Article 10 Reasonable measures for verification of the beneficial owner


This is a draft act

This text has been parsed from the AMLA consultation paper draft as published on 9 February 2026. While we run a suite of validations, the automated parsing can result in errors. Also, before it is finally adopted by the Commission, its wording, numbering and references may change, and entire articles might be removed or added.

Summary What does Article 10 of the RTS on customer due diligence say?

This article directly supports the verification requirements set out in Article 22(7), point (b), of Regulation (EU) 2024/1624, by specifying what "reasonable measures" actually look like in practice when verifying the identity of beneficial owners or persons on whose behalf a transaction is carried out.

Rather than leaving that standard undefined, the article gives obliged entities two concrete routes to choose from: consulting accessible public registers and national systems, or gathering information from the customer or reliable third-party sources.

The breadth of acceptable third-party sources is notable, ranging from credit agencies and utility bills to confirmation from other regulated financial institutions and certified documents from legal entities or arrangements.

Important points:

  • Use at least one of the specified verification routes — public registers or third-party information gathering — to satisfy the reasonable measures standard for beneficial owner verification.
  • When relying on information from credit or financial institutions, ensure that the information collected confirms the beneficial owner has already been identified and verified by that institution.
  • Documents sourced from a legal entity or legal arrangement are only acceptable where the identity of the named beneficial owner is certified by persons authorised for document certification purposes.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

  1. The reasonable measures referred to in Article 22(7), point (b), of Regulation (EU) 2024/1624 shall include at least one of the following:

    1. consulting public registers, other than the central registers, or other reliable national systems that contain the information necessary to verify the identity of the beneficial owner, or the person on whose behalf or for the benefit of whom the transaction or activity is being carried out, such as the residence register, tax register, passport database and the land register, to the extent that these are accessible to obliged entities; or

    2. collecting information from the customer or other sources, which may include third-party sources such as:

      1. reputable credit agencies and/or comparable reputable data services providers;

      2. utility bills;

      3. up-to-date information from credit or financial institutions as defined in Article 3, paragraphs (1) and (2), of Regulation (EU) 2024/1624. The collected information shall confirm that the beneficial owner or the person on whose behalf or for the benefit of whom a transaction or activity is being carried out has been identified and verified by the respective institution;

      4. documents from the legal entity or the legal arrangement where the beneficial owner is named, and where the identity of the named person is certified by persons that are authorised for document certification purposes.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod