Identifying and assessing threats and risk across a business is reentering a new era as financial crime threats grow more complex and regulatory expectations evolve in step. Under the 2025 EU Anti-Money Laundering Regulation (#AMLR), Article 10 strengthens and reaffirms the 4th Anti-Money Laundering (#4AMLD) “business wide risk assessment” (BWRA) obligations.

A central pillar of this framework is the European Commission’s Supranational Risk Assessment (SNRA), published every 2 years. The #SNRA functions as a strategic threat and vulnerability analysis for the #EU #AML system identifying high-risk sectors such as crypto-assets and luxury goods, alongside predicate offenses like tax evasion, corruption, and environmental crime. The SNRA also maps out cross-border #typologies, systemic #risks, and gaps in supervision and enforcement. These insights are intended to inform, not sit alongside, internal risk frameworks.

Equally important, though often less harmonized, are the National Risk Assessments (NRAs) issued by each EU Member State. These documents reflect local vulnerabilities, legal interpretations, and enforcement gaps that institutions must also incorporate into their #BWRA. While the SNRA provides the EU-wide baseline, NRAs introduces jurisdiction-specific considerations. For institutions operating across borders, or managing clients with multi-jurisdictional exposure, this can significantly increase the legal and operational burden in maintaining a compliant risk framework.

Obligated entities must not only assess risks across their business, customer base, delivery channels, and product suite—they must now also demonstrate traceability to both EU and national assessments. By 10 July 2026, the new Anti-Money Laundering Authority (#AMLA) will develop technical standards and sectoral guidance to align supervisory expectations across the EU and evaluate the effectiveness of implementation.

This is where Hybrid Threat Finance (HTF) becomes a critical enabler. The primary output of any threat assessment is a clear portrait of the threat landscape — #HTF delivers that. It identifies who the threat actors are, how they operate, and what vulnerabilities they are likely to exploit. HTF helps financial institutions understand not just abstract typologies but specific adversaries, behaviors, and targets. It empowers firms to assess how their products, customers, and delivery channels may be exposed—transforming BWRA into dynamic, actionable frameworks.