
AMLA Draft: The Format to Be Used for the Reporting of Suspicions and for the Provision of Transaction Records under Article 69(3) AMLR
The European Union is fundamentally transforming the way suspicious transactions are reported to Financial Intelligence Units (FIUs). With the adoption of the new Anti-Money Laundering Regulation (AMLR) (Regulation (EU) 2024/1624), Article 69(3) empowers the European Commission to establish Implementing Technical Standards (ITS) specifying a harmonised format for Suspicious Transaction Reports (STRs), Suspicious Activity Reports (SARs), and transaction records.
The draft ITS represents far more than a technical reporting template. It establishes the first European AML reporting data model, designed to standardise information exchange between obliged entities and FIUs throughout the European Union.
Legal Basis
Article 69 AMLR governs the obligation of obliged entities to:
- report suspicions to the competent FIU; and
- provide transaction records upon request.
Under Article 69(3), the Commission shall adopt Implementing Technical Standards defining the reporting format.
The objective is straightforward:
- improve data quality,
- facilitate cross-border reporting,
- harmonise reporting practices,
- increase FIU analytical capabilities,
- reduce compliance complexity for multinational obliged entities.
A European Standard Instead of 27 National Formats
Today, every Member State uses its own reporting forms and technical specifications.
The new ITS introduces a common European reporting architecture while still allowing limited national adaptations where strictly necessary.
Instead of harmonising only electronic file formats, the ITS harmonises:
- reporting templates,
- data definitions,
- reporting logic,
- validation rules,
- mandatory data fields,
- conditional fields,
- technical attributes,
- reporting relationships.
This creates semantic interoperability across the Union.
Reporting Suspicions: A Structured Data Model
The ITS replaces traditional free-text reporting with structured reporting based on predefined data points.
Each report consists of categories such as:
- Report information
- Natural persons
- Legal entities
- Accounts
- Transactions
- Products and services
- Contact information
- Adverse information
- Non-transactional activities
- Objects
- Links between entities
Each category contains predefined data points with clear definitions and reporting rules.
The accompanying AMLA Interpretative Note explains that the data points are organised into categories and are activated depending on the type of obliged entity and the type of suspicion being reported. Not every template applies to every reporting entity, and only the relevant mandatory or conditional fields must be completed.
Five Types of Data Points
One of the most innovative aspects of the ITS is its sophisticated classification of reporting obligations.
Mandatory
These data points must always be reported.
Technically Required
A subset of mandatory fields.
If missing, the report cannot be submitted because the validation rules fail.
Mandatory if Available
These fields are required only where the obliged entity already possesses the information.
There is no obligation to obtain additional information solely for reporting purposes.
Optional
Optional information may be provided whenever it helps the FIU better understand the reported suspicion.
FIU-Required
Certain data points may only be required by individual FIUs because of national legislation or specific national circumstances.
This preserves limited national flexibility without undermining European harmonisation.
Dynamic Reporting Through Dependent Data Points
The ITS introduces a concept largely unknown in current AML reporting systems: dependent data points.
Certain fields become mandatory only when predefined conditions are met.
For example:
- a customer is identified as a Politically Exposed Person (PEP);
- crypto-assets are involved;
- correspondent banking services are used;
- sanctions are identified;
- a legal entity rather than a natural person is reported.
This enables dynamic reporting templates instead of static forms.
Suspicious Transaction Reports and Suspicious Activity Reports
The ITS distinguishes between:
- Suspicious Transaction Reports (STRs)
- Suspicious Activity Reports (SARs)
Depending on the selected report type, different categories become applicable.
For example:
- STRs require transaction information.
- SARs focus primarily on suspicious activities rather than individual transactions.
The Interpretative Note explains that the selected report type determines which data categories must be completed. For example, STRs require transaction-related information, whereas SARs omit the transaction category and instead focus on non-transactional activities where appropriate.
Transaction Records
Besides suspicious reporting, Article 69(3) also standardises the provision of transaction records.
Different templates are provided for various business models, including:
- banking activities,
- payment services,
- money remittance,
- crypto-asset services,
- correspondent banking.
Unlike STR reporting, transaction record formats are intended to be highly prescriptive to ensure machine-readable interoperability with FIU analytical systems.
Machine-Readable Reporting
Reports must generally be submitted electronically using machine-readable formats through FIU reporting platforms.
Although Member States remain free to choose their technical infrastructure, the reporting content must follow the harmonised European data model.
This significantly improves:
- automated validation,
- data quality,
- interoperability,
- cross-border information exchange,
- analytical processing.
The AMLA Interpretative Note
An important innovation is that many technical specifications are intentionally not included directly in the Regulation.
Instead, AMLA publishes an accompanying Interpretative Note.
This document provides:
- technical attributes,
- data types,
- validation rules,
- enumerations,
- guidance for completing templates,
- reporting examples,
- implementation guidance for software developers.
According to the Interpretative Note, its purpose is to facilitate reporting, guide technical implementation, promote data standardisation and improve data quality, while clarifying that it does not create new legal obligations beyond the ITS itself.
This approach allows technical specifications to evolve without reopening the legislative process.
Data Quality Becomes a Legal Obligation
Article 9 of the ITS explicitly requires obliged entities to ensure that reported data are:
- complete,
- technically accurate,
- internally consistent,
- plausible,
- compliant with FIU validation rules.
Consequently, data quality itself becomes an AML compliance obligation.
Poor-quality reporting may increasingly become a supervisory concern.
Periodic Updates
The reporting model is designed to evolve.
AMLA establishes a permanent working group responsible for reviewing the data model.
Formal reviews are planned every four years and may introduce:
- new data points,
- modified definitions,
- updated technical specifications,
- new reporting categories,
- additional validation rules.
Emergency procedures also allow FIUs to introduce temporary additional data points where necessary to respond to emerging threats before the next scheduled review.
What Does This Mean for Obliged Entities?
Financial institutions, crypto-asset service providers, payment institutions and other obliged entities should begin preparing well before the technical implementation becomes mandatory.
Key implementation projects will likely include:
- adapting AML transaction monitoring systems;
- redesigning STR workflows;
- enhancing customer due diligence data quality;
- updating FIU reporting interfaces;
- mapping existing data fields to the new AMLA data model;
- improving governance for AML data management.
Institutions operating across several Member States are likely to benefit the most from the future harmonised reporting framework.
Key Takeaways
The Implementing Technical Standards under Article 69(3) AMLR represent one of the most significant operational reforms introduced by the EU Anti-Money Laundering Package.
Rather than merely harmonising reporting templates, they establish a common European language for suspicious transaction reporting. By defining standardised data points, structured reporting logic, machine-readable transaction records and harmonised validation rules, the ITS lays the foundation for a modern, interoperable AML reporting ecosystem across the European Union.
For obliged entities, compliance will increasingly depend not only on identifying suspicious activities but also on maintaining high-quality, structured and standardised AML data capable of supporting effective financial intelligence at both national and European levels.