Dies auf Deutsch lesen
Dies auf Deutsch lesen

EU AML in transition: how AMLA and the new AML regulations obligate banks to take action

By Tamara Braun, Filip Tack

The increasing harmonization of money laundering regulations does not stop at the competent authorities: with the launch of the Anti-Money Laundering Authority (AMLA) at the beginning of 2026 and the entry into force of the new EU AML package, European legislators are marking a turning point in the fight against money laundering and terrorist financing.

The aim is to raise money laundering prevention in Europe to a new, uniform and risk-oriented level through harmonized regulations and greater centralization.

What role do uniform rules play in the EUโ€™s new anti-money laundering policy?

The central pillar of the reform is the new EU Authority for Anti-Money Laundering and Countering the Financing of Terrorismย AMLA, which has been in the process of being set up in Frankfurt am Main since mid-2025. It is to assume direct supervision of particularly high-risk financial institutions with cross-border activities (selected obliged entities), coordinate cooperation among national authorities and enforce EU-wide technical and organizational standards.

The comprehensive AML package is the first attempt to harmonize all central EU money laundering prevention rules and consists of the Anti-Money Laundering Regulation (AMLR; Regulation (EU)ย 2024/1624), the 6th EU Anti-Money Laundering Directiveย (6AMLD; Directive (EU)ย 2024/1640), the Regulation establishing the Anti-Money Laundering Authority (AMLA; Regulation (EU)ย 2024/1620) and the Funds Transfer Regulation (FIU/ToFR; Regulation (EU)ย 2023/1113). This includes an EU-wide Single Rulebook, additional requirements for national implementation and prosecution, the creation of the AMLA itself and the strengthening and harmonization of national FIUs (Financial Intelligence Units). The focus is clearly on risk-oriented management.

What role do data, due diligence and system integration play in the new supervisory model?

Due to the stricter regulatory requirements, AMLA pays particular attention to the establishment of a central, European data platform for anti-money laundering and risk analysis. The aim is to identify financial crime more quickly and combat it more efficiently. To this end, advanced IT and AI will be used to analyze and predict money laundering trends as well as recognize relevant patterns.

In addition, it provides for the centralized and standardized reporting and storage of SARs (Suspicious Activity Reports). The creation of uniform technical interfaces and reporting channels for all obliged entities in the EU is intended to simplify data exchange and cooperation among FIUs via a common platform.

Another focus of AMLAโ€™s activities is the establishment of an integrated AML and CFT supervisory system. The authority is to coordinate and manage cooperation among national authorities and FIUs by introducing a uniform EU-wide supervisory model.

Ultimately, the initiation of AMLAโ€™s activities is accompanied by stricter due diligence requirements, which also apply to lower risks. Simplified due diligence obligations (Art.ย 33 AMLR) are only applicable if the risk is clearly limited and subject to monitoring. Documentation and updating obligations are also extended as part of ongoing CDD (customer due diligence) and monitoring triggers are introduced even for low-risk customers. This step aims to establish a regular and risk-oriented inspection that goes hand in hand with further verification and reporting obligations for all customer segments.

How will money laundering risk analyses look like in the future?

The AMLR and 6AMLD impose stricter methodological requirements on the money laundering risk analysis that has already been carried out annually for institutions and companies obliged to do so. In future, the required three-step analysis process, i.e. risk assessment across the levels of inherent risk, controls and residual risk, means that the analysis will focus more on quantitative elements.

Against this background and in the context of the EBA RTS (currently EBA/CP/2025/04), data quality will play an increasingly important role in producing comprehensible and precise risk analysis results consistently over the annual cycle. AMLA is responsible for monitoring implementation. In addition, the use of national and supranational risk analyses as benchmarks will become mandatory, ensuring additional consistency and comparability of money laundering risk analyses.

What are the technical and procedural implications of the new auditing and documentation requirements for banks?

The increased auditing and documentation requirements due to the establishment of AMLA and the new EU AML package have numerous technical and procedural implications that are forcing banks to take action. From zebโ€™s perspective, the new anti-money laundering authority will be centering its audit activities on the following points:

  • Quality and timeliness of money laundering risk analyses:ย risk analyses must be updated annually and on an ad hoc basis and must comply with the requirements of the SNRAs (supranational risk analyses), NRAs (national risk analyses) and EBA standards.
  • Implementation of CDD and monitoring obligations:ย simplified due diligence obligations for low-risk customers must be correctly documented, justified and continuously monitored.
  • Compliance with technical specifications:ย technical interfaces, the central data platforms, the SAR reporting system and new reporting channels must be implemented.
  • Transparency and data quality:ย Data must be provided in full and consistently, in accordance with EU requirements. This applies in particular to beneficial owners and SARs.
  • Coherence of internal processes:ย internal processes, guidelines and training courses must be harmonized throughout the EU and regularly updated.

What are the six key success factors for an efficient AML operating model?

In order for a bank to meet the increased requirements of AMLA and the new EU AML package in the long term, six central elements are crucial for a robust and efficient AML operating model.

I) Money laundering risk analysis

The money laundering risk analysis should be further developed into a consistent, risk-oriented and data-driven analysis based on the necessary three levels. It should include all regulatory requirements and be reviewed regularly. To this end, zeb offers a reference model as a bank-specific adaptable standard framework that already meets all requirements and has been approved by national supervisory authorities.

II) Governance and training

Clear responsibilities along the three lines of defense, effective compliance and active risk culture through clear leadership and awareness as well as regular training ensure that regulatory requirements are understood and implemented. All these aspects should be incorporated in the organizational and document model (in the documented governance framework).

III) Reporting and controls

Transparent and structured reporting and control systems ensure effective management and legally compliant documentation. The use of key risk indicators (KRIs) for ongoing monitoring, an established reporting system for management, supervisory bodies and the authorities as well as the integration with the AML control plan and the ESG audit fields are crucial.

IV) KYC process

Efficient processes for customer identification according to risk and associated audit levels along with continuous monitoring are key to effective prevention of money laundering. In addition, ongoing re-KYC is essential for triggers, changes to the risk or fixed intervals.

V) System-based data quality

IT-based recording, validation and analysis of AML-relevant data increase safety and traceability, which are optimized through systematic maintenance and documentation. This is supported by a central database for KYC, monitoring and reporting as well as validated input data in accordance with mandatory regulatory fields.

VI) Monitoring

Automated and risk-based monitoring mechanisms help to identify irregularities at an early stage and respond in a targeted manner. This includes automated and, if necessary, AI-assisted transaction monitoring with risk-based rules and efficient alert management with defined escalation logic.

The six elements of a robust and efficient AML operating model are also illustrated in Figureย 1.

Six elements of a robust and efficient AML operating modelFigure 1: Six elements of a robust and efficient AML operating model

What conclusions can be drawn from the new EU AML regime?

The new EU AML regime and AMLA mark a paradigm shift for banks and financial services providers. Although the stricter requirements mean more work, they also open up opportunities for greater efficiency and trust among market participants.

One of the key elements is robust data quality, which reduces audit effort and protects against regulatory sanctions. In addition, a clear allocation of responsibilities across the three lines of defense is crucial to enable audit-proof implementation in operational business. Finally, standardized IT maintenance processes (e.g. SAP) achieve consistency and traceability.

Institutions that modernize their processes now and adopt a robust AML operating model not only ensure regulatory compliance, but also a clear competitive advantage. To test the robustness and future viability of the AML operating model, more and more institutions are using a holistic maturity assessment.

You should now be able to talk about these key points of the article:
  • What does the launch of AMLA and the new EU AML package mean for the fight against money laundering in Europe?ย The launch of the Anti-Money Laundering Authority (AMLA) at the beginning ofย 2026 and the entry into force of the new EU AML package are marking a turning point in European legislation in the fight against money laundering and terrorist financing. The aim is to increase harmonization of anti-money laundering regulation and strengthen centralization in order to raise money laundering prevention in Europe to a new, uniform and risk-oriented level.
  • What role does AMLA play in the new framework?ย AMLA will be organized as a central EU anti-money laundering authority in Frankfurt am Main, where it has been under development since mid-2025. It is to assume direct supervision of particularly high-risk financial institutions with cross-border activities, coordinate cooperation among national authorities and enforce EU-wide technical and organizational standards. An additional focus is on the development of an integrated AML and CFT supervisory system.
  • How will money laundering risk analysis change under the new EU AML package?ย Putting the robustness and future viability of the AML operating model to the test as part of a holistic maturity assessment helps institutions to improve their processes and organization accordingly. This leads to more efficient processes and a stronger market position.

most read

most read
Finance & Risk

Join the discussion

Feel free to contact us!

Tamara Braun / author BankingHub

Tamara Braun

Senior Manager at zeb Office Vienna
Filip Tack / author BankingHub

Filip Tack

Consultant at zeb Office Vienna

The news you can look forward to on Mondays

Analyses, articles and interviews about trends & innovation in banking delivered right to your inbox every 2 weeks

Share article

More about this topic

most read

most read
Finance & Risk

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

BankingHub-Newsletter

Analyses, articles and interviews about trends & innovation in banking delivered right to your inbox every 2 weeks