New EU Anti-Money Laundering Regulation (AMLR) – clearer requirements and greater data needs
On 10 July 2027, the EU’s new Anti-Money Laundering Regulation, AMLR (EU Regulation 2024/1624), will become applicable. For all companies covered by anti-money laundering legislation, particularly banks and financial institutions, this represents a major shift from previous directives. At the core of AMLR is a more extensive and detailed regulatory framework that specifies how obliged entities must comply with the rules, not just that they must comply.
While obliged entities could previously largely determine for themselves how best to comply with legislation, the new regulation details exactly how risk assessment, customer due diligence (KYC), and monitoring must be conducted.
These are the key points that everyone working with AML should consider:
Regulated risk assessment: The assessment must now be carried out using a standardised methodology and a uniform scoring model. The EBA has determined which factors should carry the most weight (e.g., geographical risk, complex ownership structures, anonymous transactions, and PEPs). This eliminates arbitrary assessments.
Active verification of Ultimate Beneficial Owner (UBO): Self-declarations are no longer sufficient; companies must now actively obtain and verify information regarding the ultimate beneficial owner.
Daily sanctions screening: It is now clearly regulated that sanctions screening must be included as a mandatory part of the KYC process. The Swedish Financial Supervisory Authority (FI) has further clarified that ongoing sanctions screening must be carried out daily.
Sector as a primary risk factor: The customer’s business sector is highlighted as one of the most critical factors in risk assessment. Here too, reliable, independent data is required—relying on self-declarations is not sufficient.
Ongoing monitoring: An annual review alone is no longer enough. Companies must continuously monitor changes that may affect the customer’s risk level to meet the requirements for up-to-date customer due diligence.
Roaring’s role in the new AML landscape
The new framework creates an immediate need for high-quality, verified data to ensure regulatory compliance. At Roaring, we have designed our services to address these specific challenges:
Alternative Beneficial Owner: Our service goes beyond incomplete registers and self-declarations to identify actual control and alternative owners (>5%) where no beneficial owner is registered. This is crucial for fulfilling the new requirement for active verification.
Company Activity / Sector Data: We provide accurate and independently verified sector data, making customer risk assessments more precise and defensible, in line with the new framework’s emphasis on sector risk.
Global Sanctions Lists: We enable automated, daily matching against sanctions lists, fulfilling FI’s requirements for ongoing screening and the new mandatory sanctions control within KYC.
PEP Screening: Since PEP status is one of the most heavily weighted risk factors, our PEP APIs provide reliable data to quickly identify high-risk individuals.
Monitoring: Our monitoring service handles the requirement for ongoing surveillance of key risk factors—such as PEP status, ownership structure, and sector classification—without you needing to hand over your customer lists.
These services are not just an asset; they are a necessary part of the solution for meeting the new, stricter AML obligations.
AMLR places significantly higher demands on data quality and on continuous, systematic customer due diligence. To achieve compliance, companies must transition from manual and self-declaration-based processes to systematic, data-driven solutions capable of handling the new, weighted risk indicators.
Roaring provides the data services needed to automatically verify critical information and ensure the daily monitoring that the new standards require.
Rebecca Lindblom, Legal Counsel, Roaring
Would you like to know more about how Roaring’s data can be integrated directly into your compliance systems to ensure adherence to the new AMLR requirements?
