The European Banking Authority has published its report on money laundering and terrorist financing risks associated with EU payment institutions. Its findings suggest ML/TF risks in the sector may not be assessed and managed effectively by institutions and their supervisors.

In 2022, the EBA assessed the scale and nature of ML/TF risk in the payment institutions sector. It considered how payment institutions identify and manage ML/TF risks. And it assessed what supervisors do to mitigate those risks when considering an application for the authorisation of a payment institution and during the life of a payment institution.

The EBA’s findings suggest that generally institutions in the sector do not manage ML/TF risk adequately. AML/CFT internal controls in payment institutions are often insufficient to prevent ML/TF. This is in spite of the high inherent ML/TF risk to which the sector is exposed.

Money laundering, terrorist financing failures impacts EU financial system integrity

The EBA’s findings also suggest that not all competent authorities are currently doing enough to supervise the sector effectively. As a result, payment institutions with weak AML/CFT controls can operate in the EU. For example, they can establish themselves in member states where authorisation and AML/CFT supervision processes are less stringent. They can then passport their activities cross-border afterwards.

Failure to manage ML/TF risks in the payment institutions sector can impact the integrity of the EU’s financial system. The EBA suggests that failure to address those risks undermines efforts to improve access by payment institutions to payment accounts.

Several of these findings relate to issues addressed in EBA guidelines. More robust implementation by supervisors and institutions of provisions in these guidelines will mitigate the sector’s exposure to ML/TF risks.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Legal basis and background

Article 9a(5) of Regulation (EU) 1095/2010 mandates the EBA to risk assess significant ML/TF risks affecting the EU’s financial sector.

The EBA drew on a number of sources to inform this risk assessment. These include the EBA peer review on authorisation of payment institutions under PSD2. They also extracted data from the EBA’s AML/CFT database, questionnaire responses, bilateral interviews with selected EU supervisors, national and supervisory assessments of ML/TF risks in the sector. Findings of this risk assessment will be feeding into the EBA’s bi-annual ML/TF risk assessment exercise.

The EBA says that it remains committed to tackling ML/TF risks holistically, across all financial sectors within its remit.

Industry reaction

Chrisol Correia, Chief Strategy Officer at Facctum, told EPI: “For many organisations with insufficient anti-crime controls in place, compliance obligation is too often regarded as a cause of customer friction and operational cost. Too many firms have arrived at a position that good compliance is a not a priority. This is particularly so when it is not visible as a regulatory priority. However, with the right technology strategy, compliance actually improves customer experience through greater insights into behaviours, risks and opportunities.

“For too long, the excuse that regulators don’t understand new payments technologies has been used to masque failures to meet sanctions, terrorism financing and money laundering laws.  Operators in Europe’s payments systems need to make an honest assessment of risks and take action. There are plenty of technology options that fit their business models. The EBA’s findings serves notice that compliance in payments must be taken seriously. The call on The Competent Authorities to become more effective should lead to more sectoral guidance, industry support and active supervision. This will accelerate the raising of compliance standards across the European Union. And provide its consumers with better protection against financial crime.”