An exclusive article by Fred Kahn

Regulators did not drift through the first half of 2025. They moved with intent, tightening rules, expanding supervisory perimeters, and pressing institutions to prove that their financial crime controls work in practice. Across advanced economies and emerging markets, supervisors sharpened expectations on risk assessments, intelligence reporting, screening, monitoring, and beneficial ownership transparency. The result is a visible shift from procedural box-ticking to outcome-testing, with a clear message that gaps in design or execution will trigger remediation plans and, increasingly, public penalties. Counter-terrorism financing remains a parallel priority, and program owners are being asked to evidence coverage for rapidly evolving sanctions and proscription regimes. This article distills what changed during H1 2025, why it matters, and how teams should recalibrate to stay ahead.

AML enforcement in H1 2025 sharpens across jurisdictions

The defining feature of the first half of 2025 was momentum. A new central authority in Europe began operations on 1 July 2025 with a mandate to coordinate supervision of high-risk entities, align financial intelligence unit cooperation, and set consistent sanctioning expectations. While that milestone fell just beyond H1, the scaffolding was built throughout the first six months, and firms already felt the impact in the form of consultations on technical standards, early supervisory signals, and preparations for direct oversight of select groups. The point is not just new governance, it is a raised floor for controls across the single market.

A parallel theme arrived through fresh technical standards shaping how institutions classify inherent and residual risk, how often they revisit those profiles, and what evidence supervisors expect to see when they ask whether monitoring and screening are actually effective. Institutions accustomed to qualitative narratives now face structured benchmarks and methodologies that make comparisons possible across peer groups. This shifts the conversation from policy existence to measurable performance.

North America leaned into perimeter expansion. A long awaited residential real estate transparency rule fixed an effective date of 1 December 2025, forcing closing professionals to build reporting processes for non-financed transfers to legal entities and trusts. The signal for H1 was unmistakable, prepare now, because exemptions that once shielded certain transactions are narrowing. At the same time, beneficial ownership data management continued to evolve, creating workflow pressure on onboarding, investigations, and law enforcement response teams.

Canada accelerated regulatory amendments and implementation steps under its national framework, reinforcing expectations for payment intermediaries, clarifying reporting, and giving supervisors more explicit levers to test program effectiveness. The combined effect is stronger coverage of high-velocity channels where money mule activity and fraud derived funds often intersect with sanctions evasion risk.

Asia delivered a useful preview of the year’s direction. Singapore updated its payment sector notice and guidance at the end of June, tightening controls on merchants and intermediaries that touch cross-border flows, stored value, and cash-in cash-out networks. Japan finalized a discussion paper that squarely centers validation of effectiveness. That document sets practical expectations for outcomes testing, model governance, evidence standards, and how firms should engage constructively with supervisors during reviews. Together, those moves make it harder to hide behind policy manuals when alerts fail to surface real risk.

Elsewhere, enforcement stayed visible. The Netherlands publicized a decision in late August based on a fine imposed on 6 May, concerning serious deficiencies in customer due diligence by a challenger bank during a prior period. Italy’s financial intelligence unit reported a double-digit increase in suspicious transaction reports in the first half, powered by banks, payment institutions, and service points for cross-border providers, alongside an uptick from virtual asset service activity. Luxembourg issued an administrative penalty for shortcomings in transaction monitoring linked to high profile flows from the charity sector. In the Gulf, authorities continued to sanction firms across banking and insurance segments while maintaining pressure on designated non-financial businesses and professions. The pattern is consistent, more coverage, more testing, more public consequences.

A related pressure point is counter-terrorism financing risk as conflicts evolve. Supervisors are prioritizing screening coverage for sanctioned groups, front organizations, and facilitators who exploit crowdfunding, small remittance corridors, or informal value transfer mechanisms. Financial institutions with cross-border exposure are being asked to show how they connect sanctions changes to updates in screening dictionaries, alert treatment rules, and sanctions evasion typologies. Where firms cannot evidence timely updates, examiners are increasingly comfortable treating gaps as control failures rather than isolated process misses.

The European single market also sent a clear signal on supervisory cooperation. A central register of high-risk institutions, standard templates for information requests, and common severity scales enable supervisors to compare peer performance and escalate consistently. For multinational groups, this reduces the value of playing forum shopping games with uneven rules, and it raises the expectation that group-wide policies will be implemented uniformly with traceable local deviations. Firms should anticipate more joint examinations and shared remediation milestones tracked across jurisdictions.

Structural drivers behind the 2025 supervisory surge

Three structural drivers explain the step-up. First, evaluation cycles are back at the top of the agenda. Jurisdictions that recently exited grey lists or that face upcoming mutual evaluations know that effectiveness, not just technical alignment, will be scored. That pushes supervisors to demand quantitative evidence. Expect questions like, how did scenario X perform against typology Y in the last quarter, and what is the false positive ratio after remediation. Institutions that cannot produce those answers will be nudged toward targeted validation projects.

Second, legislative packages and perimeter expansions are converging. In Europe, a directly applicable regulation, a fresh directive, and a central authority together rebuild the architecture from standards through supervision. In North America, real estate and investment sector actions extend obligations into long acknowledged blind spots, while beneficial ownership systems change how onboarding and investigations anchor identity. In Asia, payments and digital assets remain under a bright light, with explicit notice updates and effectiveness guidance aimed at fast moving intermediaries.

Third, the data has changed. Suspicious activity reports and sector-specific disclosures are rising in several jurisdictions, and the mix of typologies is shifting toward cross-border mule networks, trade proxies, and sanctions evasion. Supervisors now see enough patterns to justify surgical questions about risk assessment calibration, thresholds, and escalation rules. Internal audit and model risk teams, once peripherals in AML discussions, are becoming core actors because control owners must prove that models do what they claim to do, and that retraining, tuning, and back-testing are disciplined and documented.

Program recalibration that withstands effectiveness testing

The path forward is practical rather than theatrical. Teams can stay ahead by re-anchoring programs on measurable outcomes, clean data, and continuous validation. The following principles convert the first half of 2025 into a concrete playbook.

Risk assessment that learns: Refresh enterprise and product risk assessments with current typologies, including sanctions evasion through layered trade routes, abuse of money service intermediaries, synthetic identity fraud in instant payment rails, and pig-butchering rings that cash out through peer-to-peer platforms. Tie each risk factor to specific controls, data sources, test plans, and remediation owners. If a risk factor lacks a control and a test, either add the control or justify why the risk is not plausible for your perimeter.

Alerting designed for evidence: For transaction monitoring, define minimum performance targets for precision and recall by scenario family, then document how you will measure them every quarter. Where machine learning models are used, maintain explainability packs that trace features to well governed data, record training sets, hyperparameters, and drift indicators, and preserve challenger models that can be activated if primary models degrade. For name screening, maintain separate score policies for sanctions, politically exposed persons, and adverse media, and calibrate hit handling to the risk of false negatives in each class.

KYC that actually resolves identity: The driver for 2025 is beneficial ownership and control. Build standardized playbooks for trusts, partnerships, and multi-layer structures, documenting how you trace natural persons and how you handle cases where thresholds are not met but influence is evident. For high risk geographies and sectors, institute a second-level review that explicitly challenges ownership narratives and source of wealth plausibility.

Faster intelligence reporting with quality gates: Where reporting volumes are rising, the problem is not speed alone, it is signal quality. Define clear typology tags, reject incomplete drafts, and require investigators to include a crisp hypothesis, why the activity is unusual, and what external references support that view. Maintain structured feedback loops from law enforcement outcomes so case managers know which filings generated value. That loop will be a focal point during supervisory engagements in 2025.

Model governance that stands up to inspection: Maintain a single inventory of rules, statistical models, natural language processing classifiers, and graph analytics used in AML decisioning. For each, record the purpose, approval date, data lineage, validation results, and limits. Pre-build a supervisor briefing that shows how you know the model is effective, what you will do if it drifts, and where human review enters the loop.

Screening beyond names: Expand screening to capture ownership, control, and transactional counterparties, not just the named customer. Keep written standards for transliteration, language variants, and fuzzy matching thresholds, and test them against difficult scripts where false negatives are a risk. Monitor sanctions programs that touch your exposure, and record the date you implemented each change to prove timely updates.

Evidence culture: Supervisors now expect to see how day-to-day operations produce reliable, reproducible outcomes. That means versioned playbooks, audit-ready logs, and decisions that show rationale. When a scenario is tuned, write down the hypothesis, the measured effect on precision and recall, and the residual risk. When a file is closed, record what would have changed that decision. This is the language of effectiveness.

In practice, these changes reach the back office. Case management platforms that once served only as ticket queues now need analytics modules that track investigator productivity, time to triage, and escalation quality, and that correlate case themes with reporting outcomes. Data lineage documentation is no longer a luxury, it is the only way to defend the integrity of model training sets, alert feeds, and decisions. Change management processes for lists, thresholds, and rules must be auditable, with maker checker segregation and immutable logs to prove who did what and why.

Another H1 thread is the rebalancing of resources toward preventive engineering. Institutions that rely exclusively on adding analysts during peak alerts will not keep pace with risk. Engineering investment should target upstream data quality, including reference data normalization, deduplication, and entity resolution for customers and counterparties. With better entities, rules and models perform better, false positives fall, and genuine anomalies become more visible. This is the single most leveraged spend in 2025 for many programs.

Sector specifics across real estate payments crypto and DNFBPs

Payments, fintech, and crypto specifics: Merchant acquirers and wallet providers should map merchant category codes and counterparty clusters to risk tiers, monitor cash-in cash-out patterns, and set limits that respond to mule activity signals. Virtual asset providers should log travel rule failures, monitor chain hopping paths that obscure provenance, and set enhanced due diligence triggers for privacy tools. Maintain a heat map of cross-chain bridges, mixers, and decentralized exchange routers you will not touch. Keep a defensible rationale for exceptions.

Real estate and high value goods: With an effective date now fixed for residential real estate reporting, closing professionals and trustees need controls to determine reportability, capture party identity, and identify beneficial ownership on entity and trust buyers. Align document retention with rule timelines and stand up a process to amend filings when facts change. Dealers in precious metals, stones, and jewelry should pair point of sale KYC with cash controls that look back across locations for structuring risk.

Charities and the public interest sector: High profile cases exposed blind spots in transaction monitoring for non-profit clients. Build tailored scenarios for grant disbursement patterns, seasonal spikes, and emergency relief spending. Require dual authorization and enhanced approvals for unusual recipient changes or large batches of small value cross-border transfers. Calibrate thresholds to client purpose and funding sources, and include governance checks that force review of mass changes to beneficiary lists.

For groups with correspondent banking or custody businesses, 2025 has amplified a long running message, do not outsource risk assessment to questionnaires. Use network analytics, payment graph features, and trade data to identify nested relationships and downstream beneficiaries. Where counterparties exhibit unusual patterning, such as persistent small value transfers that aggregate at the end of day to a small set of hubs, treat the activity as a more likely mule indicator and test whether transaction limits, velocity controls, or relationship offboarding are warranted. Document those decisions, and track whether expected risk reduction materializes after controls are applied.

What risk leaders must do next

The first half of 2025 marked a turn from architecture to execution. Supervisors are converging on the same core idea, programs must deliver measurable outcomes against current risks. For institutions, the winning strategy is to make validation, data management, and targeted engineering ordinary business, not emergency projects. Teams that build a clean control stack, prove performance with numbers, and show how lessons from law enforcement and cross-border partners are fed back into models and procedures will navigate the next cycle with confidence. Those that rely on policies without evidence will be teaching moments for everyone else.

Expect more granularity in 2025 and 2026. Centralized supervision in Europe will reshape expectations for governance and sanctions, perimeter expansion in North America will bring new actors under program rules, and payments and digital assets in Asia will remain under close inspection. Beneficial ownership, the theme that ties these threads together, will continue to influence onboarding, investigations, and reporting. The question for leadership is simple, can you show that your controls work, and when they do not, can you show that you fix them fast.

---

Related Links

• EU AMLA, mission and responsibilities
• EBA consultation on AML/CFT technical standards, 6 March 2025
• U.S. residential real estate transparency rule overview
• Japan FSA discussion paper on validating AML/CFT effectiveness, 31 March 2025
• Canada Gazette regulatory amendments under the national AML/ATF framework, 1 January 2025

Other FinCrime Central Articles Illustrating a Stronger Stance From the Regulators Globally

• De Volksbank Hit with Massive €20 Million Fine for AML and Risk Failures
• Deutsche Bank Securities Faces $4 Million Fine for SARs Delays
• HKMA Announces Disciplinary Action Against China CITIC Bank International

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.