May 2024
A landmark reform of the European anti-money laundering (AML) regime is on the verge of completion. On 24 April the European Parliament formally adopted a new AML Regulation and legislation creating the new EU Anti-Money Laundering Authority (AMLA). This in effect completes the legislative journey for the EU’s ambitious AML reform package, launched in 2021 to enhance Europe’s ability to detect and prevent financial crime.
Common standards: The single AML rulebook
Beyond the need for a clear strategy, a governance structure and well-defined financial and legal boundaries, digital trust is one of the key components of a truly cyber-resilient ecosystem.
KPMG, together with the World Economic Forum and other collaborators, has developed a global framework for digital trust. This framework serves as a decision-making guide for organizations, enabling the development and deployment of reliable, trustworthy technology and, through it, trusted collaboration ecosystem wide. The WEF defines digital trust as public expectations that “digital technologies and services — and the organizations providing them — will protect all stakeholders’ interests and uphold societal expectations and values.”
The digital trust framework provides a precise and compelling roadmap in this dynamic digital world and the inevitable need to enhance adaptability and cyber resilience among digital ecosystems. Reliance on a common framework and language offering mutual standards and practices drives enhanced collaboration, consistency and trust in ever-evolving technologies while bolstering ecosystem defenses against potential threats. The digital trust framework encapsulates three goals:
In addition, the Regulation expands the list of ‘obliged entities’ required to comply with AML rules — for example, to include professional football clubs and football agents —and imposes an EU-wide cap of EUR10,000 on cash payments. For more detailed analysis, see the KPMG AMLA Office website.
The new watchdog: AMLA starts up
The second pillar of the new AML regime, AMLA, is expected to go live in the second half of 2024, starting with the appointment of its first Chair. AMLA will serve as both a regulator and supervisor.
AMLA’s main regulatory function will be prescribing many details of the new AML rulebook via guidelines and technical standards (RTS/ITS). We understand that informal working groups of national regulators, coordinated by the European Banking Authority (EBA), have already begun preparing over 80 standards and guidelines, drawing on analysis of existing rules in different countries. Under the AML Regulation, AMLA will have between two and three years to finalise these standards. This means some could be promulgated only shortly before the Regulation itself begins to apply (three years after publication in the EU Official Journal). Consequently, firms should closely monitor AMLA’s regulatory work programme (once this is published) to prepare for each standard or guideline as it emerges.
Alongside its regulatory work, AMLA must establish itself as a supervisor. Much of the public discussion to date has focused on AMLA’s role directly supervising the entities deemed to pose the highest money laundering risks. But given that it will directly supervise only 40 firms and will only start direct supervision in 2028, AMLA’s greatest impact will likely come from its position as an indirect supervisor, coordinating and harmonizing supervision by national competent AML supervisors/authorities.
AMLA is mandated to develop a harmonized supervisory methodology for all EU competent AML supervisors/authorities to use. This methodology will include common benchmarks for assessing the risks of each supervised firm, and common approaches to supervising firms’ internal policies, practices and controls. AMLA is also required to develop standardized templates for data collection, to ensure all EU AML supervisors are working on the basis of comparable information. These tools, along with judicious use of AMLA’s powers of peer review and recommendation, will enable AMLA to drive up standards and build a common supervisory culture across the EU.
In this effort, AMLA will be able to learn from the experience of its Frankfurt neighbour, the ECB, which began prudential supervision of significant euro area banks 10 years ago. In its early years, the ECB’s supervisory approach was characterized by extensive use of standardized policies, methods and questionnaires. This prioritized consistency across banks over responsiveness to differences in business model or geography. ECB leaders argued that this was necessary to forge a common European supervisory culture: the incoming AMLA leadership may take a similar view.
How financial firms can prepare
With the introduction of the new AML regime, financial firms should take great care to follow AMLA’s policy making process to understand how far they need to adapt or overhaul their existing AML controls, policies and practices to comply. The harmonization of different national rules will mean the precise changes required will vary depending on the countries in which firms operate – and in some cases, will give firms more, not less flexibility. The new single rulebook will take effect in 2027, but the groundwork will already be laid in the coming months. Therefore, firms should take the following key steps now to prepare:
KPMG’s new AMLA Office will act as a centre of expertise on the new agency. As the authority begins operations, our AMLA Office will provide regular updates and analysis of AMLA’s rulemaking and the development of its supervisory policies and practices. KPMG professionals are a prime contact for support in preparing for the new regulatory environment and for assistance with the implementation of appropriate compliance measures, i.e. to help you achieve “AMLA readiness”.
Quarterly KPMG SSM Insights Newsletter – May edition
Welcome to KPMG’s first SSM Insights Newsletter of 2024. This year will see the SSM celebrate its 10th anniversary. It was in November 2014 that the ECB took over direct.