Risk & Resilience

For decades, anti-money laundering compliance has been defined by accumulation. More alerts, more filings, more controls, more documentation. Each layer added with the quiet understanding that no one would be faulted for doing too much, only for doing too little. The result was not failure, exactly, but a kind of defensive equilibrium. Programs became expansive, but not necessarily incisive. Activity was measurable. Effectiveness was not.

Europe’s new Anti-Money Laundering Authority launched two public consultations that go to the heart of that effort, setting out draft expectations for business-wide risk assessments and group-wide AML and counter-terrorist financing frameworks. The proposals arrive as part of a broader push to bring consistency to a system that has long varied across sectors and jurisdictions.

The Central Bank of the United Arab Emirates has rolled out a big update to its anti-financial crime framework, issuing new guidance aimed at strengthening how financial institutions detect and respond to money laundering, terrorist financing, and proliferation financing risks.

The Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) is developing a common methodology that supervisors across the EU will use to assess money laundering and terrorist financing risks in the non-financial sector. Before formal proposals are put forward, the authority is convening an online stakeholder roundtable on 4 May 2026 to gather input from industry representatives.

New Zealand’s financial sector is getting a closer look under the hood as regulators seek to understand how well firms can keep running when disruption hits. In a new set of findings, the Financial Markets Authority has pulled together insights from across several corners of the market, offering a clearer picture of how operational resilience is taking shape in practice, and where gaps may still remain.

Organizations today exist within ecosystems defined by volatility, complexity, and interconnectedness. Traditional risk management models, designed for slower and more predictable environments, rely on retrospective analysis and periodic assessment. They tell leaders what went wrong after the fact, but they struggle to foresee emerging vulnerabilities or cascading effects. As data volumes expand and the pace of change accelerates, enterprises require a new approach that shifts risk management from static oversight to continuous foresight. The concept of the digital twin offers that shift; a way to understand, anticipate, and influence organizational risk in real time.

In new guidance published this week, the Swiss Financial Market Supervisory Authority FINMA makes it clear that digital fraud is no longer a peripheral issue. It has been steadily rising since 2022, fueled in part by the surge in digital banking that took hold during the pandemic and never really slowed down.