top of page

AML, Cyber, and Fraud Remain Top Operational Risks for European Banks, Says EBA

The European Banking Authority (EBA) has highlighted that Anti-Money Laundering (AML) concerns, along with cyber and fraud risks, continue to be the primary operational risks faced by European banks. The findings were disclosed in the EBA's Risk Dashboard for the third quarter of 2023. The report indicates that most material weaknesses pertain to institutions' customer due diligence (CDD) policies and procedures, with particular emphasis on shortcomings in customer risk rating approaches.

AML, Cyber, and Fraud Remain Top Operational Risks for European Banks, Says EBA

During the period from September to November 2023, the EBA reported 161 deficiencies, termed as 'material weaknesses,' across 59 institutions. Among these, 21 were credit institutions, accounting for 55 deficiencies. Corrective measures, totaling 80, were reported to address these deficiencies, with 33 of them related to credit institutions. The EBA's findings highlight ongoing challenges in the banking sector's efforts to combat money laundering effectively.

The key drivers for operational risks, as outlined by the European Central Bank (ECB) in its Risk Assessment Questionnaire (RAQ), include information and communication technology (ICT), IT security risks, cyber-related risks, fraud, and circumvention of anti-money laundering and counter-financing of terrorism (AML/CFT) measures. The RAQ also revealed that cyber risk and data security are predominant factors influencing operational risks, with nearly two-thirds of banks acknowledging this perspective.


The volume and frequency of cyber-attacks remain high, with continued concerns about data breaches, hacker attacks, and operational deficiencies related to ICT. The EBA pointed out that incidents causing service unavailability in the payment sector were mainly attributed to system failures, followed by process failures and external events.

The persistent challenges in AML compliance underscore the need for European banks to enhance their customer due diligence policies and procedures. The convergence of AML, cyber, and fraud risks highlights the multifaceted nature of threats facing financial institutions, necessitating a comprehensive and adaptive approach to risk management. As the banking landscape continues to evolve, institutions must prioritize robust measures to address operational vulnerabilities and safeguard the integrity of the financial system.



bottom of page