Financial institutions across Europe are facing a fundamental shift in how anti-money laundering compliance is designed, evidenced and supervised, as the EU’s new AML Regulation moves towards its main application date of 10 July 2027.
According to Muinmos, the AMLR, formally Regulation (EU) 2024/1624, is the principal substantive rulebook for the private sector under the EU’s new AML/CFT package.
Muinmos recently put together a practical guide to the AMLR and what you need to know about it.
It covers business-wide risk assessments, customer due diligence, beneficial-ownership analysis, enhanced and simplified due diligence, ongoing monitoring, politically exposed persons, targeted financial sanctions risk, suspicious-transaction reporting and group-wide controls.
It sits alongside the Sixth Anti-Money Laundering Directive, the regulation establishing the new authority AMLA, and the recast Transfer of Funds Regulation.
The EU acted because a directive-based framework had produced uneven implementation, supervision and outcomes across 27 national regimes. For cross-border firms, this frequently meant maintaining multiple jurisdictional interpretations of what was intended to be a single framework.
The package also responds to changing risks, including crypto-assets, complex ownership chains and sanctions-evasion techniques, as well as supervisory weaknesses exposed by serious failings in individual member states.
Several changes stand out in practice. The AMLR sets a more prescriptive customer due diligence baseline, backed by a detailed technical standard to be developed by AMLA. Beneficial ownership must be assessed through both ownership and control, with a 25% threshold and rules for calculating indirect holdings; material register discrepancies must generally be reported within 14 calendar days.
Customer data refreshes now have defined outer limits, at no more than one year for higher-risk customers and five years for others. Sanctions circumvention risk is expressly embedded in the AML framework, and there is a specific enhanced regime for wealth-management relationships involving at least €5m under management and customers with total assets of €50m or more.
The Frankfurt-based AMLA will act as rule-maker, supervisory convergence body and FIU coordinator, and will directly supervise up to 40 high-risk cross-border institutions from 2028, with selection running through 2026 and 2027. Most firms will remain under national supervision, but AMLA’s methodologies will shape what those supervisors expect.
RegTech providers such as Muinmos argue that firms using configurable compliance platforms are already well positioned, while others should follow a three-stage programme: map the regulation into a control and data matrix, design a target operating model with controlled assumptions for pending Level 2 rules, and remediate the existing customer book and vendor environment.
The regulation is final and in force. Waiting for every technical standard is not an option; the institutions best prepared for July 2027 will be those that can demonstrate, decision by decision, that the AMLR is embedded in their data, workflows and governance.
Copyright © 2026 FinTech Global









