EBA finds that money laundering and terrorist financing risks in payments institutions are not managed effectively

EBA published a report on ML/TF risks associated with EU payment institutions. The report indicates that these risks may not be effectively assessed and managed by the institutions and their supervisors.
The EBA conducted an assessment in 2022 to determine the scale and nature of ML/TF risks in the payment institutions sector. It examined how these institutions identify and manage such risks and how supervisors mitigate them during the authorization process and throughout the institutions‘ existence.
The findings of the EBA suggest that payment institutions generally do not adequately manage ML/TF risks. The AML/CFT internal controls in these institutions are often insufficient to prevent ML/TF, despite the high inherent risk associated with the sector.
Furthermore, the report indicates that not all competent authorities are effectively supervising the sector. As a result, payment institutions with weak AML/CFT controls can operate in the EU by establishing themselves in Member States with less stringent authorization and supervision processes and later conducting cross-border activities.
Failure to manage ML/TF risks in the payment institutions sector can have an impact on the integrity of the EU’s financial system. The report also suggests that addressing these risks is crucial for improving access to payment accounts for payment institutions and preventing de-risking.
The report highlights the need for a more robust implementation of EBA guidelines by supervisors and institutions to mitigate ML/TF risks in the sector. It also calls for changes to the EU legal framework to establish consistent approaches to assessing AML/CFT components during authorization, addressing ML/TF risks in passporting notifications, and supervising payment institution agents in a cross-border context.