• 6 mins read

AML Regulations in Germany and How to Comply

Germany is one of the wealthiest members of the EU and a hub for thousands of multinational businesses. While Germany provides an array of commercial opportunities, its financial profile also attracts criminals who seek to exploit the country’s financial system to launder money and commit other financial crimes. Accordingly, AML regulations in Germany are a serious priority for financial authorities: Deutsche Bank, for example, has received significant fines for compliance violations – including a $150 million dollar fine in 2020 for its involvement in the Danske Bank money laundering scandal.

Given the government’s increasing focus on financial compliance, and the potential for significant fines and penalties, companies in Germany should understand the anti-money laundering (AML) and counter-financing of terrorism (CFT) landscape – and how to meet their regulatory obligations.

What is BaFin?

Germany’s financial regulator is known as the Federal Financial Supervisory Authority, or the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin). The regulator was established in 2002 to provide oversight for all financial institutions in Germany, including banks, stock exchanges, and insurance companies. 

BaFin’s authority and powers are provided by Germany’s Banking Act (Gesetz über das Kreditwesen). In its supervisory role, BaFin works to ‘prevent irregularities in the banking system’, including those which may endanger the safety of assets or ‘substantially prejudice the economy’. BaFin sets financial regulations, including AML/CFT rules, for all institutions operating in Germany, and monitors their ongoing compliance. It is also responsible for issuing licences to German financial institutions that meet relevant criteria.

AML Regulations in Germany

As a member of the Financial Action Task Force (FATF), Germany transposes FATF AML/CFT recommendations into domestic legislation. Similarly, as a member of the EU, Germany must implement AML/CFT measures introduced in the EU’s Anti-Money Laundering Directives (AMLDs), which are issued periodically in order to maintain regulatory consistency across the union. 

With those factors in mind, AML regulations in Germany are set out in the Money Laundering Act or Geldwäschegesetz (GWG). The GWG defines the crime of money laundering in Germany and includes the following important regulatory points: 

  • Following FATF guidance, financial institutions in Germany must develop and implement risk-based AML/CFT programmes. 
  • Financial institutions must implement suitable customer due diligence (CDD) processes and screen customer transactions for suspicious activity. 
  • Where suspicious activity is detected, financial institutions must submit a report to Germany’s Financial Intelligence Unit (FIU). 

AMLD Compliance in Germany

Germany’s AML/CFT policy is shaped by the EU Anti-Money Laundering Directives, which reflect evolving financial crime methodologies and harmonise the regulatory environments in different EU member states. The most recent AMLD is the Sixth Anti-Money Laundering Directive (6AMLD) which focuses on the ongoing harmonisation of money laundering regulation across the EU. 

Germany implemented 6AMLD via the Draft Act for the Effective Prosecution of Money Laundering (Gesetz zur Verbesserung der strafrechtlichen Bekämpfung der Geldwäsche). The Draft Act introduced the following regulatory measures: 

  • A list of 22 money laundering predicate offences, including environmental crime and cyber crime.
  • An expansion of the definition of money laundering to include aiding and abetting. 
  • An extension of criminal liability for money laundering to legal persons, meaning companies and partnerships and their senior management employees.
  • Minimum 4 year prison sentences for individuals convicted of money laundering. 
  • Information sharing requirements with other EU countries in order to facilitate cross-border prosecutions. 

Updates to the German Banking Act

The German government implemented updates to the Banking Act in 2021, introducing more stringent AML/CFT measures than required by 6AMLD. Under the new rules, the following AML/CFT measures are in effect: 

Predicate offences: The distinction between predicate offences and money laundering offences has been removed. Under the new rules, German authorities may prosecute a broad range of financial crimes as money laundering offences. 

Foreign companies: If foreign companies (or a subsidiary) are active in Germany, those companies may be liable to German prosecution for money laundering. Similarly, foreign companies that commit money laundering predicate offences abroad may face criminal liability for those offences in Germany. 

Reporting obligations: Businesses in Germany must now comply with more comprehensive AML/CFT reporting rules, applicable to a broader range of transactions. Businesses may also be required to justify their business procedures to the FIU.

AML in Germany: Achieving Regulatory Compliance

Under FATF recommendations, German financial institutions must take a risk-based approach to compliance – which means they must assess individual customers and then deploy a proportionate compliance response. With that in mind, firms in Germany should implement suitable Know Your Customer (KYC) procedures in order to understand their customers’ financial behaviour, including: 

Identity verification: Financial institutions should perform customer due diligence (CDD) in order to establish and verify their customers’ identities. The CDD process should involve the collection of customer names, addresses, and birthdates, and the collection of company information including beneficial ownership details. 

Transaction screening: German firms must screen their customers’ transactions for signs of financial crime, including irregular transaction patterns, and transactions involving high risk counterparties or jurisdictions. 

Sanctions screening: In order to avoid doing business with sanctions targets, German firms must screen their customers against relevant sanctions lists, including the EU sanctions list and the UNSC Consolidated List.

ESG and Adverse Media in Germany

Environmental, social and governance (ESG) factors and adverse media monitoring are an important part of AML/CFT compliance in Germany. 

ESG

In December 2019, BaFin published its Guidance Notice on Dealing with Sustainability risks which included descriptions of ‘risk identification, management, and control processes’. In 2021, the German government passed the Supply Chain Act (Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten), a law concerning corporate due diligence for supply chains. Under the rules, firms in Germany must extend humanitarian and environmental due diligence obligations to their supply chains, including establishing systems to prevent and minimise ESG risk.  

Adverse Media

Customer involvement in financial crime is often revealed in news media prior to its confirmation by official sources. With that in mind, adverse media, also known as negative news, is a good indicator of AML/CFT risk. 

Under EU AMLD regulations, firms in Germany must implement adverse media screening requirements as part of their risk management solution. The Fourth Anti-Money Laundering Directive (4AMLD), for example, introduced a requirement for firms to screen against open source media, such as ‘reputable newspapers’. 5AMLD subsequently expanded that requirement to a broader range of business sectors and emphasised the need for firms to integrate suitable screening technology. 

2024 Bafin Guidance: Mandatory Adverse Media Screening 

In July 2024, BaFin updated its GWG compliance guidance, known as Auslegungs und Anwendungshinweise (AuA), in anticipation of the new EU Anti-Money Laundering Act (AMLA), and the need for ongoing compliance with EU AMLDs. Amongst the compliance updates set out in AuA ‘2.0’ was the introduction of mandatory adverse media screening. 

While AuA 2.0 acknowledges that adverse media screening is not explicitly required under the GWG, it states that sanctions screening and high risk country list screening is no longer sufficient for compliance, and that firms in Germany must “use all knowledge available” in order to establish AML risk, including knowledge derived “from media analyses”. 

Following the updated guidance, firms in Germany must now implement adverse media screening as part of their GWG compliance solution. 

Next Generation AML Technology

In order to achieve compliance with AML regulations in Germany, it’s vital that you integrate AML software capable of analysing vast amounts of relevant customer data, and of minimising costly false positive alerts. Ripjar’s next generation Labyrinth Screening platform is built for that purpose, integrating cutting edge screening technology to deliver automated data management, multilingual name matching, and the capability to adapt to a changing risk landscape in real time.With the capability to build deetailed AI Risk Profiles for every customer, and generate concise AI Summaries of that risk data, Labyrinth promises to supercharge your screening solution, strengthen decision making, and ensure your business is always prepared for compliance challenges.


Find out how we can help your business stay ahead of Germany’s AML compliance regulations

Learn More

Subscribe to Newsletter