Regulatory News

EU Council adopts position on artificial intelligence and AML/CFT rules

The European Council adopted its position, or the general approach, on the proposals on Artificial Intelligence Act and the new Anti-Money Laundering Directive (AMLD6) and Regulation. The new anti-money laundering and combating the financing of terrorism (AML/CFT) rules will be extended to the entire crypto sector, obliging all crypto-asset service providers to conduct due diligence on their customers. Additionally, the European Council adopted a directive on the resilience of critical entities, along with a recommendation on the resilience of critical infrastructure.

The proposal on Artificial Intelligence Act aims to ensure that artificial intelligence systems placed on the European Union (EU) market and used in EU are safe and respect existing law. The proposal follows a risk-based approach and lays down a uniform, horizontal legal framework for artificial intelligence that aims to ensure legal certainty. It promotes investment and innovation in artificial intelligence, enhances governance and effective enforcement of existing law on fundamental rights and safety, and facilitates the development of a single market for artificial intelligence applications. The main elements of the proposal include definition of an artificial intelligence system, prohibited artificial intelligence practices, classification and requirements for high-risk artificial intelligence systems and responsibilities of various actors in the artificial intelligence value chain, general purpose artificial intelligence system, scope and provisions relating to law enforcement authorities, compliance framework for the artificial intelligence act, transparency and other provisions in favor of the affected person, as well as measures in support of innovation. As a next step, the adoption of the general approach will allow the European Council to enter negotiations with the European Parliament, once the latter adopts its own position with a view to reaching an agreement on the proposed regulation.

The Directive on the resilience of critical entities establishes rules on the supervision and enforcement of critical entities and for the identification of critical entities of particular European significance. The Directive expects member states to have a national strategy to enhance the resilience of critical entities, carry out a risk assessment at least every four years, and identify the critical entities that provide essential services. Critical entities will need to identify the relevant risks that may significantly disrupt the provision of essential services, take appropriate measures to ensure their resilience, and notify disruptive incidents to the competent authorities. This Directive will repeal Directive2008/114/EC, with effect from October 18, 2024. The Council also adopted a recommendation on an EU-wide coordinated approach to strengthen the resilience of critical infrastructure that sets out a series of targeted actions at the EU and national levels to support and enhance the resilience of critical infrastructure, on a voluntary basis, with a focus on critical infrastructure with significant cross-border relevance. 

 

Related links:


LEARN MORE

Find out how we can help

In an ever-evolving risk and compliance landscape, Moody's offers flexible, configurable KYC and AML solutions tailored to your organization's needs.