In 2026, the AMLA is already redefining how compliance departments, MLROs, RCCI/RSCI and AML-CFT in preparation for future audits. With Regulation (EU) 2024/1620 establishing the AMLA, the European Union is establishing an authority dedicated to combating money laundering and terrorist financing. For regulated entities, this development translates into very concrete requirements: more reliable customer data , better-documented decisions, and KYC / KYB / KYT and transaction monitoring that is easier to justify.
At AP Solutions IO, we approach this evolution with a clear conviction: robust compliance must be demonstrable. Teams must understand alerts, explain scores, trace decision-making, and produce actionable insights for audits. Our RegTech, based on Glass Box augmented intelligence, addresses this need for control without turning compliance into a black box.
What is AMLA: Mission, Headquarters, and Jurisdiction
TheAMLA, the European authority dedicated to combating money laundering and terrorist financing, aims to strengthen AML-CFT supervision within the European Union. It operates in three key areas: harmonizing practices, coordinating national authorities, and supporting financial intelligence units. Its role is to reduce disparities in implementation among Member States within a European framework of AML-CFT compliance framework that is now more integrated.
Its headquarters are located in Frankfurt, at the MesseTurm. This location places the authority in direct contact with a major European financial center. For banks, financial institutions, and cross-border groups, it confirms the importance the European Union attaches to AML-CFT supervision.
TheAMLA does not replace the internal obligations of supervised entities. It adds a European level of coordination, oversight, and documentation requirements. Institutions will therefore need to demonstrate the quality of their systems, explain their decisions, and produce, without manual reprocessing, auditable evidence in preparation for an inspection.
The Regulation (EU) 2024/1620 establishing AMLA is part of a broader overhaul of the European anti-money laundering. National practices that are too disparate will become harder to justify. A group operating in multiple countries will have to demonstrate that its risk assessment, controls, and tools remain consistent across markets.
AMLA Timeline: Key Dates Between 2025 and 2028
TheAMLA officially began operations on July 1, 2025, following the designation of Frankfurt as its headquarters in 2024. This first step marks the beginning of a structuring phase focused on supervisory methods, risk models, cooperation with national authorities, and preparation for the future scope of direct supervision.
The year 2026 is primarily devoted to structuring this ramp-up. TheAMLA is working on methodologies, criteria for identifying the entities concerned, and the data exchanges necessary for selecting supervised entities. In May 2026, it published a reporting document intended to prepare for the identification of provisionally eligible entities.
The selection of the first entities to be directly supervised must take place in 2027. Direct supervision will begin in 2028. This timeline leaves little leeway for organizations that need to review their data, internal policies, and detection tools.
Starting in 2028, theAMLA plans to directly supervise 40 European financial institutions with a significant geographic footprint and a high level of risk. This initial scope may seem limited, but its impact will extend beyond the entities directly supervised. The standards defined at the European level will gradually shape the controls carried out by national authorities.
For a compliance department, the work begins well before 2028. Risk mapping, quality of customer data, sanctions screening, management of politically exposed persons, transactional monitoring and documentation of trade-offs: every component of the system must be able to withstand a European interpretation of AML-CFT.
Which entities will be directly supervised by the AMLA?
The direct supervision is primarily aimed at high-risk financial entities when they engage in significant cross-border activities. Credit institutions, financial institutions, groups operating in multiple Member States, and entities exposed to AML-CFT will need to closely monitor developments in this regulatory framework.
The first group will include 40 entities. This does not mean that the other taxpayers will be left out. National authorities, including theACPR, will gradually incorporate European methods, expectations, and standards into their own supervisory processes. A French institution not directly supervised by theAMLA may therefore be indirectly affected by the increasing harmonization of supervisory practices.
The most exposed entities will first need to verify the consistency of their systems KYC / KYB / KYT, from the establishment of the relationship through to remediation. They will also need to assess the quality of sanctions screening, politically exposed persons, and their transaction monitoring.
Accountability will become a key focus: scores, dismissed alerts, closed investigations, or decisions to close cases must all be explainable. The policies applied across subsidiaries, countries, business lines, and channels must remain consistent, with clear traceability of controls, escalations, and any reports.
A system AML-CFT cannot be judged by the volume of alerts generated. It is measured by the quality of the screening, the soundness of the reasoning, and the institution’s ability to explain its decisions.
Impact on French compliance officers: what’s changing
For compliance officers and French compliance officers, theAMLA strengthens requirements in three areas: consistency of systems, data quality, and auditability of decisions. Audits will no longer be limited to verifying the existence of a formalized procedure. They will focus more on the actual effectiveness of the system and on evidence of that effectiveness.
The challenges are already well known in the field: an excessive volume of alerts, numerous false positives, incomplete customer files, delayed remediation, inconsistent risk criteria, or tools that are difficult to audit. These weaknesses unnecessarily tie up analysts’ time and reduce the time available for high-value-added investigations.
AP Solutions IO operates specifically across this entire compliance chain. AP Scan, AP Scoring, AP Monitoring and AP Filter provide a framework for filtering, scoring, continuous monitoring, detection of sanctions exposure, and alert tracking. The Glass Box makes criteria understandable, decisions explainable, and results actionable in the face of an auditor.
The goal is not to add yet another tool to an already demanding process. Rather, it is to provide compliance teams with a reliable foundation for documenting their decisions, reducing false positives, and maintaining full control over the reasoning applied. With more than 90 configurable criteria, an API-interoperable SaaS architecture, and hosting in France , and a system compliant with GDPR, AP Solutions IO helps data controllers build a more robust compliance framework.
AMLA and ACPR: Coordination Between European and National Supervision
TheAMLA does not diminish the role of theACPR ; the two levels of supervision will coexist. TheAMLA coordinates, harmonizes, and directly supervises certain entities. TheACPR retains its role with regard to French institutions, particularly in terms of inspections, follow-up actions, and the assessment of national systems.
This interplay requires a more nuanced interpretation of the requirements. A system must remain compliant with French law while also being understandable within a European framework. Risk matrices, internal policies, alert scenarios, and reporting will therefore need to be better aligned.
To better understand the relationship between national and European supervision, our analysis of the ACPR places French requirements within this EU framework. Our article on the FATF complements this reading, as international recommendations continue to influence European legislation. Our AML-CFT and our compliance glossary also help standardize the terminology used by teams.
The key point to keep in mind is clear: a system that complies with local regulations but is difficult to compare or explain will be harder to defend during an audit. Institutions must therefore ensure greater consistency in their data, rules, and supporting documentation.
Prepare for AMLA compliance with AP Solutions IO
Preparing for the requirements AMLA begins not so much with the choice of a tool as with a rigorous review of what the organization can demonstrate. The compliance departments must identify weak areas before they become audit findings.
AP Solutions IO helps you first improve the traceability of decisions AML-CFT, from initial screening to alert handling. We also support you in optimizing the accuracy of your screening, with a reduction in false positives of up to 98% in certain documented use cases. The Glass Box technology also meets the transparency requirements set forth in the European regulation onArtificial Intelligence, where applicable.
With AP Solutions IO, you have a French solution designed by AML with over 15 years of experience. Our open, multilingual, no-code architecture is interoperable via API integrates with your information system. Regular updates, built-in regulatory monitoring, and hosting in France strengthen the sovereignty, security, and continuity of your systems.
Our role is to help you anticipate the upcoming requirements of theAMLAand theACPR and Tracfin, with documented and demonstrable compliance. Your teams gain greater operational transparency, reduce unnecessary processing, and have a stronger foundation in the event of an audit.
AMLA 2026 FAQ
What is AMLA?
TheAMLA is the European authority dedicated to combating money laundering and terrorist financing. It coordinates national authorities and supports financial intelligence units , and will directly supervise certain high-risk financial entities.
When will the AMLA begin its direct supervision?
The direct supervision must begin in 2028. The 2026–2027 period is dedicated to developing methodologies, collecting the necessary data, and identifying entities eligible for direct supervision.
How many entities will be directly supervised by the AMLA?
TheAMLA plans to directly supervise 40 European financial institutions starting 2028.
Are French taxpayers who are not directly supervised affected?
Yes. Even without direct supervision, French entities will need to anticipate the gradual alignment of national practices with European standards, particularly through theACPR.
How can AP Solutions IO help you prepare for the AMLA requirements?
AP Solutions IO helps you strengthen your KYCand KYB, KYT, sanctions filtering, PEP screening and transaction monitoring, using explainable, traceable, and auditable technology. To assess your level of readiness, you can request a demonstration of the AP Scan, AP Scoring, AP Monitoring or AP Filter in your compliance environment.
