AMLA 2026-28 Single Programming Document: What the EU AML Authority Will Deliver – and When

AMLA publishes its first Single Programming Document (2026-2028)

On 4 February 2026, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) published its Single Programming Document (SPD) for 2026-2028. This marks a decisive shift from institutional set-up to full operational delivery of AMLA’s mandate at EU level.

According to the official AMLA press release, the SPD is the Authority’s first multi-year plan, setting out priorities, timelines, and concrete deliverables as AMLA moves from foundation to execution. It provides a roadmap for the market, including obliged entities, supervisors, and Financial Intelligence Units (FIUs), ahead of the full application of the new EU AML framework Press Release – AMLA Publishes ….

Strategic priorities in the AMLA SPD 2026-2028

The SPD structures AMLA’s work around three core deliverables:

Completion of the EU AML/CFT Single Rulebook
Advancement of supervisory convergence across Member States
Strengthening cooperation among Financial Intelligence Units (FIUs)

These strategic objectives are translated into five interlinked activity streams that shape AMLA’s work in 2026 with impact across the entire 2026–2028 period:

delivering core regulatory mandates,
advancing direct supervision,
operationalising the FIU framework,
laying the foundations for indirect supervision and oversight, and
building AMLA’s EU-wide risk frameworks Press Release – AMLA Publishes ….

What the SPD 2026-2028 means for the market

AMLA explicitly frames the SPD as a preparatory roadmap for stakeholders. The Authority prioritises simplification and clarity, focusing on areas of highest relevance for obliged entities, in particular:

customer due diligence (CDD),
business relationships, and
a consistent supervisory framework across the EU.

The SPD also signals upcoming mandates and consultation opportunities, enabling early alignment by institutions and supervisors alike Press Release – AMLA Publishes ….

In parallel, AMLA is scaling its organisational capacity. Staff numbers are expected to grow from 120 at the end of 2025 to 432 by the end of 2027, supported by significant investment in IT infrastructure and internal governance structures.

What is explained in the “SPD 2026-2028 Explainer” PDF?

The SPD 2026-2028 Explainer provides an operational interpretation of the Single Programming Document and answers the question: what exactly will AMLA do, and when?

Key clarifications from the explainer include:

The SPD is a standard EU-agency planning instrument, linking objectives, activities, and resources.
2026 is the decisive execution year: AMLA will deliver 24 of its 40 mandates already in 2026.
Direct supervision is operationalised step-by-step:
- 2026: finalisation of the risk analysis and selection methodology and start of a data collection exercise in March 2026,
- 2027: selection of directly supervised entities,
- from 2028: direct supervision of 40 high-impact financial institutions.
FIU cooperation moves from coordination to operational integration, including joint analyses, peer reviews, and the full transfer of FIU.net by 2027.
AMLA’s risk analysis framework is described as the Authority’s “analytical backbone”, supported by dedicated data and IT infrastructure SPD 2026-2028 Explainer.

What is contained in the “AMLA SPD 2026-2028” document?

The AMLA Single Programming Document 2026–2028 itself is the central governance and delivery document.

It details:

AMLA’s strategic objectives,
the five activity pillars underpinning all actions,
expected outputs and milestones,
staffing and budgetary planning, and
the transition from a start-up authority to a fully operational EU supervisor.

Crucially, the SPD confirms that AMLA is entering the delivery and enforcement phase. From 2026 onwards, AMLA’s work is no longer conceptual: it is focused on rule-making, supervision, data-driven risk assessment, and convergence of supervisory practices across the Union AMLA SPD 2026-2028.

What Annex XI reveals: RTS, ITS and Guidelines timetable

Annex XI to the SPD 2026-2028 is the most technical – and for many institutions the most important – document. It sets out AMLA’s planning for Regulatory Technical Standards (RTS), Implementing Technical Standards (ITS), and Guidelines (GL).

Annex XI provides:

a comprehensive list of RTS, ITS and GL,
the legal basis (AMLR, AMLD, AMLA Regulation articles),
the type of instrument, and
consultation and finalisation timelines.

Key insights from Annex XI include:

A dense concentration of RTS and ITS in 2026, particularly in Q2–Q4 2026.
Core AML topics are fully standardised at EU level, including:
- CDD information requirements (AMLR Art. 28),
- business-wide risk assessments (AMLR Art. 10),
- ongoing monitoring and transactions (AMLR Art. 26),
- STR formats and FIU information exchange, and
- sanctions and breach classification methodologies.
AMLA will deliver RTS in two phases: first for the financial sector, then for the non-financial sector.

In practice, Annex XI functions as a forward rulebook index, showing exactly which binding standards will apply – and when Annex XI to AMLA SPD 2026-2028.

Why the AMLA SPD 2026-2028 matters

Taken together, the press release, SPD, explainer, and Annex XI send a clear message:

2026 is the inflection year for EU AML/CFT regulation.
AMLA is moving from preparation to execution and supervision.
CDD, risk assessment, monitoring, FIU cooperation, and sanctions will be fully harmonised through RTS and ITS.
Institutions that are not data-ready and structurally aligned by 2026 will face increasing supervisory pressure.

The AMLA 2026–28 Single Programming Document is therefore not a policy vision – it is the operational blueprint for the next phase of EU AML supervision.