Article 8 AML/CFT supervisory methodology

In cooperation with the supervisory authoritiesmeans a supervisor who is a public body, or the public authority overseeing self-regulatory bodies in their performance of supervisory functions pursuant to Article 37 of Directive (EU) 2024/1640, or AMLA when acting as a supervisor;, the Authority shall develop and maintain an up-to-date and harmonised AML/CFT supervisory methodology detailing the risk-based approach to supervision of obliged entities in the Union. That methodology shall comprise guidelines, recommendations, opinions and other measures and instruments as appropriate, including in particular regulatory and implementing technical standards, on the basis of the empowerments laid down in the acts referred to in Article 1(2).

1. benchmarks and a methodology for classification of obliged entities into risk categories on the basis of their residual risk profile, separately for each category of obliged entities;

2. approaches to supervisory review of ML/TF risk self-assessments of obliged entities;

3. approaches to supervisory review of obliged entities’ internal policies and procedures, including their customer due diligence policies and procedures, in line with a risk-based approach to the prevention of ML/TF;

4. approaches to supervisory evaluation of risk factors inherent in, or related to, customers, business relationshipsmeans a business, professional or commercial relationship connected with the professional activities of an obliged entity, which is set up between an obliged entity and a customer, including in the absence of a written contract and which is expected to have, at the time when the contact is established, or which subsequently acquires, an element of repetition or duration;, transactions and delivery channels of obliged entities, as well as geographical risk factors.

The Authority shall develop structured questionnaires and other online or offline tools to be used by the Authority and supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; for the purposes of requesting, collecting, compiling and analysing data and information from obliged entities, including the data to be relied upon in application of the elements of the supervisory methodology listed in paragraph 2.

The tools developed by the Authority shall ensure the collection of objective and comparable AML/CFT-related data and information from obliged entities and enable an efficient and speedy exchange of information between supervisorsmeans the body entrusted with responsibilities aimed at ensuring compliance by obliged entities with the requirements of this Regulation, including AMLA when performing the tasks entrusted to it in Article 5(2) of Regulation (EU) 2024/1620; and the Authority.

The Authority shall endeavour to develop those tools as soon as the supervisory methodology is applicable across the entire AML/CFT supervisory systemmeans the Authority and the supervisory authorities in Member States;.

The supervisory methodology shall reflect high supervisory standards at Union level and shall build on relevant international standards and guidance. The Authority shall periodically review and update its supervisory methodology, taking into account the evolution of risks affecting the internal market, including risks and threats identified by national law enforcement authorities and FIUs. The supervisory methodology shall, to the extent possible, take into account best practices and guidance developed by international standard setters.