Customer Due Diligence Measures – Key Changes You Need To Know

The Anti-Money Laundering Regulation (AMLR) introduces several important changes to Customer Due Diligence (CDD) requirements. These updates expand the scope of trigger events, deepen the level of information required, and reinforce compliance obligations for obliged entities.

New trigger events for CDD measures

Under the AMLR, the situations triggering CDD measures have been broadened. These include, among others:

• Any occasional transaction of at least EUR 10,000, compared to EUR 15,000 under the current regime.
• Participation in the creation of legal entities, including:
  • the setting up of a legal arrangement; or
  • for auditors and legal professionals, participation in the transfer of ownership of a legal entity, regardless of the transaction value.
• Suspicion of money laundering or terrorist financing, irrespective of applicable thresholds, derogations, or exemptions.
• The existence of doubts regarding:
  • the veracity or adequacy of previously obtained customer identification data; or
  • whether the person interacting with the obliged entity is indeed the customer or a person authorised to act on their behalf.
• Any occasional cash transaction of at least EUR 3,000 (whether carried out as a single operation or through linked operations), which triggers an obligation to identify and verify both the customer and the beneficial owner.

Looking ahead, further clarification is expected through Regulatory Technical Standards (RTS) under Article 19(9) AMLR, which will define criteria for identifying business relationships, occasional and linked transactions, as well as lower thresholds.

Broader CDD measures for obliged entities

Beyond trigger events, the AMLR significantly strengthens the depth and scope of CDD requirements.

Extended information requirements

Obliged entities must now collect more detailed information about the purpose and intended nature of a business relationship or occasional transaction, including:

• the purpose and economic rationale of the contemplated transaction,
• the estimated value of planned activities,
• the source and destination of funds, and
• the customer’s business activity, employment, or occupation.

Sanctions screening obligations

CDD obligations now include stricter targeted financial sanctions screening:

• Customers and their beneficial owners must be screened against sanctions lists.
• For legal persons, screening must also cover:
  • any natural or legal person controlling the entity; or
  • any person holding more than 50% of the proprietary rights or majority interest.

Reporting of discrepancies

Obliged entities are required to:

• Report material discrepancies between:
  • information collected during CDD checks; and
  • information available in central registers of beneficial ownership.

This excludes minor inconsistencies, such as typographical errors or slightly outdated but otherwise reliable information.

• Follow up by requesting the relevant entity to update their information accordingly.

What if CDD measures cannot be completed?

Failure to complete CDD measures has clear consequences under the AMLR:

Do not proceed: obliged entities must refrain from:

• carrying out the transaction,
• establishing the business relationship, or
• continuing an existing relationship (which must be terminated).

Consider reporting: a suspicious activity report (SAR) should be considered and, where appropriate, submitted to the Financial Intelligence Unit (FIU).

Key takeaways

With these new requirements, preparation is essential. Organisations should act now to ensure compliance:

• Review your internal policies and procedures;
• Identify which new CDD requirements apply to your specific business;
• Anticipate implementation changes ahead of the July 2027 deadline.