Legislation

The regulations that seek to prevent money laundering and terrorist financing consist of national legislation and European and international regulations.

Finland has an Anti-Money Laundering Act in place. The Anti-Money Laundering Act is supplemented by several separate acts.

The national law is based on EU regulations issued as directives and regulations. The directives are implemented as national laws, the regulations are applied as is.

The national law and EU law are heavily influenced by the international recommendations by Financial Action Task Force on Money Laundering (FATF).

National law

The Anti-Money Laundering Act (Act on Detecting and Preventing Money Laundering and Terrorist Financing)

The Anti-Money Laundering Act

  • lays down provisions on the prevention of money laundering and terrorist financing

  • promotes the detection and investigation of money laundering and terrorist financing

  • reinforces the tracing and recovery of the proceeds of crime.

The Anti-Money Laundering Act obligates businesses in certain sectors to create a risk assessment on the risks of misconduct associated with their activities and to identify and know their customers (customer due diligence). The risk assessment shall be updated regularly.

In addition, most companies and corporations must determine and register their beneficial owners, i.e. the owners and other parties that exercise control. Further provisions on the registration are laid down separately in the Trade Register Act, Associations Act, Freedom of Religion Act and the Foundations Act.

Operators must act in ways that contribute to the prevention of money laundering and terrorist financing. The operators are also obligated to report suspicious business activities to the Financial Intelligence Unit of the National Bureau of Investigation.

The Regional State Administrative Agency for Southern Finland maintains the register for detecting and preventing money laundering. The Anti-Money Laundering Act contains provisions on the monitoring of various actors and the administrative sanctions for neglect.

Anti-Money Laundering Act (Finlex, in Finnish)

Government proposal on the amendment of the Act on Detecting and Preventing Money Laundering and Terrorist Financing (in Finnish)

Act on Crypto-Asset Service Providers and Markets in Crypto-Assets

The Act on Crypto-Asset Service Providers and Markets in Crypto-Assets supplements the EU’s Markets in Crypto-Assets Regulation. The Act lays down provisions on, for example:

  • competent authorities;
  • other permitted business activities for crypto-asset service providers; 
  • liability for damages;
  • a non-disclosure obligation for service providers.

The Financial Supervisory Authority supervises compliance with the Act. In future, the European Securities and Markets Authority (ESMA) will maintain a centralised register of crypto-asset service providers and issued crypto-assets.

Act on Crypto-Asset Service Providers and Markets in Crypto-Assets (Finlex)

Government Decree on Customer Due Diligence Procedures and Risk Factors in Preventing Money Laundering and Terrorist Financing

Under the Act on Preventing Money Laundering and Terrorist Financing, obliged entities are allowed to observe a simplified customer due diligence procedure in certain circumstances. In other circumstances, obliged entities must apply an enhanced customer due diligence procedure. The government decree includes more detailed provisions on the circumstances in which these procedures may or must be applied.

The decree also defines the risk factors that may indicate that the risk is either negligible or higher than ordinary. The risk factors can relate to the client, service, product or method of delivery or they could be geographical.

Government Decree on Customer Due Diligence Procedures and Risk Factors in Preventing Money Laundering and Terrorist Financing (Finlex, in Finnish)
 

Government Decree on Politically Exposed Persons

When the risk of money laundering or terrorist financing is elevated, the parties under the reporting obligation must adopt enhanced customer due diligence measures. Risk is elevated in cases such as business relationships with politically exposed persons or their family members or persons known as their close business partners.

The Government has issued a Decree on important public positions referred to in the Anti-Money Laundering Act. A person acting in such a position now or in the past shall be considered a politically exposed person.

Government Decree on Politically Exposed Persons (Finlex, in Finnish)

Act on the Bank and Payment Accounts Control System

The Act on the Bank and Payment Accounts Control System promotes the prevention of money laundering and terrorist financing because it improves the authorities’ access to electronic information on the Bank and Payment Accounts of citizens, businesses and corporations. The Act is a part of the implementation of the EU’s 5th Anti-Money Laundering Directive.

The bank and payment accounts control system consists of two technologically different systems:

  • an account register maintained by Customs

  • a distributed information search system.

Customs maintains a compiling application that transmits information in response to inquiries by the competent authorities.

The parties obligated to report to the bank and payment account control system are credit institutions, payment institutions, electronic money institutions and virtual currency providers. These parties must join the account register or construct their own information search system from which they can disclose their customers’ bank and payment account information to the authorities.

The competent authorities are the Police, the Financial Intelligence Unit, the Border Guard, the Finnish Tax Administration, the National Enforcement Authority Finland, the Financial Supervisory Authority, the National Police Board, the Regional State Administrative Agencies, the Finnish Patent and Registration Office, the Finnish Bar Association, the Government of Åland, Ålands lotteriinspektion and the Finnish Defence Forces.

Act on the Bank and Payment Accounts Control System (Finlex, in Finnish))

Act on the Financial Intelligence Unit

The Act on the Financial Intelligence Unit specifies the tasks of the Financial Intelligence Unit that is a part of the National Bureau of Investigation and provides the Unit with the necessary data access rights.

The tasks of the Financial Intelligence Unit are the

  • prevention

  • exposure

  • examination and

  • investigation of money laundering and terrorist financing.

The Financial Intelligence Unit receives and examines reports on suspicious business activities from the parties with a reporting obligation and also brings them to preliminary investigation. In certain necessary situations the Unit can also order a suspicious business activity to be suspended for a maximum of ten business days.

The Financial Intelligence Unit maintains a money laundering register which stores data on reports on suspicious business activities.

The Financial Intelligence Unit has the right to obtain, use and disclose information whose processing is necessary in order to prevent money laundering and terrorist financing, even though the information is otherwise required to be kept secret by law. The Financial Intelligence Unit also has to publish statistics on suspicious business activities and criminal investigations.

In addition, the Financial Intelligence Unit collaborates with the supervisory authority of the Anti-Money Laundering Act and the parties with a reporting obligation and also engages in international collaboration and information exchange with corresponding authorities in other countries.

Act on the Financial Intelligence Unit (Finlex, in Finnish)

Act on the Freezing of Funds with a View to Combating Terrorism (Finlex)

Act on the Processing of Personal Data in Criminal Matters and in Connection with Maintaining National Security (Finlex)

EU Directive on Combating Money Laundering by Criminal Law (Project window of the Prime Minister’s Office, in Finnish)

The Criminal Code of Finland

The Criminal Code of Finland contains provisions on the criteria for a money laundering offence and the criminalisation of the various forms of the offence. The provisions seek to prevent the perpetrator from benefiting from the property obtained through criminal activity.

The provisions of the Criminal Code serve the overall prevention of money laundering and terrorist financing by giving the authorities the power to punish the perpetrator and seize the perpetrator’s assets that were obtained through criminal activity. This is achieved by declaring the proceeds from crime forfeit to the State.

Money laundering is often associated with organised crime. Forfeiture of the proceeds from crime prevents the financing of new crimes.

Criminal Code (Finlex, in Finnish)

EU Directive on Combating Money Laundering by Criminal Law (Official Journal of the European Communities)

Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime (Finlex)

Administrative freezing of terrorist funds

Finland uses an administrative system for the freezing of funds. The decision on freezing funds is made by the National Bureau of Investigation.

The purpose of the freezing of funds is to prevent the target of the decision – whether it is a person, group or corporation – from using its assets for carrying out, attempting to carry out or preparing for terrorist acts.

The transfer, conversion or assignment of assets to the target of an administrative freezing decision is criminalised in the Criminal Code.

Act on the Freezing of Funds with a View to Combating Terrorism (Finlex)

Trade Register Act

The Trade Register Act lays down provisions on the registration of the beneficial owners of a company.

Trade Register Act (Finlex, in Finnish)

Associations Act

The Associations Act lays down provisions on the registration of the board members of an association.

Associations Act (Finlex, in Finnish)

Freedom of Religion Act

The Freedom of Religion Act lays down provisions on the registration of the board members of an association.

Freedom of Religion Act (Finlex, in Finnish)

Foundations Act

The Foundations Act lays down provisions on the registration of board members or supervisory organ members of a foundation.

Foundations Act (Finlex, in Finnish)

Business Information Act

The Business Information Act specifies the parties responsible for submitting a notification to the register.

Business Information Act (Finlex, in Finnish)

International financial sanctions

The sanctions regulations obligate the freezing of the assets and other financial resources of specific persons and corporations, It is also prohibited to assign any funds or financial resources to the specified persons directly or indirectly. An exception to the freezing of assets or the assignment prohibition might be possible if the authority grants a permit for such.

Although the sanctions obligations are based directly on the applicable EU legislation, their implementation is the responsibility of the Member States. The national general regulation is the so-called Sanctions Act (Act on the Fulfilment of Certain Obligations of Finland as a Member of the United Nations and of the European Union).

In Finland, the Ministry for Foreign Affairs coordinates the national implementation of the sanctions and acts as the national permit authority. Asset freezing in Finland is executed by the enforcement authority of Helsinki.

Sanctions by country (Ministry for Foreign Affairs, in Finnish)

International financial sanctions and national decisions on freezing assets (Financial Supervisory Authority)

EU Sanctions Map (European Commission)

Consolidated list of parties subject to freezing of assets (European Commission)

Sanctions Act (Finlex, in Finnish)

EU law

EU strives to prevent the use of the financial system for money laundering and terrorist financing.

Fourth money laundering directive

The purpose of the directive is to prevent the use of the financial system of the Union for money laundering and terrorist financing and to protect the stability and credibility of the system. Wide coordinated actions have been undertaken at the Union level to prevent money launderers and terrorist financiers from benefiting from the free movement of capital in the internal market of the Union and the freedom to offer financing services.

The aim of the fourth money laundering directive is to create a regulatory environment in which companies can grow their business without facing unreasonably high costs for complying with the regulations.

The fourth money laundering directive lays down provisions for

  • a comprehensive risk-based approach for combating money laundering and terrorist financing

  • customer due diligence

  • information on beneficial ownership

  • obligation to report

  • operating principles concerning countries outside the EU

  • harmonisation of administrative sanctions

  • ensuring data protection

  • increasing the cooperation between Financial Intelligence Units

  • granting competence to the European Supervisory Authorities.

The directive obligates actors to create risk assessments on money laundering and terrorist financing. The obligation applies to the European Commission, Member States, national supervisory authorities and the corporations and entrepreneurs that are under the reporting obligation.

The aim is to base the prevention of money laundering and terrorist financing on risk assessments and focus it efficiently on the most risk-prone areas. The risk factors might be associated with specific customers, countries or geographical areas, products, services, business operations or distribution channels. The actors must have in place internal policies, controls and procedures that are proportional to the actor’s operations and mitigate and manage effectively the risks identified at the level of the Union, the Member State and the obliged entity.

To implement the directive, Finland enacted a new Anti-Money Laundering Act in 2017. Finland also enacted the Act on the Financial Intelligence Unit.

Fourth money laundering directive (Official Journal of the European Communities)

Fifth money laundering directive

The Fifth money laundering directive is formulated on the basis of the terrorist attacks against Europe in particular. Investigation of the attacks revealed new methods by which terrorist groups finance and execute their operations. The intention was to extend the scope of EU law to financing services that leverage modern technology.

The Member States have an obligation to deploy automatic systems with which information on the holders of bank and payment accounts can be delivered to the authorities. Money laundering legislation extends to virtual currency providers and art merchants (when the payment is more than EUR 10,000). The directive also specifies further and partly extends the customer due diligence procedure and the enhanced customer due diligence.

Finland has implemented the directive as the Act on the Bank and Payment Accounts Control System, the Act on Virtual Currency Providers and amendments to the Anti-Money Laundering Act, among others.

Fifth money laundering directive (Official Journal of the European Communities)

Second Funds Transfer Regulation

One of the regulations that prevent money laundering and terrorist financing is the so-called Second Funds Transfer Regulation.

The regulation is based on the international recommendations by Financial Action Task Force on Money Laundering (FATF). The purpose is to ensure that the FATF recommendation on wire transfers is implemented consistently throughout the Union.

The regulation contains provisions on the information on the payer and payee that must be delivered along with the transfer of funds irrespective of currency. The regulation applies to funds transfers made with payment cards, electronic currency tools and mobile phones.

The payer’s payment service provider must deliver detailed information on the payer and payee along with the funds transfer, such as the payee’s name and the number of the payee’s payment account. In addition, the payment service provider must verify the correctness of the information submitted.

The payment service provider must have efficient procedures in place that enable it to detect any missing or incomplete information about the payer or payee. For cases of missing and incomplete payment information, the payment service provider must have efficient risk-based procedures in place for deciding whether to proceed with, deny or suspend the transfer of funds.

Second Funds Transfer Regulation (Official Journal of the European Communities)

EU anti-money laundering package and comprehensive reform of national anti-money laundering legislation

The EU’s anti-money laundering (AML) package aims to make the prevention of money laundering and terrorist financing more effective. The reform will strengthen and harmonise regulation and supervision, improve the coordination of prevention efforts and will establish a new supervisory and coordination authority.

The AML package consists of the following statutes:

  • A Regulation establishing an EU anti-money laundering authority (AMLA Regulation)
  • An Anti-Money Laundering Regulation (AML Regulation)
  • A Sixth Anti-Money Laundering Directive (6th AML Directive)
  • A recast of the Regulation on Transfers of Funds

Along with the AML package, the Commission submitted a proposal for amendments to the Directive on Access to Financial Information. The proposal relates to the 6th AML Directive.

The recast Regulation on Transfers of Funds entered into force in 2023 and it will begin to be applied on 30 December 2024. The AMLA Regulation, AML Regulation, and 6th AML Directive are expected to enter into force in 2024. The application of the rules of the AML Regulation and 6th AML Directive will mainly be subject to a three-year transition period. The 6th AML Directive provides for a two-year transition period for information on beneficial owners. The AMLA Regulation will mainly be applied from the beginning of July 2025, but some of its articles will be applied as soon as it enters into force.

The Ministry of Finance launched a comprehensive reform of anti-money laundering legislation in May 2024. The Ministry will prepare the amendments to national legislation necessitated by the new EU rules.

Comprehensive reform of anti-money laundering legislation (in Finnish, Ministry of Finance website)

Markets in Crypto-Assets Regulation (MiCA)

Provisions on providing crypto-asset services are laid down in an EU Regulation that entered partially into force on 30 June 2024 and will enter fully into force on 30 December 2024. MiCA created a distinct and harmonised regulatory framework for markets in crypto assets.

Under MiCA, the provision of crypto-asset services is subject to authorisation. MiCA also enables the cross-border provision of crypto-asset services into other European Economic Area countries through the EU passporting system. The provision of crypto-asset services will continue to be subject to authority supervision, and violations of MiCA will be subject to sanction.

The Act on Preventing Money Laundering and Terrorist Financing also applies to the crypto-asset service providers referred to in MiCA. MiCA defines crypto-asset services as: 

  • providing custody and administration of crypto-assets on behalf of clients; 
  • operating a trading platform for crypto-assets;
  • exchanging crypto-assets for funds;
  • exchanging crypto-assets for other crypto-assets;
  • executing orders for crypto-assets on behalf of clients;
  • placing of crypto-assets; 
  • receiving and transmitting orders for crypto-assets on behalf of clients; 
  • providing advice on crypto-assets;
  • providing portfolio management on crypto-assets;
  • providing transfer services for crypto-assets on behalf of clients.

Markets in Crypto-Assets Regulation (EUR-Lex)

Recommendations of the Financial Action Task Force (FATF)

The intergovernmental Financial Action Task Force known as FATF operates under the OECD. FATF cooperates internationally to prevent money laundering and the financing of terrorism and weapons of mass destruction. FATF develops and issues recommendations and follows their implementation in the member states with annual inquiries and periodic country evaluations.

Finland has been a member of FATF since 1991. FATF has issued 40 recommendations concerning the prevention of money laundering, terrorist financing and financing of proliferation of weapons of mass destruction, which the member countries of FATF are politically committed to implement. The recommendations were last revised completely in 2012 and individual specifications have been made to them even after that.

Recommendations by FATF