Source: OJ L, 2024/1624, 19.6.2024Current language: EN
- Anti-money laundering
Basic legislative acts
- Anti-money laundering regulation (AMLR)
Article 26 Ongoing monitoring of the business relationship and monitoring of transactions performed by customers
Summary What does Article 26 of the Anti-money laundering regulation (AMLR) say?
This article sets out the ongoing monitoring obligations that obliged entities must maintain throughout the life of a business relationship.
It builds directly on the customer due diligence framework established in Article 20, extending it beyond the point of onboarding into a continuous process.
The core idea is that obliged entities must not only know their customer at the start of a relationship but must keep that knowledge current and use it to scrutinise transactions on an ongoing basis.
The article also introduces specific deadlines for updating customer information depending on risk level, and separately requires obliged entities to regularly check for exposure to targeted financial sanctions, with a heightened trigger for credit and financial institutions upon any new sanctions designation.
Important points:
- Conduct ongoing monitoring of all business relationships and keep customer information up to date, with updates required at least every year for higher-risk customers and at least every five years for all others.
- Where a customer has relationships with multiple entities within the same group, take that broader picture into account when monitoring your own relationship with that customer.
- Regularly verify compliance with targeted financial sanctions conditions — for credit institutions and financial institutions, this verification must also be triggered upon any new sanctions designation.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Obliged entities shall conduct ongoing monitoring of business relationships, including transactions undertaken by the customer throughout the course of a business relationship, to ensure that those transactions are consistent with the obliged entity’s knowledge of the customer, the customer’s business activity and risk profile, and where necessary, with the information about the origin and destination of the funds and to detect those transactions that shall be made subject to a more thorough assessment pursuant to Article 69(2).
Where business relationships cover more than one product or service, obliged entities shall ensure that the customer due diligence measures cover all those products and services.
Where obliged entities belonging to a group have business relationships with customers that are also the customers of other entities within that group, whether obliged entities or undertakings not subject to AML/CFT requirements, they shall take into account information relating to those other business relationships for the purposes of monitoring the business relationship with their customers.
In the context of the ongoing monitoring referred to in paragraph 1, obliged entities shall ensure that the relevant documents, data or information of the customer are kept up to date.
The period between updates of customer information pursuant to the first subparagraph shall be dependent on the risk posed by the business relationship and shall not in any case exceed:
for higher risk customers to which measures under Section 4 of this Chapter apply, 1 year;
for all other customers, 5 years.
In addition to the requirements set out in paragraph 2, obliged entities shall review and, where relevant, update the customer information where:
there is a change in the relevant circumstances of a customer;
the obliged entity has a legal obligation in the course of the relevant calendar year to contact the customer for the purpose of reviewing any relevant information relating to the beneficial owners or to comply with Council Directive 2011/16/EU(42);
they become aware of a relevant fact which pertains to the customer.
In addition to the ongoing monitoring referred to in paragraph 1 of this Article, obliged entities shall regularly verify whether the conditions laid down in Article 20(1), point (d), are met. The frequency of that verification shall be commensurate with the exposure of the obliged entity and the business relationship to risks of non-implementation and evasion of targeted financial sanctions.
For credit institutions and financial institutions, the verification referred to in the first subparagraph shall also be carried out upon any new designation in relation to targeted financial sanctions.
The requirements of this paragraph shall not replace the obligation to apply targeted financial sanctions or stricter requirements under other Union legal acts or under national law on the verification of the client base against lists of targeted financial sanctions.
By 10 July 2026, AMLA shall issue guidelines on ongoing monitoring of a business relationship and on the monitoring of the transactions carried out in the context of such relationship.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
crypto-asset services
Definition
financial mixed activity holding company
Definition
crypto-asset service provider
Definition
funds or other assets
Definition
credit institution
- a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013;
- a branch of a credit institution, as defined in Article 4(1), point (17), of Regulation (EU) No 575/2013, when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
parent undertaking
- for groups whose head office is located in the Union, an obliged entity that is a parent undertaking as defined in Article 2, point (9), of Directive 2013/34/EU that is not itself a subsidiary of another undertaking in the Union, provided that at least one subsidiary undertaking is an obliged entity;
- for groups whose head office is located outside of the Union, where at least two subsidiary undertakings are obliged entities established in the Union, an undertaking within that group established in the Union that:
- is an obliged entity;
- is an undertaking that is not a subsidiary of another undertaking that is an obliged entity established in the Union;
- has a sufficient prominence within the group and a sufficient understanding of the operations of the group that are subject to the requirements of this Regulation; and
- is given the responsibility of implementing group-wide requirements under Chapter II, Section 2 of this Regulation;
Definition
crypto-asset
Definition
property
Definition
express trust
Definition
legal arrangement
Definition
targeted financial sanctions
Definition
group
Definition
financial institution
- an undertaking other than a credit institution or an investment firm, which carries out one or more of the activities listed in points (2) to (12), (14) and (15) of Annex I to Directive 2013/36/EU of the European Parliament and of the Council(32), including the activities of currency exchange offices (bureaux de change), but excluding the activities referred to in point (8) of Annex I to Directive (EU) 2015/2366, or an undertaking the principal activity of which is to acquire holdings, including a financial holding company, a mixed financial holding company and a financial mixed activity holding company;
- an insurance undertaking as defined in Article 13, point (1), of Directive 2009/138/EC of the European Parliament and of the Council(33), insofar as it carries out life or other investment-related assurance activities covered by that Directive, including insurance holding companies and mixed-activity insurance holding companies as defined, respectively, in Article 212(1), points (f) and (g), of Directive 2009/138/EC;
- an insurance intermediary as defined in Article 2(1), point (3), of Directive (EU) 2016/97 where it acts with respect to life insurance and other investment-related insurance services, with the exception of an insurance intermediary that does not collect premiums or amounts intended for the customer and which acts under the responsibility of one or more insurance undertakings or intermediaries for the products which concern them respectively;
- an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council(34);
- a collective investment undertaking, in particular:
- an undertaking for collective investment in transferable securities (UCITS) as defined in Article 1(2) of Directive 2009/65/EC and its management company as defined in Article 2(1), point (b), of that Directive or an investment company authorised in accordance with that Directive and which has not designated a management company, that makes available for purchase units of UCITS in the Union;
- an alternative investment fund as defined in Article 4(1), point (a), of Directive 2011/61/EU and its alternative investment fund manager as defined in Article 4(1), point (b), of that Directive that fall within the scope set out in Article 2 of that Directive;
- a central securities depository as defined in Article 2(1), point (1), of Regulation (EU) No 909/2014 of the European Parliament and of the Council(35);
- a creditor as defined in Article 4, point (2), of Directive 2014/17/EU of the European Parliament and of the Council(36) and in Article 3, point (b), of Directive 2008/48/EC of the European Parliament and of the Council(37);
- a credit intermediary as defined in Article 4, point (5), of Directive 2014/17/EU and in Article 3, point (f), of Directive 2008/48/EC, when holding the funds as defined in Article 4, point (25), of Directive (EU) 2015/2366 in connection with the credit agreement, with the exception of the credit intermediary carrying out activities under the responsibility of one or more creditors or credit intermediaries;
- a crypto-asset service provider;
- a branch of a financial institution referred to in points (a) to (i), when located in the Union, whether its head office is located in a Member State or in a third country;
Definition
third country
Definition
funds
Definition
beneficial owner
Definition
business relationship
Footnote 42