RegRally Insights: Your Guide to AML/CTF Compliance, September 2025

Welcome to our monthly newsletter on Anti-Money Laundering and Counter-Terrorist Financing. It is dedicated to everyone who wants to understand the latest trends and developments, get tips from our experts and deepen their knowledge.

BIS Proposes AML Compliance Score for Crypto-Assets

In August 2025, the Bank for International Settlements (BIS) proposed an AML compliance score for crypto-assets to assess the likelihood of links to illicit activity. The model would leverage blockchain transparency and could be applied by banks, exchanges, and intermediaries when converting crypto into fiat. According to BIS, stablecoins accounted for 63% of illicit flows in 2024, highlighting their central role in risk exposure. The score could classify assets from “clean” to “tainted,” potentially strengthening financial integrity.

However, the proposal faces challenges: fragmented implementation due to differing national rules, risks of excluding legitimate users, and difficulties detecting illicit flows that remain entirely within the crypto ecosystem.

Key takeaways for financial institutions and intermediaries:

  • Anticipate AML scoring integration into monitoring, due diligence, and onboarding processes.
  • Adapt compliance frameworks to account for divergent national rules and fragmented adoption.
  • Be alert to over-reliance risks, ensuring clients are not unfairly excluded or devalued by association.
  • Strengthen internal expertise on blockchain analytics to effectively assess “tainted” vs. “clean” assets.

FATF Issues NRA Toolkit Annexes to Strengthen ML/TF Risk Assessments

In August 2025, the Financial Action Task Force (FATF) published Annexes A–C to its Money Laundering National Risk Assessment (NRA) Toolkit, designed to help jurisdictions conduct more robust and focused ML/TF risk assessments.

  • Annex A provides quick-reference guides for high-risk and complex areas such as corruption, virtual assets and VASPs, legal persons and arrangements, and the informal economy—domains characterised by cross-border exposure, limited data, and fast-changing typologies.
  • Annex B offers comparative insights on predicate offences like fraud, corruption, drug trafficking, and tax crime, helping jurisdictions prioritise their assessments.
  • Annex C compiles practical NRA methodologies from the World Bank, IMF, and Council of Europe, featuring tools such as self-assessments, heatmaps, and sector modules.

Collectively, these annexes aim to help countries overcome data and resource gaps while maintaining a sharp focus on both domestic and cross-border money laundering threats.

Our recommendations:

  • Compliance and AML professionals should anticipate supervisory expectations for deeper thematic risk assessments, particularly in virtual assets, VASP oversight, and beneficial ownership transparency.
  • Institutions should use national risk assessment findings to stress-test internal risk models to ensure regulatory alignment and anticipate supervisory priorities.

Bank of Lithuania Lifts Restrictions on Valyuz, Fines Pervesk for AML/CFT Breaches

The Bank of Lithuania has lifted restrictions on Valyuz UAB after confirming that earlier AML/CFT shortcomings were fully addressed through independent audits and operational enhancements, including stronger human resources, improved quality assurance, and more effective transaction monitoring.

In contrast, UAB Pervesk was fined €130,000 for serious AML/CFT violations. Gaps identified included insufficient staff training, weak conflict-of-interest management, inadequate enhanced due diligence, and ineffective transaction monitoring scenarios. While Pervesk has initiated remedial measures and carried out an interim audit, it must still close the remaining gaps and obtain final independent audit confirmation.

Key takeaways for financial institutions:

  • Independent audits are used for remediation and as a continuous assurance tool.
  • Invest in staff training and awareness to strengthen compliance culture.
  • Align enhanced due diligence with high-risk clients and correspondent banking relationships.
  • Ensure transaction monitoring scenarios are tailored to ML/TF typologies, with proactive and retrospective controls.

Wolfsberg Group Calls for Innovation in Suspicious Activity Monitoring

The Wolfsberg Group has released Part II of its Statement on Effective Monitoring for Suspicious Activity, urging financial institutions to move beyond legacy rules-based systems. Supervisors, particularly in the U.S., are increasingly encouraging the responsible adoption of AI and machine learning to improve financial crime detection.

The paper highlights that effectiveness should be judged not by the volume of alerts, but by the precision, recall, and quality of suspicious activity reports. Transparency and explainability remain essential, while institutions are advised to balance model risk against financial crime risk—acknowledging that even imperfect models may reveal threats missed by traditional approaches. A hybrid model blending rules, supervised, and unsupervised techniques is recommended to address known and emerging risks.

Key takeaways for financial institutions:

  • Reassess monitoring systems to ensure they address evolving criminal behaviours and typologies.
  • Adopt an innovation governance framework that balances technical model risk with financial crime risk mitigation.

FinCEN Warns on Chinese Money Laundering Networks Supporting Mexican Cartels

FinCEN has issued an Advisory and Financial Trend Analysis identifying Chinese Money Laundering Networks (CMLNs) as the primary laundering partners for Mexican cartels, including CJNG, Sinaloa, and the Gulf Cartel. These networks convert illicit U.S. dollars into value for Chinese nationals seeking to bypass PRC capital controls.

Methods used by CMLNs include:

  • Student visa holders and other money mules.
  • Mirror transactions, often involving crypto.
  • Trade-based laundering through cars, electronics, and luxury goods.

Fincen flagged red flags such as unexplained wealth, inconsistent occupational profiles, frequent “tuition” wires, reluctance to explain transactions, and shell companies acquiring real estate.

Key takeaways for financial institutions:

  • Train staff to detect CMLN-related red flags.
  • Apply enhanced due diligence (EDD) for Chinese nationals engaged in high-risk activities such as real estate or bulk cash deposits.
  • Strengthen crypto flow monitoring and mirror transactions tied to potential CMLN activity.

The European Banking Authority

The European Banking Authority finds that SupTech can enhance the effectiveness of AML/CFT supervision. Across 28 national authorities, 60 SupTech initiatives were identified, with nearly half already operational. The tools are most commonly used for risk assessments and processing large data volumes, leveraging technologies such as AI, natural language processing, blockchain analytics, and big data platforms.

Authorities report improvements in data quality, faster risk detection, and stronger cross-border cooperation. However, challenges remain, including poor data quality, shortages of skilled personnel, fragmented solutions due to limited collaboration, and legal or interoperability barriers.

SupTech adoption is accelerating, but harmonisation and maturity are still developing.

The Bank of Lithuania on the VoP service

In August 2025, the Bank of Lithuania approved several measures to strengthen payment security and financial crime oversight. By October, a new Verification of Payee (VoP) service will be introduced in CENTROlink to reduce fraud and misdirected payments. The Bank also updated reporting obligations for asset-referenced token issuers and CASPs in line with MiCA. Finally, it reaffirmed strict enforcement of AML/CFT rules, revoking the licence of UAB PanPay Europe for repeated non-compliance.

Latvia First to Complete FATF Mutual Evaluation Under Updated Standards

The August 2025 edition of Latvia’s Financial Integrity Newsletter marks a global first: Latvia has completed a mutual evaluation under the updated FATF standards, demonstrating its commitment to a robust, transparent, and risk-based financial crime framework. Statements from the Prime Minister and Finance Minister highlight the country’s progress in strengthening trust in its financial system.

The issue also covers the EU’s new AML package, including creating AMLA and harmonised rules to improve cross-border supervision and data sharing. Infographics, expert commentary, and resources from Latvijas Banka—such as licensing guidance and typology assessments—support institutions in adapting to these changes.

Key takeaways for financial institutions:

  • Align policies with the EU’s new AML framework and AMLA’s enforcement role.
  • Leverage resources (licensing and typology guidance) to refine risk assessments, staff training, and supervisory readiness.
Newsletter SubscriptionGet in touch
Free initial advice now!

Have a question or need more information?

Send us an e-mail message!