GLEIF logo

GLEIF-accredited LEI Issuer. #1 LEI Issuer Globally.

LEI Regulation Spotlight

AMLR: EU Anti-Money Laundering Regulation

The EU’s single AML rulebook applies from 10 July 2027. Here is what it changes, who is in scope, and the precise role the Legal Entity Identifier plays in customer due diligence.

In short

AMLR is Regulation (EU) 2024/1624, the European Union’s single anti-money laundering rulebook. It applies directly in all 27 Member States from 10 July 2027, replacing fragmented national rules with one harmonised set of customer due diligence, beneficial ownership and reporting obligations. AMLR names the Legal Entity Identifier (LEI) in its customer due diligence requirements: when identifying a legal-entity customer, obliged entities must collect the LEI where the entity has one (Article 22). A valid, active LEI provides the exact machine-readable identifier the regulation points to.

What is AMLR?

AMLR, the Anti-Money Laundering Regulation, is the centrepiece of the EU’s 2024 AML package. Unlike the directives it replaces, it is a regulation: directly applicable, with no national transposition, so the same rules bind obliged entities identically from Lisbon to Helsinki. It sits alongside two other instruments that readers often confuse with it. AMLA is the new EU Authority for Anti-Money Laundering, based in Frankfurt and operational since 1 July 2025. AMLD6 (Directive (EU) 2024/1640) covers beneficial ownership registers, financial intelligence units and national supervision. A lower threshold can apply in higher-risk sectors, but it is set centrally rather than chosen by Member States: the European Commission may, following an assessment due by 10 July 2029, set a lower threshold by delegated act, capped at 15%.

9 Jul 2024
AMLR & AMLD6 enter into force
1 Jul 2025
AMLA operational in Frankfurt
10 Jul 2027
AMLR applies, AMLD6 transposed
1 Jan 2028
AMLA direct supervision begins
10 Jul 2029
Phased provisions (football, registries)
Sources: Regulation (EU) 2024/1624 (AMLR); Directive (EU) 2024/1640 (AMLD6); Regulation (EU) 2024/1620 (AMLA); AMLA. Verified June 2026.

Who is in scope (obliged entities)

AMLR widens the list of obliged entities compared with the previous regime. In scope from 10 July 2027:

  • Credit institutions and financial institutions (the core population).
  • Crypto-asset service providers (CASPs), brought fully into scope in line with MiCA.
  • Crowdfunding service providers and intermediaries.
  • Traders in high-value goods such as precious metals and stones, above defined thresholds.
  • Professional football clubs and agents, with provisions applying from 10 July 2029.
  • Existing non-financial businesses and professions: auditors, accountants, tax advisers, notaries, trust and company service providers, estate agents and gambling services.

If your organisation onboards, transacts with, or reports on legal entities, AMLR’s customer due diligence rules reach the entity data you hold. That is where the LEI enters.

How AMLA supervises A two-tier model. The single AMLR rulebook applies to every obliged entity, whoever supervises it. AMLA direct AMLA-coordinated National supervision ~40 firms Highest-risk, cross-border, active in 6+ Member States. From 1 January 2028. Joint oversight Selected firms, AMLA with national supervisors. All other obliged entities, national authorities. Selection of the first direct-supervision group runs Jul to Dec 2027. One rulebook (AMLR) applies across all three tiers. Source: Regulation (EU) 2024/1620; AMLA selection process. Verified June 2026.

Where the LEI fits in AMLR

Most AML coverage skims over this point. AMLR names the LEI directly in the operative customer due diligence text.
Under Article 22, when an obliged entity identifies a legal-entity customer it must obtain, “where available”, a defined set of identifiers. The Article lists, for a legal entity, “the registration number, the tax identification number and the Legal Entity Identifier“. The same “where available” reference to the LEI appears for trustees of express trusts, and the LEI is listed again, “where applicable”, for other organisations with legal capacity under national law.
Read precisely, this means three things. First, the LEI is named in the EU’s single AML rulebook: it appears in the binding identification dataset itself, alongside the registration and tax numbers. Second, holding an LEI removes friction on both sides: an entity that already holds a valid, active LEI hands its counterparties the precise, machine-readable identifier that AMLR points to, and keeps its record clean in the Global LEI Index. Third, the obligation is light-touch and sits with the obliged entity, which collects the customer’s LEI where one exists, so the LEI is the identifier the regulation reaches for rather than a duty placed on the customer.

Beneficial ownership: a supporting role

AMLR also tightens beneficial ownership rules. From 10 July 2027 the threshold for a beneficial owner is 25% or more of ownership interest, held directly or indirectly. A lower threshold can apply in higher-risk sectors, but it is set centrally rather than chosen by Member States: the European Commission may, following an assessment due by 10 July 2029, set a lower threshold by delegated act, capped at 15%. Obliged entities must identify and verify beneficial owners and consult the central registers maintained under AMLD6. The LEI’s underlying data model captures “who owns whom” relationships (its Level 2 data), and GLEIF has worked with Open Ownership to integrate LEIs into beneficial ownership datasets. The LEI supports beneficial ownership transparency. It is not the statutory mechanism.

The vLEI and digital verification

AMLR allows identity verification through electronic identification means meeting the eIDAS “substantial” or “high” assurance levels. The vLEI (verifiable LEI), a cryptographically verifiable organisational identity credential built on the LEI standard, is built for this: digital, machine-verifiable entity identity for due diligence. The vLEI is not referenced in AMLR and is not a compliance requirement. It is the emerging next step worth watching as digital due diligence matures.

AMLR Article 22 names the Legal Entity Identifier in the customer due diligence dataset, to be collected "where available".

Named in the rulebook. The LEI sits in the binding Article 22 identification dataset.

Collected by the obliged entity when the customer holds one.

A faster, cleaner check. An active LEI hands counterparties the exact identifier AMLR points to.

Collected "where available": holding an LEI is not a duty, and a missing one does not block onboarding by itself. It is the identifier the regulation reaches for whenever a customer has one.
Source: Regulation (EU) 2024/1624 (AMLR), Article 22(1). Verified June 2026.

What AMLR means for your sector

Banks & financial institutions

You are the obliged entity collecting the LEI “where available”, and AMLA may supervise the largest of you directly from 2028. Counterparties that hold LEIs cut your CDD workload and data-matching error rate.

Asset managers & fund admins

Each fund is a legal entity to identify. Article 22 names the LEI for that identification, and Article 61 addresses beneficial ownership of collective investment undertakings. Per-fund LEIs, kept active, keep capital moving.

Crypto-asset service providers

Newly obliged entities, applying customer due diligence on transactions from EUR 1,000. The LEI and, in time, the vLEI offer a machine-readable way to identify legal-entity counterparties at scale.

KYB & RegTech platforms

AMLR raises the entity-data bar for every obliged entity you serve. Capturing the LEI at onboarding, including through the Validation Agent model, puts the right identifier into the record from the start.

What to do before 10 July 2027

Start with a measured audit. Make sure the legal entities you control, your funds, subsidiaries, SPVs and group entities, hold valid, active LEIs, and that none are about to lapse. A lapsed LEI is publicly visible in the Global LEI Index, and it is the avoidable failure that turns a clean CDD record into a query. If you manage entity data across a portfolio, consolidate LEI issuance and renewal so nothing is tracked by spreadsheet.

RapidLEI is the world’s largest GLEIF-accredited LEI Issuer, accredited since 2018, with same-day issuance and multi-year auto-renewal that removes lapse risk across a portfolio.

RapidLEI support and next steps

RapidLEI offers a streamlined LEI registration and volume LEI management services to manage an entire portfolio from one dashboard. The LEI registration API integrates with compliance systems, ensuring continuous readiness and trusted digital identity alignment.

 

Frequently Asked Questions

AMLR (Regulation (EU) 2024/1624) applies from 10 July 2027 in all EU Member States. It entered into force on 9 July 2024, but its obligations take effect from the 2027 application date. Certain provisions, including those for professional football clubs and agents, apply from 10 July 2029.

AMLR is the directly applicable regulation (the single rulebook). AMLD6 is the directive Member States transpose into national law, covering beneficial ownership registers and supervision. AMLA is the new EU Authority for Anti-Money Laundering in Frankfurt, operational since July 2025, which will directly supervise selected high-risk institutions from 2028.

Credit and financial institutions, crypto-asset service providers, crowdfunding platforms, traders in high-value goods, professional football clubs and agents (from 2029), and the established non-financial businesses and professions such as auditors, accountants, notaries, trust and company service providers, estate agents and gambling services.

25% or more of ownership interest, held directly or indirectly. A lower threshold can apply in higher-risk sectors, set centrally by the European Commission via a delegated act (assessment due by 10 July 2029) and capped at 15%, rather than chosen freely by Member States.