.svg)
On 24 March 2026, the European Union’s (EU) new Anti-Money Laundering Authority (AMLA) will host its first public hearing on draft technical standards under the new AML Regulation (AMLR).
At first glance, it may seem like just another regulatory consultation.
But the topics being discussed reveal something more significant. These technical standards will help determine when AML checks are triggered, how customer due diligence should be applied, and how transactions must be monitored across the EU and in relation to clients and transactions involving the EU.
In other words, they begin translating the vision of a single European AML rulebook into an operational reality.
And that raises an important question.
If regulation is becoming more harmonised across Europe and beyond, why do so many compliance environments remain fragmented?
Harmonisation promises simplicity. Reality is often more complicated.
The implementation of AMLA as a single governing authority and AMLR as a single rulebook was designed with a clear goal: harmonising the approach to anti-money laundering across borders, supervisory authorities, financial institutions, and compliance teams.
The expectation is that this rationalisation will drive better outcomes. Clearer supervision. More consistent compliance expectations. Stronger detection of financial crime.
But achieving that promise by 2028 will require financial institutions to confront a difficult reality.
Many compliance environments were never designed for harmonisation.
Over time, organisations have accumulated layers of technology, processes, and operational workarounds in response to evolving regulatory demands. Systems for screening, monitoring, and customer due diligence often operate independently. Data is spread across platforms. Risk policies differ across jurisdictions. Investigations frequently rely on manual processes and disconnected datasets.
The scale of the challenge is significant. The Napier AI / AML Index 2025–2026 estimates that global money laundering losses exceed $5.5 trillion each year, highlighting both the economic impact of financial crime and the urgent need for more effective, data-driven compliance approaches.
Which leads to a fundamental question: if regulation is streamlining, is this the catalyst for technology harmonisation as well?
Tackling legacy technology debt
One of the first priorities for compliance leaders will be addressing legacy infrastructure.
AML programmes have often evolved through incremental remediation projects rather than deliberate redesign: new tools are added to solve specific regulatory requirements; rules are layered on top of older systems; and data flows between platforms that were never intended to operate together.
This approach may solve immediate compliance challenges, but it also creates operational inefficiency and technical debt.
The AMLA implementation timeline offers an opportunity to break that cycle. Instead of continuing with reactive fixes, institutions can treat the upcoming enforcement deadline as a catalyst for broader transformation.
That means redesigning the compliance operating model end-to-end: consolidating tooling, strengthening data foundations, and building a holistic customer view that connects insights across Customer Due Diligence (CDD), Know Your Customer (KYC), name and payment screening, and transaction monitoring.
Automation with accountability
Another important shift within the AML Regulation is the explicit encouragement of AI in financial crime compliance.
For the first time under EU law, AI is recognised as a legitimate tool for improving detection and reducing false positives. However, the regulation also makes clear that automation must operate within defined guardrails.
High-risk processes such as sanctions screening must retain human oversight, and institutions must be able to explain decisions supported by AI systems.
In practice, this means distinguishing between AI copilots that support investigators and fully autonomous decision-making systems. AI must enhance compliance operations while maintaining transparency, accountability, and meaningful human intervention. Systems therefore need to prioritise explainability, ensuring every recommendation can be traced back to the evidence behind it.
Making the risk-based approach operational
AMLA’s supervisory model also reinforces the importance of operationalising the risk-based approach.
From 2028 onwards, the authority will directly supervise a group of high-risk cross-border financial institutions. These organisations will be expected to demonstrate that risk-based compliance is embedded within their operational systems, not simply documented in policy.
Technology therefore needs to support both consistency and flexibility. Institutions must be able to maintain alignment with a single European rulebook while still reflecting local risk appetite and jurisdictional nuances.
Multiple configurations for screening and monitoring will become essential. They allow organisations to apply consistent regulatory principles while adapting thresholds and policies to different customer segments, geographies, and risk profiles.
Increasing the precision of risk-based alerting will also be critical. Reducing unnecessary alerts ensures that investigative resources remain focused on the behaviours and entities that genuinely pose financial crime risk.
The growing importance of explainable decisions
As regulatory expectations evolve, transparency in compliance decisions is becoming increasingly important.
Supervisors are no longer interested only in the outcome of an investigation. They want to understand how that outcome was reached.
That means compliance systems must produce clear, traceable explanations linking alerts, data, analyst actions, and model outputs. This narrative approach to auditability will become particularly important in cross-border investigations, where supervisory authorities may review cases across multiple jurisdictions.
In the era of AML harmonisation, a compliance decision is no longer just an outcome.
It must also be a story that regulators can follow.
Turning harmonisation into real value
AMLA’s public hearing may focus on technical standards, but the broader shift it represents is strategic.
European AML regulation is entering a new phase defined by harmonisation, transparency, and more direct supervisory engagement.
For financial institutions, the challenge is not simply complying with regulatory change. It is translating regulatory simplification into operational value.
That means tackling legacy technology debt, adopting compliance-first automation, operationalising risk-based approaches, and ensuring every decision can be clearly explained.
Those that begin this transformation now will be best positioned to realise the promise of AML harmonisation by 2028. Financial institutions must modernise their compliance infrastructure with explainable, compliance-first AI, flexible risk-based configuration, and transparent auditability designed for the next generation of AML regulation. To see how financial institutions are approaching NetGen name screening in real-time under the EU’s Immediate Payments Regulations, read our latest whitepaper.
