The New EU Authority for Anti-Money Laundering and Countering the Financing of Terrorism: A Paradigm Shift in EU Efforts to Combat Terrorist Financing?

The New EU Anti‑Money Laundering Authority (AMLA): A realignment in Europe’s fight against terrorist financing — progress, limits, and what still needs to change

Since the Paris and Brussels attacks (2015–2016) and a string of high‑profile financial scandals, EU institutions concluded that the patchwork of national rules, uneven supervision, and overloaded financial intelligence units (FIUs) were leaving systemic gaps exploitable by criminals and terrorist networks. The European Commission’s assessments and impact analyses framed the problem bluntly: legal divergence, weak oversight of obliged entities (e.g., banks and an expanding list of non‑financial gatekeepers), inconsistent FIU cooperation, and an explosion of low‑value but high‑volume suspicious transaction reports (STRs) had turned prevention into a low‑value, high‑cost exercise. The Commission therefore championed two interlinked responses:

1. a harmonized, directly applicable EU “single rulebook” for AML/CFT; and
2. a supranational coordinating and supervisory body — the European Authority for Anti‑Money Laundering and Countering the Financing of Terrorism (AMLA).

What’s new under the AMLA package

The 2023–2024 legislative package introduced major legal and institutional novelties. The rules were moved from fragmented Directives into a combination of directly applicable Regulations (the single rulebook) and a Directive for elements requiring national transposition. The obliged‑entity scope widened to bring crypto‑asset service providers, residence scheme operators and other high‑risk non‑financial sectors into the regulatory perimeter. Harmonized customer due diligence (CDD) and beneficial‑ownership standards, tighter traceability for crypto flows, caps on large cash payments, interconnection of national bank‑account registries, and clearer STR templates were all part of the package.

Crucially, AMLA was created with two core functions:

1. direct supervisory authority over financial sector entities deemed to be exposed to the highest ML/TF risk; and
2. a coordination and support role vis‑à‑vis national supervisors and FIUs, including hosting platforms (FIU.net), enabling joint analyses, producing common technical standards, and carrying out peer reviews.

Bastian Schwind-Wagner_Follow "The EU’s creation of AMLA and a harmonized AML/CFT rulebook marks a decisive move toward closing cross‑border gaps in detection and supervision, but its full effectiveness will hinge on translating improved prevention into coordinated investigations, prosecutions, and asset recovery. Without stronger integration with repressive tools and concrete measures to reduce overreporting and de‑risking, the reforms risk becoming a better‑documented system that still struggles to disrupt terrorist financing in practice."

Why this represents a cognitive and institutional shift — but not a finished one

The AMLA package reflects a significant reorientation in EU thinking about AML/CFT. It acknowledges that fragmented national implementation and weak supervision create spillovers across borders; it accepts that legal harmonization and supranational oversight are necessary to address cross‑border risks; and it embraces a more active EU role in supervising some private sector actors rather than relying solely on national enforcement. From a policy‑making perspective, the Commission acted as a policy entrepreneur, exploiting political pressure from critical events and financial scandals to reframe the problem and push for supranational solutions. In other words, the EU moved from loosely coordinated national regimes toward a more centralized, harmonized model — a meaningful institutional shift.

At the same time, the shift is incomplete. The AMLA package concentrates on preventive, risk‑based measures and supervision. It does not overhaul the repressive tools (criminal investigations, prosecutions, cross‑border freezing/confiscation mechanisms) in any substantive way. That omission limits the ability of the new framework to convert improved detection and reporting into successful disruption, prosecution, and asset recovery.

Practical strengths likely to improve CTF outcomes

1. Reduced regulatory arbitrage and legal uncertainty.

   A directly applicable rulebook with more granular standards (including regulatory technical standards prepared under AMLA’s auspices) should reduce national “gold‑plating” and divergent interpretations that previously enabled regulatory shopping. In cross‑border terrorist financing, removing these loopholes matters.

2. Stronger, EU‑level supervision of the riskiest entities.

   Direct AMLA supervision of selected high‑risk financial entities can compensate for underperforming national supervisors and for commercial incentives that drive defensive compliance or selective risk acceptance. Where profits and reputational concerns previously dominated private behavior, credible supranational inspection and enforcement can change incentives.

3. Better FIU cooperation and joint analyses.

   FIU capacity is uneven across the EU and many are overwhelmed by STR volumes (with high false‑positive rates). AMLA’s role in harmonizing STR templates and facilitating joint FIU analyses should increase the analytical yield of submitted reports and encourage feedback loops that improve private‑sector detection quality.

4. Clearer treatment of emerging risks.

   Inclusion of crypto‑asset service providers, traceability obligations for certain crypto flows, and central access to beneficial ownership and bank‑account information create tools targeted at recent abuse patterns.

Key operational and conceptual risks that remain

1. Overreporting and false positives will not vanish overnight.

   The root cause of massive STR volumes is private‑sector risk aversion driven by compliance costs and fear of sanctions. Harmonized templates and better FIU feedback will help, but unless firms are given clearer, actionable red‑flags and stronger incentives (or reliefs) to focus on meaningful indicators, STR inflation will continue to overload FIUs and obscure truly relevant signals.

2. De‑risking remains an unresolved problem.

   Banks and other obliged entities may continue to exit whole customer segments (remittance corridors, small NGOs, diaspora channels) rather than manage risk. This has humanitarian and strategic consequences — cutting legitimate remittance channels and pushing flows into informal systems that are harder to monitor and that can create regional fragility. The AMLA package aims to reduce legal uncertainty that fuels de‑risking, but it does not create robust positive incentives or protective measures to keep inclusion‑critical services on‑board.

3. The missing integration with repressive tools.

   Prevention (surveillance, CDD, STRs) is only effective if it leads to timely, competent investigations, cross‑border cooperation, freezing and confiscation, and prosecutions. The reform does not strengthen those judicial and law‑enforcement components proportionally; performance will still depend heavily on national prosecutorial will, cross‑border mutual recognition, and operational exchange between FIUs and law enforcement. Without that linkage, better detection risks remaining bureaucratic exercise rather than operational disruption.

4. Capacity and implementation variance will persist.

   The EU has a long history of delayed and uneven transposition and, more importantly, uneven practical application. Regulations help with legal harmonization, but practical enforcement, staffing, technical systems, and cultures of information sharing differ widely between member states. AMLA can reduce variance by supervising high‑risk entities and sharing standards and peer reviews, but it cannot instantly equalize national capacities.

5. Data‑protection and political constraints.

   Enhanced information exchange and cross‑border data platforms trigger legitimate privacy and legal‑process concerns. Political reluctance in some capitals to share sensitive financial intelligence or to cede investigative control may blunt the potential of joint FIU analyses and of AMLA’s coordination role.

What success will depend on (concrete indicators to watch)

• The criteria and scale of entities placed under direct AMLA supervision.

  A small, narrowly selected group will limit impact; a well‑designed, risk‑based selection covering cross‑border high‑volume payment processors, major crypto providers, and top global banks is more likely to yield EU‑wide spillovers.

• Quality and usability of FIU feedback.

  If AMLA helps standardize STR formats and drives feedback loops so obliged entities receive actionable information about which reports led to law‑enforcement action, reporting quality should improve and FIU caseloads become more focused.

• Reduction in false positives and STR volume growth.

  Over time, a flattening or a decline in low‑value, low‑signal STRs — accompanied by a higher proportion of STRs leading to investigations — will show that harmonization and joint analysis are delivering value.

• Evidence of increased successful cross‑border investigations and asset freezes.

  Upward trends in cross‑border mutual legal assistance requests fulfilled, number/value of assets frozen where AMLA coordinate/assisted analysis played a role, and prosecutions tied to FIU‑led intelligence would indicate integration between preventive and repressive chains.

• Measurable limits to de‑risking.

  Fewer involuntary account closures, stronger monitoring rather than exit strategies for remittance providers and certain cross‑border channels, and public‑private programs to manage risk‑heavy but socially important clients will show progress on financial inclusion.

Policy implications for practitioners and policymakers

For policymakers:

• Strengthen the link between AMLA‑led prevention and national/international criminal justice tools. Consider a focused follow‑up agenda that incentivizes cross‑border operational taskforces to translate AMLA‑facilitated analysis into joint investigations and asset recovery actions.
• Develop safeguards and incentives to limit de‑risking: guidance, sanctions for discriminatory closures, and targeted support for smaller obliged entities to implement risk‑based controls that keep vulnerable remittance corridors open.
• Invest in capacity building across member states; harmonization requires commensurate supervisory and FIU capabilities to be effective.

For FIUs and supervisors:

• Prioritize improving the signal‑to‑noise ratio in reporting by implementing targeted red‑flag manuals, sector‑specific typologies, and two‑way feedback mechanisms with obliged entities.
• Prepare to engage actively with AMLA’s joint analysis and peer review processes; adopting common IT standards and analytic tools will pay dividends.

For banks, payment service providers and crypto firms:

• Engage constructively with AMLA and national supervisors on practical red‑flags and reporting standards; better‑tailored guidance reduces unnecessary compliance burden and litigation risk.
• Invest in analytic capability to triage alerts more effectively; machine learning and rule‑based systems are valuable only if trained on high‑quality labels and complemented by human expertise.

Bottom line

AMLA and the single EU rulebook constitute the most significant EU reform of AML/CFT since 9/11. They squarely address long‑standing problems: legal divergence, weak supervision, poor FIU cooperation and the opaque treatment of crypto. The reforms are likely to produce measurable improvements where truly cross‑border risks are involved and where AMLA supervises high‑risk entities. But the package stops short of completing the picture: it does not fix the persistent gap between preventive detection and operational disruption (investigations, prosecutions, confiscations), nor does it fully neutralize the commercial incentives that lead to overreporting and de‑risking. The next phase of EU policy should focus on operationalizing the preventative gains into effective repressive outcomes and on creating incentives and safeguards that keep legitimate financial access open while choking off the channels terrorists exploit.

Dive deeper

• Research ¦ Bures, O. (2025). The New EU Authority for Anti-Money Laundering and Countering the Financing of Terrorism: A Paradigm Shift in EU Efforts to Combat Terrorist Financing? Studies in Conflict & Terrorism, 1–31. https://doi.org/10.1080/1057610X.2025.2460594 ¦ Link ¦ licensed under the following terms, with no changes made: CC BY