Europe’s fight against financial crime has long been complicated by one simple fact: while the rules may be set at EU level, supervision and enforcement have remained largely national responsibilities.
The result has often been inconsistency, with firms facing different expectations depending on where they operate. The arrival of the Anti-Money Laundering Authority (AMLA) could begin to change that. Created in response to years of high-profile money laundering failures and concerns over uneven supervision, AMLA is intended to bring greater coordination, consistency and accountability to the European framework.
But how far will its influence extend? Is AMLA another layer of oversight in an already complex regulatory landscape, or the first real step towards a single European financial crime regime?
Will AMLA provide coherence to fragmentation?
In the view of Areg Nzsdejan, CEO of Cardamon, on the question of whether AMLA will finally replace fragmented national AML supervision with a single coherent regime, he states no – but it is the most credible step in that direction the EU has ever taken.
He remarked, “The honest answer is that AMLA doesn’t replace national supervision. It sits alongside it. The vast majority of obliged entities will continue to be supervised by their national competent authorities – after all, there has to be a reason for them to exist! AMLA will directly supervise only around 40 selected entities at launch – the largest, highest-risk cross-border financial institutions. Everyone else stays with national supervisors.”
What changes more meaningfully, he believes, is the rulebook. The AML Regulation is directly applicable across all member states, he states, without transposition. “For years, one of the biggest sources of fragmentation was different implementations of the same directive. Fourteen different versions of what counts as a beneficial owner, or what triggers enhanced due diligence, created exploitable gaps. A single regulation closes most of that,” he detailed.
Therefore, AMLA is less about replacing national supervision and more about putting a ceiling on divergence. National supervisors still operate, but within a tighter set of constraints than before. “The regime isn’t unified – but it’s considerably less fragmented than it was,” he Nzsdejan summarises.
Meanwhile, Napier AI head of strategy Kevin McGuinness said that AMLA represents a vital step towards harmonising Europe’s fragmented AML landscape, but regulation along won’t solve the problem.
He remarked, “The real challenge lies in execution. Many institutions are still operating on siloed, legacy infrastructure that simply isn’t designed for a unified regime. AMLA should act as a catalyst for transformation—driving a shift toward integrated, data-centric and AI-enabled compliance models that can deliver consistency at scale.”
For McGuinness, there is still a substantial gap between regulatory intent and operational reality for most firms, so while AMLA will set the direction, he believes many firms will struggle unless they modernise their underlying data, operating models and systems.
For Aurimas Bakas, CEO of Copla, the creation of AMLA is not an isolated development, but part of a much broader move towards centralised, data-driven supervision across Europe.
“AMLA represents a structural shift the EU has been building toward for some time,” he says. “The register-based supervision model it introduces reflects a broader regulatory direction that is already visible in other domains.”
Bakas points to the EU’s work under DORA as a clear example. Through consolidated registers of ICT third-party providers, regulators are gaining a cross-border view of operational dependencies across the financial sector. AMLA, he argues, applies the same principle to financial crime, providing supervisors with a more comprehensive picture of risk across jurisdictions.
That, however, does not automatically guarantee more consistent enforcement.
“Whether it delivers coherent enforcement depends on how actively supervisors use that consolidated view,” says Bakas. “The architecture is sound. The precedent from ICT third-party oversight suggests that data collection is the easier part. The harder part is building supervisory capacity and the appetite to act on what the registers reveal.”
While AMLA will take direct responsibility for overseeing the highest-risk institutions, it will still inherit an environment where national authorities differ significantly in expertise, resources and enforcement approach. Those variations will not disappear overnight simply because a new authority has been established.
As a result, Bakas believes AMLA’s most immediate impact may be in shaping expectations rather than transforming enforcement from day one.
“The more meaningful near-term effect may be normative rather than enforcement-driven,” he explains. “A single European regime sets a consistent baseline that firms must meet regardless of where they are incorporated.”
In practice, that could be one of AMLA’s most important contributions. For years, fragmented supervision has created uneven standards across the bloc, allowing firms to navigate different regulatory expectations depending on jurisdiction.
“That removes a category of regulatory arbitrage and raises the floor across member states,” says Bakas. “Historically, that is where fragmented supervision has caused the most damage.”
For Bakas, the significance of AMLA lies not simply in its supervisory powers, but in its ability to create a more consistent operating environment across Europe. Whether it ultimately delivers a truly unified regime will depend on enforcement, but establishing a common baseline may prove to be the first and most important step.
What power will shift to AMLA
How much supervisory power will realistically shift from national regulators to AMLA? For the Cardamon CEO, less than the headlines suggest. However, the indirect shift is larger than the direct one.
He said, “In terms of direct supervisory power, the transfer is limited. Around 40 entities move under AMLA’s direct remit. For the rest of the market, day-to-day supervision stays national. The ECB experience with the SSM is a useful reference point – even after the Single Supervisory Mechanism was established, national authorities retained significant roles in practice. Institutions built relationships with national supervisors, and change moved slowly.”
For Nzsdejan, the more interesting shift is structural. “AMLA has powers to issue binding technical standards, conduct peer reviews, and – critically – intervene when national supervisors are not acting effectively. That last power is significant. It creates accountability for national supervisors in a way that never previously existed.”
In practice, the Cardamon CEO said, this means that even where AMLA doesn’t directly supervise, it shapes how supervision is conducted. National supervisors know they are being watched. That affects behaviour, even before any intervention occurs.
“The political reality also can’t be ignored. Member states with major financial centres were never going to accept a wholesale transfer of supervisory authority. What was agreed reflects the limits of what was politically achievable. But those limits may shift over time, particularly if AMLA demonstrates that its selected entity supervision produces materially better outcomes,” explained Nzsdejan.
McGuiness remarked that power will shift selectively rather than wholesale. AMLA is expected to directly supervise a relatively small number of high-risk entities, while coordinating and guiding national regulators. “Its influence will be substantial, particularly in setting expectations, but national authorities will remain central to day-to-day supervision for most firms,” he said.
What a centralised model can do
Can a centralised model actually improve enforcement consistency across member states?
In the view of McGuinness, it can, particularly in areas like regulatory interpretation, data sharing, and benchmarking.
He said, “A central authority can reduce inconsistencies in how rules are applied, which has historically been a weakness in the EU framework. However, full consistency will depend on how effectively AMLA collaborates with national regulators and enforces standards in practice.”
Meanwhile, Nzdejan believes this centralised is model is where the real potential sits, and also where the risk of disappointment is greatest.
He said, “The European AML enforcement record over the last decade has been poor. Danske Bank, Swedbank, Raiffeisen – significant failures that happened not because the rules didn’t exist, but because national supervisors were either too slow, too deferential, or too focused on reputational risk to act decisively. In some cases there were genuine conflicts of interest. Supervisors were also regulating institutions that were significant parts of their national economy.
For Nzdejan, a central body with cross-border visibility changes that dynamic. AMLA has no national constituency to protect. It has no domestic banking sector to be cautious about. That independence should translate into more consistent, more credible enforcement over time, he said.
“The critical variable is data sharing,” remarked the Cardamon CEO. “Enforcement consistency only follows from intelligence consistency. National FIUs have historically been territorial about sharing – AMLA’s role in coordinating the FIU network is potentially as important as its supervisory function, but it depends on whether member states cooperate in practice rather than just in principle.”
The harder problem in the view of Nzsdejan is supervisory culture. He said that consistent rules don’t automatically produce consistent enforcement. The way supervisors interpret ambiguous situations, what they consider proportionate, how they interact with firms – these are cultural and institutional habits that take years to change, he said.
“AMLA can issue guidance, conduct peer reviews, and share best practice. But turning that into genuinely consistent enforcement across 27 member states is a decade-long project, not a launch-day outcome,” remarked Nzdejan.
He concluded, “I would say the direction of travel is the right one. For the first time, there is a European institution with both the mandate and the tools to drive convergence in how AML supervision is actually conducted. Whether it delivers on that depends less on the regulation and more on whether AMLA builds the institutional credibility to hold national supervisors to account. That part remains to be seen!”
The barriers that stand in the way
The argument for bringing AML, fraud and KYC functions closer together is no longer particularly controversial. Most firms recognise the operational benefits of a more unified approach to financial crime risk. According to Aurimas Bakas, CEO of Copla, the challenge is not convincing organisations of the value of convergence. It is overcoming the structural barriers that continue to stand in the way.
“The operational case for convergence is already well established,” says Bakas. “The barriers that remain are structural rather than conceptual.”
At the top of that list is technology infrastructure. Over many years, AML, fraud and KYC teams have typically built their own vendor ecosystems, data sources and workflows, each designed to meet specific operational requirements. While that approach may have made sense historically, it creates significant challenges when firms attempt to unify intelligence across functions.
“The most underappreciated barrier is third-party infrastructure fragmentation,” Bakas explains. “When the underlying vendor layer is fragmented, unified intelligence becomes architecturally difficult before it becomes analytically difficult.”
Addressing that problem often requires far more than internal reorganisation. Procurement decisions, contract renegotiations and large-scale data migration projects can all become prerequisites for meaningful convergence, adding complexity that many programmes underestimate.
Regulatory obligations present a second challenge. Although AML, fraud and KYC teams increasingly work with overlapping datasets and risk indicators, they remain subject to different regulatory expectations, reporting requirements and audit standards.
“Convergence at the operational level does not eliminate the need to satisfy those frameworks separately,” says Bakas. “As a result, firms often maintain parallel governance structures even after consolidating teams.”
Until regulators provide greater clarity on how integrated financial crime functions can meet distinct compliance obligations, many institutions are likely to favour caution over consolidation.
The final obstacle is data ownership. Effective convergence depends on information moving freely across functions, yet customer and transaction data has traditionally been managed within separate organisational silos. Internal governance policies, combined with data protection considerations in some jurisdictions, can slow integration efforts even where there is strong executive support.
“Convergence requires sharing customer and transaction data across functions that have historically treated their datasets as proprietary,” Bakas notes. “That creates friction regardless of organisational intent.”
For Bakas, the firms making the greatest progress are not necessarily those redrawing organisational charts, but those investing in the foundations that make convergence possible.
“The organisations moving fastest are addressing the vendor and data layers first,” he says. “Structural convergence follows far more reliably when the shared infrastructure is already in place.”
In that sense, financial crime convergence is becoming less of an organisational challenge and more of a technology and data challenge. The firms that solve those underlying issues are likely to be the ones that realise the full value of a unified financial crime strategy.
Greater European consistency
For RelyComply, AMLA represents a significant step towards greater consistency in European financial crime compliance. The combination of a single rulebook, reinforced cooperation between Financial Intelligence Units and direct supervisory powers gives the authority a level of influence that previous initiatives lacked.
However, the firm cautions that harmonisation on paper does not automatically translate into harmonisation in practice.
“AMLA is the most ambitious attempt at AML harmonisation Europe has ever made,” says RelyComply. “It might also expose just how fragile that ambition is.”
The challenge, it argues, lies in the uneven maturity of AML frameworks across the bloc. While some institutions have invested heavily in automated identity verification, continuous transaction monitoring and robust data governance, others remain at a much earlier stage of development. That disparity creates weaknesses that criminals are often quick to exploit.
“A unified regime is only as strong as its weakest member state,” the company notes. “Jurisdictions with low AML maturity don’t just underperform — they create structural blind spots that sophisticated criminal networks will exploit.”
Technical barriers remain another obstacle. Access to beneficial ownership data is still inconsistent across Europe, while variations in data structures, identification standards and transaction monitoring frameworks continue to make cross-border information sharing difficult. Although AMLA’s planned AML/CFT database and deeper FIU integration could help address these issues, RelyComply believes success will ultimately depend on how institutions respond.
“The cultural shift required is significant,” the firm says. “Embedding AML thinking into systems, processes and data architecture from the outset — rather than retrofitting it later — will determine whether AMLA becomes Europe’s gold standard or simply another framework that organised criminals learn to navigate around.”
For RelyComply, the distinction is clear. Regulatory reform can establish the foundations, but the effectiveness of a single European financial crime regime will ultimately be determined by execution at the institutional level.
Copyright © 2026 FinTech Global
