New Law on Financial Monitoring was signed by the President of Ukraine


On December 6, 2019, the draft Law No. 2179 “On Prevention and Counteraction the Legalization (Laundering) of Proceeds from Crime, Financing Terrorism and Financing the Proliferation of Weapons of Mass Destruction” has been adopted by Ukrainian Parliament (the “Law”). The Law will enter into force on April 28, 2020, to implement the FATF Recommendations, the Fourth Directive (EU) 2015/849 and Regulation (EU) 2015/847 (which is a part of Ukraine`s commitment pursuant to the Association Agreement between Ukraine and the EU) and the Memorandum of Understanding between Ukraine and the IMF ratified on November 8, 2018.

The Law is anticipated to substantially enhance the existent financial monitoring system in Ukraine in order to bring it in line with the European AML standards. Due to the newly introduced risk-oriented approach, the Law allows banks and other financial institutions to focus predominately on checking high-risk clients, which is expected to improve the efficiency of financial monitoring. However, despite, reduction of scope and increase of thresholds of operations subject to monitoring, financial institutions will have to more scrutinize documents and information in order to reveal suspicious transactions.

The Law introduces the following changes:

>> The list of SIFMs has been expanded

The list of SIFMs has been supplemented with entities providing services related to turnover of virtual assets, tax advisors (in addition to audit companies) and business entities providing advisory services related to the sale and purchase of real estate

>> Application of mandatory risk-oriented approach

The Law introduced a mandatory risk-oriented approach to be applied by the subjects of initial financial monitoring (the “SIFM”), that is SIFMs should identify, assess, understand and appropriately manage risks of legalization (laundering) of criminal proceeds.

>> Establishment of case-by-case report system on suspicious transactions and activities

The SIFM is now obliged to notify the competent authority of suspicious financial transactions and activities regardless of the amount of transaction carried out.

>> Regulation of virtual assets transactions

The Law introduces a definition of virtual assets –  “a digital expression of value that can be traded in digital format or transferred and that can be used for payment or investment purposes”) and sets out the requirements to information that should accompany the transfer of virtual assets. Transactions involving virtual assets for the amount exceeding UAH 30,000 that we believe includes cryptocurrencies and electronic money are subject to mandatory financial monitoring.

>> A threshold for mandatory financial monitoring is increased while the list of the monitored financial transactions is reduced

The Law has raised from UAH 150 000 to UAH 400 000 the threshold for financial transactions subject to mandatory financial monitoring, and the former list of 17 types of financial transactions has been reduced to 4, namely:

  • any participant of the transaction is registered/located in a country that fails to comply with FATF and other international anti-money laundering rules (the “AML”);
  • financial transaction is carried out by a politically exposed person(s) (the “PEP”), PEP’s family members and affiliates;
  • cross-border transfer of funds;
  • all financial operations with cash.


>> Differentiated KYC checks have been introduced

The Law introduced a simplified procedure for the know-your-client checks with reduced frequency and scope of monitoring business relationship and data collection. However, the risks criteria, which SIFM shall take under consideration (connected to the client, country of its location, type of goods and services, etc.), as well as specific measures within such a simplified approach are not expressly stipulated in the Law and can be expected to be adopted separately by authorities.

According to the Law, SIFM within an enhanced procedure for the know-your-client checks should verify grounds and purposes of all financial transactions, which complies with at least one of the following conditions:

  • are complex;
  • are unusually large;
  • are conducted in an unusual way;
  • have no obvious economic or legitimate purpose.

Moreover, money transfers amounting to or exceeding UAH 30 000 (previously – UAH 15 000) and carried out without opening of an account will now be subject to the appropriate know-your-client check.

>> Identification and risk-management of PEPs transactions to become more thorough

SIFMs are now obliged to (1) use several reliable sources in order to identify PEPs, their family members and affiliates, (2) take sufficient measures to identify PEPs` sources of wealth and funds, (3) carry out permanently an enhanced monitoring of business relations, namely, increase frequency and scope of monitoring business relationship and data collection; and (4) obtain their management permission to establish or continue business relations with PEPs (we expect that the form and the term for issuance of such a permission will be clarified by the regulator). In addition, the continuing risks with respect to PEPs should be considered by SIFMs during 12 months after PEP ceased to perform public functions.

The Law explicitly prohibits to rely solely on the information contained in the Unified State Register of Legal Entities, Individual Entrepreneurs and Public Entities in order to establish the UBOs.

The Law has also clarified the definition of PEP affiliates, who are the individuals subject to at least one of the following criteria: (1) they own a legal entity, trust or other legal formation jointly with such PEP, or they have other strong business connections with PEP; (2) they are the UBOs of the legal entity, trust or other legal formation, which de facto were established for the benefit of PEP.

>> New UBO criteria, UBO of trusts

According to the Law, the UBO is an individual exercising a decisive influence not only on a legal entity but also on other individual on whose behalf the financial transaction is being conducted (the existing version of law recognizes the UBO as an individual exercising a decisive influence only on a legal entity carried out directly or indirectly).

In addition, the Law has defined a beneficiary of a trust – a person entitled to receive benefits and/or income from such trust or other similar legal entity, namely a settlor, a trustee, a protector (if any), a beneficiary or group of beneficiaries, as well as any person exercising a decisive influence on the activity of trust (including through the chain of control/ownership).

While conducting the verification and identification procedures with respect to trust or another legal formation, the SIFM should determine:

  • its name;
  • purpose of establishment and activities;
  • objects (property, funds, etc.) managed by such trust or another legal formation;
  • country of establishment;
  • place of business;
  • banking details;
  • registration number (if any).


SIFM should also request a notarized copy of extract certifying the establishment of such trust or legal formation.

>> Exchange of financial monitoring information

SIFM is now allowed to exchange data for the purpose of initial financial monitoring with the members of its group, provided that the unified procedure for such exchange is developed and approved by the parent company.

In addition, SIFM has been allowed to exchange data with entities outside its group about persons who have been refused to establish (maintain) business relations, to open an account or to perform a financial transaction. The law is silent to which extend SIFM should rely on such information.

>> Asset freezing procedure has been introduced

In case the client is connected with the terrorist activity or is a person under international sanctions, SIFMs are obliged not only to notify the authorized controlling authority, but also to freeze the client`s assets immediately without prior notification to the client. After the assets have been frozen, SIFM is entitled to notify the client about asset freezing based on the written client`s request.

The Law explicitly envisages that once the assets have been frozen debit operations should be suspended, however, crediting of funds should remain possible.

>> Introduction of new interference measures

The Law supplemented the list of interference measures, which can be applied with respect to the SIFMs for non-performance or improper performance of the AML requirements.

In particular, the Law entitled financial monitoring authorities to execute a settlement agreement with the SIFMs, under which the SIFMs will have an obligation to pay a defined monetary obligation (which is, however, not a fine) and to take all reasonable measures to eliminate continuing and prevent new violations of the AML requirements.

The list of 7 authorities empowered to supervise and regulate the activities of SIFM has been reduced to 5 authorities, namely the NBU, the State Financial Monitoring Service, the Ministry of Justice of Ukraine, the National Securities and Stock Market Commission (the “Commission”) and a recently established Ministry of Digital Transformation of Ukraine (instead of Ministry of Infrastructure of Ukraine). The National Commission for State Regulation of Financial Services Markets was removed from the list due to its liquidation prescribed by the “Split” Law and its functions were split between the NBU and the Commission. Ministry for Development of Economy, Trade and Agriculture of Ukraine was also removed from the list.

>> The fines for violation of AML rules have been increased

The Law introduced several new grounds for liability (please see the table below).

Grounds Amount of penalty (fine), UAH
Violation of the procedures for assets freezing and freezing removal Up to 1 700 000
Failure to fulfill the settlement agreement limited by the amount of the defined monetary obligation
Violation of the requirement to refuse to establish (continue) business relations and to conduct financial operation Up to 340 000
up to 10% of the annual turnover, but not more than 135 150 000[[1]](
Failure to assure safety to the employee, who reported on AML violations 204 000


Other fines for violation of AML rules now were established in the range of UAH 51 000 to UAH 340 000, at a significantly higher rate than under the existing version of the law.

In case of multiple violations, the fines are aggregated, but should not exceed a maximum fine that can be imposed on the SIFM, namely:

  • financial institutions – 10% of the annual turnover, but in any case, – not more than UAH 135 150 000;
  • non-financial institutions – twice the amount of the damage caused and in case such amount cannot be estimated – UAH 27 030 000 flat.


It should be noted that the offender (of AML rules) can appeal a fine to the court within one month (30 days). The decision on imposition of fine can be enforced only upon expiration of the above-mentioned monthly term, while the current statute provided that the appeal procedure does not stop the enforcement.

>> Information on interference measures imposition shall be disclosed

The financial monitoring authorities are now obliged to publish information on their official web-sites regarding application of interference measures: SIFM name, penalty imposed and its as well as track information on appeal and respective court decision. Published information shall be publicly available for 5 years.

>> Additional documents should be submitted to the state registrar

The Law adds new documents, which must be submitted to state registrar for registration of a newly established legal entity or registration of changes about existing legal entity, namely:

  • an ownership structure;
  • a notarized copy of the identification document of the non-resident or resident individual who is a UBO of the legal entity.


Legal entities are now statutorily obliged to update information about the UBO and ownership structure as well as notify the state registrar of the changes within 30 working days subject to the administrative penalty in the range of UAH 17 000 to UAH 51 000 fine (formerly UAH 5100 – UAH 8500).


[[1]]( should be noted that for non-financial institutions the fine for such violation is five maximum fines established for multiple violations.