AML Compliance Guidelines: Latvia

Latvia is located in the north-eastern part of Europe, sitting on the shores of the Baltic sea it shares borders with Russia, Belarus, Estonia and Lithuania. Due to its strategic location it has been an important crossroad for culture, trade and arts since ancient times. In modern times it acted as a bridge between CIS and the EU member state and thrived trade with its bustling ports on the Baltic sea. However, its role as a transit trade hub invited risks of money laundering and sanctions circumvention due to ongoing geo-political situation and extensive restrictions against Russia and Belarus. Particularly these risks are attached with re-routing sanctioned goods or transactions. Moreover, Latvia’s historical reliance on non-resident banking creates opportunities for cross border movement of illicit funds.

These vulnerabilities, when coupled with weak regulatory oversight, made Latvia a “jurisdiction of primary concern” by the US Department of State in 2016 and later a “Jurisdiction under Increased Monitoring” by the Financial Action Task Force (FATF).

However, since its placement on the FATF greylist in 2018, Latvia introduced significant reforms in the legal system to improve the regulatory supervision of the financial and non-financial sector for anti-money laundering and combating terrorism financing (AML/CFT). In 2021, Latvia reported that the share of non-resident bank accounts had dropped to 15% — previously it accounted for more than half of all accounts in Latvia. Strong AML/CFT and sanctions compliance requirements are yielding results, however, continued monitoring is required to counter evolving threats.

Overview of AML Regulatory Framework

Latvian AML/CFT framework is governed by the Law on the Prevention of Money Laundering, Terrorism, and Proliferation Financing (AML Law). The Latvian Central Bank together with other regulatory bodies supervises compliance of the financial sector and non-financial business and professions with the AML Law.

The AML/CFT framework is continuously updated to keep pace with international standards set by the FATF and EU AML Directives. In recent years, Latvia has significantly overhauled its AML/CFT regulations, making it largely or fully compliant with all FATF’s 40 recommendations.

Latvijas Banka (Central Bank of Latvia

The Latvijas Banka supervises financial and credit institutions, making sure that regulated entities fulfill their obligations mandated by the AML Laws. Its key responsibilities include issuing guidelines and recommendations, conducting onsite and offsite inspections, and imposing administrative penalties. In 2022, the Financial and Capital Market Commission (FCMC) was merged with the Central Bank in an effort to improve the process of supervision and overall performance.

Latvian Financial Intelligence Unit (FIU)

The Latvian Financial Intelligence Unit is an independent authority which is subject to supervision by the Cabinet of Ministers. Its core responsibilities include collecting and analysing suspicious activity reports and forwarding verified reports to law enforcements for criminal investigations.

From April 2024, FIU is also entrusted with the authority to monitor and enforce international and national sanctions in Latvia. It is also responsible to prepare National Risk Assessment (NRA) in conjunction with law enforcement, and other monitoring and control authorities.

Higher Money Laundering Risks in Latvian Non-Financial Sector

The 2023’s NRA indicated an overall decrease in Latvia AML risks, thanks to recent legal reforms, enhanced cooperation and increased capacity of the supervisory authorities. At the same time, the report highlighted that despite facing higher money laundering risks in certain non-financial sectors—such as independent legal service providers, outsourced accountants, real estate agents, lotteries and gambling operators, and tax advisors— the number of suspicious activity reports filed remained comparatively low. This suggests a potential lack of tools or expertise to detect suspicious transactions or a lack of awareness of their obligations under the AML/CFT framework.

The report identified that services with the higher money laundering risks include trade in free zones, crypto assets, construction (which has the highest share of the shadow economy), and real estate transactions. It also identified that tax-related crimes, the shadow economy, corruption, online frauds, drugs and narcotics, and money generated from crimes committed abroad were the major sources of illegal proceeds in Latvia.

Who is affected?

Following is a non-exhaustive list of businesses and professions subject to the AML obligations as per section 3 of the AML Law:

• Credit Institutions
• Financial Institutions
  • Exchange Companies
  • Investment Management Companies
  • Banks
  • Investment Firms
  • Insurance and Reinsurance Companies
  • Payment Institutions
  • Capital Market Intermediaries
• Auditors, Accountants and Tax Advisors
• Notaries, Law firms and Independent Legal Professionals
• Real Estate Agents
• Organisers of Lotteries and Gambling
• Trust and Company Service Providers
• Cash Collection Service Providers
• Traders in High-Value Goods: (cash payments of €10,000 or more) such as:
  • Motor Vehicle Dealers
  • Precious metals and precious stones
• Debt Recovery Service Providers
• Crypto-Asset Service Providers
• Dealers in Art and Antique (transactions of €10,000 or more) such as
  • Antique shops, Auction houses, Ports
• Administrators of Insolvency Proceedings

What are the AML Obligations in Latvia?

There are certain obligations which need to be fulfilled by the obliged entities to ensure AML/CFT compliance in Latvia. A brief description of AML Program for Latvia is given below:

Risk Assessment and Controls

• Performing an internal risk assessment (at least every 3 years)
• Developing internal controls, policies and procedures to prevent ML/TF/PF (update at least every 18 months)
• Training staff and appointing AML responsible person
• Taking a risk based approach in application of due diligence measures

Customer Due Diligence (CDD)

Customer Due Diligence measures should be applied at the time of establishing a business relationship/opening an account or performing an occasional transaction (subject to certain limits)

• Identifying and verifying customers, beneficial owners and other related parties
• Assessing ownership and control structure of the legal arrangements or legal persons
• Assessing and obtaining information on the nature and purpose of business relationship or occasional transaction
• Continuously monitoring business relationship and transactions to ensure it matches customer data
• Regularly monitoring and updating customer identification information and documents (at least once in 5 years)

Enhanced Due Diligence (EDD)

Enhanced Due Diligence measures should be applied in addition to general CDD obligations in higher risk situations, including when customer is:

• A politically exposed person, a family member or close associate of such person
• From high risk third country

EDD measures should include at least:

• Obtaining senior management approval
• Obtaining information on source of funds and source of wealth
• Obtaining further information on identification, verification, nature and purpose of business relationship or transaction
• Increasing the frequency of the ongoing monitoring

Recording and Reporting

• Reporting suspicious transactions to the Latvian FIU
• Reporting threshold declarations to the FIU
• Retaining records of due diligence activities, customers profiles and transactions for up to five years

Prohibitions

• Obliged entities are prohibited on opening anonymous accounts
• Obliged entities are not permitted on dealing with shell banks

AML Obligations regarding PEPs in Latvia

As per AML Law of Latvia a politically exposed person (PEP) is an individual who holds or has held a significant public office in Latvia or any other foreign country. AML regulations require application of enhanced due diligence measures if a customer or a beneficial owner is identified as PEP, a family member or a close associate of a PEP. AML obliged entities should apply enhanced CDD measures for at least 12 months after a PEP leaves their position, provided no increased ML risk is identified anymore.

Non-compliance Penalties

Section 78 of the AML Laws in Latvia authorizes supervisory and control authorities to impose penalties, such as notices, warnings, fines, license or registration cancellations, or prohibitions on assuming a management role.

A legal or natural person can face a penalty twice the amount of benefit obtained from violation or another fine of up to €1,000,000. Credit or financial institutions may face fines of up to 10% of annual turnover or €5,000,000, whichever is higher, with an additional €5,000,000 penalty for the responsible official, employee, or assignee at the time of the violation.

Crypto Regulation in Latvia

The Law on Crypto Asset Services was passed on 13 July 2024, which incorporated Markets in Crypto Asset (MiCA) Regulations in Latvian regulatory framework. MiCA implements a unified regulatory framework for crypto assets services on EU level.

Under these regulations a license must be obtained before providing services related to crypto assets. A license in one member state allows EU wide operations. It designates Latvijas Banka as the supervisory authority for the crypto sector which was formerly entrusted to the State Revenue Service. In addition to MiCA regulations, crypto asset services are also regulated by the AML and Sanction laws, and must perform risk based customer due diligence, implement sanctions measures, and adhere to reporting obligations.

Best Practices and FCMC Guidelines

The FCMC’s Recommendations for Internal Control Systems for AML/CFT provides detailed guidance for AML compliance in Latvia, specially emphasizing the importance of adverse media and PEP screening.

FCMC guidance advises institutions to monitor reliable and relevant public sources, including negative information for AML checks while taking into account the factor of the local language. Utilizing credible and verified sources in AML screening is the key to avoiding misinformation.

Risk Assessment: Adverse media can flag any negative information about a client such as involving links to corruption, criminal activities, or other allegations alerting risky behavior. Such information is used when developing the risk profile of a customer and helps in making decisions whether or not to establish or continue business relationships.

Enhanced Due Diligence: Adverse media screening is also part of the EDD process, especially for high-risk customers, such as PEPs or customers operating in high-risk countries or industries.

Ongoing monitoring: Regular adverse media checks can timely identify new or developing risks related to existing customers and help in fulfilling requirements for maintaining an up to date risk profile.

PEP Identification: In order to meet requirements to apply enhanced due diligence measures, a reliable PEP screening solution is necessary to identify if a customer or beneficial owner is a PEP, a relative or close associate (RCA).

Sanctions Compliance in Latvia

Starting April of 2024, Latvian FIU is the competent authority responsible for enforcing international and national sanctions. All persons (legal or natural), including public entities, must comply with and have measures in place to implement international and Latvian national sanctions. Latvia adheres to different sanctions regimes imposed at local and international levels, and include:

• National Sanctions
• EU Sanctions
• UN Sanctions

Moreover, the Law for Sanctions also contains provisions to adhere with sanctions issued by other EU and NATO member states that can significantly impact interests of the financial and capital market of Latvia. For example, non-compliance with certain OFAC sanctions with secondary sanctions risk, may result in the loss of access to the U.S. financial system and USD transactions. Losing access to these markets or currency can result in suspended transactions, halted deals or business operations, leading to significant financial and reputational damage. Considering the impact, OFAC sanctions are also adopted in Latvia. Moreover, sanctions compliance in Baltics is significantly impacted by geopolitical factors, such as extensive sanctions against neighboring Russia and Belarus.

ALCB Guidance for Compliance with OFAC Sanctions

The Association of Latvian Commercial Banks (ALCB) has issued policy guidelines for its member associates (i.e., banks) and, more broadly, for all financial institutions. ALCB policy guidelines require banks to comply with OFAC sanctions irrespective of the transactions denominated in USD or any other currency. Although these guidelines are not legally binding, banks have committed to adhering to them. Consequently, if a bank fails to comply with these policy guidelines, the ALCB council may take action for such violations, as provided in its Articles of Association.

Penalties for Sanctions Violation:

Violating sanctions may invite both civil and criminal penalties. Under Article 84 of the Criminal Law, violation of applicable sanctions in Latvia is a crime with a maximum custodial sentence of 8 years. Under the Sanctions Law, if a person contravenes the requirements regarding the internal control system and sanction risk management the relevant competent authorities can impose administrative penalties ranging from a warning, to fines up to €5,000,000.

Latvijas Banka’s Guidelines for Effective Sanctions Screening System

Institutions should conduct an assessment for applicable sanctions based on its industry or type of activity, expected customer base and geographical reach of its operations. Based on assessment, develop internal control to manage the sanctions risk. Sanctions screening is a critical part of the internal controls which should be supported by processes for customer identification and employee training, and procedures for asset freezing, and procedures for identifying and reporting sanctions violations to the FIU. For a more detailed analysis please review Latvijas Banka’s Guidelines for establishing sanction screening systems.

Determining Applicable Sanctions

For example, when determining the applicable sanctions list for an institution who expects to carry out transactions in GBP and USD, it should include sanctions issued by OFAC and UK HM Treasury, in addition to the sanctions imposed by EU, UN and Latvian authorities.

Determining Level of Automation

Determining if it’s necessary to have an automated screening system to ensure adequate sanctions risk management based on the scale of its activities, size of existing customers, frequency of daily/monthly transactions or new customers.

Determining level of fuzzy matching

Fuzzy matching is an algorithmic based technique which can flag contents beyond identical matches. It reduces the chance of missing a possible true match due to transliteration issues and differences, omissions, or mistakes in spellings. Setting the optimal level of fuzzy matching is the key to an efficient and reliable screening process. A higher percentage of fuzzy matching can potentially generate a high number of false positives whereas a too low one can result in missing possible true matches.

Determine Data Categories to be screened

An institution’s evaluation of the type of customers it expects to engage should determine what categories of data should be screened. For example, an institution dealing with a legal entity will be required to screen the person representing the customer, beneficial owners, company title/registration, and other persons exercising control, in addition to the customer itself. For transactions, data like the names of parties, financial institutions, address fields, and IP addresses (relevant to sectoral sanctions targeting specific regions) should be screened.

Determine the Frequency of screening

Sanctions screening is a continuous process which should be carried out at least on a daily basis, before onboarding a new client or performing a transaction. Additionally, screening the entire existing customer base as soon as there’s an update in the applicable sanctions list.

1. AML/CFT/CPF Law
2. FCMC Recommendations for AML/CFT
3.  ALCB Policy on OFAC Sanctions
4. Criminal Law
5.  Sanctions Law