Austria
Report on Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism

The paper presents a report on Austria’s Observance of Standards and Codes for Financial Action Task Force Recommendations for Antimoney Laundering (AML)/Combating the Financing of Terrorism (AML/CFT). The Austrian authorities have designed and are implementing a comprehensive AML/CFT system, supported by well-developed federal administrative and supervisory bodies, and active professional organizations. The supervisory system for financial institutions is generally sound and efficient. Licensing requirements and the regime of sanctions need to be strengthened, and additional resources should be allocated to supervisory bodies.

Abstract

The paper presents a report on Austria’s Observance of Standards and Codes for Financial Action Task Force Recommendations for Antimoney Laundering (AML)/Combating the Financing of Terrorism (AML/CFT). The Austrian authorities have designed and are implementing a comprehensive AML/CFT system, supported by well-developed federal administrative and supervisory bodies, and active professional organizations. The supervisory system for financial institutions is generally sound and efficient. Licensing requirements and the regime of sanctions need to be strengthened, and additional resources should be allocated to supervisory bodies.

A. Introduction

This Report on the Observance of Standards and Codes for the FATF 40 Recommendations for Anti-Money Laundering (AML) and 9 Special Recommendations on Combating the Financing of Terrorism (CFT) was prepared by the Legal Department of the IMF1. The report provides a summary of the AML/CFT measures in place in Austria and of the level of compliance with the Financial Action Task Force (FATF) 40+9 Recommendations, and contains recommendations on how the AML/CFT system could be strengthened. The assessment is based on the information available at the time of the mission from September 15 through 30, 2008 and was conducted using the 2004 Assessment Methodology. The Detailed Assessment Report (DAR) on which this document is based was adopted by the FATF plenary on June 25, 2009. The views expressed here, as well as in the full assessment report, are those of the staff team, and do not necessarily reflect the views of the Government of Austria or the Executive Board of the IMF.

B. Key Findings

1. The crime level in Austria is among the lowest in European Union (EU) Member States, and the authorities consider that the country’s exposure to money laundering (ML) and financing of terrorism (FT) risks is limited. However, due to its geographical location and its historical ties with Central, Eastern and Southeastern Europe (CESE) countries, Austria may be used by foreign criminal organizations as a transit point for drugs and other trafficking, as well as a destination for criminal money, attracted by its reputation for political stability, tradition of banking secrecy, and attractive tax regime.

2. The authorities have designed and are implementing a comprehensive AML/CFT system, supported by well-developed federal administrative and supervisory bodies, and active professional organizations.

3. Criminalization of ML is generally in line with the FATF standards, and the legal framework provides for a wide range of confiscation and provisional measures. However, the low number of convictions for ML, low legal penalties and low amounts confiscated raise questions about the overall effectiveness of the system. Criminal provisions for the FT, although largely consistent with the 1999 United Nations (UN) Terrorist Financing Convention, do not cover the full range of activities covered by the FATF standard.

4. The transposition of the Third EU AML Directive resulted in a large overhaul, expansion and strengthening of the Austrian AML/CFT regime which now covers the broadest range of financial activities and designated non-financial businesses and professions (DNFBPs), except certain casinos. However, some provisions have to be brought more closely into line with the FATF standards, and overall, more time is needed before all requirements are fully implemented.

5. The supervisory system for financial institutions is generally sound and efficient. Licensing requirements and the regime of sanctions need to be strengthened, and additional resources should be allocated to supervisory bodies.

6. The Austrian Financial Investigation Unit (A-FIU) is an effective police unit, but it does not fulfill the suspicious transaction report (STR) analysis and dissemination functions of an FIU. Possible disclosure of information to the defendant, pursuant to the criminal procedure, may contribute to the overall low level of reporting.

7. Legal provisions and jurisprudence provide gateways for the authorities to obtain data protected by banking secrecy, but requests by public prosecutors are subject to restrictive conditions that financial institutions and legal professions may exploit to decline to supply information.

8. While the registration system is generally well-developed, access to beneficial ownership data of some non-profit organizations (NPOs), legal arrangements (Treuhand) and some legal persons, notably foundations and companies issuing bearer shares, is hindered.

9. Various fora have been established to ensure national cooperation and coordination. The deficiencies noted in the domestic legal framework slow down the provision of mutual legal assistance.

10. Key recommendations include: conduct a ML/FT risk assessment; align the criminalization of ML/FT with the standards; widen the scope of customer due diligence (CDD) obligations; ease legal requirements for authorities to have access to information held by financial institutions and legal professions; extend the functions of the A-FIU to analysis and dissemination; broaden the STR provisions; strengthen licensing requirements and available sanctions for financial institutions; align preventive measures for DNFBPs with the FATF standards; ensure adequate transparency of beneficial ownership of legal persons and legal arrangements.

C. Legal Systems and Related Institutional Measures

11. The provisions which criminalize ML in Austria closely follow the Vienna and Palermo Conventions. The offense of ML extends to any type of property, regardless of its value, that directly or indirectly represents the proceeds of crime, and irrespective of the place where the predicate offense was committed. Predicate offenses include all serious offenses under Austrian criminal law, which cover all categories of offenses designated by the FATF, as well as a wide range of misdemeanors, with the exception of counterfeiting and piracy of products. It was not established that the non-criminalization of self-laundering is supported by fundamental principles according to the FATF standard.

12. The liability of natural persons is broader than required by the Conventions, and the general criminal liability has been enlarged to include legal persons and entities for all penal offenses.

13. The criminalization of the FT is consistent with the 1999 UN Terrorist Financing Convention, and addresses all activities, without considering the place where the offense was committed. However, it needs to be extended further to include in full the financing of terrorist organizations and individual terrorists, regardless of the use of the funds provided.

14. Prosecutorial units specialized in financial crime prosecution have been set up, and investigations are generally conducted by specific police units, the A-FIU for ML cases, and the Federal Agency for State Protection and Counter-Terrorism (Bundesamt für Verfassungsschutz und Terrorismusbekämpfung; BVT) for FT cases.

15. The overall legal framework is fairly comprehensive, but questions remain regarding its effective implementation. Few convictions for ML have been obtained compared to the number of convictions for predicate offenses, in particular drug-related offenses, which are subject to investigations and convictions. Elements contributing to a smaller number of ML cases appear to be the non-criminalization of self-laundering, practical difficulties in establishing a link with a predicate offense, especially when those offenses are committed abroad, and prosecutors’ practice of indicting ML under “participation” in the predicate offense. There were no convictions for FT between 2004 and 2007. Moreover, the AML/CFT sanction regime applicable to natural and legal persons needs to be strengthened further.

16. The legislation provides for a wide range of confiscation and provisional measures which apply to property that has been laundered or constitutes proceeds of any ML, FT or other predicate offenses. The mechanism applies to all property items in Austria, as well as to property of corresponding value. However, restrictive conditions to law enforcement’s access to information and documents held by financial institutions and some DNFBPs limit its overall effectiveness. The legal regime for non-conviction based forfeiture of assets held by a criminal organization or a terrorist group is extensive, but has not been applied yet.

17. Measures to freeze funds or other assets of terrorists, those who finance terrorism and terrorist organizations are mainly implemented in Austria by European Council Regulations, which are directly applicable, and Council Common Positions which are enacted through Official Announcements of the Austrian National Bank (Oesterreichische Nationalbank, OeNB). However, the execution of directly applicable EU regulations presents some difficulties in regard to the freezing of non-financial assets, and there is also a need for additional guidance to the private sector on the freezing obligation.

18. Pursuant to their relevant laws and regulations, financial institutions and DNFBPs report suspicious activities to the A-FIU. STRs from reporting entities are dealt with in the same way as criminal complaints. The A-FIU conducts criminal investigations with full investigative powers and access to information. It does not perform two major functions required for an FIU by the international standard, i.e. analysis and dissemination of information. Moreover, the A-FIU is not responsible for FT cases, which fall within the responsibility of the BVT. The A-FIU maintains regular contact with reporting entities, providing general guidance and specific advice and feedback. This approach offers opportunities for efficient exchange of information.

19. The banking legislation sets out strict banking secrecy provisions, but legal provisions and jurisprudence provide gateways for the authorities to access protected information. Requests for information made to the financial institutions by the A-FIU acting on the basis of STRs are usually complied with, but court orders requested by the office of public prosecution are rejected if requests, in the view of financial institutions, do not provide substantive, material and adequate evidence that the legal conditions for disclosure are met, thus delaying access to information.

D. Preventive Measures–Financial Institutions

20. Since Austria’s last evaluation, several measures have been taken to improve the overall AML/CFT framework: legislative and regulatory revisions and the implementation of the Third EU ML Directive resulted in a large overhaul, expansion and strengthening of the AML/CFT regime.

21. All persons and entities who conduct as a business in Austria one or more of the financial activities listed in the FATF definition of “financial institution” are subject to AML/CFT measures, which are set out in sector-specific laws. Following the transposition of the Third EU ML Directive, additional or new obligations have been incorporated into the Austrian legal framework relating to customer identification, the definition of beneficial ownership and the identification and monitoring of politically exposed persons (PEPs) and cross-border correspondent banks. A good level of effectiveness has been found not only in large international financial firms, but also in smaller financial institutions, in particular with respect to AML/CFT measures that have been in place for some years. However, the effective implementation of some new provisions, which came into force on January 1, 2008, could not be fully established, and some operational circulars are still pending.

22. Overall, the measures set out in the financial sector laws are generally in line with the FATF Recommendations. CDD requirements have been expanded and cover all customers and beneficial owners, whether natural or legal persons. They should nevertheless be expanded further by removing three exemptions, requiring additional CDD for beneficiaries of some smaller savings deposit accounts, and broadening the definition of a PEP. Financial institutions have developed and implemented strict selection procedures at the inception of business relationships, notably when they rely on intermediaries or third-parties to perform elements of the CDD process.

23. The revised legislation introduces a risk-based approach to CDD modeled on the provisions of the EU Directive. It requires financial institutions to conduct a risk-analysis of their business, apply risk-based CDD, and take appropriate measures to address higher risk situations. Financial institutions have initiated important programs to acquire and develop IT tools which are required to implement risk-sensitive monitoring. The authorities should consider conducting a ML/FT risk assessment to establish whether additional legal provisions are required to mitigate risks specific to Austria, such as bearer shares, personal asset holding vehicles, and private banking.

24. The legislation also calls for enhanced due diligence for specific risks singled out by the FATF standard, in particular non-face-to-face business, cross-border correspondent banking, and business with PEPs. However, the nature and scope of monitoring measures are not defined, but rather fall within the ambit of the risk-based approach, and are thus left to the discretion of financial institutions. Moreover, financial institutions should be specifically required to examine the background and purpose of transactions they view as unusual and record their findings in writing. The general requirement to maintain CDD records is fully in line with the standard.

25. Most of the STRs originate from “credit institutions” (which, in Austria, covers a number of financial institutions as defined in the standard in addition to banks), especially money transfer services. Pursuant to the criminal procedure, information may be disclosed to the defendant, after criminal proceedings have been initiated. Such disclosure may be a contributing factor to the overall level of reporting which, in Austria, is low. In November 2008, the authorities initiated an action plan for better protecting the anonymity of reporting entities and persons filing STRs.

26. Most categories of financial institutions are subject to broad obligations regarding the compliance management and internal audit functions, but these requirements need better focus to ensure adequate and comprehensive coverage of exposure to ML/FT risks. The compliance officer’s seniority, independence and right to access CDD data and information, transaction records and other relevant information should be set out in the law.

27. The Financial Market Authority (FMA) has the overall responsibility for regulation, supervision and enforcement in the financial sector, but since January 2008, the OeNB has been entrusted with conducting offsite monitoring and onsite examinations of banks. The broad definition of banking activities subject a wide range of institutions to supervision, notably money or value transfers that can only be conducted by credit institutions. The licensing requirements and supervisory process would prohibit the establishment and operation of shell banks. However, there are concerns about the adequacy of the licensing process, especially in regard to the assessment of significant or controlling interests when the capital of a financial institution is in form of bearer shares. Fit and proper tests should also be applied to senior managers and all supervisory board members.

28. The increasing number of examinations, as well as meetings with senior management of supervised entities demonstrate that the FMA and the OeNB are taking steps to ensure closer AML/CFT supervision. Both authorities rely on external auditors to examine regularly all financial institutions, and confirm that AML/CFT controls are in place and operational. The capacity of both the FMA and the OeNB needs further strengthening and additional resources are required to enable their respective supervisory divisions to step up the number of onsite examinations and to cover all areas of ML/FT risk. The sanctioning regime does not appear to be sufficiently proportionate and dissuasive. In addition, the application of sanctions should be extended to all members of supervisory boards and senior management.

29. Local district authorities supervise domestic financial institutions that carry out limited specialized financial business. The legal provisions, that regulate the licensing, business, supervision and sanctioning of these institutions, are not sufficiently adapted to their activity and ML/FT risks.

E. Preventive Measures–Designated Non-Financial Businesses and Professions

30. Further to the Third EU AML Directive, all DNFBPs are covered in laws and regulations, and the range of covered activities goes beyond the FATF standard, to include all types of dealers, auctioneers and accounting professions. However, the preventive measures applicable to these businesses and professions need to be expanded and better tailored to their specificities. CDD requirements should be defined for all casinos operating in Austria, including internet casinos, while some legal ambiguities in the coverage of transactions performed by notaries, lawyers and accountants should be removed. The requirements for enhanced monitoring of higher risk categories or transactions called for by the FATF should be extended to the sector.

31. Although there is some level of awareness and effectiveness within the sector, implementation generally needs to be strengthened, especially for trust and company service providers (TCSPs), and new or revised guidelines need to be issued. In addition to the shortcomings identified for the financial sector, heightened professional secrecy provisions for lawyers, notaries and accountants may be contributing to the low level of reporting of suspicious transactions.

32. The supervisory system is generally in place for the sector, but it mostly lacks resources and expertise. The sanctioning regime, which appears to be proportionate and dissuasive for the lawyers and notaries, needs to be developed for the other professions.

33. Measures to reduce the reliance on cash appear insufficient, considering the important quantity of large denomination banknotes issued by the OeNB.

F. Legal Persons and Arrangements & Non-Profit Organizations

34. Austria mainly relies on a central registration of all types of legal persons, including foundations. However, access to relevant ownership information is hampered by several features of the system, notably limited requirements to register changes in ownership, the possibility for companies to issue bearer shares, and the option for private foundations to record beneficiaries’ names in non-public appendixes to founding deeds.

35. The Treuhand is a very common feature of the Austrian economy. A partial registration system is in place which is limited to financial assets and is mandatory only for some of the trust service providers, i.e. lawyers and notaries. There are no measures to ensure the transparency of foreign trusts operated in Austria.

36. Obligations for NPOs to ascertain and maintain information about their ownership structure and transactions should be expanded.

G. National and International Co-operation

37. Mechanisms for domestic cooperation and coordination are institutionalized and embedded in the Federal Constitution. Various policy and operational fora have been established under the lead of the Ministry of Finance where national competent authorities exchange information on AML/CFT issues and coordinate their respective activities.

38. Austria has enacted legislation that encompasses all key requirements of the international conventions regarding mutual legal assistance, signed several bilateral treaties with neighboring states, and shortened domestic procedures to improve the processing of information requests. The country may provide a range of measures of mutual legal assistance in AML/CFT investigations, prosecutions and related proceedings initiated by other countries. The legal regime which applies to foreign requests for confiscation is comprehensive. The extradition framework is not entirely in line with the FATF standard and its effectiveness was not established. The provision of mutual legal assistance nevertheless suffers from some shortcomings. In particular, the strict requirements for lifting bank secrecy and the extensive scope of the legal privilege slow down the provision of mutual legal assistance.

39. Supervisory authorities have a fairly comprehensive regime for international cooperation on AML. Weaknesses have been identified regarding international cooperation on combating terrorism financing, with the A-FIU not being legally empowered to exchange information, and concerning international cooperation by law enforcement authorities, which lacks effectiveness.

Summary Table of Observance and Key Recommendations

article image
article image
article image
article image
article image
article image
1

The assessment team consisted of: Alain Védrenne-Lacombe (team leader), Nadine Schwarz (co-team leader), Giuseppe Lombardo and Emmanuel Mathias (all of LEG); and Helen Hatton (Expert, Deputy Director General of the Jersey Financial Services Commission).

2

Compliant (C): the Recommendation is fully observed with respect to all essential criteria.

Largely compliant (LC): there are only minor shortcomings, with a large majority of the essential criteria being fully met.

Partially compliant (PC): the country has taken some substantive action and complies with some of the essential criteria. Non-compliant (NC): there are major shortcomings, with a large majority of the essential criteria not being met.

Not applicable (NA): a requirement or part of a requirement does not apply, due to the structural, legal or institutional features of a country.

3

The FATF recognizes the EU as a supranational jurisdiction for the purposes of SR.IX, and that physical cross-border transportations of currency/BNI within the borders of the EU are to be considered domestic.

4

See footnote 3.

Austria: Report on Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism
Author: International Monetary Fund