Source: AMLA consultation paper draft

EN

Article 5 Criteria to be taken into account when applying the administrative measures listed under this Regulation

This is a draft act

This text has been parsed from the AMLA consultation paper draft as published on 9 February 2026. While we run a suite of validations, the automated parsing can result in errors. Also, before it is finally adopted by the Commission, its wording, numbering and references may change, and entire articles might be removed or added.

    1. To set the type of administrative measure, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; shall, after assessing the indicators specified in Article 1 and 2, take into account:

      1. the circumstances referred in Article 53(6) of Directive (EU) 2024/1640, and

      2. the criteria specified in paragraphs 2 to 4.

    1. When considering whether to restrict or limit the business, operations or network of institutions comprising the obliged entity, or requiring the divestment of activities as referred to in Article 56(2), point (e), of Directive (EU) 2024/1640, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; shall take into account each of the following criteria, to the extent that they apply:

      1. the level of gravity is classified pursuant to Article 2 as category three or four;

      2. whether such a measure is capable of mitigating the actual impact or preventing a potential impact by assessing the indicators specified in Article 1, points (e), (g), (i) or (j);

      3. the extent to which the business, operations or network of institutions comprising the obliged entity are affected by the breach or the potential breach;

      4. the extent to which the measure could have a negative impact on customers or stakeholders;

      5. any other criteria identified by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;.

    1. When considering whether to withdraw or suspend an authorisation as referred to in Article 56(2), point (f), of Directive (EU) 2024/1640, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; shall take into account each of the following criteria, to the extent that they apply:

      1. the level of gravity is classified pursuant to Article 2 as category three or four;

      2. whether such a measure is capable of mitigating the actual impact or preventing a potential impact by assessing the indicators specified in Article 1, points (e), (g), (i) or (j);

      3. the conduct of the natural person or legal person held responsible;

      4. whether there is a structural failure within the obliged entity, with regards to AML/CFT systems and controls and policies or a material failure of the entity to put in place adequate AML/CFT systems and controls;

      5. any other criteria identified by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;.

    1. When considering the need for a change in the governance structure as referred to in Article 56(2), point (g), of Directive (EU) 2024/1640, supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; shall take into account each of the following criteria to the extent that they apply:

      1. the level of gravity is classified pursuant to Article 2 as category three or four;

      2. the conduct of the natural person or legal person held responsible;

      3. the natural person or legal person held responsible has not cooperated with the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; or took actions aimed at partially or fully concealing the breach to the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; or at misleading the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;, or the absence of remedial actions since the breach was identified, either by the natural person of legal person held responsible or by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;;

      4. the internal policies, procedures and controls put in place by the obliged entity are ineffective;

      5. any other additional information, where appropriate, including information from a financial intelligence unit, from a prudential supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; or any other authority or from a judicial authority;

      6. any other criteria identified by the supervisormeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620;.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod