Compliance Guide
Understanding EBA/GL/2024/14 for sanctions screening and AML controls
A high-level overview of expectations around policies, controls, and operational measures for European financial institutions.
What EBA/GL/2024/14 covers
The European Banking Authority (EBA) issues guidelines to foster consistent supervisory practices across the EU. These guidelines address internal governance, AML/CFT compliance expectations, and sanctions-related obligations for credit and financial institutions.
For compliance officers, understanding these guidelines is critical because they detail what regulators expect regarding the design, implementation, and oversight of screening systems. It's no longer just about checking names; it's about proving you have robust, governed processes in place.
Expectations
Key areas of operational control
Screening governance & policies
Institutions must establish clear internal policies governing how, when, and against which lists screening occurs, overseen by management.
Evidence & audit trail expectations
Regulators expect demonstrable proof of screening operations, including timestamped records of decisions and the exact data used at the time.
False positive handling procedures
Clear procedures must be in place for reviewing, escalating, and resolving alerts, ensuring that true matches are not inadvertently cleared.
Operational controls & monitoring
Systems must be robust, with controls to ensure lists are updated promptly and the technology performs reliably under volume.
Risk-based approach
Screening measures should be proportionate to the risk profile of the customer, product, and geographic exposure.
Reporting & escalation
Defined workflows for reporting confirmed matches to the relevant competent authorities in a timely manner.
How screening infrastructure supports governance
While software is designed to support compliance review—which relies heavily on internal policies and human oversight—modern screening infrastructure provides the technical foundation needed to meet regulatory expectations.
- Evidence Capsules: Verifex generates immutable records for every screen, demonstrating exactly what data was used and why a match decision was made, supporting audit requirements.
- Audit Trails: Comprehensive logs of system configurations, list updates, and analyst review actions provide transparency into the operational controls in place.
- Structured Matching: Consistent, rule-based fuzzy matching algorithms ensure that screening is applied uniformly, aligning with risk-based policy frameworks.
FAQ
Frequently Asked Questions
What is EBA/GL/2024/14?
EBA/GL/2024/14 refers to guidelines issued by the European Banking Authority regarding internal governance, risk management, and compliance controls for financial institutions concerning anti-money laundering (AML) and countering the financing of terrorism (CFT).
Does this guideline apply to my institution?
These guidelines generally apply to credit and financial institutions operating within the EU. You should consult with your legal counsel to determine your specific regulatory obligations.
How does screening software help with EBA compliance?
Modern screening software provides the operational infrastructure needed to enforce policies. It automatically updates lists, applies consistent matching logic, and generates the immutable audit trails that regulators expect to see.
Is compliance with EBA guidelines mandatory?
National competent authorities typically integrate EBA guidelines into their supervisory expectations, making them effectively binding for institutions under their purview.
Related features