6AMLD Explained: Key Changes for EU Financial Institutions

Five substantive changes distinguish 6AMLD from prior EU AML instruments:

• Harmonised list of 22 predicate offences. Article 2(1) sets out the offences whose proceeds, when laundered, trigger criminal money-laundering liability. The list includes participation in organised crime, terrorism, trafficking in human beings, sexual exploitation, illicit trafficking in narcotic drugs, illicit arms trafficking, illicit trafficking in stolen goods, corruption, fraud, counterfeiting currency, counterfeiting and piracy of products, environmental crime, murder/grievous bodily injury, kidnapping/illegal restraint/hostage-taking, robbery/theft, smuggling, tax crimes, extortion, forgery, piracy, insider trading and market manipulation, and cybercrime. The 22-category list extended the prior framework, with environmental crime and cybercrime being notable additions.
• Criminal liability for legal persons. Article 7 establishes that legal persons (companies, partnerships, other entities) can be held criminally liable for ML offences where the offence was committed for the legal person's benefit by a person with a leading position, or where supervisory failures by such persons enabled the offence. The Member State has discretion in how it implements this — some apply administrative penalties, others true criminal sanctions — but the principle is established at EU level.
• Aiding, abetting, attempting. Article 4 requires criminalisation of aiding, abetting, inciting, and attempting any of the predicate ML offences. The accessory liability provisions extend criminal exposure beyond the principal launderer to those who assist or attempt.
• Minimum maximum sentences. Article 5 sets a minimum maximum sentence of four years' imprisonment for ML offences. Member States may impose higher maxima; the floor ensures cross-Member-State consistency in the severity of sanctions.
• Dual criminality narrowed. Article 3(3) limits the dual-criminality requirement (where the predicate offence must be criminal both in the place it was committed and in the prosecuting Member State). 6AMLD removes dual criminality for several specified offence categories, enabling prosecution of cross-border laundering where the predicate occurred in a jurisdiction with different criminal law.

The expanded predicate offence list affects which underlying conduct triggers SAR/STR filing obligations. Three categories that materially changed the filing landscape:

• Environmental crime. 6AMLD added environmental offences (illegal wildlife trafficking, illegal logging, illegal fishing, illegal waste shipment, pollution offences) to the predicate list. Compliance teams now consider customer activity linked to these patterns as triggering filing — for example, customers in extractive industries with proceeds patterns inconsistent with their declared operations, or trade-finance documentation suggesting unauthorised wildlife or timber exports.
• Cybercrime. The category covers offences against information systems, including illegal access, illegal interception, data interference, system interference, and misuse of tools. Customer activity linked to ransomware proceeds, business email compromise, fraud-as-a-service operations, and dark-market settlement triggers filing where suspicion is reasonable.
• Tax crimes. 6AMLD codified tax offences within the predicate list, harmonising what had previously been a fragmented Member State approach. Customer activity suggesting tax evasion — particularly structures with no commercial substance whose primary purpose appears to be tax mitigation — triggers filing obligations.

The operational implication for compliance teams: typology coverage in the firm's risk assessment should explicitly address the full 6AMLD predicate offence list. Programmes that filter SAR/STR filing through a narrower predicate-offence mental model are under-filing relative to the regime's expectations.

Five operational priorities for EU financial institutions working under the layered framework:

• Map typology coverage to the full 22 predicate offences. The firm's risk assessment, transaction monitoring rule library, and STR filing criteria should explicitly cover the expanded predicate offence list. Gaps in coverage of environmental, cyber and tax-related predicates are recurring inspection findings.
• Document corporate governance substantively. The "lack of supervision or control" liability standard makes governance documentation an active liability-management priority. Board reports, MLRO authority, control-framework artefacts and internal audit findings should be substantive and current.
• Prepare for AMLR transition. The AMLR's direct applicability from July 2027 removes Member State implementation variance and introduces new specific obligations (most notably around UBO transparency and risk classification). Institutions should be tracking the implementing technical standards and preparing operational changes.
• Understand AMLA's supervisory remit. Institutions designated for direct AMLA supervision face a different supervisory experience from those remaining under national supervision. Even institutions not designated should expect indirect AMLA influence through harmonised supervisory expectations.
• Maintain cross-border investigation readiness. The narrowed dual-criminality framework increases the likelihood of cross-border investigations. Institutions should be able to respond to requests from multiple Member State authorities and AMLA with consistent, timely information.

For broader AML platform context see our AML/CFT solution overview and the FATF Grey List 2026 guide for the jurisdictional risk dimension that intersects with EU regime application.