AMLD6: Comfort in Your AML Controls or 10% Turnover Fines?

 
 

Executive Summary

AMLD6 significantly raises expectations around how financial institutions demonstrate the effectiveness, consistency, and defensibility of their anti-money laundering (AML) controls. This paper demonstrates how leading institutions are using contextual intelligence to meet those expectations in practice. It shows how DataWalk enables AML teams to:

  • Close structural blindspots in existing AML architectures Connect siloed systems into a unified intelligence layer without disruptive replacement programs.
  • Apply enhanced due diligence in full context Examine customer behavior, transaction activity, jurisdictional exposure, and networks together—rather than across fragmented systems.
  • Investigate complex ownership and control structures Reconstruct layered, indirect, and evolving ultimate beneficial ownership (UBO) relationships in a consistent and explainable manner.
  • Strengthen cooperation with FIUs and authorities Respond confidently to information requests with clear, traceable analytical reasoning.
  • Future-proof AML operations under increasing scrutiny Adapt to emerging typologies and regulatory expectations without constant remediation.

With AMLA oversight and potential fines of up to 10% of annual turnover, AMLD6 compliance is increasingly assessed through operational evidence—not policy alone. This paper outlines how a unified intelligence layer enables institutions to meet AMLD6 requirements with clarity, consistency, and control.

ACCELERATE YOUR INVESTIGATIONS WITH PROVEN STRATEGIES AND LESSONS FROM REAL-WORLD SUCCESS STORIES.


Gain access to the DataWalk articles and case studies

For FinCrime Investigators

Gain access to the DataWalk articles and case studies for FinCrime Investigators

For FinCrime Tech Professionals

Gain access to the DataWalk articles and case studies for FinCrime Tech Professionals

AMLD6 and the Shift in Regulatory Expectations

The ratification of the EU AML Package marks the transition to a Single Rulebook regime. While AMLD6 does not fundamentally redefine money laundering obligations, it significantly tightens expectations around how financial institutions demonstrate control effectiveness. Regulatory focus is expanding toward:

  • cyber-enabled financial crime,
  • environmental crime,
  • complex ownership and control structures, and
  • risks that are not always visible in transaction data alone.

These developments increase scrutiny on whether AML controls provide complete and explainable coverage, rather than isolated detection outcomes.

AMLD6 & AMLA Regulation Timeline

Key milestones for financial institutions and the single rulebook regime.

May 2024 Completed Official Adoption of the EU AML Package Ratification of the AMLD6 and the Anti-Money Laundering Regulation (AMLR), establishing the "Single Rulebook."
2025 Completed AMLA Setup & Seat Selection Selection of Frankfurt as the AMLA headquarters and recruitment of the first wave of technical experts.
2026 (Now) Operational Phase Transposition & Tech Integration Member states transpose AMLD6 into national law. Institutions move toward a "Unified Intelligence Layer" to close structural blindspots.
Mid-2027 Deadline Full Application & Direct Supervision AMLA begins direct supervision of high-risk entities. Non-compliance risks turnover fines of up to 10%.
Note: The transition period is the critical window for upgrading legacy architectures. By mid-2027, "policy frameworks" without "operational proof" will no longer be sufficient to avoid regulatory intervention.

Enhanced Due Diligence Under AMLD6

What Financial Institutions Are Expected to Do

AMLD6 strengthens expectations for enhanced due diligence, particularly for customers and transactions linked to high-risk countries and higher-risk scenarios. Financial institutions are expected to be able to:

  • systematically identify exposure to high-risk jurisdictions;
  • apply enhanced customer due diligence measures that are proportionate and substantive;
  • assess customer behaviour, transaction activity, and contextual risk together;
  • document investigative outcomes clearly; and
  • demonstrate how enhanced measures reduce risk to an acceptable level.

The regulatory test is whether higher risks are identified, assessed, and mitigated in a reasonable and well-evidenced manner—and whether that reasoning can be demonstrated consistently, without reliance on manual reconstruction.

How DataWalk Helps Find Invisible Customer Risks

DataWalk supports enhanced due diligence by providing a unified analytical context where risk can be examined holistically. In practice, this enables institutions to:

  • examine money flows, behaviour, jurisdictional exposure, and networks together;
  • move beyond isolated alerts to a connected risk narrative;
  • ground enhanced due diligence (EDD) decisions in full context rather than fragmented system views; and
  • preserve a clear chain of evidence to support supervisory review.

This ensures enhanced due diligence is applied consistently and remains defensible as scrutiny increases, even as risk profiles and typologies evolve.

CUSTOMER CASE STUDY

Cracking a $5.7M Fraud in 120 Minutes

The Power of Agile Investigation With DataWalk

Learn More >>>

Cracking a $5.7M Fraud in 120 Minutes

Beneficial Ownership Under AMLD6: Ownership and Control

What Financial Institutions Are Expected to Do

AMLD6 makes explicit that Ultimate Beneficial Owners must be identified through assessment of both ownership and control. Financial institutions must be able to:

  • identify individuals or entities that own a customer through direct or indirect shareholdings;
  • identify individuals or entities that control a customer through influence or decision-making authority;
  • assess ownership and control across multiple layers of entities and arrangements;
  • consider aggregated interests, including small or indirect holdings;
  • identify structures designed to obscure ownership or control; and
  • demonstrate how ownership and control were determined at a specific point in time.

The expectation is a reasonable, well-documented determination of who ultimately owns or controls a customer—and the ability to reach and explain that determination consistently when revisited.

UBO under AMLD6: Mapping Control
Direct Ownership

Standard analysis of shareholding percentages.

Indirect Control

Influence through decision-making authority or complex layers.

Aggregated Interest

Combining small holdings across networks to find the true UBO.

Significant Increase in Analytical Depth Based on the shift from quantitative thresholds to qualitative "control" assessments, manual due diligence is expected to become significantly more resource-intensive without a unified intelligence layer.

How DataWalk Supports Ownership and Control Analysis

DataWalk enables ownership and control to be examined together within a single, coherent view. It allows financial institutions to:

  • bring together ownership information from onboarding systems, registries, documentation, and third-party sources;
  • reconstruct ownership and control across all relevant layers;
  • assess ownership and influence in combination rather than in isolation;
  • clearly surface complex or unusual structures; and
  • retain full visibility into how conclusions were reached over time.

This supports consistent, explainable UBO identification aligned with AMLD6 expectations, even where ownership and control structures are layered, indirect, or change over time.


Cooperation With FIUs Under AMLD6

What Financial Institutions Are Expected to Do

AMLD6 strengthens cooperation between financial institutions, national Financial Intelligence Units, and other competent authorities. Institutions are expected to be able to:

  • provide accurate, timely, and consistent information;
  • explain the reasoning behind alerts, reports, and investigative conclusions;
  • respond to follow-up requests without reconstructing analysis from scratch; and
  • demonstrate internal consistency in how similar risks are assessed.

As authorities increasingly share typologies, risk indicators, and suspicious entities, institutions are also expected to act on this intelligence in a timely and controlled manner.

How DataWalk Supports Intelligence Collaborations

DataWalk preserves a continuous Chain of Evidence, ensuring that analytical reasoning remains traceable and reviewable. This enables financial institutions to:

  • respond confidently to FIU requests;
  • ensure shared information is grounded in consistent logic;
  • quickly cross-check typologies, risk indicators, and suspicious entities shared by FIUs or government agencies against your institution’s customer base and transaction activity;
  • reduce friction during follow-up engagement; and
  • maintain clarity even as cases evolve.

The result is controlled, confident cooperation that strengthens regulatory trust without introducing inconsistency or ad hoc decision-making.


The Architectural Challenge Behind AMLD6

Many AML environments remain constrained by siloed systems designed for narrow detection tasks rather than holistic risk understanding. As AMLD6 increases expectations around contextual analysis and explainability, these silos become a structural limitation—making it difficult to demonstrate how risks were assessed across data, time, and organisational boundaries. The challenge is not replacing existing systems, but whether those systems can be connected in a way that preserves context and reasoning at the standard AMLD6 now expects.


A Unified Intelligence Layer for AML

DataWalk acts as an intelligence layer that sits above existing AML systems, bringing together alerts, customer data, transaction activity, and external information into a single analytical foundation. This allows financial institutions to:

  • decouple intelligence from transaction processing;
  • integrate new data sources without disrupting operations;
  • adapt to emerging typologies without re-engineering pipelines; and
  • maintain explainability as analysis evolves.

In doing so, it helps close the gap between regulatory expectations and what existing AML technology can realistically support on its own.

AMLD6: Comfort in Your AML Controls or 10% Turnover Fines?

Download free ebook
"How DataWalk AI is Transforming Investigative
and Intelligence Analytics

Download the eBook

Download the eBook

AMLD6: Comfort in Your AML Controls or 10% Turnover Fines?

Markus Hartmann is a financial crime compliance expert specializing in integrating advanced graph analytics with legacy banking infrastructure to combat hybrid threats. He possesses deep technical expertise in leveraging AI for detecting complex predicate offenses, including cybercrime and environmental laundering, within regulated institutions.

Contact

Table of contents

  1. Executive Summary
  2. AMLD6 and the Shift in Regulatory Expectations
  3. AMLD6 & AMLA Regulation Timeline
  4. Enhanced Due Diligence Under AMLD6
  5. Beneficial Ownership Under AMLD6: Ownership and Control
  6. Cooperation With FIUs Under AMLD6
  7. The Architectural Challenge Behind AMLD6
  8. A Unified Intelligence Layer for AML

Share:

FAQ

The most significant financial risk comes from the newly established Anti-Money Laundering Authority (AMLA), which has the power to impose administrative fines of up to 10% of your total annual turnover for serious breaches. Beyond the fines, the directive raises the bar for compliance. You must now prove that your controls provide complete coverage and that your decision-making is consistent, explainable, and defensible under scrutiny.
AMLD6 explicitly requires you to identify UBOs by assessing both ownership and control. You can no longer rely on checking direct shareholdings alone. You must identify individuals who hold power through influence or decision-making authority, even if that control is exercised through indirect layers or complex structures. You also need to document exactly how you determined ownership and control at any specific point in time.
No. The architectural challenge with AMLD6 is that many existing systems operate in silos, making it hard to see the full context of a risk. DataWalk solves this by acting as an intelligence layer that sits above your current systems. It connects alerts, customer data, and transaction activity into a single view without disrupting your daily operations. This allows you to meet the new requirements for context and explainability without re-engineering your entire pipeline.
Regulators now expect more than just timely reporting. You must be able to explain the reasoning behind your alerts and investigative conclusions clearly. When FIUs or other authorities request follow-up information, you need to respond without having to reconstruct your analysis from scratch. The focus is on providing accurate, consistent information that demonstrates you acted on shared intelligence and risk indicators.
DataWalk preserves a continuous "Chain of Evidence" for every investigation or analysis. Instead of looking at isolated alerts, the platform allows you to examine money flows, jurisdictional exposure, and customer behavior in one place. This ensures that when you apply enhanced due diligence, your decisions are based on full context. More importantly, it keeps a record of your logic, so you can easily show regulators how you identified a risk and why you decided it was mitigated.
 

Join the next generation of data-driven investigations:
Discover how your team can turn complexity into clarity fast.

See DataWalk in Action
 
DataWalk logo white

Solutions

Product

Partners

Company

Resources

Quick Links

Get A Free Demo