The Finnish Government submitted a bill for a new act on the prevention of money laundering and terrorist financing to Parliament at the beginning of November. The new Anti-Money Laundering Act is based on the fourth Anti-Money Laundering Directive, which was drafted with consideration to the recommendations of the OECD’s Financial Action Task Force, founded to counteract money laundering and terrorist financing.
19.12.2016
Finnish Anti-Money Laundering Act Reformed: New Obligations, Tightened Supervision
Related services
This article presents the key obligations imposed on Finnish entities by the new Act. The parliamentary review of the Government Bill is still ongoing, but the Act is intended to enter into force at the beginning of 2017. At that moment, Finnish entities must comply with the requirements cited in this article, unless the text suggests otherwise.
All Entities Must Declare Their Beneficial Owners
Most of the amendments to the existing anti-money laundering provisions only concern entities that have a statutory reporting obligation (see list below), but there is one significant exception: the new Act obliges all legal persons to report their beneficial owners to registers maintained by the Finnish Patent and Registration Office. The details of the beneficial owners must be submitted to the register by 30 June 2019. Based on the Government Bill, the obligation to report beneficial owners would not concern companies listed on a regulated market.
In the Anti-Money Laundering Act, a beneficial owner refers to a natural person who owns or otherwise controls a legal person. As regards entities, persons holding more than 25% of the entity’s ownership or voting rights are considered beneficial owners. If such a share is held by another legal person, the entity must establish who the natural persons are who are able to make independent decisions in the holding entity. When determining the beneficial owners, entities must bear in mind that positions of control can also be based on, e.g. a shareholders’ agreement.
The following graph illustrates the obligation to report beneficial owners.
Overall, the amendments will make it easier for obliged entities to determine the beneficial owners of their customers by making the information available in a public register. However, it is worth noting that the authorities will not verify the information when it is entered into the register. This is why obliged entities should contact their customers directly to make sure the information is up to date. In addition, they should take into account that the information in the register of beneficial owners only covers the immediately following tier seen from the company in question. Complex ownership structures will still require additional investigation from obliged entities.
Statutory Identification Obligation to Be Based on the Entity’s Own Risk Assessment
The key obligations in the Anti-Money Laundering Act are customer identification and due diligence and the obligation to report suspicious transactions to the Financial Intelligence Unit of the Finnish National Bureau of Investigation. The provisions of the existing Act are fairly clear as to when and in what scope the obliged entities must identify their customers. In the future, the identification and due diligence obligation will be based on risk assessments performed by the entities themselves.
The risk assessment must be made in writing and cover risk factors relating to the obliged entity’s customers, countries or geographic areas, products, services, transactions or delivery channels. The Act requires obliged entities to have in place policies, controls and procedures to mitigate and manage effectively the risk factors identified in their operations. Obliged entities must also monitor and develop these policies, controls and procedures.
Those preparing a risk assessment should remember that the Act also requires a national risk assessment, which is to be prepared by the Finnish Ministry of the Interior. In addition, supervising authorities are obliged to make a risk assessment of the entities under their supervision. The national risk assessment and the supervisor’s risk assessment will probably provide a good starting point for the individual risk assessments of obliged entities. For example, according to Finland’s national risk assessment for money laundering and terrorist financing of 2015, the key risk items are generally related to real estate investments, transport of cash, front companies, online services, online shadow financial markets and customer fund accounts.
Obliged Entities Must Have Whistleblowing Channels
Many companies have opened various kinds of whistleblowing channels to make sure that their operations comply with the law as well as their internal policies. Finnish law already contains statutes that require whistleblowing channels in certain instances. Under the new Anti-Money Laundering Act, obliged entities will also have to establish an independent and anonymous whistleblowing channel for the reporting of suspected breaches of the Act.
When implementing these channels, companies must consider not just technical issues but also the requirements of data protection and employment laws. They should also prepare clear instructions on the use and purpose of the channel.
Administrative Sanctions Toughened and Made Public
Recent regulatory developments have tended towards toughened sanctions, which contributes to the prevention of violations. In the same vein, the sanctions provisions of the new Anti-Money Laundering Act are stricter than those of its predecessor. Furthermore, sanctions will in most cases be made public by the supervising authority.
The Government Bill proposes that the competent authority be given powers to impose a penalty payment on an obliged entity that intentionally or negligently breaches or fails to observe any of its following obligations under the law:
The penalty payment ranges between EUR 5,000 to EUR 100,000 for legal persons and between EUR 500 and EUR 10,000 for natural persons.
However, according to the Government Bill, obliged entities could be ordered to pay penalties much more severe than these if they intentionally or negligently commit serious, repeated or systematic breaches of the above requirements (with the exception of registration in the supervisory register). In this case, the penalty payment could be one million euros or max. twice the amount of the benefit derived from the breach, whichever sum is larger. The most severe penalties would be reserved for credit and financial institutions, which would pay max. five million euros or 10% of their turnover in the previous year, whichever is larger.
In addition, the competent authority can issue a public warning to an obliged entity for an intentional or negligent breach of its other obligations.
Concluding Remarks
It is estimated in the Government Bill that there will be almost 70,000 obliged entities in Finland alone. These entities should, obviously, evaluate the obligations created by the new Act as well as their practical fulfilment. The Act will also be visible in the daily lives of each entity and citizen through the increasing number of requests for information from obliged entities.
Latest news
Latest references
Shareholders – Sale of the Suomen Autohuolto Group
We advised the shareholders of Suomen Autohuolto Oy in connection with the sale of the company’s entire share capital, to SAKA Finland Group Oy. Suomen Autohuolto Group is one of Finland’s largest companies specializing in brand-specific automotive maintenance and has locations in Oulu, Tampere, and from July, also in Järvenpää. The transaction is subject to final approval by the Finnish Competition and Consumer Authority (KKV).
Case published 26.6.2026
Natural Resources Institute Finland – AI training
We delivered two tailor-made AI workshops for the lawyers at the Natural Resources Institute Finland (Luke). We discussed the AI revolution and its impact on lawyers’ ways of thinking and working, and left the participants with practical solutions for enhancing and streamlining their work with Legora. Our AI-specialist lawyers prepared use cases tailored to Luke and the needs of public administration, which Luke received for its own use following the workshops. These use cases covered topics such as: utilising legal sources and the organisation’s own data to maximise AI results building and leveraging AI workflows AI-enhanced contract drafting based on a large volume of documents. The workshops sparked wide-ranging discussion on the role and benefits of AI in legal work. Participants appreciated how clearly and comprehensively our experts were able to present the nature and benefits of AI specifically within a legal context. ‘The workshops provided excellent support for Luke’s goal of leveraging AI responsibly and gave us concrete and ready-to-use practical takeaways,’ says Hannu Laitinen, Luke’s Senior Vice President, Administrative Affairs.
Case published 26.6.2026
Finnish Construction Management Consultancy — District Court Dismisses charge in occupational safety offence case concerning a safety coordinator
We successfully represented a Finnish construction management consultancy and a safety coordinator employed by the company in criminal proceedings concerning an alleged occupational safety and health offence. The prosecutor sought a penalty for an alleged breach of occupational safety regulations. The charge arose from a fall accident at a construction site where our client acted as the safety coordinator appointed by the developer. We assessed the scope of the safety coordinator’s duties in relation to the responsibilities of the main contractor, as well as how our client had fulfilled their obligations in practice. We demonstrated that our client had acted with due care and in full compliance with their duties throughout the planning, preparation and execution of the construction project. The District Court of Eastern Uusimaa dismissed the charge against our client. The Court held that our client, in their capacity as safety coordinator, had duly fulfilled the occupational safety obligations incumbent on the developer during the planning and preparation phases of the construction project and had not been aware of the fall protection deficiency identified at the site. The judgment is final insofar as our client is concerned.
Case published 22.6.2026
Efima – Sale of financial management services business
We advised Efima Oyj on the sale of its financial management services business to Rantalainen as part of its strategic focus on fully concentrating on the delivery of business applications as well as data and AI solutions. As a result of the transaction, customer contracts related to financial management services and 65 experts working in these services will transfer to Rantalainen. The transaction will be carried out as a transfer of business, and the experts will move to the new owner as existing employees. Efima is a Finnish digital company that supports the sustainable growth of large and mid-sized companies by streamlining their business processes and by creating competitive advantage through the innovative use of artificial intelligence and data. The company has nearly 200 experts based in Helsinki and Tampere.
Case published 12.6.2026