EU AML tracker details
Current as of: 6 May 2026
This tracker follows the status of the level 2 and level 3 measures under Regulation (EU) 2024/1624 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (AMLR), Directive (EU) 2024/1640 on the mechanisms to be put in place by Member States for the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (AMLD6) and Regulation (EU) 2024/1620 establishing the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLAR). Together, these regulations are referred to as the "AML Package".
This tracker will be updated from time to time. It was prepared by Juliet de Graaf and Floor van de Swaluw, from Osborne Clarke, The Netherlands. If you have any questions, kindly get in touch with them or reach out to your local expert at Osborne Clarke.
Please note: The tracker is provided for general information purposes only. It has been produced with care, but may contain errors. This tracker is not intended and should not be used as a substitute for legal advice. Specific legal advice should be taken before acting on any of the topics covered.
About the measures
Level 2 measures specify certain aspects of AMLR/AMLD6/AMLAR, expressed as:
- A Commission-delegated Act
- RTS: Regulatory Technical Standards
- ITS: Implementing Technical Standards.
Level 3 measures are guidelines provided by AMLA (or other competent authorities) to ensure consistent interpretation throughout EU member states.
Commission delegated acts - Level 2 measures
Ordered by first AMLR/AMLD6/AMLAR reference
| Legal reference | Description | Status |
|---|---|---|
| 68(2) AMLR | Delegated acts defining: (a) the categories of breaches that are subject to penalties and the persons liable for such breaches; (b) indicators to classify the level of gravity of breaches that are subject to penalties; (c) the criteria to be taken into account when setting the level of penalties. | Not yet available |
Regulatory Technical Standards - Level 2 measures
Ordered by first AMLR/AMLD6/AMLAR reference
| Legal reference | Description | Status |
|---|---|---|
| 17(3) AMLR | RTS on additional measures that parent undertakings shall take to ensure that branches and subsidiaries in third countries effectively handle ML/TF risks. | AMLA consultation 16 April 2026 |
| 19(9) AMLR | RTS specifying high ML/TF risk entities, sectors and transactions; the related occasional transaction values; and the criteria to be taken into account for identifying occasional transactions and business relationships and to identify linked transactions. | AMLA consultation 9 February 2026 |
| 28 AMLR | RTS on Customer Due Diligence. | |
| 31(3) AMLD6 | RTS on relevance and selection criteria when determining whether a report by an obliged entity to a FIU concerns another Member State. | Not yet available |
| 40(2) AMLD6 | RTS on the assessment of the inherent and residual risk profile of obliged entities. | EBA consultation (EBA/CP/2025/04) March 2025, par. 4.1 |
| 41(2) AMLD6 | RTS setting out the criteria for determining the circumstances in which the appointment of a central contact point is appropriate, and the functions thereof. | Not yet available |
| 46(4) AMLD6 | RTS detailing the respective duties of the home and host supervisors and the modalities of cooperation between them. | AMLA consultation 28 May 2025 |
| 49(14) AMLD6 | RTS specifying the general conditions for the functioning of the AML/CFT supervisory colleges in the financial sector; the template for the written agreement to be signed by financial supervisors; any additional measure to be implemented by the colleges; and conditions for the participation of financial supervisors in third countries. | Not yet available |
| 50(13) AMLD6 | RTS specifying the general conditions for the functioning of the AML/CFT supervisory colleges in the non-financial sector; the template for the written agreement to be signed by non-financial supervisors; any additional measure to be implemented by the colleges; and conditions for the participation of non-financial supervisors in third countries. | Not yet available |
| 53(10) AMLD6 | RTS on pecuniary sanctions, administrative measures and periodic penalty payments. | |
| 11(6) AMLAR | RTS specifying procedures, formats, timelines, scope, level of detail, types of information to be kept in the Central AML/CFT database, conditions for requesting additional information, and materiality thresholds for the transmission and disclosure of information related to obliged entities, including those in the non-financial sector. | Not yet available |
| 12(7) AMLAR | RTS on the risk assessment for the purpose of selection of credit institutions, financial institutions and groups of credit and financial institutions for direct supervision. | EBA consultation (EBA/CP/2025/04) March 2025, par. 4.2 |
Implementing Technical Standards - Level 2 measures
Ordered by first AMLR/AMLD6/AMLAR reference
| Legal reference | Description | Status |
|---|---|---|
| 69(3) AMLR | ITS specifying the format to be used for reporting of suspicions, and for the provisions of transaction records. | Not yet available |
| 81(1) AMLR | ITS specifying the format to be used by FIUs for reporting information to EPPO. | AMLA consultation 27 May 2026 |
| 31(2) AMLD6 | ITS specifying the format to be used for exchange of information between FIUs. | AMLA consultation 27 May 2026 |
| 51(4) AMLD6 | ITS specifying the template to be used for the conclusion of cooperation agreements between supervisors and their counterparts in third countries. | Not yet available |
| 15(3) AMLAR | ITS specifying the conditions for financial supervisors' assistance, the process for periodic risk profile assessment, the working arrangements for transferring supervisory tasks and powers, the procedures for selecting obliged entities, and the rules for the composition and functioning of joint supervisory teams. | AMLA consultation 16 December 2025 |
| 41(2) AMLAR | ITS specifying the format to be used by AMLA to report information to EPPO. | AMLA consultation 27 May 2026 |
Guidelines - Level 3 measures
Ordered by first AMLR/AMLD6/AMLAR reference
| Legal reference | Description | Status |
|---|---|---|
| 9(4) AMLR | Guidelines on the elements obliged entities should consider based on their business nature, risks, complexity, and size when determining the extent of internal policies, procedures, and controls, including staff allocation to compliance functions, and identifying situations where internal controls should be organised at various functional levels or where the independent audit function can be performed by an external expert. | Not yet available |
| 10(4) AMLR | Guidelines on the minimum requirements for the content of the business-wide risk assessment drawn up by the obliged entity, and on the additional sources of information to be taken into account when carrying out the business-wide risk assessment. | AMLA consultation 16 April 2026 |
| 18(8) AMLR | Guidelines on the establishment, governance, and monitoring of outsourcing relationships, roles and responsibilities within outsourcing agreements, and supervisory approaches and expectations regarding the outsourcing of critical functions. | Not yet available |
| 20(3) AMLR | Guidelines on the risk variables and risk factors to be taken into account by obliged entities when entering into business relationships or carrying out occasional transactions. | Not yet available |
| 21(4) AMLR | Guidelines on the measures that may be taken by credit institutions and financial institutions to ensure compliance with AML/CFT rules when implementing the requirements of Directive 2014/92/EU, including in relation to business relationships that are most affected by de-risking practices. | Not yet available |
| 26(5) AMLR | Guidelines on ongoing monitoring of a business relationship and on the monitoring of the transactions carried out in the context of such relationship. | Not yet available |
| 32(1) AMLR | Guidelines defining the money laundering and terrorist financing risks, trends and methods involving any geographical area outside the Union to which obliged entities are exposed. | Not yet available |
| 34(5) AMLR | Guidelines on the measures to be taken by credit institutions, financial institutions and trust or company service providers to establish whether a customer holds total assets with a value of at least EUR 50,000,000, or the equivalent in national or foreign currency, in financial, investable or real estate assets and how to determine that value. | Not yet available |
| 37(3) AMLR | Guidelines specifying the criteria and elements that crypto-asset service providers shall take into account for conducting the assessment referred to in paragraph 1 of Article 37 and the risk mitigating measures referred to in paragraph 2 of that Article. | Not yet available |
| 40(2) AMLR | Guidelines to specify mitigating measures, including criteria and methods for identifying and verifying the identity of the originator or beneficiary of transfers involving self-hosted addresses, and verifying whether the self-hosted address is owned or controlled by a customer, considering the latest technological developments. | Not yet available |
| 42(2) AMLR | Guidelines on criteria for identifying close associates and assessing the level of risk associated with politically exposed persons, their family members, and close associates, including guidance on risk assessment when the person is no longer in a prominent public function. | Not yet available |
| 50 AMLR | Guidelines for obliged entities on acceptable conditions for relying on information collected by another obliged entity, roles and responsibilities in such reliance situations, and supervisory approaches to this reliance, including remote customer due diligence. | Not yet available |
| 69(5) AMLR | Guidelines on indicators of suspicious activity or behaviours. | Not yet available |
| 6(8) AMLD6 | Guidelines on criteria for assessing good repute, honesty, integrity, knowledge, and expertise, and ensuring consistent application of supervisory powers as referred to in paragraph 1 of Article 6. | Not yet available |
| 19(10) AMLD6 | Guidelines for FIUs on preserving operational autonomy and independence, conducting operational and strategic analysis, using and cross-checking information, and procedures for suspending or withholding consent to transactions and monitoring accounts or business relationships. | Not yet available |
| 31(4) AMLD6 | Guidelines for FIUs on procedures for forwarding and receiving reports concerning another Member State pursuant to Article 69(1), point (a), of Regulation (EU) 2024/1624, and the follow-up actions required for such reports. | Not yet available |
| 40(3) AMLD6 | Guidelines for supervisors on the characteristics of a risk-based approach to supervision, measures for ensuring effective supervision and staff training, and steps for conducting risk-sensitive supervision. | Not yet available |
| 53(11) AMLD6 | Guidelines on the base amounts for the imposing of pecuniary sanctions relative to turnover, broken down per type of breach and category of obliged entities. | Not yet available |
| 64(6) AMLD6 | Guidelines on cooperation between financial supervisors and the relevant authorities. | Not yet available |
| 69 AMLD6 | Guidelines on cooperation between competent authorities and entities managing central registers to prevent money laundering and terrorist financing, and procedures for supervisory authorities to consider these concerns in their duties under other Union legal acts. | Not yet available |
