Webinar: AMLA: The system rebuild has started

Europe is preparing to transform how it fights financial crime, not by tightening existing rules, but by rebuilding the system itself.

In our recent webinar, Beyond Directives: The Structural Shift to AMLA, we explored what this shift really means in practice. The conclusion is unambiguous: the EU’s new Anti-Money Laundering Authority (AMLA) is not a regulatory update. It is a structural reset of how compliance operates across Europe.

A System Under Strain

The scale of the problem is well known, but still underappreciated. Around €2 trillion is laundered through Europe each year, often through systems designed to prevent it. Recent cases, from Danske Bank to Wirecard and NatWest, reveal a consistent pattern. Different institutions, different failures, but a shared root cause: a fragmented framework built on documents, duplication and limited coordination. Responsibility is often distributed across jurisdictions, while accountability is not.

Today’s model remains largely manual. Firms collect information directly from clients, store it in PDFs or spreadsheets, and revisit it periodically. The same investor can be onboarded multiple times by different institutions, each repeating the same checks, often with limited visibility into what others have already verified. Audit trails are frequently incomplete. Data is unstructured and dispersed across systems. Supervisors, when they investigate must reconstruct decisions after the fact, often with partial information. The functions of the system are inefficient, which are tolerated and its limitations are managed, rather than being resolved.

From Fragmentation to Systemic Oversight

AMLA changes this at a structural level. For the first time, the EU will operate under a single authority with the power to supervise, coordinate and enforce AML rules across all 27 member states. The long-standing inconsistencies between national regimes, which have allowed regulatory arbitrage and operational gaps, will narrow significantly. But the deeper transformation is not institutional, it is operational. AMLA introduces a model where compliance is no longer episodic or local, but continuous and system-wide. Reporting becomes structured and comparable. Supervisory visibility becomes real-time rather than retrospective. The ability to demonstrate compliance moves from narrative explanation to data-driven evidence. In this environment, firms are no longer simply expected to follow rules. They are expected to prove, at any moment, that those rules have been applied correctly.

The End of the Document-Centric Model

At the heart of this transition is a fundamental shift away from documents as the primary source of truth. Under AMLA, verification increasingly relies on data that is independently sourced, structured and capable of being cross-referenced across institutions and jurisdictions. Documents do not disappear, but their role changes. They move from being the foundation of compliance to supporting evidence within a broader data ecosystem. What matters is no longer what a document says, but where the underlying data comes from, how it is validated, and whether it can be compared and traced across systems. This has immediate implications. Firms must be able to map full beneficial ownership chains, not partially or on request, but continuously. They must maintain audit trails that capture not only outcomes, but the reasoning behind decisions. And they must ensure that those decisions can be replayed, in full, when challenged by a supervisor.

As discussed during the session, this represents a shift from a document-centric model to a data-centric infrastructure, one designed to support scale, interoperability and regulatory scrutiny.

An Infrastructure Challenge Disguised as Regulation

AMLA is often described as a regulatory reform. In practice, it is closer to an infrastructure transformation. The existing compliance architecture, which is built around manual processes, siloed systems and static records, was never designed for structured data, real-time monitoring or cross-border interoperability. Attempting to layer AMLA requirements onto this foundation will expose its limits quickly. The more accurate framing is that AMLA shifts compliance from a process problem to a data problem. The question is no longer whether a firm has performed the right checks, but whether it can demonstrate, through reliable and structured data, how and why those checks were performed. This distinction matters. Policies can be updated relatively quickly; infrastructure cannot.

A Narrow Window to Adapt

The practical implications are already clear. Firms will need to reduce reliance on client-provided documentation, integrate authoritative data sources such as registries, and build systems capable of producing clear, structured and auditable outputs in real time. Compliance workflows will need to be automated, interconnected and designed for scale. None of this can be achieved overnight. Rebuilding data architecture, integrating systems and redesigning workflows is a multi-year effort, often requiring organisational change as much as technological investment.

With AMLA set to take effect in July 2027, the timeline is already compressed. Firms that move early will not only meet regulatory expectations more comfortably; they will also gain operational advantages, including faster onboarding, reduced duplication and improved data quality. Those who delay will face the same transformation under tighter timelines and greater pressure.

AMLA does not ask firms to improve what they have. It assumes that what exists today will no longer be sufficient.

Overview of the webinar:

Watch the full webinar here (you need a Microsoft Teams account to access this)