Technology Seen as Critical to Stronger AML/CFT Enforcement in EU

Key Takeaways

• Technology’s Potential: The EBA finds that technology can significantly enhance AML/CFT supervision in the EU by improving data quality, speeding up risk assessments, and enabling more efficient, data-driven oversight.
• Adoption Status: Of identified tools, 47% are in production, 38% are in development, and 15% are still in exploratory stages, with most launched in the past three years.
• Challenges Identified: Barriers include poor data quality, limited resources, legal uncertainty, operational risks, and cultural resistance to change.
• Best Practices: Successful strategies include fostering a digital-first culture, strong data governance, use of synthetic data for privacy, needs-driven tool development, and clear performance metrics.
• Role of AMLA: The new EU AML/CFT Authority is expected to drive standardization, cross-border cooperation, and pooled resources to scale effective technology solutions.

Deep Dive

The European Banking Authority (EBA) has found that supervisory technology, or SupTech, has the potential to make anti-money laundering and countering the financing of terrorism (AML/CFT) supervision more efficient, data-driven, and risk-focused across the EU, but warns that adoption is still in its early stages and not without challenges.

The EBA’s latest report takes stock of how national competent authorities (NCAs) are using SupTech to strengthen oversight under the EU’s new AML/CFT framework, which took effect in June 2024. At the heart of this framework is the newly created Anti-Money Laundering and Countering the Financing of Terrorism Authority (AMLA), tasked with coordinating AML/CFT supervision across Member States and promoting consistent application of EU rules.

The EBA’s findings draw from a November 2024 survey of 31 NCAs in 25 Member States (plus three from outside the EU) and a dedicated January 2025 workshop run in partnership with the European Commission’s AMLA Task Force. Together, these initiatives explored how technology can help regulators adapt to the new institutional landscape and improve supervision of obliged entities.

Early-Stage Adoption with Promising Results
While SupTech deployments for AML/CFT remain nascent, momentum is building. The EBA found that 47% of identified tools are already in production, 38% are in development, and 15% remain in exploratory phases. Most were initiated within the last three years, focusing on high-volume data tasks such as storage, analysis, visualization, and automation.

Authorities reported tangible benefits, including improved data quality, faster and more accurate risk assessments, greater operational efficiency, and stronger collaboration across jurisdictions. Tools showcased during the workshop ranged from blockchain analytics platforms for crypto transaction monitoring to AI-driven risk assessment engines and automated inspection planning systems.

Despite these gains, most authorities described themselves as only “moderately prepared” to integrate SupTech fully into their supervisory models. Key obstacles include:

• Data quality and governance issues stemming from fragmented, incomplete, or inconsistent datasets.
• Resource constraints, including limited budgets, legacy IT systems, and shortages of skilled data science and AML/CFT experts.
• Legal uncertainty around data protection and liability in automated decision-making.
• Operational risks related to opaque algorithms and potential system failures.
• Cultural and organizational resistance to adopting digital-first approaches.
• Limited cross-border cooperation on tool development, risking duplication and interoperability problems.

The report highlights strategies that have helped some authorities overcome adoption barriers. These include fostering a digital-first culture through training and leadership support, adopting structured change management frameworks, building robust data governance models, and using synthetic data to safeguard privacy while enabling innovation.

Authorities also stressed the importance of a needs-driven approach, ensuring tools are developed to solve concrete supervisory challenges rather than to chase technology trends, and setting clear performance metrics to evaluate impact.

On the collaboration front, some NCAs are piloting secure data exchange platforms with AI and natural language processing to improve cross-border cooperation, complemented by privacy-preserving technologies such as federated learning.

What’s Next Under the New Framework

The EBA emphasizes that SupTech’s success under the new AML/CFT regime will depend on tailoring solutions to the operational realities of each supervisory authority, embedding strong data protection safeguards, and ensuring interoperability for cross-border cooperation.

While the diversity of national approaches risks duplication and missed opportunities, AMLA’s central role could help pool resources, promote standardization, and support joint projects, laying the groundwork for scalable, legally compliant, and secure supervisory technology.

As the report concludes, “The future of AML/CFT supervision in the EU depends on the successful integration of SupTech, enabling authorities to stay ahead of emerging financial crime risks and ensuring the EU remains a global leader in the fight against financial crime.”

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.