9th September 2021

Strengthening EU’s AML/CFT rules: AML Authority (AMLA)


  • Addressing the existing gaps in implementing AML/CFT policies across EU countries;
  • Creating an EU-level authority to oversee and coordinate the fight against money laundering;
  • Facilitating information exchange among national supervisory authorities and financial intelligence units;
  • Providing more detailed rules on Customer Due Diligence and Beneficial Ownership;
  • Providing rules for crypto-assets transfer such as requiring the identification data on originators and beneficiaries and prohibiting the transfer of anonymous assets.

In short, this package can be viewed as a call to action to have a more integrated and supervised approach in the fight against money laundering and terrorism financing in the EU. 

Currently, the EU is solely focused on the regulatory framework needed to prevent and combat money laundering and terrorism financing. Within the existing AML/CFT mandate of the European Banking Authority, the EU power “is limited” to:

  • leading the development of AML/CFT Directives; 
  • coordinating by fostering effective cooperation and information exchange; and 
  • monitoring the implementation of AML/CFT policies by national supervisory authorities.



However, this approach to implementation of AML/CFT policies at the national level often takes place with some delays and results in divergence across EU countries. The cultural divergence and lack of harmonised legislation among EU countries hinders fair and full communication on ML/TF matters. This is partially “to blame” for the lack of a centralised supervision body and ground prepared for the creation of a separate AML Authority (AMLA). The latter can be considered the “fourth  wheel” with the aim to directly supervise and coordinate the fight against money laundering and terrorism financing in the EU.


AMLA: Functions and Objectives

The proposed AML Authority is an independent decision making body having direct supervision of all national supervisory authorities and supporting the financial institutions by facilitating cooperation between them. In addition, AMLA will directly supervise high-risk financial institutions. Financial Institution risk will be mostly driven by the number of countries the organisation operates in, but it can also be defined based on the need for immediate action to address existing risks. AMLA will also be empowered to impose direct fines on financial institutions for failing to comply with AML/CFT rules. Those entities not falling under the direct supervision of AMLA will benefit from the harmonised rules across the EU. 






Assisting national supervisory authorities to homogeneously implement AML/CFT rules will lead to an efficient prevention of ML/TF incidents in the Union. Moreover, financial institutions operating in more than one country can benefit from direct supervision by AMLA instead of complying with various national supervisory authorities. Such a centralised approach could lead to faster and more efficient responses to emerging ML cases. 

Another important aspect of AMLA is its contribution to the fair and full communication at the supervisory level, the lack of which, as outlined by one of the regulators in the EU, played a vital role in recent prominent FC cases.

Though being empowered with supervisory functions, AMLA is not an interventive authority, so, in spite of its creation, national supervisory authorities don’t lose their supervising power at the national level. The AMLA pursues, as its main objective, the establishment of a single integrated system of AML/CFT supervision across the EU. The necessity to intervene can arise in some exceptional cases, where national supervisory authorities won’t be able or won’t possess the necessary resources to cope with a money laundering case. In such situations, national authorities can either request assistance from AMLA and try to solve it with mutual resources or transfer the whole case to AMLA.



Faced challenges

  1. a) Data protection

As outlined above, AMLA aims to encourage and facilitate data transfer and sharing among EU countries. This is one of the preconditions for the efficient cooperation and identification of ML cases in a timely manner. However, according to the recent FATF publication on data pooling and data protection, suspicious transaction reports are subject to confidentiality rules, which create challenges for information sharing, especially when it comes to cross-border sharing. Confidentiality is vital for gathering further intelligence on potential ML cases, but guaranteeing the anonymisation of personal data with legal and technological mechanisms will enable information sharing without impacting the effectiveness of the AML/CFT regime. Another challenge for data sharing is found in the data protection rules and regulations, such as GDPR. Although GDPR contains points supporting the fight against ML/TF, they are not clearly implied. Thus, the EU Commission should focus on clarifying these approaches in as much detail as possible while, at the same time, emphasizing the need for secure and confidential data sharing.

  1. b) Anticipating the next ML threats

Another challenge for the regulators worldwide, including the EU, is the ability to anticipate where the next ML threat could come from. Current regulations are focused on ML cases that have already happened, whereas there are discussions about the need to shift the focus in the direction of predicting crimes resulting in ML threats. Adopting a “looking ahead” approach will be beneficial both for financial institutions as well as for national supervisory authorities. 

If you like to discuss the latest regulatory developments and their impact on your organisation, get in touch with our PwC's Financial Crimes Team.


Members of the American Chamber of Commerce in the Czech Republic