Source: AMLA final report draft
- Anti-money laundering
AML 6 directive supplemental acts
- RTS on assessment of inherent and residual risk of obliged entities
Article 1 Definitions
This is a draft act
This text has been parsed from the AMLA final report draft as published on 16 December 2025. While we run a suite of validations, the automated parsing can result in errors. Also, before it is finally adopted by the Commission, its wording, numbering and references may change, and entire articles might be removed or added.
Summary What does Article 1 of the RTS on assessment of inherent and residual risk of obliged entities say?
This is the definitions article, establishing the precise meaning of the two core risk concepts that underpin the entire regulation.
It draws a clear distinction between inherent risk and residual risk in the context of AML/CFT supervision of credit and financial institutions.
These definitions are foundational, as every subsequent article — covering how supervisors assess, score, and classify institutions — depends on understanding exactly what these two terms mean.
The scope of which entities qualify as credit institutions or financial institutions is also embedded within these definitions, referencing a wide range of EU financial sector legislation.
Important points:
- Inherent risk is the ML/TF risk an institution faces based on its products, services, customers, jurisdictions, and distribution channels, measured before any internal controls are applied.
- Residual risk is what remains after the institution has put its AML/CFT policies, procedures, systems, and controls in place.
- The distinction between these two concepts is the engine of the risk-scoring methodology set out in Articles 2, 3, and 4.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
For the purposes of this Regulation, the following definitions shall apply:
‘inherent risk’ means the risk of money laundering and terrorist financing to which a credit institution or financial institution is exposed, because of the products, services and type of transactions it offers, the customers it serves, the jurisdictions in which it operates and the distribution channels it uses to serve its customers, before any mitigating measures have been applied by that credit institution or financial institution;
‘residual risk’ means the risk of money laundering and terrorist financing to which a credit institution or financial institution remains exposed, after it has put in place policies, procedures, systems and controls to mitigate inherent risk.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
crypto-asset services
Definition
residual risk
Definition
financial mixed activity holding company
Definition
inherent risk
Definition
crypto-asset service provider
Definition
credit institution
- a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;
- a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
crypto-asset
Definition
property
Definition
terrorist financing
Definition
money laundering
Definition
financial institution
- an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32), including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;
- an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33), insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;
- an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;
- an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34);
- a collective investment undertaking, in particular:
- an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;
- an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;
- a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35);
- a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37);
- a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;
- a crypto-asset service provider;
- a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
third country
Definition
funds