Abstract

This article discusses the ongoing reporting obligations of a Cyprus International Trust in the context of evolving compliance requirements, particularly in relation to the latest European anti-money-laundering directives. It highlights the transposition of the 5th AMLD into Cyprus law and the recent European Court of Justice decision limiting public access to Ultimate Beneficial Owner (UBO) registers. The article also explores the laws governing regulated professionals and the disclosure of trust data in Cyprus; and further examines the Cyprus UBO register of express trusts and the limited access granted to the public, touching on the challenges that lie ahead.

Issue Section: Article

As compliance continues to evolve in the legal, corporate, and banking sectors, individuals are trying to get to grips with and understand what personal information should be provided, where it is being disclosed and who has access to it. Reporting in Cyprus is moving towards full transparency in line with the European Anti-Money Laundering Directives with the 5th AMLD ((EU) 2018/843) having been transposed into Cyprus law on 18 February 2021 through an amendment to The Prevention and Suppression of Money Laundering Activities Amendment Law of 2018 (AML Law). Human-rights-related considerations have also been in the limelight in recent months following the European Court of Justice decision (ECJ No 188/2022; joined cases C-37/20, C-601/20) which halted public accessibility to Ultimate Beneficial Owner (UBO)-registers.

In this article we examine the:

  • Law in Cyprus governing regulated professionals and disclosure of trust data;
  • Cyprus UBO register of express trusts and other similar arrangements (the "Trust Register"): who has access and safety valves in place;
  • European Court of Justice decision which halted public access to the UBO-registers.

Law in Cyprus governing regulated professionals and disclosure of trust data

The Law Regulating Companies Providing Administrative Services and Related Matters of 2012, as amended ("ASP Law"), provides a comprehensive framework for the regulation of fiduciaries, administration businesses and company directors. As well as implementing, the 3rd AMLD ((EU) 2005/60) as it applies to trust and company service providers, it aims to protect users of trust and fiduciary services by putting in place a robust regulatory system to include accounting and reporting requirements. The ASP Law provides that relevant services may be offered only by persons or legal entities that hold a license from the Cyprus Securities and Exchange Commission (CySEC) or who are specifically exempted from the licensing requirement. Lawyers and accountants who are regulated by their respective regulatory bodies (the Cyprus Bar Association (CBA) and the Institution of Certified Public Accountants of Cyprus (ICPAC)) are exempted from the need to obtain a license but must comply with the other requirements of the ASP Law.

When establishing trusts, service providers are required to obtain standard KYC documentation, to include, full supporting documentation of the initial trust property and any assets that will form part of the trust at any stage, evidence of the identity, size and source of wealth of the settlor, the trustees, the beneficiaries (or information on the class of beneficiaries, including the beneficiaries to whom any distributions have been made pursuant to the trust), and others associated with the trust, as well as information on the activities of the trust, and keep this information available for inspection by the relevant supervisory body on request. Service providers must put in place adequate arrangements to segregate and account for clients' funds, and they must comply fully with the AML Law. They are subject to continuous monitoring in this regard, and CySEC may appoint inspectors to investigate their affairs. Each of the supervisory bodies for the purposes of the ASP Law (CySEC, the CBA, and ICPAC) are required to maintain a register of trusts established by the service providers they regulate containing the following information:

  • the name of the trust;
  • the name and full address of every trustee at all relevant times;
  • the date of establishment of the trust;
  • the date of any change in the law governing the trust to or from Cyprus law; and
  • the date of termination of the trust.

Any Cyprus-resident trustee of a trust governed by Cyprus law is obliged to notify the relevant supervisory body of the relevant information within 15 days of the creation of the trust or the adoption of Cyprus law as the law governing the trust, as applicable. Subsequent changes in any relevant information, including termination of the trust or a change in the governing law from Cyprus law, must similarly be notified within 15 days. In the event of termination of the trust or a change in the governing law from Cyprus law, the register will indicate that the trust has been terminated and the information on the trust will be kept for five years.

Cyprus UBO register of express trusts and other similar arrangements (the "Trust Register"): who has access and safety valves in place

Section 61C of the AML Law provides for the creation of a register specifically for express trusts and other similar legal arrangements. The Trust Register is maintained and supervised by CySEC. Accessibility to the register by the general public is limited to circumstances discussed below.

The basic beneficial ownership information to be submitted in relation to trusts and other similar legal arrangements with the register is the following:

  • name and surname of the beneficial owner, including fathers name;
  • date and place of birth;
  • nationality or nationalities;
  • residential address;
  • the number, type and country of issuance of the beneficial owners' identification document;
  • date of death (if applicable);
  • the nature and extent of the rights held directly or indirectly by each beneficial ownership;
  • the beneficial owner's role in the trust or similar legal arrangement identity of the settlor;
  • any other information or supporting documents deemed necessary by CySEC for the purpose of identifying beneficiaries depending on the category of beneficial ownership as defined in the relevant sections of the AML Law.

Access to the beneficial ownership information is available only to the following persons (Table 1):

Competent supervisory authorities: Cyprus Bar Association, Central Bank of Cyprus, Exchange Commission Without restrictions
Other relevant authorities: Unit of combating Money Laundering (MOKAS), Customs Department, Tax Department, Police Without restrictions
Obliged entities: credit institutions, financial institutions, natural or legal persons acting in the exercise of their professional activities (i.e., auditors, external accountants, tax advisors, notaries and other independent legal professionals and company service providers) In the context of applying customer due diligence and identification measures


The general public does not have direct access to the above-mentioned information. Access will only be granted if a member of the general public can demonstrate "legitimate interest", which is defined by the AML Law as a genuine interest in the suppression of money laundering activities and the offences prescribed under the AML Law. If successful, they will have access to the following information: name, date of birth, nationality, and country of residence of the beneficial owners as well as the nature and extent of the rights held in the express trust or similar legal arrangement. Proof of legitimate interest will be at the discretion of CySEC but will be subject to administrative appeal as per Article 146 of the Constitution.

In exceptional cases and by way of an application to CySEC, part or all of the information about the beneficial owners registered may be excluded from access if this will expose them to a disproportionate risk of deception, abduction, extortion, harassment, violence or intimidation or in the event that the beneficial owner is a minor or legally incompetent in some other way. A decision made by CySEC in relation to the above-mentioned exception is subject to administrative appeal as per Article 146 of the Constitution. The above exception does not apply in the case that application for access is made by obliged entities that are credit and financial institutions, the Competent Authorities, MOKAS, the Customs Department, the Tax Department, and the police.

European Court of Justice halts publicly accessible UBO-registers

Further strengthening the limitation already in place on access to information of the trust register is a preliminary ruling handed down on the 22nd of November 2022 by the European Court of Justice (the "Court") (ECJ No 188/2022; joined cases C-37/20, C-601/20) wherein it was ruled that registers of UBOs can no longer be accessed by the general public. In particular, the Court has ruled that the general public's access to the information of the beneficial owners constitutes a "serious interference with the fundamental rights to respect for private life and to the protection of personal data" safeguarded by Articles 7–8 of the Charter of Fundamental Rights of the European Union.

Although the objective of the European AMLDs is an objective of general interest, namely, to prevent money laundering and terrorist financing by requiring increased transparency, it is not proportionate to the interference entailed by it. On the contrary, the Court has ruled that its interference is "neither limited to what it strictly necessary, nor proportionate to the objective pursued" therefore creating a considerably more serious interference with the fundamental rights affected.

Furthermore, the Court ruled that even though the AMLDs provide Member States with the option to require registration for access to the relevant information, or to allow for very specific exemptions, this does not demonstrate the existence of sufficient safeguards, nor does it create a proper balance between the objective and the fundamental rights affected.

Conclusion

Cyprus has strived to put in place the necessary safety valves from the date of inception of the Trust Register in order to ensure that privacy and human rights aspects are preserved at all times showcasing its commitment to the doctrines of equity, which have long been embedded into the law governing Cyprus trusts.

It is nevertheless important to understand the wider trends at play such as the move towards full transparency and the dynamic nature of what is an ever-evolving compliance environment, reflecting a complex interplay between legal regulations and requirements with the ever-shifting needs of society. Finding the right balance between full transparency in line with compliance requirements and the respect for private life and protection of personal data is an obligation that rests not only on all professional bodies but also on regulators.

Originally published by Oxford University Press.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.