Anti-Money Laundering (AML) in the Baltics

The Baltic countries – Latvia, Estonia and Lithuania – have rapidly become fintech hubs, making them increasingly attractive destinations for founders launching a startup or firms expanding from other parts of Europe. However, the Baltics have a complex geopolitical history, having been part of the Soviet Union until 1991, and they have been subject to illicit financial activity due to their relations with former Soviet states, particularly Russia. 

If you’re a compliance professional researching the region on behalf of a European financial institution (FI), here’s what you need to know about the current regulatory landscape and the potential risks.   

Fintech hubs on the EU’s periphery 

The Baltics are relatively small compared to the rest of the EU, with a combined population of just under six million. But they’re making an outsized impact on the tech scene. According to Europe’s Hidden Entrepreneurs, a report published by the World Economic Forum, Estonia is the top European country for entrepreneurs, with Latvia in third and Lithuania in seventh. The Baltics also account for a disproportionate share of Europe’s most successful fintechs, notably Wise (formerly known as Transferwise) which was founded in Estonia in 2010. Wise went public in July 2021, and its market cap is over £7 billion (as of December 2021). 

So what makes the Baltics attractive to emerging fintechs? Due to their small domestic populations, they focus on exports, a strategy boosted by government policies encouraging tech adoption and innovation. Some of the most successful policies include: 

• Estonia’s e-residency programme (see below)
• Lithuania’s tax holidays and generous research and development tax credits  
• Latvia’s education infrastructure, with universities focusing on high-value sectors such as finance 

Another way the Baltics have fostered a favorable fintech ecosystem is through supportive regulatory regimes. 

Lithuania’s central bank set up a regulatory sandbox in 2018, which allows startups to test their offering in a live environment for up to six months. The country was also well-positioned to take advantage of Brexit as its straightforward regulations persuaded UK fintechs, like Revolut, to establish Lithuanian entities to serve their European customers. 

The Latvian financial regulator launched an Innovation Hub and Regulatory Sandbox to provide guidance about current and upcoming regulations. The commission was very useful for P2P marketplaces, which have a strong presence in Latvia, as they prepared to adopt the EU’s Regulation on European Crowdfunding Service Providers before it came into force in November 2021. 

Estonia introduced its e-residency programme in 2014. The programme gives entrepreneurs a digital identity and allows them to set up an Estonian-registered company from anywhere in the world with full access to the country’s financial system, including banking, payments and taxes. Estonia aims to attract 10 million foreign e-residents by 2025.    

Geopolitical risks for FIs

While the Baltics offer many incentives, FIs also need to consider the risks of doing business in the region.

Their banking systems are relatively young. They initially made good progress after the Soviet Union broke up – by 1995 there were 42 banks in Latvia, 18 in Estonia and 12 in Lithuania. However, their proximity to Russia, and other former Soviet states, meant they attracted large volumes of non-resident deposits (NRDs). NRDs are popular with money launderers because verifying the source of the funds is so complex. The flow surged after the Baltics joined the EU. 

One of the biggest money laundering crimes in history took place in the region in 2018. €200 billion in NRDs, mainly from Russia, was laundered through an Estonian branch of Denmark’s largest bank, Danske Bank. Authorities arrested 10 employees and eventually fined the bank €2.8 billion.  

Financial authorities responded by strengthening regulations to prevent money laundering, which included improving transparency and reducing the volume of NRDs from non-EU members. The Baltics also joined forces with Nordic countries and the International Monetary Fund to conduct an inquiry into financial crime in the region. A report is expected to be published in mid-2022. 

What do compliance teams need to know? 

Compliance teams must become familiar with the EU’s anti-money laundering regulations and sanctions lists. 

Since 1990, the EU has issued six directives designed to prevent money laundering and terrorist financing and standardize the regulatory environment across the region. The sixth and latest (6AMLD) came into effect in December 2020. 6AMLD builds on previous directives by harmonizing the definition of money laundering, extending liability to legal entities and expanding the list of predicate offences (a crime that generates money) to better reflect modern threats, such as cybercrime and people smuggling. 

The EU also operates an autonomous sanctions regime targeting individuals, entities and countries around the world. Firms doing business in the Baltics should also ensure they are screening customers and transactions against the up-to-date EU sanctions lists. These can change at short notice, particularly those related to geopolitical hotspots in the region such as Belarus. 

Finally, while the EU issues regulations, it delegates the responsibility for enforcement to the financial intelligence units of each member state. So it’s also important to understand the local nuances of Estonia’s Financial Intelligence Unit, the Financial Intelligence Unit of Latvia and Lithuania’s Financial Crime Investigation Service. 

To find out more about how to align an AML program with the latest EU directives, download our guide.