Source: OJ L, 2024/1640, 19.6.2024

Current language: EN

Article 56 Administrative measures

Summary What does Article 56 of the Sixth anti-money laundering (AML 6) directive say?

This article sits alongside Article 55 (which deals with pecuniary sanctions) and provides the complementary toolkit of non-monetary administrative measures that supervisors must be empowered to apply against obliged entities.

It covers three distinct triggers for action: actual breaches of AML/CFT requirements, weaknesses in internal controls that are likely to lead to breaches, and internal frameworks that are inadequate relative to the money laundering and terrorist financing risks the entity faces.

The article then sets out a broad menu of measures supervisors must at minimum be able to deploy, ranging from soft interventions like recommendations through to severe actions such as withdrawing an authorisation or requiring changes to the governance structure.

Member States are also permitted to grant supervisors powers beyond this minimum list.

Important points:

  • Supervisors are required to be empowered to act not only when a breach has already occurred, but also where internal control weaknesses merely risk causing future breaches.
  • The minimum supervisory toolkit includes issuing public statements, ordering compliance, restricting business operations, suspending or withdrawing authorisations, and imposing temporary bans on individuals holding managerial responsibilities.
  • Administrative measures must, where relevant, be accompanied by binding deadlines, and supervisors must follow up and assess whether the obliged entity has implemented the actions requested.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

    1. Member States shall ensure that supervisors are able to apply administrative measures to an obliged entity where they identify:

      1. breaches of Regulation (EU) 2024/1624 or Regulation (EU) 2023/1113, either in combination with pecuniary sanctions for serious, repeated and systematic breaches, or on their own;

      2. weaknesses in the internal policies, procedures and controls of the obliged entity that are likely to result in breaches of the requirements referred to in point (a) and administrative measures can prevent the occurrence of those breaches or reduce the risk thereof;

      3. that the obliged entity has internal policies, procedures and controls that are not commensurate with the risks of money laundering, its predicate offences or terrorist financing to which the entity is exposed.

    1. Member States shall ensure that the supervisors are able at least to:

      1. issue recommendations;

      2. order obliged entities to comply, including to implement specific corrective measures;

      3. issue a public statement which identifies the natural or legal person and the nature of the breach;

      4. issue an order requiring the natural or legal person to cease the conduct and to desist from repetition of that conduct;

      5. restrict or limit the business, operations or network of institutions comprising the obliged entity, or to require the divestment of activities;

      6. where an obliged entity is subject to an authorisation, withdraw or suspend the authorisation;

      7. require changes in the governance structure.

    1. Member States shall ensure that the supervisors are able, by means of the administrative measures referred to in paragraph 2, in particular to:

      1. require the provision of any data or information necessary for the fulfilment of their tasks pursuant to this Chapter without undue delay, to require the submission of any document, or impose additional or more frequent reporting requirements;

      2. require the reinforcement of the internal policies, procedures and controls;

      3. require the obliged entity to apply a specific policy or requirements relating to categories of or individual clients, transactions, activities or delivery channels that pose high risks;

      4. require the implementation of measures to bring about the reduction of the money laundering or terrorist financing risks inherent in the activities and products of the obliged entity;

      5. impose a temporary ban against any person discharging managerial responsibilities in an obliged entity, or any other natural person who has been held responsible for the breach from exercising managerial functions in obliged entities.

    1. The administrative measures referred to in paragraph 2 shall be accompanied, where relevant, by binding deadlines for their implementation. Member States shall ensure that supervisors follow up and assess the implementation by the obliged entity of the actions requested.

    1. Member States may empower supervisors to apply additional types of administrative measures to those referred to in paragraph 2.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod