Sixth anti-money laundering (AML 6) directive

This Directive is part of a comprehensive package aiming at strengthening the Union’s anti-money laundering and countering the financing of terrorism (‘AML/CFT’) framework. Together, this Directive and Regulations (EU) 2023/1113(⁶)Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849 (OJ L 150, 9.6.2023, p. 1)., (EU) 2024/1624(⁷)Regulation (EU) 2024/1624 of the European Parliament and of the Council of 31 May 2024 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (OJ L, 2024/1624, 19.6.2024, ELI: http://data.europa.eu/eli/reg/2024/1624/oj). and (EU) 2024/1620(⁸)Regulation (EU) 2024/1620 of the European Parliament and of the Council of 31 May 2024 establishing the Authority for Anti-Money Laundering and Countering the Financing of Terrorism and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010 (OJ L, 2024/1620, 19.6.2024, ELI: http://data.europa.eu/eli/reg/2024/1620/oj).). of the European Parliament and of the Council will form the legal framework governing the AML/CFT requirements to be met by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and underpinning the Union’s AML/CFT institutional framework, including the establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; of an Authority for anti-money laundering and countering the financing of terrorism (AMLA).

Money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; are frequently carried out in an international context. Measures adopted at Union level which do not take into account international coordination and cooperation would have very limited effect. The measures adopted by the Union in that field should therefore be compatible with, and at least as stringent as, other actions undertaken at international level. Union action should continue to take particular account of the Financial Action Task Force (FATF) Recommendations and instruments of other international bodies active in the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. With a view to reinforcing the efficacy of the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, the relevant Union legal acts should, where appropriate, be aligned with the International Standards on Combating Money Launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and the Financing of Terrorism and Proliferation adopted by the FATF in February 2012 (the ‘revised FATF Recommendations’) and the subsequent amendments to those standards.

Specific money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; threats, risks and vulnerabilities affecting certain economic sectors at national level diminish the ability of Member States to contribute to the integrity and soundness of the Union financial system. As such, it is appropriate to allow Member States, upon identification of such sectors and specific risks, to decide to apply AML/CFT requirements to additional sectors than those covered by Regulation (EU) 2024/1624. With a view to preserving the effectiveness of the internal market and the Union AML/CFT system, the Commission should be able, with the support of AMLA, to assess whether the intended application by Member States of AML/CFT requirements to additional sectors is justified. In cases where the best interests of the Union would be achieved by taking action at Union level as regards specific sectors, the Commission should inform the Member State intending to apply the AML/CFT requirements to those sectors that it intends to take action at Union level instead and the Member State should abstain from taking the intended national measures, unless those measures are intended to address an urgent risk.

Certain categories of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; are subject to licensing or regulatory requirements for the provision of their services, whereas for other categories of operators access to the profession is not regulated. Regardless of the framework that applies to the exercise of the profession or activity, all obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; act as gatekeepers of the Union’s financial system and must develop specific AML/CFT skills to fulfil that task. Member States should consider providing training to persons wishing to enter the profession of those entities to enable them to perform their duties. Member States could consider, for example, including AML/CFT courses in the academic offer linked to those professions or cooperating with professional associations to train newcomers to those professions.

Where obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; are not subject to specific licensing or registration requirements, Member States should have in place systems that enable supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to know with certainty the scope of their supervisory population in order to ensure the adequate supervision of such obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;. This does not mean that Member States need to impose AML/CFT-specific registration requirements where this is not needed for the identification of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, as is the case for example where VAT registration enables the identification of operators that carry out activities falling within the scope of AML/CFT requirements.

Supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should ensure that, with regard to currency exchange offices, cheque cashing offices, trust or company service providersmeans any natural or legal person that, by way of its business, provides any of the following services to third parties:the formation of companies or other legal persons;acting as, or arranging for another person to act as, a director or secretary of a company, a partner of a partnership, or a similar position in relation to other legal persons;providing a registered office, business address, correspondence address or administrative address, as well as other related services for a company, a partnership or any other legal person or legal arrangement;acting as, or arranging for another person to act as, a trustee of an express trust or performing an equivalent function for a similar legal arrangement;acting as, or arranging for another person to act as, a nominee shareholder for another person;, and gambling servicemeans a service which involves wagering a stake with monetary value in games of chance, including those with an element of skill, such as lotteries, casino games, poker games and betting transactions that are provided at a physical location, or by any means at a distance, by electronic means or any other technology for facilitating communication, and at the individual request of a recipient of services; providers, as well as financial mixed activity holding companiesmeans an undertaking, other than a financial holding company or a mixed financial holding company, which is not the subsidiary of another undertaking, the subsidiaries of which include at least one credit institution or financial institution;, the persons who effectively manage the business of such entities and the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of such entities are of good repute and act with honesty and integrity and possess the knowledge and expertise necessary to carry out their functions. The criteria for determining whether a person complies with those requirements should, as a minimum, reflect the need to protect such entities from being misused by their managers or beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; for criminal purposes. In order to foster a common approach to the verification by supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; that the management and beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; satisfy those requirements, AMLA should issue guidelines on the criteria to assess good repute, honesty and integrity and the criteria to assess knowledge and expertise.

For the purposes of assessing the appropriateness of persons holding a management function in, or otherwise controlling, obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, any exchange of information about criminal convictions should be carried out in accordance with Council Framework Decision 2009/315/JHA(⁹)Council Decision 2009/316/JHA of 6 April 2009 on the establishment of the European Criminal Records Information System (ECRIS) in application of Article 11 of Framework Decision 2009/315/JHA (OJ L 93, 7.4.2009, p. 33). and Council Decision 2009/316/JHA(¹⁰)Council Framework Decision 2009/315/JHA of 26 February 2009 on the organisation and content of the exchange of information extracted from the criminal record between Member States (OJ L 93, 7.4.2009, p. 23).. In addition, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be able to access all information necessary to verify the knowledge and expertise of the senior managementmeans the members of the management body in its management function, as well as officers and employees with sufficient knowledge of the obliged entity’s money laundering and terrorist financing risk exposure and sufficient seniority to take decisions affecting its risk exposure;, as well as their good repute, honesty and integrity and that of the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’s beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;, including information available through reliable and independent sources.

Investor residence schemes present risks and vulnerabilities, in particular, in relation to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, the evasion of Union restrictive measures, corruption and tax evasion which could ultimately give rise to certain risks for the security of the Union. For example, weaknesses in the operation of certain schemes, including the absence of risk management processes or weak implementation of those processes can create opportunities for corruption, whereas weak or inconsistently applied checks on applicants’ source of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; and source of wealth might lead to higher risks that such schemes are exploited by applicants for criminal purposes, aiming to legitimise fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; obtained through illicit means. In order to avoid that risks stemming from the operation of such schemes affect the Union’s financial system, Member States whose national law enables the granting of residence rights in exchange for any kind of investment should therefore put in place measures to mitigate the associated risks of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Such measures should include an adequate risk management process, including the effective monitoring of its implementation, checks on the profile of the applicants, including obtaining information on their source of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; and source of wealth, and the verification of information on applicants against information held by competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;.

The Commission is well placed to review specific cross-border threats that could affect the internal market and that cannot be identified and effectively combatted by individual Member States. It should therefore be entrusted with the responsibility for coordinating the assessment of risks relating to cross-border activities. Involvement of the relevant experts, such as the Expert Groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; on Money Launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and Terrorist Financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and the representatives from the Financial Intelligence Units (FIUs), as well as, where appropriate, from other Union-level bodies including AMLA, is essential for the effectiveness of the process of the assessment of risks. National risk assessments and experience are also an important source of information for that process. Such assessment of the cross-border risks by the Commission should not involve the processing of personal data. In any event, data should be fully anonymised. Union and national data protection supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; should be involved only if the assessment of the risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; has an impact on the privacy and data protection of individuals. To maximise synergies between the assessment of risks at Union and national level, the Commission and Member States should endeavour to apply consistent methodologies.

The findings of the risk assessment at Union level can assist competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in the identification, understanding, management and mitigation of the risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, as well as of risks of non-implementation and evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;. It is therefore important that the findings of the risk assessment are made public.

Member States remain best placed to identify, assess, understand and decide how to mitigate risks of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; affecting them directly. Therefore, each Member State should take the appropriate steps to properly identify, assess and understand its money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks, as well as risks of non-implementation and evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; and to define a coherent national strategy to put in place actions to mitigate those risks. Such national risk assessment should include a description of the institutional structure and procedures of the Member State’s AML/CFT regime, as well as the allocated human and financial resources to the extent that this information is available. In order to maintain an ongoing understanding of risks, Member States should regularly update their national risk assessment, and should also be able to supplement it with targeted updates and assessments of risks associated with specific sectors, products or services.

Legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; can provide a means for criminals to hide behind a veil of legitimacy and might therefore be misused to launder illicit proceeds, whether domestically or across borders. To mitigate those risks, it is important that Member States understand the risks associated with the legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; that are in their territory, whether because the entities are established there, or because trustees of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; or persons holding equivalent positions in similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are established or reside there, or they administer the legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; from there. In the case of legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, given the settlor’s right as to the choice of the law that governs the arrangement, it is also important that Member States have an understanding of the risks associated with the legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; that can be set up under their law, irrespective of whether their laws explicitly regulate them, or their creation finds its source in the freedom of contract of the parties and is recognised by national courts.

Given the integrated nature of the international financial system and openness of the Union economy, risks associated with legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; expand beyond those in the Union territory. It is thus important that the Union and its Member States have an understanding of the exposure to risks emanating from foreign legal entities and foreign legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. Such assessment of risks does not need to address each individual foreign legal entity or foreign legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; that has a sufficient link with the Union, whether by virtue of it acquiring real estate or being awarded contracts following a public procurement procedure, or because of transactions with obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; that allow them to access the Union’s financial system and economy. The risk assessment should however enable the Union and its Member States to understand what type of foreign legal entities and foreign legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; enjoy such an access to the Union’s financial system and economy, and what types of risks are associated with that access.

The results of risk assessments should be made available to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in a timely manner to enable them to identify, understand, manage and mitigate their own risks. Those results can be shared in a summarised form and made available to the public, and should not include classified information or personal data.

In addition, to identify, understand, manage and mitigate risks at Union level to an even greater degree, Member States should make available the results of their risk assessments to each other, to the Commission and to AMLA. Classified information or personal data should not be included in those transmissions unless deemed strictly necessary for the performance of AML/CFT tasks.

In order to effectively mitigate the risks identified in the national risk assessment, Member States should ensure consistent action at national level either by designating an authority to coordinate the national response or by establishing a mechanism for that purpose. Member States should ensure that the designated authority or the established mechanism has sufficient powers and resources to perform that task effectively and ensure an adequate response to the identified risks.

To be able to review the effectiveness of their systems for combating money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, Member States should maintain, and improve the quality of, relevant statistics. With a view to enhancing the quality and consistency of the statistical data collected at Union level, the Commission and AMLA should keep track of the Union-wide situation with respect to the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and should publish regular overviews.

The FATF has developed standards for jurisdictions to identify and assess the risks of potential non-implementation or evasion of the proliferation financing-related targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, and to take action to mitigate those risks. Those new standards introduced by the FATF do not substitute or undermine the existing strict requirements for countries to implement targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; to comply with the relevant United Nations Security Council resolutions relating to the prevention, suppression and disruption of the proliferation of weapons of mass destruction and its financing. Those existing obligations, as implemented at Union level by Council Decisions 2010/413/CFSP(¹¹)Council Decision 2010/413/CFSP of 26 July 2010 concerning restrictive measures against Iran and repealing Common Position 2007/140/CFSP (OJ L 195, 27.7.2010, p. 39). and (CFSP) 2016/849(¹²)Council Decision (CFSP) 2016/849 of 27 May 2016 concerning restrictive measures against the Democratic People’s Republic of Korea and repealing Decision 2013/183/CFSP (OJ L 141, 28.5.2016, p. 79). as well as Council Regulations (EU) No 267/2012(¹³)Council Regulation (EU) No 267/2012 of 23 March 2012 concerning restrictive measures against Iran and repealing Regulation (EU) No 961/2010 (OJ L 88, 24.3.2012, p. 1). and (EU) 2017/1509(¹⁴)Council Regulation (EU) 2017/1509 of 30 August 2017 concerning restrictive measures against the Democratic People’s Republic of Korea and repealing Regulation (EC) No 329/2007 (OJ L 224, 31.8.2017, p. 1)., remain binding on all natural and legal persons within the Union. Given the specific risks of non-implementation and evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; to which the Union is exposed, it is appropriate to expand the assessment of risks to encompass all targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; adopted at Union level. The risk-sensitive nature of AML/CFT measures related to targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; does not remove the rule-based obligation incumbent upon all natural or legal persons in the Union to freeze and not make funds or other assetsmeans any assets, including, but not limited to, financial assets, economic resources, including oil and other natural resources, property of every kind, whether tangible or intangible, movable or immovable, however acquired, and legal documents or instruments in any form, including electronic or digital, evidencing title to, or interest in, such funds or other assets, including, but not limited to, bank credits, travellers cheques, bank cheques, money orders, shares, securities, bonds, drafts, or letters of credit, and any interest, dividends or other income on or value accruing from or generated by such funds or other assets, and any other assets which potentially may be used to obtain funds, goods or services; available to designated persons or entities.

In order to reflect developments at international level, particularly the revised FATF recommendations, and to ensure a comprehensive framework for implementing targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, requirements should be introduced by this Directive to identify, understand, manage and mitigate risks of non-implementation or evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; at Union level and at Member State level.

Central registers of beneficial ownership information (‘central registers’) are crucial in combating the misuse of legal entities and of legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. Therefore, Member States should ensure that the beneficial ownership information of legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, information on nominee arrangements and information on foreign legal entities and foreign legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are held in a central register. To ensure that those central registers are easily accessible and contain high-quality data, consistent rules on the collection and storing of that information by the registers should be introduced. Information held in central registers should be accessible in a readily usable and machine-readable format.

With a view to enhancing transparency in order to combat the misuse of legal entities, Member States should ensure that beneficial ownership information is registered in a central register located outside the legal entity, in full compliance with Union law. Member States should, for that purpose, use a central database, which collects beneficial ownership information, or the business register, or another central register. Member States can decide that obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; are responsible for providing certain information to the central register. Member States should make sure that in all cases that information is made available to competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and is provided to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; when they apply customer due diligence measures.

Beneficial ownership information of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; and similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; should be registered where the trustees and persons holding equivalent positions in similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are established or where they reside, or where the legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; is administered. In order to ensure the effective monitoring and registration of information on the beneficial ownership of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; and similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, cooperation between Member States is also necessary. The interconnection of Member States’ registries of beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; and similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; should make that information accessible, and should also ensure that the multiple registration of the same express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; and similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; is avoided within the Union.

Timely access to information on beneficial ownership should be ensured in ways which avoid any risk of tipping off the legal entity or the trustee or person in an equivalent position concerned.

The accuracy of data included in the central registers is fundamental for all of the relevant authorities and other persons allowed access to that data, and to make valid, lawful decisions based on that data. Therefore, Member States should ensure that the entities in charge of central registers verify, within a reasonable time following submission of beneficial ownership information and on a regular basis thereafter, that the information submitted is adequate, accurate and up-to-date. Member States should ensure that entities in charge of central registers are able to request any information they need to verify beneficial ownership information and nominee information, as well as situations where there is no beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; or where the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; could not be determined. In those situations, the information provided to the central register should be accompanied by a justification including all relevant supporting documents to enable the register to ascertain whether this is the case. Member States should also ensure that the entities in charge of central registers have adequate tools at their disposal to carry out verifications, including automated verifications in a manner that safeguards fundamental rights and avoids discriminatory outcomes.

It is important that Member States entrust the entities in charge of central registers with sufficient powers and resources to verify beneficial ownership and the veracity of information provided to them, and to report any suspicion to their FIU. Such powers should include the power to conduct of inspections at the business premises of legal entities and of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; that act as trustees of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; or persons holding equivalent positions in similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, whether carried out by the entities in charge of the central registers or by other authorities on their behalf. Member States should ensure that adequate safeguards are applied where those trustees or persons holding an equivalent position in a similar legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are legal professionals, or where their business premises or registered office are the same as their private residence. Such powers should extend to representatives of foreign legal entities and foreign legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; in the Union, where those legal entities and arrangements have registered offices or representatives in the Union.

Where a verification of beneficial ownership information leads an entity in charge of a central register to conclude that there are inconsistencies or errors in that information, or where that information otherwise fails to fulfil the requirements, it should be possible for the entity to withhold or suspend the proof of registration in the central register, until the failures have been corrected.

Entities in charge of central registers should carry out their functions free of undue influence, including any undue political or industry influence in relation to the verification of information, the imposition of measures or sanctions and the granting of access to persons with a legitimate interest. To that end, entities in charge of central registers should have in place policies to prevent and manage conflicts of interest.

Entities in charge of central registers are well placed to identify, in a rapid and efficient manner, the individuals who ultimately own or control legal entities and arrangements, including individuals designated in relation to targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;. Timely detection of ownership and control structures contributes to improving the understanding of the exposure to risks of non-implementation and evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, and to the adoption of mitigating measures to reduce such risks. It is therefore important that entities in charge of central registers be required to screen the beneficial ownership information they hold against designations in relation to targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, both immediately upon such designation and regularly thereafter, in order to detect whether changes in the ownership or control structure of the legal entity or legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are conducive to risks of evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;. An indication in the central registers that legal entities or legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; are associated with persons or entities subject to targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; should contribute to the activities of competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and of the authorities in charge of implementing Union restrictive measures.

The reporting of discrepancies between beneficial ownership information held in the central registers and beneficial ownership information available to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and, where applicable, competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;, is an effective mechanism to verify the accuracy of the information. Any discrepancy identified should be swiftly reported and resolved, in line with data protection requirements.

Where the reporting of discrepancies by FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; would jeopardise an analysis of a suspicious transaction or an on-going criminal investigation, the FIUs or other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; should delay the reporting of the discrepancy until the moment at which the reasons for not reporting cease to exist. Furthermore, FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; should not report any discrepancy when this would be contrary to any confidentiality provision of national law or would constitute a tipping-off offence.

To ensure a level playing field in the application of the concept of beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;, it is essential that, across the Union, uniform reporting channels and means exist for legal entities and trustees of express trustsmeans a trust intentionally set up by the settlor, inter vivos or on death, usually in a form of written document, to place assets under the control of a trustee for the benefit of a beneficiary or for a specified purpose; or persons holding an equivalent position in similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. To that end, the format for the submission of beneficial ownership information to the relevant central registers should be uniform and offer guarantees of transparency and legal certainty.

In order to ensure a level playing field among the different types of legal forms, trustees should also be required to obtain and hold beneficial ownership information and to communicate that information to a central register or a central database.

It is essential that the information on beneficial ownership remains available through the central registers and through the system of interconnection of central registers for a minimum of 5 years after the legal entity has been dissolved or the legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; has ceased to exist. Member States should be able to provide by law additional grounds for the processing of beneficial ownership information for purposes other than AML/CFT, if such processing meets an objective of public interest and constitutes a necessary and proportionate measure in a democratic society to the legitimate aim pursued.

FIUs, other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and self-regulatory bodiesmeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them; should have immediate, unfiltered, direct and free access to information on beneficial ownership for the purposes of preventing, detecting, investigating and prosecuting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; should also have access to central registers when carrying out customer due diligence. Member States can choose to make access by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; subject to the payment of a fee. However, those fees should be strictly limited to what is necessary to cover the costs of ensuring the quality of the information held in those registers and of making the information available, and should not undermine the effective access to beneficial ownership information.

Direct, timely and unfiltered access to beneficial ownership information by national public authorities is also crucial to ensure the proper implementation of Union restrictive measures, to prevent the risk of non-implementation and evasion of Union restrictive measures, as well as to investigate breaches of those measures. For those reasons, authorities competent for the implementation of such restrictive measures, identified under the relevant Council Regulations adopted on the basis of Article 215 of the Treaty on the Functioning of the European Union (TFEU) should have direct and immediate access to the information held in the interconnected central registers.

It should be possible for Union bodies, offices and agencies that play a role in the Union AML/CFT framework to access beneficial ownership information in the performance of their duties. This is the case for the European Public Prosecutor’s Office (EPPO), but also for the European Anti-Fraud Office (OLAF) in the performance of its investigations, as well as for Europol and Eurojust when supporting investigations by national authorities. As a supervisory authoritymeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor;, AMLA is to be granted access to beneficial ownership information when performing supervisory activities. In order to ensure that AMLA can effectively support the activities of FIUs, it should also be able to access beneficial ownership information in the context of joint analyses.

In order to limit interferences with the right to respect for private life and to protection of personal data, access to beneficial ownership information held in central registers by the public should be conditional upon the demonstration of a legitimate interest. Divergent approaches by Member States regarding the verification that such a legitimate interest exists could hamper the harmonised implementation of the AML/CFT framework and the preventive purpose for which such access by members of the public is allowed. It is therefore necessary to devise a framework for the recognition and verification of legitimate interest at Union level, in full respect of the Charter of Fundamental Rights of the European Union (the ‘Charter’). Where a legitimate interest exists, the public should be able to access information on beneficial ownership of legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. Legitimate interest should be presumed for certain categories of the public. Access on the basis of a legitimate interest should not be conditional upon the legal status or form of the person requesting access.

Non-governmental organisations, academics and investigative journalists have contributed to the objectives of the Union in the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. They should therefore be considered to have a legitimate interest in accessing beneficial ownership information, which is of vital importance for them to undertake their functions and exert public scrutiny, as appropriate. The ability to access the central registers should not be conditional on the medium or platform through which they carry out their activities, or on previous experience in the field. In order to enable such categories to carry out their activities effectively and avoid risks of retaliation, they should be able to access information on legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; without demonstrating a link with those entities or arrangements. As provided for under Union data protection rules, any access by beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; to information on the processing made of their personal data should not adversely affect the rights and freedoms of others, including the right to security of the person. Disclosure to the beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; that persons acting for the purposes of journalism or civil society organisations have consulted their personal data risks undermining the safety of journalists and of members of civil society organisations who carry out investigations into potential criminal activitiesmeans criminal activity as defined in Article 2, point (1), of Directive (EU) 2018/1673, as well as fraud affecting the Union’s financial interests as defined in Article 3(2) of Directive (EU) 2017/1371, passive and active corruption as defined in Article 4 (2) and misappropriation as defined in Article 4(3), second subparagraph, of that Directive;. Therefore, in order to reconcile the right to the protection of personal data with the freedom of information and expression for journalists in accordance with Article 85 of Regulation (EU) 2016/679 of the European Parliament and of the Council(¹⁵)Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1). and in order to ensure the role of civil society organisations in the prevention, investigation and detection of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; in accordance with Article 23(1), point (d), of that Regulation, entities in charge of central registers should not share with beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; information on the processing of their data by those categories of the public, but only the fact that persons acting for the purposes of journalism or civil society organisations have consulted their data.

The integrity of business transactions is critical to the proper functioning of the internal market and of the Union’s financial system. To that end, it is important that persons who wish to do business with legal entities or legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; in the Union are able to access information on the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of those entities or arrangements to verify that their potential business counterparts are not involved in money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. There is widespread evidence that criminals hide their identity behind corporate structures, and enabling those who could enter into transactions with a legal entity or legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; to become aware of the identity of the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; contributes to combating the misuse of legal entities or legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; for criminal purposes. A transaction is not limited to trading activities or the provision or buying of products or services, but might also include, situations where a person is likely to invest fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; as defined in Article 4, point (25), of Directive (EU) 2015/2366 of the European Parliament and of the Council(¹⁶)Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35). or crypto-assetsmeans a crypto-asset as defined in Article 3(1), point (5), of Regulation (EU) 2023/1114 except when falling under the categories listed in Article 2(4) of that Regulation; in the legal entity or legal arrangementmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, or to acquire the legal entity. Therefore, the requirement of legitimate interest to access beneficial ownership information should not be considered to be met only by persons carrying out economic or commercial activities.

Given the cross-border nature of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offence and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, it should be recognised that authorities of third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; have a legitimate interest in accessing beneficial ownership information on Union’s legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;, where such access is needed by those authorities in the context of specific investigations or analyses to perform their tasks with respect to AML/CFT. Similarly, entities that are subject to AML/CFT requirements in third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; should be able to access the beneficial ownership information in the Union central registers when they are required to take customer due diligence measures in compliance with AML/CFT requirements in those countries in relation to legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; established in the Union. Any access to information contained in the central registers should be compliant with Union law on the protection of personal data, and in particular with Chapter V of Regulation (EU) 2016/679. To that end, central registers should also consider whether requests from persons established outside the Union can fall within the conditions within which a derogation under Article 49 of that Regulation can be availed of. It is settled case-law of the Court of Justice of the European Union (the ‘Court of Justice’) that the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; is an objective of general public interest, and that public security objectives are connected to it. In order to preserve the integrity of investigations and analyses by third-country FIUs and law enforcement and judicial authorities, central registers should refrain from disclosing to the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; any processing of their personal data by those authorities insofar as such disclosure would adversely affect the investigations and analyses of those authorities. However, in order to preserve the data subject rights, the central registers should only refrain from disclosing that information until such disclosure would no longer jeopardise an investigation or analysis. That deadline should be set to a maximum period of 5 years, and should be extended only upon a justified request by the authority in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;.

In order to ensure an access regime which is sufficiently flexible and able to adapt to emerging new circumstances, Member States should be able to grant access to beneficial ownership information, on a case-by-case basis, to any person who can demonstrate a legitimate interest linked to the prevention and combating of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Member States should collect information about cases of legitimate interest that go beyond the categories identified in this Directive, and notify them to the Commission.

Criminals can misuse legal entities at any point. However, certain phases in the lifecycle of legal entities are associated with higher risks, such as at the company formation stage, or when there are changes in the company structure, such as conversion, merger or division, which allow criminals to acquire control of the legal entity. The Union framework provides oversight by public authorities over those phases of a legal entity’s existence under Directive (EU) 2017/1132 of the European Parliament and of the Council(¹⁷)Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating to certain aspects of company law (OJ L 169, 30.6.2017, p. 46).. In order to ensure that those public authorities can carry out their activities effectively and contribute to the prevention of the misuse of legal entities for criminal purposes, they should have access to the information contained in the interconnected central registers.

With a view to ensuring the legality and regularity of expenditure included in the accounts submitted to the Commission under Union funding programmes, programme authorities have to collect and store in their management and control systems information on the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of the recipients of Union funding. It is therefore necessary to ensure that programme authorities in Member States have access to beneficial ownership information held in the interconnected central registers to fulfil their duties to prevent, detect, correct and report on irregularities, including fraud, pursuant to Regulation (EU) 2021/1060 of the European Parliament and the Council(¹⁸)Regulation (EU) 2021/1060 of the European Parliament and of the Council of 24 June 2021 laying down common provisions on the European Regional Development Fund, the European Social Fund Plus, the Cohesion Fund, the Just Transition Fund and the European Maritime, Fisheries and Aquaculture Fund and financial rules for those and for the Asylum, Migration and Integration Fund, the Internal Security Fund and the Instrument for Financial Support for Border Management and Visa Policy (OJ L 231, 30.6.2021, p. 159)..

In order to protect Union’s financial interests, Member State authorities implementing the Recovery and Resilience Facility under Regulation (EU) 2021/241 of the European Parliament and of the Council(¹⁹)Regulation (EU) 2021/241 of the European Parliament and of the Council of 12 February 2021 establishing the Recovery and Resilience Facility (OJ L 57, 18.2.2021, p. 17). should have access to the interconnected central registers to collect the beneficial ownership information on the recipient of Union fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; or contractor required under that Regulation.

Corruption in public procurement harms the public interest, undermines public trust and has a negative impact on the lives of citizens. Given the vulnerability of public procurement procedures to corruption, fraud and other predicate offences, it should be possible for national authorities with competences in public procurement procedures to consult the central registers to ascertain the identity of the natural persons who ultimately own or control the tenderers, and identify cases where there is a risk that criminals might be involved in the procurement procedure. Timely access to information held in the central register is crucial to ensuring that public authorities carrying out public procurement procedures can fulfil their functions effectively, including by detecting instances of corruption in those procedures. The notion of public authorities in relation to procurement procedures should encompass the concept of contracting authorities in Union legal acts relating to public procurement procedures for goods and services, or concessions as well as any public authority designated by Member States to verify the legality of public procurement procedures, which is not a competent authoritymeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; for AML/CFT purposes.

Products such as customer screening offered by third-party providers support obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in the performance of customer due diligence. Such products provide them with a holistic view over the customer, which enables them to make informed decisions as to their risk classification, mitigating measures to be applied and possible suspicions regarding the customers’ activities. Those products also contribute to the work of competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; in the analysis of suspicious transactions and investigations into potential cases of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; by complementing information on beneficial ownership with other technical solutions that enable competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; to have a broader view of complex criminal schemes, including through the localisation of perpetrators. They therefore play a critical role in tracing the increasingly complex and fast movements that characterise money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; schemes. By virtue of their well-established function in the compliance infrastructure, it is justified to consider that providers offering those products hold a legitimate interest in accessing information held in the central registers, provided that the data obtained from the register are offered only to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; in the Union for the performance of tasks related to preventing and fighting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;.

In order to avoid divergent approaches towards the implementation of the concept of legitimate interest for the purpose of accessing beneficial ownership information, the procedures for the recognition of such a legitimate interest should be harmonised. This should include common templates for the application and recognition of legitimate interest, which would facilitate mutual recognition by central registers across the Union. To that end, implementing powers should be conferred on the Commission to set out harmonised templates and procedures.

To ensure that the processes for granting access to those with a previously verified legitimate interest are not unduly burdensome, access can be renewed on the basis of simplified procedures through which the entity in charge of the central register ensures that information previously obtained for purposes of verification are correct and relevant, and updated where necessary.

Moreover, with the aim of ensuring a proportionate and balanced approach and to guarantee the rights to private life and personal data protection, Member States should provide for exemptions to the disclosure of the personal information on the beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; through the central registers and to access to such information, in exceptional circumstances, where that information would expose the beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; to a disproportionate risk of fraud, kidnapping, blackmail, extortion, harassment, violence or intimidation. It should also be possible for Member States to require online registration in order to identify any person who requests information from the central register, as well as the payment of a fee for access to the information in the register by persons with legitimate interest. However, those fees should be strictly limited to what is necessary to cover the costs of ensuring the quality of the information held in the central registers and of making the information available, and should not undermine the effective access to beneficial ownership information.

The identification of applicants is necessary to ensure that only persons with a legitimate interest can access beneficial ownership information. However, the identification process should be carried out in such a way that it does not lead to discrimination, including based on the applicants’ country of residence or nationality. To that end, Member States should provide sufficient identification mechanisms, including but not limited to electronic identification schemes notified under Regulation (EU) No 910/2014 of the European Parliament and of the Council(²⁰)Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (OJ L 257, 28.8.2014, p. 73)., and relevant qualified trust services, to enable persons with a legitimate interest to effectively access beneficial ownership information.

Directive (EU) 2018/843 achieved the interconnection of Member States’ central registers holding beneficial ownership information through the European Central Platform established by Directive (EU) 2017/1132. The interconnection has proven to be essential for an effective cross-border access to the beneficial ownership information by competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;, obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and persons with a legitimate interest. It will require continued development to implement the evolved regulatory requirements prior to the transposition of this Directive. Therefore, work on interconnection should continue with involvement of Member States in the functioning of the whole system, which should be ensured by means of a regular dialogue between the Commission and the representatives of Member States on the issues concerning the operation of the system and on its future development.

Through the interconnection of the central registers, both national and cross-border access to information on the beneficial ownership of legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; contained in each Member State central register should be granted based on the definition of legitimate interest, by virtue of a decision taken by the entity in charge of the relevant central register. To ensure that decisions on limiting access to beneficial ownership information can be reviewed, appeal mechanisms against such decisions should be established. With a view to ensuring coherent and efficient registration and information exchange, Member States should ensure that the entity in charge of the central register in their Member State cooperates with its counterparts in other Member States, including by sharing information concerning trusts and similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; governed by the law of one Member State and administered in another Member State or whose trustee is established or resides in another Member State.

Regulation (EU) 2016/679 applies to the processing of personal data for the purposes of this Directive. Natural persons whose personal data are held in central registers as beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; should be informed about the applicable data protection rules. Furthermore, only personal data that is up to date and corresponds to the actual beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; should be made available and the beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; should be informed about their rights under the Union legal data protection framework and the procedures applicable for exercising those rights.

Delayed access to information by FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; on the identity of holders of bank accounts and payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe-deposit boxes hampers the detection of transfers of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; relating to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. It is therefore essential to establish centralised automated mechanisms, such as a register or data retrieval system, in all Member States as an efficient means to get timely access to information on the identity of holders of bank accounts and payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe-deposit boxes, their proxy holders, and their beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;. Such information should include the historical information on closed customer-account holders, bank accounts and payment accounts, including virtual IBANsmeans an identifier causing payments to be redirected to a payment account identified by an IBAN different from that identifier;, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe-deposit boxes. When applying the access provisions, it is appropriate for pre-existing mechanisms to be used provided that national FIUs can access the data for which they make inquiries in an immediate and unfiltered manner. Member States should consider feeding such mechanisms with other information deemed necessary and proportionate in order to achieve a more effective mitigation of risks relating to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and the financing of terrorism. Full confidentiality should be ensured in respect of such inquiries and requests for related information by FIUs, AMLA in the context of joint analyses and supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor;.

Virtual IBANsmeans an identifier causing payments to be redirected to a payment account identified by an IBAN different from that identifier; are virtual numbers issued by credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; and financial institutionsmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country; that allow payments to be redirected to physical bank accounts or payment accounts. While virtual IBANsmeans an identifier causing payments to be redirected to a payment account identified by an IBAN different from that identifier; can be used by businesses for legitimate purposes, for example, to streamline the process of collecting and sending payments across borders, they are also associated with increased risks of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; as they can be used to obscure the identity of the account holder, making it difficult for FIUs to trace the flow of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673;, identify the location of the account and impose the necessary measures, including the suspension or monitoring of the account. In order to mitigate those risks and facilitate the tracing and detection of illicit flows by FIUs, the centralised automated mechanisms should include information on virtual IBANsmeans an identifier causing payments to be redirected to a payment account identified by an IBAN different from that identifier; associated with a bank account or payment account.

In order to respect privacy and protect personal data, the minimum data necessary for the carrying out of AML/CFT investigations should be held in centralised automated mechanisms for bank accounts or payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1). and crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113;. It should be possible for Member States to determine which additional data it is useful and proportionate to gather. When transposing the provisions relating to those mechanisms, Member States should set out retention periods equivalent to the period for retention of the documentation and information obtained within the application of customer due diligence measures. It should be possible for Member States to exceptionally extend the retention period, provided good reasons are given. The additional retention period should not exceed an additional 5 years. That period should be without prejudice to national law setting out other data retention requirements allowing case-by-case decisions to facilitate criminal or administrative proceedings. Access to those mechanisms should be on a need-to-know basis.

Through the interconnection of Member States’ centralised automated mechanisms, national FIUs would be able to obtain swiftly cross-border information on the identity of holders of bank accounts and payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe deposit boxes in other Member States, which would reinforce their ability to effectively carry out financial analysis and cooperate with their counterparts from other Member States. Direct cross-border access to information on bank accounts and payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe deposit boxes would enable FIUs to produce financial analysis within a sufficiently short timeframe to trace fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; funnelled through various accounts, including by using virtual IBANsmeans an identifier causing payments to be redirected to a payment account identified by an IBAN different from that identifier;, detect potential money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; cases and guarantee a swift law enforcement action. AMLA should also be provided with direct access to the interconnected centralised automated mechanisms in order to provide operational support to FIUs in the framework of joint analysis exercises. Member States should ensure that direct access to the interconnected centralised automated mechanisms is extended to supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; to enable them to effectively perform their tasks.

In order to respect the right to the protection of personal data and the right to privacy, and to limit the impact of cross-border access to the information contained in the national centralised automated mechanisms, the scope of information accessible through the bank account registers interconnection system (‘BARIS’) would be restricted to the minimum necessary in accordance with the principle of data minimisation to allow the identification of any natural or legal persons holding or controlling bank accounts or payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe-deposit boxes. FIUs and AMLA, as well as supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor;, should be granted immediate and unfiltered access to BARIS. Member States should ensure that the staff of FIUs maintain high professional standards of confidentiality and data protection, and that they are of high integrity and are appropriately skilled. Moreover, Member States should put in place technical and organisational measures guaranteeing the security of the data to high technological standards.

The interconnection of Member States’ centralised automated mechanisms (central registries or central electronic data retrieval systems) containing information on bank accounts and payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and safe-deposit boxes through BARIS necessitates the coordination of national systems having varying technical characteristics. For that purpose, technical measures and specifications taking into account the differences between the national centralised automated mechanisms should be developed.

Real estate is an attractive commodity for criminals to launder the proceeds of their illicit activities, as it allows the true source of the fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; and the identity of the beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; to be obscured. The proper and timely identification of real estate, as well as of natural persons, legal entities and legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso; owning real estate by FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; is important both for detecting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; schemes as well as for freezing and confiscation of assets, as well as for administrative freezing measures implementing targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;. It is therefore important that Member States provide FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; with immediate and direct access to information which allows the proper conduct of analyses and investigations into potential criminal cases involving real estate. In order to facilitate effective access, that information should be provided free of charge through a single access point, by digital means and where possible in machine-readable format. The information should include historical information, including the history of real estate ownership, the prices at which the real estate has been acquired in the past and related encumbrances over a defined period in the past in order to enable FIUs and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; in that Member State to analyse and identify any suspicious activities pertaining to real estate, including land, property transactions which could be indicative of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; or other types of criminality. Such historical information concerns types of information already collected when carrying out real estate property transactions. Therefore, there are no new obligations imposed upon affected persons, ensuring that the legitimate expectations of those concerned are duly respected. Given the frequently cross-border nature of criminal schemes involving real estate, it is appropriate to identify a minimum set of information that competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; should be able to access and share with their counterparts in other Member States.

Member States have in place or should set up operationally independent and autonomous FIUs to collect and analyse information, with the aim of establishing links between suspicious transactions and activities, and underlying criminal activitymeans criminal activity as defined in Article 2, point (1), of Directive (EU) 2018/1673, as well as fraud affecting the Union’s financial interests as defined in Article 3(2) of Directive (EU) 2017/1371, passive and active corruption as defined in Article 4 (2) and misappropriation as defined in Article 4(3), second subparagraph, of that Directive; in order to prevent and combat money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. The FIU should be the single central national unit responsible for the receipt and analysis of suspicious transaction reports, reports on cross-border physical movements of cashmeans cash as defined in Article 2(1), point (a), of Regulation (EU) 2018/1672 of the European Parliament and of the Council(39) Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6).;Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6). through the Customs Information System, on transactions reported when certain thresholds are exceeded (threshold-based disclosures) as well as other information relevant to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; submitted by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;. Operational independence and autonomy of the FIU should be ensured by granting the FIU the authority and capacity to carry out its functions freely, including the ability to take autonomous decisions as regards analysis, requests and dissemination of specific information. In all cases, the FIU should have the independent right to forward or disseminate information to relevant competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. The FIU should be provided with adequate financial, human and technical resources, in a manner that secures its autonomy and independence and enables it to exercise its mandate effectively. The FIU should be able to obtain and deploy the resources needed to carry out its functions, on an individual or routine basis, free from any undue political, government or industry influence or interference, which might compromise its operational independence. In order to assess the fulfilment of those requirements and identify weaknesses and best practices, AMLA should be empowered to coordinate the organisation of peer reviews of FIUs.

The staff of FIUs should be of high integrity and appropriately skilled, and should maintain high professional standards. FIUs should have in place procedures to effectively prevent and manage conflicts of interest. Given the nature of their work, FIUs are recipients of, and have access to, large amounts of sensitive personal and financial information. Therefore, the staff of FIUs should have appropriate skills when it comes to the ethical use of big data analytical tools. Moreover, the activities of FIUs might have implications for individuals’ fundamental rights, such as the right to the protection of personal data, right to private life and right to property. FIUs should therefore designate a Fundamental Rights Officer who can be a member of the existing staff of the FIU. The tasks of the Fundamental Rights Officer should include, without impeding or delaying the activities of the FIU, monitoring and promoting the FIU’s compliance with fundamental rights, providing advice and guidance to the FIU on fundamental rights implications of its policies and practices, scrutinising the lawfulness and ethics of the FIU’s activities and issuing non-binding opinions. The designation of a Fundamental Rights Officer would help to ensure that in carrying out their tasks, FIUs respect and protect fundamental rights of affected individuals.

FIUs should be able to disseminate information to competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; tasked with combatting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences, and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Such authorities should be understood to include authorities with an investigative, prosecutorial or judicial role. Across Member States, other authorities have dedicated roles connected to the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, and FIUs should also be able to provide them with the results of their operational or strategic analyses, where they consider those results to be relevant to their functions. The results of those analyses provide meaningful intelligence to be used for the development of leads in the course of investigative and prosecutorial work. The source of the suspicious transaction or activity report should not be disclosed in the dissemination. This, however, should not preclude FIUs from disseminating relevant information including, for example, information on IBAN numbers, BIC or SWIFT codes. In addition, FIUs should be able to share other information in their possession including upon request by other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. In exercising their autonomy and independence, FIUs should consider how a refusal to provide information could impact cooperation and the broader goal of combatting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Refusals should be limited to exceptional circumstances, for example when the information originates from another FIU that has not consented to its further dissemination, or where the FIU has reasons to believe that the information will not be used for the purposes for which it was requested. In such cases the FIU should provide reasons for the refusal. Such reasons could include clarifying that the information is not in the possession of the FIU or that consent for further dissemination has not been granted.

Effective cooperation and information exchange between FIUs and supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; is of crucial importance for the integrity and stability of the financial system. It ensures a comprehensive and consistent approach to preventing and combating money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, enhances the effectiveness of the Union AML/CFT regime and safeguards the economy from the threats posed by illicit financial activities. Information in the possession of FIUs pertaining to, for example, the quality and quantity of suspicious transaction reports submitted by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, the quality and timeliness of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’ responses to requests for information by the FIUs, and information on money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; typologies, trends and methods can help supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; identify areas where risks are higher or where compliance is weak and thereby provide them with an insight into whether supervision needs to be strengthened in relation to specific obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; or sectors. To that end, FIUs should provide supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, either spontaneously or upon request, with certain types of information that could be relevant for the purposes of supervision.

FIUs play an important role in identifying the financial operations of terrorist networks, especially cross-border, and in detecting their financial backers. Financial intelligence might be of fundamental importance in uncovering the facilitation of terrorist offences and the networks and schemes of terrorist organisations. FIUs maintain significant differences as regards their functions, competences and powers. The current differences should however not affect an FIU’s activity, particularly its capacity to develop preventive analyses in support of all the authorities in charge of intelligence, investigative and judicial activities, and international cooperation. In the exercise of their tasks, it has become essential to identify the minimum set of data FIUs should have swift access to and be able to exchange without impediments with their counterparts from other Member States. In all cases of suspected money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, information should flow directly and quickly between FIUs without undue delay. It is therefore essential to further enhance the effectiveness and efficiency of FIUs, by clarifying the powers of and cooperation between FIUs.

The powers of FIUs include the right to access, directly or indirectly, the ‘financial’, ‘administrative’ and ‘law enforcement’ information that they require in order to combat money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. The lack of definition of what types of information those general categories include has resulted in FIUs having been granted with access to considerably diversified sets of information which has an impact on FIUs’ analytical functions as well as on their capacity to cooperate effectively with their counterparts from other Member States, including in the framework of joint analysis exercises. It is therefore necessary to define the minimum sets of ‘financial’, ‘administrative’ and ‘law enforcement’ information that should be made directly or indirectly available to every FIU across the Union. FIUs also receive and store in their databases, or have access to, information related to transactions that are reported when specified thresholds are exceeded (threshold-based reports). Those reports are an important source of information and are widely used by FIUs in the context of domestic and joint analyses. Therefore, threshold-based reports are among the types of information exchanged through FIU.net. Direct access is an important prerequisite for the operational effectiveness and responsiveness of FIUs. To that end, it should be possible for Member States to provide FIUs with direct access to a broader set of information than those required by this Directive. At the same time, this Directive does not require Member States to set up new databases or registers in the cases where certain types of information, for example, information on procurement, is spread across various repositories or archives. Where a database or register has not been set up, Member States should take other necessary measures to ensure that FIUs can obtain that information in an expeditious manner. Moreover, FIUs should be able to obtain swiftly from any obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; all necessary information relating to their functions. An FIU should also be able to obtain such information upon request made by another FIU and to exchange that information with the requesting FIU.

Access should be considered direct and immediate when the information is contained in a database, register or an electronic data retrieval system enabling the FIU to obtain it directly, through an automated mechanism, without the involvement of an intermediary. Where the information is held by another entity or authority, direct access entails that those authorities or entities transmit it to the FIU in an expeditious manner without interfering with the content of the requested data or the information to be provided. The information should not undergo any filtering. In some situations, however, the confidentiality requirements attached to the information might not allow the provision of the information in an unfiltered manner. This is the case, for example, where tax information can only be provided to FIUs upon agreement of a tax authority in a third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, where direct access to law enforcement information could jeopardise an ongoing investigation, as well as in relation to passenger name record data collected pursuant to Directive (EU) 2016/681 of the European Parliament and of the Council(²¹)Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (OJ L 119, 4.5.2016, p. 132).. In such cases, Member States should make every effort to ensure effective access to the information by FIUs, including by allowing FIUs to have access under similar conditions to those offered to other authorities at national level to facilitate their analytical activities.

The vast majority of FIUs have been granted the power to take urgent action and suspend or withhold consent to a transaction in order to perform the analyses, confirm the suspicion and disseminate the results of the analytical activities to the competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. However, there are certain variations in relation to the duration of the suspension powers across Member States, with an impact not only on the postponement of activities that have a cross-border nature through FIU-to-FIU cooperation, but also on individuals’ fundamental rights. Furthermore, in order to ensure that FIUs have the capacity to promptly restrain criminal fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; or assets and prevent their dissipation, also for seizure purposes, FIUs should be granted the power to suspend the use of a bank account or payment account, crypto-asset accountmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; or a business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; in order to analyse the transactions performed through the account or business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration;, confirm the suspicion and disseminate the results of the analysis to the relevant competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. Given that such suspension would have an impact on the right to property, FIUs should be able to suspend transactions, accounts or business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; for a limited period in order to preserve the fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673;, carry out the necessary analyses and disseminate the results of the analyses to the competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; for the possible adoption of appropriate measures. Given the more significant impact on an affected person’s fundamental rights, the suspension of an account or business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; should be imposed for a more limited period, which should be set at 5 working days. Member States can define a longer period of suspension where, pursuant to national law, the FIU exercises competences in the area of asset recovery and carries out functions of tracing, seizing, freezing or confiscating criminal assets. In such cases, the preservation of affected persons’ fundamental rights should be guaranteed and FIUs should exercise their functions in accordance with the appropriate national safeguards. FIUs should lift the suspension of the transaction, account or business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; as soon as such suspension is no longer necessary. Where a longer suspension period is defined, affected persons whose transactions, accounts or business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; have been suspended should have the possibility to challenge the suspension order before a court.

In specific circumstances, FIUs should be able to request, on their own behalf or on behalf of another FIU, an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to monitor, for a defined period, transactions or activities carried out through a bank account or payment account or crypto-asset accountmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; or another type of business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; in relation to persons presenting a significant risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Closer monitoring of an account or a business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; can provide the FIU with additional insights into the account holder’s transaction patterns and lead to the timely detection of unusual or suspicious transactions or activities that might warrant further action by the FIU, including the suspension of the account or the business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration;, the analysis of the intelligence gathered and its dissemination to investigative and prosecutorial authorities. FIUs should also be able to alert obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; of information relevant to the performance of customer due diligence. Such alerts can help obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to inform their customer due diligence procedures and ensure their consistency with risks, update their risk assessment and risk management systems accordingly and provide them with additional information that might trigger the need for enhanced due diligence on certain customers or transactions that present higher risks.

For the purposes of greater transparency and accountability and to increase awareness with regard to their activities, FIUs should issue activity reports on an annual basis. Those reports should at least provide statistical data in relation to the suspicious transaction reports received and the follow-up given, the number of disseminations made to national competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and the follow-up provided to those disseminations, the number of requests submitted to and received by other FIUs as well as information on trends and typologies identified. Those reports should be made public except for the parts thereof which contain sensitive and classified information.

At least once per year, the FIU should provide obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; with feedback on the quality of suspicious transaction reports, their timeliness, the description of suspicion and any additional documents provided. Such feedback can be provided to individual obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; or groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and should aim to further improve the obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’ ability to detect and identify suspicious transactions and activities, improve the quality of suspicious transaction reports, enhance the overall reporting mechanisms and provide obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; with important insights into trends, typologies and risks associated with money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. When determining the type and frequency of the feedback, FIUs should, insofar as possible, take into account areas where improvements in reporting activities might be needed. In order to support a consistent approach across FIUs and adequate feedback to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, AMLA should issue recommendations to FIUs on best practices and approaches towards providing feedback. Where this would not jeopardise analytical or investigative work, FIUs could consider providing feedback on the use made or outcome of suspicious transaction reports, whether on individual reports or in an aggregated manner. FIUs should also provide customs authoritiesmeans the customs authorities as defined in Article 5, point (1), of Regulation (EU) No 952/2013 of the European Parliament and of the Council(34) Regulation (EU) No 952/2013 of the European Parliament and of the Council of 9 October 2013 laying down the Union Customs Code (OJ L 269, 10.10.2013, p. 1). and the competent authorities as defined in Article 2(1), point (g), of Regulation (EU) 2018/1672 of the European Parliament and of the Council(35) Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6).;Regulation (EU) No 952/2013 of the European Parliament and of the Council of 9 October 2013 laying down the Union Customs Code (OJ L 269, 10.10.2013, p. 1).Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6). with feedback, at least once per year, on the effectiveness and follow-up to reports on cross-border physical movements of cashmeans cash as defined in Article 2(1), point (a), of Regulation (EU) 2018/1672 of the European Parliament and of the Council(39) Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6).;Regulation (EU) 2018/1672 of the European Parliament and of the Council of 23 October 2018 on controls on cash entering or leaving the Union and repealing Regulation (EC) No 1889/2005 (OJ L 284, 12.11.2018, p. 6)..

The purpose of the FIU is to collect and analyse information with the aim of establishing links between suspicious transactions or activities, and underlying criminal activitymeans criminal activity as defined in Article 2, point (1), of Directive (EU) 2018/1673, as well as fraud affecting the Union’s financial interests as defined in Article 3(2) of Directive (EU) 2017/1371, passive and active corruption as defined in Article 4 (2) and misappropriation as defined in Article 4(3), second subparagraph, of that Directive; in order to prevent and combat money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, and to disseminate the results of its analysis as well as additional information to the competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; where there are grounds to suspect money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. An FIU should not refrain from or refuse the exchange of information to another FIU, spontaneously or upon request, for reasons such as a lack of identification of a predicate offence, features of criminal national laws and differences between the definitions of predicate offences or the absence of a reference to particular predicate offences. FIUs have reported difficulties in exchanging information based on differences in national definitions of certain predicate offences, such as tax crimes, which are not harmonised by Union law. Such differences should not hamper the mutual exchange, the dissemination to other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and the use of that information. FIUs should rapidly, constructively and effectively ensure the widest range of international cooperation with third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;’ FIUs in relation to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; in accordance with the applicable data protection rules for data transfers, FATF Recommendations and Egmont Principles for Information Exchange between Financial Intelligence Units. To that end, FIUs should be encouraged to conclude bilateral agreements and memoranda of understanding with counterparts from third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, while taking account of any fundamental rights obligations and of the need to protect the rule of law.

An FIU can impose certain restrictions and limitations with regard to the further use of information it provides to another FIU. The recipient FIU should use the information only for the purposes for which it was sought or provided. An FIU should grant its prior consent to another FIU to forward the information to other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; regardless of the type of possible predicate offence and regardless of whether the predicate offence has been identified at the time of the exchange, in order to allow the dissemination function to be carried out effectively. Such prior consent to further dissemination should be granted promptly and should not be refused unless it would fall beyond the scope of application of the AML/CFT provisions or would not be in accordance with fundamental principles of national law. FIUs should provide an explanation regarding any refusal to grant consent.

FIUs should use secure facilities, including protected channels of communication, to cooperate and exchange information amongst each other. In this respect, a system for the exchange of information between FIUs of Member States (FIU.net) should be set up. The system should be managed and hosted by AMLA and should provide for the highest level of security and the full encryption of the information exchanged. FIU.net should be used by FIUs to cooperate and exchange information amongst each other and could also be used, where appropriate and subject to a decision by AMLA, to exchange information with FIUs of third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; and with other authorities and Union bodies, offices and agencies. The functionalities of the FIU.net should be used by FIUs to their full potential. Those functionalities should allow FIUs to match their data with data of other FIUs in a pseudonymous manner, with the aim of detecting subjects of the FIU’s interests in other Member States and identifying their proceeds and fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673;, whilst ensuring full protection of personal data. In order to identify links between financial information and criminal intelligence, FIUs should also be able to use the functionalities of FIU.net to pseudonymously cross-match their data with information held by Union bodies, offices and agencies insofar as such cross-matching falls within the latter’s respective legal mandates and in full respect of the applicable data protection rules.

It is important that FIUs cooperate and exchange information effectively with one another. In that regard, AMLA should provide the necessary assistance, not only by means of coordinating joint analyses of cross-border suspicious transaction reports, but also by developing draft implementing and regulatory technical standards concerning the format to be used for the exchange of information between FIUs, the template for the submission of suspicious transaction reports and the relevance and selection criteria to be taken into account when determining whether a suspicious transaction report concerns another Member State as well as guidelines on the nature, features and objectives of operational and of strategic analysis and on the procedures to be put in place when forwarding and receiving a suspicious transaction report which concerns another Member State and the follow-up to be given. AMLA should also set up a peer review process in order to strengthen consistency and effectiveness of FIUs’ activities and to facilitate the exchange of best practices between FIUs.

FIUs are responsible for receiving suspicious transaction or activity reports from obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; established in the territory of their Member States. Certain suspicious transactions or activities reported to FIUs might however pertain to activities carried out by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in other Member States, where they operate without an establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation;. In those cases, it is important that FIUs disseminate those reports to their counterpart in the Member State concerned by the transaction or activity, without attaching conditions to the use of those reports. The FIU.net system enables the dissemination of such cross-border reports. In order to enhance that functionality, the system is undergoing upgrades to enable the fast dissemination of such reports and to support significant exchanges of information between FIUs, and thereby the effective implementation of this Directive.

Time limits for exchanges of information between FIUs are necessary in order to ensure quick, effective and consistent cooperation. Time limits should be set out in order to ensure effective sharing of information within a reasonable time or to meet procedural constraints. Shorter time limits should be provided in exceptional, justified and urgent cases where the requested FIU is able to access directly the databases where the requested information is held. In cases where the requested FIU is not able to provide the information within the time limit, it should inform the requesting FIU thereof.

The movement of illicit money traverses borders and can affect different Member States. The cross-border cases, involving multiple jurisdictions, are becoming increasingly frequent and significant, also due to the activities carried out by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; on a cross-border basis. In order to deal effectively with cases that concern several Member States, FIUs should be able to go beyond the simple exchange of information for the detection and analysis of suspicious transactions and activities and carry out jointly the analytical activity itself. FIUs have reported certain important issues which limit or condition the capacity of FIUs to engage in joint analysis. Carrying out joint analysis of suspicious transactions and activities will enable FIUs to exploit potential synergies, to use information from different sources, to obtain a full picture of the anomalous activities and to enrich the analysis. FIUs should be able to conduct joint analyses of suspicious transactions and activities and to set up and participate in joint analysis teams for specific purposes and limited period with the assistance of AMLA. AMLA should use the FIU.net system in order to be able to send, receive and cross-match information and provide operational support to FIUs in the context of the joint analysis of cross-border cases.

The participation of third parties, including Union bodies, offices and agencies, might be instrumental to the successful outcome of FIUs’ analyses, including joint analyses. Therefore, FIUs can invite third parties to take part in the joint analysis where such participation would fall within the respective mandates of those third parties. Participation by third parties in the analytical process could help identify links between financial intelligence and criminal information and intelligence, enrich the analysis, and determine if there are indications that a criminal offence has been committed.

Effective supervision of all obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; is essential to protect the integrity of the Union financial system and of the internal market. To that end, Member States should deploy effective and impartial AML/CFT supervision and set out the conditions for effective, timely and sustained cooperation between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;.

Member States should ensure effective, impartial and risk-based supervision of all obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, preferably by public authorities via a separate and independent national supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;. National supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be able to perform a comprehensive range of tasks in order to exercise effective supervision of all obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;.

The Union has witnessed on occasions a lax approach to the supervision of the obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’ duties in terms of anti-money laundering and counter-terrorist financing duties. Therefore, it is necessary that national supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, as part of the integrated supervisory mechanism put in place by this Directive and Regulation (EU) 2024/1620, obtain clarity as to their respective rights and obligations.

In order to assess and monitor more effectively and regularly the risks obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; are exposed to and the internal policies, procedures and controls they put in place to manage and mitigate those risks, and to implement targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;, it is necessary to clarify that national supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are both entitled and bound to conduct all the necessary off-site, on-site and thematic checks and any other inquiries and assessments as they see necessary. They should also be able to react without undue delay to any suspicion of non-compliance with applicable requirements and take appropriate supervisory measures to address allegations of non-compliance. This will not only help supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; decide on those cases where the specific risks inherent in a sector are clear and understood, but also provide them with the tools required to further disseminate relevant information to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in order to inform their understanding of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks.

Outreach activities, including the dissemination of information by the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to the obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; under their supervision, is essential to guarantee that the private sector has an adequate understanding of the nature and level of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks they face. This includes disseminations of designations under targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU; and UN financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated or listed persons and entities pursuant to:UNSC Resolution 1267 (1999) and its successor resolutions;UNSC Resolution 1373 (2001), including the determination that the relevant sanctions will be applied to the person or entity and the public communication of that determination;UN financial sanctions relating to proliferation financing;, which should take place immediately once such designations are made in order to enable the sector to comply with their obligations. As the implementation of AML/CFT requirements by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; involves the processing of personal data, it is important that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are cognisant of guidance and other publications issued by the data protection authorities, either at national level or at Union level through the European Data Protection Board, and that they include that information, as appropriate, in their disseminations to the entities under their supervision.

Supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should adopt a risk-based approach to their work, which would enable them to focus their resources where the risks are the highest, whilst ensuring that no sector or entity is left exposed to criminal attempts to launder money or finance terrorism. To that end, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should plan their activities on an annual basis. In doing so, they should not only ensure risk-based coverage of the sectors under their supervision, but also that they are able to react promptly in the event of objective and significant indications of breaches within an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, including in particular following public revelations or information submitted by whistleblowers. Supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should also ensure transparency with respect to the supervisory activities they have carried out, such as supervisory colleges they organised and attended, on-site and off-site supervisory actions taken, pecuniary sanctions imposed or administrative measures applied. AMLA should play a leading role in fostering a common understanding of risks, and should therefore be entrusted with developing the benchmarks and a methodology for assessing and classifying the inherent and residual risk profile of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, as well as the frequency at which such risk profile should be reviewed.

The disclosure to FIUs of facts that could be related to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; or to terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; by supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; is one of the cornerstones of efficient and effective supervision of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks, and it allows supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to address shortcomings in the reporting process of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;. To that effect, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be able to report to the FIU instances of suspicions that the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; failed to report or to complement reports submitted by the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; with additional information, which they detect in the course of their supervisory activities. Supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should also be able to report suspicions of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; by the employees of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, or persons in an equivalent position, by its management or its beneficial ownersmeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement;. It is therefore necessary for Member States to put in place a system that ensures that FIUs are properly and promptly informed. The reporting of suspicions to the FIU should not be understood as replacing the obligation for public authorities to report to the relevant competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; any criminal activitymeans criminal activity as defined in Article 2, point (1), of Directive (EU) 2018/1673, as well as fraud affecting the Union’s financial interests as defined in Article 3(2) of Directive (EU) 2017/1371, passive and active corruption as defined in Article 4 (2) and misappropriation as defined in Article 4(3), second subparagraph, of that Directive; they uncover or become aware of in the course of performing their tasks. Information covered by the legal privilege should not be collected or consulted in the context of supervisory tasks, unless the exemptions set out in Regulation (EU) 2024/1624 apply. If supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; come across or into possession of such information, they should not take it into account for the purposes of their supervisory activities or report it to the FIU.

Cooperation between national supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; is essential to ensure a common supervisory approach across the Union. To be effective, that cooperation has to be used to the greatest extent possible and regardless of the respective nature or status of the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;. In addition to traditional cooperation — such as the ability to conduct investigations on behalf of a requesting supervisory authoritymeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; — it is appropriate to mandate the set-up of AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; in the financial sector with respect to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; that operate in several Member States through establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; and with respect to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; which are part of a cross-border groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;. Third-country financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; can be invited to those colleges under certain conditions, including confidentiality requirements equivalent to those incumbent on Union financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; and compliance with Union law regarding the processing and transmission of personal data. The activities of AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; should be proportionate to the level of risk to which the credit institutionmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; or financial institutionmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country; is exposed, and the scale of cross-border activity.

Directive (EU) 2015/849 included a general requirement for supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of home and host Member Statesmeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; to cooperate. That requirement was subsequently strengthened to avoid the exchange of information and cooperation between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; being prohibited or unreasonably restricted. However, in the absence of a clear legal framework, the set-up of AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; has been based on non-binding guidelines. It is therefore necessary to establish clear rules for the organisation of AML/CFT colleges and to provide for a coordinated, legally sound approach, recognising the need for structured interaction between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; across the Union. In line with its coordinating and oversight role, AMLA should be entrusted with developing the draft regulatory technical standards defining the general conditions that enable the proper functioning of AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country;.

Obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; operating in the non-financial sectormeans the obliged entities listed in Article 3, point (3), of Regulation (EU) 2024/1624; might also carry out activities across borders or be part of groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; that carry out cross-border activities. It is therefore appropriate to lay down rules that define the functioning of AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; for groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; carrying out both financial and non-financial activities, and that enable the setting-up of supervisory colleges in the non-financial sectormeans the obliged entities listed in Article 3, point (3), of Regulation (EU) 2024/1624;, taking into account the need to apply additional safeguards in relation to groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; or cross-border entities providing legal services. In order to ensure effective cross-border supervision in the non-financial sectormeans the obliged entities listed in Article 3, point (3), of Regulation (EU) 2024/1624;, AMLA should provide support to the functioning of such colleges and regularly provide its opinion on the functioning of those colleges as implementation of the enabling framework provided by this Directive progresses.

Where an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; operates establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; in another Member State, including through a network of agents, the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located; should be responsible for supervising the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’s application of group-wide AML/CFT policies and procedures. This could involve on-site visits in establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; based in another Member State. The supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located; should cooperate closely with the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; and should inform it of any issues that could affect their assessment of the establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation;’s compliance with the AML/CFT rules of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure;.

Where an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; operates establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; in another Member State, including through a network of agents, the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; should retain responsibility for enforcing the establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation;’s compliance with AML/CFT rules, including, where appropriate, by carrying out on-site inspections and off-site monitoring and by taking appropriate and proportionate measures to address breaches of those requirements. The same should apply to other types of infrastructure of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; that operate under the freedom to provide services, where that infrastructure is sufficient to require supervision by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure;. The supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; should cooperate closely with the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located; and should inform it of any issues that could affect its assessment of the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’s application of AML/CFT policies and procedures, and allow the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located; to take measures to address any breach identified. However, where serious, repeated or systematic breaches of AML/CFT rules that require immediate remedies are detected, the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; should be able to apply appropriate and proportionate temporary remedial measures, applicable under similar circumstances to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; under their competence, to address such serious, repeated or systematic breaches, where appropriate, with the assistance of, or in cooperation with, the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located;.

In areas that are not harmonised at Union level, Member States can adopt national measures, even when those measures constitute restrictions to the freedoms of the internal market. This is the case, for example, of measures taken to regulate the provision of gambling servicesmeans a service which involves wagering a stake with monetary value in games of chance, including those with an element of skill, such as lotteries, casino games, poker games and betting transactions that are provided at a physical location, or by any means at a distance, by electronic means or any other technology for facilitating communication, and at the individual request of a recipient of services;, particularly when those activities are carried out online, without any infrastructure in the Member State. However, to be compatible with Union law, such measures need to attain a general interest, be non-discriminatory and suitable for achieving that objective, and must not go beyond what is strictly necessary to achieve it. Where Member States subject the provision of services that are regulated under the Union AML/CFT framework to specific authorisation requirements, such as the obtention of a licence, they should also be responsible for the supervision of those services. The requirement to supervise those services does not prejudge the conclusions that the Court of Justice might draw on the compatibility of national measures with Union law.

In light of anti-money laundering vulnerabilities related to electronic moneymeans electronic money as defined in Article 2, point (2), of Directive 2009/110/EC of the European Parliament and of the Council(38) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7)., but excluding monetary value as referred to in Article 1(4) and (5) of that Directive;Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7). issuers, payment service providers and crypto-assets service providersmeans a crypto-asset service provider as defined in Article 3(1), point (15), of Regulation (EU) 2023/1114 where performing one or more crypto-asset services;, it should be possible for Member States to require that those providers established on their territory in forms other than a branch or through other types of infrastructure and the head office of which is located in another Member State appoint a central contact point. Such a central contact point, acting on behalf of the appointing institution, should ensure the establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation;’ compliance with AML/CFT rules.

To ensure better coordination of efforts and contribute effectively to the needs of the integrated supervisory mechanism, the respective duties of supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; in relation to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; operating in other Member States through establishmentsmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; or forms of infrastructure justifying supervision by the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; should be clarified, and specific, proportionate cooperation mechanisms should be provided for.

Cross-border groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; need to have in place far-reaching group-wide policies and procedures. To ensure that cross-border operations are matched by adequate supervision, it is necessary to set out detailed supervisory rules, enabling supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of the home Member Statemeans the Member State where the registered office of the obliged entity is located or, if the obliged entity has no registered office, the Member State in which its head office is located; and those of the host Member Statemeans a Member State, other than the home Member State, in which the obliged entity operates an establishment, such as a subsidiary or a branch, or where the obliged entity operates under the freedom to provide services through an infrastructure; to cooperate with each other to the greatest extent possible, regardless of their respective nature or status, and with AMLA to assess risks and monitor developments that could affect the various entities that form part of the groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;, coordinate supervisory action and settle disputes. Given its coordinating role, AMLA should be entrusted with the duty to develop the draft regulatory technical standards defining the detailed respective duties of the home and host supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; of groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;, and the arrangements for cooperation between them. The supervision of the effective implementation of groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; policy on AML/CFT should be done in accordance with the principles and methods of consolidated supervision as laid down in the relevant Union sectoral legal acts.

Exchange of information and cooperation between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; is essential in the context of increasingly integrated global financial systems. On the one hand, Union supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, including AMLA, should inform each other of instances in which the law of a third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; does not permit the implementation of the policies and procedures required under Regulation (EU) 2024/1624. On the other hand, it should be possible for Member States to authorise supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to conclude cooperation agreements providing for cooperation and exchanges of confidential information with their counterparts in third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, in compliance with applicable rules for personal data transfers. Given its oversight role, AMLA should provide assistance as might be necessary to assess the equivalence of professional secrecy requirements applicable to the third-country counterpart.

Directive (EU) 2015/849 allows Member States to entrust the supervision of some obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to self-regulatory bodiesmeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them;. However, the quality and intensity of supervision performed by such self-regulatory bodiesmeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them; has been insufficient, and under no, or close to no, public scrutiny. Where a Member State decides to entrust supervision to a self-regulatory bodymeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them;, it should also designate a public authority to oversee the activities of the self-regulatory bodymeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them; to ensure that the performance of those activities is in line with this Directive. That public authority should be a public administration entity and should perform its functions free of undue influence. The functions to be exercised by the public authority overseeing self-regulatory bodiesmeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them; do not imply that the authority should exercise supervisory functions vis-à-vis obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, or take decisions in individual cases handled by the self-regulatory bodymeans a body that represents members of a profession and has a role in regulating them, in performing certain supervisory or monitoring functions and in ensuring the enforcement of the rules relating to them;. However, this does not prevent Member States from allocating additional tasks to that authority if they deem it necessary to achieve the objectives of this Directive. When doing so, Member States should ensure that additional tasks are in line with fundamental rights, and in particular that those tasks do not interfere with the exercise of the right of defence and the confidentiality of lawyer-client communication.

The importance of combating money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; should result in Member States laying down effective, proportionate and dissuasive pecuniary sanctions and administrative measures in national law for failure to comply with Regulation (EU) 2024/1624. National supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be empowered by Member States to apply such administrative measures to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to remedy the situation in the case of breaches and, where the breach so justifies, impose pecuniary sanctions. Depending on the organisational systems in place in Member States, such measures and sanctions could also be applied in cooperation between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and other authorities, by delegation from the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to other authorities or by application by the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to judicial authorities. The pecuniary sanctions and administrative measures should be sufficiently broad to allow Member States and supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to take account of the differences between obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, in particular between credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; and financial institutionsmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country; and other obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, as regards their size, characteristics and the nature of the business.

Member States currently have a diverse range of pecuniary sanctions and administrative measures for breaches of the key preventative provisions in place and an inconsistent approach to investigating and sanctioning violations of anti-money laundering requirements. Moreover, there is no common understanding among supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; as to what should constitute a ‘serious’ violation and thus they cannot readily discern when a pecuniary sanction should be imposed. That diversity is detrimental to the efforts made in combating money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and the Union’s response is fragmented. Therefore, common criteria for determining the most appropriate supervisory response to breaches should be laid down and a range of administrative measures that the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; could apply to remedy breaches, whether in combination with pecuniary sanctions or, when the breaches are not sufficiently serious to be punished with a pecuniary sanction, on their own, should be provided. In order to incentivise obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to comply with the provisions of Regulation (EU) 2024/1624, it is necessary to strengthen the dissuasive nature of pecuniary sanctions. Accordingly, the minimum amount of the maximum penalty that can be imposed in the case of serious breaches of Regulation (EU) 2024/1624 should be raised. In transposing this Directive, Member States should ensure that the imposition of pecuniary sanctions and application of administrative measures, and the imposition of criminal sanctions in accordance with national law, does not breach the principle of ne bis in idem.

In the case of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; that are legal persons, breaches of AML/CFT requirements occur following action by, or under the responsibility of the natural persons who have the power to direct its activities, including through agents, distributors or other persons acting on behalf of the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;. In order to ensure that supervisory action in response to such breaches is effective, the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; should also be held liable for actions taken by those natural persons, whether carried out intentionally or negligently. Without prejudice to the liability of legal persons in criminal proceedings, any intent to derive a benefit for the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; from breaches points to wider failures in the internal policies, procedures and controls of the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to prevent money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Such failures undermine the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’s role as gatekeeper of the Union’s financial system. Any intent to derive benefit from a breach of AML/CFT requirement should therefore be taken as an aggravating circumstance.

Member States have different systems in place for the imposition of pecuniary sanctions, application of administrative measures and imposition of periodic penalty payments. In addition, certain administrative measures that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are empowered to apply, such as the withdrawal or suspension of a licence, are dependent on the execution of those measures by other authorities. In order to cater for such a diverse range of situations, it is appropriate to allow flexibility as regards the means that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; have to impose pecuniary sanctions, apply administrative measures and impose periodic penalty payments. Regardless of the means chosen, it is incumbent on Member States and the authorities involved to ensure that the mechanisms implemented achieve the intended result of restoring compliance and impose effective, dissuasive and proportionate pecuniary sanctions.

With a view to ensuring that obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; comply with AML/CFT requirements and effectively mitigate the risks of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; to which they are exposed, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be able to apply administrative measures not only to remedy identified breaches, but also where they identify that weaknesses in the internal policies, procedures and controls are likely to result in breaches of AML/CFT requirements, or where those policies, procedures and controls are inadequate to mitigate risks. The scope of administrative measures applied, and the timing granted to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to implement the requested actions, depend on the specific breaches or weaknesses identified. Where multiple breaches or weaknesses are identified, different deadlines might apply for the implementation of each individual administrative measure. Consistent with the punitive and educational goal of publications, only decisions to apply administrative measures in relation to breaches of AML/CFT requirements should be published, but not administrative measures applied to prevent such breach.

Timely compliance by obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; with administrative measures applied to them is essential to ensure an adequate and consistent level of protection against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; across the internal market. Where obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; fail to comply with administrative measures within the deadline set, it is necessary that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are able to apply enhanced pressure on the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to restore compliance without delay. To that end, it should be possible for supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to impose periodic penalty payments as of the deadline set for restoring compliance, including with retroactive effect when the decision imposing the periodic penalty payment is taken at a later stage. In calculating the amounts of periodic penalty payments, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should take into account the overall turnover of the obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and the type and gravity of the breach or weakness targeted by the supervisory measure to ensure its effectiveness and proportionality. Given their goal of pressuring an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; into complying with an administrative measure, periodic penalty payments should be limited in time and apply for no longer than 6 months. While it should be possible for supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; to renew the imposition of periodic penalty payments for another 6 months maximum, alternative measures to address an extended situation of non-compliance should be considered, consistent with the wide range of administrative measures that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; can apply.

Where the legal system of the Member State does not allow the imposition of pecuniary sanctions provided for in this Directive by administrative means, the rules on pecuniary sanctions can be applied in such a manner that the penalty is initiated by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and imposed by judicial authorities. Therefore, it is necessary that those Member States ensure that the application of the rules and pecuniary sanctions has an effect equivalent to the pecuniary sanctions imposed by the supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;. When imposing such pecuniary sanctions, judicial authorities should take into account the recommendation by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; initiating the penalty. The pecuniary sanctions imposed should be effective, proportionate and dissuasive.

Obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; can benefit from the freedom to provide services and to establish across the internal market to offer their products and services across the Union. An effective supervisory system requires that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are aware of the weaknesses in obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;’ compliance with AML/CFT rules. It is therefore important that supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; are able to inform one another of pecuniary sanctions imposed on, and administrative measures applied to obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation;, when such information would be relevant for other supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;.

Publication of a pecuniary sanction or administrative measure for breach of Regulation (EU) 2024/1624 can have a strong dissuasive effect against repetition of such a breach. It also informs other entities of the money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks associated with the sanctioned obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; before entering into a business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; and assists supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; in other Member States in relation to the risks associated with an obliged entitymeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; when it operates in their Member State on a cross-border basis. For those reasons, the requirement to publish decisions on pecuniary sanctions against which there is no appeal should be confirmed, and should be extended to the publication of certain administrative measures that are applied to remedy breaches of AML/CFT requirements and to periodic penalty payments. However, any such publication should be proportionate and, in the taking of a decision whether to publish a pecuniary sanction or administrative measure, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should take into account the gravity of the breach and the dissuasive effect that the publication is likely to achieve. To that end, Member States might decide to delay the publication of administrative measures against which there is an appeal when those measures are applied to remedy a breach that is not serious, repeated or systematic.

Directive (EU) 2019/1937 of the European Parliament and of the Council(²²)Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (OJ L 305, 26.11.2019, p. 17). applies to the reporting of breaches of Directive (EU) 2015/849 relating to money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and to the protection of persons reporting such breaches, as referred to in Part II of the Annex to Directive (EU) 2019/1937. Since this Directive repeals Directive (EU) 2015/849, the reference to Directive (EU) 2015/849 in Annex II to Directive (EU) 2019/1937 should be understood as a reference to this Directive. At the same time, it is necessary to maintain tailored rules on the reporting of breaches of AML/CFT requirements that complement Directive (EU) 2019/1937, in particular, as regards the requirements for obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; to establish internal reporting channels and the identification of authorities competent to receive and follow-up on reports relating to breaches of rules relating to the prevention and fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;.

It is essential to have a new fully-integrated and coherent AML/CFT policy at Union level, with designated roles for both Union and national competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and with a view to ensure their smooth and constant cooperation. In that regard, cooperation between all national and Union AML/CFT authorities is of the utmost importance and should be clarified and enhanced. It remains the duty of Member States to provide for the necessary rules to ensure that at national level policy makers, the FIUs, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, including AMLA, and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; involved in AML/CFT, as well as tax authorities and law enforcement authorities when acting within the scope of this Directive, have effective mechanisms to enable them to cooperate and coordinate, including through a restrictive approach to the refusal by competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; to cooperate and exchange information at the request of another competent authoritymeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. Irrespective of the mechanisms put in place, such national cooperation should result in an effective system to prevent and combat money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, and to prevent the non-implementation and evasion of targeted financial sanctionsmeans both asset freezing and prohibitions to make funds or other assets available, directly or indirectly, for the benefit of designated persons and entities pursuant to Council Decisions adopted on the basis of Article 29 TEU and Council Regulations adopted on the basis of Article 215 TFEU;.

In order to facilitate and promote effective cooperation, and in particular the exchange of information, Member States should be required to communicate to the Commission and AMLA the list of their competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; and relevant contact details.

The risk of money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; can be detected by all supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; in charge of credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country;. Information of a prudential nature relating to credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; and financial institutionsmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;, such as information relating to the fitness and properness of directors and shareholders, to the internal control mechanisms, to governance or to compliance and risk management, is often indispensable for the adequate AML/CFT supervision of such institutions. Similarly, AML/CFT information is also important for the prudential supervision of such institutions. Therefore, cooperation and exchange of information with AML/CFT supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and FIU should be extended to all competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; in charge of the supervision of those obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in accordance with other Union legal instruments, such as Directives 2013/36/EU(²³)Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., 2014/49/EU(²⁴)Directive 2014/49/EU of the European Parliament and of the Council of 16 April 2014 on deposit guarantee schemes (OJ L 173, 12.6.2014, p. 149)., 2014/59/EU(²⁵)Directive 2014/59/EU of the European Parliament and of the Council of 15 May 2014 establishing a framework for the recovery and resolution of credit institutions and investment firms and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU) No 1093/2010 and (EU) No 648/2012, of the European Parliament and of the Council (OJ L 173, 12.6.2014, p. 190). and 2014/92/EU(²⁶)Directive 2014/92/EU of the European Parliament and of the Council of 23 July 2014 on the comparability of fees related to payment accounts, payment account switching and access to payment accounts with basic features (OJ L 257, 28.8.2014, p. 214). of the European Parliament and of the Council and Directive (EU) 2015/2366. To ensure the effective implementation of that cooperation, Member States should inform AMLA annually of the exchanges carried out.

Cooperation with other authorities competent for supervising credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; under Directives 2014/92/EU and (EU) 2015/2366 has the potential to reduce unintended consequences of AML/CFT requirements. Credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; might choose to terminate or restrict business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; with customers or categories of customers in order to avoid, rather than manage, risk. Such de-risking practices could weaken the AML/CFT framework and the detection of suspicious transactions, as they push affected customers to resort to less secure or unregulated payment channels to meet their financial needs. At the same time, widespread de-risking practices in the banking sector could lead to financial exclusion for certain categories of payment entities or consumers. Financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; are best placed to identify situations where a credit institutionmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; has refused to enter into a business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; despite possibly being obliged to do so on the basis of the national law implementing Directive 2014/92/EU or Directive (EU) 2015/2366, and without a justification based on the documented customer due diligence. Financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; should alert the authorities responsible for ensuring compliance by financial institutionmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country; with Directive 2014/92/EU or Directive (EU) 2015/2366 when such cases arise or where business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; are terminated as a result of de-risking practices.

Cooperation between financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; and the authorities responsible for crisis management of credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; and investment firms, in particular the Deposit Guarantee Scheme’s designated authorities and resolution authorities, is necessary to reconcile the objectives of preventing money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; under this Directive and of protecting financial stability and depositors under Directives 2014/49/EU and 2014/59/EU. Financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; should inform the designated authorities and resolution authorities under those Directives of any instance where they identify an increased likelihood of failure or the unavailability of deposits on AML/CFT grounds. Financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; should also inform those authorities of any transaction, account or business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; that has been suspended by the FIU to allow the performance of the tasks of the designated authorities and resolution authorities in cases of increased risk of failure or unavailability of deposits, irrespective of the reason for that increased risk.

To facilitate such cooperation in relation to credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; and financial institutionsmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;, AMLA, in consultation with the European Banking Authority, should issue guidelines specifying the main elements of such cooperation including how information should be exchanged.

Cooperation mechanisms should also extend to the authorities in charge of the supervision and oversight of auditors, as such cooperation can enhance the effectiveness of the Union anti-money laundering framework.

The exchange of information and the provision of assistance between competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; of Member States is essential for the purposes of this Directive. Consequently, Member States should not prohibit or place unreasonable or unduly restrictive conditions on such exchange of information or provision of assistance.

Supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; should be able to cooperate and exchange confidential information, regardless of their respective nature or status. To that end, they should have an adequate legal basis for exchange of confidential information and for cooperation. Exchange of information and cooperation with other authorities competent for supervising or overseeing obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; under other Union legal acts should not be hampered unintentionally by legal uncertainty which could stem from a lack of explicit provisions in this field. Clarification of the legal framework is even more important since prudential supervision has, in a number of cases, been entrusted to non-AML/CFT supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, such as the European Central Bank (ECB).

Information in possession of supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; might be crucial for the performance of activities of other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. To ensure the effectiveness of the Union AML/CFT framework, Member States should authorise the exchange of information between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and other competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. Strict rules should apply in relation to the use of confidential information exchanged.

The effectiveness of the Union AML/CFT framework relies on cooperation between a wide array of competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. To facilitate such cooperation, AMLA should be entrusted to develop guidelines in coordination with the ECB, the European Supervisory Authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor;, Europol, Eurojust, and EPPO on cooperation between all competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;. Such guidelines should also describe how authorities competent for the supervision or oversight of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; under other Union legal acts should take into account money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; concerns in the performance of their duties.

Regulation (EU) 2016/679 applies to the processing of personal data for the purposes of this Directive. Regulation (EU) 2018/1725 of the European Parliament and of the Council(²⁷)Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39). applies to the processing of personal data by the Union institutions, bodies, offices and agencies for the purposes of this Directive. The fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; is recognised as an important public interest ground by Member States. However, competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing; responsible for investigating or prosecuting money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, its predicate offences or terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, or those which have the function of tracing, seizing or freezing and confiscating criminal assets should respect the rules pertaining to the protection of personal data processed in the framework of police and judicial cooperation in criminal matters, including Directive (EU) 2016/680 of the European Parliament and of the Council(²⁸)Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89)..

It is essential that the alignment of this Directive with the revised FATF Recommendations is carried out in full compliance with Union law, in particular as regards Union data protection law, including rules on data transfers, as well as the protection of fundamental rights as enshrined in the Charter. Certain aspects of the implementation of this Directive involve the collection, analysis, storage and sharing of data within the Union and with third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;. Such processing of personal data should be permitted, while fully respecting fundamental rights, only for the purposes laid down in this Directive, and for the activities required under this Directive, such as the exchange of information among competent authoritiesmeans:a Financial Intelligence Unit (FIU);a supervisory authority;a public authority that has the function of investigating or prosecuting money laundering, its predicate offences or terrorist financing, or that has the function of tracing, seizing or freezing and confiscating criminal assets;a public authority with designated responsibilities for combating money laundering or terrorist financing;.

The rights of access to data by the data subject are applicable to the personal data processed for the purpose of this Directive. However, access by the data subject to any information related to a suspicious transaction report would seriously undermine the effectiveness of the fight against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;. Exceptions to and restrictions of that right in accordance with Article 23 of Regulation (EU) 2016/679 and, where relevant, Article 25 of Regulation (EU) 2018/1725, might therefore be justified. The data subject has the right to request that a supervisory authoritymeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; as referred to in Article 51 of Regulation (EU) 2016/679 or, where applicable, the European Data Protection Supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, check the lawfulness of the processing and has the right to seek a judicial remedy as referred to in Article 79 of that Regulation. The supervisory authoritymeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; referred to in Article 51 of Regulation (EU) 2016/679 can also act on an ex officio basis. Without prejudice to the restrictions on the right to access, the supervisory authoritymeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; should be able to inform the data subject that it has carried out all necessary verifications, and of the result as regards the lawfulness of the processing in question.

In order to ensure continued exchange of information between FIUs during the period of set-up of AMLA, the Commission should continue to host the FIU.net on a temporary basis. To ensure full involvement of FIUs in the operation of the system, the Commission should regularly exchange with the EU Financial Intelligence Units’ Platform (the ‘EU FIUs’ Platform’), an informal groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; composed of representatives from FIUs and active since 2006, and used to facilitate cooperation among FIUs and exchange views on cooperation-related issues.

Regulatory technical standards should ensure consistent harmonisation across the Union. As the body with highly specialised expertise in the field of AML/CFT, it is appropriate to entrust AMLA with the elaboration, for submission to the Commission, of draft regulatory technical standards which do not involve policy choices.

In order to ensure consistent approaches among FIUs and among supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, the power to adopt acts in accordance with Article 290 TFEU should be delegated to the Commission in respect of defining indicators to classify the level of gravity of failures to report adequate, accurate and up-to-date information to the central registers. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making(²⁹)OJ L 123, 12.5.2016, p. 1.. In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; dealing with the preparation of delegated acts.

The Commission should be empowered to adopt regulatory technical standards developed by AMLA specifying the relevance and selection criteria when determining whether a suspicious transaction report concerns another Member State; setting out benchmarks and methodology for assessing and classifying the inherent and residual risk profile of obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; and the frequency of risk profile reviews; setting out the criteria for determining the circumstances of appointment of a central contact point of certain services providers and the functions of the central contact points; specifying duties of the home and host supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, and the modalities of cooperation between them; specifying the general conditions for the functioning of the AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; in the financial sector, the template for the written agreement to be signed by financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions;, any additional measure to be implemented by the colleges when groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; include obliged entitiesmeans a natural or legal person listed in Article 3 of Regulation (EU) 2024/1624 that is not exempted in accordance with Article 4, 5, 6 or 7 of that Regulation; in the non-financial sectormeans the obliged entities listed in Article 3, point (3), of Regulation (EU) 2024/1624; and conditions for the participation of financial supervisorsmeans a supervisor in charge of credit institutions and financial institutions; in third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;; specifying he general conditions for the functioning of the AML/CFT supervisory collegesmeans a permanent structure for cooperation and information sharing for the purposes of supervising a group or an entity that operates in a host Member State or third country; in the non-financial sectormeans the obliged entities listed in Article 3, point (3), of Regulation (EU) 2024/1624;, the template for the written agreement to be signed by non-financial supervisorsmeans a supervisor in charge of the non-financial sector;, conditions for the participation of non-financial supervisorsmeans a supervisor in charge of the non-financial sector; in third countriesmeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; and any additional measure to be implemented by the colleges when groupsmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; include credit institutionsmeans:a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country; or financial institutionsmeans:an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338)., including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1)., insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).;Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).a collective investment undertaking, in particular:an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34). and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37) Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).;Directive 2014/17/EU of the European Parliament and of the Council of 4 February 2014 on credit agreements for consumers relating to residential immovable property and amending Directives 2008/48/EC and 2013/36/EU and Regulation (EU) No 1093/2010 (OJ L 60, 28.2.2014, p. 34).Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;a crypto-asset service provider;a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;; setting out indicators to classify the level of gravity of breaches of this Directive, criteria to be taken into account when setting the level of pecuniary sanctions or applying administrative measures and a methodology for the imposition of periodic penalty payments. The Commission should adopt those regulatory technical standards by means of delegated acts pursuant to Article 290 TFEU and in accordance with Article 49 of Regulation (EU) 2024/1620.

In order to ensure uniform conditions for the implementation of this Directive, implementing powers should be conferred on the Commission in order to lay down a methodology for the collection of statistics; establish the format for the submission of beneficial ownership information to the central register; define technical specifications and procedures necessary for the implementation of access to beneficial ownership information on the basis of a legitimate interest by the central registers; establish the format for the submission of the information to the centralised automated mechanisms; set out the technical specifications and procedures for the connection of Member States’ centralised automated mechanisms to BARIS; set out technical specifications and procedures necessary to provide for the interconnection of Member States’ central registers; and set out technical specifications and procedures necessary to provide for the interconnection of Member States’ centralised automated mechanisms. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council(³⁰)Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13)..

The Commission should be empowered to adopt implementing technical standards developed by AMLA specifying the format to be used for the exchange of the information among FIUs of Member States as well as specifying the template to be used for the conclusion of cooperation agreements between Union supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and third-country counterparts. The Commission should adopt those implementing technical standards by means of implementing acts pursuant to Article 291 TFEU and in accordance with Article 53 of Regulation (EU) 2024/1620.

This Directive respects the fundamental rights and observes the principles recognised by the Charter, in particular the right to respect for private and family life, the right to the protection of personal data and the freedom to conduct a business.

Equality between women and men, and diversity are fundamental values of the Union, which it sets out to promote across the whole range of Union actions. While progress has been made in those areas, more is needed to achieve balanced representation in decision-making, whether at Union or at national level. Without prejudice to the primary application of merit-based criteria, when appointing the heads of their national supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor; and FIUs, Member States should seek to ensure gender balance, diversity and inclusion, and take into account, to the extent possible, intersections between them. Member States should strive to ensure balanced and inclusive representation also when selecting their representatives to the General Boards of AMLA.

When drawing up a report evaluating the implementation of this Directive, the Commission should give due consideration to the respect of the fundamental rights and principles recognised by the Charter.

The judgement of the Court of Justice in Joined Cases C-37/20 and C-601/20, WM and Sovim SA v Luxembourg Business Registers(³¹)Judgment of the Court of Justice of 22 November 2022, WM and Sovim SA v Luxembourg Business Registers, Joined Cases C-37/20 and C-601/20, ECLI:EU:C:2022:912., annulled the amendment made by Directive (EU) 2018/843 to Article 30(5) of Directive (EU) 2015/849 insofar as it required Member States to ensure that information on the beneficial ownership of companies and of other legal entities incorporated within their territory is accessible in all cases to any member of the general public. In order to ensure legal clarity, it is important to adapt that provision by clarifying that only persons or organisations with legitimate interest should be able to access that information. The same condition should apply to the access to information on beneficial ownership of trusts or similar legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. Directive (EU) 2015/849 should therefore be amended. The implications of that judgement extend beyond Article 30(5) of Directive (EU) 2015/849 and are similar for the provisions regulating access to beneficial ownership information of legal arrangementsmeans an express trust or an arrangement which has a similar structure or function to an express trust, including fiducie and certain types of Treuhand and fideicomiso;. In order to ensure that the Union framework strikes the right balance between the protection of fundamental rights and the pursuit of a legitimate objective of general interest such as the protection of the Union’s financial system against money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, it is therefore appropriate to introduce amendments to Article 31(4) of Directive (EU) 2015/849. Member States should be granted one year from the date of entry into force of this Directive to bring into force the necessary laws, regulations and administrative measures to transpose those amendments. Given the importance of ensuring a proportionate Union AML/CFT framework, Member States should make every effort to transpose those amendments as soon as possible before that deadline.

Given the need to urgently implement a harmonised approach to the access to central registers on the basis of the demonstration of a legitimate interest, the relevant provisions should be transposed by Member States by 10 July 2026. However, since the initial period of the new regime for access on the basis of the demonstration of a legitimate interest will likely see a peak in demands to be processed by the entities in charge of the central registers, the deadlines for the granting of access should not apply for the first 4 months of application of the new regime. Member States should set up single access points for information on real estate registers by 10 July 2029. Centralised automated mechanisms allowing the identification of holders of bank accounts or payment accounts, securities accountsmeans a securities account as defined in Article 2(1), point (28), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(36) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).;Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directives 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1)., crypto-asset accountsmeans a crypto-asset account as defined in Article 3, point (19), of Regulation (EU) 2023/1113; and accounts and safe-deposit boxes should also be interconnected by that date.

Since the objectives of this Directive, namely the establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; of a coordinated and coherent mechanism to prevent money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances;, cannot be sufficiently achieved by the Member States but can rather, by reason of the scale and the effects of the action, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Directive does not go beyond what is necessary in order to achieve those objectives.

In accordance with the Joint Political Declaration of 28 September 2011 of Member States and the Commission on explanatory documents(³²)OJ C 369, 17.12.2011, p. 14., Member States have undertaken to accompany, in justified cases, the notification of their transposition measures with one or more documents explaining the relationship between the components of a directive and the corresponding parts of national transposition instruments. With regard to this Directive, the legislator considers the transmission of such documents to be justified.

The European Data Protection Supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; has been consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 and delivered an opinion on 22 September 2021(³³)OJ C 524, 29.12.2021, p. 10..

Directive (EU) 2015/849 should therefore be repealed,