Perfect Timing as RISQED Launches in Jersey - the EU's AMLA Launches BWRA Consultations

In a highly timely coincidence,

• Just three weeks after the EU’s Anti-Money Laundering Authority (AMLA) launched public consultations on
• Business-Wide Risk Assessment (BWRA) Guidelines and
• Group-Wide Regulatory Technical Standards (RTS)
• On 16 April 2026, Comsure and its partners are launching RISQED,
• A Jersey-developed AI-supported Risk and GRC platform, on 7 May 2026.

Executive Summary:

• On 16 April 2026, the EU’s Anti-Money Laundering Authority (AMLA) launched two high-impact public consultations that will define how obliged entities across the EU (and groups with EU presence) must identify, assess, and manage money laundering and terrorist financing risks at entity-wide and group-wide levels.
• These drafts operationalise core requirements of the new AML Regulation (AMLR), which becomes directly applicable from July 2027.

Why This News Is Important

• The Business-Wide Risk Assessment (BWRA) Guidelines set minimum (yet proportionate) expectations for every obliged entity’s
• Risk understanding,
• Control design,
• Residual risk evaluation, and
• Risk appetite alignment.
• The Group-Wide RTS establish binding minimum standards for
• Consolidated policies,
• Information sharing,
• Governance, and
• Third-country operations.[e.g. Jersey/Guernsey/Mauritius, etc]
• The above move the EU from high-level principles to detailed, consistent, enforceable rules, reducing fragmentation, strengthening supervision, and directly affecting thousands of financial and non-financial entities.
• Feedback from the current consultations (open now) will shape the final rules, making stakeholder input right now highly influential.

Why This Is Particularly Relevant for Entities Registered in Jersey

• Jersey, as a leading international financial centre and a “third country” under EU law, sits at the heart of many cross-border structures. Numerous Jersey-registered companies, funds, trusts, and service providers:
• Form part of EU-headquartered groups,
• Operate branches or subsidiaries in the EU, or
• Serve EU clients.
• The draft RTS explicitly address group-wide obligations in cross-border and third-country situations, including
• Information-sharing rules,
• Parent-undertaking identification, and
• Extra safeguards when local (Jersey) law interacts with EU requirements.
• Early alignment with these standards is therefore not just good practice: it is becoming a commercial and regulatory necessity to maintain access to EU markets, avoid group-level compliance gaps, and protect Jersey’s international reputation.

Why the RISQED Launch on 7 May 2026 Is Highly Timely

• RISQED, a Jersey-developed, AI-supported SaaS Governance, Risk & Compliance (GRC) platform, is launching on 7 May 2026 with the event “Kill Your Spreadsheets of Doom – Ditch Excel BRAs Forever”.
• The timing is excellent for maximum impact:
• AMLA consultations are fresh (launched only three weeks ago), and the topic is now front-of-mind for compliance, legal, and risk teams.
• AMLA’s public hearings are scheduled for 20 May (Group-Wide RTS) and 28 May (BWRA Guidelines).
• The RISQED launch on 7 May also
• Coincides perfectly with Jersey’s own domestic AML developments (recent Money Laundering (Amendment) Order and major Jersey AML Handbook updates taking effect 31 May 2026),
• Creating a perfect “compliance season” across both jurisdictions.

RISQED directly solves the exact challenges AMLA is now regulating:

• Fully automates Enterprise-Wide Risk Assessments (EWRAs/BRAs) with
• Inherent/residual risk scoring, control effectiveness mapping, risk appetite visualisations, and centralised risk taxonomy (including dedicated AML/CTF, Financial Crime, and Regulatory registers).
• Provides group and multi-tenant support for
• Consolidated group-wide views and customisable client portals ideal for TCSPs, fund administrators, and cross-border structures.
• Delivers audit-ready records, real-time dashboards, AI-supported analysis, and 50%-time [at least] savings replacing error-prone Excel spreadsheets with a regulator-aligned, scalable platform built in Jersey for Jersey [and other jurisdiction-regulated] firms.

In short,

• The 7 May RISQED launch positions a made-in-Jersey solution at the exact moment when decision-makers in Jersey and the EU are most focused on these exact requirements, turning regulatory change into an immediate business and governance advantage.
• This is a high-visibility moment to demonstrate how RISQED helps entities meet the forthcoming EU standards while operating seamlessly from Jersey.

Ready to see it in action?

• Book your place at the launch: https://www.eventbrite.co.uk/e/risqed-launch-kill-your-spreadsheets-of-doom-ditch-excel-bras-forever-tickets-1987624101192 Or
• contact the team directly: yes@comsuregroup.comt | Sunil 07797 936464 | Mathew 07797 747490

READ MORE ABOUT RISQED -   

• https://www.comsuregroup.com/media/mx1dgh2g/10851-comsure-risqed-brochure-4pp-lr-for-linkedin.pdf
• https://www.comsuregroup.com/media/rtpfa2rs/10842-comsure-risqed-a4-flyer-lr-for-linkedin.pdf     
• https://www.comsuregroup.com/news/risqed-is-comsure-s-new-ai-powered-governance-risk-compliance-grc-platform/
• https://www.comsuregroup.com/news/exciting-news-from-risqed-jersey-has-an-ai-powered-audit-ready-bra-system-ready-to-use/
• https://www.comsuregroup.com/news/mat-says-bringing-risk-assessments-into-the-21st-century-with-risqed/

Full Briefing: AMLA Public Consultations on Draft Guidelines for Business-Wide Risk Assessment (BWRA) and Draft RTS on Group-Wide Requirements (launched 16 April 2026)

1. Background and Context

The Anti-Money Laundering Authority (AMLA) is the EU’s central body for AML/CFT supervision and policy.

• It is implementing the new Anti-Money Laundering Regulation (AMLR – Regulation (EU) 2024/1624), which applies directly across the EU from 10 July 2027 (with some provisions phased in later).
• The AMLR replaces and strengthens elements of the previous AML Directives, harmonising rules for obliged entities (OEs) in both financial and non-financial sectors (e.g., banks, crypto providers, lawyers, accountants, real estate agents, etc.).

A core principle of the AMLR is the risk-based approach:

• OEs must identify, assess, and manage money laundering (ML), terrorist financing (TF), and risks related to non-implementation/evasion of targeted financial sanctions (TFS) across their entire operations. Two foundational building blocks are:
• Business-wide risk assessments (BWRA) – required under Article 10 AMLR.
• Group-wide AML/CFT policies, procedures, and controls – required under Articles 16 and 17 AMLR, including cross-border and third-country situations.

On 16 April 2026,

• AMLA launched two parallel public consultations on draft instruments to operationalise these requirements. These are among the first major deliverables under the new AML package and are designed to promote consistency, proportionality, and effective risk management while encouraging input, especially from the non-financial sector.

The consultations close with relatively short windows (standard for AMLA’s early mandates), and two online public hearings are scheduled to engage directly with stakeholders.

2. Draft Guidelines on Business-Wide Risk Assessment (under Article 10(4) AMLR)

Purpose: Obliged entities must carry out a BWRA to understand their overall ML/TF/TFS risks arising from their business model, customers, products/services, delivery channels, and geographical exposure. The BWRA is not the same as individual customer risk assessments; it is a high-level, entity-wide exercise that informs internal controls, policies, and resource allocation. The draft Guidelines set minimum requirements while stressing that the BWRA must be proportionate to the OE’s size, nature, complexity, and risk profile.

Key Proposals (Four Minimum Requirements – applicable to all OEs):

1. MR1: Business and Operational Overview –
• A concise description of the OE’s legal/operational structure, group (if any), customer base, products/services/transactions in scope, delivery channels, geographical footprint, AML/CFT organisation, outsourcing, and use of new/emerging technologies. This forms the foundation for tailoring the BWRA’s depth.
2. MR2: Identification, Assessment and Classification of Inherent Risks –
• Holistic analysis of how ML/TF/TFS risks could materialise, drawing on risk factors (customers, products, channels, geography) plus emerging risks, strategic changes, and supervisory data points. Risks must be classified meaningfully.
3. MR3: Assessment of the Quality of AML/CFT/TFS Controls –
• Evaluation of how well policies, procedures, and controls mitigate the inherent risks (design + implementation effectiveness), supported by evidence such as testing, audits, and supervisory findings.
4. MR4: Assessment and Classification of Residual Risks – D
• Determination of remaining risks after controls, with prioritisation of remediation actions. For groups, the parent consolidates subsidiary BWRAs for a group-wide view.

Proportionality and Flexibility:

• Simpler, qualitative approaches are acceptable for low-complexity OEs.
• Sectoral BWRAs developed by supervisors can be a starting point, but OEs remain responsible.
• Documentation, management-body approval, regular updates/reviews, and staff communication are required (with exemptions for very low-risk OEs under Article 10(3) AMLR).

Additional Sources of Information (non-exhaustive, beyond Article 10(1) AMLR):

• Public/official sources, international standard-setters (FATF, etc.), industry bodies, credible media/intelligence reports, civil society (e.g., corruption indices), and internal data (STRs, audits, supervisory feedback).

Interactions: The BWRA links to (but is distinct from) customer due diligence, group-wide assessments, and other AMLA instruments (e.g., supervisory risk-assessment RTS).

Consultation Details:

• Open until 15 July 2026 (23:59 CEST).
• Public hearing: 28 May 2026, 10:00–12:00 CET.
• Responses via EU Survey (any official EU language); strong encouragement for non-financial sector input.

AMLA expects final Guidelines in Q4 2026.

3. Draft Regulatory Technical Standards (RTS) on Group-Wide Requirements (under Articles 16(4) and 17(3) AMLR)

Purpose: Groups (and certain non-group structures) must apply consistent AML/CFT policies, procedures, and controls across all entities, branches, and subsidiaries to obtain a consolidated view of ML/TF risks. The RTS set minimum standards for governance, information sharing, parent identification (especially where the head office is outside the EU), application to non-traditional structures (common in non-financial sectors), and additional safeguards when operating in third countries.

Key Minimum Standards:

• Organisational/Governance Aspects (Article 3 of draft RTS): Policies/procedures/controls must cover the whole group/structure; clear governance (compliance manager/officer roles, reporting lines, conflict-of-interest mitigation); group-level BWRA; regular information exchanges; periodic effectiveness reviews; staff communication.
• Information Sharing (detailed, need-to-know, data-protection compliant): Covers CDD data, transactions, risk assessments, STRs, typologies, adverse media, etc. Specific rules for cross-border/third-country restrictions (notification to supervisors within 28 days, alternative measures, consents).
• Parent Undertaking Identification (for cases with third-country head office and multiple unrelated EU OEs, or non-group structures): Criteria based on prominence of activities, understanding of operations, decision-making authority, and (fallback) highest turnover. Formal notification and supervisor decision process.
• Extension to Non-Group Structures: Applies to networks, partnerships, franchises, etc., that share common ownership, management, or compliance control (detailed conditions and parent-identification criteria).
• Third-Country Situations (additional measures under Article 17 AMLR): Where local law blocks full compliance (e.g., data sharing/secrecy rules), entities must notify supervisors, seek consents, apply enhanced controls (restricted products, extra monitoring, prior approvals, etc.). If the situation remains insufficient, supervisors can require mitigation plans, restrict activities, or mandate closure.

Proportionality: Risk-based and tailored to group size/complexity; entity-level obligations remain.

Consultation Details:

• Open until 15 June 2026.
• Public hearing: 20 May 2026, 10:00–12:00 CET.
• Same response rules as above (any EU language, emphasis on non-financial sector).

AMLA will submit the final draft RTS to the European Commission by 30 September 2026; the application will open on 10 July 2027 (with some transitional provisions).

4. Responding to the Consultations

• Access: Full press release, consultation papers, and draft texts are on the official AMLA website (amla.europa.eu – search “group-wide requirements” or “business-wide risk assessment”). Direct links to consultation pages and PDFs are provided there.
• Who should respond? All stakeholders are welcome, but AMLA particularly welcomes feedback from the non-financial sector (lawyers, accountants, real estate, etc.).
• Format: Written submissions via the EU Survey tool; reference specific questions in the consultation papers if possible.
• Hearings: Free online public hearings (registration required via AMLA website); opportunity to ask questions and comment live.

5. Why This Matters

These instruments are cornerstones of the new EU AML/CFT framework. They:

• Promote a genuine risk-based (not tick-box) approach.
• Reduce fragmentation across sectors and Member States.
• Address cross-border and third-country challenges (a major gap in the old regime).
• Support supervisory convergence once AMLA begins direct supervision of high-risk entities/groups.

Feedback will shape practical implementation and help avoid unintended consequences (e.g., over-burdening smaller OEs or de-risking).

Next Steps:

• AMLA will review responses (including from hearings), finalise the texts, and publish them. The RTS will become directly applicable EU law once adopted by the Commission; the Guidelines will be non-binding but carry significant weight.
• For the latest documents, registration links, or to submit responses, visit the official AMLA consultations page: AMLA Consultations and the specific consultation pages linked from there.

Here are the 10 most relevant & official web sources on the AMLA consultations (launched 16 April 2026) for Business-Wide Risk Assessment (BWRA) Guidelines and Group-Wide Requirements RTS.

Ready to copy-paste:

1. Official AMLA Press Release (main announcement) https://www.amla.europa.eu/amla-consults-group-wide-requirements-and-business-wide-risk-assessment_en
2. Official Consultation Page – Draft Guidelines on Business-Wide Risk Assessment https://www.amla.europa.eu/policy/public-consultations/consultation-draft-guidelines-business-wide-risk-assessment_en
3. Official Consultation Page – Draft RTS on Group-Wide Requirements https://www.amla.europa.eu/policy/public-consultations/consultation-draft-rts-group-wide-minimum-requirements-and-additional-measures-subsidiaries-and_en
4. Direct PDF – Consultation Paper: Draft BWRA Guidelines (Article 10(4)) https://www.amla.europa.eu/document/download/f2db8372-e12a-4818-a991-6a3d45a0cd91_en?filename=Consultation%20Paper%20On%20draft%20Guidelines%20under%20Article%2010%284%29%20of%20Regulation%20%28EU%29%2020241624.pdf
5. Direct PDF – Consultation Paper: Draft RTS on Group-Wide Requirements (Articles 16 & 17) https://www.amla.europa.eu/document/download/4ee33b25-2f03-4ed1-938b-a4ca36714d55_en?filename=Consultation%20paper%20RTS%20under%20Articles%2016%284%29%20and%2017%20of%20Regulation%20EU%202024162.pdf
6. Public Hearing – Draft RTS on Group-Wide Requirements (20 May 2026) https://www.amla.europa.eu/events/public-hearing-draft-rts-group-wide-minimum-requirements-and-additional-measures-subsidiaries-and-2026-05-20_en
7. Public Hearing – Draft Guidelines on Business-Wide Risk Assessment (28 May 2026) https://www.amla.europa.eu/events/public-hearing-draft-guidelines-business-wide-risk-assessment-2026-05-28_en
8. A&O Shearman Detailed Summary + Analysis https://www.jdsupra.com/legalnews/amla-consults-on-group-wide-9393591/
9. Regulation Tomorrow – Full Summary https://www.regulationtomorrow.com/2026/04/amla-consults-on-group-wide-requirements-and-business-wide-risk-assessment/
10. CSSF (Luxembourg Supervisor) Announcement – BWRA Guidelines https://www.cssf.lu/en/Document/public-consultation-by-amla-on-the-draft-guidelines-on-business-wide-risk-assessment/

Source List  

• https://www.comsuregroup.com/media/mx1dgh2g/10851-comsure-risqed-brochure-4pp-lr-for-linkedin.pdf
• https://www.comsuregroup.com/media/rtpfa2rs/10842-comsure-risqed-a4-flyer-lr-for-linkedin.pdf     
• https://www.comsuregroup.com/news/risqed-is-comsure-s-new-ai-powered-governance-risk-compliance-grc-platform/
• https://www.comsuregroup.com/news/exciting-news-from-risqed-jersey-has-an-ai-powered-audit-ready-bra-system-ready-to-use/
• https://www.comsuregroup.com/news/mat-says-bringing-risk-assessments-into-the-21st-century-with-risqed/