AMLA to Submit Final EU Due Diligence Rules by 10 July
The European Union’s Anti-Money Laundering Authority (AMLA) is due to submit the final draft technical standards defining customer due diligence to the European Commission by 10 July 2026, setting binding EU-wide rules for how firms verify customers ahead of the Anti-Money Laundering Regulation (AMLR) taking effect on 10 July 2027.
The package centres on the draft regulatory technical standards (RTS) on customer due diligence under Article 28(1) of the AMLR, alongside standards on identifying business relationships and occasional transactions. Those standards specify the information and documents obliged entities must collect when carrying out standard, simplified, and enhanced due diligence. AMLA opened public consultations on the drafts on 9 February 2026 and held its first public hearing on 24 March 2026, which drew more than 1,600 stakeholders from the financial and non-financial sectors, according to AMLA. Written submissions closed on 8 May 2026. AMLA built on draft work inherited from the European Banking Authority at the end of 2025, with amendments aimed at legal clarity, proportionality, and a risk-based approach across all categories of obliged entities.
The customer due diligence standards are among the first batch of technical standards AMLA is due to deliver in 2026, the detail that turns the AMLR from principle into operational rules. The AMLR, formally Regulation (EU) 2024/1624, applies directly in every member state without national transposition, replacing the patchwork of national laws that grew out of earlier EU directives. AMLA, based in Frankfurt and chaired by Bruna Szego, will also begin directly supervising around 40 high-risk cross-border groups from 2028. The rules reach banks, payment firms, crypto-asset service providers, and a widening set of non-financial businesses brought into scope by the package.
The timing leaves obliged entities a narrow window. The standards that define compliant onboarding will not be finalised until the second half of 2026, yet the AMLR applies in July 2027, giving firms roughly a year to operationalise rules that are still being settled. Onboarding systems assembled to satisfy separate national regimes do not map cleanly onto a single EU standard, and firms that wait for every standard to be adopted before acting face a compressed migration across every market they serve.
A single rulebook raises the premium on verification that performs identically in every jurisdiction. That means document authentication, biometric checks, and sanctions and politically exposed person screening applied to one consistent standard rather than stitched together across regions. Shufti’s AML screening and identity verification cover 240+ countries and territories on proprietary technology, letting compliance teams apply one verification standard wherever a customer onboards. Firms preparing for the harmonised regime can request a demo to assess readiness ahead of 2027.
