New Training Requirements under Art. 12 AMLR

New Training Requirements under Art. 12 AMLR

With the entry into force of Regulation (EU) 2024/1624 (AMLR), awareness of AML/CFT requirements is no longer a soft governance principle. Under Article 12 AMLR, it becomes a directly applicable, legally binding organisational obligation for all obliged entities across the European Union.

The provision requires obliged entities to take concrete measures to ensure that relevant persons are aware of:

  • applicable AML/CFT legislation,
  • supervisory instructions,
  • and the entity’s own risk assessment and control framework.

This obligation applies irrespective of national transposition and is enforceable by supervisors and AMLA.

Legal framework covered by Article 12 AMLR

Article 12 AMLR explicitly refers to three regulatory layers that must be covered by awareness measures.

Article 12 AMLR

Awareness of Regulation (EU) 2024/1624 (AMLR)

Employees and comparable persons must be aware of the requirements arising from the AMLR itself, including:

  • customer due diligence obligations,
  • risk-based approach requirements,
  • internal control and governance duties,
  • documentation and record-keeping rules,
  • escalation and reporting obligations.

Awareness is not limited to abstract knowledge of the regulation, but must relate to how AMLR requirements are applied within the obliged entity’s business model.

Awareness of Regulation (EU) 2023/1113 (Transfer of Funds Regulation – TFR)

Article 12 AMLR expressly includes Regulation (EU) 2023/1113, which governs:

  • information accompanying transfers of funds and crypto-assets,
  • traceability requirements,
  • obligations of payment service providers and crypto-asset service providers.

Relevant staff must therefore understand:

  • which transactions fall under the TFR,
  • what information must accompany transfers,
  • how deficiencies, missing data or anomalies must be handled operationally.

This creates a formal compliance bridge between AML/CFT controls and payments/crypto processing.

Awareness of Administrative Acts issued by supervisors

Awareness trainings must also extend to any administrative act issued by any supervisor, including:

  • supervisory orders,
  • remedial measures,
  • findings from inspections,
  • binding instructions addressed to the entity.

This means that supervisory actions are not isolated management-level documents. Their content must be embedded into:

  • internal procedures,
  • staff awareness,
  • and day-to-day operational conduct.

Failure to cascade supervisory acts internally can constitute an independent breach of Article 12 AMLR.

Awareness of the Internal AML Framework

Article 12 AMLR goes beyond external law and explicitly requires awareness of the entity’s internal AML architecture.

Awareness of Business-wide Risk Assessment (BWRA)

Relevant persons must be aware of:

  • the existence of the BWRA,
  • its key risk drivers,
  • and how these risks affect their own function.

The BWRA is therefore not a compliance document “on file”, but a living reference point for operational decision-making.

Awareness of Internal Policies, Procedures and Controls

Awareness trainings must cover:

  • AML/CFT policies,
  • procedural rules,
  • control mechanisms,
  • escalation and reporting paths.

This includes understanding who does what, when, and how within the AML control framework.

Generic knowledge of policy titles is insufficient; awareness must be function-specific and risk-aligned.

Awareness of processing of personal data

Article 12 AMLR explicitly includes awareness of internal rules “including in relation to the processing of personal data for the purposes of this Regulation.”

This establishes a mandatory link between:

  • AML compliance, and
  • data protection obligations.

Relevant persons must understand:

  • which personal data are processed for AML/CFT purposes,
  • the legal basis for such processing,
  • retention and access rules,
  • and internal safeguards.

AML/CFT data processing is not optional GDPR processing; it is legally mandated, but subject to strict purpose limitation and internal controls.

Who must be covered by Awareness Measures

The personal scope of Article 12 AMLR includes:

  • employees,
  • persons in comparable positions,
  • agents and distributors,

where their function so requires.

The decisive criterion is functional relevance, not contractual status. Any person involved in:

  • onboarding,
  • transaction processing,
  • distribution,
  • monitoring,
  • or decision-making within the AML perimeter must be covered.

Mandatory Awareness Training as a core measure

Article 12 AMLR requires that awareness measures shall include participation in specific, ongoing training programmes.

Training must:

  • help recognise operations potentially related to ML/TF,
  • instruct participants how to proceed in such cases,
  • be appropriate to functions and activities,
  • reflect the entity’s ML/TF risk exposure,
  • and be duly documented.

One-off onboarding training does not meet the AMLR standard.

Documentation as a compliance requirement

Awareness trainings and other awareness measures must be documented.
Without documentation, compliance cannot be demonstrated.

This makes Article 12 AMLR directly relevant for:

  • supervisory inspections,
  • internal audit reviews,
  • enforcement actions.

Key takeaway

Article 12 AMLR transforms “awareness” into a regulatory control obligation.

Obliged entities must be able to demonstrate that relevant persons are aware of:

  • AMLR requirements,
  • TFR obligations,
  • supervisory acts,
  • the business-wide risk assessment,
  • internal AML controls,
  • and AML-specific data-processing rules.

Failure to ensure and document such awareness constitutes a direct breach of EU AML law, regardless of whether money laundering has occurred.

Leave a Reply

Your email address will not be published. Required fields are marked *