A Guide to Anti-Money Laundering for Crypto Firms

The EU’s New Anti-Money Laundering Authority (AMLA): Key Takeaways

AML Compliance Latest News

The European Union’s (EU) long-term goal of a pan-European anti-money laundering (AML) program, is moving closer, with the creation of a central EU authority to combat money laundering.

The EU Anti-Money Laundering Authority (AMLA) will monitor, support, and coordinate the application of EU financial services regulations across the continent – though the responsibility for combating money laundering remains in the hands of member states. 

Given the cross-border nature of crime, the AMLA’s centralized remit is a major step toward establishing coordinated AML/CFT measures in the region. It is expected to help harmonize supervisory practices, oversee high-risk and cross-border financial entities, and coordinate financial intelligence units.

While individual member states may go beyond the scope of EU Anti-Money Laundering Authority directives, firms should expect greater consistency across the bloc going forward. Countries outside of the EU, such as the UK, may also aim to align AML programs with the AMLA. 

What Powers Does the New EU Anti-Money Laundering Authority Have?

The Authority will have direct supervision powers to crack down on illicit finance across all member states, and a consistent framework to ease compliance for obliged entities who are subject to AML/CFT rules.

It will also be able to impose fines on offenders, with total penalties up to 10% of annual turnover or €10m, whichever is higher.

The EU Anti-Money Laundering Authority will be fully independent, with its own executive board. Its direct supervision will mirror that of the Financial Action Task Force (FATF), while maintaining its own black and gray lists. It will also list countries that pose a threat to the EU’s financial system based on its assessment.

AMLA will be established at the beginning of 2023 and is expected to be fully resourced by the end of 2025, with direct supervision expected in early 2026. It has an anticipated budget of €45.6m – funded through the EU budget and fees from supervised entities – with 250 staff.

What are the Objectives of the EU Anti-Money Laundering Authority?

The main objectives of the AMLA are to: 

  • Prevent the EU financial system from being used for ML/TF 
  • Identify ML/TF risks and threats across or targeting the internal market 
  • Ensure high-quality supervision over AML/CFT 
  • Facilitate ‘supervisory convergence’ across the EU 
  • Harmonize practices to identify cross-border illicit flows by financial intelligence units (FIUs) 
  • Support and coordinate the exchange of information amongst FIUs 

It will have direct supervision over the ‘riskiest’ obliged entities that work across borders – aiming to crack down on money laundering – and oversight over local obliged entities in ‘emergency situations.’ If urgent action on a money laundering issue is needed, the EU Anti-Money Laundering Authority can carry out immediate inspections and order administrative action at these institutions. This includes the option to impose sanctions.

A strong focus will be on large lenders and non-bank financial institutions that operate in multiple EU member states and are seen as ‘high risk’ or engage in ‘sufficiently risky’ business. A list will be published every three years of those institutions that will be under direct supervision, with the first set of ‘selected obliged entities’ to be named on  July 1, 2025. 

AMLA will also have indirect oversight over other obliged entities. It aims to build stronger common supervisory approaches, maintain an AML/CFT supervisory database with up-to-date information for supervisors, and have oversight of the FIU.net platform, an EU-wide mechanism to enhance the exchange of information and allow joint analysis and cooperation between FIUs.

How are Organizations Impacted?

For the first time, certain types of credit and financial institutions, including crypto asset service providers, will be directly supervised across all member states if they are considered risky. 

A new AML/CFT supervisory methodology will have qualitative and quantitative markers and indicators of inherent risk, including customers, products and services, delivery channels, and geographic areas. 

The aim is to create a joint supervisory team between the EU Anti-Money Laundering Authority and local FIUs, to enforce a single rule book, based on regulatory technical standards. AML investigations will be carried out jointly, and technical expertise will be shared in areas such as AI, IT solutions, and best practices for identifying suspicious transactions. 

Firms should expect more detailed rules on customer due diligence (CDD), beneficial ownership, and the powers and tasks of supervisors and FIUs. They should also note that existing national registers of bank accounts will be connected, speeding up access for FIUs to gain information on bank accounts and safe deposit boxes. Law enforcement agencies will also have access to this system, to help in financial investigations and with the recovery of criminal assets in cross-border cases. 

New requirements are also proposed for crypto assets and crypto asset service providers, to collect and make accessible data concerning the originators and beneficiaries of transfers in those assets.

The EU Anti-Money Laundering Authority will also be responsible for preparing and coordinating threat assessments and strategic analyses, developing methods and procedures to select relevant cases for joint analysis, carrying out capacity building for FIUs, and will monitor and support asset freezes.

Top Tips on How to Prepare for the New EU Anti-Money Laundering Authority 

While many of the measures outlined are not likely to be implemented until the mid-2020s, firms should develop a proactive strategy to avoid the risk of fines, and should closely follow any developments as the EU AML/CFT framework is revamped. 

  1. Firms will mostly still be supervised by their national supervisor.
  2. If you fall within the scope of direct supervision by AMLA, expect to still liaise with your national regulator, but respond quickly to any requests from the EU Anti-Money Laundering Authority.
  3. Direct supervision means you have a higher exposure to AML/CFT risk and should assess who you are doing business with and if additional measures and controls are needed. 
  4. Direct supervision does not automatically mean you are breaching AML/CFT rules, just that you are potentially exposing the internal market to the risk of ML/TF.

Firms should also consider their response to these changes across a number of key areas, including: 

    • Technology and automation – Carry out thorough risk assessments on how to manage any additional checks and processes. This may include onboarding new solutions to automate certain measures, and/or enhance data structure and access
    • Governance and oversight – Enable easy access to clear and concise information that local or EU-level regulators may request 
    • Executive stakeholder management – Compliance teams may have to explain any additional costs, headcount, and vendors to their firms. A proactive approach gives teams time to conduct thorough RFPs and cost-benefit analyses, in order to present effective recommendations 
    • Training and hiring – Additional training, support, and staffing may be required. Being proactive will reduce the risk of a talent gap 
  • Services – Firms should map these planned regulations against their product roadmaps, to anticipate the regulatory implications of any new services, particularly crypto and virtual asset-related product lines

A Guide to ‘The Original 6AMLD’

Uncover what changes have been proposed by the European Commission and how might those changes impact firms.

Download the guide
The European Union’s (EU) long-term goal of a pan-European anti-money laundering (AML) program, is moving closer, with the creation of a central EU authority to combat money laundering. The EU Anti-Money Laundering Authority (AMLA) will monitor, support, and coordinate the application of EU financial services regulations across the continent - though the responsibility for combating money laundering remains in the hands of member states.  Given the cross-border nature of crime, the AMLA’s centralized remit is a major step toward establishing coordinated AML/CFT measures in the region. It is expected to help harmonize supervisory practices, oversee high-risk and cross-border financial entities, and coordinate financial intelligence units. While individual member states may go beyond the scope of EU Anti-Money Laundering Authority directives, firms should expect greater consistency across the bloc going forward. Countries outside of the EU, such as the UK, may also aim to align AML programs with the AMLA. 

What Powers Does the New EU Anti-Money Laundering Authority Have?

The Authority will have direct supervision powers to crack down on illicit finance across all member states, and a consistent framework to ease compliance for obliged entities who are subject to AML/CFT rules. It will also be able to impose fines on offenders, with total penalties up to 10% of annual turnover or €10m, whichever is higher. The EU Anti-Money Laundering Authority will be fully independent, with its own executive board. Its direct supervision will mirror that of the Financial Action Task Force (FATF), while maintaining its own black and gray lists. It will also list countries that pose a threat to the EU’s financial system based on its assessment. AMLA will be established at the beginning of 2023 and is expected to be fully resourced by the end of 2025, with direct supervision expected in early 2026. It has an anticipated budget of €45.6m - funded through the EU budget and fees from supervised entities - with 250 staff.

What are the Objectives of the EU Anti-Money Laundering Authority?

The main objectives of the AMLA are to: 
  • Prevent the EU financial system from being used for ML/TF 
  • Identify ML/TF risks and threats across or targeting the internal market 
  • Ensure high-quality supervision over AML/CFT 
  • Facilitate ‘supervisory convergence’ across the EU 
  • Harmonize practices to identify cross-border illicit flows by financial intelligence units (FIUs) 
  • Support and coordinate the exchange of information amongst FIUs 
It will have direct supervision over the ‘riskiest’ obliged entities that work across borders - aiming to crack down on money laundering - and oversight over local obliged entities in ‘emergency situations.’ If urgent action on a money laundering issue is needed, the EU Anti-Money Laundering Authority can carry out immediate inspections and order administrative action at these institutions. This includes the option to impose sanctions. A strong focus will be on large lenders and non-bank financial institutions that operate in multiple EU member states and are seen as ‘high risk’ or engage in ‘sufficiently risky’ business. A list will be published every three years of those institutions that will be under direct supervision, with the first set of ‘selected obliged entities’ to be named on  July 1, 2025 AMLA will also have indirect oversight over other obliged entities. It aims to build stronger common supervisory approaches, maintain an AML/CFT supervisory database with up-to-date information for supervisors, and have oversight of the FIU.net platform, an EU-wide mechanism to enhance the exchange of information and allow joint analysis and cooperation between FIUs.

How are Organizations Impacted?

For the first time, certain types of credit and financial institutions, including crypto asset service providers, will be directly supervised across all member states if they are considered risky.  A new AML/CFT supervisory methodology will have qualitative and quantitative markers and indicators of inherent risk, including customers, products and services, delivery channels, and geographic areas.  The aim is to create a joint supervisory team between the EU Anti-Money Laundering Authority and local FIUs, to enforce a single rule book, based on regulatory technical standards. AML investigations will be carried out jointly, and technical expertise will be shared in areas such as AI, IT solutions, and best practices for identifying suspicious transactions.  Firms should expect more detailed rules on customer due diligence (CDD), beneficial ownership, and the powers and tasks of supervisors and FIUs. They should also note that existing national registers of bank accounts will be connected, speeding up access for FIUs to gain information on bank accounts and safe deposit boxes. Law enforcement agencies will also have access to this system, to help in financial investigations and with the recovery of criminal assets in cross-border cases.  New requirements are also proposed for crypto assets and crypto asset service providers, to collect and make accessible data concerning the originators and beneficiaries of transfers in those assets. The EU Anti-Money Laundering Authority will also be responsible for preparing and coordinating threat assessments and strategic analyses, developing methods and procedures to select relevant cases for joint analysis, carrying out capacity building for FIUs, and will monitor and support asset freezes.

Top Tips on How to Prepare for the New EU Anti-Money Laundering Authority 

While many of the measures outlined are not likely to be implemented until the mid-2020s, firms should develop a proactive strategy to avoid the risk of fines, and should closely follow any developments as the EU AML/CFT framework is revamped. 
  1. Firms will mostly still be supervised by their national supervisor.
  2. If you fall within the scope of direct supervision by AMLA, expect to still liaise with your national regulator, but respond quickly to any requests from the EU Anti-Money Laundering Authority.
  3. Direct supervision means you have a higher exposure to AML/CFT risk and should assess who you are doing business with and if additional measures and controls are needed. 
  4. Direct supervision does not automatically mean you are breaching AML/CFT rules, just that you are potentially exposing the internal market to the risk of ML/TF.
Firms should also consider their response to these changes across a number of key areas, including: 
    • Technology and automation – Carry out thorough risk assessments on how to manage any additional checks and processes. This may include onboarding new solutions to automate certain measures, and/or enhance data structure and access
    • Governance and oversight – Enable easy access to clear and concise information that local or EU-level regulators may request 
    • Executive stakeholder management – Compliance teams may have to explain any additional costs, headcount, and vendors to their firms. A proactive approach gives teams time to conduct thorough RFPs and cost-benefit analyses, in order to present effective recommendations 
    • Training and hiring – Additional training, support, and staffing may be required. Being proactive will reduce the risk of a talent gap 
  • Services – Firms should map these planned regulations against their product roadmaps, to anticipate the regulatory implications of any new services, particularly crypto and virtual asset-related product lines
[cta_card title="A Guide to ‘The Original 6AMLD’" cta_img="" category="" bodytext="Uncover what changes have been proposed by the European Commission and how might those changes impact firms." cta_text="Download the guide" cta_url="https://complyadvantage.com/insights/a-guide-to-the-original-6amld/"]

Originally published November 22, 2021, updated September 23, 2022

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).