Fintech sector poses increasing money-laundering threats, EBA cautions, expressing apprehension
European Authorities Crack Down on Money Laundering Risks in Fintech
European authorities are stepping up efforts to enhance anti-money laundering (AML) and counter-terrorist financing (CFT) compliance in the fast-growing fintech sector. The rapid pace of innovation in fintech, crypto-assets, and AI has outpaced existing controls, creating new vulnerabilities like inadequate customer due diligence (CDD), weak transaction monitoring, and excessive reliance on outsourcing.
To ensure compliance and mitigate money laundering risks in fintech, European authorities are:
- Issuing detailed opinions and reports: The European Banking Authority (EBA) regularly publishes assessments highlighting heightened risks and gaps in current supervisory approaches, such as its fifth biennial opinion in July 2025 emphasizing the fintech sector’s vulnerabilities and urging member states to strengthen oversight.
- Promoting a risk-based supervisory approach: Competent authorities are encouraged to tailor their AML/CFT supervision proportionally to fintech firms’ risk profiles, considering their limited internal expertise and governance challenges.
- Strengthening regulatory frameworks and guidance: There is increased emphasis on updating AML regulations to address new fintech-specific risks, including stricter customer due diligence, better transaction monitoring, and oversight of outsourcing arrangements.
- Enhancing cooperation and data sharing: The EBA supports improved information exchange between supervisory authorities through databases like the EuReCA system to detect and respond to emerging threats faster.
- Addressing innovation risks proactively: Authorities recognize that while technological innovation can streamline financial crime prevention, the sector’s growth must be matched by governance and compliance capacity building, particularly in payments and electronic money institutions.
The fintech sector’s risks are compounded by increased cybercrime exposure and the fast adoption pace outstripping enforcement capabilities, as seen in the UK and across Europe. AI-related fraud, synthetic identities, and other novel threats have surged, indicating authorities must adapt to tech-driven crime evolving at unprecedented speeds.
In response to these challenges, the EU has published an AML/CFT package to overhaul how the battle against money laundering and terrorist financing is organized across the continent, creating the Anti-Money Laundering Authority (AMLA) based in Frankfurt. Nicolas Vasse, currently a partner at IBM-owned consultancy Promontory, has been named as executive director of the AMLA, starting in September.
The AMLA's 'Work Programme 2025' outlines operational priorities focused on recruiting staff, developing internal governance, establishing essential IT infrastructure, preparing core functions, and building AMLA’s identity and visibility. The AMLA will play a crucial role in ensuring that the fintech sector remains compliant with AML/CFT regulations, protecting the financial system from money laundering and terrorist financing threats.
Almost half of all Chief Anti-Money Laundering Officers (CAs) assess the AML/CFT controls institutions put in place in this regard as inadequate. Sixty-four percent of CAs highlight exposure to cybercrime, including cyber-enabled fraud, as an important vulnerability. Firms that were growing at a fast rate appeared to be particularly exposed to both issues.
In conclusion, European authorities led by the EBA are tackling increasing money laundering risks in fintech through strengthened oversight, updated guidance, risk-based supervision, and enhanced cooperation to keep compliance in step with technological advancements.
- Amid heightened money laundering risks in the fintech sector, European authorities are taking action by issuing detailed opinions and reports, such as the fifth biennial opinion by the European Banking Authority (EBA) in July 2025, which emphasizes the sector's vulnerabilities and urges member states to strengthen oversight.
- To remain compliant with Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) regulations, the fintech sector must contend with increased cybercrime threats like AI-related fraud and synthetic identities, as institutions grow at a fast pace, often compromising AML/CFT controls, according to an assessment by nearly half of all Chief Anti-Money Laundering Officers (CAs).
