.svg)
Anti-money laundering (AML) regulatory changes are a consistent part of the compliance landscape rather than a cyclical phenomenon. AML-related updates now represent an increasingly significant proportion of global regulatory activity, signalling that financial crime prevention has become a core priority for supervisory authorities worldwide. For organisations operating in high-risk sectors such as banking and payments, this trend demands heightened attention, as the financial and reputational consequences of non-compliance can be costly.
For companies to understand how to plan strategically and allocate resources effectively with regard to AML compliance, they need to identify and understand the main focuses of regulatory activity. In 2025, Europe and the UK have brought crypto-assets firmly within AML oversight, highlighted by the EU's newly-established Anti-Money Laundering Authority, and the same is beginning to happen in other emerging regions worldwide. However, despite this global trend, the United States has gone in a different direction by adopting a decentralised approach to crypto enforcement, aligning with its policy of deregulation under the Trump administration.
Advancements in technology with regard to automation and the use of artificial intelligence are rapidly evolving and becoming more commonplace in AML compliance; however, with the benefits also comes risk, and the regulatory response is attempting to keep pace. Jurisdictions seeking to align with Financial Action Task Force (FATF) standards to be removed from the international standard-setter’s so-called “grey list”, or stay off of it, also continue to implement comprehensive AML reforms, contributing substantially to regulatory activity so far this year.
In an environment where regulatory expectations are evolving continuously, and often faster than formal regulations themselves, companies need to be establishing proactive risk assessment, technological investment and adaptive compliance frameworks that are capable of responding to emerging requirements before they become mandatory.
The Bigger Picture
AML regulatory updates - Sep 2024-Sep 2025
Vixio PaymentsCompliance Horizon Scanning data shows, even with fluctuations, a significant number of industry-specific updates related to AML are released every month globally, only dropping below 20 for one month in the last year. Although in the previous 12 months the highest volume was recorded in October 2024, the highest peak in 2025 so far was in July, which is unusual for a summer month when regulatory activity typically slows. There was a flurry of activity in the UK that month, which included the release of the national risk assessment and a crypto-asset threat assessment, and in New Zealand, which revealed reforms to its anti-money laundering/counter-terrorism financing (AML/CTF) framework.
Although AML updates (9) from the Latin America region lag behind Europe so far this year, there is potential for regulatory impact to grow moving forward, with draft frameworks being introduced in Peru and Uruguay.
The high number of informative updates each month relate primarily to enforcement actions in relation to AML, which will be discussed in more length in part two of this influencer to determine whether the correlation between enforcement actions and regulatory activity suggests a reactive or continuous supervisory approach to AML.
AML/CTF becoming a growing regulatory priority
Vixio Horizon Scanning data also highlights that AML-related regulatory updates are progressively representing a larger percentage of global regulatory activity, reflecting an overall trend toward increased focus on financial crime compliance. At this point last year, just over 10 percent of updates published each month related to AML, whereas it is now up to around 20 percent for the last four months.
The focus on AML/CTF could be regulators’ reaction to keeping pace with the increasing sophistication and advancements of financial crimes. Legacy regulation and systems were created long before some technologies or financial crimes were even born or known about.
The legislative process can be slow, when taking into consideration discussions, consultations, reviews, etc., which means that regulators and authorities are not equipped with keeping up to date with the rapid-paced world of financial crime. Crimes that are also becoming more coordinated and harder to detect. So although AML regulatory activity remains high, it appears reactive, responding to rather than anticipating innovations in technology and criminal advancements. This also suggests that AML-related regulatory activity could continue to grow in an ever-evolving technological world.
Key AML regulatory trends in 2025 and going forward
Crypto-assets are now coming squarely into focus of AML regulation. Following the launch of its powers, the newly-established Anti-Money Laundering Authority (AMLA), the single AML regulator for the EU, on July 15, 2025, made clear that its expectations regarding those operating in the crypto-assets sector are high regarding protections against money laundering and terrorism financing.
The same month, the UK’s Treasury released the latest national risk assessment for money laundering and terrorism financing, in which crypto-assets were also explicitly mentioned as a rising risk, particularly stablecoins, in relation to sanctions evasion, scams and fraud. The report also affirmed that criminals are continuing to use increasingly sophisticated techniques, and are adapting quickly to law enforcement intervention, indicating that continued evolution of regulation will be needed to counteract the problem. Of note, the money laundering risk of payments service providers and electronic money institutions was also raised from medium to high as a result of the sector’s increased exposure and use.
In April, the US bucked the trend in relation to establishing a coordinated approach to AML regulation of crypto-assets by disbanding the National Cryptocurrency Enforcement Team at the Department of Justice. Instead, a decentralised approach will be taken in relation to crypto enforcement, in which US attorney’s offices will now take the lead. However, the deputy secretary at the Department of the Treasury did suggest in June that considerations were being made in relation to modernising the Bank Secrecy Act, which could lead to increased regulatory activity in relation to AML if they are to come to fruition.
Automation and AI is being embedded more and more into the AML compliance process, which can bring benefits but can also allow for potential weaknesses to appear. There is a growing narrative around AI following the same kind of path as the crypto boom, as it has seen rapid growth, with many companies looking to invest, but with minimal oversight. If it is to follow the same kind of path, then regulation can be expected moving forward. In May 2025, the Central Bank of Nigeria released baseline standards for automated AML solutions, part of which would involve the central bank doing periodic compliance inspections and system checks.
Nigeria’s move is part of its intensifying effort to exit FATF’s list of jurisdictions under increased monitoring (the so-called “grey list”). Movement by those who have been recently removed from, or are looking to exit, the list have also had an influence on regulatory activity this year, again with a particular focus on crypto-assets. The United Arab Emirates, which was removed from the grey list last year, updated its AML regulation at the start of the year to include virtual asset providers within its scope. Ghana, on the list, has recently released its national AML/CTF policy and action plan, as well as its first AML risk assessment on crypto-assets. Earlier in the year, Kenya, also on the list, passed AML laws to align with global standards and since has been releasing a stream of further guidance. To be taken seriously on the global financial stage, developing jurisdictions understand the importance of a high standard of AML regulation and alignment, which in turn should help alleviate friction and fragmentation. However, there is still a long way to go with more than 20 jurisdictions still on the list, and therefore more regulatory activity can be expected.
Why should you care?
As AML regulation extends to cover crypto-assets and crypto-asset service providers, and other new technological advancements, companies must conduct thorough assessments of their existing compliance infrastructure to ensure resilience. This is also the case for doing business with jurisdictions still evolving their AML/CTF frameworks. Although the initial compliance burden could be substantial, institutions that invest in robust, adaptable systems will ultimately benefit from streamlined processes that enhance both security and operational efficiency.
With more and more onus being placed on companies’ ability to anticipate and prevent financial crimes before they happen, they should:
- Monitor and track regulatory developments: identifying trends and patterns across jurisdictions could allow firms to predict future regulatory direction before it even happens and can ensure they are compliant when it does catch up. This should mean firms do not encounter costly enforcement action as a result of lax compliance.
- Develop and build out technical capabilities and systems: growing caseloads, manual processes and reviews, and outdated systems that cannot deal with the increasing complexity of financial crime are difficult for AML teams to deal with. Automation and AI solutions should help free up the time of compliance professionals to focus on the tasks they need to; however, such solutions should always be accompanied with strict governance and compliance practices to safeguard against operational failures. The volume and impact of regulatory changes also looks to be ever increasing, which means digital solutions to help with regulatory reporting and other tasks could be a massive time-saving investment. For example, in the EU, as centralised reporting comes into place, building systems and frameworks that operate cohesively across the bloc could save time and effort.
- Train and invest in personnel: ensuring staff are kept up-to-date and trained on all the latest developments and requirements will help to make sure companies remain compliant and not susceptible to criminal elements. It doesn’t matter what the size of a company is, the AML requirements stay the same, so smaller companies may not have the capabilities of larger companies but they will still be required to comply, which means ensuring they have the right skills and knowledge available to them. Staff not being informed or prepared could again lead to costly enforcement action, reputational damage and operational disruptions.
- Establish relationships with AML supervisors in jurisdictions: fostering these kinds of relationships could be beneficial in understanding the AML regulatory landscape. For example, if operating in the EU, high-risk financial institutions and obliged entities should look to establish a relationship with AMLA, as it will be directly responsible for supervision. However, building relationships with national competent authorities and financial intelligence units will help ensure you keep up to date with the latest developments, and could give you an advantage over competitors.
Next steps
The second part of this regulatory influencer will look at enforcement action in relation to AML regulation to provide further insight into whether increased regulation leads to an increase in enforcement action, or whether increased enforcement action is the reason for rising regulation, and whether this varies across regions. Learning and understanding these kinds of patterns can ensure firms stay ahead of the curve.
More information on enforcement action can be found in our latest outlook: Enforcement – Asia-Pacific, Europe and North America.
