1.   The Authority shall perform the following tasks with respect to ML/TF risks facing the internal market:

2.   The Authority shall perform the following tasks with respect to selected obliged entities:

3.   The Authority shall perform the following tasks with respect to financial supervisors:

4.   The Authority shall perform the following tasks with respect to non-financial supervisors:

Where supervision of specific sectors is delegated at national level to self-regulatory bodies, the Authority shall exercise the tasks set out in the first subparagraph in relation to supervisory authorities overseeing the activities of those bodies.

5.   The Authority shall perform the following tasks with respect to FIUs and their activities in Member States:

6.   For the purpose of carrying out the tasks conferred on it by this Regulation, the Authority shall apply all relevant Union law, and where that Union law is composed of directives, the national legislation transposing those directives. Where the applicable law is composed of regulations, and where currently those regulations expressly grant options for Member States, the Authority shall apply also the national legislation exercising those options.

1.   With respect to the selected obliged entities, the Authority shall have the supervisory and investigative powers as specified in Articles 17 to 21 and the power to impose pecuniary sanctions and periodic penalty payments as specified in Articles 22 and 23.

The Authority shall also have the powers and obligations which financial supervisors have in the area of AML/CFT under the applicable Union law, unless otherwise provided for by this Regulation.

To the extent necessary to carry out the tasks conferred on it by this Regulation, the Authority may require financial supervisors, by way of instructions, to make use of their powers in the area of AML/CFT, under and in accordance with the conditions set out in national law, where this Regulation does not confer such powers on the Authority.

For the purposes of exercising the powers referred to in the first and second subparagraphs, the Authority may issue binding decisions addressed to individual selected obliged entities. The Authority shall have the power to apply administrative measures and impose pecuniary sanctions for non-compliance with the decisions taken in the exercise of the power laid down in Article 21 in accordance with Article 22.

2.   With respect to supervisors and supervisory authorities, the Authority shall have the following powers:

3.   With respect to FIUs in Member States, the Authority shall have the following powers:

4.   For the purposes of carrying out the tasks set out in Article 5(1), the Authority shall have the following powers:

1.   The Authority shall be responsible for the effective and consistent functioning of the AML/CFT supervisory system.

2.   The Authority and the supervisory authorities shall be subject to a duty of cooperation in good faith, and to an obligation to exchange information for AML/CFT purposes in accordance with this Regulation, Regulation (EU) 2023/1113, Regulation (EU) 2024/1624 and Directive (EU) 2024/1640.

3.   At the request of the Authority, supervisory authorities shall provide the Authority with all information concerning obliged entities that remain directly supervised at national level which is necessary for the fulfilment of Authority’s tasks pursuant to Article 5(1), (3) and (4), where the supervisory authorities have legal access to such information.

4.   Supervisory authorities shall assist the Authority in identifying and taking into account the specificities of their respective national legal frameworks, in particular where the Authority is applying national legislation transposing Union law as referred to in Article 1(2).

1.   In cooperation with the supervisory authorities, the Authority shall develop and maintain an up-to-date and harmonised AML/CFT supervisory methodology detailing the risk-based approach to supervision of obliged entities in the Union. That methodology shall comprise guidelines, recommendations, opinions and other measures and instruments as appropriate, including in particular regulatory and implementing technical standards, on the basis of the empowerments laid down in the acts referred to in Article 1(2).

2.   When developing the supervisory methodology, the Authority shall distinguish between obliged entities, including on the basis of their activities and the type and nature of the ML/TF risks to which they are exposed. The supervisory methodology shall be risk-based and contain at least the following elements:

3.   The Authority shall develop structured questionnaires and other online or offline tools to be used by the Authority and supervisors for the purposes of requesting, collecting, compiling and analysing data and information from obliged entities, including the data to be relied upon in application of the elements of the supervisory methodology listed in paragraph 2.

The tools developed by the Authority shall ensure the collection of objective and comparable AML/CFT-related data and information from obliged entities and enable an efficient and speedy exchange of information between supervisors and the Authority.

The Authority shall endeavour to develop those tools as soon as the supervisory methodology is applicable across the entire AML/CFT supervisory system.

4.   The supervisory methodology shall reflect high supervisory standards at Union level and shall build on relevant international standards and guidance. The Authority shall periodically review and update its supervisory methodology, taking into account the evolution of risks affecting the internal market, including risks and threats identified by national law enforcement authorities and FIUs. The supervisory methodology shall, to the extent possible, take into account best practices and guidance developed by international standard setters.

1.   No later than 1 December each year, supervisory authorities shall provide information to the Authority on supervisory reviews which they intend to carry out, on a thematic basis, during the following year or supervisory term and which aim to assess ML/TF risks or a specific aspect of such risks to which multiple obliged entities are exposed at the same time. The following information shall be provided:

2.   By the end of each year, the Chair of the Authority shall present to the General Board in supervisory composition as referred to in Article 57(2) a consolidated planning of the thematic reviews that supervisory authorities intend to carry out during the following year.

3.   Where the scope and Union-wide relevance of thematic reviews justify coordination at Union level, they shall be carried out jointly by the relevant supervisory authorities and shall be coordinated by the Authority. The Executive Board may propose joint thematic reviews based on the available analyses of threats, vulnerabilities and risks in the internal market. The General Board in supervisory composition shall draw up a list of joint thematic reviews. The General Board in supervisory composition shall draw up a report relating to the conduct, subject matter and outcome of each joint thematic review. The Authority shall publish that report on its website.

4.   The Authority shall coordinate the activities of the supervisory authorities and facilitate the planning and execution of the joint thematic reviews referred to in paragraph 3. Any direct interaction with obliged entities other than the selected obliged entities in the context of any thematic review shall remain under the exclusive responsibility of the supervisory authority responsible for supervision of those obliged entities and shall not be construed as a transfer of tasks and powers related to those entities within the AML/CFT supervisory system.

5.   Where planned thematic reviews at national level are not subject to a coordinated approach at the level of the Union, the Authority shall, jointly with the supervisory authorities, explore the need for and the possibility of aligning or synchronising the timeframe of those thematic reviews, and shall facilitate information exchange and mutual assistance between supervisory authorities carrying out those thematic reviews. The Authority shall also facilitate any activities that the relevant supervisory authorities may wish to carry out jointly or in a similar manner in the context of their respective thematic reviews.

6.   The Authority shall ensure that the outcomes and conclusions of the thematic reviews conducted at national level by several supervisory authorities are shared with all supervisory authorities, with the exception of confidential information pertaining to individual obliged entities. Such sharing of information shall include any common conclusions resulting from exchanges of information or from joint or coordinated activities involving several supervisory authorities.

1.   The Authority may, as appropriate, develop:

2.   The Authority shall facilitate and encourage at least the following activities:

3.   Each supervisory authority may submit a request for mutual assistance related to its supervisory tasks to the Authority, specifying the type of assistance it seeks from the staff of the Authority, the staff of one or more supervisory authorities, or a combination thereof. If the request concerns activities that relate to the supervision of specific obliged entities, the requesting supervisory authority shall transmit to the Authority the information and data necessary for the provision of assistance. The Authority shall keep and regularly update the information on specific areas of expertise and on the capacities of supervisory authorities to provide mutual assistance related to their supervisory tasks.

4.   Where the Authority is requested to provide assistance for the performance of specific supervisory tasks at national level in relation to obliged entities other than selected obliged entities, the requesting supervisory authority shall detail, in its request, the tasks for which support is sought. The assistance shall not be construed as the transfer, from the requesting supervisory authority to the Authority, of supervisory tasks, powers, or accountability for the supervision of obliged entities other than selected obliged entities.

5.   Where the Authority is of the opinion that the request is appropriate and feasible, it shall make every effort to provide the requested assistance, including by mobilising its own human resources as well as by ensuring that supervisory authorities mobilise resources on a voluntary basis.

6.   By the end of each year, the Chair of the Authority shall inform the General Board in supervisory composition of the human resources that the Authority will allocate to providing the assistance requested under paragraph 3 of this Article during the following year. Where the availability of human resources changes due to the performance of any of the tasks referred to in Article 5(2), (3) and (4), the Chair of the Authority shall inform the General Board in supervisory composition thereof.

7.   Any interaction between the staff of the Authority and the obliged entity shall remain under the exclusive responsibility of the supervisory authority responsible for the supervision of that entity. Such interaction shall not be construed as a transfer of tasks or powers related to individual obliged entities within the AML/CFT supervisory system.

1.   The Authority shall establish and keep up to date a central database of information pursuant to this Article.

The Authority shall make the information available to supervisory authorities, non-AML/CFT authorities, other national authorities and bodies competent for ensuring compliance with Directive 2008/48/EC of the European Parliament and of the Council (28), Directive 2009/110/EC of the European Parliament and of the Council (29), Directive 2009/138/EC of the European Parliament and of the Council (30), Directive 2014/17/EU of the European Parliament and of the Council (31), Regulation (EU) No 537/2014 of the European Parliament and of the Council (32), Directive 2014/56/EU of the European Parliament and of the Council (33), Directive 2014/65/EU of the European Parliament and of the Council (34) or Directive (EU) 2015/2366 of the European Parliament and of the Council (35), and to the European Supervisory Authorities, namely, the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA) (collectively, ‘the ESAs’), on a need-to-know and confidential basis, where it is necessary for the fulfilment of their tasks.

The Authority shall also analyse the collected information and may share the results of its analysis on its own initiative with supervisory authorities, where to do so would facilitate their supervisory activities, and, where relevant, with obliged entities.

2.   The supervisory authorities shall transmit to the Authority at least the following information, including the data related to individual obliged entities, so that the Authority enters that information into the database:

The information provided pursuant to the first subparagraph shall not include references to specific suspicions reported pursuant to Article 69 of Regulation (EU) 2024/1624.

The Authority shall also enter into the database the information stemming from its activities in the area of direct supervision which corresponds to the categories of information listed in the first subparagraph, as well as the outcomes of the risk assessment process carried out by the Authority pursuant to Article 12.

3.   The Authority may request supervisory authorities to provide other information in addition to that referred to in paragraph 2. The supervisory authorities shall update any provided information as soon as the update is necessary or at the Authority’s request.

4.   The Authority shall enter into the database any data or information relevant for the purposes of AML/CFT supervisory activities which is provided by non-AML/CFT authorities, other national authorities and bodies competent for ensuring compliance with the requirements of Directive 2008/48/EC, Directive 2009/110/EC, Directive 2009/138/EC, Directive 2014/17/EU, Regulation (EU) No 537/2014, Directive 2014/56/EU, Directive 2014/65/EU or Directive (EU) 2015/2366, or by the ESAs.

The information referred to in the first subparagraph shall include instances where the authorities and bodies referred to in that subparagraph have reasonable grounds to suspect that ML/TF is being attempted or committed or that an increased risk thereof exists in connection with an obliged entity, and where such reasonable grounds arose in the context of the exercise of their respective tasks. The database shall also include relevant information which authorities or bodies supervising credit institutions in accordance with Directive 2013/36/EU of the European Parliament and of the Council (36), including the ECB when acting in accordance with Regulation (EU) No 1024/2013, have obtained, in the context of ongoing supervision, including information on business model assessments, assessments of governance arrangements, authorisation procedures, assessments of acquisitions of qualifying holdings, ‘fit and proper’ assessments and procedures related to the withdrawal of licences.

5.   The authorities and bodies referred to in paragraph 1, second subparagraph, may address to the Authority a reasoned request for information collected pursuant to this Article, if that information is necessary for their supervisory activities. The Authority shall assess those requests and provide the information requested on a need-to-know and confidential basis and in a timely manner. The Authority shall inform the authority or body that has initially provided the requested information of the identity of the requesting authority or body, the identity of any obliged entity concerned, the reason for the information request as well as whether the information has been provided to the requesting authority or body. Where the Authority decides not to provide the requested information, it shall provide a reasoned justification for that decision.

6.   The Authority shall develop draft regulatory technical standards specifying:

The Authority shall submit those draft regulatory technical standards to the Commission by 27 December 2025.

The Commission is empowered to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph in accordance with Article 49 of this Regulation.

7.   Personal data collected in accordance with this Article may be kept in an identifiable form for a period of up to 10 years after the date of collection of the data by the Authority, at the end of which those data shall be deleted. Based on a regular assessment of their necessity, personal data may be deleted before the expiry of that period on a case-by-case basis.

1.   For the purposes of carrying out the tasks listed in Article 5(2), the Authority, in collaboration with financial supervisors, shall carry out a periodic assessment of credit institutions and financial institutions, and groups of credit institutions and financial institutions, where they operate, whether through establishments or under the freedom to provide services, in at least six Member States, including the home Member State, regardless of whether the activities are carried out through infrastructure on the territory concerned or remotely.

2.   The supervisory authorities, and the obliged entities subject to periodic assessment, shall supply the Authority with any information necessary to carry out the periodic assessment referred to in paragraph 1.

3.   The inherent and residual risk profiles of an obliged entity assessed pursuant to paragraph 1 shall be classified by the Authority as low, medium, substantial or high, based on the benchmarks and following the methodology set out in the regulatory technical standards referred to in paragraph 7. Where the assessed obliged entity is part of a group of credit institutions or financial institutions, the risk profile shall be classified at group-wide level.

4.   The methodology for classifying inherent and residual risk profiles shall be established separately for at least the following categories of obliged entities:

5.   For each category of obliged entities referred to in paragraph 4, the benchmarks for the assessment of inherent risk in the assessment methodology shall be based on the risk factor categories related to customers, products, services, transactions, delivery channels and geographical areas. The benchmarks shall be established for at least the following indicators of inherent risk in any Member State in which the obliged entities operate:

6.   For each category of obliged entity referred to in paragraph 4, the assessment of residual risk in the assessment methodology shall include benchmarks for the assessment of the quality of internal policies, controls and procedures put in place by obliged entities to mitigate their inherent risk.

7.   The Authority shall develop draft regulatory technical standards specifying:

The Authority shall submit those draft regulatory technical standards to the Commission by 1 January 2026.

The Commission is empowered to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph in accordance with Article 49 of this Regulation.

8.   The Authority shall review the benchmarks and methodology at least every three years. Where amendments are required, the Authority shall submit amended draft regulatory technical standards to the Commission.

1.   Credit institutions and financial institutions, and groups of credit institutions and financial institutions, whose residual risk profile has been classified as high pursuant to Article 12 shall qualify as selected obliged entities.

2.   However, where more than 40 entities are identified pursuant to paragraph 1, the Authority may, in consultation with the supervisory authorities, agree on limiting the selection to a specific different number of entities or groups that is greater than 40.

In deciding on a specific different number of selected obliged entities as referred to in the first subparagraph, the Authority shall take into account its own resources in terms of its capacity to allocate or additionally hire the necessary number of supervisory and support staff and shall ensure that the required increase in the financial and human resources is feasible.

Pursuant to the decision on the maximum number, the selected obliged entities shall be those obliged entities qualifying under paragraph 1 which are operating in the highest number of Member States whether through establishments or under the freedom to provide services.

Where the application of the criterion referred to in the third subparagraph yields more than the set maximum number of selected obliged entities, the Authority shall select, from the obliged entities that would be selected in accordance with that subparagraph and that operate in the smallest number of Member States, those which have the highest ratio of the volume of transactions with third countries to the total volume of transactions measured over the last financial year.

3.   Where in a Member State no credit institution, financial institution or group of credit institutions or financial institutions which is established, authorised or registered, or has a subsidiary there and whose risk profile is classified as high, qualifies as a selected obliged entity pursuant to paragraphs 1 and 2 of this Article, the Authority shall carry out an additional selection process in that Member State, on the basis of the methodology referred to in Article 12(7), point (b).

Following the additional selection process, the credit institution, financial institution or group of credit institutions or financial institutions, established or registered in that Member State whose risk profile is classified as high, shall qualify as a selected obliged entity.

Where several credit institutions or financial institutions, or groups of credit institutions or financial institutions, in the Member State in question have a risk profile that is classified as high, the entity operating in the highest number of Member States whether through establishments or under the freedom to provide services shall qualify as the selected obliged entity. If several credit institutions or financial institutions, or groups of credit institutions or financial institutions, operate in the same number of Member States, the entity with the highest ratio of transaction volume with third countries to total transaction volume measured over the last financial year shall qualify as a selected obliged entity.

4.   The Authority shall commence the first selection process by 1 July 2027 and shall conclude the selection within six months of the date of commencement. Subsequently, the selection process shall be carried out every three years after the date of commencement of the first selection, and shall be concluded within six months for each selection process. The list of the selected obliged entities shall be published by the Authority without undue delay upon completion of the selection process. The Authority shall commence direct supervision of the selected obliged entities six months after publication of the list.

5.   Prior to the publication of the list of the selected obliged entities, the Authority shall inform the relevant non-AML/CFT authorities of the outcomes of the process of assessment and classification of inherent and residual risk of the obliged entities subject to assessment.

6.   A selected obliged entity shall remain subject to direct supervision by the Authority until the Authority commences the direct supervision of selected obliged entities based on a list established for the subsequent selection period which no longer includes that obliged entity.

1.   A financial supervisor may submit a reasoned request to the Authority for the Authority to assume direct supervision and carry out the tasks listed in Article 5(2) with respect to a particular non-selected obliged entity.

The request referred to in the first subparagraph shall only be submitted in exceptional circumstances with the aim of addressing at Union level a heightened ML/TF risk or compliance failures at a non-selected obliged entity and to ensure a consistent application of high supervisory standards.

2.   The request referred to in paragraph 1 shall:

3.   The financial supervisor’s request shall be accompanied by a report indicating the supervisory history and risk profile of the non-selected obliged entity concerned. The non-selected obliged entity shall be informed of the request and the timeline proposed therein.

4.   The Authority shall assess the request referred to in paragraph 1 within two months, or within a timeframe that allows the transfer of tasks and powers by the date proposed in the request, whichever is longer. The Authority shall only agree to the requested transfer of direct supervision where at least one of the following conditions is met:

5.   Where the Executive Board of the Authority finds that the conditions set out in paragraphs 1, 2 and 4 have been fulfilled, it shall adopt a decision addressed to the requesting financial supervisor and to the non-selected obliged entity concerned notifying them of the acceptance of the request. The decision shall specify the date on which the Authority is to assume direct supervision and the duration of such supervision. As of the date on which the Authority is to assume direct supervision, the non-selected obliged entity concerned shall be deemed a selected obliged entity for the purposes of this Regulation.

Upon the end of the duration of the direct supervision by the Authority, set out in the decision referred to in the first subparagraph, the tasks and powers related to the direct supervision of the obliged entity concerned shall automatically be transferred back to the financial supervisor, unless the Authority extends the application of that decision following a corresponding request made by the financial supervisor in accordance with paragraphs 1 to 4.

6.   Where the Executive Board of the Authority refuses the financial supervisor’s request, it shall provide the reasons thereof in writing, clearly indicating which conditions laid down in paragraphs 1, 2 and 4 have not been met. The Authority shall consult the financial supervisor prior to taking a decision and shall ensure that the non-selected obliged entity is informed of the outcome of the process.

1.   Without prejudice to the Authority’s power pursuant to Article 21(3), point (a), to receive directly, or have direct access to, information reported on an ongoing basis by selected obliged entities, financial supervisors shall provide the Authority with all information necessary for carrying out the tasks conferred on the Authority in accordance with this Regulation and other applicable Union law.

2.   Where appropriate, financial supervisors shall assist the Authority with the preparation and implementation of any acts relating to the tasks referred to in Article 5(2), point (b), as regards all selected obliged entities, including assistance in verification activities. They shall follow the instructions given by the Authority when performing those tasks.

3.   The Authority shall develop implementing technical standards specifying:

The Authority shall submit those draft implementing technical standards to the Commission by 1 January 2026.

The Commission is empowered to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 53.

1.   A joint supervisory team shall be established for the supervision of each selected obliged entity. Each joint supervisory team shall be composed of staff from the Authority and from the financial supervisors responsible for supervision of the selected obliged entity at national level. The members of the joint supervisory team shall be appointed in accordance with paragraph 4 and shall work under the coordination of a designated staff member from the Authority (‘JST coordinator’).

2.   The JST coordinator shall ensure the coordination of the work within the joint supervisory team. Joint supervisory team members shall follow the JST coordinator’s instructions as regards their tasks in the joint supervisory team. This shall be without prejudice to their tasks and duties within their respective financial supervisors.

Each financial supervisor that appoints more than one staff member to the joint supervisory team pursuant to paragraph 4 may designate one of them as sub-coordinator (‘national sub-coordinator’). The national sub-coordinators shall assist the JST coordinator as regards the organisation and coordination of the tasks in the joint supervisory team, in particular as regards the staff members that were appointed by the same financial supervisor as the relevant national sub-coordinator. The national sub-coordinator may give instructions to the members of the joint supervisory team appointed by the same financial supervisor, provided that those instructions do not conflict with the instructions given by the JST coordinator.

3.   The tasks of a joint supervisory team shall include the following:

4.   The Authority shall be responsible for the establishment and the composition of joint supervisory teams. The Authority and the financial supervisors concerned shall appoint one or more persons from their staff as a member or members of a joint supervisory team. A member may be appointed as a member of more than one joint supervisory team.

5.   The Authority and financial supervisors shall consult each other and agree on the use of staff with regard to the joint supervisory teams.

6.   The Authority shall develop internal operational rules and procedures regarding the composition of joint supervisory teams, notably with regard to staff from each financial supervisor, the status of staff from financial supervisors and the allocation of human resources by the Authority to the joint supervisory teams, which shall ensure that those teams are composed of staff with a sufficient level of knowledge, expertise and experience, and with sufficiently diverse knowledge, backgrounds, expertise and experience.

1.   The Authority may require selected obliged entities and natural persons employed by them or legal persons belonging to them, and third parties to whom the selected obliged entities have outsourced operational functions or activities and natural or legal persons affiliated to them, to provide it with all information it needs in order to carry out the tasks conferred on it by this Regulation and other applicable Union law.

2.   The persons referred to in paragraph 1 or their representatives and, in the case of legal persons or associations having no legal personality, the persons authorised to represent them by law or by their constitution, shall supply the requested information without undue delay, ensuring that it is clear, accurate and complete. Lawyers duly authorised to act may supply the information on behalf of their clients. Those clients shall remain fully responsible where the information supplied is incomplete, incorrect or misleading.

3.   Where the Authority obtains the information requested pursuant to paragraph 1, it shall make that information available to the financial supervisor concerned.

1.   In order to carry out the tasks conferred on it by this Regulation, the Authority may conduct all necessary investigations of any selected obliged entity or any natural person employed by it or any legal person belonging to it, established or located in a Member State.

To that end, the Authority may:

2.   The persons referred to in Article 17 shall be subject to investigations launched on the basis of a decision of the Authority. When a person obstructs the conduct of the investigation, the financial supervisor of the Member State where the relevant premises are located shall provide, in compliance with national law, the necessary assistance, including facilitating the access by the Authority to the business premises of the natural and legal persons referred to in Article 17, so that the powers listed in paragraph 1 of this Article can be exercised.

1.   In order to carry out the tasks conferred on it by this Regulation, the Authority may, subject to prior notification of the financial supervisor concerned, conduct all necessary on-site inspections at the business premises of the natural and legal persons referred to in Article 17. With respect to natural persons whose business premises are the same as their private residence, the Authority shall seek and obtain judicial authorisation for an on-site inspection. Where the proper conduct and efficiency of the inspection so require, the Authority may carry out the on-site inspection without prior announcement to those natural and legal persons.

2.   The Authority may decide to entrust the performance of on-site inspections to a joint supervisory team in accordance with Article 16 or to a dedicated team, which could include joint supervisory team members where applicable. The Authority shall be responsible for the establishment and composition of the on-site inspection teams, which shall be done in cooperation with the financial supervisors.

3.   The staff of the Authority and other persons authorised by the Authority to conduct an on-site inspection may enter any business premises and land of the natural or legal persons subject to a decision on investigation adopted by the Authority and, as regards natural persons whose business premises are the same as their private residence, upon obtaining a judicial authorisation for an on-site inspection pursuant to paragraph 1 of this Article. The staff of the Authority and other persons authorised by the Authority shall have the powers provided for in Article 21.

4.   The natural and legal persons referred to in Article 17 shall be subject to on-site inspections on the basis of a decision of the Authority.

5.   Staff and other accompanying persons authorised or appointed by the financial supervisor of the Member State where the inspection is to be conducted shall, under the supervision and coordination of the Authority, actively assist the staff of and other persons authorised by the Authority. To that end, they shall enjoy the powers set out in paragraph 3. Staff of financial supervisors of the Member State concerned shall also have the right to participate in the on-site inspections.

6.   Where a person opposes the conduct of an on-site inspection ordered pursuant to this Article, the financial supervisor of the Member State concerned shall provide the necessary assistance in accordance with national law. To the extent necessary for the inspection, such assistance shall include the sealing of any business premises and books or records. Where that power is not available to the financial supervisor concerned, it shall use its powers to request the necessary assistance of other national authorities.

1.   If an on-site inspection provided for in Article 19 requires authorisation by a judicial authority in accordance with national law, the Authority shall apply for such an authorisation.

2.   Where an authorisation as referred to in paragraph 1 is applied for, the national judicial authority shall verify that the decision of the Authority is authentic and that the coercive measures envisaged are neither arbitrary nor excessive having regard to the subject matter of the inspection. In its control of the proportionality of the coercive measures, the national judicial authority may ask the Authority for detailed explanations, in particular relating to the grounds the Authority has for suspecting that an infringement of the acts referred to in Article 1(2) has taken place, the seriousness of the suspected infringement and the nature of the involvement of the person subject to the coercive measures. However, the national judicial authority shall not review the necessity for the inspection or demand to be provided with the information on the Authority’s file. The lawfulness of the Authority’s decision shall be subject to review only by the Court of Justice of the European Union.

1.   For the purpose of carrying out its tasks referred to in Article 5(2), the Authority shall have the power to apply the administrative measures set out in paragraphs 2 and 3 of this Article to require any selected obliged entity to take the necessary measures where:

2.   For the purposes of Article 6(1), the Authority shall have, in particular, the power to apply the following administrative measures:

3.   By means of the administrative measures referred to in paragraph 2, the Authority may in particular:

4.   The administrative measures referred to in paragraph 2 shall be accompanied, where relevant, by binding deadlines for their implementation. The Authority shall follow up and assess the implementation by the selected obliged entity of the actions requested.

5.   Financial supervisors shall notify the Authority without undue delay where they become aware of one or more indications that a selected obliged entity has breached Regulation (EU) 2023/1113 or Regulation (EU) 2024/1624.

6.   The administrative measures applied shall be effective, proportionate and dissuasive.

1.   For the purpose of carrying out the tasks conferred on it by this Regulation, the Authority may impose pecuniary sanctions where a selected obliged entity breaches, whether intentionally or negligently, a requirement of Regulation (EU) 2023/1113 or Regulation (EU) 2024/1624, or does not comply with a binding decision referred to in Article 6(1) of this Regulation.

2.   Where the Executive Board of the Authority finds that a selected obliged entity has, intentionally or negligently, committed a serious, repeated or systematic breach of directly applicable requirements contained in Regulation (EU) 2023/1113 or Regulation (EU) 2024/1624, it shall adopt a decision imposing pecuniary sanctions, in accordance with paragraph 3 of this Article. The pecuniary sanctions imposed for such breaches shall, depending on the circumstances of each individual case, be imposed in addition to, or instead of, the administrative measures referred to in Article 21(2).

3.   The basic amount of the pecuniary sanctions referred to in paragraph 1 shall be included within the following limits:

4.   The basic amounts defined within the limits set out in paragraph 3 shall be adjusted, where needed, by taking into account aggravating or mitigating factors in accordance with the relevant coefficients set out in Annex I. The relevant aggravating coefficients shall be applied one by one to the basic amount. If more than one aggravating coefficient is applicable, the difference between the basic amount and the amount resulting from the application of each individual aggravating coefficient shall be added to the basic amount. Where the benefit derived from the breach or the losses to third parties caused by the breach can be determined, they shall be added to the total amount of the sanction, after application of the coefficients.

5.   The relevant mitigating coefficients shall be applied one by one to the basic amount. If more than one mitigating coefficient is applicable, the difference between the basic amount and the amount resulting from the application of each individual mitigating coefficient shall be subtracted from the basic amount.

6.   The maximum amount of a sanction for the serious, repeated or systematic breaches referred to in paragraph 3, points (a) and (b), shall not exceed 10 % of the total annual turnover of the obliged entity in the preceding business year, after application of the coefficients referred to in paragraphs 4 and 5.

7.   The maximum amount of a sanction for the serious, repeated or systematic breaches referred to in paragraph 3, points (c) and (d), shall not exceed EUR 10 000 000 after application of the coefficients referred to in paragraphs 4 and 5.

8.   Where the selected obliged entity is a parent undertaking or a subsidiary of a parent undertaking which is required to prepare consolidated financial statements in accordance with Article 22 of Directive 2013/34/EU of the European Parliament and the Council (37), the relevant total annual turnover shall be the total annual turnover or the corresponding type of income in accordance with applicable accounting standards according to the last available consolidated accounts approved by the management body of the ultimate parent undertaking.

9.   In the cases not covered by paragraph 1 of this Article, the Authority may, where necessary for the purpose of carrying out the tasks conferred on it by this Regulation, require financial supervisors to open proceedings with a view to taking action in order to ensure that appropriate pecuniary sanctions are imposed in accordance with the national law transposing Directive (EU) 2024/1640 and any relevant national legislation which confers specific powers which are currently not required by Union law. The pecuniary sanctions imposed shall be effective, proportionate and dissuasive.

The first subparagraph shall be applicable to pecuniary sanctions to be imposed on selected obliged entities for breaches of national law transposing Directive (EU) 2024/1640 and to any pecuniary sanctions to be imposed on members of the management body of selected obliged entities who under national law are responsible for a breach by the selected obliged entity.

10.   The pecuniary sanctions imposed by the Authority shall be effective, proportionate and dissuasive.

When determining the amount of the pecuniary sanction, the Authority shall take due consideration of the ability of the selected obliged entity to pay the pecuniary sanction and, where the pecuniary sanction might affect compliance with prudential regulation, consult the authorities competent for supervising compliance by the selected obliged entities with applicable Union law.

1.   The Executive Board may adopt a decision imposing a periodic penalty payment in order to compel:

2.   The periodic penalty payment shall be effective and proportionate. The periodic penalty payment shall be imposed until the selected obliged entity or person concerned complies with the relevant administrative measure referred to in paragraph 1.

3.   Notwithstanding paragraph 2, the amount of a periodic penalty payment shall not exceed, in the case of legal persons, 3 % of the average daily turnover in the preceding business year or, in the case of natural persons, 2 % of the average daily income in the preceding calendar year. It shall be calculated from the date set in the decision imposing the periodic penalty payment.

4.   A periodic penalty payment may be imposed for a period of no more than six months following the notification of the Authority’s decision. Where, upon the expiry of that period, the selected obliged entity has not yet complied with the administrative measure, the Authority may impose periodic penalty payments for an additional period of no more than six months.

5.   The decision imposing a periodic penalty payment may be taken at a later stage with retroactive effect up to the date of application of the administrative measure.

1.   Before taking any decision imposing a pecuniary sanction or periodic penalty payment under Article 22 or 23, the Executive Board shall give the persons subject to the proceedings the opportunity to be heard on the Authority’s findings. The Executive Board shall base its decisions only on findings on which the persons subject to the proceedings have had the opportunity to comment.

2.   The rights of defence of the persons subject to the proceedings shall be fully respected during the proceedings. They shall be entitled to have access to the Authority’s file, subject to the legitimate interest of other persons in the protection of their business secrets. The right of access to the file shall not extend to confidential information or internal preparatory documents of the Authority.

1.   The Authority shall publish every decision imposing pecuniary sanctions or periodic penalty payments or applying administrative measures referred to in Article 21(2), points (c) to (g), adopted on cases referred to in Article 21(1), point (a), immediately after the person responsible for the breach is informed of that decision. The publication shall include at least the information on the type and nature of the breach, the identity of the person responsible, and, for pecuniary sanctions or periodic penalty payments, their amount.

By way of derogation from the first subparagraph, where the publication concerns administrative measures that are appealable and that do not aim to remedy serious, repeated and systematic breaches, the Authority may defer the publication of those administrative measures until the expiry of the deadline for lodging an appeal to the Court of Justice of the European Union.

2.   Upon the expiry of the deadline for a review of the decision by the Administrative Board of Review or, where such a review was not requested by the obliged entity, the expiry of the deadline for an appeal to the Court of Justice of the European Union, the Authority shall publish the information on a request for review or an appeal. Any subsequent information on the outcome of such review or appeal shall be published by the Authority immediately after obtaining such information. Any decision annulling a decision to impose a pecuniary sanction or a periodic penalty payment or apply an administrative measure pursuant to Article 21(1), point (a), shall also be published.

3.   Notwithstanding the requirement referred to in paragraph 1, where the publication of the identity or the personal data of the persons responsible is considered by the Authority to be disproportionate following a case-by-case assessment, or where publication jeopardises the stability of financial markets or an ongoing investigation, the Authority shall:

4.   The Authority shall make any publication pursuant to this Article accessible on its website for a period of five years.

1.   Pecuniary sanctions and periodic penalty payments imposed pursuant to Articles 22 and 23 shall be enforceable.

Enforcement shall be governed by the rules of civil procedure in force in the Member State in the territory of which enforcement is carried out. The order for enforcement shall be appended to the decision to impose pecuniary sanctions or periodic penalty payments pursuant to Articles 22 and 23 without any formality other than verification of the authenticity of the decision by the authority which the government of each Member State shall designate for that purpose and shall make known to the Authority and to the Court of Justice of the European Union.

When those formalities have been completed on application by the party concerned, that party may proceed to enforcement in accordance with national law, by bringing the matter directly before the competent body.

Enforcement may be suspended only by a decision of the Court of Justice of the European Union. However, the courts of the Member State concerned shall have jurisdiction over complaints that enforcement is being carried out in an irregular manner.

2.   The amounts of the pecuniary sanctions and periodic penalty payments collected shall be allocated to the general budget of the Union.

1.   Where, in carrying out its duties under this Regulation, the Authority finds that there are serious indications of the possible existence of facts liable to constitute one or more of the breaches listed in Annex II, the Authority shall appoint an independent investigatory team within the Authority to investigate the matter. The investigatory team shall not be involved or have been involved in the direct supervision of the selected obliged entity concerned and shall perform its functions independently from the Executive Board. The Authority shall develop internal procedures to determine the rules governing the selection of the members of the independent investigatory team, in particular with regard to the knowledge, background, expertise and experience of those members.

2.   The investigatory team shall investigate the alleged breaches, taking into account any comments submitted by the persons subject to investigation, and shall submit a complete file with its findings to the Executive Board.

In order to carry out its tasks, the investigatory team may require information in accordance with Article 17 and conduct investigations and on-site inspections in accordance with Articles 18 and 19.

Where carrying out its tasks, the investigatory team shall have access to all documents and information gathered by the joint supervisory team in its supervisory activities.

3.   Upon completion of its investigation and before submitting the file with its findings to the Executive Board, the investigatory team shall give the persons subject to investigation the opportunity to be heard on the matters being investigated. The investigatory team shall base its findings only on facts on which the persons subject to investigation have had the opportunity to comment.

The rights of defence of the persons concerned shall be fully respected during investigations under this Article.

4.   When submitting the file with its findings to the Executive Board, the investigatory team shall notify that fact to the persons subject to investigation. The persons subject to investigation shall be entitled to have access to the file, subject to the legitimate interest of other persons in the protection of their business secrets. The right of access to the file shall not extend to confidential information affecting third parties.

5.   On the basis of the file containing the investigatory team’s findings and, when requested by the persons concerned, after having heard the persons subject to investigation in accordance with Article 24(1), the Executive Board shall decide if one or more of the breaches listed in Annex II have been committed by the persons who are subject to investigation and, in such case, shall impose a pecuniary sanction in accordance with Article 22 and apply an administrative measure in accordance with Article 21 in addition to, or instead of, imposing a pecuniary sanction.

6.   The investigatory team shall not participate in the deliberations of the Executive Board or in any other way intervene in the decision-making process of the Executive Board.

7.   The Commission shall adopt further rules of procedure for the exercise of the power to impose pecuniary sanctions or periodic penalty payments, including provisions on rights of defence, temporal provisions, and the collection of pecuniary sanctions or periodic penalty payments, and shall adopt detailed rules on the limitation periods for the imposition and enforcement of penalties.

The rules referred to in the first subparagraph shall be adopted by means of delegated acts supplementing this Regulation, in accordance with Article 100.

The Commission shall adopt the delegated acts referred to in the second subparagraph by 1 January 2027.

8.   The Authority shall refer matters for criminal prosecution to the relevant national authorities where, in carrying out its duties under this Regulation, it finds that there are serious indications of the possible existence of facts liable to constitute criminal offences. In addition, the Authority shall refrain from imposing pecuniary sanctions or periodic penalty payments where a prior acquittal or conviction arising from identical facts, or from facts which are substantially the same, has acquired the force of res judicata as the result of criminal proceedings under national law.

1.   The Authority and the financial supervisors shall adopt arrangements for their communications within the AML/CFT supervisory system, including the language(s) to be used.

2.   Any document which a selected obliged entity or any other natural or legal person individually subject to the Authority’s supervisory procedures submits to the Authority may be drafted in any of the official languages of the Union, chosen by the selected obliged entity or natural or legal person concerned.

3.   The Authority, the selected obliged entities and any other legal or natural person individually subject to the Authority’s supervisory procedures may agree to exclusively use one of the official languages of the Union in their written communications, including with regard to the Authority’s supervisory decisions.

4.   Where an agreement on the exclusive use of one language as referred to in paragraph 3 is subsequently revoked, that revocation shall only affect the aspects of the Authority’s supervisory procedure which have not yet been carried out.

5.   Where participants in an oral hearing request to be heard in an official language of the Union other than the language of the Authority’s supervisory procedure, sufficient advance notice of that requirement shall be given to the Authority so that it can make the necessary arrangements.

1.   The Authority shall perform periodic assessments of some or all of the activities of one, several, or all financial supervisors, as well as of their tools and resources. As part of each assessment, the Authority shall assess the extent to which a financial supervisor performs its tasks in accordance with Directive (EU) 2024/1640 and takes the necessary steps to ensure consistent high-level supervisory standards and practices. The assessments shall take into account the level of harmonisation of supervisory approaches and, to that end, shall include a review of the application of all or part of the AML/CFT supervisory methodology developed pursuant to Article 8, and it shall cover all financial supervisors in a single assessment cycle. The Executive Board shall adopt, after consulting the General Board in supervisory composition, an assessment cycle plan. The General Board, acting by a majority of two thirds of its members, may require the Executive Board to adopt a new plan. The length of each assessment cycle shall be determined by the Authority and shall not exceed seven years.

The Authority shall develop methods to allow for a consistent assessment of, and comparison between, the financial supervisors reviewed in the same cycle. At the end of each assessment cycle, the Authority shall submit its findings to the European Parliament and to the Council.

2.   The assessments shall be carried out by the staff of the Authority and, following an open call for participation, by the staff of financial supervisors that are not subject to review, on a voluntary basis. Where relevant, the assessments shall take due account of the evaluations, assessments or reports drawn up by international organisations and intergovernmental bodies with competence in the field of ML/TF prevention. The assessments may also take due account of the information set out in the central AML/CFT database established pursuant to Article 11.

3.   The Authority shall produce a report setting out the results of each assessment. A draft version of the report shall be submitted to the financial supervisor subject to the assessment for comments, prior to its consideration by the General Board in supervisory composition. Within a deadline determined by the Authority, the financial supervisor subject to the assessment shall submit comments to the draft report. The final report shall be adopted by the Executive Board, taking into account the observations of the General Board in supervisory composition. The Executive Board shall ensure consistency in the application of the assessment methodology. The report shall explain and indicate any specific follow-up measures required to be taken by the financial supervisor subject to the assessment that are deemed appropriate, proportionate and necessary as a result of the assessment. The follow-up measures may be adopted in the form of guidelines and recommendations of the General Board. The follow-up measures may also be adopted in the form of individual recommendations taken by the Executive Board. Those individual follow-up measures shall only be published upon the consent of the financial supervisor concerned and only in summary or aggregate form, such that individual financial institutions cannot be identified. The published version of the report shall not include confidential information nor references to specific financial supervisors.

4.   Financial supervisors shall make every effort to comply with the specific follow-up measures addressed to them as a result of the assessment. Where applicable, financial supervisors shall provide regular updates to the Authority regarding the type of measures that they have implemented in response to the report referred to in paragraph 3.

1.   The Authority shall ensure, within the scope of its powers and without prejudice to the powers of the relevant financial supervisors, that AML/CFT supervisory colleges in the financial sector are established and functioning consistently for non-selected obliged entities operating establishments in several Member States in accordance with Article 49 of Directive (EU) 2024/1640. To that end, the Authority may:

2.   For the purposes of paragraph 1, the staff of the Authority shall have full participation rights in the AML/CFT supervisory colleges and shall be able to participate in their activities, including on-site inspections, carried out jointly by two or more financial supervisors.

1.   Financial supervisors shall notify the Authority where the situation of any non-selected obliged entity with regard to its compliance with Regulation (EU) 2024/1624, Regulation (EU) 2023/1113, any other legal provisions adopted for the implementation of those Regulations or any administrative act issued by any supervisor and its exposure to ML/TF risks, deteriorates rapidly and significantly, in particular where such deterioration might negatively impact several Member States or the Union as a whole or undermine the integrity of the Union’s financial system.

2.   The Authority may, where it has indications of serious, repeated or systematic breaches by a non-selected obliged entity, request its financial supervisor to:

In that context, the Authority may, where necessary, also request the financial supervisor of a non-selected obliged entity to adopt an individual decision addressed to that entity requiring it to undertake all necessary actions to comply with its obligations under directly applicable Union law or under national law to the extent that it transposes directives or exercises options granted to Member States by Union law, including the cessation of any practice. The requests referred to in this paragraph shall not impede ongoing supervisory measures by the financial supervisor to which the request is addressed.

3.   A request referred to in paragraph 2 may be initiated where the Authority has indications of a serious, repeated or systematic breach:

4.   The financial supervisor concerned shall comply with any request addressed to it in accordance with paragraph 2 and shall inform the Authority as soon as possible, and at the latest within 10 working days of the day of the notification of such request, of the steps it has taken or intends to take to comply with that request.

5.   Where a request referred to in paragraph 2 is not complied with or information on the steps taken or intended to be taken to comply with it is not provided to the Authority within 10 working days of the day of the notification of the request, the Authority may request the Commission to grant permission to transfer temporarily the relevant tasks and powers referred to in Article 5(2) and Article 6(1) related to direct supervision of the non-selected obliged entity from the financial supervisor concerned to the Authority.

6.   A request from the Authority to the Commission pursuant to paragraph 5 shall contain the following:

7.   Based on the information received pursuant to paragraph 6, the Commission shall have one month from the date of receipt of the request from the Authority to adopt a duly justified decision whether to authorise the transfer of the relevant tasks and powers or to oppose it. The decision shall be notified to the Authority, which shall immediately inform the financial supervisor and the non-selected obliged entity thereof. The European Parliament and the Council shall be informed of the decision.

8.   On the tenth working day after the decision authorising the transfer of tasks and powers in relation to the non-selected obliged entity has been notified to the Authority, the non-selected obliged entity shall be deemed a selected obliged entity for the purposes of the exercise of the tasks referred to in Article 5(2) and the powers referred to in Article 6(1) and Articles 17 to 23. The Commission decision shall set a time limit for the exercise of those tasks and powers, upon the expiry of which they shall be automatically transferred back to the financial supervisor concerned.

9.   After having consulted the financial supervisor concerned, the Authority may submit to the Commission a request to extend the application of the decision authorising the transfer of tasks and powers. That request shall be submitted at least two months before the expiry of the initial period.

The request referred to in the first subparagraph shall be accompanied by the following:

The Commission shall adopt a decision whether to grant the extension within the time limit indicated in paragraph 7. Any extension granted pursuant to this paragraph may be granted only once.

1.   The Authority may assist financial supervisors in reaching an agreement in accordance with the procedure set out in paragraphs 3, 4 and 5 of this Article at the request of one or more financial supervisors pursuant to Article 46, 47, 49 or 54 of Directive (EU) 2024/1640 or in other instances where a financial supervisor disagrees with the procedure or content of an action, proposed action, or inactivity of another financial supervisor insofar as it affects its own supervisory tasks and responsibilities in relation to a specific non-selected obliged entity or multiple non-selected obliged entities.

2.   In cases other than those covered by Articles 46, 47, 49 and 54 of Directive (EU) 2024/1640, a financial supervisor shall request the assistance of the Authority without undue delay where a provision of Union law requires that financial supervisor to reach, with another financial supervisor, an agreement, arrangement or other form of established or formalised cooperation relating to the supervision of specific non-selected obliged entities, and any of the following occurs:

3.   The Executive Board shall assess any request referred to in paragraphs 1 and 2 and notify the relevant parties whether it considers the request justified and intends to act upon it in accordance with this Article.

4.   The Authority shall set a time limit for conciliation between the financial supervisors, taking into account any relevant time periods specified in Union law and the complexity and urgency of the matter. For the purposes of the conciliation phase, the Authority shall act as a mediator. Where necessary or provided for in Union law, it shall issue an opinion on how to settle the disagreement.

5.   Where the financial supervisors fail to reach an agreement during the conciliation phase referred to in paragraph 4, or where they fail to follow the opinion issued by Authority, the Authority may require those supervisors to take specific action or refrain from certain action, in order to settle the matter, and to ensure compliance with Union law. The decision of the Authority shall be binding on the financial supervisors. The Authority’s decision may require financial supervisors to revoke or amend a decision that they have adopted or to make use of their powers under applicable Union law.

6.   The Authority shall notify the financial supervisors of the conclusion of the procedures under paragraphs 4 and 5 together with, where applicable, its decision taken under paragraph 5.

7.   Any action by the financial supervisors in relation to facts which are subject to a decision pursuant to paragraph 5 shall be compatible with such a decision.

8.   In the report referred to in Article 84, the Chair of the Authority shall set out the nature and type of disagreements between financial supervisors, the agreements reached and the decisions taken to settle such disagreements.

1.   Where a financial supervisor has not applied measures laid down in Directive (EU) 2024/1640, or the provisions of national law transposing that Directive, or has applied measures in a way that appears to be a breach of Union law leading to systematic failures in its supervision which affect multiple obliged entities and undermine the effectiveness of the AML/CFT supervisory system, the Authority shall act in accordance with the powers set out in paragraphs 2, 3 and 4.

2.   The Authority may initiate an investigation of a potential breach of Union law referred to in paragraph 1 on its own initiative where it has an indication of such a breach based on well-substantiated information collected by the Authority when carrying out its tasks pursuant to this Regulation.

The Authority may also investigate an alleged breach or non-application of Union law upon a well-substantiated request from one or more financial supervisors, the European Parliament or the Commission.

Where an investigation of a potential breach of Union law has been requested pursuant to the first or second subparagraph, the Authority shall duly inform the party making the request how it intends to proceed with the matter and whether an investigation into the alleged breach is warranted. Where the Authority decides to proceed with an investigation, it shall first inform the financial supervisor concerned.

3.   The financial supervisor that is the subject of an investigation pursuant to paragraph 2 shall, without delay, provide the Authority with all information that the Authority requests for the purposes of its investigation, including as regards how the acts referred to in paragraph 1 are applied in accordance with Union law.

4.   Where deemed appropriate and necessary, the Authority may also, after having informed the financial supervisor that is the subject of the investigation, provide an opportunity to all other financial supervisors to transmit information to the Authority that they deem relevant or directly address a duly justified and reasoned request for information to any other financial supervisor. The addressees of such a request shall, without undue delay, provide the Authority with clear, accurate and complete information.

5.   The Authority may, no later than six months from the date of initiating its investigation, address a recommendation to the financial supervisor subject to investigation, setting out the action necessary to comply with Union law.

Before issuing such a recommendation, the Authority shall engage with the financial supervisor where it considers that such engagement is appropriate in order to resolve the systematic failures of supervision resulting in the breach of Union law, in an attempt to reach an agreement on the actions necessary for compliance with Union law.

The financial supervisor shall, within 10 working days of receipt of the recommendation, inform the Authority of the steps it has taken or intends to take to ensure compliance with Union law.

6.   Where the financial supervisor has not complied with Union law within one month of the date of receipt of the Authority’s recommendation, the Commission may, after having been informed of that fact by the Authority or on its own initiative, issue a formal opinion requiring the financial supervisor to take the action necessary to comply with Union law. The Commission’s formal opinion shall take into account the Authority’s recommendation.

The Commission shall issue such a formal opinion within three months of the date of adoption of the recommendation. The Commission may extend that period by one month.

The Authority and the financial supervisor shall provide the Commission with all necessary information.

7.   The financial supervisor shall, within 10 working days of receipt of the formal opinion referred to in paragraph 6, inform the Commission and the Authority of the steps it has taken or intends to take to comply with that formal opinion. When taking action in relation to issues which are the subject of a formal opinion, the financial supervisor shall comply with that formal opinion.

1.   The Authority shall periodically conduct peer reviews of some or all of the activities of non-financial supervisors and public authorities referred to in Article 52 of Directive (EU) 2024/1640 to strengthen consistency and effectiveness in supervisory outcomes. The Authority shall develop methods to allow for an objective assessment and comparison between the non-financial supervisors reviewed. Where relevant, the planning and conducting of assessments shall take due account of the evaluations, assessments and reports drawn up by international organisations and intergovernmental bodies with competence in the field of AML/CFT. The assessments may also take due account of the information contained in the central AML/CFT database established pursuant to Article 11 of this Regulation.

The methods referred to in the first subparagraph shall take into account the specific features of the supervisory framework in cases where supervision is entrusted to self-regulatory bodies, including the role of the public authority responsible for overseeing those bodies pursuant to Article 52 of Directive (EU) 2024/1640, and the specific characteristics of supervisors in those cases.

2.   Peer reviews shall be carried out by the staff of the Authority jointly with the relevant staff of the non-financial supervisors and of the public authorities as referred to in Article 52 of Directive (EU) 2024/1640.

3.   The peer review shall include an assessment of, but not be limited to:

4.   The Authority shall produce a report setting out the results of the peer review. That peer review report shall be jointly prepared by the staff of the Authority and the relevant staff of the non-financial supervisors and of the public authorities as referred to in Article 52 of Directive (EU) 2024/1640 involved in the peer review, and adopted by the Executive Board, having received the observations of the General Board in supervisory composition as to the consistency of application of the methodology with other peer review reports. The report shall explain and indicate the follow-up measures that are deemed appropriate, proportionate and necessary as a result of the peer review. Those follow-up measures may be adopted in the form of guidelines and recommendations pursuant to Article 54 and opinions pursuant to Article 55 of this Regulation. The non-financial supervisors and the public authorities as referred to in Article 52 of Directive (EU) 2024/1640 shall make every effort to comply with any guidelines and recommendations issued, in accordance with Article 54(3) of this Regulation.

5.   The Authority shall publish the findings of the peer review on its website and inform at least the European Parliament thereof. It shall submit an opinion to the Commission where, having regard to the outcome of the peer review or to any other information acquired by the Authority in carrying out its tasks, it considers that further harmonisation of Union rules applicable to obliged entities in the non-financial sector or to non-financial supervisors would be necessary from the Union’s perspective.

6.   The Authority shall provide a follow-up report two years after the publication of the peer review report. The follow-up report shall be jointly prepared by the staff of the Authority and the relevant staff of the non-financial supervisors involved in the peer review, and shall be adopted by the Executive Board, having received the observations of the General Board in supervisory composition on the consistency of application of the methodology with other peer review reports. The follow-up report shall include an assessment of the adequacy and effectiveness of the actions undertaken by the non-financial supervisors that were subject to the peer review in response to the follow-up measures of the peer review report. The Authority shall publish the findings of the follow-up report on its website.

7.   For the purposes of this Article, the Executive Board shall adopt a peer review work plan every two years, after consulting the General Board in supervisory composition. That peer review work plan shall reflect the lessons learnt from past peer review processes and discussions held in the General Board in supervisory composition. The General Board in supervisory composition, acting by a majority of two thirds of its members, may require the Executive Board to adopt a new plan. The peer review work plan shall constitute a separate part of the annual and multiannual working programme and shall be included in the single programming document referred to in Article 65. In the case of urgent or unforeseen events, the Authority may decide to carry out additional peer reviews.

8.   Where peer reviews concern supervisory activities which in one or more Member States are carried out by self-regulatory bodies, the peer review shall include an assessment of measures taken pursuant to Article 52 of Directive (EU) 2024/1640 by the public authority responsible for overseeing those bodies to ensure that they perform their function adequately and effectively.

9.   Where peer reviews concern supervisory activities which in one or more Member States are carried out by self-regulatory bodies, those self-regulatory bodies shall not be required to participate. However, where they indicate an interest in participating in a peer review, staff of those bodies that are entrusted with supervisory tasks shall be allowed to participate in that peer review.

1.   The Authority shall, within the scope of its powers and without prejudice to the powers of the relevant non-financial supervisors pursuant to Article 50 of Directive (EU) 2024/1640, assist in the setting up and functioning of AML/CFT supervisory colleges in the non-financial sector for obliged entities in the non-financial sector operating establishments in several Member States in accordance with that Article.

2.   For the purposes of paragraph 1, the Authority may:

3.   For the purposes of paragraph 1, the staff of the Authority shall have full participation rights in AML/CFT supervisory colleges. Upon the agreement of the non-financial supervisors concerned, the staff of the Authority shall be able to participate in the activities of the college carried out jointly by two or more non-financial supervisors, including on-site inspections of obliged entities in the non-financial sector, except those covered by Article 3, point (3)(a) and (b), of Regulation (EU) 2024/1624.

1.   Where the Authority has grounds to suspect that a non-financial supervisor or a public authority overseeing self-regulatory bodies referred to in Article 52 of Directive (EU) 2024/1640 has not applied the Union acts or the national legislation referred to in Article 1(2) of this Regulation, or has applied them in a way which appears to breach Union law, it shall inform the supervisor or public authority concerned of those suspected breaches and investigate them.

For the purposes of the first subparagraph, the Authority may act upon the request of one or more non-financial supervisors or public authorities, the European Parliament, the Council or the Commission, or on its own initiative, including where such action is based on well-substantiated information from natural or legal persons pursuant to Article 90.

2.   The Authority shall be able to request from the supervisor or public authority concerned all information which the Authority considers necessary for its investigation, including information on how the Union acts or national legislation referred to in Article 1(2) of this Regulation are applied in accordance with Union law, but with the exception of information covered by legal privilege, unless the exemptions set out in Article 21(2), second subparagraph, and Article 70(2), second subparagraph, of Regulation (EU) 2024/1624 and in Article 52(3), point (a), of Directive (EU) 2024/1640 apply.

The supervisor or public authority concerned shall, without delay, provide the Authority with the requested information.

Whenever the requested information from the supervisor or public authority concerned has proven, or is deemed to be, insufficient to obtain the information that is deemed necessary for the purposes of investigating the suspected breach, the Authority may, after having informed the supervisor or public authority concerned, address a duly justified and reasoned request for information directly to other supervisors or public authorities overseeing self-regulatory bodies.

The addressee of such a request shall provide the Authority with clear, accurate and complete information without undue delay.

3.   The Authority may, not later than six months from initiating its investigation, address a recommendation to the supervisor or public authority concerned setting out the action necessary to remedy the identified breach.

Before issuing such a recommendation, the Authority shall engage with the supervisor or public authority concerned where it considers such engagement appropriate in order to resolve the breach, in an attempt to reach agreement on the actions necessary to that end.

The supervisor or public authority concerned shall, within 10 working days of receipt of the recommendation, inform the Authority of the steps it has taken or intends to take to resolve the breach.

4.   Where the supervisor or public authority has not resolved the identified breach referred to in paragraph 3, first subparagraph, within one month of receipt of the Authority’s recommendation, the Authority shall issue a warning detailing the breach and identifying measures to be implemented by the addressees of the warning to mitigate its effects.

The warning referred to in the first subparagraph shall be addressed:

5.   As soon as the supervisor or public authority concerned has resolved the breach, the Authority shall inform the addressees of its warning referred to in paragraph 4 that the breach has been resolved and that the mitigating measures have ceased.

1.   The Authority may assist non-financial supervisors in reaching an agreement in accordance with the procedure set out in paragraphs 3 and 4 of this Article at the request of one or more non-financial supervisors pursuant to Article 46, 47, 50 or 54 of Directive (EU) 2024/1640 or in other instances where a non-financial supervisor disagrees with the procedure or content of an action, proposed action or inactivity of another non-financial supervisor insofar as it affects its own supervisory tasks and responsibilities in relation to a specific obliged entity or multiple obliged entities.

2.   In cases other than those covered by Articles 46, 47, 50 and 54 of Directive (EU) 2024/1640, a non-financial supervisor shall request the assistance of the Authority without undue delay where a provision of Union law requires that non-financial supervisor to reach, with another non-financial supervisor or other non-financial supervisors, an agreement, an arrangement or other form of established or formalised cooperation relating to the supervision of specific obliged entities, and any of the following occurs:

3.   The Executive Board shall assess any request referred to in paragraphs 1 and 2 and notify the relevant parties whether it considers the request justified and intends to act upon it in accordance with this Article.

4.   The Authority shall set a time limit for conciliation between the non-financial supervisors taking into account any relevant time periods specified in Union law and the complexity and urgency of the matter. For the purposes of the conciliation phase, the Authority shall act as a mediator. Where necessary or provided for in Union law, the Authority shall issue an opinion on how to settle the disagreement.

1.   The Authority shall be responsible for ensuring the effective and consistent cooperation between Financial Intelligence Units (‘FIUs’) within the framework of the support and coordination mechanism for FIUs. To that end, the Authority shall support and coordinate the activities of FIUs.

2.   The Authority and FIUs shall be subject to a duty of cooperation in good faith, including with regard to joint analyses supported or initiated by the Authority, and to an obligation to exchange information that is necessary to fulfil their respective tasks.

3.   The Authority shall have dedicated human, financial and IT resources to support the tasks referred to in Article 5(5) and shall ensure, where necessary, organisational separation of the staff dedicated to those tasks from the staff carrying out the tasks relating to the Authority’s supervisory activities.

An FIU may inform the Authority in the case of a failure by another FIU to cooperate. In that case, the Authority shall act as a mediator.

1.   The Authority shall lay down methods and criteria for the selection and prioritisation of cases relevant for the conduct of joint analyses in accordance with Article 32 of Directive (EU) 2024/1640, to be assisted by the Authority.

2.   For the purposes of paragraph 1, the Authority shall draw up, on an annual basis, a list of priority areas for the conduct of joint analyses. That list may be reviewed where new priority areas are identified.

3.   Where, pursuant to Article 32 of Directive (EU) 2024/1640 and having regard to the criteria referred to in paragraph 1 of this Article, an FIU of a Member State identifies a potential need to conduct a joint analysis with one or several FIUs in other Member States, it shall notify the Authority thereof.

The Authority shall register all notifications received pursuant to the first subparagraph of this paragraph and assess the relevance of the case in accordance with the methods and criteria referred to in paragraph 1. Where the Authority assesses that the case is relevant, it shall, within five days of the initial notification, inform FIUs in all relevant Member States and invite them to take part in the joint analysis. To that end, the Authority shall use secured channels of communication. FIUs in all relevant Member States shall consider taking part in the joint analysis.

4.   If at least one other FIU agrees to take part in the joint analysis, the Authority shall ensure that the joint analysis is launched within 20 days of the initial assessment referred to in paragraph 3, second subparagraph, unless the urgency of the matter justifies the imposition of a shorter deadline.

5.   Any FIU that declines to participate in the conduct of the joint analysis shall provide the reasons thereof in writing to the Authority, within five days of receipt of the invitation. The Authority shall provide such explanation without delay to the FIU that identified the need for a joint analysis.

6.   Upon the express consent of all FIUs participating in the joint analysis, the staff of the Authority supporting the joint analysis shall be granted access to all data pertaining to the subject matter of the case and shall be able to process those data for the purposes of supporting the joint analysis.

Where an FIU refuses to grant access to the staff of the Authority to the data pertaining to the subject matter of the case, it shall ensure that the information is otherwise provided in a way that does not impede the staff of the Authority in providing operational support to the joint analysis, nor otherwise effectively hamper their ability to provide such support.

Where several FIUs refuse to grant access to the data pertaining to the subject matter of the case, the Authority shall re-assess whether the tasks that its staff would perform justify its support to the joint analysis, and consider recommending that the joint analysis proceeds without its support instead.

7.   The Authority shall provide all necessary tools and operational support required for the conduct of the joint analysis, in accordance with the developed methods and procedures. In particular, the Authority shall set up a dedicated, secured channel of communication for the performance of the joint analysis, and shall provide the appropriate technical coordination, including IT support, as well as budgetary and logistical support.

8.   Upon the express consent of all FIUs participating in the joint analysis, the staff of the Authority supporting the joint analysis shall be authorised to cross-match, on the basis of a hit/no-hit system, the data of those FIUs with data made available by other FIUs and Union bodies, offices and agencies within their respective mandates.

In the case of a hit, the Authority shall share with all FIUs participating in the joint analysis the information that triggered the hit to the extent that the provider of the information authorised its sharing and that the information is necessary for the conduct of the joint analysis.

For the purposes of this paragraph, the Authority shall use a system designed for the cross-matching of information relevant for the purposes of preventing money laundering, its predicate offences and terrorist financing in a proportionate manner. That system shall ensure a level of security and confidentiality proportionate to the nature and extent of the information cross-matched. The methods and procedures to be established for the conduct of the joint analyses pursuant to Article 43(1) and the working arrangements to be concluded pursuant to Article 94(2) shall specify the methods for carrying out the cross-matching on the basis of a hit/no-hit system as referred to in the first subparagraph of this paragraph.

1.   Where the results of a joint analysis indicate that there are reasonable grounds to suspect that money laundering or other criminal activities are being or have been committed in respect of which the EPPO could exercise its competence in accordance with Article 22 and Article 25(2) and (3) of Regulation (EU) 2017/1939, the Authority shall report without undue delay the results of the joint analysis and any additional relevant information to the EPPO.

2.   The Authority shall, in consultation with the EPPO, develop draft implementing technical standards to specify the format to be used by the Authority for the reporting of information to the EPPO.

The Authority shall submit those draft implementing technical standards to the Commission by 27 June 2026.

The Commission is empowered to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 53.

3.   Where the results of the joint analysis indicate that there are reasonable grounds to suspect that fraud, corruption or any other illegal activity affecting the financial interests of the Union is being or has been committed in respect of which the European Anti-Fraud Office (OLAF) could exercise its competence in accordance with Article 8 of Regulation (EU, Euratom) No 883/2013, the Authority shall transmit the results of the joint analysis and any additional relevant information to OLAF.

4.   Upon the express consent of all FIUs participating in the joint analysis and where the results of the joint analysis indicate that there are reasonable grounds to suspect that a criminal offence has been committed in respect of which Europol could exercise its competence in accordance with Regulation (EU) 2016/794 of the European Parliament and of the Council (38), the Authority shall transmit the results of the joint analysis and any additional relevant information to Europol.

5.   Upon the express consent of all FIUs participating in the joint analysis, and where the results of the joint analysis indicate that there are reasonable grounds to suspect that a criminal offence has been committed in respect of which Eurojust could exercise its competence in accordance with Regulation (EU) 2018/1727 of the European Parliament and of the Council (39), the Authority shall transmit the results of the joint analysis and any additional relevant information to Eurojust.

6.   The Authority, the EPPO, Europol, Eurojust and OLAF may exchange strategic and other non-operational information, such as typologies and risk indicators, in the areas within their competence.

The conditions for the exchange of the information referred to in the first subparagraph shall be laid down in the working arrangements referred to in Article 94.

1.   Where the Authority identifies a potential need to conduct a joint analysis pursuant to Article 40 of this Regulation or Article 32 of Directive (EU) 2024/1640, it shall inform the concerned FIUs thereof and request them to take part in the joint analysis.

2.   The concerned FIUs shall inform the Authority without undue delay, making best efforts to do so within five days of receipt of the request, of their decision concerning the request referred to in paragraph 1.

3.   Where an FIU requested to take part in the joint analysis refuses a request made by the Authority pursuant to paragraph 1, it shall inform the Authority of the reasons for its decision without undue delay, making best efforts to do so within five days of receipt of the request.

1.   The Authority shall establish methods and procedures for the conduct of joint analyses, periodically review them and update them where necessary. The requirement to review and update shall also apply to the methods and criteria referred to in Article 40(1).

2.   FIUs that participated or were otherwise involved in a joint analysis may provide their feedback to the Authority on the conduct of the analysis, including feedback on the operational support provided by the Authority in the process of the joint analysis, as well as feedback on the outcome of the analysis, the methods and procedures in place pursuant to paragraph 1, the tools available and the coordination between the participating FIUs. Feedback that is labelled confidential shall not be shared with other FIUs.

3.   On the basis of the feedback referred to in paragraph 2, or on its own initiative, the Authority may issue a follow-up report relating to the conduct of the joint analysis, including specific suggestions for adjustments regarding the methods and procedures for the conduct of the joint analysis, and conclusions on the outcome of the joint analysis. The follow-up report shall be shared with all FIUs, without disclosing confidential or restricted information on the case. The conclusions and recommendations relating to the conduct of the joint analysis shall be shared with all FIUs that participated in that joint analysis, and with all other FIUs insofar as those conclusions and recommendations do not contain confidential or restricted information.

1.   The FIU of each Member State shall delegate one or more staff members to the Authority. The regular place of work of the national FIU delegate shall be at the seat of the Authority.

2.   FIU delegates shall have the status of staff of the delegating FIU at the time of their appointment and for the entire duration of their delegation. Member States shall appoint their FIU delegate on the basis of a proven high level of relevant and practical experience in the field of FIU tasks. The delegate shall remain under the authority of the delegating FIU and shall comply with the security and confidentiality rules of the delegating FIU, including relevant national law.

3.   The General Board in FIU composition may reject a person who has been appointed as FIU delegate if that person does not fulfil the criteria referred to in paragraph 2. The term of office of FIU delegates shall be three years, renewable once with the consent of the delegating FIU.

4.   FIU delegates shall support the Authority in carrying out the tasks set out in Article 5(5). To that end, FIU delegates shall be granted, for the duration of the delegation, access to the Authority’s data and information to the extent necessary for the performance of their tasks.

5.   FIU delegates shall be granted access to any data accessible by their delegating FIU for the purposes of carrying out the tasks referred to in Article 5(5).

6.   The Executive Board shall determine the rights and obligations of FIU delegates in relation to the Authority, taking into account the opinion of the General Board in FIU composition. FIUs shall ensure that their FIU delegate complies with those rights and obligations.

1.   In the context of promoting cooperation between, and supporting the work of, FIUs, the Authority, taking into account the needs of FIUs, shall promote common approaches, methods and best practices. The Authority shall also organise and facilitate in particular the following activities:

2.   An FIU may submit to the Authority a request for assistance related to the tasks of the FIU, specifying the type of assistance it seeks from the staff of the Authority, the staff of one or more FIU, or a combination thereof. The FIU requesting assistance shall ensure that access is given to any information and data necessary for the provision of such assistance. The Authority shall keep and regularly update information on specific areas of expertise and on the capacity of FIUs to provide mutual assistance related to the tasks of FIUs.

3.   The Authority shall make every effort to provide the requested assistance, including by considering the support to be provided with its own human resources as well as coordinating and facilitating the provision of any form of assistance by other FIUs on a voluntary basis.

4.   At the beginning of each year, the Chair of the Authority shall inform the General Board in FIU composition of the human resources that the Authority can allocate to providing the assistance referred to in paragraph 2 of this Article. Where changes occur to the availability of human resources due to performance of the tasks referred to in Article 5(5), the Chair of the Authority shall inform the General Board in FIU composition thereof.

1.   The Authority may facilitate a solution in the case of a disagreement between two or more FIUs regarding individual cases related to cooperation, including the exchange of information, under Directive (EU) 2024/1640. The purpose of such mediation shall be to reconcile divergent points of view between the FIUs and to adopt a non-binding opinion.

2.   Where a disagreement cannot be solved by direct contact and dialogue between the FIUs concerned, the Authority shall launch a mediation procedure upon the request of one or more of those FIUs. The Authority may also propose launching a mediation procedure on its own initiative. Mediation shall be conducted only with the agreement of all FIUs concerned.

3.   The mediation procedure shall be launched before the General Board in FIU composition. All members of the General Board in FIU composition, except the heads of the FIUs that are concerned by the disagreement, shall seek to reconcile the points of view of the FIUs that are concerned by the disagreement and shall agree on a non-binding opinion. Where relevant, experts from the Commission may be invited to participate in the mediation procedure in an advisory capacity.

4.   The General Board in FIU composition shall adopt rules of procedure for mediation procedures, including the applicable deadlines.

5.   Where an FIU that is concerned by a disagreement refuses to participate in the mediation procedure, it shall inform the Authority and the other FIUs that are concerned by the disagreement of the reasons for its decision within the period specified in the rules of procedure referred to in paragraph 4.

6.   Within three months of the adoption of the non-binding opinion referred to in paragraph 3, the FIUs that are concerned by the disagreement shall report to the General Board in FIU composition regarding the measures that they have taken in response to the opinion or, where they have not taken measures, regarding the reasons why they have not done so.

1.   The Authority shall ensure adequate, uninterrupted and secure hosting of FIU.net, and ensure the management, maintenance and development of FIU.net. Taking into account the needs of FIUs, the Authority shall ensure that the most advanced and secure technology available is used for FIU.net, subject to a cost-benefit analysis.

2.   The Authority shall ensure uninterrupted functioning of FIU.net and keep it up-to-date. Where necessary to support or strengthen the exchange of information and cooperation between FIUs and based on the needs of FIUs, the Authority shall design and implement, or otherwise make available, upgraded or additional functionalities of FIU.net.

3.   The Authority shall also be responsible for the following tasks relating to FIU.net:

4.   For the purposes of carrying out the tasks referred to in paragraphs 1, 2 and 3, the Authority shall be empowered to conclude or enter into legally binding contracts or agreements with third-party service providers, after appropriate audits of their security standards.

5.   The Authority shall adopt and implement the measures necessary for the fulfilment of the tasks referred to in this Article, including a security plan, a business continuity plan and a disaster recovery plan for FIU.net.

6.   The General Board in FIU composition, acting unanimously, may decide to suspend the access of an FIU, its counterpart in a third country, or a Union body, office or agency, to FIU.net where it has grounds to believe that such access would jeopardise the implementation of Chapter III of Directive (EU) 2024/1640 and the security and confidentiality of the information held by FIUs and exchanged through the FIU.net system, including where there are concerns in relation to an FIU’s lack of independence and autonomy.

Where the General Board in FIU composition adopts a decision suspending the access of an FIU to FIU.net, the General Board shall act unanimously by vote of all members of the General Board in FIU composition, except the head of the FIU in question.

The General Board in FIU composition shall define the criteria for the suspension of access to FIU.net and adopt rules of procedure for such suspension.

1.   The Authority shall set up a peer review process of the activities of FIUs pursuant to Chapter III of Directive (EU) 2024/1640 to strengthen the consistency and effectiveness of FIU activities and to facilitate the exchange of best practices between FIUs. The Authority shall develop methods to allow for an objective assessment of the FIUs reviewed and also develop rules of procedure for the conduct of peer reviews.

Where relevant, the planning and conducting of peer reviews shall take due account of the evaluations, assessments and reports drawn up by international organisations and intergovernmental bodies with competence in the field of preventing and detecting money laundering, its predicate offences and terrorist financing.

2.   For the purposes of paragraph 1, the Authority shall set up a peer review team, which shall be composed of the staff of the Authority and representatives of the FIUs participating in the peer review.

3.   The peer review of the activities of an FIU shall include an assessment of, but shall not be limited to, the following:

4.   The Authority shall produce a report setting out the results of the peer review. That peer review report shall be jointly prepared by the staff of the Authority and the relevant staff of the FIUs involved in the peer review team, and shall be adopted by the Executive Board, having received the observations of the General Board in FIU composition as to the consistency of application of the methodology with other peer review reports. The report shall include good practices identified and, where relevant, follow-up measures that are deemed appropriate, proportionate and necessary as a result of the peer review. Those follow-up measures may be adopted in the form of guidelines and recommendations pursuant to Article 54 and an opinion pursuant to Article 55. FIUs shall make every effort to comply with any guidelines and recommendations issued in accordance with Article 54.

5.   The Authority shall publish the findings of the peer review on its website and submit an opinion to the Commission where, having regard to the outcome of the peer review or to any other information acquired by the Authority in carrying out its tasks, it considers that further harmonisation of Union rules applicable to FIUs would be necessary from the Union’s perspective.

6.   The Authority shall provide a follow-up report two years after the publication of the peer review report. The follow-up report shall be jointly prepared by the staff of the Authority and the relevant staff of the FIUs involved in the peer review team, and shall be adopted by the Executive Board, having received the observations of the General Board in FIU composition as to the consistency of application of the methodology with other peer review reports. The follow-up report shall include an assessment of the adequacy and effectiveness of the actions undertaken by the FIUs that were subject to the peer review in response to the follow-up measures of the peer review report. The Authority shall publish the findings of the follow-up report on its website.

7.   For the purposes of this Article, the Executive Board shall adopt a peer review work plan every two years, which shall reflect the lessons learnt from the past peer review processes and discussions held in the General Board in FIU composition. The peer review work plan shall constitute a separate part of the annual and multiannual working programme and shall be included in the single programming document. Every FIU shall participate in the peer reviews which concern it.

1.   Where the European Parliament and the Council delegate power to the Commission to adopt regulatory technical standards by means of delegated acts pursuant to Article 290 TFEU in order to ensure consistent harmonisation in the areas specifically set out in the legislative acts referred to in Article 1(2) of this Regulation, the Authority may develop draft regulatory technical standards. The Authority shall submit its draft regulatory technical standards to the Commission for adoption. At the same time, the Authority shall forward those draft regulatory technical standards for information to the European Parliament and to the Council.

Regulatory technical standards shall be technical, shall not imply strategic decisions or policy choices and their content shall be delimited by the legislative acts on which they are based.

Before submitting them to the Commission, the Authority shall conduct open public consultations on draft regulatory technical standards and shall analyse the potential related costs and benefits, unless those consultations and analyses are highly disproportionate to the scope and impact of the draft regulatory technical standards concerned or in relation to the particular urgency of the matter.

Within three months of receipt of a draft regulatory technical standard, the Commission shall decide whether to adopt it. The Commission shall inform the European Parliament and the Council in due time where the adoption cannot take place within the three-month period. The Commission may adopt the draft regulatory technical standard in part only, or with amendments, where the Union’s interests so require.

Where the Commission intends not to adopt a draft regulatory technical standard or to adopt it in part or with amendments, it shall send the draft regulatory technical standard back to the Authority, explaining why it does not adopt it or explaining the reasons for its amendments.

The Commission shall send a copy of its letter to the European Parliament and to the Council. Within a period of six weeks, the Authority may amend the draft regulatory technical standard on the basis of the Commission’s proposed amendments and resubmit it in the form of a formal opinion to the Commission. The Authority shall send a copy of its formal opinion to the European Parliament and to the Council.

If, on the expiry of that six-week period, the Authority has not submitted an amended draft regulatory technical standard, or has submitted a draft regulatory technical standard that is not amended in a way consistent with the Commission’s proposed amendments, the Commission may adopt the regulatory technical standard with the amendments it considers relevant, or reject it.

The Commission shall not change the content of a draft regulatory technical standard prepared by the Authority without prior coordination with the Authority, as set out in this Article.

2.   Where the Authority has not submitted a draft regulatory technical standard within the time limit set out in the legislative acts referred to in Article 1(2), the Commission may request such a draft within a new time limit. If the Authority cannot comply with that new time limit, it shall inform the European Parliament, the Council and the Commission thereof in due time.

3.   Only where the Authority does not submit a draft regulatory technical standard to the Commission within the time limits in accordance with paragraph 2, may the Commission adopt a regulatory technical standard by means of a delegated act without a draft from the Authority.

The Commission shall conduct open public consultations on draft regulatory technical standards and analyse the potential related costs and benefits, unless such consultations and analyses are disproportionate to the scope and impact of the draft regulatory technical standards concerned or in relation to the particular urgency of the matter.

The Commission shall immediately forward the draft regulatory technical standard to the European Parliament and the Council.

The Commission shall send its draft regulatory technical standard to the Authority. Within a period of six weeks, the Authority may amend the draft regulatory technical standard and submit it in the form of a formal opinion to the Commission. The Authority shall send a copy of its formal opinion to the European Parliament and to the Council.

If on the expiry of the six-week period referred to in the fourth subparagraph, the Authority has not submitted an amended draft regulatory technical standard, the Commission may adopt the regulatory technical standard.

If the Authority has submitted an amended draft regulatory technical standard within the six-week period, the Commission may amend the draft regulatory technical standard on the basis of the Authority’s proposed amendments or adopt the regulatory technical standard with the amendments it considers relevant. The Commission shall not change the content of the draft regulatory technical standard prepared by the Authority without prior coordination with the Authority, as set out in this Article.

4.   The regulatory technical standards shall be adopted by means of regulations or decisions. The words ‘regulatory technical standard’ shall appear in the title of such regulations or decisions. Those standards shall be published in the Official Journal of the European Union and shall enter into force on the date stated therein.

1.   The power to adopt regulatory technical standards referred to in Article 49 shall be conferred on the Commission for a period of four years from 26 June 2024. The Commission shall draw up a report in respect of the delegated power not later than six months before the end of the four-year period. The delegation of power shall be automatically extended for periods of an identical duration.

2.   As soon as it adopts a regulatory technical standard, the Commission shall notify it simultaneously to the European Parliament and to the Council.

3.   The power to adopt regulatory technical standards is conferred on the Commission subject to the conditions laid down in Articles 49, 51 and 52.

1.   The European Parliament or the Council may object to a regulatory technical standard within a period of three months from the date of notification of the regulatory technical standard adopted by the Commission. At the initiative of the European Parliament or the Council that period shall be extended by three months.

2.   If, on the expiry of the period referred to in paragraph 1, neither the European Parliament nor the Council has objected to the regulatory technical standard, it shall be published in the Official Journal of the European Union and shall enter into force on the date stated therein.

The regulatory technical standard may be published in the Official Journal of the European Union and enter into force before the expiry of the period referred to in paragraph 1 if the European Parliament and the Council have both informed the Commission of their intention not to raise objections.

3.   If either the European Parliament or the Council objects to a regulatory technical standard within the period referred to in paragraph 1, it shall not enter into force. In accordance with Article 296 TFEU, the institution which objects shall state the reasons for objecting to the regulatory technical standard.

1.   In the event that the Commission does not endorse a draft regulatory technical standard or amends it as provided for in Article 49, the Commission shall inform the Authority, the European Parliament and the Council, stating its reasons.

2.   Where appropriate, the European Parliament or the Council may invite the responsible Commissioner, together with the Chair of the Authority, within one month of the notice referred to in paragraph 1, for an ad hoc meeting of the competent committee of the European Parliament or the Council to present and explain their differences.

1.   Where the European Parliament and the Council confer implementing powers on the Commission to adopt implementing technical standards by means of implementing acts pursuant to Article 291 TFEU, in the areas specifically set out in the legislative acts referred to in Article 1(2) of this Regulation, the Authority may develop draft implementing technical standards. Implementing technical standards shall be technical, shall not imply strategic decisions or policy choices and their content shall be to determine the conditions of application of those acts. The Authority shall submit its draft implementing technical standards to the Commission for adoption. At the same time, the Authority shall forward those technical standards for information to the European Parliament and to the Council.

Before submitting draft implementing technical standards to the Commission, the Authority shall conduct open public consultations and shall analyse the potential related costs and benefits, unless such consultations and analyses are highly disproportionate to the scope and impact of the draft implementing technical standards concerned or in relation to the particular urgency of the matter.

Within three months of receipt of a draft implementing technical standard, the Commission shall decide whether to adopt it. The Commission may extend that period by one month. The Commission shall inform the European Parliament and the Council in due time where the adoption cannot take place within the three-month period. The Commission may adopt the draft implementing technical standard in part only, or with amendments, where the Union’s interests so require.

Where the Commission intends not to adopt a draft implementing technical standard or intends to adopt it in part or with amendments, it shall send it back to the Authority explaining why it does not intend to adopt it or explaining the reasons for its amendments. The Commission shall send a copy of its letter to the European Parliament and to the Council. Within a period of six weeks, the Authority may amend the draft implementing technical standard on the basis of the Commission’s proposed amendments and resubmit it in the form of a formal opinion to the Commission. The Authority shall send a copy of its formal opinion to the European Parliament and to the Council.

If, on the expiry of the six-week period referred to in the fourth subparagraph, the Authority has not submitted an amended draft implementing technical standard, or has submitted a draft implementing technical standard that is not amended in a way consistent with the Commission’s proposed amendments, the Commission may adopt the implementing technical standard with the amendments it considers relevant or reject it.

The Commission shall not change the content of a draft implementing technical standard prepared by the Authority without prior coordination with the Authority, as set out in this Article.

2.   Where the Authority has not submitted a draft implementing technical standard within the time limit set out in the legislative acts referred to in Article 1(2), the Commission may request such a draft within a new time limit. If the Authority cannot comply with that new time limit, it shall inform the European Parliament, the Council and the Commission thereof in due time.

3.   Only where the Authority does not submit a draft implementing technical standard to the Commission within the time limits in accordance with paragraph 2, may the Commission adopt an implementing technical standard by means of an implementing act without a draft from the Authority.

The Commission shall conduct open public consultations on draft implementing technical standards and analyse the potential related costs and benefits, unless such consultations and analyses are disproportionate to the scope and impact of the draft implementing technical standards concerned or in relation to the particular urgency of the matter.

The Commission shall immediately forward the draft implementing technical standard to the European Parliament and the Council.

The Commission shall send the draft implementing technical standard to the Authority. Within a period of six weeks, the Authority may amend the draft implementing technical standard and submit it in the form of a formal opinion to the Commission. The Authority shall send a copy of its formal opinion to the European Parliament and to the Council.

If, on the expiry of the six-week period referred to in the fourth subparagraph, the Authority has not submitted an amended draft implementing technical standard, the Commission may adopt the implementing technical standard.

If the Authority has submitted an amended draft implementing technical standard within that six-week period, the Commission may amend the draft implementing technical standard on the basis of the Authority’s proposed amendments or adopt the implementing technical standard with the amendments it considers relevant.

The Commission shall not change the content of the draft implementing technical standards prepared by the Authority without prior coordination with the Authority, as set out in this Article.

4.   The implementing technical standards shall be adopted by means of regulations or decisions. The words ‘implementing technical standard’ shall appear in the title of such regulations or decisions. Those standards shall be published in the Official Journal of the European Union and shall enter into force on the date stated therein.

1.   The Authority shall, with a view to establishing consistent, efficient and effective supervisory and FIU-related practices, and to ensuring the common, uniform and consistent application of Union law, issue guidelines and recommendations addressed to supervisory authorities, supervisors, FIUs, or obliged entities.

2.   The Authority shall, where appropriate, conduct open public consultations regarding those guidelines and recommendations and analyse the related potential costs and benefits. Those consultations and analyses shall be proportionate to the scope, nature and impact of the guidelines or recommendations. Where the Authority does not conduct open public consultations, the Authority shall provide its reasons and make them public.

3.   Supervisory authorities, supervisors, FIUs and obliged entities shall make every effort to comply with those guidelines and recommendations.

Within two months of the issuance of a guideline or recommendation, each supervisory authority, supervisor or FIU shall confirm whether it complies or intends to comply with that guideline or recommendation. In the event that a supervisory authority, supervisor or FIU does not comply or does not intend to comply, it shall inform the Authority, stating its reasons.

The Authority shall publish the fact that a supervisory authority, supervisor or FIU does not comply or does not intend to comply with that guideline or recommendation. The Authority may also decide, on a case-by-case basis, to publish the reasons provided by the supervisory authority, supervisor or FIU for not complying with that guideline or recommendation. The supervisory authority, supervisor or FIU shall receive advance notice of such publication.

If required by that guideline or recommendation, obliged entities shall report, in a clear and detailed way, whether they comply with that guideline or recommendation.

4.   In the report referred to in Article 64(4), point (c), the Authority shall list the guidelines and recommendations that it has issued.

5.   The guidelines and recommendations issued by the Authority shall replace the guidelines and recommendations previously issued by the EBA or by supervisors and FIUs on the same subject. Provided that they are still relevant, the guidelines and recommendations issued by the EBA, or by supervisors and FIUs pursuant to Directive (EU) 2015/849 of the European Parliament and of the Council (40) and Regulation (EU) 2023/1113 shall remain applicable until such time as the new guidelines and recommendations issued by the Authority on the same subject start to apply. The Authority shall provide for a suitable transition period for the application of the new guidelines and recommendations.

1.   The Authority may, upon a request from the European Parliament, from the Council or from the Commission, or on its own initiative, provide opinions to the European Parliament, the Council and the Commission on all issues related to its area of competence.

2.   The request referred to in paragraph 1 may include a consultation with other relevant Union bodies where their competence is concerned, a public consultation or a technical analysis.

3.   The Authority may, upon a request from the European Parliament, from the Council or from the Commission, provide technical advice to the European Parliament, the Council and the Commission in the areas covered by the legislative acts referred to in Article 1(2).

1.   The General Board shall have either the supervisory composition laid down in paragraph 2 or the FIU composition laid down in paragraph 3.

2.   The General Board in supervisory composition shall be composed of:

The heads of the supervisory authorities referred to in the first subparagraph, point (b), in each Member State shall share a single vote and shall agree on a single common representative, which shall be either a permanent representative or an ad hoc voting representative, for the purposes of each specific meeting or voting procedure. Where items to be discussed by the General Board in supervisory composition concern the competence of several supervisory authorities, the single common representative may be accompanied by a representative from up to two other supervisory authorities, without the right to vote.

Each supervisory authority that has a voting member under an ad hoc or permanent agreement shall be responsible for nominating a high-level alternate from its authority, who may replace the voting member of the General Board referred to in the second subparagraph where that person is unable to attend.

3.   The General Board in FIU composition shall be composed of:

Each FIU shall nominate a high-level alternate from its unit, who may replace the head of the FIU referred to in the first subparagraph, point (b), where that person is unable to attend.

4.   The General Board may decide to admit observers. In particular, the General Board in FIU composition may admit the representatives of OLAF, Europol, Eurojust and the EPPO as observers to meetings, where matters within the scope of their respective mandates are discussed. The General Board in supervisory composition shall admit a representative nominated by the Supervisory Board of the ECB and a representative of each of the ESAs as observers, where matters within the scope of their respective mandates are discussed.

The circumstances under which the Union institution, bodies, offices and agencies listed in the first subparagraph are to be invited to the meetings of the General Board shall be specified in the rules of procedure of the General Board and reflect an agreement reached between the Authority and each of those observers.

Other observers may be admitted on an ad hoc basis if approved by a two-thirds majority of the voting members of the General Board in the relevant composition.

5.   The Executive Board members may participate in the meetings of the General Board, whether in supervisory composition or FIU composition, without the right to vote, where the items covered by their areas of responsibility as determined by the Chair of the Authority and referred to in Article 66(2) are discussed.

1.   The General Board, on its own initiative or at the request of the Chair of the Authority, may establish internal committees for specific tasks attributed to it. The General Board may provide for the delegation of certain clearly defined tasks and decisions to internal committees, to the Executive Board or to the Chair of the Authority. The General Board may revoke such delegation at any time.

2.   Internal committees shall report to the General Board, for decision, all conclusions reached by them.

3.   The Executive Board members may participate in the meetings of internal committees in accordance with Article 57(5).

4.   The General Board in FIU composition shall establish a standing committee composed of nine of its members or representatives with adequate expertise from their respective national FIU, to support it in performing its tasks pursuant to Article 60(3), including by submitting proposals and preparing draft decisions.

The standing committee shall have no decision-making powers. It shall execute its tasks in the interest of the Union as a whole and shall work in full transparency with the General Board in FIU composition.

The General Board in FIU composition shall adopt the rules of procedure of the standing committee. The composition of the standing committee shall ensure a fair balance and rotation between the members or representatives of national FIUs. Its nine members shall be appointed by the General Board in FIU composition.

1.   When carrying out the tasks conferred upon them by this Regulation, the Chair of the Authority and the members of the General Board in supervisory composition and in FIU composition shall act independently and in the general interest of the Union as a whole and shall neither seek nor take instructions from Union institutions, bodies, offices or agencies, nor from any government or any other public or private body.

2.   Member States, Union institutions, agencies, offices and bodies, and other public or private bodies shall not seek to influence the members of the General Board in the performance of their tasks.

3.   In its rules of procedure, the General Board shall lay down practical arrangements for the prevention and management of conflicts of interest.

1.   The General Board in supervisory composition shall take the decisions relating to the tasks referred to in Articles 7 to 10 as well as any other decision which, pursuant to this Regulation, is to be taken by the General Board in supervisory composition.

2.   The General Board in supervisory composition may provide its opinion on any draft decision prepared by the Executive Board in relation to selected obliged entities, in accordance with Chapter II, Section 3, and Article 64(2).

The General Board in supervisory composition and the Executive Board shall jointly agree on, and adopt, the procedures and timelines to be followed for the purpose of providing the opinion referred to in the first subparagraph.

3.   The General Board in FIU composition shall perform the tasks and adopt the decisions referred to in Article 5(5) and Chapter II, Section 6.

4.   The General Board shall adopt the opinions, recommendations, guidelines and decisions of the Authority referred to in Chapter II, Section 7, in the appropriate composition, having regard to the subject matter of the instrument. Where a given instrument concerns both supervision-related matters and FIU-related matters, the General Board in supervisory composition and the General Board in FIU composition shall each adopt separately those opinions, recommendations, guidelines and decisions. The opinions, recommendations, and guidelines shall be adopted based on a proposal of the relevant internal committee.

5.   The General Board shall vote on the draft regulatory technical standards referred to in Article 49 and the draft implementing technical standards referred to in Article 53 and submit them to the Commission for adoption, in the appropriate composition, having regard to the subject matter of the standards.

6.   The General Board in either composition shall be consulted on the draft decisions to be taken by the Executive Board pursuant to Article 64(4), points (a), (c), (e) and (m). Where the subsequent decision taken by the Executive Board deviates from the opinion of the General Board, the Executive Board shall provide the reasons thereof in writing.

7.   The General Board shall adopt its rules of procedure and make them public.

8.   Without prejudice to Article 63(3) and (4) and Article 68(1) and (2), the General Board shall exercise the powers conferred by the Staff Regulations on the appointing authority and by the Conditions of Employment of Other Servants on the authority empowered to conclude contracts of employment (‘the appointing authority powers’) with regard to the Chair of the Authority and the five full-time members of the Executive Board, throughout their mandate.

1.   Decisions of the General Board shall be taken by a simple majority of its members. Each voting member as determined by Article 57(2) and (3) shall have one vote. In the event of a tied vote, the Chair of the Authority shall have a casting vote.

2.   By way of derogation from paragraph 1 of this Article, the General Board shall, with regard to the acts referred to in Articles 49, 53, 54 and 55 of this Regulation, take decisions on the basis of a qualified majority of its members, as provided for in Article 16(4) TEU.

The Chair of the Authority shall not vote on the decisions referred to in the first subparagraph of this paragraph, the opinions referred to in Article 60(2) or the decisions related to the evaluation of the performance of the Executive Board referred to in Article 63(5).

3.   The members without the right to vote and the observers shall not attend any discussions held within the General Board in supervisory composition relating to individual obliged entities, unless otherwise provided for in the legislative acts referred to in Article 1(2) or otherwise decided upon by the members with the right to vote.

4.   Paragraph 3 shall not apply to the Executive Board members and the ECB representative nominated by the Supervisory Board of the ECB.

5.   The Chair of the Authority shall have the prerogative to call a vote at any time. Without prejudice to that prerogative and to the effectiveness of the Authority’s decision-making procedures, the General Board shall strive for consensus when taking its decisions.

1.   The Chair of the Authority shall convene the meetings of the General Board.

2.   The General Board shall hold at least two ordinary meetings per year. In addition, it shall meet on the initiative of its Chair, or at the request of at least one third of its members.

3.   The General Board may invite any person whose opinion may be of interest to attend its meetings as an observer.

4.   The members of the General Board and their alternates may, subject to its rules of procedure, be assisted at the meetings by advisers or experts.

5.   The General Board shall be assisted by a secretariat provided by the Authority.

6.   The Chair of the Authority and the five full-time members of the Executive Board shall not attend meetings of the General Board where matters concerning the performance of their mandate are discussed or decided upon.

1.   The Executive Board shall be composed of:

Where the Executive Board carries out the tasks referred to in Article 64(4), points (a) to (l), a representative of the Commission shall be entitled to participate in the debates and shall only have access to the documents pertaining to those tasks.

2.   The Executive Director shall participate in meetings of the Executive Board without the right to vote.

3.   Where the decisions referred to in Article 64(2) in relation to a selected obliged entity are deliberated upon, the member of the General Board in supervisory composition from the Member State where the concerned selected obliged entity is established may participate in the deliberations during the relevant meetings of the Executive Board.

That member of the General Board shall not be present during the vote following such deliberations.

4.   The Executive Board members referred to in paragraph 1, point (b), shall be selected on the basis of merit, skills, knowledge, integrity, recognised standing and experience in the area of AML/CFT, and other relevant qualifications, following an open selection procedure which shall be published in the Official Journal of the European Union.

The Commission shall prepare a shortlist of candidates for the position of the Executive Board members referred to in paragraph 1, point (b). The European Parliament may conduct hearings of the candidates on that shortlist.

The General Board shall submit a proposal for the appointment of the Executive Board members referred to in paragraph 1, point (b), to the European Parliament, based on the shortlist prepared by the Commission. Following the European Parliament’s approval of that proposal, the Council shall adopt an implementing decision to appoint those Executive Board members. The Council shall act by qualified majority.

Throughout the appointment process, the principles of gender and geographical balance shall be taken into account to the extent possible.

5.   The term of office of the Executive Board members referred to in paragraph 1, point (b), shall be four years. In the course of the 12 months preceding the end of their four-year term of office, the General Board in both compositions or a smaller committee selected among General Board members, including a Commission representative, shall carry out an assessment of those Executive Board members. The assessment shall take into account an evaluation of each Executive Board member’s performance and the Authority’s future tasks and challenges. Based on the assessment, the General Board in both compositions may propose to the European Parliament to extend their term of office. Such extension may be granted only once. Following the European Parliament’s approval of the General Board’s proposal, the Council shall adopt an implementing decision to extend the term of office of the Executive Board member or members concerned. The Council shall act by qualified majority.

6.   The Executive Board members referred to in paragraph 1, point (b), shall act independently and objectively in the interest of the Union as a whole and shall neither seek nor take instructions from Union institutions, bodies, offices or agencies, or from any government or any other public or private body. The Union institutions, bodies, offices and agencies, the governments of Member States and all other public or private bodies shall respect that independence.

7.   If an Executive Board member referred to in paragraph 1, point (b), no longer fulfils the conditions required for the performance of that member’s duties or has been guilty of serious misconduct, the Council may, acting on its own initiative or following a proposal by the European Parliament or the General Board in either composition, adopt an implementing decision to remove that member of the Executive Board from office. The Council shall act by qualified majority.

8.   During a period of 18 months after ceasing to hold office, the former Executive Board members, including the Chair and Vice-Chair of the Authority, shall be prohibited from engaging in a gainful occupational activity with:

In its rules for the prevention and management of conflicts of interest in respect of its members, referred to in Article 64(4), point (e), the Executive Board shall specify the circumstances under which such a conflict of interest exists or could be perceived to exist.

1.   The Executive Board shall be responsible for the overall planning and execution of the tasks conferred on the Authority pursuant to Article 5. The Executive Board shall adopt all decisions of the Authority with the exception of the decisions that are to be taken by the General Board in accordance with Article 60.

2.   The Executive Board shall adopt the decisions addressed to selected obliged entities for the purposes of the exercise of the powers referred to in Article 6(1), taking into account the proposal of the selected obliged entity’s joint supervisory team referred to in Article 16, the proposal of the independent investigatory team referred to in Article 27, and the opinion provided by the General Board on that proposed decision pursuant to Article 60(2). Where the Executive Board decides to deviate from such an opinion, it shall provide detailed reasons thereof in writing.

3.   The Executive Board shall adopt the decisions addressed to individual public authorities pursuant to Articles 14, 30, and 32 to 36.

4.   In addition, the Executive Board shall have the following tasks:

5.   The Executive Board shall select a Vice-Chair of the Authority from among its voting members. The Vice-Chair shall automatically replace the Chair of the Authority if the Chair is unable to attend to his or her duties.

6.   With respect to the powers referred to in paragraph 4, point (h), of this Article, the Executive Board shall adopt, in accordance with Article 110(2) of the Staff Regulations, a decision based on Article 2(1) of the Staff Regulations and Article 6 of the Conditions of Employment of Other Servants, delegating relevant appointing authority powers to the Executive Director. The Executive Director shall be authorised to sub-delegate those powers.

7.   In exceptional circumstances, the Executive Board may, by way of a decision, temporarily suspend the delegation of the appointing authority powers to the Executive Director and any sub-delegation by the Executive Director and exercise them itself or delegate them to one of its members or to a staff member other than the Executive Director.

1.   By 30 November of each year, the Executive Board shall adopt a single programming document containing a multiannual work programme and an annual work programme, based on a draft put forward by the Executive Director, taking into account the opinion of the Commission and — regarding the multiannual work programme — after consulting the European Parliament. If the Executive Board decides not to take into account any elements of the opinion of the Commission, it shall provide a thorough justification for that decision. The obligation to provide a thorough justification shall also apply to any elements raised by the European Parliament when it is consulted. The Executive Board shall forward the single programming document to the European Parliament, the Council and the Commission.

The single programming document shall become final after the final adoption of the general budget and shall, if necessary, be adjusted accordingly.

2.   The annual work programme shall comprise detailed objectives and expected results, including performance indicators. It shall also contain a description of the actions to be financed and an indication of the financial and human resources allocated to each action, in accordance with the principles of activity-based budgeting and management. The annual work programme shall be coherent with the multiannual work programme. It shall clearly indicate which tasks have been added, changed or deleted in comparison with the previous financial year.

3.   The Executive Board shall amend the adopted annual work programme when a new task is given to the Authority.

Any substantial amendment to the annual work programme shall be adopted by the same procedure as the initial annual work programme. The Executive Board may delegate the power to make non-substantial amendments to the annual work programme to the Executive Director.

4.   The multiannual work programme shall set out overall strategic programming including objectives, expected results and performance indicators. It shall also set out resource programming including multiannual budget and staff.

The resource programming shall be updated annually. The strategic programming shall be updated where appropriate.

1.   The Executive Board shall take decisions by a simple majority of its members. Each member of the Executive Board shall have one vote. The Chair of the Authority, or the Vice-Chair when replacing the Chair, shall have a casting vote in the event of a tied vote.

2.   A representative of the Commission shall have a right to vote whenever matters pertaining to Article 64(4), points (a) to (l), are discussed and decided upon.

3.   The Executive Board’s rules of procedure shall establish more detailed voting arrangements, in particular the circumstances in which a member can act on behalf of another member.

1.   The Executive Board shall, upon a proposal of the Executive Director, designate a Fundamental Rights Officer. The Fundamental Rights Officer may be a member of the existing staff of the Authority.

2.   The Fundamental Rights Officer shall perform the following tasks:

3.   The Executive Board shall ensure that the Fundamental Rights Officer does not seek or take any instructions regarding the exercise of the Officer’s tasks.

4.   The Fundamental Rights Officer shall report directly to the Executive Director and prepare regular reports on the performance of the tasks referred to in paragraph 2. Those reports shall be made available to the Executive Board.

1.   The Chair of the Authority shall be selected on the basis of merit, skills, knowledge, integrity, recognised standing and experience in the area of AML/CFT and other relevant qualifications, following an open selection procedure which shall be published in the Official Journal of the European Union. The European Parliament, the Council and the General Board shall be kept duly informed at every stage of that procedure in a timely manner.

The Commission shall prepare a shortlist of at least two qualified candidates for the position of the Chair of the Authority. The European Parliament and the General Board may conduct hearings of the candidates on that shortlist. The General Board may issue a public opinion on the results of its hearings, or address its opinion to the European Parliament, the Council and the Commission.

The Commission shall submit a proposal for the appointment of the Chair of the Authority to the European Parliament.

Following the European Parliament’s approval of that proposal, the Council shall adopt an implementing decision to appoint the Chair of the Authority. The Council shall act by qualified majority.

By way of derogation from the second subparagraph, for the appointment of the first Chair of the Authority following the entry into force of this Regulation, the Commission shall make a proposal for the appointment of the Chair without the involvement of the General Board.

2.   The Chair of the Authority shall act independently and objectively in the interest of the Union as a whole and shall neither seek nor take instructions from the Union institutions, bodies, offices or agencies nor from any government or from any other public or private body. The Union institutions, bodies, offices and agencies, the governments of the Member States and all other public or private bodies shall respect that independence.

3.   The term of office of the Chair of the Authority shall be four years. In the course of the 12 months preceding the end of the Chair’s four-year term of office, the General Board in both compositions or a smaller committee selected among General Board members including a Commission representative shall carry out an assessment of the Chair. The assessment shall take into account an evaluation of the Chair’s performance and the Authority’s future tasks and challenges. Based on the assessment, the Commission may propose to the European Parliament to extend the Chair’s term of office. Such an extension may be granted only once. Following the European Parliament's approval of the Commission’s proposal, the Council shall adopt an implementing decision to extend the term of office of the Chair of the Authority. The Council shall act by qualified majority.

4.   If the Chair of the Authority no longer fulfils the conditions required for the performance of his or her duties or has been guilty of serious misconduct, the Council may, acting on its own initiative, or following a proposal by the European Parliament or the General Board in either composition, adopt an implementing decision to remove the Chair of the Authority from office. The Council shall act by qualified majority.

5.   If the Chair of the Authority resigns or is unable to attend to his or her duties for any other reason, the functions of the Chair shall be performed by the Vice-Chair.

1.   The Chair of the Authority shall represent the Authority and shall be responsible for preparing the work of the General Board and the Executive Board, including setting the agenda, convening and chairing all the meetings and tabling items for decision.

2.   The Chair of the Authority shall assign to the members of the Executive Board referred to in Article 63(1), point (b), specific areas of responsibility, within the scope of tasks of the Authority, for the duration of their mandate.

1.   The Executive Director shall be engaged as a temporary agent of the Authority under Article 2, point (a), of the Conditions of Employment of Other Servants.

2.   The Executive Director shall perform his or her duties in the interest of the Union, and independently of any specific interests.

3.   The Executive Director shall manage the Authority. The Executive Director shall be accountable to the Executive Board. Without prejudice to the powers of the Commission and of the Executive Board, the Executive Director shall be independent in the performance of his or her duties and shall neither seek nor take instructions from any Union institutions, bodies, offices or agencies, nor from any government or from any other public and private body.

4.   The Executive Director shall be selected on the grounds of merit and documented high-level administrative, budgetary and management skills, following an open selection procedure which shall be published in the Official Journal of the European Union and, as appropriate, other press or internet sites. The Commission shall draw up a shortlist of at least two qualified candidates for the position of Executive Director. The Executive Board shall appoint the Executive Director.

5.   The term of office of the Executive Director shall be five years. In the course of the nine months preceding the end of the Executive Director’s term of office, the Executive Board shall undertake an assessment that takes into account an evaluation of the Executive Director’s performance and the Authority’s future tasks and challenges. The Executive Board, taking into account the evaluation, may extend the term of office of the Executive Director once.

The Executive Director may be removed from office by the Executive Board on the proposal of the Commission.

6.   An Executive Director whose term of office has been extended shall not participate in another selection procedure for the same post at the end of the extended term of office.

1.   The Executive Director shall be responsible for the day-to-day management of the Authority and shall aim to ensure gender and, to the extent possible, geographical balance within the Authority. In particular, the Executive Director shall be responsible for:

2.   The Executive Director shall take other necessary measures, notably the adoption of internal administrative instructions and the publication of notices, to ensure the functioning of the Authority, in accordance with this Regulation.

3.   The Executive Director shall decide whether it is necessary to locate one or more staff members in one or more other Member States for the purpose of carrying out the Authority’s tasks in an efficient and effective manner. Before deciding to establish a local office, the Executive Director shall obtain the prior consent of the Commission, the Executive Board and any Member State concerned. The decision shall specify the scope of the activities to be carried out at the local office in a manner that avoids unnecessary costs and duplication of administrative functions of the Authority. An agreement with the Member State or Member States concerned shall be concluded accordingly.

1.   The Authority shall establish an Administrative Board of Review for the purposes of carrying out an internal administrative review of the decisions taken by the Authority in the exercise of the powers listed in Articles 21, 22, 23 and 77. The scope of the internal administrative review shall pertain to the procedural and substantive conformity of such decisions with this Regulation.

2.   The Administrative Board of Review shall be composed of five individuals of high repute, having a proven record of relevant knowledge and professional experience, including supervisory experience in the area of AML/CFT, excluding current staff of the Authority, as well as current staff of AML/CFT supervisory authorities and FIUs or other national or Union institutions, bodies, offices and agencies who are involved in the carrying out of the tasks conferred on the Authority by this Regulation. The Administrative Board of Review shall have sufficient resources and expertise to assess the exercise of the powers of the Authority under this Regulation.

3.   The Administrative Board of Review shall decide on the basis of a majority of at least three of its five members.

1.   The members of the Administrative Board of Review and two alternates shall be appointed by the General Board in supervisory composition for a term of five years, which may be extended once, following a public call for expressions of interest published in the Official Journal of the European Union. They shall not be bound by any instructions.

2.   The members of the Administrative Board of Review shall act independently and in the public interest and shall not perform any other duties within the Authority. For that purpose, they shall make a public declaration of commitments and of interests indicating any direct or indirect interest which might be considered prejudicial to their independence or the absence of any such interest.

1.   A request for review may be brought before the Administrative Board of Review against decisions taken by the Authority pursuant to Article 6(1) and Articles 21, 22, 23 and 77 by any natural or legal person to whom the decision is addressed, or to whom it is of direct and individual concern.

2.   Any request for review shall be made in writing, including a statement of grounds, and shall be lodged with the Authority within one month of the date of notification of the decision to the person requesting the review, or, in the absence thereof, of the day on which it came to the knowledge of the person requesting the review.

3.   After ruling on the admissibility of the request for review, the Administrative Board of Review shall express an opinion within a period appropriate to the urgency of the matter and in any event no later than two months from the receipt of the request, and remit the case for preparation of a new decision to the Executive Board. The Executive Board shall take into account the opinion of the Administrative Board of Review and shall promptly adopt a new decision. The new decision shall abrogate the initial decision and replace it with either a decision of identical content or an amended decision.

4.   A request for review pursuant to paragraph 2 may include a request to suspend the application of the decision subject to review proceedings. The Administrative Board of Review may, if it considers that the circumstances so require and taking into account the view of the Executive Board, order that application of the decision in question be suspended until the Executive Board adopts a new decision pursuant to paragraph 3. If the Administrative Board of Review does not decide on the request for suspension within 14 days, that request shall be deemed to be rejected.

5.   The opinion expressed by the Administrative Board of Review, and the new decision adopted by the Executive Board pursuant to this Article, shall be reasoned and notified to the parties.

6.   The Authority shall adopt a decision establishing the Administrative Board of Review’s rules of procedure.

1.   The members of the Administrative Board of Review shall not take part in any review proceedings if they have any personal interest in the proceedings, if they have previously been involved as representatives of one of the parties to the proceedings, or if they participated in the adoption of the decision under review.

2.   If, for one of the reasons listed in paragraph 1 or for any other reason, a member of the Administrative Board of Review considers that he or she is not to take part in a review proceeding, he or she shall inform the Administrative Board of Review accordingly.

3.   Any party to the review proceedings may object to any member of the Administrative Board of Review on any of the grounds listed in paragraph 1, or if the member is suspected of partiality. Any such objection shall not be admissible if the party to the review proceedings, while being aware of a ground for objecting, has taken a procedural step. No objection shall be permitted to be made based on the nationality of members.

4.   The Administrative Board of Review shall decide on the action to be taken in the cases referred to in paragraphs 2 and 3 without the participation of the member concerned. For the purposes of taking that decision, the member concerned shall be replaced on the Administrative Board of Review by his or her alternate.

1.   The Staff Regulations and the Conditions of Employment of Other Servants as well as the rules adopted by agreement between the institutions of the Union for giving effect to those Staff Regulations and Conditions of Employment of Other Servants shall apply to the staff of the Authority for all matters not covered by this Regulation.

2.   By way of derogation from paragraph 1 of this Article, the Chair of the Authority and the Executive Board members referred to in Article 63(1), point (b), shall be on a par with, respectively, a Member and the Registrar of the General Court regarding emoluments and pensionable age, as defined in Council Regulation (EU) 2016/300 (43). For aspects not covered by this Regulation or by Regulation (EU) 2016/300, the Staff Regulations and the Conditions of Employment of Other Servants shall apply by analogy.

3.   The Executive Board, in agreement with the Commission, shall adopt the necessary implementing measures in accordance with the arrangements provided for in Article 110 of the Staff Regulations.

4.   The Authority may make use of seconded national experts or other staff not employed by the Authority including FIU delegates.

5.   The Executive Board shall adopt rules regarding staff from Member States to be seconded to the Authority and update them as necessary. Those rules shall include, in particular, the financial arrangements related to those secondments, including insurance and training. Those rules shall take into account the fact that the members of staff are seconded and are to be deployed as staff of the Authority. They shall include provisions on the conditions of deployment. Where relevant, the Executive Board shall aim to ensure consistency with the rules applicable to reimbursement of the mission expenses of the statutory staff.

1.   Members of the General Board and the Executive Board, and all members of staff of the Authority, including officials seconded by Member States on a temporary basis, as well as all other persons carrying out tasks for the Authority on a contractual basis, shall be subject to the requirements of professional secrecy pursuant to Article 339 TFEU and Article 67 of Directive (EU) 2024/1640, including after their duties have ceased.

2.   The Executive Board shall ensure that individuals who provide any service, directly or indirectly, permanently or occasionally, relating to the tasks of the Authority, including officials and other persons authorised by the Executive Board or appointed by the public authorities and FIUs for that purpose, are subject to requirements of professional secrecy equivalent to those provided for in paragraph 1.

3.   For the purpose of carrying out the tasks conferred on it by this Regulation, the Authority shall be authorised, within the limits and under the conditions set out in the acts referred to in Article 1(2), to exchange information with Union or national authorities and bodies in the cases where those acts allow financial supervisors to disclose information to those entities or where Member States can provide for such disclosure under the applicable Union law.

4.   The Authority shall establish practical arrangements for implementing the confidentiality rules referred to in paragraphs 1 and 2.

5.   The Authority shall apply Commission Decision (EU, Euratom) 2015/444 (44).

1.   The Authority shall adopt its own security rules equivalent to the Commission’s security rules for protecting European Union Classified Information (EUCI) and sensitive non-classified information, as set out in Commission Decision (EU, Euratom) 2015/443 (45) and Decision (EU, Euratom) 2015/444. The security rules of the Authority shall cover, inter alia, provisions for the exchange, processing and storage of such information. The Executive Board shall adopt the Authority’s security rules following approval by the Commission.

2.   Any administrative arrangement on the exchange of classified information with the relevant authorities of a third country or, in the absence of such arrangement, any exceptional ad hoc release of EUCI to those authorities, shall be subject to the Commission’s prior approval.

1.   The Authority shall have in place dedicated reporting channels for receiving and handling information provided by persons reporting actual or potential breaches of:

2.   The persons reporting through those channels and the persons concerned shall enjoy the protection of Directive (EU) 2019/1937, where applicable.

3.   Following the submission of reports pursuant to Article 60(4) of Directive (EU) 2024/1640 by supervisory authorities in the non-financial sector, the Authority shall be able to request additional information from those supervisory authorities on how they followed up on the reports received. Those supervisory authorities shall promptly provide the requested information but shall not disclose information that may lead to the identification of the reporting person.

1.   The Authority shall establish and maintain close cooperation with the ESAs, in particular when developing draft regulatory or implementing technical standards, guidelines or recommendations within the remit of their respective tasks.

2.   By 27 June 2025, the Authority shall conclude a memorandum of understanding with the ESAs setting out how they intend to cooperate in the performance of their tasks under Union law.

1.   The Authority shall cooperate and exchange information with non-AML/CFT authorities and, on a need-to-know and confidential basis, with other national authorities and bodies competent for ensuring compliance with Directives 2009/110/EC, 2009/138/EC, 2014/17/EU, 2014/65/EU and (EU) 2015/2366, and with the ESAs, within the boundaries of their respective mandates.

2.   The Authority shall conclude a memorandum of understanding with the prudential authorities as defined in Article 4(1), point (40), of Regulation (EU) No 575/2013, the ESAs and the other national authorities competent for ensuring compliance with Regulation (EU) 2023/1114, setting out in general terms how they will cooperate and exchange information in the performance of their supervisory tasks under Union law in relation to selected and non-selected obliged entities.

Where it deems it necessary, the Authority may also conclude a memorandum of understanding with any of the other authorities or bodies referred to in paragraph 1 setting out in general terms how they will cooperate and exchange information in the performance of their supervisory tasks under Union law in relation to selected and non-selected obliged entities.

3.   By 27 June 2025, the Authority and the ECB shall conclude a memorandum of understanding setting out the practical modalities for cooperation and for exchanging information in the performance of their respective tasks under Union law.

4.   The Authority shall ensure effective cooperation and information exchange between all supervisory authorities in the AML/CFT supervisory system and the relevant authorities and bodies referred to in paragraph 1, including with regard to access to any information and data in the central AML/CFT database referred to in Article 11.

1.   Where relevant for the fulfilment of the tasks referred to in Chapter II, the Authority may set up cross-border partnerships for information sharing, in accordance with fundamental rights and judicial procedural safeguards, or participate in partnerships for information sharing established in one or across several Member States with the objective of supporting the prevention and combating of money laundering, its predicate offences and terrorist financing. Participation of the Authority in an already existing partnership shall be subject to the agreement of the authorities that have established such a partnership.

2.   Where the Authority sets up a cross-border partnership for information sharing, it shall ensure that the partnership complies with the requirements of Article 75(3), (4) and (5) of Regulation (EU) 2024/1624. In addition to obliged entities, the Authority may invite the competent authorities referred to in Article 2(1), point (44), points (a), (b) and (c), of that Regulation, as well as Union bodies, offices and agencies which have a role in the prevention and combating of money laundering, its predicate offences and terrorist financing, to take part in the partnership, where such participation is relevant for the fulfilment of their tasks and powers. Upon the unanimous consent of the participating members, other third parties may be invited to participate, on an occasional basis, in meetings of the partnership, where relevant.

1.   The Authority may conclude working arrangements with Union institutions, Union decentralised agencies and other Union bodies, acting in the field of law enforcement and judicial cooperation. Those working arrangements may be of a strategic, operational or technical nature, and shall in particular aim to facilitate cooperation and the exchange of information between the parties thereto. The working arrangements shall neither form the basis for allowing the exchange of personal data nor bind the Union or its Member States.

2.   The Authority shall establish and maintain a close relationship with OLAF, Europol, Eurojust, and the EPPO. To that end, the Authority shall conclude separate working arrangements with OLAF, Europol, Eurojust and the EPPO setting out the details of their cooperation. The relationship shall aim in particular to ensure the exchange of operational and strategic information and trends in relation to ML/TF threats facing the Union.

3.   In order to promote and facilitate smooth cooperation between the Authority and Europol, Eurojust and the EPPO, the working arrangements with them shall in particular provide for the possibility of posting liaison officers at each other’s premises, and lay down conditions to that end.

1.   In order to achieve the objectives set out in this Regulation, and without prejudice to the respective competences of the Member States and the Union institutions, the Authority may develop contacts and enter into administrative arrangements with AML/CFT authorities in third countries that have regulatory, supervisory and FIU-related competences in the field of AML/CFT as well as with international organisations and third-country administrations. Those arrangements shall not create legal obligations in respect of the Union and its Member States nor shall they prevent Member States and their competent authorities from concluding bilateral or multilateral arrangements with those third countries.

2.   The Authority may develop model administrative arrangements with a view to establishing consistent, efficient and effective practices within the Union and to strengthening international coordination and cooperation in the fight against ML/TF. Supervisory authorities and FIUs shall make every effort to follow such model arrangements.

3.   In cases where the interaction between, on the one hand, several Union supervisory authorities and FIUs with, on the other hand, third-country authorities, concerns matters falling within the scope of the Authority’s tasks as set out in Article 5, the Authority shall have a leading role in facilitating such interaction where necessary. That role of the Authority shall be without prejudice to regular interactions by supervisory authorities and FIUs with third-country authorities.

4.   The Authority shall, within its powers pursuant to this Regulation and to the legislative acts referred to in Article 1(2), contribute to the united, common, consistent and effective representation of the Union’s interests in international fora, including by assisting the Commission in its tasks relating to the Commission’s membership of the Financial Action Task Force and by supporting the work and objectives of the Egmont Group of Financial Intelligence Units.