We're committed to giving the industry's best headlines.

New Legislation on Prevention and Control of Money Laundering and Terrorist Financing

July 19, 2019

On 18 July 2019 a new piece of legislation regarding the prevention and control of money laundering and terrorist financing was enacted, namely Law no. 129/2019 published in the Romanian Official Gazette no. 589 on 18 July 2019 (“AML Law”), which has recalled Law no. 656/2002 regarding the prevention and sanctioning of money laundering and terrorist financing (“Law 656/2002”).

Following the enacted of Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (“Directive 2015/849”), the last piece of legislation from a set of four EU regulations addressing the issue of anti-money laundering, Romania was obliged to implement Directive 2015/849 into its national legislation by June 2017.

After failing to meet its deadline, Romania, along with several other countries, faced an infringement procedure for non-complying with its obligation to implement measures on access to anti-money laundering information on time. The draft of the AML Law was eventually passed by the Romanian Parliament in October 2018, however its enactment was further delayed by an objection of unconstitutionality which was referred to the Romanian Constitutional Court.

Following the Romanian Constitutional Court’s decision regarding the provisions of the AML Law proposal, a new draft was subject to the Romanian Parliament’s vote, which passed the piece of legislation and was then promulgated by the Romanian President on 11 July 2019.

While the AML Law follows the same general considerations of Law 656/2002, retaining many of its fundamental principles and provisions, the newly enacted legislation has also integrated the regulations provided by Directive 2015/849, thus establishing a more detailed and comprehensive legal framework.

One may observe that many of its new provisions entail numerous obligations on behalf of the reporting entities, transferring to the latter the responsibility and liability to assure the correct application of the AML Law’s provisions when interacting, for example, with suspicious transactions or companies/ individuals in their daily business activities.

It remains to be determined by EU’s regulatory bodies if the AML Law fully complies with Directive 2015/849, or if Romania shall become yet again subject to an infringement procedure due to failing to properly implement the anti-money laundering regulations.

The following contains highlights of the relevant provisions of the AML Law, categorized in line with the law’s general structure.


The reporting entities listed under art. 5 of AML Law (“Reporting Entities”) must undertake to report to the National Office for Prevention and Control of Money Laundering (“NOPCML”) any suspicious transactions based on several reasonable doubts which have been listed in the AML Law in order to facilitate the process of determining the risk for money laundering and terrorist financing activities.

The threshold for reporting cash transactions has been reduced from EUR 15,000 to EUR 10,000; moreover, any entity carrying out transactions in cash over the previous mentioned threshold has become by way of the AML Law a Reporting Entity.

Only external transfer of money over the threshold of EUR 15,000 must be reported to the NOPCML under the AML Law, as opposed to Law 656/2002 which provided that any such transactions, either internal or external, must be reported.

The deadline to report the above-mentioned transactions has been reduced from 10 (ten) business days to 3 (three) business days since the transaction was performed.

The Reporting Entities have the obligation to automatically suspend the execution of any suspicious transactions reported to the NOPCML for a period of 24 (twenty four) hours since the report was submitted; the suspension period can be prolonged by the NOPCML should it be considered necessary, in this respect the AML Law does not provide any new provisions.


The AML Law has retained the basic principles of Law 656/2002 regarding the standard / simplified/ additional KYC requirements, but has undertaken to further detail the legal framework, thus compelling the Reporting Entities to perform a thorough due diligence process before entering into a business relationship with an individual or a company or before performing an occasional transaction.

The main focus and objective of the AML Law is to identify the real beneficiary of a company or a transaction in due time, whether suspicious or not; the Reporting Entity must be prepared to offer proof with respect to its concrete actions to discover the real beneficiary.

Publicly exposed persons (i.e., heads of state, members of Parliament and other important Romanian or EU institutional structures), as well as their family members and known associates have become subject to additional KYC requirements in order to avoid any corruption suspicions.

Apart from the above mentioned aspects, the pool of transactions and business relationships which must be subject to additional KYC requirements has been extended to, for example, relationships with banking entities located in other EU member states or third states, or any complex transactions, involving an unusually large value and which do not have an obvious legal, economic or commercial scope.

The persons or transactions subject to additional KYC requirements must be first approved by a high-ranking member of the management.

As a general observation, throughout the AML Law, as well as the Directive 2015/849, it is repeatedly reinforced the obligation pertaining to any Reporting Entity which has branches and subsidiaries in other countries (whether EU member states or not), to implement the its anti-money laundering policies based on the AML Law and supervise that its provisions are properly observed.


All Reporting Entities must appoint a staff member in charge of supervising the implementation and compliance with the AML Law, as well as with communicating with the NOPCML; credit or financial institutions must appoint a compliance officer recruited especially in this respect, which must attend training programs at least every other 2 years.

The Reporting Entities are obliged to draft and implement anti-money laundering internal policies, to properly train all of their employees or to have them attend training programs in order to identify any suspicious activity; the Reporting Entities must document and attest their efforts in this respect and submit proof to the NOPCML upon request.

Reporting Entities which pertain to a group must implement such measures and policies throughout the group even if their branches or subsidiaries are located in other EU member states of a third state.


The Reporting Entities must undertake to identify and evaluate the risks involved in their daily activity with respect to money laundering and terrorist financing, based on the risk factors provided by the AML Law.

The evaluations performed in this respect will become the foundation on which the internal policies are drafted and implemented and must be documented in order to be offered as proof to NOPCML or any other authority upon request.


With respect to credit and financial institutions, the National Bank of Romania (“NBR”) will have authority to control and supervise the correct application of the AML Law, while other public institutions (i.e., NOPCML, National Authority for Fiscal Administration, Romanian National Gambling Office, Financial Supervisory Authority etc. – the “Enforcing Authorities”.) will have authority over the remaining Reporting Entities.

The NBR has a wide range of sanctions it can enforce against any non-complying credit/ financial institution, such as:

drafting recommendations in order to assure the correct application of the AML Law and enforce supervisory sanctions if such recommendations not be observed;

enforcing administrative sanctions: (a) written warning; (b) public warning; (c) a fine of up to 10% of the annual turnover or up to RON 23,000,000; (d) a fine applicable to individuals ranging between RON 10,000 and RON 23,000,000 and (e) withdrawal of the directors’ approval;

enforcing sanctioning measures: (a) order to cease any illicit conduct; (b) temporary interdiction to exercise certain functions by the directors; (c) withdrawal of the entity’s authorization.

The Enforcing Authorities are entitled to apply, depending on the breached obligations provided by the AML Law, several sanctioning measures such as:

in case of an individual, a warning or a fine ranging from RON 25,000 to RON 150,000;

in case of a legal person, a warning or a fine provided by point i. above, but the maximum limits of which are increased by 10% of the total revenues reported for the previous fiscal period;

in case of a financial institution not subject to the NBR’s supervision, under certain conditions, a fine provided by point i. above, but the maximum limits of which are increased up to RON 5,000,000 in case of legal persons, or up to RON 50,000 in case of individuals;

certain complementary sanctioning measures such as confiscation of assets, suspending or withdrawing the license, freezing the account for up to a month, closing the branch or subsidiary etc.

When opting to apply a certain sanction, the NBR and the Enforcing Authority will take into account all favorable or incriminating circumstances surrounding the offence.


In addition to the KYC requirements, several other laws are amended in order to assure the full implementation of Directive 2015/849.

Companies’ Law no. 31/1990 was amended to ensure that bearer shares are no longer allowed to be issued in Romania. Transactions with the existing bearer shares are prohibited. The existing bearer shares must be submitted by their owners to the relevant companies within 18 (eighteen) months in order to be transformed in registered (nominal) shares. Upon the expiry of such term, the bearer shares that not submitted to the relevant company shall be cancelled by effect of the law and the share capital of the relevant company shall be correspondingly decreased.

The company can also be dissolved by the competent court, upon request of any interested person, including the Trade Registry.

All registered companies are obliged to register with the Trade Registry within 12 (twelve) months since the enactment of the AML Law a statement regarding their real beneficiaries, under the penalty of a fine applicable to its director ranging from RON 5,000 to RON 10,000.

A notarized statement regarding the real beneficiary of the company, as well as the manner of exercising control thereon must be submitted to the Trade Registry upon registration of the company, annually (within 15 days from the approval of the annual financial statements) and every time a change occurs.

Government Ordinance no. 26/2000 on associations and foundations is amended, requiring the communication to the Ministry of Justice, annually or upon change, of the identification of the real beneficiary of the association or foundation. The sanctions for the repeated failure to report the real beneficiary may amount to the dissolution of eh association / foundation, by the competent court, upon request of the public prosecutor or of the Enforcing Authority.