Source: AMLA consultation paper draft

EN

Article 15 Additional Measures

This is a draft act

This text has been parsed from the AMLA consultation paper draft as published on 16 April 2026. While we run a suite of validations, the automated parsing can result in errors. Also, before it is finally adopted by the Commission, its wording, numbering and references may change, and entire articles might be removed or added.

  1. Without prejudice to any measures taken under Articles 16 of Regulation (EU) 2024/1624 and this Regulation, the parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; in the Union or an obliged entity shall take one or more of the following additional measures pursuant to Article 10(2), Article 11(2), Article 12(2), and Article 14(2) of this Regulation respectively:

    1. ensuring that its branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; restricts the nature and type of products and services provided by the branch or subsidiary in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; to those that present a low money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risk and have a low impact on the group's risk exposure;

    2. ensuring that other obliged entities of the same groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU; do not rely on customer due diligence measures carried out by a branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, but instead carry out customer due diligence on any customer of a branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; who wishes to be provided with products or services by any other branch or subsidiary of the same groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;;

    3. carrying out enhanced reviews, including, where this is commensurate with the money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risk associated with the operation of the branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, on-site checks or ordering the performance of independent audits, to be satisfied that the branch or subsidiary effectively identifies, assesses and manages the money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risks;

    4. ensuring that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; seek prior approval from the senior managementmeans the members of the management body in its management function, as well as officers and employees with sufficient knowledge of the obliged entity’s money laundering and terrorist financing risk exposure and sufficient seniority to take decisions affecting its risk exposure; of the parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; or the obliged entity for the establishmentmeans the actual pursuit by an obliged entity of an economic activity covered by Article 3 in a Member State or third country other than the country where its head office is located for an indefinite period and through a stable infrastructure, including:a branch or subsidiary;in the case of credit institutions and financial institutions, an infrastructure qualifying as an establishment under prudential regulation; and maintenance of higher-risk business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration;, or for carrying out of higher-risk occasional transactions;

    5. ensuring that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; determine and document the source of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; and wealth and, where applicable, the destination of fundsor ‘property’ means property as defined in Article 2, point (2), of Directive (EU) 2018/1673; to be used in the business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; or occasional transaction;

    6. ensuring that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; carry out enhanced ongoing monitoring of the business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; including enhanced transaction monitoring, until the branches or subsidiaries are reasonably satisfied that they understand the money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; risk associated with the business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration; and enhanced ongoing monitoring is no longer needed in view of the risk situation;

    7. ensuring that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; share with the parent undertakingmeans:for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:is an obliged entity;is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; andis given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation; or the obliged entity the underlying suspicious transaction report information that gave rise to the knowledge, suspicion or reasonable grounds to suspect that money launderingmeans the conduct set out in Article 3, paragraphs 1 and 5, of Directive (EU) 2018/1673 including aiding and abetting, inciting and attempting to commit that conduct, whether the activities which generated the property to be laundered were carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; and terrorist financingmeans the conduct set out in Article 11 of Directive (EU) 2017/541 including aiding and abetting, inciting and attempting to commit that conduct, whether carried out on the territory of a Member State or on that of a third country; knowledge, intent or purpose required as an element of that conduct may be inferred from objective factual circumstances; was attempted or occurred, such as facts, transactions, circumstances and documents upon which the knowledge or suspicions are based, including personal data to the extent permissible under the law of the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;;

    8. carrying out enhanced ongoing monitoring of any customer and, where applicable, beneficial ownermeans any natural person who ultimately owns or controls a legal entity or an express trust or similar legal arrangement; of a customer of a branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; who is known to have been the subject of a suspicious transaction report filed by another entity within the same groupmeans a group of undertakings which consists of a parent undertaking, its subsidiaries, as well as undertakings linked to each other by a relationship within the meaning of Article 22 of Directive 2013/34/EU;;

    9. ensuring that their branches or subsidiaries established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; keep the risk profile and due diligence information related to a customer of a branch or subsidiary established in the third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime; up-to-date and secure as long as legally possible, and in any case for at least the duration of the business relationshipmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration;.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod