Europe’s anti-money laundering (AML) system is teetering on the edge of structural failure, and financial institutions may soon struggle to comply with new regulatory expectations—unless they embrace AI-driven monitoring and customer screening, according to a new study from ThetaRay.
The report, Next-Generation AML Solutions: An Analysis of AI-Based Tools vis-à-vis the Reform of the European AML Institutional and Substantive Architecture, combines academic and operational insight from Prof. Andrea Minto of Ca’ Foscari University of Venice and the University of Stavanger, alongside Yaron Hazan, ThetaRay’s VP of Regulatory Affairs and former Head of Compliance at HSBC Israel. It provides a sweeping evaluation of how the EU’s AML reform package and the upcoming AI Act will reshape compliance across Europe.
Legacy Systems Falling Behind
Despite rising budgets and stricter enforcement, Europe’s AML framework is underperforming. Key findings include:
- FATF reports that 97% of 120 assessed countries show only low to moderate effectiveness in combating money laundering.
- Intelligence yield from EU Financial Intelligence Units (FIUs) is extremely low: the Netherlands flagged fewer than 3.5% of 3.48 million 2024 reports as suspicious, while France’s Tracfin had only ~5% actionable SARs.
- Germany investigates just 15% of SARs, with 95% of cases ending without prosecution.
- Operational studies indicate traditional rule-based detection triggers reporting in just 2% of cases.
“The data is clear: Europe’s AML system is no longer keeping pace with financial complexity,” said Hazan. “Institutions have been trapped in cycles of rule tuning, manual investigations, and defensive reporting. Failing to adopt AI under the new regulatory regime will become a compliance vulnerability.”
The Regulatory Shift: AML Package Meets AI Act
The study emphasizes that the EU’s AML Package and AI Act together represent the most significant regulatory overhaul in decades. Key changes include:
- Strengthened due diligence and governance requirements, with a new EU-level Anti-Money Laundering Authority (AMLA).
- Classification of transaction monitoring and sanctions screening as “high-risk” AI applications, mandating transparency, human oversight, and rigorous model governance.
- Heightened scrutiny of correspondent banking and crypto-asset flows, where legacy systems struggle to detect complex, cross-border networks.
- Potential friction with GDPR, creating overlapping legal and regulatory risks if institutions fail to harmonize AI-enabled monitoring with privacy requirements.
A Call for Intelligence-Led AML
ThetaRay’s study advocates for a move away from volume-driven alerting toward intelligence-led detection. Recommendations include:
- Hybrid human-AI oversight and integrated screening workflows.
- Robust data governance aligned with AI Act mandates.
- Explainable, transparent AI models capable of reducing false positives and improving actionable intelligence.
“Europe’s new AML framework fundamentally raises the standard for effective compliance,” said Minto. “The AML Package and AI Act make clear that integrating AI into monitoring is no longer optional. Technological capability and legal obligation are now inseparable.”
The report positions AI not as a luxury but as a regulatory necessity for institutions aiming to meet Europe’s rising AML expectations and reduce the operational burden of low-yield, rule-based systems.
