The European Banking Authority (EBA) has raised concerns over growing money laundering and terrorist financing (ML/TF) risks across the EU’s financial sector, fuelled by geopolitical upheavals, legislative shifts, and the accelerating use of digital tools.
Published as part of its 2025 Opinion on ML/TF risks, the report offers a sweeping review of the evolving threat landscape, highlighting vulnerabilities in FinTech, RegTech, crypto-assets, and artificial intelligence.
The EBA’s findings show that 70% of national regulators across the EU believe ML/TF risks in the financial sector remain high or are rising. FinTech firms, in particular, were cited as prioritising rapid growth over strong anti-money laundering and counter-terrorist financing (AML/CFT) frameworks, often displaying weak controls and poor governance.
The use of RegTech solutions—while intended to streamline compliance—has come under fire. More than half of all serious compliance failures reported to the EBA’s European Reporting Compliance and Application (EuReCA) database stemmed from the improper implementation of RegTech tools. The EBA noted that the technology’s potential is undermined by poor oversight and a lack of internal expertise.
Crypto-asset service providers (CASPs) also continue to pose high risks. The number of authorised CASPs increased 2.5-fold between 2022 and 2024. However, many still operate without effective AML/CFT frameworks and some are deliberately circumventing regulatory controls, according to the EBA’s analysis.
A particularly worrying trend is the use of AI by criminal networks to automate laundering processes, forge identification documents, and evade detection. Financial institutions are finding it difficult to keep up, which underscores the urgent need for stronger governance of AI deployment in compliance systems.
Compliance with EU restrictive measures is another growing challenge. The report identifies a lack of adequate systems among institutions to effectively implement complex sanctions regimes. In response, the EBA will roll out new harmonised Guidelines by the end of 2025 to standardise compliance expectations across the bloc.
The Opinion is issued under Article 6(5) of Directive (EU) 2015/849, requiring the EBA to publish a biennial risk assessment. Its conclusions inform both the European Commission’s Supranational Risk Assessment (SNRA) and the regulatory strategies of national authorities.
The EBA stressed that “the consistent application of the new EU legal framework will be key to addressing these risks”, while also acknowledging that increased supervisory engagement has helped improve resilience in some sectors.
Read the full RegTech Analyst post here.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
