In this issue, we look at several key developments in the European and national compliance environment: the new cooperation agreement between the AMLA and the ECB and a comprehensive MoU between the ESAs and the AMLA mark important progress in European money laundering supervision. Germany is strengthening its cyber security architecture, while the EDPB is calling for more clarity and enforcement in data protection. In addition, ESG risks will be more closely integrated into financial stress tests in future and BaFin is defining its strategic objectives up to 2029.
Table of Contents
- AMLA and ECB sign cooperation agreement
- ESAs sign MoU with the AMLA
- BMI and BSI strengthen Germany’s cybersecurity architecture
- Helsinki Declaration of the EDPB on strengthening data protection
- ESG risks in regulatory stress tests
- BaFin publishes strategic objectives 2026-2029
- Now receive the most important compliance reports every week free of charge
AMLA and ECB sign cooperation agreement
Applicable for: Money laundering officers, compliance officers, institutions under the supervision of the ECB
The cooperation agreement between the AMLA and the ECB creates a structured framework for the exchange of sensitive information and cooperation on supervisory measures to combat money laundering and terrorist financing.
Measures required:
- Review and, if necessary, adapt existing reporting channels within the framework of AML compliance vis-à-vis EU authorities
- Integration of new AMLA information obligations and cooperation requirements into internal guidelines
- Training of compliance and AML teams on the new institutional role of the AMLA and their cooperation with the ECB
ESAs sign MoU with the AMLA
Applicable for: Banks, insurers, investment firms, AML and compliance officers
The European Supervisory Authorities EBA, ESMA and EIOPA have signed a formal basis for cooperation with AMLA to establish effective supervisory tools and closer coordination in the financial sector.
Measures required:
- Evaluation of internal cooperation and data transmission processes to European supervisory authorities
- Adaptation of risk analyses taking into account EU-wide standardized supervisory practices
- Preparation for coordinated audits and harmonized reporting formats in the context of European AML standards
BMI and BSI strengthen Germany’s cybersecurity architecture
Applicable for: IT security officers, CISOs, KRITIS-related companies, data protection officers
The BSI and the BMI are expanding their coordination in the area of cyber defense. Plans include strengthening national response capabilities, centralized situational awareness and improved emergency communication.
Measures required:
- Implementation of the requirements from the NIS-2 Directive, including risk management obligations and reporting requirements
- Establishment or optimization of reporting chains to the BSI and other responsible bodies
- Implementation of an internal cyber security audit with a focus on critical infrastructures
Helsinki Declaration of the EDPB on strengthening data protection
Applicable for: Data protection officers, data controllers responsible for cross-border data processing, international corporations
With the Helsinki Declaration, the EDPB calls for more resources for supervisory authorities and more transparency and participation in cross-border procedures under the GDPR.
Measures required:
- Analysis and documentation of cross-border data processing operations within the company
- Ensuring GDPR compliance, especially for international data transfers
- Establishment of a clear internal escalation and response mechanism for inquiries from supervisory authorities in several member states
ESG risks in regulatory stress tests
Applicable for: Banks, sustainability officers, risk management officers
The European supervisory authorities are developing guidelines for the integration of environmental, social and governance (ESG) risks in stress tests. The aim is to improve the resilience of the financial system to sustainability risks.
Measures required:
- Integration of ESG factors into the company-wide stress testing framework and ICAAP
- Development of an internal scenario catalog for ESG-related shocks and transition risks
- Ensure data availability and data quality for ESG indicators in risk management
BaFin publishes strategic objectives 2026-2029
Applicable for: All supervised entities, in particular management boards, compliance and risk management departments
BaFin has published its medium-term strategic objectives. The focus is on digitalization, resilience of the financial system, sustainability and the effectiveness of supervision. Among other things, BaFin plans to further expand data-based supervision and strengthen its ability to intervene.
Measures required:
- Alignment of the corporate strategy with BaFin’s strategic objectives, particularly with regard to sustainability and digital transformation
- Establishment or optimization of data-based compliance systems in the sense of a “supervisory-friendly” infrastructure
- Preparation for more intensive, risk-based supervisory procedures and possibly new reporting requirements
Now receive the most important compliance reports every week free of charge
Many compliance officers already use our free service and receive the most important news from the areas of compliance, money laundering prevention, data protection and IT security. We provide a weekly overview of the most important reports and categorize them.
Subscribe now free of charge.
Would you like to be up to date every day?
Our legal rights monitoring software gives you access to all notifications and allows you to filter them by relevance, type and area. You can create and download summaries. Get in touch with us.
We wish you a successful week.
Your Riscreen team