Submit RFP

      The EU’s legislative package on anti-money laundering (AML) and combating terrorist finance (CFT) was adopted in July 2024, creating a new EU AML/CFT regime via three legal instruments. These are the AMLA Regulation (AMLA-R) establishing the new AML Authority, the AML Regulation (AMLR) determining the scope and shape of regulation, and the 6th Directive on AML/CFT (AMLD6) setting out mechanisms for member states to implement.

      These Level 1 instruments set out detailed expectations for AMLA to complete a Single Rulebook harmonising AML/CFT regulation across the EU. AMLA’s specific duties comprise:

      • Level 2 standards: Drafting 13 regulatory technical standards (RTS) and 6 implementing technical standards (ITS). This includes conducting open public consultations and submitting final drafts to the Commission for adoption via Delegated Acts or Implementing Acts.
      • Level 3 guidelines: Drafting and issuing 20 sets of guidelines.

      The timeline set out in the AML package called for AMLA to finalise all RTS and most ITS during 2026, and to issue the bulk of the Guidelines during 2026 or 2027. Following a consultation initiated by the EBA, AMLA finalised two RTS at the end of 2025:

      • RTS on the assessment of the risk profiles of OEs, under Article 40(2) of AMLD6;
      • RTS on the selection of OEs for direct supervision by AMLA, under Article 12(7) of AMLA-R.

      In addition, in the first quarter of 2026 AMLA launched two consultations with significant implications for OEs:

      • RTS on customer due diligence, under Article 28(1) AMLR;
      • RTS on criteria for identifying business relationships, occasional and linked transactions and lower thresholds, under article 19(9) AMLR;
      • RTS on classifying breaches, determining pecuniary sanctions, and applying penalties, under Article 53(10) of AMLD6;
      • ITS on inter-agency cooperation for the purposes of direct supervision, under Article 15(3) of AMLA-R

      The first two consultations are open for responses until 8 May 2026. The consultations for the latter two have already been closed. 

      What comes next? There are signs that the precise timing of the Single Rulebook’s evolution may now differ from that timetable set out in the AML package. AMLA’s recent Single Programming Document (SPD) published in February 2026 sets out a revised timeline. It expects AMLA to “deliver 24 of its 40 mandates in 2026”, with priority being given to the standards and guidelines of greatest importance to OEs and Financial Intelligence Units.

      In addition to the consultations already underway, AMLA now plans to launch eleven consultations in Q2 2026, eight more in H2 2026, and one in Q1 2027. For OEs, some of the most important standards to note include:

      It’s clear that the last three quarters of 2026 will be a pivotal period for OEs to monitor. There will be numerous, brief consultations on Level 2 standards, not to mention the publication of multiple Level 3 guidelines. That is a potentially daunting prospect, even for large financial institutions with extensive experience of interpreting and implementing new regulation.

      In our view, it’s key for OEs to arm themselves with a good understanding and effective prioritisation. We therefore believe they should respond to the evolution of the Single Rulebook by:

      • Engaging actively with the consultation process, resisting the temptation to ignore the details until standards are finalised.
      • Partnering with peers, industry associations and other bodies to optimise responses and speak with a strong voice.
      • Leveraging the expertise of third parties to take advantage of timely updates, technical advice, targeted training, and best practice solutions.
      • Feeding each update into an iterative process of impact assessment (see Gap Analysis article)

      At the same time, OEs must continue to comply with national AML/CFT laws and adhere to established EBA Guidelines, which remain valid until replaced. Finally, OEs should keep a watching brief on AMLA’s other activities as it prepares for direct supervision of 40 leading financial institutions, establishes an EU-wide network of AML collaboration, and creates a new risk analysis framework and data infrastructure.

      2026 will be a critical year for the evolution of the AML/CFT Single Rulebook. Staying on top of this process will be vital to managing the new regime’s arrival efficiently and effectively.

      Our people

      Melissa van den Broek
      Melissa van den Broek

      Senior Manager Forensic Integrity & Compliance

      KPMG in the Netherlands

      Maureen Finglass
      Maureen Finglass

      Partner, Financial Services

      KPMG in Germany

      Timo Purkott
      Timo Purkott

      Partner, Global Fraud & Financial Crime Transformation Lead

      KPMG International