Skip to content
Home

3 February 2026 | 5 min

EU Anti-Money Laundering Reform and AMLA: What Companies Need to Know and Do Now

The European Union is undergoing the most far-reaching reform of its anti-money laundering framework since the creation of the single market. With the new EU Anti-Money Laundering Package, consisting of the Anti-Money Laundering Regulation (AMLR), the 6th Anti-Money Laundering Directive (AMLD6) and the new supervisory authority AMLA, the EU is fundamentally reshaping how financial crime is prevented and enforced.

The objective is clear: end fragmented national rules, close regulatory loopholes and significantly strengthen the fight against money laundering and terrorist financing. However, the impact goes far beyond the EU itself and affects many Swiss and international companies that operate in or with the European Union.

For businesses, one thing is certain: this is no longer a topic to observe – it is a topic to prepare for.

Key Takeaways

  • The EU is fully harmonising its anti-money laundering framework
  • From July 2027, uniform and directly applicable rules will apply across all EU member states
  • AMLA introduces a central EU authority with direct supervisory powers
  • Requirements for KYC, CDD, data quality and governance will increase significantly
  • Non-EU companies with EU exposure are also affected
  • 2026 is the critical preparation phase for companies

What Is the EU Anti-Money Laundering Reform Package?

The reform consists of three core elements:

1. The EU Anti-Money Laundering Regulation (AMLR)

The AMLR is a directly applicable regulation. Unlike previous directives, it does not need to be transposed into national law. As a result, the same rules will apply uniformly across all EU member states.

It regulates, among other things:

  • Customer identification and risk assessment
  • Beneficial ownership
  • Ongoing monitoring of business relationships
  • Internal controls and documentation requirements

2. The 6th Anti-Money Laundering Directive (AMLD6)

AMLD6 complements the regulation, particularly with regard to:

  • Criminal liability for money laundering offences
  • Corporate and management liability
  • Cooperation between authorities

Its aim is to ensure consistent enforcement and sanctions across the EU.

3. The New EU Authority: AMLA

The Anti-Money Laundering Authority (AMLA) is the centrepiece of the reform. It:

  • Directly supervises selected large or high-risk institutions
  • Coordinates national supervisory authorities
  • Develops technical standards and guidance
  • Sets new benchmarks for inspections and enforcement

Why Is This Reform Happening?

Fragmentation as a Structural Weakness

Until now, EU anti-money laundering rules were based on directives that allowed significant national discretion. This resulted in:

  • Inconsistent supervisory standards
  • Regulatory arbitrage
  • Weak cross-border enforcement

Criminal networks have systematically exploited these differences.

Financial Crime Is Cross-Border by Nature

Modern money laundering and terrorist financing schemes are:

  • Digital
  • International
  • Highly networked

National supervision alone is no longer sufficient to address these risks effectively.

Political and Public Pressure

High-profile money laundering cases over recent years have:

  • Undermined trust in financial systems
  • Increased political pressure for centralisation
  • Demonstrated that voluntary harmonisation does not work

The reform is therefore also a political statement: the EU intends to enforce its rules consistently.

What Will Change for Companies?

Uniform and Stricter Requirements

Companies should expect:

  • Less room for interpretation
  • More clarity, but higher standards

Practices that are currently acceptable in certain jurisdictions may no longer be sufficient under EU-wide rules.

Key areas affected include:

  • KYC and CDD processes
  • Risk scoring models
  • Documentation depth
  • Transaction monitoring mechanisms

Increased Focus on Data Quality and Transparency

The reform strongly emphasises:

  • Structured, reliable data
  • Register-based verification
  • Consistent customer information across systems

Legacy data issues and fragmented data landscapes will become a significant compliance risk.

Stronger Supervision and Sanctions

With AMLA, companies face:

  • A higher likelihood of supervisory reviews
  • More consistent enforcement across jurisdictions
  • Increased personal accountability for senior management

AML compliance becomes a strategic leadership issue, not just a regulatory function.

Who Is Particularly Affected?

  • Banks and insurance companies
  • Asset managers and investment funds
  • Payment service providers and fintechs
  • Crypto-asset service providers
  • Real estate and corporate service providers
  • Non-EU companies with EU subsidiaries or EU-based clients

Even companies headquartered outside the EU are affected if they conduct business within the EU framework.

How Should Companies Respond Now?

1. Conduct an Early Gap Analysis

Companies should assess:

  • Current AML obligations and practices
  • Differences between existing frameworks and the future EU standards
  • High-risk processes and areas of exposure

This creates a realistic foundation for planning.

2. Rethink Processes and Governance

The reform is not merely a technical or IT issue. It requires:

  • Clear accountability and ownership
  • Stronger coordination between compliance, IT and business units
  • Management-level oversight and escalation structures

3. Modernise Data and Systems

Future-proof AML frameworks require:

  • High-quality master data
  • Centralised data architectures
  • Automated monitoring and control mechanisms

Manual workarounds will no longer be sufficient.

4. Invest in Training and Culture

Employees must:

  • Understand new regulatory expectations
  • Be able to identify risks
  • Take ownership of compliance responsibilities

AML increasingly becomes a matter of corporate culture, not just policy adherence.

Conclusion

The EU Anti-Money Laundering Reform is not a marginal regulatory update – it represents a fundamental system change. With uniform rules and a central supervisory authority, the EU is raising the bar for transparency, consistency and enforcement.

Companies that act early can:

  • Reduce regulatory and operational risk
  • Handle supervisory reviews more confidently
  • Strengthen trust with customers and partners

Those who wait risk last-minute remediation, operational disruption and reputational damage.

Now is the right time to rethink AML strategically.

FAQ – Frequently Asked Questions on the EU AML Reform

When will the new rules apply?

The core requirements will apply from July 2027. However, preparation in 2025–2026 is essential.

Does the reform apply to non-EU companies?

Yes, if they operate in the EU, serve EU clients or maintain EU subsidiaries.

Will AMLA supervise every company directly?

No. AMLA will directly supervise selected large or high-risk institutions and coordinate national authorities for all others.

Is it sufficient to slightly adjust existing AML processes?

In many cases, no. The reform requires structural changes to data, governance and operating models.

Is this only relevant for compliance teams?

No. It affects senior management, IT, operations and strategic planning across the organisation.

Share

Related posts

Holiday gifts for business partners in the DACH region
11 December 2025 | 6 min

Holiday gifts for business partners in the DACH region

 During the Christmas season, many companies take the opportunity to thank their business partners with small gifts. These gestures strengthen relationships, show appreciation and are often part of a company’s culture. At the same time, tax rules, compliance requirements and internal guidelines must be respected – and these differ between Germany, Austria and Switzerland. This<a href="https://zazoon.com/holiday-gifts-for-business-partners-in-the-dach-region/">Continue reading <span class="sr-only">"Holiday gifts for business partners in the DACH region"</span></a>
Read more
New EU AI Requirements 2025: What Companies Must Know Now
05 August 2025 | 5 min

New EU AI Requirements 2025: What Companies Must Know Now

 The European Union is launching a new era of regulated artificial intelligence with the AI Act (Regulation 2024/1689). Starting August 2, 2025, binding rules will apply to both providers and users of General Purpose AI (GPAI) models. Organizations that build or integrate AI systems – particularly in generative AI, machine learning, natural language processing, or<a href="https://zazoon.com/new-eu-ai-requirements-2025-what-companies-must-know-now/">Continue reading <span class="sr-only">"New EU AI Requirements 2025: What Companies Must Know Now"</span></a>
Read more
MiCA: The New EU Crypto Regulation and Its Impact on GRC
26 August 2025 | 3 min

MiCA: The New EU Crypto Regulation and Its Impact on GRC

 The regulation of crypto-assets in the European Union has reached a historic milestone with the introduction of the Markets in Crypto-Assets Regulation (MiCA). Fully applicable since the end of 2024, MiCA establishes, for the first time, a unified legal framework for the crypto market across all EU member states. Its goal is to foster market<a href="https://zazoon.com/mica-the-new-eu-crypto-regulation-and-its-impact-on-grc/">Continue reading <span class="sr-only">"MiCA: The New EU Crypto Regulation and Its Impact on GRC"</span></a>
Read more