AMLD6 & the EU AML Single Rulebook: What Changes

For decades, EU anti-money-laundering (AML) law worked through directives — each member state transposed them into its own national law, and the result was a patchwork of subtly different rules across 27 markets. A firm operating in five countries faced five interpretations of the same obligation. The EU is now closing that gap with the AML Single Rulebook: a directly-applicable AML Regulation, a sixth AML Directive (AMLD6), and a new EU-level Anti-Money Laundering Authority (AMLA) to supervise and coordinate.

For anyone onboarding customers in the EU, this is the most consequential AML change in a generation. This post explains what's changing, why it matters for onboarding specifically, and how Didit's identity-and-fraud stack keeps you compliant as the rules harmonize.

Key takeaways

• The EU is moving from directives (transposed differently in each country) to a single, directly-applicable rulebook — far less national divergence.
• AMLD6 plus the AML Regulation tighten and harmonize customer due diligence (CDD), beneficial-ownership transparency, and the obligations of regulated entities.
• A new central authority, AMLA, will supervise high-risk firms and drive consistent application across the bloc.
• For onboarding, expect clearer, stricter, more uniform CDD — reliable identity verification, beneficial-ownership identification, and ongoing monitoring become non-negotiable everywhere.
• Didit covers the full lifecycle: KYC verification (from $0.33), AML screening ($0.20, 1,300+ lists), ongoing AML monitoring ($0.07/user/year), and KYB with beneficial-ownership extraction ($2.00/company).
• An independent finReg360 legal opinion (2026-04-28) concludes Didit's remote onboarding is compatible with the incoming EU AML Single Rulebook.

What the rule changes

The Single Rulebook reorganizes EU AML law into three main instruments working together:

• The AML Regulation — directly applicable in every member state with no national transposition. It harmonizes core obligations: customer due diligence, identification and verification of customers and beneficial owners, treatment of politically exposed persons (PEPs), record-keeping, and reporting. Because it's a regulation, the same text applies in every market.
• AMLD6 — a directive covering the institutional side: the powers and organization of national Financial Intelligence Units and supervisors, beneficial-ownership registers, and cooperation mechanisms.
• AMLA — the new EU Anti-Money Laundering Authority, which will directly supervise certain high-risk obligated entities and coordinate national supervisors to ensure the rulebook is applied consistently.

For onboarding teams, the practical effects are: more uniform CDD requirements across markets, sharper expectations on identity verification and beneficial-ownership identification, explicit treatment of remote onboarding, and ongoing monitoring as an expected control rather than an afterthought. The discretion that let national regimes diverge narrows considerably.

Why it matters

If you operate across multiple EU markets today, much of your compliance cost comes from difference — maintaining slightly different onboarding flows, document policies, and CDD thresholds per country. The Single Rulebook reduces that divergence, which is genuinely good news: one harmonized standard is cheaper to build to than 27.

But harmonization upward also raises the floor. Markets that ran lighter-touch onboarding will have to meet the common standard, and supervision under AMLA will be more consistent and, for high-risk entities, more direct. The cost of weak onboarding — letting through fraudulent identities, missing a sanctioned party, failing to identify a beneficial owner — rises accordingly. The firms that win are the ones whose verification stack already meets the higher, harmonized bar and can prove it.

How Didit helps

Didit was built as one composable platform across the AML lifecycle the Single Rulebook governs — identify, screen, and monitor:

• Customer identity verification (KYC). Document verification across 14,000+ document types, NFC chip reading, active/passive liveness, and biometric face match. The core flow (ID + passive liveness + face match + IP analysis) starts at $0.33, with 500 free checks per month.
• AML and sanctions screening. POST /v3/aml/ checks names against 1,300+ watchlists at $0.20 per check, with a two-score model (a match score and a risk score) and PEP levels 1–4 plus relatives and close associates (RCA) — so screening reflects the PEP and sanctions treatment the rulebook expects.
• Ongoing AML monitoring. Daily rescreening at $0.07 per user per year, turning monitoring into a continuous control rather than a point-in-time check.
• Business verification (KYB). kyb_registry, kyb_company_aml, and kyb_key_people extract company data, screen the entity, and identify ultimate beneficial owners and officers — at $2.00 per company, with linked KYC for each UBO. That directly addresses the beneficial-ownership identification the rulebook tightens.
• Audit trails. Webhooks (status.updated, data.updated, business.status.updated) record every step for the record-keeping obligations.

And on the remote-onboarding question specifically: an independent finReg360 memo dated 2026-04-28 concludes that Didit's remote onboarding tool meets the EBA Guidelines on remote customer onboarding (EBA/GL/2022/15) and is compatible with the incoming EU AML Single Rulebook — with the video-identification process not requiring manual human review when Didit's automated controls are in place.

Deep dive: harmonized CDD, one workflow

The strategic opportunity in the Single Rulebook is consolidation. Where you once maintained per-market onboarding logic, you can now build to one harmonized CDD standard — and Didit's no-code Workflow Builder is where you express it.

Compose a single workflow that runs the right checks on a risk basis: document + liveness + face match for baseline identity, AML screening against 1,300+ lists, beneficial-ownership extraction and entity AML for business customers, and ongoing monitoring for the life of the relationship. Conditional branching lets you escalate — add proof of address, step-up verification, or manual review — where risk is higher, without forking the whole flow per country. Because everything runs on the unified /v3/ API and bills pay-per-success, you scale the same compliant standard across every EU market you enter.

Use cases

• Multi-market EU fintechs consolidating divergent national onboarding into one harmonized CDD workflow.
• EMIs and payment institutions preparing for AMLA supervision and stricter CDD expectations.
• Crypto VASPs brought firmly into scope, needing KYC, AML, and beneficial-ownership checks in one stack.
• Lenders and marketplaces that must evidence beneficial-ownership identification for business customers.

Frequently asked questions

What is the EU AML Single Rulebook?

A package replacing the old patchwork of nationally-transposed AML directives with a directly-applicable AML Regulation, a sixth AML Directive (AMLD6), and a central authority (AMLA) — harmonizing AML obligations across the EU.

How is this different from previous AML directives?

Earlier directives were transposed into national law, producing divergence. The new AML Regulation applies directly and uniformly in every member state, so the core obligations are the same everywhere.

What changes for customer onboarding?

Expect more uniform and stricter customer due diligence: reliable identity verification, beneficial-ownership identification, defined treatment of remote onboarding, and ongoing monitoring as an expected control.

Does Didit cover beneficial-ownership identification?

Yes — Didit's Business Verification (KYB) extracts registry data and identifies ultimate beneficial owners and officers, with linked KYC for each UBO, at $2.00 per company.

Is Didit compatible with the incoming Single Rulebook?

An independent finReg360 legal opinion (2026-04-28) concludes Didit's remote onboarding is compatible with the incoming EU AML Single Rulebook and meets EBA/GL/2022/15.

Ready to get started?

See Didit's compliance posture on the trust hub, explore AML Screening and the ID Verification product, and review transparent pricing on the pricing page. When you're ready, start free — 500 free KYC checks every month, with a core verification flow from $0.33.