.svg)
The authority believes that supervisory technology (suptech) tools can make anti-money laundering and counter-terrorism financing (AML/CTF) supervision more effective, but warns that legal, operational and resource hurdles could slow adoption.
In a report published on August 12, 2025, the European Banking Authority (EBA) noted that national competent authorities (NCAs) across the EU are making increasing use of digital tools to improve oversight.
This comes as the bloc prepares to roll out its new AML/CTF framework and launch the Anti-Money Laundering Authority (AMLA).
In the report, the EBA appears to endorse the use of suptech, suggesting that its findings show that those regulators that have embraced the technology have found demonstrable benefits.
Regulators can use suptech for tasks such as data automation, in a similar way to how firms use regtech to comply with regulatory frameworks.
The findings draw on a 2024 survey of 31 NCAs in 25 member states and a workshop with the European Commission’s AMLA Task Force.
Together, they identified 60 suptech projects or tools, nearly half (47 percent) of which are already in production, with 38 percent in development and 15 percent at an exploratory stage.
A work in progress
The authorities reported tangible benefits of suptech, including “enhanced collaboration, improved data quality and analytics, and greater capacity to scale supervision”.
However, the report concludes that although suptech use in AML/CTF supervision is evolving, it remains at an early stage, with many authorities still in the exploratory or initial implementation phases.
Nonetheless, it notes that the changing EU legal and institutional framework presents significant opportunities to accelerate adoption, signalling a shift towards more efficient, data-driven approaches to tackling financial crime in both the public and private sectors.
The EBA said that the success of suptech will depend on how effectively challenges such as poor data quality, resource constraints, legal uncertainties and organisational resistance are addressed.
For example, the report identifies issues such as “cultural inertia, concerns about job displacement, and scepticism about the reliability of AI-driven insights” as barriers to implementation.
The regulator also warned that a lack of digital literacy among supervisors can make it difficult to fully integrate suptech into existing supervisory processes.
The EBA stressed that suptech tools should be tailored to each authority’s operational realities, with strong safeguards for sensitive data, improved interoperability and close cooperation between IT, AML/CTF and data protection experts.
Greater pooling of resources and co-development of solutions can help to prevent duplication and ensure more coordinated innovation, with AMLA expected to play a central role in driving collaboration and standardisation.
The report notes that the priorities, good practices and lessons identified will guide future suptech development.
If successful, suptech should enable supervisors to keep pace with emerging financial crime risks, strengthening the EU’s position as a global leader in AML/CTF oversight.
Could suptech revolutionise supervision?
Suptech has long been championed by EU regulators. For example, the European Central Bank (ECB) said in a November 2023 supervision newsletter that “it is crucial for the ECB to continue investing in its own digital transformation if it wants to maintain effective and efficient supervision and respond to the challenges and opportunities arising from digitalisation in the banking sector”.
One advantage of using suptech tools for firms whose activities are overseen by EU regulators could be more consistent and predictable supervision.
By standardising how data is collected, analysed and risk-rated across jurisdictions, the technology could reduce subjectivity and uncertainty, meaning that firms have a clearer view of regulators’ expectations and can have greater confidence in supervisory outcomes.
Suptech tools may also lessen the administrative burden on firms. For example, automated data collection and reporting interfaces remove the need for multiple, manual regulatory submissions.
In addition, firms can transmit structured data once, in standardised formats, reducing their compliance workload and minimising the risk of errors.
Given the EBA’s views, regulators across the bloc may start to remove the hurdles slowing adoption of suptech tools, potentially leading to increased uptake among regulated firms.
