AMLD6 (Directive (EU) 2018/1673)

What is AMLD6?

The Sixth Anti-Money Laundering Directive (AMLD6), formally Directive (EU) 2018/1673 on combating money laundering by criminal law, is the EU instrument that harmonises the criminal-law treatment of money laundering across all member states. Adopted in 2018 and effective from 3 December 2020 — with a further six months for financial institutions — AMLD6 sits alongside the earlier AMLD5 (preventive framework) and the new EU AML Regulation (AMLR) to form the EU's anti-money-laundering architecture.

Where earlier directives focused on prevention — CDD, beneficial ownership, suspicious activity reporting — AMLD6 focuses on prosecution. It defines what counts as a money-laundering offence, who can be held liable, and the minimum penalties member states must impose. For background on what money laundering is and how it operates, see our explainer on the stages of money laundering.

Key changes introduced by AMLD6

AMLD6 introduces five structural changes to EU AML criminal law. First, it establishes a harmonised list of 22 predicate offences that every member state must recognise as generating proceeds capable of being laundered, covering everything from tax crimes and environmental crimes to cybercrime and corruption. Second, it extends criminal liability to legal persons — companies, partnerships, and other entities can now be prosecuted for money laundering, not just individuals.

Third, the directive sets a minimum maximum penalty of four years' imprisonment for the principal money-laundering offence, with heavier sanctions where aggravating factors apply. Fourth, it requires that aiding, abetting, inciting, and attempting money laundering be punishable in their own right. Fifth, it criminalises self-laundering — the act of laundering proceeds derived from one's own predicate crime — in most circumstances. Together, these changes close gaps that previously allowed offenders to exploit differences in member-state criminal codes.

The 22 predicate offences under AMLD6

AMLD6 requires member states to recognise the following categories as predicate offences for money laundering. The list is exhaustive — member states cannot remove offences but may add their own. Mapping these categories into onboarding and monitoring controls is a core input to any criminal screening programme — and the AML watchlist screening stack that surrounds it.

• Participation in an organised criminal group and racketeering
• Terrorism, including financing of terrorism
• Trafficking in human beings and migrant smuggling
• Sexual exploitation, including of children
• Illicit trafficking in narcotic drugs and psychotropic substances
• Illicit arms trafficking
• Illicit trafficking in stolen and other goods
• Corruption
• Fraud
• Counterfeiting of currency
• Counterfeiting and piracy of products
• Environmental crime
• Murder and grievous bodily injury
• Kidnapping, illegal restraint, and hostage-taking
• Robbery or theft
• Smuggling
• Tax crimes (direct and indirect taxation)
• Extortion
• Forgery
• Piracy
• Insider dealing and market manipulation
• Cybercrime

Criminal liability for legal persons

A defining feature of AMLD6 is that companies and other legal entities can be held criminally liable for money-laundering offences committed for their benefit by anyone in a leading position. Liability also attaches where a lack of supervision or control by management made the offence possible.

Sanctions against legal persons can be severe. Member states may impose criminal or non-criminal fines, exclude offending entities from public benefits or aid, disqualify them temporarily or permanently from commercial activities, place them under judicial supervision, order judicial winding-up, or close establishments used to commit the offence. For financial institutions, this materially raises the stakes: weak AML screening, poor transaction monitoring, or inadequate governance can now expose the entity itself — not just individuals — to prosecution. See our overview of AML compliance for the controls that mitigate criminal-law exposure, and our explainer on finding the UBO for the beneficial-ownership work that underpins corporate liability assessment.

AMLD6 and money laundering typologies

The 22 predicate offences map directly onto the money-laundering typologies AML programmes are calibrated to detect — placement, layering, integration patterns across cash-intensive businesses, trade-based laundering, shell companies, mules, and digital asset rails. For a reader-friendly walkthrough, see our explainer on the stages of money laundering.

Penalties under AMLD6

The directive sets minimum maximum penalties that member states must adopt. Natural persons face a maximum sentence of at least four years' imprisonment for the principal money-laundering offence. Aggravating circumstances — for example, an offence committed within a criminal organisation or by an obliged entity in the course of professional activity — must trigger heavier sentences. Legal persons face effective, proportionate, and dissuasive sanctions, including criminal or administrative fines. Member states retain discretion to impose stricter penalties, and several have done so.

AMLD6 and cross-border cooperation

AMLD6 strengthens cross-border AML enforcement by closing the territorial gaps that previously allowed offenders to evade prosecution. The directive introduces clear jurisdictional rules — member states must establish jurisdiction where the offence is committed in their territory or by one of their nationals. Where two or more states have concurrent jurisdiction, AMLD6 obliges them to coordinate and, where possible, centralise proceedings to avoid parallel prosecutions. The directive also reinforces mutual legal assistance and information sharing between investigators, prosecutors, and Financial Intelligence Units, aligning EU criminal procedure with FATF Recommendation 3 and the Council of Europe's Warsaw Convention on money laundering.

AMLD6 vs AMLD5

Aspect	AMLD5	AMLD6
Focus	Prevention	Criminal prosecution
Approach	CDD, beneficial ownership, FIU access, crypto exchange registration	Definitions, liability, penalties
Scope of "obliged entities"	Wide — banks, fintechs, lawyers, accountants, real estate, VASPs	All persons (natural and legal) capable of laundering
Predicate offences	Defined nationally	Harmonised list of 22 categories
Penalty minimum	Member-state discretion	At least 4 years' imprisonment
Effective from	Jan 2020	Dec 2020 (Jun 2021 for FIs)

The two directives are complementary, not alternatives — financial institutions must comply with both.

Who must comply with AMLD6

Although AMLD6 is a criminal-law directive aimed primarily at member-state legislatures, its impact reaches every EU obliged entity. Banks, credit institutions, payment and e-money firms, investment houses, asset managers, and insurers all face corporate criminal exposure if their controls fail. Crypto-asset service providers (CASPs) — explicitly within scope of EU AML obligations following AMLD5 and the MiCA framework — are subject to the same liability regime. The directive equally reaches DNFBPs such as lawyers, accountants, real-estate agents, trust and corporate service providers, dealers in high-value goods, auditors, and tax advisors. In practice, any entity already covered by the EU AML preventive framework needs to factor AMLD6 criminal-law exposure into its compliance programme.

AMLD6 and the 2024 EU AML package

In 2024, the EU adopted a major overhaul of its AML framework — the EU AML Package. The package comprises Regulation (EU) 2024/1624 (the AMLR), which introduces directly applicable harmonised rules for obliged entities; Directive (EU) 2024/1640, which replaces AMLD4 and AMLD5 (and is sometimes informally referenced as "AMLD6" in commentary, causing confusion with the 2018 criminal-law directive); and Regulation (EU) 2024/1620, which establishes the new EU AML Authority (AMLA).

The 2018 criminal-law directive remains in force and is not replaced by the 2024 package. The 2024 instruments sit on top of it, harmonising the preventive framework while AMLD6 continues to govern criminal liability.

Compliance implications for financial institutions

AMLD6 turns corporate criminal liability into a real exposure for financial institutions, not a theoretical one. Programmes must detect activity tied to all 22 predicate-offence categories — the same scenarios that drive a robust transaction monitoring framework — demonstrate board-level oversight, and produce defensible evidence trails. For tooling decisions that affect AMLD6-grade controls, see our overview of the best AML software for regulatory compliance.