2026 AML/CFT Consultations - Unpacking AMLA's New Draft RTS: Key Takeaways For The Financial And Non‑Financial Sectors

After the European Banking Authority (EBA) handed over its anti-money laundering functions to the Anti-Money Laundering Authority (AMLA) on 31 December 2025, AMLA was quick to deliver on its responsibility under Regulation (EU) 2024/1624 of the European Parliament and of the Council of 31 May 2024 (AMLR) and Directive (EU) 2024/1640 of the European Parliament and of the Council of 31 May 2024 (AMLD6) to draft regulatory technical standards (RTS).

On 9 February, AMLA took next steps by launching public consultations covering draft RTS on

1. customer due diligence (Article 28 para. 1 AMLR)¹,
2. pecuniary sanctions, administrative measures and periodic penalty payments (Article 53 para. 10 AMLD6)², and
3. criteria for identifying business relationships, occasional and linked transactions, and lower thresholds (Article 19 para. 9 AMLR).³

While the draft RTS on the criteria for identifying business relationships is being made available to the public for the first time, the other two draft RTS have already undergone earlier discussion during EBA-led consultations in 2025 – please see our previous blog post.

AMLA reviewed these draft RTS and also considered input from an expert group on Money Laundering and Terrorism Financing. Such expert group has been set up by the European Commission and comprises representatives of non-financial supervisors to complement the EBA's work with sector-specific input.⁴ The renewed consultation focuses, in part, on ensuring that the RTS adequately reflect the interests of the non-financial sector in addition to those of the financial sector.

Although AMLA explicitly requests feedback from non-financial obliged entities, the repeated consultation and scope of the RTS are not limited to these obliged entities.

Here is a selection of noteworthy aspects from the consultations:

1. Draft RTS on Customer Due Diligence (Article 28 para. 1 AMLR)

There have been some noteworthy changes to the draft RTS on customer due diligence compared to EBA's earlier draft.⁵

• Power of representation - The revised draft RTS introduce recital 12, which refers to the provisions in the draft RTS regarding the information to be collected by obliged entities to verify the existence and scope of any power of representation (cf. Article 16 of the draft RTS⁶ and Article 22 AMLR⁷). Recital 12 clarifies that such information may include documentation evidencing a power of attorney or statutory representation, such as proof of legal or parental representation by means of a birth certificate or court-appointed guardianship.⁸
• Data Re-Use - One key development is the introduction of recital 21, which addresses the use of information that is already available to the obliged entity or other entities within the group. It encourages obliged entities to rely on such information rather than duplicating data collection - for example, information that was obtained to understand the customer's investment profile, or the nature of the engagement, or as part of the audit acceptance process.⁹ The introduction of recital 21 is a welcome step, clarifying that the re-use of information within an entity and within the group is, in principle, permissible. Still, as a recital rather than a binding provision, it leaves central questions open: how far data reuse may extend, where the boundaries lie in practice, or whether the intention is ultimately to leave this to each obliged entity's risk‑based approach.
• Remote Verification Solutions - One additional change worth noting is the new Art. 7 para. 4 of the draft RTS. Where obliged entities use remote verification solutions under Art. 7 para. 3 of the draft RTS, they must now be able to justify why the customer could not be verified through verification methods under Art. 22 para. 6 AMLR.¹⁰ In other words, they must explain why face to face verification or an eIDAS Compliant Solution was "not available" or could not "reasonably be expected to be provided." This clearly signals an intention to prioritise eIDAS Compliant Solutions, placing the burden on obliged entities to justify alternative remote onboarding solutions. The crucial points, however, remain unclear: when exactly is an eIDAS Compliant Solution "not available" and when can it "reasonably not be expected"?
• Grace Period - The transition period in Article 33 of the draft RTS has been clarified. With regard to business relationships established before entry into force of the RTS, obliged entities are required to bring the obtained documents, data, and information in line with the new requirements set out in the AMLR and in the RTS on a risk-sensitive basis. In any event, though, this shall be done consistently within the deadlines set out in Article 26 para. 2 AMLR for ongoing monitoring purposes.¹¹

2. Draft RTS on pecuniary sanctions, administrative measures and periodic penalty payments (Article 53 para. 10 AMLD6)

The text of these draft RTS has remained largely unchanged from the version submitted by the EBA in its response to the Call for Advice.¹² With its decision to conduct a new consultation based on the previous draft RTS, AMLA is seeking additional feedback from stakeholders in the non-financial sector.¹³

This is because the draft RTS are setting common, principle-based provisions applicable both to the financial and non-financial sector. AMLA is mindful that some non-financial stakeholders may have been unaware of EBA's public consultation, given EBA's remit on the financial sector. The additional consultation is therefore intended to ensure that the specific characteristics of the non-financial sector are taken into account and do not conflict with the supervisory approach.¹⁴

3. Draft RTS on criteria for identifying business relationships, occasional and linked transactions and lower thresholds (Article 19 para. 9 AMLR)

Article 19 para. 9 AMLR requires AMLA to specify in RTS (i) high-risk obliged entities, sectors or transactions to which a lower threshold for customer due diligence measures should apply and (ii) criteria for identifying business relationships, occasional transactions and linked transactions.

• Fortunately for obliged entities, AMLA has not yet identified any additional risks that would justify lower thresholds than those already set out in Article 19 AMLR.¹⁵ Obliged entities are currently spared any additional administrative burden that would be caused by stricter rules. Hence, the requirements set out in the AMLR and the risk-based approach laid down therein remain solely applicable for the time being.
• In the draft RTS, AMLA introduces additional definitions (Article 1), establishes criteria for distinguishing occasional transactions from business relationships (Article 2) and sets out, which criteria shall – at a minimum – be taken into account, in order to identify linked transactions (Article 3).
• As regards the criteria for distinguishing a business relationship from an occasional transaction, Article 2 para. 1 of the draft RTS requires obliged entities to at least take into account "the use of online services through a registration providing ongoing access as a criterion when considering the element of duration in the definition of a business relationship".¹⁶ The RTS provides additional sector-specific guidance, e.g. for financial institutions, providers of gambling services and football clubs.
• The criteria that obliged entities should at least use to identify linked transactions according to Article 3 of the draft RTS are quite extensive.¹⁷ While identifying linked transactions can be an effective tool to prevent circumvention of AML obligations, the practical implementation of the requirement to consider all specified criteria and to embed these in the compliance infrastructure will likely be challenging and costly for obliged entities.

Next Steps

Stakeholders are encouraged to provide feedback

• until 9 March 2026 on the draft RTS on pecuniary sanctions, administrative measures and periodic penalty payments; and
• until 8 May 2026 on both the draft RTS on Customer Due Diligence and the draft RTS on criteria for identifying business relationships, occasional and linked transactions and lower thresholds.

By 10 July 2026, AMLA is expected to submit the final draft versions of all of these RTS to the European Commission for adoption.

Footnotes

1 AMLA Consultation Paper Draft RTS under Article 28 para. 1 AMLR.

2 AMLA Consultation Paper Draft RTS under Article 53 para. 10 AMLD6.

3 AMLA Consultation Paper Draft RTS under Article 19 para. 9 AMLR.

4 AMLA Consultation Paper Draft RTS under Article 28 para. 1 AMLR, p. 34.

5 EBA Response to the European Commission's Call for Advice on six AMLA mandates.

6 Article 16 of the Draft RTS on Customer Due Diligence governs identification and verification of the person purporting to act on behalf of the customer.

7 Article 22 AMLR governs identification and verification of the identity of customers and beneficial owners.

8 AMLA Consultation Paper Draft RTS under Article 28 para. 1 AMLR, p. 11.

9 AMLA Consultation Paper Draft RTS under Article 28 para. 1 AMLR, p. 12.

10 Article 22 para. 6(a) AMLR sets out verification through direct access of the obliged entity or provided directly by the customer. Art. 22 para. 6(b) AMLR sets out remote verification through the use of electronic identification means which meet the requirements of Regulation (EU) 910/2014 with regard to the assurance levels 'substantial' or 'high' and relevant qualified trust services ("eIDAS Compliant Solution").

11 Article 26 para. 2 AMLR sets out two risk-based categories in terms of the frequency of updates of the relevant documents, data or information of the customer. For higher risk customers the period between updates shall not exceed one year and for all other customers, five years.

12 EBA Response to the European Commission's Call for Advice on six AMLA mandates.

13 AMLA Consultation Paper Draft RTS under Article 53 para. 10 AMLD6, p. 3, 5.

14 AMLA Consultation Paper Draft RTS under Article 53 para. 10 AMLD6, p. 5.

15 AMLA Consultation Paper Draft RTS under Article 19 para. 9 AMLR, p. 6.

16 AMLA Consultation Paper Draft RTS under Article 19 para. 9 AMLR, p. 14.

17 AMLA Consultation Paper Draft RTS under Article 19 para. 9 AMLR, p. 15.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.