In response to identified weaknesses within the existing AML/CFT framework of the European Union and in view of the urgent need to address cross-border financial crime threats in a more coordinated manner, the Anti-Money Laundering Authority Regulation (AMLA Regulation) provides for the establishment of an EU-level authority.
In response to identified weaknesses within the existing anti-money laundering and countering the financing of terrorism (AML/CFT) framework of the European Union and in view of the urgent need to address cross-border financial crime threats in a more coordinated manner, the Anti-Money Laundering Authority Regulation (AMLA Regulation) provides for the establishment of an EU-level authority. Through an institutional supervisory model, which is much inspired from the single supervisory mechanism for credit institutions, this Anti-Money Laundering Authority (AMLA) is tasked with enhancing supervision of high-risk entities, promoting uniform regulatory approaches, facilitating information exchange among Financial Intelligence Units (FIUs) and ensuring the harmonisation of AML/CFT measures and supervision across EU Member States. This initiative forms part of the new AML/CFT package that aims to fortify the EU's AML/CFT capabilities and foster further collaborative efforts among Member States by introducing the Anti-Money Laundering Regulation (AMLR – see Arendt's Newsflash on the AML Regulation) and the sixth Anti-Money Laundering Directive (AMLD6 – see Arendt's Newsflash on the AML Regulation).
In this enhanced AML/CFT system, the AMLA will be responsible for (1.) direct and (2.) indirect supervision of the financial sector, (3.) strengthening oversight of the non-financial sector and (4.) support for and coordination of FIUs.
1. Direct supervision of selected obliged entities
a) The selection
The AMLA will directly supervise up to 40 financial sector selected obliged entities or groups thereof (SOEs) that are active in at least six Member States, either through their own establishment or under the freedom to provide services, and categorised in the highest AML/CFT risk category.
The following entities are eligible for such direct supervision:
- Credit institutions, bureaux de change, collective investment undertakings, credit providers other than credit institutions, e-money institutions, investment firms, payment institutions, life insurance undertakings, life insurance intermediaries, crypto-asset service providers, and other financial institutions.
The AMLA, in collaboration with national AML/CFT financial supervisors, will carry out a periodic assessment of the inherent and residual risk profile of credit institutions and financial entities that meet the eligibility criteria. This risk profile will be classified by the AMLA as low, medium, substantial, or high in line with the harmonised methodology, which will be set out in Regulatory Technical Standards developed by the AMLA and take into account a minimum set of risk categories related to customers, products, services, transactions, delivery channels and geographical areas. Although the AMLA will assess both the inherent and residual risk of financial sector entities, selection will be based solely on the residual risk profile. For the first selection process, the number of SOEs is strictly limited to 40. However, for subsequent selections, the AMLA may increase this limit in consultation with the national AML/CFT financial supervisors.
The AMLA will launch the first selection process by 1 July 2027, with subsequent selection processes being carried out every three years.
b) The supervision
(Simplified schematic representation of the general supervisory mechanism function carried out by AMLA)
In addition to the simplified schematic illustration above, the supervision of SOEs will be undertaken by joint supervisory teams (JSTs), composed of staff from both the AMLA and the relevant national supervisors. The JSTs will be based at the seat of the AMLA and work under the coordination of a designated AMLA staff member (JST Coordinator)
- Tasks
With regard to the SOEs, the AMLA will carry out the following tasks:- ensure compliance with the requirements applicable to SOEs pursuant to the AMLR and the revised Transfer of Funds Regulation, [1] including obligations related to the implementation of targeted financial sanctions;
- carry out supervisory reviews and assessments, such as onsite inspections, at the level of the individual entity and the group in order to determine whether the internal policies, procedures and controls put in place by the SOEs are adequate to comply with the requirements applicable to them and, on the basis of those supervisory reviews, apply administrative measures and impose pecuniary sanctions and periodic penalty payments;
- participate in group-wide supervision, in particular in AML/CFT supervisory colleges, including where one of the SOEs is part of a group that has headquarters, subsidiaries or branches outside the EU; and
- develop and keep up-to-date a system to assess the risks and
vulnerabilities of the SOEs.
- Powers
The AMLA will also be provided with general investigative and supervisory powers which financial supervisors have in AML/CFT matters, unless otherwise specified by the AMLA Regulation, thus including the authority:- to conduct all necessary investigations into any of the SOEs, including the relevant on- or offsite inspections;
- to require the submission of and access to various documents and information (e.g. accounting, internal audit reports, certification of accounts, software, databases, IT tools, or relating to decision-making processes).
- to obtain any relevant explanation from the SOEs and any third party to whom operational functions or activities have been outsourced;
- to interview any person who consents to be interviewed for the purpose of collecting information relating to the subject matter of an investigation;
- to impose sanctions in the cases outlined by the AMLA Regulation.
With regard to the on-site inspections mentioned in the first point, the AMLA may, following notification to the relevant financial supervisor, access business premises of SOEs, natural persons employed by them, legal persons belonging to them, or third parties to whom operational functions or activities have been outsourced. Judicial authorisation is required for inspections at private residences serving as business premises, although exceptions may occur if efficiency so demands.
The assignment of on-site inspection duties may fall to JSTs or dedicated teams, a decision which will be made by the AMLA in consultation with financial supervisors. Authorised personnel, including designated individuals, will have the right to enter premises subject to investigation (and subject to the necessary judicial authorisation for private residences functioning as business premises).
Accompanying personnel are mandated to support the AMLA's personnel under its supervision and coordination. Moreover, staff from financial supervisors in the concerned Member State may participate in these inspections.
In the event of opposition to inspections, the relevant financial supervisor must offer assistance pursuant to national law, including the sealing of premises and records. Alternatively, if such authority is absent, assistance should be sought from other national authorities to carry out this specific power.
c) The administrative measures and pecuniary sanctions
In addition to its investigatory and supervisory powers, the AMLA will also have the authority to impose administrative measures and pecuniary sanctions on SOEs.
The AMLA may impose administrative measures:
- in the case of breaches of EU acts, in particular the revised Transfer of Funds Regulation, the AMLD6, the AMLR, and national legislation implementing the AMLD6;
- where breaches are likely and administrative measures are likely to prevent the occurrence of such breaches or reduce the risk thereof; as well as
- when an SOE's internal policies, procedures and controls are not commensurate to the risks to which it is exposed.
Such measures can range from simple recommendations to issuing public statements or orders to cease and desist, restricting or limiting an SOE's business, requiring changes in the governance structure or, where an SOE is subject to authorisation, proposing the withdrawal or suspension of that authorisation to the financial supervisor that has granted it.
The AMLA will also have the power to impose pecuniary sanctions in cases of intentional or negligent breaches of AML/CFT requirements set out by the AMLR and the revised Transfer of Funds Regulation, or non-compliance with its binding decisions. Such pecuniary sanctions shall always be applied in cases of serious, repeated, or systemic breaches and may be imposed in addition to, or instead of, administrative measures. The amount of pecuniary sanctions will depend on the nature and extent of the breaches, with the basic amounts ranging from a minimum of EUR 100,000 to a maximum of EUR 2,000,000 or 1% of the annual turnover, whichever is higher. These baseline amounts will be adjusted, where needed, by taking into account aggravating or mitigating factors in accordance with the relevant coefficients set out in Annex I of the AMLA Regulation. The maximum amount of a pecuniary sanction after application of the coefficients depends on the type of infringement and is either EUR 10,000,000 or 10% of the total annual turnover of the SOE.
In this context, it is important to note that these pecuniary
sanctions imposed by the AMLA must:
- be effective, proportionate and dissuasive;
- take into consideration the ability of the SOE to pay, and
- consider how the severity of such a sanction may impact the
SOE's compliance with relevant prudential regulations, in which
case the AMLA shall consult the relevant authorities supervising
such compliance with applicable EU law.
In addition to its own powers to impose sanctions, the AMLA will have the authority to require national AML/CFT financial supervisors to initiate proceedings against SOEs in cases of breaches of national law implementing AMLD6, as well as against members of an SOE's management body who are responsible for a breach.
2. Indirect supervision of non-selected obliged entities (NSOE)
a) The assessment of the national financial supervisors and coordination of the AML/CFT supervisory colleges
Although national AML/CFT financial supervisors will remain in charge of and retain full responsibility and accountability for direct supervision of NSOEs, the AMLA will contribute to harmonising supervisory practices and promoting high supervisory standards in the area of AML/CFT for NSOEs.
To this end, the AMLA will coordinate and oversee national supervisors and carry out periodic assessments to ensure that they have the resources, powers and strategies necessary to perform their tasks. It should also be noted that in cases of systematic failure of national AML/CFT financial supervisors in their supervisory action, the AMLA may initiate actions for a breach of EU law.
Furthermore, the AMLA will be in charge of facilitating the functioning of the AML/CFT supervisory colleges in the financial sector (e.g. assist in organising joint supervisory plans, on-site inspections or off-site investigations, collect and share relevant information, oversee the tasks carried out by financial supervisors, etc.).
In addition, the AMLA may carry out mediation at the request of a financial supervisor and has the authority to settle, with binding effect, disagreements between financial supervisors, including within the AML/CFT supervisory colleges.
b) Developing technical standards and adopting guidance instruments
The AMLA will have the power:
- to develop draft Regulatory Technical Standards and Implementing Technical Standards (e.g. on the criteria to be used for the assessment of obliged entities' risk profile; on the minimum requirements regarding group-wide policies, procedures and controls; on the information necessary for performing customer due diligence; on the format to be used for reporting suspicious transactions, etc.); as well as
- to adopt opinions, recommendations and guidelines (e.g.
elements to be taken into account when deciding on the extent of
internal policies, procedures and controls; on the risk variables
and factors to be taken into account when entering into business
relationships or carrying out occasional transactions; ongoing
monitoring of business relationships and transactions, etc.).
c) Taking over direct supervision of NSOEs
More significantly, the AMLA may take on the direct supervision
of NSOEs:
- by decision of the EU Commission, issued at the request of the AMLA following the failure of national supervisors to address serious, repeated or systemic breaches by an NSOE; or
- by entering into an agreement with a national supervisor to transfer supervision responsibility, at the latter's request.
3. Strengthening oversight of the non-financial sector
Although it will have no direct supervisory powers over non-financial obliged entities, the AMLA will, as with national AML/CFT financial supervisors, contribute to the convergence of supervisory practices and the promotion of high supervisory standards among non-financial supervisors in the area of AML/CFT.
The AMLA will periodically conduct peer reviews of non-financial supervisors to strengthen consistency and effectiveness in supervisory outcomes. These reviews will include an assessment of the adequacy of powers, financial, human, and technical resources, the degree of independence, the governance arrangements and professional standards of non-financial supervisors and of the effectiveness and the degree of convergence reached in the application of EU law and in supervisory practice.
The AMLA is then able to use this assessment as the basis for issuing any recommendations and follow-up measures required to be taken by the non-financial supervisors. The AMLA can further investigate the alleged breach or non-application of EU law and then address any recommendation to the supervisory authority setting out the action necessary to comply with EU law.
4. Establishing a support and cooperation mechanism for financial intelligence units
The AMLA's role will also include promoting greater efficiency and cooperation between national FIUs and acting as a mediator when needed.
To that end, the AMLA will have the power to adopt Implementing Technical Standards, binding templates and models for reporting suspicious transactions and suspicious activities from obliged entities to FIUs, thus facilitating speedier and more efficient cooperation and information exchange between FIUs. To enhance the analysis of suspicious activities or transactions across borders, relevant FIUs should collaborate efficiently on joint analyses. The AMLA will facilitate and support these joint analyses by proposing and coordinating methods while initiating reviews to improve effectiveness and promote best practices.
Finally, the AMLA will also be responsible for the hosting of FIU.net: the dedicated IT system allowing FIUs to cooperate and exchange information with each other and, where appropriate, with their counterparts from third countries (and third parties). It is currently still to be determined in more detail how the exchange of data will operate between the different supervisory and enforcement entities However, it is known that such cooperation will rely on the latest technological advances.
Read the AMLA Regulation adopted text here_
Read our Newsflash on the AMLR here_
Read our Newsflash on AMLD6 here_
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.