10 July 2027 marks an important milestone for every business subject to anti-money laundering (AML) legislation.
It is the day the EU's new AML framework – including the Anti-Money Laundering Regulation (AMLR) – becomes applicable. But if you're imagining a kind of "compliance doomsday", where supervisory authorities come knocking on your door on 11 July, you can safely relax.
Fortunately, that's not how these changes will unfold.
10 July 2027 primarily marks the date from which the new European AML framework becomes legally applicable. For most businesses, the biggest challenge will therefore not be to reinvent their compliance programme, but to ensure that the processes they already have in place meet the new and more detailed requirements.
In our view, the coming year is less about racing towards a deadline and more about a gradual process of gaining clarity on how the new rules should be interpreted and translated into day-to-day operations.
One of the questions we are asked most frequently is whether the Danish Anti-Money Laundering Act will become obsolete.
The short answer is no.
The Danish AML Act is not disappearing, but its role will change. Today, the Act forms the foundation for most Danish businesses' work with customer due diligence (CDD), risk assessments, policies and internal procedures. Going forward, many of these requirements will instead be governed directly by the AMLR – an EU Regulation that applies uniformly across all Member States without requiring national implementation.
That does not mean Danish legislation becomes irrelevant. Quite the opposite. The Danish AML Act will continue to contain national provisions and complement the EU framework in several areas. At the same time, elements of AMLD6 will be implemented into Danish law.
In other words, Danish businesses do not need to abandon the Danish AML Act or learn an entirely new compliance framework from scratch. The biggest change is that many of the core requirements will now be set directly at EU level.
And that is a significant shift. Not because businesses will necessarily need to do everything differently, but because the interpretation of key AML requirements will gradually move from a national perspective to a common European one.
Although many people talk about AMLR as something that only becomes relevant in 2027, the direction of travel is already clear. In fact, there are several areas where businesses can begin adapting their operational processes today.
One of AMLR's primary objectives is harmonisation across Member States.
Today, businesses operating internationally often find that identical AML requirements are interpreted differently depending on where they do business. This creates uncertainty and increases the resources required simply to interpret regulatory expectations.
Under AMLR, many of the core requirements will become consistent across the EU.
For Danish businesses, this is unlikely to make everyday compliance easier overnight. However, over time, we expect organisations to benefit from a more consistent regulatory framework and a more shared understanding of what good compliance looks like.
There will undoubtedly be new elements that require time and resources to implement. At the same time, we also expect the Regulation to provide much-needed clarity in areas where businesses have historically experienced uncertainty about regulatory expectations.
This is an important distinction. Many businesses worry that AMLR will introduce an entirely new set of compliance obligations. Based on everything published so far, that is not our expectation.
Instead, we believe the biggest change will be that many of the requirements businesses already work with today will be described in much greater detail.
This includes areas such as:
Customer due diligence (CDD)
Identification of beneficial owners
Ongoing monitoring
Risk factors
Internal policies and procedures
As a result, businesses should have a much clearer and more consistent framework for interpreting these requirements. From our conversations with customers, we know that this level of clarity has been missing for many obliged entities. Hopefully, clearer regulatory expectations will ultimately make it easier to design robust internal compliance processes rather than leaving businesses to interpret broad legislative principles on their own.
Many people describe AMLA as the EU's new Anti-Money Laundering Authority. That is true—but its role extends far beyond directly supervising selected financial institutions.
AMLA will also be responsible for developing technical standards, guidance and common interpretations that will influence a far broader range of businesses than those it supervises directly.
This means businesses will increasingly need to monitor developments at EU level—not just guidance issued by national authorities. In our view, this represents one of the most significant structural changes introduced by the EU AML package.
Although the overall direction is clear, many important details will only emerge over the next 365 days.
AMLR sets out the overarching legal requirements. However, many of the practical details will be defined through Regulatory Technical Standards (RTS), Implementing Technical Standards (ITS) and guidance issued by AMLA.
These documents will answer many of the practical questions businesses are asking today.
How should specific risk factors be documented?
How extensive should ongoing monitoring be?
When is customer due diligence considered sufficient?
For many of these questions, the final answers simply do not exist yet.
The rules may become harmonised, but that does not mean every interpretative question disappears.
In Denmark, businesses have traditionally shaped their compliance programmes based on guidance from the Danish Business Authority and experience gained through supervisory inspections. Under AMLR, a new supervisory practice will gradually emerge—but it has not yet been established.
This means businesses, advisers and supervisory authorities will, for a period, be developing a practical understanding of the rules together.
That is neither unusual nor problematic. It is a natural part of implementing a new European regulatory framework.
We already see many businesses searching for definitive answers. Unfortunately, they do not yet exist.
For that reason, we believe it would be premature to try to "fully implement AMLR" today. The smarter investment is to build a strong compliance foundation, monitor guidance from AMLA as it is published, and continuously refine your processes as new information becomes available.
In our opinion, the coming year is not about redesigning your entire compliance framework. It is about strengthening what you already have and identifying where new processes or controls may be needed.
We recommend focusing on four key areas.
1. Review your existing processes.
Ask whether your risk assessment, customer due diligence procedures and internal controls genuinely reflect how your business operates today.
2. Strengthen your documentation.
If our analysis proves correct, documentation will become just as important as the assessments themselves. Now is therefore the right time to ensure that decisions, rationale and evidence can be clearly documented and retrieved when needed.
3. Follow official developments—not speculation.
There will be many interpretations of AMLR over the coming year. Where possible, rely on official publications from AMLA and the relevant national authorities, and be cautious about conclusions presented as definitive before the regulatory framework is fully developed.
4. Spend the year improving—not firefighting.
The businesses best prepared on 10 July 2027 are unlikely to be those working around the clock in June. They will be the organisations that have spent the previous twelve months steadily improving their compliance framework.
There are still unanswered questions about the EU's new AML framework. But it is worth remembering that implementation is already well underway.
AMLA continues to publish guidance and technical standards.
National authorities are preparing for implementation.
Businesses are beginning to assess the practical implications.
And month by month, the picture becomes clearer.
In our view, the greatest challenge over the coming year will not be a lack of regulation—it will be navigating the growing volume of information.
At Creditro, we continue to follow these developments closely. Throughout this series, we will share not only what is changing, but also our perspective on what those changes mean in practice for businesses working with anti-money laundering compliance every day.