The European Anti-Money Laundering Authority officially launched three pivotal public consultations on February 9, 2026, targeting the harmonisation of financial crime defenses across the European Union. These draft Regulatory Technical Standards represent a fundamental shift toward a unified supervisory culture, focusing on the identification of business relationships and the rigorous application of customer verification protocols. By establishing these mandates, the authority seeks to eliminate the regulatory fragmentation that has historically allowed illicit funds to traverse European borders with limited oversight. This initiative specifically addresses the structural basis of due diligence obligations while introducing a common approach to assessing and responding to breaches of anti-money laundering requirements. The following analysis explores the technical components of these mandates and their implications for the private sector, emphasizing the urgent need for a centralized defensive posture in an increasingly digital and borderless economic landscape.

Regulatory Technical Standards for Unified Supervision

The introduction of the new Regulatory Technical Standards marks a significant evolution in the European fight against financial crime. Under the leadership of Chair Bruna Szego, the authority is drafting specific criteria to define business relationships, occasional transactions, and linked transactions. These definitions are not merely administrative but serve as the legal foundation upon which all subsequent monitoring and reporting duties are built. By standardising these concepts, the European Union ensures that a transaction deemed suspicious in one member state is treated with the same level of scrutiny in another. This prevents the practice of jurisdictional arbitrage, where money launderers seek out the weakest points in the European financial network to integrate their illicit proceeds. The draft standards provide the necessary clarity for both the financial and non-financial sectors, ensuring that every entity within the scope of the regulation understands the exact parameters of their compliance responsibilities.

For decades, the European internal market has functioned with a patchwork of national interpretations regarding what constitutes a business relationship. This inconsistency created significant gaps that criminal organizations exploited with surgical precision. The new mandates seek to close these apertures by providing a single, authoritative rulebook. When a financial institution in one jurisdiction identifies a pattern of linked transactions, the criteria for doing so will now be identical to those used by an art dealer or a real estate agent in another part of the union. This level of technical alignment is essential for the integrity of the Eurozone. Without these harmonised standards, the transparency of the financial system remains compromised, as illicit actors simply migrate their activities to the regions with the most permissive or confused regulatory environments. The authority is now providing the structural scaffolding required to support a truly integrated supervisory regime that leaves no room for ambiguity.

Furthermore, the standards address the complexity of modern financial products. As the boundary between traditional banking and fintech continues to blur, the definition of an occasional transaction must be robust enough to capture rapid, high-frequency movements of value that may not fit traditional definitions of a long-term relationship. The current draft specifically targets these nuances, ensuring that the private sector is equipped with the legal certainty needed to flag suspicious behavior without fear of overstepping or under-performing. This clarity is a direct response to the demands of the private sector, which has long advocated for a level playing field where compliance costs are not unfairly distributed due to varying national requirements. By centralizing the rule-making process, the authority reduces the administrative burden on multi-jurisdictional firms while simultaneously raising the barrier for those attempting to launder money through the European economy.

Advanced Protocols for Customer Due Diligence

The second pillar of the current consultation involves the refinement of customer due diligence procedures. These rules are designed to be both risk-sensitive and proportionate, allowing firms to allocate their resources toward the highest threats while maintaining a baseline of security for all interactions. The draft standards outline the specific methods through which obliged entities must verify customer identities and conduct ongoing monitoring. This includes the use of digital identification tools and the verification of beneficial ownership, ensuring that the true controllers of legal entities are not obscured by complex corporate structures. For the non-financial sector, including real estate agents, high-value asset dealers, and legal professionals, these standards provide a rigorous framework for identifying the source of funds and the purpose of business relationships. The emphasis on consistent enforcement means that national supervisors will now have a shared methodology for evaluating whether a firm has met its legal obligations or if its internal controls are deficient.

A major driver for these enhanced protocols is the persistence of professional money laundering networks that utilize shell companies to hide the trail of criminal proceeds. The new standards require a deeper dive into the layers of corporate ownership, moving beyond simple document collection to an active verification process. This shift from a checkbox exercise to a substance-based inquiry is what the authority deems necessary to combat the sophisticated techniques of modern cartels and corrupt officials. By mandating a risk-sensitive approach, the authority acknowledges that a local bakery does not pose the same threat as a cross-border wealth management firm, yet both must adhere to the same underlying principles of transparency. This proportionality ensures that the regulatory burden does not stifle legitimate commerce while still providing the tools necessary to intercept high-value criminal transactions.

The role of ongoing monitoring is also expanded under these new mandates. It is no longer sufficient to verify a customer only at the start of a relationship. The draft standards require firms to maintain a dynamic profile of their clients, looking for deviations in behavior that could indicate a change in risk status. For example, if a client who typically conducts small local transactions suddenly begins receiving large international wire transfers from high-risk jurisdictions, the system must be calibrated to trigger an immediate review. This proactive stance is a cornerstone of the new European strategy. It moves the financial system away from a reactive model, where investigations only begin after a crime has been discovered, to a preventive model, where the system itself acts as a filter to prevent illicit funds from entering the legitimate economy in the first place.

Harmonised Enforcement and Breach Categorisation

A critical component of the new mandate is the establishment of a common supervisory approach to enforcement. The draft Regulatory Technical Standards on Enforcement provide a clear pathway for assessing and categorising breaches of anti-money laundering and counter-terrorist financing obligations. Historically, the severity of penalties and the methods of supervision varied widely across the European Union, leading to inconsistent levels of deterrence. The new framework introduces a structured methodology for responding to non-compliance, ensuring that pecuniary sanctions and administrative measures are applied consistently across all member states. This common approach includes criteria for determining the impact of a breach, the duration of the violation, and the level of cooperation provided by the entity. By creating a predictable and transparent enforcement environment, the authority aims to incentivize a higher standard of internal governance and promote a culture of compliance that transcends national borders.

The necessity of this harmonised enforcement cannot be overstated. In the past, some jurisdictions were perceived as being more lenient, which inadvertently attracted entities with weaker compliance cultures. This race to the bottom undermined the security of the entire union. With the new standards, the authority ensures that a major failure in identity verification will result in a similar penalty whether it occurs in a large financial hub or a smaller member state. This uniformity creates a credible threat of sanction that is essential for effective deterrence. Supervisors will be provided with a specific toolkit for assessing the gravity of breaches, removing much of the subjective discretion that previously led to disparate outcomes. This objective framework is designed to be fair but firm, providing clear signals to the private sector about the consequences of negligence.

Moreover, the enforcement standards emphasize the importance of remedial action. The goal is not merely to punish, but to ensure that the underlying vulnerabilities are addressed. When a breach is identified, the new protocols guide supervisors in mandating specific improvements to an entity’s internal controls. This might include requirements for better staff training, the implementation of more advanced monitoring software, or changes to the corporate governance structure. By focusing on systemic improvement, the authority seeks to build a more resilient financial ecosystem. The integration of enforcement across the union also means that information about non-compliant firms will be shared more effectively between national authorities, making it much harder for repeat offenders to continue operating by simply moving their base of operations.

Future Implications for Private Sector Compliance

The ongoing consultations represent a final opportunity for stakeholders to influence the technical details of the European anti-money laundering rulebook. The authority has specifically invited input from the non-financial sector, noting their historically lower participation in previous regulatory discussions. As the European Anti-Money Laundering Authority moves toward full operational capacity, these standards will become the primary reference for both direct and indirect supervision. Firms must prepare for an environment where the quality of their customer due diligence and the effectiveness of their transaction monitoring will be measured against a rigorous, harmonised benchmark. The scheduled public hearing on March 24, 2026, will provide a platform for further technical debate, but the trajectory is clear toward a more integrated and powerful supervisory regime. This transition requires firms to invest in robust data management systems and update their internal policies to reflect the precise requirements of the new European standards.

The long-term impact of these mandates will likely be a significant consolidation of compliance practices. Small and medium-sized enterprises, particularly in the non-financial sector, may face a steep learning curve as they align their operations with these sophisticated requirements. However, the authority has indicated that it will provide further guidance to ensure that the rules are applied in a way that is manageable for smaller entities. The focus remains on the effectiveness of the outcome rather than the complexity of the process. By participating in the current consultation, firms can help ensure that the final standards are practical and reflect the operational realities of different industries. This collaborative approach is intended to build consensus and ensure that when the rules are finally implemented, they have the full support of the private sector actors who are on the front lines of the fight against money laundering.

In the coming years, the role of technology in compliance will only increase. The new standards encourage the use of innovative solutions to meet due diligence and monitoring requirements. This represents an opportunity for the regtech industry to develop tools that are specifically tailored to the European regulatory environment. As the authority begins its direct supervision of the highest-risk entities, these standards will serve as the measuring stick for success. The ultimate goal is a European Union where financial crime is not just difficult to commit, but where the systems in place are so robust and harmonised that the risk of detection is too high for most criminal enterprises to tolerate. The transition period starting in 2026 is the critical window for this transformation, setting the stage for a new era of financial integrity and security across the continent.

---

Key Points

• AMLA launched three draft Regulatory Technical Standards on February 9, 2026, to harmonise EU-wide financial crime supervision.
• The mandates define the structural basis for identifying business relationships and occasional transactions across all member states.
• New protocols for customer due diligence emphasise risk-sensitive verification and continuous monitoring for both financial and non-financial sectors.
• A harmonised enforcement framework establishes a common approach for categorising breaches and applying consistent pecuniary sanctions.
• Stakeholders are invited to participate in public consultations and a hearing on March 24, 2026, to shape the final technical rules.

---

Related Links

• Regulation (EU) 2024/1624 on the prevention of the use of the financial system for money laundering
• Authority for Anti-Money Laundering and Countering the Financing of Terrorism – Policy Instruments
• EBA and AMLA complete handover of AML/CFT mandates to ensure regulatory continuity
• EU Anti-Money Laundering Single Rulebook and the role of the new central authority

Other FinCrime Central Articles About AMLA

• New European Union Regulatory Framework for AMLA Direct Financial Supervision
• Historic handover as AMLA replaces EBA in the fight against money laundering
• AMLA Direct Supervision Plan for 40 High Risk Entities

Source: AMLA

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.