The European Banking Authority (EBA) has just published its latest report on the use of technology in anti-money laundering (AML) and countering the financing of terrorism (CFT) supervision (EBA/Rep/2025/23), often called SupTech. The timing couldn’t be more relevant. Across Europe, national supervisory authorities are facing an avalanche of new responsibilities under the EU’s updated AML framework. More entities are regulated, expectations are higher, and yet, most authorities are still running on limited staff and tight budgets.
In this context, technology is perhaps seen as both a lifeline and a challenge.
Where We Stand
According to the EBA’s survey, most EU supervisors have only recently begun experimenting with SupTech. Roughly half of the projects are in production, but many are still in development or just exploratory ideas. The focus so far? Handling the ever-growing mountain of data: whether through storage, visualization, or automation.
Authorities see real benefits when tools are properly deployed:
- Better data quality for risk assessments,
- Faster, smarter analytics,
- More efficient supervision by automating repetitive tasks,
- Improved collaboration across departments and borders.
In practice, this means supervisors can move beyond endless manual reviews and instead zero in on the riskiest firms, sectors, or transactions.
The Roadblocks: Data, People, and Trust
What practical experience tells, but what is also implied in the report, is that most supervisors are only “moderately prepared” to embrace SupTech. That rings true with what many of us see on the ground. Supervisory authorities across the EU are already stretched thin, dealing with backlogs of inspections, while struggling to kickstart assessment on newly formed regulated entities (especially in crypto and FinTech). Throw in legacy IT systems and small compliance teams, and the adoption of AI-driven supervisory tools becomes an uphill battle.
According to the report, obstacles include:
- Poorly structured or fragmented data,
- Limited budget and limited human resources with adequate technical skills,
- Legal uncertainty primarily in terms of liability, accountability (who takes the blame when the algo decides?) and GDPR,
- Cultural resistance.
It is worth noting that many national authorities are still developing their own tools in isolation, which obviously leads to duplication, inefficiency, and systems that don’t talk to each other.
Why EU-Level Support Is Essential
This is where the new Anti-Money Laundering Authority (AMLA), alongside the EBA and ESMA, can make a real difference. The report rightly stresses that SupTech should not be developed in silos. We need EU-level coordination to:
- Join forces and develop solutions that will be useful across jurisdictions,
- Develop common data formats (standardization),
- Ensure interoperability,
- Invest in digital literacy and technical expertise.
Given the sharp rise in the number of regulated entities, it’s unrealistic to expect local supervisors to cope without significant reinforcement. EU-level institutions should provide not only guidance but also funding, shared platforms, and ready-to-use SupTech tools that national authorities can adapt to their needs.
My Take: SupTech Can’t Be “Nice to Have” Anymore
From a practical standpoint, relying on manual supervision is no longer sustainable. The volume of suspicious transaction reports, the complexity of crypto markets, and the speed of innovation in FinTech mean that supervisors who don’t embrace SupTech run a significant risk of staying behind the curve.
In any case, SupTech is neither a “silver bullet”, nor an end to itself. The effectiveness of these tools depends on data quality, governance, and, most importantly, the people using them. Technology is just a tool to support human judgment, and it will not replace it. Supervisors must be able to explain and defend decisions, even if an algorithm flagged the risk in the first place.
What’s needed now is bold EU-level leadership. AMLA, the EBA, and ESMA should push for a shared, interoperable SupTech ecosystem. Otherwise, Member States will keep reinventing the wheel, wasting time and resources while criminals exploit the gaps.
The Bottom Line
SupTech may no longer be optional in AML/CFT supervision, it is becoming essential. The tools are there, the benefits are real, but the rollout is patchy and underfunded. National supervisors are doing their best under heavy workloads and limited staff, but without material support from the EU level, progress will be slow and fragmented.
Leave a Reply