AMLA Home-Host Cooperation RTS: 28 May Hearing Guide for Cross-Border AML Teams

ByOfficer

Last updated: May 2026

On 11 May 2026, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) published a consultation paper on draft Regulatory Technical Standards specifying the duties of home and host supervisors and the modalities of cooperation between them. The CSSF relayed the notice on 13 May 2026. If your group has AML/CFT obligations in more than one EU Member State, this draft RTS sets the operational rules for how your supervisors will coordinate. Get the cooperation framework wrong in your internal planning and you risk duplicated requests, inconsistent supervisory expectations, and enforcement surprises from a host authority you did not see coming.

The public hearing takes place on Thursday 28 May 2026, from 14:00 to 16:00 CET. AMLA has stated this hearing is the dedicated channel for stakeholder input on the consultation. That leaves roughly two weeks to read the paper, form a position on the seven consultation questions, and register for the hearing.

Related reading: AMLR: What Changes for Luxembourg Firms Under the New EU AML Regulation

Legal Basis and Where This Fits in the AML Package

The draft RTS is mandated by Article 46(4) of Directive (EU) 2024/1640 (the sixth Anti-Money Laundering Directive, commonly referred to as AMLD or AMLD6). Article 46 requires Member States to ensure that home and host supervisors cooperate with each other to the greatest extent possible when overseeing groups of obliged entities with cross-border operations. Paragraph 4 tasks AMLA with developing draft RTS to detail the respective duties and the modalities of that cooperation.

A common mistake is to conflate this with the Anti-Money Laundering Regulation (AMLR, Regulation (EU) 2024/1624). The AMLR, which applies from 10 July 2027, creates the directly applicable substantive AML/CFT obligations. The AMLD sets the supervisory architecture, including home-host cooperation rules. Both are part of the same legislative package adopted on 31 May 2024, but they serve different purposes and operate on different timescales. Today, EU obliged entities operate under AMLD4 (Directive (EU) 2015/849) as transposed into national law. The AMLD replaces AMLD4 and must be transposed by Member States. The draft RTS under consultation will not apply until it is adopted by the Commission and published in the Official Journal, which realistically means it becomes operational alongside or after the broader AML package takes effect.

This distinction matters for compliance teams because nothing in the draft RTS changes your current AML/CFT obligations. What it does is show you what your supervisors’ cooperation framework will look like under the new regime. Planning starts now; obligations kick in later.

Who This RTS Covers (and Who It Does Not)

The draft RTS applies to supervisors of obliged entities that are members of a group and operate across EU borders. That includes groups in both the financial and non-financial sectors. AMLA chose a fully horizontal approach: one set of rules for all sector supervisors rather than separate financial and non-financial provisions.

Teams commonly misread the scope in two ways. First, they assume this only covers banks. It does not. The consultation paper explicitly covers non-financial sector supervisors responsible for obliged entities in groups sharing common ownership, management, or compliance control, including networks and partnerships. If your firm sits within a group structure with AML-supervised entities in multiple Member States, this applies to your supervisors regardless of whether those entities are credit institutions, payment firms, investment firms, real estate agents, or accountancy practices.

Second, and this is where the exclusion matters: obliged entities that operate in another Member State exclusively through branches, agents, distributors, or other forms of infrastructure are governed by Article 47 of the AMLD, not Article 46. They fall outside this RTS. If your Luxembourg-authorised entity has a branch in Germany but no subsidiary, this particular RTS does not apply. A different cooperation framework under Article 47 governs that relationship. Confusing the two will lead to incorrect assumptions about what information your supervisors are required to exchange.

Where an AML/CFT supervisory college is established under Articles 49 or 50 of the AMLD, the college-specific framework takes precedence for matters it covers. The draft RTS applies to the extent that processes are not already governed by the college framework. In practice, many cross-border groups will not have an AML/CFT college, especially smaller groups and those in the non-financial sector. For those groups, this RTS is the primary cooperation mechanism.

What the AMLA Home-Host Cooperation RTS Requires of Supervisors

The consultation paper proposes ten articles plus two annexes. I have gone through the full text. Here is what matters operationally.

Communication Channels (Article 2)

Supervisors must use channels with appropriate confidentiality, security, access controls, and access logs. Where available, they must use collaborative and integrated digital solutions. During a transitional period, where such solutions are not in place, supervisors may use temporary means like functional mailboxes. This is a forward-looking provision. Many AML/CFT supervisors across the EU do not yet have integrated cooperation platforms. The RTS accommodates that reality while signalling the direction of travel.

Practical Arrangements for Cooperation (Article 3)

Cooperation requests must be submitted in writing where possible, using a template in Annex I. The template requires: identification of the requesting and requested supervisors, the obliged entity or entities concerned (with reference to Article 3 of the AMLR where possible), the type of request, a description of the information requested or planned inquiry, intended use, data confidentiality considerations, and the preferred response timeframe. The requested supervisor must acknowledge receipt without undue delay and must make every effort to respond within the timeframe specified. If it cannot comply, it must explain why and propose an estimated date. Both sides must maintain records of all cooperation actions.

The template in Annex I may seem administrative, but for compliance teams this is the form your supervisor will use when asking another supervisor about your group’s AML controls. If you have not mapped which supervisors oversee which entities in your group structure, you will not be able to anticipate or support these requests when they come.

Information Exchange (Articles 4, 5, and 6)

This is the core of the RTS. Both home and host supervisors must share information on their own initiative where it could significantly influence the assessment of an obliged entity’s inherent or residual risk exposure in another Member State. This is not limited to responding to requests. Supervisors must proactively share:

  • Risk assessments, both those performed by obliged entities under Article 10 of the AMLR and those performed by supervisors under Article 40 of the AMLD
  • Supervisory findings
  • Relevant regulatory developments
  • Internal and external audit findings
  • Information about the imposition of sanctions or administrative measures, which must be shared before the obliged entity is notified of the procedure

That last point is operationally significant. If a host supervisor is about to impose an administrative measure on a subsidiary in its jurisdiction, it must tell the home supervisor before it tells the entity. For compliance teams, this means the home supervisor may know about enforcement action against your subsidiary before you do.

Before submitting an information request, supervisors must first check whether the information is already available through existing registers and databases: beneficial ownership registers, central bank account registers, electronic data retrieval systems, and the central AML/CFT database under the AMLA Regulation. This “check first, ask second” principle is designed to avoid unnecessary burden, but it also means supervisors will be cross-referencing data from multiple sources before contacting your entity.

Information covered by legal privilege under Article 70(2) of the AMLR is excluded from exchange. Where there is doubt, supervisors must jointly identify what falls within privilege and exclude it.

Cross-Border Inquiries (Article 7)

The term “inquiry” is used broadly and covers on-site inspections and other types of supervisory engagement. Two scenarios are provided for. The requesting supervisor can ask the requested supervisor to conduct the inquiry on its behalf, or the requesting supervisor can carry out the inquiry directly in the other Member State with the requested supervisor’s prior consent.

In the first scenario, the requested supervisor must communicate the resources assigned, identify contact points, and indicate the expected completion timeframe. In the second, the requested supervisor must take reasonable steps to facilitate access to the relevant obliged entities, assist with authorisations or permissions required under national law, and help overcome language, procedural, or operational barriers.

After any inquiry, both supervisors must hold an exchange of views to discuss findings. Any refusal or limitation must be documented and justified.

This changes the operational reality for firms with subsidiaries across the EU. Your Luxembourg subsidiary could face an inquiry initiated by a German, French, or Italian AML supervisor, conducted either by the CSSF on that supervisor’s behalf or by the requesting supervisor directly with CSSF facilitation. Group compliance teams that have not established protocols for coordinating multi-jurisdictional supervisory interactions will be caught flat.

Common Approaches (Article 8)

Home and host supervisors must exchange views at the start of supervising a cross-border group and continue on a regular basis to identify opportunities for common supervisory approaches. Where agreed, they must document the activities, timeline, information exchange modalities, and options for coordinated follow-up, including coordinated enforcement measures. A common approach may lead to coordinated or joint inspections.

If one supervisor agrees to a common approach and then fails to act in accordance with it, the other may refer the failure to AMLA. This referral mechanism gives the framework teeth. Under the current regime, bilateral cooperation is largely voluntary and enforcement of cooperation commitments is weak. Under the draft RTS, a supervisor that commits to a common approach and then does not follow through faces a formal escalation path.

Permissible Uses and Disclosure of Information (Article 9)

This is the most consequential policy choice in the draft. AMLA adopted a notification-based approach rather than a consent-based approach for onward disclosure within the EU supervisory system. Information exchanged under Article 46 of the AMLD may be disclosed to other supervisors, to AMLA when acting as supervisor, or to public authorities overseeing self-regulatory bodies, without prior consent from the originating supervisor. The originating supervisor must be notified of the information shared, the recipient, and the rationale.

The exception: information originating from a third-country counterpart remains subject to prior consent requirements, consistent with Article 51 of the AMLD.

What this means in practice: supervisory intelligence about your group can flow between EU supervisors with a notification, not a permission request. If the CSSF shares its assessment of your group’s AML risk profile with a Dutch or German supervisor under the Article 46 framework, it does not need the consent of the supervisor that originally supplied that information. It only needs to notify them. For firms that assumed their supervisory relationship was bilateral, this is a material shift. The EU supervisory system under the new framework is designed to function as an interconnected network, not a set of isolated bilateral channels.

The Seven Consultation Questions

The consultation paper poses seven questions in section 5.2. They map directly to the articles of the draft RTS:

  • Question 1: Recitals and Article 1 (Scope)
  • Question 2: Articles 2 and 3 (Communication channels and practical arrangements)
  • Question 3: Articles 4, 5, and 6 (Information exchange)
  • Question 4: Operational or legal challenges in implementing information exchange provisions
  • Question 5: Article 7 (Inquiries)
  • Question 6: Article 8 (Common approaches)
  • Question 7: Article 9 (Permissible uses of information)

Question 4 is the one that should get the most attention from industry respondents. AMLA is explicitly asking about implementation barriers. If your institution faces legal constraints in a particular Member State that could block or complicate information exchange between supervisors, the hearing is the place to flag it.

What This Does Not Cover

Three things are not in this draft RTS and should not be confused with it.

First, branch-only operations. As noted above, entities operating in another Member State exclusively through branches, agents, or distributors are governed by Article 47 of the AMLD, not Article 46. Separate provisions apply.

Second, AML/CFT supervisory colleges. The college framework under Articles 49 and 50 of the AMLD is a distinct instrument. Draft RTS under Articles 49(14) and 50(13) are expected separately. This draft RTS complements that framework but does not replace it.

Third, AMLA’s direct supervision of selected entities. AMLA published a reporting package on 12 May 2026 for the identification of provisionally eligible obliged entities ahead of the first selection cycle for entities that will come under AMLA’s direct supervision from 2028. That direct supervision regime is governed by different provisions (the AMLA Regulation, Regulation (EU) 2024/1620) and operates through a separate set of ITS, including the ITS under Article 15(3) of the AMLA Regulation for which AMLA already closed a consultation in January 2026.

The Luxembourg Angle

The CSSF published its relay notice on 13 May 2026, flagging the hearing for entities it supervises. The CSSF’s notice covers a wide scope of entity types: credit institutions, investment firms, investment fund managers, payment institutions and electronic money institutions, crypto-asset service providers, crowdfunding service providers, and others. Luxembourg is a natural focal point for this RTS because of the number of cross-border group structures domiciled or supervised here. Many Luxembourg-authorised entities operate as subsidiaries within groups headquartered in other Member States, and many Luxembourg groups have subsidiaries elsewhere in the EU.

Under the current AMLD4 framework as transposed by the Law of 12 November 2004 on AML/CFT, the CSSF already cooperates with other EU supervisors on cross-border AML matters. But that cooperation has largely been governed by bilateral arrangements and the 2019 EBA/ESA guidelines on AML/CFT colleges. The draft RTS would create a single, binding cooperation framework that replaces the patchwork of bilateral agreements with a harmonised set of procedures.

For Luxembourg compliance teams, the practical question is whether you have mapped your group’s supervisor-to-supervisor cooperation map. Which authorities supervise which entities in your group? Where a college exists, that mapping is typically already done. Where no college exists, many firms have not formalized this. The draft RTS assumes supervisors will use it, and your ability to respond efficiently to cross-border requests depends on knowing who is asking and why.

Preparing for the Hearing

The hearing registration is open through a Webex link on the AMLA event page. AMLA’s consultation paper is available as a PDF directly from the AMLA news article. There are 27 pages to read, including the impact assessment and the full draft RTS text with two template annexes.

If you plan to submit comments during the hearing, AMLA’s guidance is that comments are most helpful if they respond to the specific questions, indicate which point they relate to, contain a clear rationale, provide evidence, and describe any alternative regulatory choices AMLA should consider.

Three areas that deserve attention from industry:

The notification-based disclosure regime (Article 9). If your institution has concerns about supervisory information flowing freely across the EU system without consent, the hearing is the place to raise them. AMLA considered a consent-based alternative and rejected it as too burdensome. Industry views on where the balance should sit could shape the final text.

The inquiry framework (Article 7). The ability of one supervisor to conduct inspections in another Member State with the host supervisor’s facilitation is a meaningful expansion of cross-border supervisory reach. Firms should consider whether the procedural safeguards are sufficient and whether the “reasonable steps” language in Article 7(5) is clear enough to protect against disproportionate intrusion.

The scope exclusion for branch-only operations (Article 47). If your group structure includes a mix of subsidiaries and branches in different Member States, you may find yourself subject to two different cooperation frameworks. Whether that creates complexity or confusion at the operational level is worth flagging.

Timeline and Next Steps

AMLA published the consultation paper and news article on 11 May 2026. The CSSF relayed the notice on 13 May 2026. The public hearing takes place on 28 May 2026, 14:00 to 16:00 CET. AMLA has described the hearing as the dedicated channel for stakeholder input.

After the hearing, AMLA will consider the input received, potentially revise the draft, and submit it to the European Commission for adoption as a Commission Delegated Regulation. The consultation paper does not specify a target date for submission to the Commission or for final adoption. The broader AML package timeline provides context: the AMLR applies from 10 July 2027, and Member States must transpose the AMLD by its respective deadline. The RTS, once adopted and published, will be directly applicable in all Member States.

This is one of several AMLA consultations running in parallel. The week of 27-28 May 2026 alone includes public hearings on draft ITS for FIU-to-FIU exchanges (27 May), draft ITS on FIU and AMLA reporting to the EPPO (27 May), draft guidelines on business-wide risk assessment (28 May), and this home-host cooperation RTS (28 May). AMLA also recently published its reporting package for the first direct supervision selection cycle (12 May) and findings from the Chair’s 2025 EU-wide roadshow (11 May). For teams tracking the AMLA regulatory production pipeline, this is a dense period. Prioritising which consultations to engage with matters, because the windows are short.

Frequently Asked Questions

Does this draft RTS change my current AML/CFT obligations?

No. The draft RTS specifies future cooperation duties between supervisors under the new AML package (Directive (EU) 2024/1640 and Regulation (EU) 2024/1624). Current AML/CFT obligations for obliged entities in Luxembourg are governed by AMLD4 (Directive (EU) 2015/849) as transposed into the Law of 12 November 2004 on AML/CFT. The draft RTS is a forward-looking instrument that will become applicable only after adoption by the Commission and publication in the Official Journal.

Is the public hearing on 28 May the only way to provide input?

AMLA has described the hearing as the dedicated channel for stakeholder input on this consultation. The consultation paper invites comments on the seven specific questions in section 5.2 during the hearing. The news article does not reference a separate written submission deadline or EU Survey link for this particular RTS. If you cannot attend the hearing, check the AMLA public consultations page for any updates on alternative submission routes.

My entity operates through a branch in another EU Member State. Does this apply?

No. Entities operating in another Member State exclusively through branches, agents, distributors, or other forms of infrastructure fall under Article 47 of the AMLD, not Article 46. This draft RTS covers cooperation for groups of obliged entities operating through subsidiaries or other group members across borders.

Does this apply to non-financial sector obliged entities?

Yes. AMLA adopted a fully horizontal approach covering both financial and non-financial sector supervisors. Where non-financial supervisors are responsible for obliged entities that are part of structures sharing common ownership, management, or compliance control, including networks or partnerships, Article 46(6) of the AMLD requires cooperation. While those supervisors are not formally required to apply the draft RTS procedures, AMLA encourages voluntary adoption.

How does this interact with AML/CFT supervisory colleges?

Where an AML/CFT supervisory college is established under Articles 49 or 50 of the AMLD, the college framework takes precedence for matters it covers. This draft RTS applies to the extent that processes are not otherwise governed by the college-specific framework. For groups without a college, this RTS is the primary cooperation mechanism between their supervisors.

Can my supervisor share information about my entity with other EU supervisors without consent?

Under the proposed Article 9, information exchanged under the Article 46 framework may be disclosed to other members of the EU supervisory system (which includes AMLA and all Member State AML/CFT supervisors) without prior consent, subject to notification. The originating supervisor must be notified of what was shared, with whom, and why. Information from third-country counterparts remains subject to prior consent. This is a draft provision and could change based on hearing feedback.

What should Luxembourg compliance teams do before 28 May?

Read the consultation paper (27 pages). Map your group’s cross-border supervisory map: which authorities supervise which entities, where colleges exist, and where the bilateral cooperation gap is. Assess whether the notification-based disclosure regime, the inquiry framework, and the scope boundaries raise concerns for your specific group structure. If they do, register for the hearing and prepare comments aligned with the seven consultation questions.

Related Articles

Key Takeaways

  • AMLA published a consultation paper on 11 May 2026 on draft RTS detailing home-host supervisory cooperation duties under Article 46(4) of Directive (EU) 2024/1640 (AMLD).
  • The public hearing takes place on 28 May 2026 (14:00-16:00 CET) and is the dedicated stakeholder input channel. The CSSF relayed the notice on 13 May 2026.
  • The draft RTS covers groups of obliged entities in both financial and non-financial sectors operating across EU borders. Branch-only operations are excluded (governed by Article 47 AMLD).
  • Supervisors must proactively share information that could influence risk assessments, including sharing enforcement action details before notifying the entity itself.
  • Onward disclosure of supervisory information within the EU system requires notification, not consent. Third-country-sourced information remains consent-based.
  • Cross-border inquiries, including on-site inspections, can be conducted on behalf of a requesting supervisor or facilitated by the host supervisor for the requesting supervisor to carry out directly.
  • Common approaches between supervisors may lead to coordinated enforcement measures. Failure to honour a common approach can be referred to AMLA.
  • This is a future-facing instrument under the new AML package. It does not change current AML/CFT obligations, which remain governed by AMLD4 as nationally transposed.

Sources and References

Disclaimer: The information on RegReportingDesk.com is for educational and informational purposes only. It does not constitute legal, regulatory, tax, or compliance advice. Always consult your compliance officer, legal counsel, or the relevant supervisory authority for guidance specific to your institution.

Similar Posts

  • AMLR – What Changes for Luxembourg Firms Under the New EU AML Regulation

    Last updated: March 2026 Your compliance team has spent years building its AML framework around the Luxembourg Law of 12 November 2004, as amended, which transposes the EU Anti-Money Laundering Directives. That framework is about to be replaced. Not amended. Replaced. The AMLR (Regulation (EU) 2024/1624), published on 19 June 2024, is a directly applicable…

  • CSSF AML/CFT Standardised Data Collection – What the New AMLA Template Requires

    Last updated: March 2026 Your compliance team filled out the CSSF Questionnaire on Financial Crime last year. This year, you can forget everything about that format. The CSSF has replaced its annual questionnaire with a standardised template developed by the European Authority for Anti-Money Laundering (AMLA). The data points are different, the structure is different,…

  • AML Reporting in Luxembourg: STRs, GoAML, and Your Obligations

    Last updated: March 2026 Introduction AML reporting in Luxembourg is mandatory for every regulated financial institution and obliged entity – failure to file suspicious transaction reports exposes your firm to regulatory sanctions, reputational damage, and legal liability. For compliance officers, risk managers, and AML practitioners in Luxembourg’s financial sector, understanding when and how to file…