Financial Services

AMLA signs MoUs with ECB-SSM and ESAs on cooperation and information exchange in the performance of their respective tasks

Written by

Dr. Michael Huertas

RegCORE Client Alert | Banking Union, Capital Markets Union, Insurance Union, EU Digital Single Market

QuickTake

On 27 June 2025, the EU’s new Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) signed a Memorandum of Understanding (MoU) with the European Central Bank (ECB), acting in its role at the head of the Single Supervisory Mechanism (SSM). Available here.Show Footnote On 3 July 2025, the European Supervisory Authorities (ESAs – comprised of the European Banking Authority, the European Securities and Markets Authority and the European Insurance and Occupational Pensions Authority) announced the conclusion of a multilateral MoU on information exchange and cooperation between the authorities. Available here.Show Footnote Both MoUs, as mandated by the Regulation establishing the AMLA (AMLAR) Regulation (EU) 2024/1620 of the European Parliament and of the Council of 31 May 2024 establishing the Authority for Anti-Money Laundering and Countering the Financing of Terrorism and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010 and (EU) No 1095/2010, available here.Show Footnote aims to enhance the efficiency, effectiveness and legal compliance of both anti-money laundering/countering the financial of terrorism (AML/CFT) and prudential supervision.

As explored in this Client Alert, AMLA’s MoU with the ECB-SSM and the multilateral MoU with the ESAs set out practical arrangements for collaboration, reciprocal representation, secure and systemic information sharing, confidentiality safeguards, and coordinated crisis management, aiming to strengthen both AML/CFT and prudential supervision across the EU banking and wider financial services sector. While both MoUs are entered into at the EU-institutional level they will also have follow-on impacts for respective national competent authorities (NCAs) that interact with the ECB-SSM, the ESAs and with AMLA.

Key takeaways

The MoUs are not merely an instrument for information exchange; they each establish a framework that operationalises the EU’s step to centralise and elevate AML/CFT oversight from respective NCAs to a unified EU level. By putting into place arrangements for cooperation and information exchange, the MoUs seek to optimise supervisory effectiveness, drive efficiency and eliminate duplicative efforts across prudential and AML/CFT domains. Crucially, the MoUs empower AMLA with direct supervisory authority over a defined subset of high-risk financial institutions – termed “selected obliged entities” – which are particularly vulnerable to cross-border money laundering threats. These include payment institutions, crypto-asset service providers (CASPs), and, in certain circumstances, banks that are simultaneously subject to the ECB-SSM’s prudential remit. The arrangement is inherently self-reinforcing, as AMLA’s parallel MoUs with the ESAs ensure a harmonised and mutually supportive supervisory ecosystem, enhancing the collective supervisory capacity of all authorities involved.

The multilateral MoU concluded among the ESAs represents another cornerstone in the EU’s strategy to foster cross-sectoral supervisory convergence. This latter MoU also aims to establish a comprehensive and pragmatic framework for inter-authority cooperation, promote the diffusion of best-practices, and underpin capacity building in areas of shared regulatory interest. By formalising these collaborative mechanisms, the MoU not only strengthens the consistency of supervisory approaches across the EU’s financial sector but also supports the development of a unified regulatory culture. Both MoUs ultimately bolster AMLA’s operational arrangements with other key authorities, creating a unified system of oversight that is greater than the sum of its parts.

A. AMLA’s MoU with the ECB-SSM

The MoU signed with the ECB-SSM sets out a comprehensive framework for collaboration between the ECB-SSM and AMLA, focusing on the following core areas:

1. Principles and scope of cooperation

  • The MoU sets out general terms for cooperation, including the exchange of information, to ensure efficient and timely collaboration while respecting the autonomy of each authority’s roles and competencies.
  • Cooperation extends to ongoing and onsite supervision, crisis management, and coordination in supervisory activities, particularly where both authorities have responsibilities regarding the same credit institution or group.

2. Institutional representation and policy coordination

  • The MoU provides for reciprocal institutional representation, allowing the Chair of AMLA to participate as an observer in relevant ECB-SSM Supervisory Board meetings, and vice versa for the ECB-SSM in AMLA’s General Board.
  • Regular bilateral meetings between the Chairs of both authorities are envisaged to discuss supervisory priorities and foster policy consistency.
  • The framework supports joint development of regulatory products, such as guidelines or technical standards, relevant to both AML/CFT and prudential supervision.

3. Communication and information exchange

  • Direct communication channels are established between relevant units and responsible persons, with English as the working language.
  • Information is exchanged via secure channels, with systematic sharing of key supervisory documents as detailed in the MoU’s Annex.
  • The MoU distinguishes between information to be shared automatically, upon simple written request, or following a formal written request, depending on the nature and sensitivity of the information.
  • Provisions are included for information exchange on own initiative, particularly in the context of emerging crises or significant supervisory findings.

4. Confidentiality and permissible use of information

  • The MoU underscores the importance of mutual trust and confidentiality, requiring that exchanged information be used exclusively for lawful purposes related to each authority’s mandate.
  • Confidential information is protected under Union law, with disclosure to third parties subject to strict conditions and, where necessary, the originating authority’s consent.
  • Obligations regarding confidentiality survive termination of the MoU.

5. Joint actions and crisis management

  • The authorities commit to close cooperation and, where relevant, coordination in the exercise of supervisory powers, including the imposition of sanctions, administrative measures, or withdrawal of authorisations in cases of serious AML/CFT breaches.
  • The MoU provides for prompt information sharing and coordinated responses in emergency situations affecting supervised credit institutions.

6. Knowledge exchange and IT cooperation

  • The MoU also encourages knowledge sharing through joint trainings, conferences, and staff exchanges.
  • The authorities may cooperate on the design and operation of IT tools to support supervision and information exchange, including joint procurement initiatives. 

7. Governance, review and termination

  • The MoU is a statement of intent, which is not legally binding, and does not create enforceable rights for third parties.
  • It may be reviewed every two years or earlier by mutual agreement, and amendments require written consent.
  • Either party may terminate the MoU with six months’ notice, with confidentiality obligations continuing post-termination.

While both ECB-SSM/AMLA and ESAs/AMLA MoUs are foundational to the EU’s new AML supervisory regime, they differ in scope, operational focus and thus in terms of their market impact.

B. Multilateral MoU with the ESAs

The multilateral MoU signed with the ESAs sets out a comprehensive framework for collaboration between the ESAs and AMLA, focusing on the following core areas:

1. Principles and scope of cooperation

  • The multilateral MoU between AMLA and the ESAs establishes a structured framework for cooperation and information exchange. The multilateral MoU is grounded in the principle of sincere cooperation as enshrined in the EU Treaties and is designed to ensure efficient, effective, and timely collaboration in the performance of each Authority’s tasks under EU law.
  • The scope of cooperation covers all areas relevant to AML/CFT tasks, including the development of regulatory and technical standards, guidelines, and recommendations.

2. Institutional representation and policy coordination

  • The multilateral MoU provides for reciprocal institutional representation to foster policy alignment and coordination. Representatives from the ESAs are invited to attend AMLA’s General Board meetings in a supervisory capacity, while AMLA representatives may attend the ESAs’ Board of Supervisors as observers – both without voting rights. This arrangement extends to participation in standing and temporary committees, as well as working groups, where mandates are relevant to the respective Authorities.
  • The Authorities also commit to regular meetings at the level of their Chairs, at least twice a year, to discuss priorities, collaboration opportunities, and to update each other on relevant topics and deliverables. This ensures that policy development and supervisory approaches are harmonised and that each Authority’s views are communicated and considered at Board level.

3. Communication and information exchange

  • A central feature of the multilateral MoU is the commitment to both regular and ad-hoc information exchange. The Authorities agree to share all information necessary for the effective discharge of their functions, particularly where it relates to risks and AML/CTF breaches, financial soundness, solvency, conduct and broader financial stability.
  • The ESAs are required to provide AMLA with information that gives reasonable grounds to suspect activity that can lead to AML/CTF breaches or heightened risk, including data arising from business model changes, authorisation procedures, fit and proper assessments and governance shortcomings.
  • Conversely, AMLA must share relevant AML/CFT information with the ESAs where it may impact the safety and soundness of financial institutions or critical third-party providers. Ad-hoc requests for information are permitted, with the receiving Authority required to respond on a need-to-know and confidential basis, or to provide a reasoned justification for any refusal. Contact points are nominated within each Authority to facilitate communication and coordination.

4. Confidentiality and Permissible Use of Information

  • All information exchanged under the multilateral MoU is subject to strict professional secrecy and confidentiality requirements, as established in the respective laws and regulations of the Authorities.
  • Confidential information, documents, or materials may not be disclosed to third parties unless permitted or required by law, and the originating Authority must be informed of any such disclosure. The use of confidential information is strictly limited to the exercise of the Authorities’ respective tasks and duties. Information exchange is conducted through secure tools to ensure confidentiality and any personal data exchanged is processed solely for legitimate purposes in accordance with Regulation (EU) 2018/1725.

5. Joint Actions and Crisis Management

  • The multilateral MoU recognises the need for joint action in situations where comprehensive and effective responses are required. The Authorities commit to informing each other of situations where joint action may be necessary, particularly in response to specific issues or crises that span multiple sectors or jurisdictions.
  • The framework allows for coordinated supervisory or enforcement action, leveraging the collective expertise and mandates of the participating Authorities to address emerging risks or incidents in a unified manner.

6. Knowledge Exchange and IT Cooperation

  • The Authorities acknowledge the mutual benefit of exchanging general information related to their respective fields of competence. This includes participation in trainings, conferences, and workshops, with staff members from each Authority invited on a case-by-case basis. Each Authority is responsible for its own expenses related to such knowledge exchange sessions.
  • While the multilateral MoU does not explicitly detail IT cooperation, the secure exchange of information and the use of appropriate tools for maintaining confidentiality and data protection are integral to the operationalisation of the agreement.

7. Governance, review and termination

  • The multilateral MoU establishes clear governance mechanisms for its operation. Disputes regarding interpretation, application, or performance are to be resolved amicably through direct negotiation, escalating to the Chairs of the Authorities if necessary.
  • The effectiveness of cooperation and information exchange under the multilateral MoU is to be reviewed every two years, or earlier if deemed necessary. Amendments require mutual consent and must be made in writing.
  • The multilateral MoU may be terminated by any Authority with thirty days’ written notice, but obligations relating to confidentiality and cooperation under applicable law continue post-termination. The multilateral MoU is published on the websites of the AMLA and the ESAs, ensuring transparency.

Reinforcing differences between the MoUs

AMLA’s MoU with the ECB-SSM is distinguished by its dual emphasis on prudential and AML/CFT supervision, reflecting the unique intersection of mandates where certain credit institutions fall under both authorities’ direct oversight. This arrangement introduces a new layer of integrated supervision for high-risk entities, with AMLA assuming a direct supervisory role that complements the ECB’s prudential function.

In contrast, the AMLA’s multilateral MoU with the ESAs is oriented towards fostering horizontal convergence and knowledge sharing across the broader financial sector, without conferring direct supervisory powers. For market participants, these distinctions are significant: institutions designated as “selected obliged entities” will experience a more intensive, centralised supervisory approach, while the broader sector benefits from enhanced regulatory consistency and cross-sectoral learning.

Collectively AMLA’s MoUs operationalise a decisive shift towards a more unified, risk-based and EU-level approach to AML/CFT supervision with far-reaching implications for compliance expectations, supervisory engagement, and the overall integrity of the EU financial system. 

Outlook

Both MoUs represent a significant step in operationally aligning AML/CFT and prudential supervision at the EU level, reflecting the increasing interdependence of financial stability and the integrity of the financial system. Credit institutions and other market participants should expect enhanced coordination between AMLA and the ECB-SSM as well as the ESAs, particularly in areas of joint supervisory interest, crisis management and policy development. The systematic and secure exchange of supervisory information, coupled with strengthened confidentiality safeguards, is expected to improve the effectiveness of both AML/CFT and prudential oversight across the EU’s banking and wider financial services sector.

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.

Moreover, we have developed a number of RegTech and SupTech tools for supervised firms, including PwC Legal’s Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 1,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business.

Moreover, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms’ relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.

If you would like to discuss any of the developments mentioned above, or how they may affect your business more generally, please contact any of our key contacts or PwC Legal’s RegCORE Team via de_regcore@pwc.com or our website.