Panoramic: Automotive and Mobility 2025
Insights and Analysis
The new EU Anti-Money Laundering Regime: implications for life insurers and insurance intermediaries
09 January 2026
With the aim of strengthening and harmonising the anti-money laundering (AML) and counter-terrorism financing (CFT) requirements across the EU, the latest overhaul of the AML/CFT Framework represents a significant shift in regulatory architecture, compliance expectations and supervisory relationships. For life insurance companies and certain insurance intermediaries classified as ‘obliged entities' there are a number of changes which will have implications touching on scope, compliance and governance.
The new AML Framework
The new AML framework comprises three core legislative instruments:
- The Anti Money Laundering Regulation (Regulation EU 2024/1624) (AML Regulation) – this introduces a harmonised set of AML rules that will apply directly across all EU Member States, replacing the Fourth and Fifth AML Directives and should eliminate the inconsistencies that have arisen through differing national transpositions of previous AML Directives. Together with Level 2 measures, the new rules will create a Single Rulebook.
- The new Sixth Anti-Money Laundering Directive (Directive EU 2024/1640) (AMLD6) – this complements the AML Regulation by enhancing national supervisory structures and enforcement and penalty mechanisms. The changes aim to close regulatory gaps and ensure consistent enforcement across the EU.
- The new Anti-Money Laundering Authority Regulation (Regulation EU 2024/1620) (AMLA Regulation) – this establishes the new Anti-Money Laundering Authority (AMLA), a central EU supervisory body, operational since July 2025, which will directly supervise high-risk obliged entities (from 2028) and coordinate national supervisory authorities, ensuring consistency in the application of the AML rules.
Implications for life insurers and insurance intermediaries
Scope of Obliged Entities – The AML Regulation expands the definition of ‘obliged entities’. Financial institutions listed in Article 2(6) of the AML Regulation, which includes life insurers and certain insurance intermediaries (when acting with respect to life and other investment-related insurance), are obliged entities. In the case of life insurers the definition has been broadened to refer to an insurance undertaking carrying out life ‘or other investment-related assurance activities’ covered by the Solvency II Directive and adds to the definition, insurance holding companies and mixed-activities insurance holding companies (as defined by the Solvency II Directive). Insurance Europe, in its Position Paper on the AML Package published in December 2021, raised concerns about these changes. It pointed out that clarification was needed on which activities qualify as ‘investment-related assurance activities’ as this term is not defined in the Solvency II Directive nor in the AML Regulation. It also pointed out that the inclusion of insurance holding companies and mixed-activity insurance holding companies, albeit to the extent that they carry out life or other investment related assurance activities, could lead to unnecessary regulatory burdens. It remains to be seen whether the new EU or national authorities will provide further elaboration.
The AML rules will continue to apply to EU branches of in scope life insurers and insurance intermediaries, whether the head office is in a Member State or in a third country.
Governance and compliance – The rules introduce a new layer of governance by requiring an obliged entity to appoint a Compliance Manager, in addition to the current requirement for a Compliance Officer. The Compliance Manager will have responsibility for implementing the AML rules in the firm and reporting to the management board. Insurance Europe has expressed concern that the new dual compliance roles and rigid internal control structure risks creating communication silos, especially in smaller firms with lean compliance teams. The European Federation of Insurance intermediaries (BIPAR) has also expressed its view that SME insurance intermediaries should not be obliged to appoint a Compliance Manager and that a differentiating approach should be taken, based on not only size but on the low AML risk exposure of the entity in question.
For obliged entities operating across multiple EU countries, the Single Rulebook offers the potential for streamlined compliance. However, the transition period may be challenging, especially where national laws in Member States currently exceed EU minimum standards.
Customer Due Diligence (CDD) – Obliged entities operating in the insurance industry must conduct CDD at policy inception and throughout the policy lifecycle. This includes identifying and verifying customers, beneficial owners and beneficiaries. In high-risk scenarios – such as when dealing with a Politically Exposed Persons (PEPs) or clients from high-risk jurisdictions – enhanced due diligence measures may be applied. These include verifying the source of funds, conducting ongoing monitoring, and escalating to senior management before payment of the policy proceeds. For certain products determined to have a low risk factor, such as life insurance policies for which the premium is low and policies for pension schemes with no early surrender option and which cannot be used as collateral, simplified due diligence measures may be used.
In March 2025, the European Banking Authority consulted on draft regulatory technical standards on the information necessary for the performance of CDD. This sets out the extent and quality of information which must form part of the CDD process. In its response, Insurance Europe pointed out numerous instances where the proposed requirements are ill suited for certain life insurance products, such as pensions and pure risk insurance policies, which present a low risk of money laundering or terrorist financing. It has strongly argued that simplified due diligence should be the rule for low-risk life insurance products and specific sectorial simplified measures should be introduced for these products. The consultation will feed into the EBA’s response to the European Commission’s Call for Advice on the new AMLA mandates, expected towards the end of October 2025. The new CDD requirements will apply to all new customers from July 2027 and for existing customers firms must ensure compliance within five years from the date on which the Delegated Regulation on CDD comes into force.
In conclusion
While the reforms aim to create a more consistent and effective AML regime, they will introduce significant compliance burdens and operational challenges. Insurers will need to adapt by investing in new systems and strengthening governance structures. Failure to comply can result in severe penalties, including fines, licence revocation and reputational damage.
Authored by Kirsten Barber.
Contacts
View more insights and analysis
