Consultation on EBA’s proposed AML/CFT standards

Draft RTS on the assessment of the inherent and residual risk profile of obliged entities under Article 40(2) of the Sixth Anti-Money Laundering Directive (AMLD6)

The EBA proposes a unified methodology for supervisors to assess and classify the inherent and residual risk profiles of financial entities. This approach ensures consistent evaluation of money laundering and terrorist financing risks, providing a clearer picture of each entity’s risk exposure.

Draft RTS on the risk assessment for the purpose of selection of credit institutions, financial institutions and groups of credit and financial institutions for direct supervision under Article 12(7) of the Anti-Money Laundering Authority Regulation (AMLAR). 

Under the new rules, certain obliged entities will be selected for direct supervision by the AML/CFT Authority (AMLA). The selection criteria include the extent of a bank’s operations across EU borders, with a focus on those operating in multiple Member States. This aims to help ensure that entities with significant cross-border activities are closely monitored.

Draft RTS under Article 28(1) of the AMLR on Customer Due Diligence

The RTS aims to further harmonize customer due diligence requirements, specifying the information that banks must collect and verify. 

A notable aspect of the RTS on CDD is the provision for a grace period for existing customers. Recognizing the challenges in immediately applying new CDD standards to all existing customers, the EBA proposed a risk-based approach. Obliged entities will need to comply with the new CDD measures by 10 July 2027, but can complete updates for existing customers, on a risk-based approach, the latest by 10 July 2032. This approach balances compliance requirements with operational feasibility, reducing the immediate burden on financial institutions.

Draft RTS under Article 53(10) on the AMLD6 on pecuniary sanctions, administrative measures and periodic penalty payments.

The EBA is standardizing the approach to enforcement across the EU. The RTS set out indicators for classifying the severity of breaches and criteria for determining the level of pecuniary sanctions and administrative measures. Additionally, a new system of periodic penalty payments will help address ongoing breaches effectively.