From Directive to Regulation – How will the European AML framework change in the following years

In our last article we discussed the future EU AML Authority. As part of the same entitled ambitious legislative package, the EU Commission also presented a proposal for a new 6th AML Directive (Directive on the mechanisms to be put in place by the Member States for the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and repealing Directive (EU) 2015/849) and a new AML Regulation (Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing).

Regarding the 6th AML Directive, the title might be confusing because the already transposed Directive (EU) 2018/1673 on combating money laundering by criminal law, was already nicknamed by the experts of the industry as the 6th AML Directive. However, as the name says, this directive was regulating the AML framework only from a criminal law perspective, and is not replacing or amending the 5th AML Directive.

The new Directive is officially named by the European Commission as the 6th AML Directive, and it will replace the existing Directive 2015/849/EU (the 5th).

The most important changes brought by this Directive:

  • The powers and tasks of FIUs and Supervisors are clarified to ensure they have all the instruments necessary to take action;
  • Provisions on Beneficial Ownership registers are extended and clarified;
  • There is a new common risk categorisation tool put in place to avoid divergent risk understanding and to harmonise risk-based supervision;
  • The requirement on the European Commission to conduct a periodical Supranational Risk Assessment, contained in the current framework, is maintained, however the assessment period has been extended to every four years. The assessment will be based on input from AML Authority. National Risk Assessments by Member States will also be conducted every four years;
  • A new section that isn’t present in the current Directive refers to the Self-Regulatory Bodies (SRB). If a Member State confers AML supervision of certain obliged entities to a SRB, the SRB must be supervised by a public authority. This is introduced through a duty of oversight for which the public authority which acts as supervisor is responsible;
  • The new Directive also clarifies the administrative measures. The Member States are required to notify the Commission and AMLA regarding their arrangements relating to the imposition of administrative sanctions or measures;
  • The AML Authority will have the duty of preparing the Regulatory Technical Standards that will set the indicators used to classify the gravity of the breaches and criteria for imposing administrative sanctions or measures.

Regarding the AML Regulation, this was proposal comes to cater to a need of harmonised rules and stronger rules on the national systems as well. The European Commission’s 2019 Report identified the lack of consistent approaches to supervision of obliged entities, divergent outcomes for different service providers, uneven acces to information by FIUs and lack of common tools that could help cooperation between FIUs. All these elements limited the detection of cross-border ML/TF cases.

The most important provisions included in the AML Regulation:

  • A considerable number of provisions are transferred from the current Directive (the 5th) to the AML Regulation, such as definitions, provisions related to Risk Assessment, CDD, PEP, Reporting obligations and a number of provisions are added or updated;
  • Article 3 extends the scope of obliged entities. The scope of crypto-asset service providers (CASPs) is aligned with that of the scope of FATF, therefore widened. New obliged entities are crowdfunding service providers which fall outside the scope of Regulation (EU) 2020/1503 (Regulation on crowdfunding service providers), creditors for mortgage and consumer credits as well as intermediaries that are not credit institutions or financial institutions, operators involved on behalf of third country nationals in the context of investor residence schemes, traders in goods are removed, except for dealers in precious metals and stones;
  • Obliged entities must take all measures at the level of their management to implement internal policies, controls and procedures, including the appointment of a dedicated compliance manager (Article 9), and ensure that responsible staff are appropriately trained, measures that exist in the current framework, but are also clarified;
  • Regarding CDD, the fundamental objective of CDD is clarified as being to obtain sufficient knowledge of customers enabling obliged entities to determine the money laundering and terrorist financing risks and to decide the corresponding measures;
  • Third countries will be subjected to two different sets of consequences, proportionate to the risk they pose to the Union’s financial system: (1) third countries subject to all EDD measures and to additional country-specific countermeasures; and (2) third countries subject to country-specific enhanced due diligence measures (provided in Article 8). The classification as third country will be based on the FATF list or the Commission’s own assessment, based on the following criteria: significant strategic deficiencies and compliance weaknesses in the national AML/CFT regime or posing a threat to the Union’s financial system;
  • According to Article 15(5), two years after the entry into force of the Regulation, the AML Auhtority will draft a set of Regulatory Technical Standards in Relation to CDD;
  • The AML Authority will also draft Regulatory Technical Standards specifying a common template for the reporting of suspicious transactions to be used as a uniform basis throughout the EU. This will facilitate conducting reporting obligations and enhance the efficiency and cooperation of FIU in analysing and detecting suspicious transactions;
  • According to article 58 of the proposal credit institutions, financial institutions and crypto-asset service providers shall be prohibited from keeping anonymous accounts. Moreover, companies that are not listed are prohibited from issuing bearer shares and are required to register those shares.

The proposal for an AML Regulation represents a crucial milestone in the AML/CFT legal framework, given the fact that multiple implementation issues and differences come from the way the Directives have been transposed into national law. The Regulation ensures that the provisions will be adopted consistently across the whole EU territory.

The rules that apply to the private sector have been transferred exclusively to the AML Regulation. However, in recognition of the need for flexibility for Member States in this area, the organisation of the institutional AML/CFT system at national level is left to the 6th AML Directive.

These two legislative proposals will form the EU singular rule-book on AML/CFT.


  • Proposal for a Directive of the European Parliament and of the Council on the mechanisms to be put in place by the Member States for the prevention of the use of the financial system for the purposes of money laundering or terrorist financing and repealing Directive (EU) 2015/849;
  • Proposal for a Regulation of the European Parliament and of the Council on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing.
This website uses cookies and asks your personal data to enhance your browsing experience.