• Firms support AML harmonization but warn rules are overly rigid
• Materiality thresholds seen as too low and not risk based
• Data and reporting requirements viewed as excessively granular
• Sanctions framework criticized for vague criteria and discretion
• Customer due diligence rules raise financial exclusion concerns
• Smaller and low risk firms face disproportionate burden
• Industry calls for clearer definitions and sectoral tailoring

European efforts to strengthen anti money laundering and counter terrorism financing rules are facing growing resistance from across the financial and non financial sectors, according to a report from Deloitte on a recent European Banking Authority survey.

According to the report, firms are warning that draft standards risk being overly rigid, costly, and disconnected from operational reality, according to a report by Deloitte.

The analysis reviewed feedback submitted to the EBA following its consultation on four draft Regulatory Technical Standards published in March 2025.

The consultation attracted 108 responses from banks, insurers, asset managers, payment providers, fintech firms, nonprofits, and professional bodies, and closed on June 6.

The report says respondents broadly support the European Union’s goal of harmonizing AML and CFT supervision under the new framework covering AMLR, AMLD6, and AMLAR.

However, they consistently raised concerns around proportionality, feasibility, and the lack of sector specific tailoring across the proposed standards.

One of the most contentious areas relates to draft rules governing how institutions are selected for direct supervision under AMLAR. According to Deloitte, many respondents argued that the proposed materiality thresholds are set too low and rely too heavily on fixed quantitative criteria.

Firms warn that this approach fails to reflect differences in business models, customer profiles, and risk typologies, particularly disadvantaging smaller or lower risk institutions and those with high value but low volume activity.

Respondents also highlighted ambiguities in key definitions such as customer, transaction, and group perimeter, which they said could undermine consistent implementation and increase compliance risk.

The report suggests there is strong cross sector support for recalibrating thresholds, incorporating qualitative risk factors, and allowing sector specific approaches while preserving harmonization.

Similar concerns were raised in response to draft standards on assessing the inherent and residual risk profiles of obliged entities under AMLD6.

The report suggests respondents worry that extensive and highly granular data requirements could impose excessive operational burdens, particularly on smaller firms and those operating in low risk segments.

Banks pointed to the cost of new data collection and the risk of overlapping regulatory requirements, while insurers and asset managers stressed that some indicators are poorly suited to low risk products.

Payment providers and crypto firms raised concerns about technical feasibility, and non-financial entities such as legal professionals and charities warned that a one size fits all approach could drive de-risking and threaten confidentiality.

Deloitte says the survey found broad agreement that requirements should focus on genuinely risk relevant indicators, supported by clear definitions, harmonized methodologies, and realistic implementation timelines.

Without significant revision, it said, respondents believe the draft could deliver limited risk reduction at a high operational cost.

Feedback on proposed sanctions frameworks under AMLD6 was described as constructively critical. Respondents welcome the push for harmonized enforcement but expressed concern about vague criteria and wide supervisory discretion.

Firms and compliance professionals called for clearer legal definitions and objective methodologies to provide certainty and protect against disproportionate personal liability.

Supervisory authorities echoed the need for precise legal bases and due process, while legal professionals and nonprofits emphasized the importance of national flexibility to reflect sectoral diversity and fundamental rights.

Deloitte reported that many respondents believe excessive discretion could fragment enforcement and weaken compliance culture.

Customer due diligence proposals under AMLR also drew widespread criticism, with banks and insurers arguing that requirements for lower risk customers are nearly as onerous as standard due diligence, undermining proportionality and increasing complexity.

Insurers also highlighted a concern that frequent updates are impractical for low risk products with limited client interaction.

Across all four draft standards, respondents urged regulators to recalibrate the proposals to better reflect risk based principles, operational feasibility, and sectoral diversity.