icon-grid
Better Regulation logo
Table of Contents

Table of Contents

Expand all headings Collapse all headings Expand side bar Collapse side bar
Final Report - Guidelines EBA/2021/02 on customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions ('The ML/TF Risk Factors Guidelines') under Directive (EU) 2015/849 (EBA/GL/2021/02) (updated 30 December 2024)1. Executive summary2. Abbreviations3. Background and rationale3.1 Background (3.1.1-3.1.10)3.1.13.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.93.1.103.2 Rationale (3.2.11-3.2.36)3.2.113.2.12Business-wide risk assessments (3.2.13-3.2.14)3.2.133.2.14Non-face-to-face interactions (3.2.15-3.2.19)3.2.153.2.163.2.173.2.183.2.19Account information and payment initiation services (3.2.20-3.2.22)3.2.203.2.213.2.22Crowdfunding (3.2.23)3.2.23Editorial amendments (3.2.24)3.2.24High-risk third countries (3.2.25-3.2.26)3.2.253.2.26Financial inclusion and de-risking (3.2.27-3.2.29)3.2.273.2.283.2.29Scope of application of the Guidelines (3.2.30-3.2.31)3.2.303.2.31Independent reviews (3.2.32-3.2.33)3.2.323.2.33Investment citizenship schemes (3.2.34-3.2.36)3.2.343.2.353.2.36Guidelines1. Compliance and reporting obligations2. Subject matter, scope and definitions (updated 30 December 2024)3. ImplementationTitle I: General GuidelinesGuideline 1: Risk assessments: key principles for all firms (1.1-1.32)1.1General considerations (1.2-1.5)1.21.31.41.5Keeping risk assessments up to date (1.6-1.10)1.61.7 (updated 30 December 2024)1.81.91.10Business-wide risk assessments  (1.11-1.17)1.111.121.131.141.15Proportionality (1.16)1.16Implementation (1.17)1.17Linking the business-wide and individual risk assessments (1.18-1.20)1.181.191.20Individual risk assessments (1.21-1.28)1.211.22Initial Customer Due Diligence (1.23-1.25)1.231.241.25Obtaining a holistic view (1.26-1.27)1.261.27Ongoing customer due diligence (1.28)1.28Sources of information (1.29-1.32)1.291.301.311.32Guideline 2: Identifying ML/TF risk factors (2.1-2.21)2.12.2Customer risk factors (2.3-2.8)2.32.4 (updated 30 December 2024)2.52.62.7 (updated 3 November 2023)2.8Countries and geographical areas (2.9-2.15)2.92.102.112.122.132.142.15Products, services and transactions risk factors (2.16-2.19)2.162.172.182.19Delivery channel risk factors (2.20-2.21)2.202.21Guideline 3: Assessing ML/TF risk (3.1-3.9)3.1Taking a holistic view (3.2-3.3)3.23.3Weighting risk factors (3.4-3.7)3.43.53.63.7Categorising risk (3.8-3.9)3.83.9Guideline 4: CDD measures to be applied by all firms (4.1-4.78)4.14.24.34.4Customer due diligence (4.5-4.39)4.54.64.74.8Financial inclusion and de-risking (4.9-4.11)4.94.104.11Beneficial owners (4.12-4.25)4.12Beneficial ownership registers (4.13)4.13Control through other means (4.14-4.18)4.144.154.164.174.18Identifying the customer’s senior managing officials (4.19-4.22)4.194.204.214.22Identifying the beneficial owner of a public administration or a state-owned enterprises (4.23-4.25)4.234.244.25Evidence of identity (4.26-4.37)4.264.274.28Non-face to face situations (4.29-4.31)4.29 (updated 30 December 2024)4.304.31Using innovative technological means to verify identity (4.32-4.37)4.324.334.344.35 (updated 30 December 2024)4.364.37Establishing the nature and purpose of the business relationship (4.38-4.39)4.384.39Simplified customer due diligence (4.40-4.44)4.404.414.424.434.44Enhanced customer due diligence (4.45-4.68)4.454.464.47Politically Exposed Persons (4.48-4.52)4.484.494.504.514.52High-risk third countries (4.53-4.57)4.534.544.554.564.57Correspondent relationships (4.58-4.59)4.584.59Unusual transactions (4.60-4.61)4.60 (updated 30 December 2024)4.61 (updated 30 December 2024)Other high-risk situations (4.62-4.65)4.624.634.644.65Other considerations (4.66-4.68)4.664.674.68Monitoring (4.69-4.78)4.694.704.71Transaction monitoring (4.72-4.75)4.724.734.74 (updated 30 December 2024)4.75Keeping CDD information up to date (4.76-4.78)4.764.774.78Guideline 5: Record-keeping (5.1-5.2)5.15.2Guideline 6: Training (6.1-6.3)6.16.2 (updated 30 December 2024)6.3Guideline 7: Reviewing effectiveness (7.1-7.2)7.17.2Title II: Sector-specific GuidelinesGuideline 8: Sectoral guideline for correspondent relationships (8.1-8.3)8.18.28.3Risk factors (8.4-8.9)Product, service and transaction risk factors (8.4-8.5)8.48.5Customer risk factors (8.6-8.7)8.6 (updated 30 December 2024)8.7Country or geographical risk factors (8.8-8.9)8.8 (updated 30 December 2024)8.9Measures (8.10-8.25)8.108.118.128.13Respondents based in non-EEA countries (8.14-8.17)8.148.158.168.17Respondents based in EEA countries (8.18-8.19)8.188.19Respondents established in high-risk third countries, and correspondent relationships involving high-risk third countries (8.20-8.25)8.208.218.228.238.248.25Guideline 9: Sectoral guideline for retail banks (9.1-9.24)9.19.29.3Risk factors (9.4-9.11)Product, service and transaction risk factors (9.4-9.5)9.49.5Customer risk factors (9.6-9.7)9.69.7Country or geographical risk factors (9.8-9.9)9.89.9Distribution channel risk factors (9.10-9.11)9.109.11Measures (9.12-9.24)9.12Enhanced customer due diligence (9.13-9.14)9.139.14Simplified customer due diligence (9.15)9.15Pooled accounts (9.16-9.19)9.16 (updated 30 December 2024)9.17 (updated 30 December 2024)9.18 (updated 30 December 2024)9.19Customers that offer services related to crypto-assets (9.20-9.24) (updated 30 December 2024)9.20 (updated 30 December 2024)9.21 (updated 30 December 2024)9.22 (updated 30 December 2024)9.23 (updated 30 December 2024)9.24Guideline 10: Sectoral guideline for electronic money issuers (10.1-10.18)10.110.2 (updated 30 December 2024)Risk factors (10.3-10.10)Product risk factors (10.3-10.5)10.310.410.5Customer risk factors (10.6-10.7)10.610.7Distribution channel risk factors (10.8-10.9)10.810.9Country or geographical risk factors (10.10)10.10Measures (10.11-10.18)Customer Due Diligence measures (10.11-10.14)10.1110.1210.1310.14Enhanced customer due diligence (10.15-10.16)10.1510.16Simplified customer due diligence (10.17-10.18)10.1710.18Guideline 11: Sectoral guideline for money remitters (11.1-11.16)11.111.211.311.4Risk factors (11.5-11.11)Product, service and transaction risk factors (11.5-11.6)11.511.6Customer risk factors (11.7-11.8)11.711.8Distribution channel risk factors (11.9-11.10)11.911.10Country or geographical risk factors (11.11)11.11Measures (11.12-11.16)11.1211.1311.1411.15Use of agents (11.16)11.16Guideline 12: Sectoral guideline for wealth management (12.1-12.8)12.112.212.3Risk factors (12.4-12.6)Product, service and transaction risk factors (12.4)12.4Customer risk factors (12.5)12.5Country or geographical risk factors (12.6)12.6Measures (12.7-12.8)12.7Enhanced customer due diligence (12.8)12.8Guideline 13: Sectoral guideline for trade finance providers (13.1-13.24)13.113.213.313.413.513.6Risk factors (13.7-13.15)13.713.813.9Transaction risk factors (13.10-13.11)13.1013.11Customer risk factors (13.12-13.13)13.1213.13Country or geographical risk factors (13.14-13.15)13.1413.15Measures (13.16-13.24)13.1613.1713.18Enhanced customer due diligence (13.19-13.23)13.1913.2013.2113.2213.23Simplified customer due diligence (13.24)13.24Guideline 14: Sectoral guideline for life insurance undertakings (14.1-14.23)14.114.214.314.414.5Risk factors (14.6-14.13)Product, service and transaction risk factors (14.6-14.7)14.614.7Customer and beneficiary risk factors (14.8-14.9)14.814.9Distribution channel risk factors (14.10-14.11)14.1014.11Country or geographical risk factors (14.12-14.13)14.1214.13Measures (14.14-14.23)14.1414.1514.1614.17Enhanced customer due diligence (14.18-14.22)14.1814.1914.2014.2114.22Simplified customer due diligence (14.23)14.23Guideline 15: Sectoral guideline for investment firms (15.1-15.12)15.1 (updated 30 December 2024)15.2Risk factors (15.3-15.8)Product, service or transaction risk factors (15.3-15.4)15.315.4Customer risk factors (15.5-15.6)15.515.6Distribution channel risk factors (15.7)15.7Country or geographical risk factors (15.8)15.8Measures (15.9-15.12)15.915.1015.1115.12Guideline 16: Sectoral guideline for providers of investment funds (16.1-16.22)16.116.216.316.4Risk factors (16.5-16.12)Product, service or transaction risk factors (16.5-16.7)16.516.616.7Customer risk factors (16.8-16.9)16.816.9Distribution channel risk factors (16.10-16.11)16.1016.11Country or geographical risk factors (16.12)16.12Measures (16.13-16.22)16.1316.14Enhanced Customer Due Diligence (16.15-16.18)16.1516.1616.1716.18Simplified Customer Due Diligence (16.19-16.22)16.1916.2016.2116.22Guideline 17: Sectoral guideline for regulated crowdfunding platforms (17.1-17.8)17.117.217.3Risk factors (17.4-17.9)Product, service and transaction risk factors (17.4-17.5)17.4 (updated 30 December 2024)17.5Customer risk factors (17.6)17.6 (updated 30 December 2024)Distribution channel risk factors (17.7-17.8)17.717.8Country or geographical risk factors (17.9)17.9Measures (17.10-17.17)17.1017.1117.1217.13Customer due diligence (17.14-17.15)17.1417.15Enhanced customer due diligence (17.16)17.16Simplified customer due diligence (17.17)17.17Guideline 18: Sectoral guideline for payment initiation service providers (PISPs) and account information service providers (AISPs) (18.1-18.15)18.118.218.3Risk factors (18.4-18.7)Customer risk factors (18.4)18.4Distribution channel risk factors (18.5)18.5Country or geographical risk factor (18.6-18.17)18.618.7Measures (18.8-18.15)18.818.918.1018.11Customer due diligence (18.12-18.15)18.1218.13Enhanced customer due diligence (18.14)18.14Simplified customer due diligence (18.15)18.15Guideline 19: Sectoral guideline for firms providing activities of currency exchange offices (19.1-19.12)19.119.2Risk factors (19.3-19.7)Product, service and transaction risk factors (19.3-19.4)19.319.4Customer risk factors (19.5)19.5Distribution channel risk factors (19.6)19.6Country or geographical risk factors (19.7)19.7Measures (19.8-19.12)19.8Customers due diligence (19.9-19.10)19.919.10Enhanced customer due diligence (19.11)19.11Simplified customer due diligence (19.12)19.12Guideline 20: Sectoral guideline for corporate finance (20.1-20.9)20.120.2Risk factors (20.3-20.5)Customer and beneficiary risk factors (20.3-20.4)20.320.4Country or geographical risk factors (20.5)20.5Measures (20.6-20.9)20.6Enhanced customer due diligence (20.7)20.7Simplified due diligence (SDD) (20.8-20.9)20.820.9Guideline 21: Sectoral Guideline for crypto-asset services providers (CASPs) (updated 30 December 2024)Annex: Customers that are NPOs (updated 3 November 2023)4. Accompanying documents4.1 Cost-benefit analysis/impact assessment (4.1.1-4.1.46)Introduction  (4.1.1-4.1.5)4.1.14.1.24.1.34.1.44.1.5Scope and objectives (4.1.6-4.1.10)4.1.64.1.74.1.84.1.94.1.10Baseline (4.1.11-4.1.14)4.1.114.1.124.1.134.1.14Consistency with international AML/CFT standards  (4.1.15)4.1.15Option 1 - ESAs’ GL simply reproduce international AML/CFT standards (4.1.16-4.1.20)4.1.164.1.174.1.184.1.194.1.20Option 2 - ESAs’ GL are consistent with international AML/CFT standards (4.1.21-4.1.23)4.1.214.1.224.1.23Option 3 - ESAs’ GL disregard international AML/CFT standards  (4.1.24-4.1.26)4.1.244.1.254.1.26Preferred option (4.1.27)4.1.27Level of prescription (4.1.28-4.1.29)4.1.284.1.29Option 1 - Exact definitions and actions (what constitutes high ML/TF risk and low ML/TF risk and what firms should do) (4.1.30-4.1.32)4.1.304.1.314.1.32Option 2 - Information to consider (to assess as high or low ML/TF risk, and which type of CDD might be appropriate to manage that risk) (4.1.33-4.1.35)4.1.334.1.344.1.35Preferred option (4.1.36)4.1.36Costs and benefits  (4.1.37-4.1.39)4.1.374.1.384.1.39Firms  (4.1.40-4.1.43)4.1.404.1.414.1.424.1.43Competent authorities (4.1.44-4.1.46)4.1.444.1.454.1.464.2 Overview of questions for consultation4.3 Summary of responses to the consultation and the EBA's analysis
Related
Document Overview
Tools
Set a date to view the document
Text comparison options
Full text - Date 1 vs Date 2
Amendments requiring commencement - Current text vs Text requiring commencement
Draft proposed changes - Current text vs Text proposed by drafting documents
Recently generated comparisons
None generated
Print / Export options
Whole document
Selected pages
Consolidated PDF of the entire document as of 17th April 2026
Original PDF
Export
Export line by line
Export provision to provision
Report template
Create report template
Alert me to changes
Manage alerts
Bookmarks
This document
Manage bookmarks
Search within this document
View previous searches
Share
Original source link (1)
Original source link (2)
Get page link
Share via email application

AI Summary of Final Report - Guidelines EBA/2021/02 on customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions ('The ML/TF Risk Factors Guidelines') under Directive (EU) 2015/849 (EBA/GL/2021/02) (updated 30 December 2024)

Next
Published date: 1 March 2021

Final Report - Guidelines EBA/2021/02 on customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions ('The ML/TF Risk Factors Guidelines') under Directive (EU) 2015/849 (EBA/GL/2021/02)
(updated 30 December 2024)

Status: Final and translated into the EU official languages
Relevant document
1. Executive summary
2. Abbreviations
3. Background and rationale
3.1 Background (3.1.1-3.1.10)
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.2 Rationale (3.2.11-3.2.36)
3.2.11
3.2.12
Business-wide risk assessments (3.2.13-3.2.14)
3.2.13
3.2.14
Non-face-to-face interactions (3.2.15-3.2.19)
3.2.15
3.2.16
3.2.17
3.2.18
3.2.19
Account information and payment initiation services (3.2.20-3.2.22)
3.2.20
3.2.21
3.2.22
Crowdfunding (3.2.23)
3.2.23
Editorial amendments (3.2.24)
3.2.24
High-risk third countries (3.2.25-3.2.26)
3.2.25
3.2.26
Financial inclusion and de-risking (3.2.27-3.2.29)
3.2.27
3.2.28
3.2.29
Scope of application of the Guidelines (3.2.30-3.2.31)
3.2.30
3.2.31
Independent reviews (3.2.32-3.2.33)
3.2.32
3.2.33
Investment citizenship schemes (3.2.34-3.2.36)
3.2.34
3.2.35
3.2.36
Guidelines
1. Compliance and reporting obligations
2. Subject matter, scope and definitions (updated 30 December 2024)
3. Implementation
Title I: General Guidelines
Guideline 1: Risk assessments: key principles for all firms (1.1-1.32)
1.1
General considerations (1.2-1.5)
1.2
1.3
1.4
1.5
Keeping risk assessments up to date (1.6-1.10)
1.6
1.7 (updated 30 December 2024)
1.8
1.9
1.10
Business-wide risk assessments  (1.11-1.17)
1.11
1.12
1.13
1.14
1.15
Proportionality (1.16)
1.16
Implementation (1.17)
1.17
Linking the business-wide and individual risk assessments (1.18-1.20)
1.18
1.19
1.20
Individual risk assessments (1.21-1.28)
1.21
1.22
Initial Customer Due Diligence (1.23-1.25)
1.23
1.24
1.25
Obtaining a holistic view (1.26-1.27)
1.26
1.27
Ongoing customer due diligence (1.28)
1.28
Sources of information (1.29-1.32)
1.29
1.30
1.31
1.32
Guideline 2: Identifying ML/TF risk factors (2.1-2.21)
2.1
2.2
Customer risk factors (2.3-2.8)
2.3
2.4 (updated 30 December 2024)
2.5
2.6
2.7 (updated 3 November 2023)
2.8
Countries and geographical areas (2.9-2.15)
2.9
2.10
2.11
2.12
2.13
2.14
2.15
Products, services and transactions risk factors (2.16-2.19)
2.16
2.17
2.18
2.19
Delivery channel risk factors (2.20-2.21)
2.20
2.21
Guideline 3: Assessing ML/TF risk (3.1-3.9)
3.1
Taking a holistic view (3.2-3.3)
3.2
3.3
Weighting risk factors (3.4-3.7)
3.4
3.5
3.6
3.7
Categorising risk (3.8-3.9)
3.8
3.9
Guideline 4: CDD measures to be applied by all firms (4.1-4.78)
4.1
4.2
4.3
4.4
Customer due diligence (4.5-4.39)
4.5
4.6
4.7
4.8
Financial inclusion and de-risking (4.9-4.11)
4.9
4.10
4.11
Beneficial owners (4.12-4.25)
4.12
Beneficial ownership registers (4.13)
4.13
Control through other means (4.14-4.18)
4.14
4.15
4.16
4.17
4.18
Identifying the customer’s senior managing officials (4.19-4.22)
4.19
4.20
4.21
4.22
Identifying the beneficial owner of a public administration or a state-owned enterprises (4.23-4.25)
4.23
4.24
4.25
Evidence of identity (4.26-4.37)
4.26
4.27
4.28
Non-face to face situations (4.29-4.31)
4.29 (updated 30 December 2024)
4.30
4.31
Using innovative technological means to verify identity (4.32-4.37)
4.32
4.33
4.34
4.35 (updated 30 December 2024)
4.36
4.37
Establishing the nature and purpose of the business relationship (4.38-4.39)
4.38
4.39
Simplified customer due diligence (4.40-4.44)
4.40
4.41
4.42
4.43
4.44
Enhanced customer due diligence (4.45-4.68)
4.45
4.46
4.47
Politically Exposed Persons (4.48-4.52)
4.48
4.49
4.50
4.51
4.52
High-risk third countries (4.53-4.57)
4.53
4.54
4.55
4.56
4.57
Correspondent relationships (4.58-4.59)
4.58
4.59
Unusual transactions (4.60-4.61)
4.60 (updated 30 December 2024)
4.61 (updated 30 December 2024)
Other high-risk situations (4.62-4.65)
4.62
4.63
4.64
4.65
Other considerations (4.66-4.68)
4.66
4.67
4.68
Monitoring (4.69-4.78)
4.69
4.70
4.71
Transaction monitoring (4.72-4.75)
4.72
4.73
4.74 (updated 30 December 2024)
4.75
Keeping CDD information up to date (4.76-4.78)
4.76
4.77
4.78
Guideline 5: Record-keeping (5.1-5.2)
5.1
5.2
Guideline 6: Training (6.1-6.3)
6.1
6.2 (updated 30 December 2024)
6.3
Guideline 7: Reviewing effectiveness (7.1-7.2)
7.1
7.2
Title II: Sector-specific Guidelines
Guideline 8: Sectoral guideline for correspondent relationships (8.1-8.3)
8.1
8.2
8.3
Risk factors (8.4-8.9)
Product, service and transaction risk factors (8.4-8.5)
8.4
8.5
Customer risk factors (8.6-8.7)
8.6 (updated 30 December 2024)
8.7
Country or geographical risk factors (8.8-8.9)
8.8 (updated 30 December 2024)
8.9
Measures (8.10-8.25)
8.10
8.11
8.12
8.13
Respondents based in non-EEA countries (8.14-8.17)
8.14
8.15
8.16
8.17
Respondents based in EEA countries (8.18-8.19)
8.18
8.19
Respondents established in high-risk third countries, and correspondent relationships involving high-risk third countries (8.20-8.25)
8.20
8.21
8.22
8.23
8.24
8.25
Guideline 9: Sectoral guideline for retail banks (9.1-9.24)
9.1
9.2
9.3
Risk factors (9.4-9.11)
Product, service and transaction risk factors (9.4-9.5)
9.4
9.5
Customer risk factors (9.6-9.7)
9.6
9.7
Country or geographical risk factors (9.8-9.9)
9.8
9.9
Distribution channel risk factors (9.10-9.11)
9.10
9.11
Measures (9.12-9.24)
9.12
Enhanced customer due diligence (9.13-9.14)
9.13
9.14
Simplified customer due diligence (9.15)
9.15
Pooled accounts (9.16-9.19)
9.16 (updated 30 December 2024)
9.17 (updated 30 December 2024)
9.18 (updated 30 December 2024)
9.19
Customers that offer services related to crypto-assets (9.20-9.24) (updated 30 December 2024)
9.20 (updated 30 December 2024)
9.21 (updated 30 December 2024)
9.22 (updated 30 December 2024)
9.23 (updated 30 December 2024)
9.24
Guideline 10: Sectoral guideline for electronic money issuers (10.1-10.18)
10.1
10.2 (updated 30 December 2024)
Risk factors (10.3-10.10)
Product risk factors (10.3-10.5)
10.3
10.4
10.5
Customer risk factors (10.6-10.7)
10.6
10.7
Distribution channel risk factors (10.8-10.9)
10.8
10.9
Country or geographical risk factors (10.10)
10.10
Measures (10.11-10.18)
Customer Due Diligence measures (10.11-10.14)
10.11
10.12
10.13
10.14
Enhanced customer due diligence (10.15-10.16)
10.15
10.16
Simplified customer due diligence (10.17-10.18)
10.17
10.18
Guideline 11: Sectoral guideline for money remitters (11.1-11.16)
11.1
11.2
11.3
11.4
Risk factors (11.5-11.11)
Product, service and transaction risk factors (11.5-11.6)
11.5
11.6
Customer risk factors (11.7-11.8)
11.7
11.8
Distribution channel risk factors (11.9-11.10)
11.9
11.10
Country or geographical risk factors (11.11)
11.11
Measures (11.12-11.16)
11.12
11.13
11.14
11.15
Use of agents (11.16)
11.16
Guideline 12: Sectoral guideline for wealth management (12.1-12.8)
12.1
12.2
12.3
Risk factors (12.4-12.6)
Product, service and transaction risk factors (12.4)
12.4
Customer risk factors (12.5)
12.5
Country or geographical risk factors (12.6)
12.6
Measures (12.7-12.8)
12.7
Enhanced customer due diligence (12.8)
12.8
Guideline 13: Sectoral guideline for trade finance providers (13.1-13.24)
13.1
13.2
13.3
13.4
13.5
13.6
Risk factors (13.7-13.15)
13.7
13.8
13.9
Transaction risk factors (13.10-13.11)
13.10
13.11
Customer risk factors (13.12-13.13)
13.12
13.13
Country or geographical risk factors (13.14-13.15)
13.14
13.15
Measures (13.16-13.24)
13.16
13.17
13.18
Enhanced customer due diligence (13.19-13.23)
13.19
13.20
13.21
13.22
13.23
Simplified customer due diligence (13.24)
13.24
Guideline 14: Sectoral guideline for life insurance undertakings (14.1-14.23)
14.1
14.2
14.3
14.4
14.5
Risk factors (14.6-14.13)
Product, service and transaction risk factors (14.6-14.7)
14.6
14.7
Customer and beneficiary risk factors (14.8-14.9)
14.8
14.9
Distribution channel risk factors (14.10-14.11)
14.10
14.11
Country or geographical risk factors (14.12-14.13)
14.12
14.13
Measures (14.14-14.23)
14.14
14.15
14.16
14.17
Enhanced customer due diligence (14.18-14.22)
14.18
14.19
14.20
14.21
14.22
Simplified customer due diligence (14.23)
14.23
Guideline 15: Sectoral guideline for investment firms (15.1-15.12)
15.1 (updated 30 December 2024)
15.2
Risk factors (15.3-15.8)
Product, service or transaction risk factors (15.3-15.4)
15.3
15.4
Customer risk factors (15.5-15.6)
15.5
15.6
Distribution channel risk factors (15.7)
15.7
Country or geographical risk factors (15.8)
15.8
Measures (15.9-15.12)
15.9
15.10
15.11
15.12
Guideline 16: Sectoral guideline for providers of investment funds (16.1-16.22)
16.1
16.2
16.3
16.4
Risk factors (16.5-16.12)
Product, service or transaction risk factors (16.5-16.7)
16.5
16.6
16.7
Customer risk factors (16.8-16.9)
16.8
16.9
Distribution channel risk factors (16.10-16.11)
16.10
16.11
Country or geographical risk factors (16.12)
16.12
Measures (16.13-16.22)
16.13
16.14
Enhanced Customer Due Diligence (16.15-16.18)
16.15
16.16
16.17
16.18
Simplified Customer Due Diligence (16.19-16.22)
16.19
16.20
16.21
16.22
Guideline 17: Sectoral guideline for regulated crowdfunding platforms (17.1-17.8)
17.1
17.2
17.3
Risk factors (17.4-17.9)
Product, service and transaction risk factors (17.4-17.5)
17.4 (updated 30 December 2024)
17.5
Customer risk factors (17.6)
17.6 (updated 30 December 2024)
Distribution channel risk factors (17.7-17.8)
17.7
17.8
Country or geographical risk factors (17.9)
17.9
Measures (17.10-17.17)
17.10
17.11
17.12
17.13
Customer due diligence (17.14-17.15)
17.14
17.15
Enhanced customer due diligence (17.16)
17.16
Simplified customer due diligence (17.17)
17.17
Guideline 18: Sectoral guideline for payment initiation service providers (PISPs) and account information service providers (AISPs) (18.1-18.15)
18.1
18.2
18.3
Risk factors (18.4-18.7)
Customer risk factors (18.4)
18.4
Distribution channel risk factors (18.5)
18.5
Country or geographical risk factor (18.6-18.17)
18.6
18.7
Measures (18.8-18.15)
18.8
18.9
18.10
18.11
Customer due diligence (18.12-18.15)
18.12
18.13
Enhanced customer due diligence (18.14)
18.14
Simplified customer due diligence (18.15)
18.15
Guideline 19: Sectoral guideline for firms providing activities of currency exchange offices (19.1-19.12)
19.1
19.2
Risk factors (19.3-19.7)
Product, service and transaction risk factors (19.3-19.4)
19.3
19.4
Customer risk factors (19.5)
19.5
Distribution channel risk factors (19.6)
19.6
Country or geographical risk factors (19.7)
19.7
Measures (19.8-19.12)
19.8
Customers due diligence (19.9-19.10)
19.9
19.10
Enhanced customer due diligence (19.11)
19.11
Simplified customer due diligence (19.12)
19.12
Guideline 20: Sectoral guideline for corporate finance (20.1-20.9)
20.1
20.2
Risk factors (20.3-20.5)
Customer and beneficiary risk factors (20.3-20.4)
20.3
20.4
Country or geographical risk factors (20.5)
20.5
Measures (20.6-20.9)
20.6
Enhanced customer due diligence (20.7)
20.7
Simplified due diligence (SDD) (20.8-20.9)
20.8
20.9
Guideline 21: Sectoral Guideline for crypto-asset services providers (CASPs) (updated 30 December 2024)
Annex: Customers that are NPOs (updated 3 November 2023)
4. Accompanying documents
4.1 Cost-benefit analysis/impact assessment (4.1.1-4.1.46)
Introduction  (4.1.1-4.1.5)
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
Scope and objectives (4.1.6-4.1.10)
4.1.6
4.1.7
4.1.8
4.1.9
4.1.10
Baseline (4.1.11-4.1.14)
4.1.11
4.1.12
4.1.13
4.1.14
Consistency with international AML/CFT standards  (4.1.15)
4.1.15
Option 1 - ESAs’ GL simply reproduce international AML/CFT standards (4.1.16-4.1.20)
4.1.16
4.1.17
4.1.18
4.1.19
4.1.20
Option 2 - ESAs’ GL are consistent with international AML/CFT standards (4.1.21-4.1.23)
4.1.21
4.1.22
4.1.23
Option 3 - ESAs’ GL disregard international AML/CFT standards  (4.1.24-4.1.26)
4.1.24
4.1.25
4.1.26
Preferred option (4.1.27)
4.1.27
Level of prescription (4.1.28-4.1.29)
4.1.28
4.1.29
Option 1 - Exact definitions and actions (what constitutes high ML/TF risk and low ML/TF risk and what firms should do) (4.1.30-4.1.32)
4.1.30
4.1.31
4.1.32
Option 2 - Information to consider (to assess as high or low ML/TF risk, and which type of CDD might be appropriate to manage that risk) (4.1.33-4.1.35)
4.1.33
4.1.34
4.1.35
Preferred option (4.1.36)
4.1.36
Costs and benefits  (4.1.37-4.1.39)
4.1.37
4.1.38
4.1.39
Firms  (4.1.40-4.1.43)
4.1.40
4.1.41
4.1.42
4.1.43
Competent authorities (4.1.44-4.1.46)
4.1.44
4.1.45
4.1.46
4.2 Overview of questions for consultation
4.3 Summary of responses to the consultation and the EBA's analysis
Next