Incomplete guidance and data quality challenges are making it difficult for financial services firms to meet the rules of the EU’s Anti-Money Laundering (AML) Package regulations, according to PwC research.
A survey carried out by PwC Luxembourg found that only a third of the 500 firms questioned across 40 EMEA countries will be ready for the July 2027 AML regulation deadline.
PwC found that companies are struggling because full guidelines on the regulations, known as regulatory technical standards (RTS), are not yet available and, from a technological point of view, they are finding it difficult to provide the data demanded by regulators.
“The regulation has a very aggressive timeline and there is a lot of work in progress on the specific details while the [compliance] deadline is not moving,” said Michael Weis, anti-financial crime leader at PwC Luxembourg.
But, while incomplete guidance from regulators is cited as a reason for firms falling short of compliance, Weis urged them to do what they can now.
“When part of the regulation or part of the details are not known yet, it’s not a good reaction to say, ‘Let’s wait and see, let’s wait until we know everything before we start analysing’,” Weis told Computer Weekly.
“Don’t lose time,” he warned.
The EU AML Package was adopted in 2024 in an attempt to harmonise anti-money laundering rules across Europe. It established a new central authority –AMLA, based in Frankfurt
“Our findings show many institutions are still in the early stages of preparing for the EU AML Package, with readiness varying widely across sectors and jurisdictions,” said Weis. “As implementation advances, the key test will be whether firms can translate the new rulebook and related RTS documents into scalable operating models supported by strong data and technology foundations.”
Data quality challenge
Data quality continues to be the most important barrier to advanced technology and artificial intelligence (AI) adoption, according to 89% of electronic and virtual payments firms, 64% of banks and insurance companies, and 52% of asset and wealth management (AWM) companies in the EMEA region.
The PwC figures revealed that 30% of banks believe they will need a significant change in their overall data structure to meet regulations, with 46% of AWM firms facing the same challenges, along with 39% of insurers and 43% of e-payment service providers.
Weis said there is a “spectrum of information” being demanded by regulators as part of the EU AML Package. This includes transaction volumes, data on alerts that are generated for suspicious activity, and the breakdown of risk profiles – high-, medium- and low-risk customers, and the type of customers.
Weis said part of the challenge for big banks is the existence of “massive legacy systems”, with the data sitting across different systems. “You first need to develop the extraction and the reporting,” he added.
Other survey findings revealed that over half of financial institutions across the EMEA region anticipate “significant operational disruption” due to sustained compliance pressure. About a third expect costs to rise by 10% to 30% in the coming years.
The survey also revealed that 61% of banks and 57% of AWM firms in the EMEA region plan to introduce new technologies in transaction monitoring to support their compliance with the regulations.
