Among the analysis of the anti-money laundering package recently released by the European Commission, a significant detail has so far largely escaped attention: the Commission is proposing a single, harmonised supervisory assessment methodology for banks in the EU. 

Following scandals that exposed the divergence in supervisory approaches to anti-money laundering across EU states, the Commission has announced a wide range of proposed measures to strengthen standards, including a brand new European Anti-Money Laundering Authority (AMLA). 

As has been widely reported, where a cross-national banking group is found to have high money laundering risk, the new AMLA will bypass national authorities and take over supervision duties for a period of at least three years. The AMLA will select the first batch of EU credit and financial institutions to be directly supervised in July 2025. 

While the size of a group is one of the selection criteria for AMLA supervision - for example, it will have to be active in a minimum number of EU countries to be selected - the Commission also recognises that financial crime risks are not proportional to an entity’s size. 

The Commission’s document sets high expectations for its yet to be developed risk-based methodology, as a critical component of the EU’s future supervisory system. 

The methodology should include ”qualitative and quantitative benchmarks”, covering risk factors stemming from its “customers, business relationships, transactions and delivery channels...as well as geographical risk factors''. In addition, it should assess each entity’s “internal policies and procedures...including customer due diligence policies.” 

Crucially, the new harmonised methodology should also generate an objective risk classification that removes discretion for the AMLA or national supervisors to decide which entities should be brought under direct supervision. 

If any of this sounds familiar to followers of this blog, it’s because the methodology the Commission is proposing is remarkably aligned to Elucidate’s approach to financial crime risk. Our Elucidate FinCrime Index (EFI) is fully independent; is designed as a benchmark; covers a range of themes including the risk factors listed by the Commission, and generates quantitative financial crime risk scores. It is also officially registered with national and EU authorities - BaFin in Germany and ESMA at the EU level. 


A more systemic approach to financial crime risk 

In addition to getting input from the private sector and independent experts when building the harmonised methodology, our recommendation is that European authorities also involve rating agencies more directly when assessing institutions operating in the EU.

Ratings from authorised credit rating agencies have long been part of the standardised approach to credit risk within the EU under the Capital Requirements Regulation, and in the medium term financial crime risk should be no different. 

Some advantages would include: 

  • Reduced room for attempts to influence decision-making. A major financial institution in any given member state being faced with the prospect of direct EU supervision will likely lead to pressure from diverse angles on national supervisors. Regular, independent risk ratings would reduce attempts to influence supervisory decisions.  
  • Increased frequency and lower cost of risk assessments. National supervisory authorities will need to invest significant amounts of time and resources to implement a harmonised risk methodology across the over six thousand institutions and 170 thousand branches operating in the EU.
    Privately supplied financial crime risk ratings, on the other hand, can be generated on a regular basis, creating substantial amounts of relevant data for supervisory analysis with the costs usually being borne by banks themselves. 
  • Market-based incentives to tackle financial crime. At the moment, fear of potential regulatory punishment and the abstract risk of reputational cost are the main drivers of efforts to strengthen anti-money laundering systems. As outlined in our recent paper, the availability of more granular and frequent information about a bank’s financial crime risk levels will have a direct impact on its bottom line, affecting share price, as well as decisions by investors, commercial partners, and potentially consumers. 


The new European Anti-Money Laundering Authority will be under substantial pressure from day one, exposed to political costs if a case of money laundering happens in a bank it is supervising, but also open to questions if there is a money laundering scandal in an EU bank not under its supervision. 

In this context, it makes sense to take advantage of as many relevant sources and approaches to assess financial crime risk as possible. The proposed regulation from the Commission still has to pass through the European Parliament and Council. We hope this will be an opportunity for a truly innovative anti-money laundering reform that will achieve the shared objective of making financial crime, with all of its social impacts, less likely.



The new EU authority will be fully operational in 2024, and will be using its harmonised risk assessment to decide which banks to supervise directly by July 2025. To find out more about scoring your institution against the only regulated, independent financial crime risk benchmark to date please contact us here to request a demo.