EBA ¦ AML/CFT Newsletter - Issue 15

Key Updates from EBA Newsletter Issue 15 – 2025

Full Implementation of the New Crypto-Asset Framework

As of 31 December 2024, the European Union’s new crypto-asset regulatory framework has come into effect, encompassing the Markets in Crypto-Assets Regulation (MiCAR), the transfer of funds and certain crypto-assets Regulation, and amendments to Directive (EU) 2015/849. Crypto-asset service providers (CASPs) are now mandated to establish rigorous systems and controls to prevent their platforms from being exploited for money laundering and terrorist financing activities. This milestone marks a significant step towards strengthening the EU’s financial crime defenses in the rapidly evolving digital asset sector.

Insights into DeFi and Crypto Lending Risks

In January 2025, the European Banking Authority (EBA), together with the European Securities and Markets Authority (ESMA), released a detailed report analyzing recent developments in crypto-assets, with a focus on decentralized finance (DeFi) and crypto lending, borrowing, and staking markets. The report highlights key risks such as vulnerabilities in information and communication technologies (ICT), and an increased potential for money laundering and terrorist financing within these emerging business models. Addressing information asymmetries and systemic risks remains a priority to safeguard financial stability and integrity.

Embracing Technology in AML/CFT Supervision

The EBA, in collaboration with the European Commission’s AMLA Task Force, hosted a workshop in January 2025 aimed at advancing the use of supervisory technology (SupTech) and artificial intelligence (AI) in AML/CFT oversight. The workshop underscored that while technology offers promising opportunities to enhance supervisory effectiveness and efficiency, its adoption must be carefully tailored to specific supervisory needs with strict safeguards for sensitive data protection. Currently, about 35% of competent authorities are developing or implementing their first SupTech tools, signaling early but growing interest in tech-driven supervision.

ESMA’s Guidance on CASP Authorization and AML/CFT Risk Considerations

To promote consistent authorization practices for CASPs across the EU, ESMA issued a supervisory briefing in January advising national authorities to factor in money laundering and terrorist financing risks during the authorization process. The briefing emphasizes the necessity for national authorities to cooperate with AML/CFT bodies to ensure thorough scrutiny based on factors such as CASP size, complexity, cross-border activities, and business models. This approach aims to foster harmonized and robust oversight in line with MiCAR requirements.

Bastian Schwind-Wagner_Follow "The EU’s comprehensive new crypto-asset framework marks a major advancement in combating financial crime within digital finance. By enhancing regulatory standards, promoting technology adoption in supervision, and fostering cooperation among authorities, the EU is strengthening its defenses against money laundering and terrorist financing risks."

EBA’s Peer Review on Tax Integrity and Dividend Arbitrage

The EBA published findings from a peer review conducted in February 2025 focusing on tax integrity and dividend arbitrage schemes. This review assessed follow-up actions taken by European supervisors since 2020 and revealed both effective practices and areas needing improvement. The report includes targeted recommendations to strengthen supervisory responses to tax-related financial crime risks.

Updates on Restrictive Measures Guidelines and AML/CFT Draft Technical Standards

The EBA’s guidelines on internal policies and controls for implementing Union and national restrictive measures have been translated into all official EU languages as of February 2025. Competent authorities must confirm compliance or justify non-compliance by 11 April 2025.

Additionally, the EBA launched a public consultation in March 2025 on four draft regulatory technical standards (RTS) central to the EU’s AML/CFT regime. These RTS address sanctions criteria, customer due diligence procedures, ML/TF risk assessment methodologies, and criteria for selecting firms under direct supervision by the European Anti-Money Laundering Authority (AMLA). The consultation period runs until 6 June 2025, with a public hearing held on 10 April.

Transition to New AML/CFT Institutional Framework

While the new EU AML/CFT package is now legally binding, the EBA will maintain its AML/CFT responsibilities through the end of 2025 during the transition phase as AMLA becomes fully operational. This period involves close cooperation with national supervisors, the European Commission, ESMA, and EIOPA to ensure smooth handovers, data sharing, and effective policy coordination.

Consumer Concerns: De-Risking Remains a Challenge

The EBA’s Consumer Trends Report 2024/25 highlights that de-risking — where financial institutions choose not to provide services due to perceived risks — continues to affect consumers across the EU. While de-risking can be a legitimate risk management tool, unwarranted exclusion can limit access to basic financial services. The EBA is reviewing potential responses while reminding institutions to follow existing guidelines aimed at mitigating undue de-risking impacts.

Looking Ahead: Central Contact Point Criteria for CASPs

The EBA is finalizing draft RTS regarding criteria for CASPs to appoint a central contact point to ensure compliance with their host Member State’s AML/CFT obligations. After a public consultation period ending in February 2025 and a hearing in January, the final draft is expected in Q2 2025.