblower was not a Barclays employee. A breach of the much stricter regulations regarding internalwhistleblowing would have had even more far-reaching legal consequences for the CEO.
Given what had happened, however, the British financial regulators felt it was justified to make Barclays subject toenhanced monitoring and scrutiny in terms of how it handles whistleblowing cases. From now on, Barclays mustreport to the FCA and PRA annually on its internal whistleblower systems and controls, with a special focus oncases involving allegations made against Senior Managers at Barclays or in which Barclays has consideredidentifying a whistleblower. In addition, the Barclays Senior Managers responsible for the whistleblowing systemsand controls (so-called Whistleblower’s Champions) are obliged to attest personally to the soundness of thesesystems and controls on an annual basis.
This is the first time that the financial regulators have taken these kinds of measures against a regulated companyin relation to whistleblowing.
And there are still further legal consequences of the CEO’s actions to come. Although the British regulators havealready imposed their penalties, the US authorities are still investigating the matter and have not yet issued aresponse.
Impact on German companies
3
The decision of the British financial regulators defines the scope of the independence and anonymity of internalwhistleblower systems. Nevertheless, its impact on German companies is limited. This is primarily because theprotection afforded to whistleblowers in England is greater than in Germany. The UK Bribery Act, for example,requires an effective “compliance defence”, for which channels must also be created that allow the submission ofconfidential and unconstrained information that can lead to the early discovery of irregularities.
The Act applies not only to companies with registered office in the United Kingdom, as well as their subsidiariesand sub-subsidiaries, but also to all natural and legal persons associated with the company concerned. Accordingto the Explanatory Notes to the UK Bribery Act, the term “associated person” is to be interpreted broadly, which iswhy mere entrepreneurial activity in the United Kingdom, for example as an agent, with or without the authority torepresent the company concerned, is sufficient. This means that pure export business could also fall under this.
In Germany, a similar provision can be found in the form of a recommendation in section 4.1.3 of the GermanCorporate Governance Code. Under German law, companies that do not have a relevant link to the United Kingdomdo not currently run any risk of incurring such a fine. In addition, section 6(5) German Money Laundering Act andsection 25a(1), no. 3 German Banking Act are geared towards the introduction of a process “that makes it possiblefor employees to report violations while keeping their identity confidential”, which at least implies the introductionof an (anonymous) whistleblower system.
Nevertheless, restraint should be exercised when it comes to applying “detective” methods, as this may not onlylead to negative reports in the press, but also have an adverse impact on the effectiveness of the complianceprogramme.
Increase in whistleblower protection at European level
Because of the different statutory requirements that whistleblower systems have to meet in the respective EUMember States, the European Union issued a proposal on 23 April 2018 to give whistleblowers better protectionEU-wide by means of a directive. In this way, whistleblowers who report violations against EU law will beguaranteed a high level of protection based on minimum standards applicable across the EU. These minimumstandards are to include so-called “secure channels” for reporting irregularities, both within an organisation and tothe authorities. Provision is made in this regard for EU-wide protection when reporting violations of EU law to beexplicitly guaranteed in the financial services sector as well. All companies with more than 50 employees or annualturnover in excess of EUR 10 million are to be obliged to introduce an internal procedure for dealing withinformation from whistleblowers. The protective mechanisms required include clear reporting channels inside andoutside the organisation in order to ensure confidentiality.
As a necessary consequence of the strict confidentiality of the identity of the reporting person and the content ofhis information, any form of retaliation is to be prohibited and sanctioned
Sanction list screening of employees is permissible without the participation of the works council
In order to avoid possible sanctions due to violations of the European Union provisions on embargoes directedagainst certain persons or countries (including counterterrorism provisions), many companies are implementingan automated check of their employees’ data against the relevant sanction lists. Up to now there had been somedispute over whether the works council (Betriebsrat) also had to be involved in the introduction of such datachecks. The Federal Labour Court (Bundesarbeitsgericht, BAG) has now provided clarity on this point with aleading case of 19 December 2017 (Case no. 1 ABR 32/16).
Background: EU Regulations on combatting terrorism / country-specific embargoes
Since the terrorist attacks on the World Trade Center in New York in September 2001, the European Union (EU) hasissued a number of regulations to prevent terrorists or suspected terrorists from obtaining the means to supportterrorist activities through a participation in economic life (counterterrorism regulations). At the same time, thenumber of embargos imposed by EU Regulation which are directed against certain countries has increased in
4
recent years (country-specific embargoes). Both types of regulations are frequently based on resolutions adoptedby the United Nations Security Council. The most important regulations are:
Council Regulation (EC) No 2580/2001 of 27 December 2001 on specific restrictive measures directedagainst certain persons and entities with a view to combating terrorism Council Regulation (EC) No 881/2002 of 27 May 2002 imposing certain specific restrictive measures directedagainst certain persons and entities associated with Usama bin Laden, the Al-Qaida network and the Taliban Council Regulation (EC) No 36/2012 of 18 January 2012 concerning restrictive measures in view of thesituation in Syria Council Regulation (EC) No 267/2012 of 23 March 2012 concerning restrictive measures against Iran
These Regulations contain a so-called “prohibition of provision” (Bereitstellungsverbot). They stipulate that nofunds or economic resources may be made available, directly or indirectly, to or for the benefit of certain naturalpersons who are named in the sanction lists in the annexes to the Regulations. This includes the payment ofsalaries to employees, since with the payment they gain the power to dispose over their wages. Even non-monetarysalary components could fall under this prohibition of provision. The term “economic resources” includes any andall assets which can be used for the acquisition of funds, goods or services without themselves being money.The prohibition also affects existing employment agreements; the prohibition of provision is not restricted to newcommitments that have been made, but also covers existing contracts insofar as they provide for the performanceof a continuing obligation.
Penalties for violations
The Regulations, as directly applicable law, are binding for all companies in the territory of the EU. Violations of theprohibition of provision can, under national law, lead to substantial penalties for the company involved and itsrepresentatives. For example, section 18(1) no. 1 lit. a of the Foreign Trade Act (Außenwirtschaftsgesetz, AWG)provides for the imposition of a prison sentence of three months to five years for, inter alia, a violation of one ofthe prohibitions of provision which are stipulated in an EU Regulation. Moreover, a fine of up to EUR 1 million canbe imposed under section 130 Administrative Offences Act (Ordnungswidrigkeitengesetz, OWiG) for failure to takethe necessary supervisory measures, as well as a company fine of up to EUR 10 million under section 30(1)Administrative Offences Act. Section 35(1) Trade Regulation Act (Gewerbeordnung, GewO) additionally provides fora ban on engaging in commercial activities due to unreliability and an entry in the Central Trade Register(Gewerbezentralregister), with negative consequences for the company with regard to the tendering of publiccontracts.
Automated sanctions checks for employees
In order to avoid sanction risks, many companies feel compelled to check their employee data against sanctionlists on a regular basis. Although they are not directly legally obliged to carry out such screenings, the legalpenalties involved give rise to a de facto duty (in order to avoid organisational culpability).Since a manual data check is not feasible for most companies, many of them opt for automatic screeningsimplementing special software solutions. In this process, the master data of the employees are comparedelectronically with the entries in the sanction lists. There had been some dispute in this connection as to whetherthe introduction of such an automated data check triggers a codetermination right of the works council due tocontrol of conduct pursuant to section 87(1) no. 6 Works Constitution Act (Betriebsverfassungsgesetz, BetrVG).
Ruling of the Federal Labour Court
In its order of 19 December 2017 (case no. 1 ABR 32/16), the Federal Labour Court found that such cases do notfall within the scope of application of the codetermination right under section 87(1) no. 6 Works Constitution Act.As worded, this provision is only applicable if the measure involves the introduction and use of technicalequipment which is specifically designed to monitor the conduct or the performance of employees. As the Court
5
stated in its order, from a formal standpoint, by checking the data the employer does not obtain any insights intothe conduct of the employee. Rather, the information obtained from the check only indicates whether a prohibitionmeasure in the sense of a prohibition of provision is directed against that individual, which means that nopayments may be made to him or her. However, this does not comprise a statement as to the employee’s actualconduct within or outside of the company’s operation. The mere possibility that this information could serve as anoccasion for further investigations or measures on the employer’s part, which in turn might allow for inferences tobe drawn regarding the affected employee’s conduct, does not make it information within the meaning of section87(1) no. 6 Works Constitution Act.
Conclusion
With the Federal Labour Court’s decision, companies have now obtained clarity on the duty to give the workscouncil a codetermination right upon introducing an automated check of employee data against sanction lists.While the introduction of almost any other kind of software would result in a mandatory codetermination of theworks council because, as a rule, work procedures are recorded thereby, automated sanction list screening is notsubject to codetermination. This makes it easier for companies to introduce such software solutions quickly inorder to protect themselves against sanctioning risks. However, it should be noted that this decision by the FederalLabour Court pertains only to codetermination under the Works Constitution Act, and not to the data protection lawaspects of employee screening (cf. on this subject Gleiss Lutz Newsletter Compliance & Investigations, Issue1/2017). This question has still not been completely clarified.
The Risk Advisory Group’s Corruption Challenges Index – a reliable source for assessing the risk ofcorruption
In addition to Transparency International’s Corruption Perception Index (“CPI”), the UK-based Risk AdvisoryGroup’s Corruption Challenges Index is a reliable source for assessing the risk of corruption in specificcountries. The Risk Advisory Group’s approach and methods differ from those of the CPI. It will come as littlesurprise that Europe gets good marks on average according to this new index as well.
Risk Advisory Group
Risk Advisory Group Ltd. (“Risk Advisory”) is an independent global risk management consultancy with itsregistered office in London, offering intelligence, investigations and security management. Risk Advisory offersclients a strategic information service that provides information and advice worldwide on investment projects,strategic expansion, important invitations to tender and other business opportunities. Risk Advisory preparesstrategic and consistent security information and analysis to support decision-making as part of business riskmanagement when clients expand into new and unfamiliar countries.
Corruption Challenges Index 2018
Risk Advisory’s Corruption Challenges Index 2018 (“CCI 2018”) has now been complied for the second time. Theindex provides an overview of countries and markets that represent the greatest and the least corruptionchallenges for investing companies.
The index is based on Risk Advisory’s direct experience of working in the most challenging counties in the world.Markets representing the greatest and the least corruption challenges for foreign investors are highlighted. RiskAdvisory assesses various factors including the local threat of corruption, foreign investment risks, and the scopeof FCPA enforcement action. The accessibility and availability of information when internal investigations arecarried out for companies is also critically reviewed.
According to CCI 2018, the country with the lowest risk of corruption is New Zealand, followed by Ireland andDenmark. Germany takes 4th place. Germany is also listed in the top ten countries with the least corruptionchallenges, likewise led by New Zealand. The overall analysis also shows that Europe generally gets good marksaccording to the index criteria and leads the list of countries at least risk. Kosovo is the only European country to
6
be found in the list of the 20 countries with the greatest risk of corruption.
The greatest corruption challenges exist in Turkmenistan, Somalia and Libya. The last two countries also have thegreatest risk of corruption, according to CCI 2018.
Globally, the construction sector, urban development, infrastructure, and the oil and gas sector represent the mostchallenging sectors as regards corruption risks.
In addition to the global overview, the report also contains assessments broken down according to the individualcontinents and sets out key developments there.
Risk Advisory’s methods
The Corruption Challenges Index is prepared by Risk Advisory’s due diligence, political and security experts. Theindex assesses the threat of corruption, a regime’s stability or instability, and the accessibility of information in187 countries in order to obtain a “Corruption Challenge” score and from this a “Most Challenging Jurisdiction”ranking.
In countries with an increased threat of corruption, an integrity due diligence plays a key role in risk management.But where information is restricted or unreliable, due diligence requires specialist knowledge and research skills.The most challenging countries are those in which the threat is high and due diligence is hard to achieve. Theindex serves to quantify this interrelationship.
To assess this situation, experts are required to evaluate each country according to the likelihood of twoscenarios: 1) foreign investors face corruption when seeking to obtain an important government contract, a licenceor a permit (“major corruption”); and 2) a company working on the ground has to put up with low-level corruption inorder to operate its daily business (“minor corruption”). These scores are added together to obtain a regimestability score, from which a “Corruption Threat Rating” is derived.
This is matched against an opacity score based on expert assessments of how complete and reliable publicinformation is, how open the media are, how much scope human sources have to speak freely, and what particularlinguistic barriers exist, such as transliteration or complex translation.
The index’s most challenging countries are those with a high risk of minor and major corruption, a relativelyunstable regime, and low availability of public information and business intelligence.
In addition to compiling the index, the analysts are instructed to take into account the three sectors most impactedby corruption in each country.
Transparency CPI and CCI – a comparison
Until now, the best-known corruption risk index has been Transparency CPI. Transparency CPI lists countriesaccording to the degree of corruption perceived in the public sector. It is a composite index compiled from surveysand investigations based on corruption-related data collected by several independent and reputable institutions.
Transparency CPI 2017 was calculated using 13 data sources and 12 different institutions covering corruptionperception over the last two years. These are shown on a scale of 0 to 100. 0 means that the sector in the countryin question is perceived as being very corrupt. 100 means that it is perceived as having a high degree of integrity.By calculating means based on the reference year’s parameters, it is ensured that Transparency CPI scores since2012 are comparable from year to year.
As both indexes deal with the risk of corruption, they can be easily compared with each other in spite of thediffering methodologies they employ. Transparency CPI and CCI come to similar or comparable conclusionsregarding countries such as New Zealand, Denmark or Finland, for example. Germany also gets good marksaccording to both indexes.
7
There is also agreement when it comes to the greatest risk of corruption assessed for Somalia, Libya or SouthSudan.
There are differences in positive assessments, such as for Ireland. According to CCI, Ireland has the second lowestrisk of corruption, while CPI places it “only” in the second highest group, with a “low” risk level. The situation issimilar for Japan. The CCI places Japan in the 10 countries with the lowest risk of corruption, while CPI places it“only” in the group with a “low” risk level.
What this means for compliance advice
The CCI can therefore be used in two ways in company compliance roles or when performing due diligence. Firstly,it can be used to confirm and fine-tune the CPI assessment, thus improving the validity of the risk assessment. Forinternal company advice, this permits a more reliable statement to be made as regards a possible risk ofcorruption.
Secondly, there is the option of looking critically at the frequently used CPI in cases where the two indexes differ intheir assessment. In many cases, this deviation may be minor, but it may give cause to look critically at businessactions to be taken in certain countries and if necessary to modify the overall assessment.
As an independent expert assessment, therefore, the CCI may become a further, fully fledged compliance tool overthe next few years with its own value when evaluating country-specific risks.
Publication of the 5th EU Anti-Money Laundering Directive
The reverberations of the coming into force of the 4th EU Money Laundering Directive and its transposition intothe German Money Laundering Act have not yet died away and already the European Parliament has adopted the5th EU Money Laundering Directive with various amendments to the wording of its predecessor; it was publishedin the Official Journal of the European Union on 19 June 2018 and will enter into force on the 20th day after itspublication, with Member States having until 10 January 2020 to transpose the Directive into national law.
Response to recent terrorist attacks
Again the recitals are awash with grand words:
“Recent terrorist attacks”, they say, have brought to light emerging new trends, in particular regarding the wayterrorist groups finance and conduct their operations. Modern technology services and alternative financialsystems, in particular, benefit from exemptions that “might no longer be justified”. The integrity of the Unionfinancial system is dependent on the transparency of corporate and other legal entities, trusts and similar legalarrangements. The new Directive therefore aims, it says, not only to “detect and investigate money laundering, butalso to prevent it from occurring”. Enhancing transparency could be a powerful deterrent.
Objectives that are to be implemented with, naturally, “due regard” to the fundamental right to the protection ofpersonal data, as well as the observance and application of the proportionality principle.
Objectives of the new Directive
One of the objectives of the new Directive is virtual currencies, providers engaged in exchange services betweenvirtual currencies and fiat currencies (that is to say coins and banknotes that are designated as legal tender andelectronic money, of a country, accepted as a medium of exchange in the issuing country) as well as custodianwallet providers. All of them will be subject to increased monitoring.
The “anonymity of virtual currencies” allows their potential misuse for criminal purposes, says the Directive, whilstassuring that these are not to be confused with electronic money or related services and means of payment. Theaim of the Directive is to cover all the potential uses of virtual currencies, especially their possible use as means of
8
exchange, investment, store-of-value products or use in online casinos.
Business relationships or transactions involving high-risk third countries should be limited when significantweaknesses are identified in the anti-money laundering/combating the financing of terrorism (AML/CFT) regime ofthe third countries concerned. The Commission will be empowered to adopt delegated acts in order to identify“high-risk third countries”. When dealing with such cases of high risk and with such business relationships ortransactions, Member States should in future require obliged entities to apply enhanced customer due diligencemeasures to manage and mitigate those risks.
A new Article 18a sets out the enhanced customer due diligence measures to be applied in dealings withcustomers from high-risk third countries. Especially detailed by comparison with the current German MoneyLaundering Act is the point “conducting enhanced monitoring of the business relationship by increasing thenumber and timing of controls applied, and selecting patterns of transactions that need further examination”.
Implementing the new rule remains a matter for the Member States at national level, however. It remains to beseen, therefore, what kind of enhanced customer due diligence vis-à-vis high-risk third countries the Germanlegislator will incorporate into the German Money Laundering Act.
For what are known as anonymous prepaid cards which, the Directive says, are “easy” to use in financing terroristattacks and logistics, the threshold triggering an obligation for customer due diligence is to be lowered to EUR 50.This threshold is, it says, appropriate in order to identify the customer in the case of remote payment transactionswhile having due regard to consumers’ needs in using general purpose prepaid instruments and “not preventing theuse of such instruments for promoting social and financial inclusion”.
It is clear from the recitals that the Directive seeks to serve all conceivable purposes, cater for all possiblereservations, and reconcile all aspects of financial policy and the financial system that could potentially have anyrelevance whatsoever.
Another core objective is for corporate and other legal entities to “obtain and hold adequate, accurate and currentinformation on their beneficial ownership”.
Trusts and similar “legal arrangements” are a main theme of the recitals, with transparency seen as a key factor intracing criminals who might otherwise be able to hide their identity behind a corporate structure.
The enhanced public scrutiny of information “by civil society” – the Directive specifically mentions the press andcivil society organisations – will contribute to preventing the misuse of legal entities and legal arrangements,including “tax avoidance”. All this with the aim, mind you, of “ensuring a proportionate and balanced approach andguaranteeing the rights to private life and personal data protection”. The Member States are therefore called uponin their national law to define “legitimate interest” as a criterion for accessing beneficial ownership information.
And how is this all supposed to happen?
First of all, the group of obliged entities will be expanded:Auditors, external accountants and tax advisors that undertake to provide “material aid, assistance or advice on taxmatters” as principal business or professional activity are included in the list of obliged entities.
For estate agents, the Directive states that they will also be included in the list of obliged entities not only whenselling, but also when acting as intermediaries in the letting of, immovable property, but only in relation totransactions for which the monthly rent amounts to EUR 10 000 or more. But also persons who trade in or act asintermediaries in the trade of works of art, including persons who store works of art for export through free ports,are to be included where the value of the transaction or a series of linked transactions amounts to EUR 10,000 ormore.
Reloadable payment instruments must have a maximum monthly payment transaction limit of EU 150, which canbe used only in the Member State in which it was issued. The maximum amount stored electronically therefore
9
should not exceed EUR 150.
The scope of the obligation to identify the customer and verify their identity is newly defined as part of customerdue diligence: On the basis of documents, data or information obtained from a reliable and independent source,including, where available, electronic identification means, relevant trust services as set out in Regulation (EU) No910/2014 of the European Parliament and of the Council or any other secure, remote or electronic identificationprocess. It sounds complicated and it is complicated: Under the guise of facilitating various new electronic meansof identification, an additional administrative burden is being imposed on the obliged entities because, wherepossibilities are available to improve identification and verification, the obliged entities will not be able to contentthemselves in future with simpler, but perhaps less safe means – such as having someone send a copy of their ID.
Obtaining a register excerpt whenever entering into a new business relationship with a corporate or other legalentity is being made a standard element of customer due diligence.
Special precautions are also needed in future if the person identified as the beneficial owner of a company is at thesame time a member of that company’s senior management. Then the obliged entities have to take the necessaryreasonable measures to verify the identity of the natural person who holds the position of senior managing officialand keep records of the actions taken as well as any difficulties encountered during the verification process. Inother words: Owners of family-owned companies, regardless of their legal structure, who are actively involved inthe management will have to be fully identified in future and the actions taken to establish their identitydocumented. The German legislator will probably not want to miss out on the chance to specifically includeviolations of this important rule in the list of finable offences.
Member States must require obliged entities to also apply their customer due diligence measures at appropriatetimes to existing customers on a risk-sensitive basis in future, i.e. especially if the relevant circumstances of acustomer change, or when the obliged entity has any legal duty to contact the customer, the details about theidentity of the relevant person(s) must be verified and updated. It remains to be seen whether this will be fleshedout to create a formal rule in the German Money Laundering Act on how to deal with, and possibly verify theidentity of, existing customers.
What makes the change to the enhanced customer due diligence especially critical is not the list of cases thatneed to be investigated, which already exists in section 15(5) German Money Laundering Act, but the addition ofthe following words: “In particular, obliged entities shall increase the degree and nature of monitoring of thebusiness relationship, in order to determine whether those transactions or activities appear suspicious.” Here onecan expect the obliged entities to be required to document the actions they take to improve their processes and toregularly repeat those actions, which, one would assume, goes beyond “enhanced continuous monitoring” withinthe meaning of section 15(5), no. 2 German Money Laundering Act.
Conclusions and comments
40 pages of Directive setting out improvements of questionable effect, but puffed up with strong words, goodintentions and noble objectives.
What would be more important would be for the German legislator to iron out the inconsistencies in the currentversion of the Money Laundering Act and cut back on all the bureaucracy. The most important example: Industrialholding companies are absurdly defined as “financial companies”, bringing them within the ambit of the MoneyLaundering Act even if the holding does not perform any operational activities whatsoever for the corporate groupthat it heads.
Another nonsensical example is the currently customary interpretation placed by the Federal Ministry of Financeon section 9 of the German Money Laundering Act, which deals with the obligations of group parents, which it seesas being obliged to carry out a risk assessment pursuant to section 4(2) and section 5 German Money LaunderingAct even if all the members of the group avail themselves of the exemption pursuant section 4(4) of the Act andare therefore exempted from the obligation to verify the identity of their customers pursuant to section 10(6) of theAct.
10
Otherwise, the Directive contains a lot of fanfare about cooperation between Member States, setting up registersakin to the German Beneficial Ownership Register, and statistics aimed at evidencing the effectiveness of thesystems to be put in place to counter money laundering and terrorist financing in the Member States.
In light of the debacle around the transfer of responsibility for the Financial Intelligence Unit from the FederalCriminal Police Office to the customs authority, it will be interesting to see the first national German statistics andthe details as to “human resources allocated to competent authorities responsible for AML/CFT supervision”(Article 44(2)(e)) as well as “human resources allocated to the FIU”.
Only very recently the Federal Ministry of Finance announced to the German public that everything was going to befine at the FIU because “changes had been made at management level” (Frankfurter Allgemeine Zeitung, 29 June2018, p. 21). In football, too, quite a few teams have been brought back from the brink of relegation by a newtrainer...
Risk of tax criminal proceedings in wage tax audits – fines to replace interest?
In recent years the risk of a criminal investigation for alleged tax fraud has risen significantly for businesses inGermany. While tax authorities used to initiate tax criminal proceedings only against hardened criminals such asparticipants in VAT carrousel frauds, they have lately also begun to initiate criminal proceedings morefrequently in cases in which no criminal tax offence was committed.
Tax authorities are legally obliged to initiate criminal proceedings when they suspect a tax offence. In reality, theylike to use criminal proceedings as a means of exerting pressure on taxpayers. This happens in the course of taxaudits, for example, if the business under audit fails to cooperate sufficiently and the auditor wishes to build uppressure.
We therefore advise our clients to prepare for tax audits diligently and always make the auditors feel that they arethe client's highest priority. At the latest when specific tax-related questions arise, the client should seek to engagewith the auditor directly to discuss disputed matters and - if necessary – to involve a tax advisor. This can preventthe auditor from initiating criminal proceedings due to an impression that the client has something to hide.
Recently, it has been noted that German tax authorities increasingly initiate criminal proceedings after or evenduring wage tax audits if the audits lead to additional taxes. The reason behind this trend is the fact that with wagetax there is no interest on back taxes – as opposed to corporate tax, trade tax and VAT. If a tax audit leads toadditional corporate income or trade taxes, such taxes must be paid plus interest. But if a wage tax audit leads toadditional tax claims, the taxpayer only needs to pay the "net" amount without any interest. The tax authorities areapparently seeking to compensate for this "loss" by assessing penalty payments or administrative fines in criminalproceedings. In this context, they regularly disregard the question of whether the taxpayer had acted intentionally(as is required for criminal charges) or recklessly (as is required for misdemeanour charges). So far we have onlyobserved this conduct in connection with wage tax audits, but it remains to be seen whether tax authorities willexpand this strategy in the future to other taxes which do not bear interest, such as real estate transfer tax orcapital gains tax.
Such methods, which have the sole aim of compensating for lost interest payments, would be unlawful but theyare impossible to prove in practice. In such cases we would recommend consulting a lawyer who is not only skilledin tax law, but can also cover the criminal law aspects of the case. This should be considered at the latest whencriminal proceedings have already been initiated, but might also be advisable if it becomes clear that a wage auditwill lead to a considerable increase in taxes.