top of page

Anti Financial Crime Report 2025: Trends, Risks and Best Practices from Leading Experts

Get the report 👈

The EU’s New AML Package: What’s Changing and Why It Matters



The European Union is implementing the most significant AML reform in its history - a fundamental change in how AML rules are applied, supervised, and enforced across the EU.


The new AML Package entered into force in 2024 and introduces a consistent, centralised framework that will impact every regulated entity operating in the EU. From large banks to fintechs, from DNFBPs to crypto firms, everyone will need to adapt.


For the first time, AML rules will apply directly in every Member State. No more delays, no more patchy transposition into national laws. The EU is creating a single rulebook, a new central authority, and stronger expectations for compliance teams, supervisors, and leadership.


1. The AML Regulation (AMLR): The Single Rulebook


Regulation (EU) 2024/1640 (AMLR) applies automatically across all Member States.

It sets out clear, uniform obligations for obliged entities, including:


  • Customer Due Diligence (CDD)

  • Politically Exposed Persons (PEPs)

  • Beneficial ownership identification

  • Internal controls and governance

  • Reporting obligations


Key changes under the AMLR:


  • Expanded scope: New sectors like crowdfunding platforms, investment migration operators, mortgage credit intermediaries, non-financial holding companies, and football clubs/agents (compliance by 2029) are now included.


  • Lower thresholds: CDD now applies to occasional transactions from €10,000 (down from €15,000). Cash transactions over €10,000 are prohibited. Identification is required for any transaction between €3,000 and €10,000.


  • Beneficial ownership transparency: Firms must verify ownership of 25%+ and control more than 50% and report discrepancies within 14 days.


  • Stronger internal governance: Compliance officers, independent audit functions, business-wide risk assessments, and mandatory training are also part of the requirements.


  • Issuance of RTS: The European Banking Authority (EBA) will publish Regulatory Technical Standards (RTS) that will define minimum standards for onboarding, business-wide risk assessment and CDD.


2. The 6th Anti-Money Laundering Directive (AMLD6)


Unlike the AMLR, (EU) 2024/1640 (AMLD6) is still a directive - but one with clearer and stronger obligations for Member States and authorities.


It focuses on how AML supervision and enforcement are structured:


  • Separation of functions: Member States must clearly separate prudential and AML supervision.


  • FIU powers: Financial Intelligence Units will have stronger tools—like suspending transactions, instructing monitoring, and issuing administrative penalties.


  • Senior management checks: Registration and suitability assessments will be required for beneficial owners and top management of obliged entities.


  • Cooperation across borders: Supervisors and FIUs must collaborate more closely across jurisdictions and legal frameworks.


  • Centralised access to key data: Member States must establish registers for:


    • Beneficial ownership

    • Bank accounts

    • Real estate information


These registers must be accessible to supervisors, obliged entities, and even civil society actors (i.e. investigative journalists) with a legitimate interest.


3. The AML Authority (AMLA)


The EU is creating a new central authority - AMLA - tasked with direct supervision and coordination. It operates under Regulation (EU) 2024/1620.


  • It will directly supervise high-risk obliged entities, particularly those with cross-border operations.

  • It acts as the "supervisor of supervisors", setting expectations and intervening where national authorities fall short.

  • It will provide consistency, reduce fragmentation, and build a more credible EU AML framework.


This is a big step forward. Until now, enforcement depended entirely on national regulators, and results varied. AMLA will bring a more uniform supervisory culture to the EU.


4. The Transfer of Funds Regulation (TFR): The Travel Rule for All


Under the new EU Transfer of Funds Regulation (TFR), the travel rule now applies to both traditional financial institutions and crypto-asset service providers (VASPs). This rule requires specific information to "travel" with the transfer - whether the funds are in fiat or crypto.


What does this mean in practice?For every transaction, the following details must be collected and transmitted:


  • Originator (sender) information

  • Beneficiary (receiver) information


No minimum threshold applies. The travel rule covers all transactions, regardless of amount.


This represents a significant change, especially for the crypto sector, which previously operated under less clearly defined expectations.


What EU’s New AML Package Means for AML Professionals


This reform package will affect daily operations. If you work in compliance, here’s what to do now:


  • Review and update your internal policies

  • Ensure staff are trained and prepared

  • Invest in systems that can handle the new data, reporting, and control requirements


Consistency, transparency, and accountability are the goals. But achieving that means compliance teams need to act early and get ready for real change.


If you want help to understand your legal obligations under the new AML rules, feel free to get in touch.




bottom of page