RegTech misuse drives compliance failures, says EBA

EBA

The European Banking Authority (EBA) has raised concerns over the increasing money laundering and terrorist financing (ML/TF) risks across the EU financial sector in its latest 2025 Opinion.

The report identifies emerging vulnerabilities stemming from geopolitical instability, regulatory changes, and digital transformation, which are reshaping the compliance landscape for financial institutions.

One of the most pressing findings is that 70% of competent authorities observed high or growing ML/TF risks in the FinTech sector. The report cites poor governance frameworks and underdeveloped AML/CTF systems, with many FinTech firms prioritising rapid growth over regulatory compliance. This is a significant concern as these firms continue to expand in influence across the European market.

The RegTech sector also came under scrutiny. More than half of the serious compliance failures reported to the EBA’s EuReCA database involved the misuse of regulatory technology. Despite the sector’s potential to strengthen compliance operations, a lack of in-house expertise and oversight has led to ineffective deployment and, in some cases, exacerbated vulnerabilities instead of mitigating them.

Crypto-asset service providers (CASPs) remain a high-risk segment, with the number of authorised firms increasing 2.5 times from 2022 to 2024. Many of these providers are operating without robust AML/CFT controls, and some have allegedly sought to avoid regulatory scrutiny altogether. This growing sector continues to challenge regulators attempting to strike a balance between innovation and financial crime prevention.

The EBA also warns about the evolving threat of AI-powered criminal activity. Criminal networks are increasingly using artificial intelligence to automate laundering schemes, forge identity documents, and bypass detection mechanisms. Financial institutions are struggling to keep pace, underscoring the need for responsible AI adoption and strong monitoring systems.

On sanctions compliance, the Opinion highlights difficulties faced by institutions in navigating the complex EU sanctions landscape. Many lack sufficient infrastructure to ensure proper implementation of restrictive measures. To address this, the EBA will introduce new harmonised Guidelines at the end of 2025 to promote consistency and compliance across member states.

EBA chair José Manuel Campa said, “A careful and effective implementation of the new EU AML/CFT legislative framework will be essential to ensure that AML/CFT defences across the EU are effective, robust and consistent. We also urge supervisors and financial institutions to focus their efforts on strengthening ML/TF risk management, in line with the findings and expectations outlined in our Opinion.”

The Opinion was issued in line with Article 6(5) of the Fourth EU Anti-Money Laundering Directive (EU 2015/849), which mandates a biennial risk assessment by the EBA. The results contribute to the European Commission’s Supranational Risk Assessment (SNRA) and guide national authorities and EU policy priorities.

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.