FinCrime Amsterdam 2026: What the Industry Is Talking About

EU AML/AMLA: Convergence is the direction. Collaboration is the only pPath.

The EU AML Package and the incoming AMLA authority are pushing the industry toward a unified, harmonised model, but the implementation reality is significantly harder than the regulation itself. Every institution is having the same structural challenges:

• Fragmented data 
• Legacy systems built up over decades
• Different national interpretations of the same regulatory requirements

There is no one-size-fits-all solution, and pretending otherwise only delays the real work. New regulatory concepts such as more precise definitions around politically exposed persons (PEP) and ultimate beneficial owners (UBO) will be adopted with friction, but just as KYC became standard practice, so might become the requirements being introduced today.

There is also a specific operational gap that the industry needs to address: today, institutions report suspicious activity but receive no feedback on what happens next. That missing loop undermines the quality of future reporting and needs to be closed. Article 75 of the AML regulation, which strengthens the framework for collaboration and information sharing between institutions, sectors, and law enforcement, was repeatedly mentioned. The institutions preparing their data and processes now will be in a significantly stronger position than those that wait.

The consistent message across every session related to this topic: collaboration and information sharing are not optional. They are survival tools. And one reminder that kept coming up — technology and AI always need a human in the loop.

AI in financial crime: Data quality comes first

Multiple sessions explored the AI journey, and the clearest lesson was this: data quality is the foundational challenge. Institutions with decades of historical data in outdated formats cannot fully leverage AI until that data is cleaned and consolidated. There are no shortcuts.

The industry is progressing through three distinct stages:

• Analytical AI — reactive pattern detection
• Generative AI — case summaries and analyst support
• Agentic AI — autonomous reasoning and action

The gap between institutions leading on this journey and those still catching up is opening right now.

One critical point: black box AI is not accepted by regulators. Explainability is a legal requirement under the EU AI Act, not a nice-to-have. Every AI system in financial crime must be able to show its reasoning clearly. As one speaker put it, explaining AI activity in AML is like a sommelier describing a wine, the system must show its reasoning, not just deliver a verdict. The institutions investing in explainable architectures now are the ones that will lead.

Sanctions: Complexity that cannot be ignored

Sanctions compliance is not just about identifying bad actors, it is about understanding how they evade detection through network connections, shell structures, and alternative routes. 

The major sanctions sources (OFAC, UN, EU, UK) have different scopes and different interpretations of the same concepts, pushing some institutions toward overcompliance and de-risking, which creates its own set of problems for legitimate customers and business relationships. 

Sectoral sanctions are the hardest of all. They differ significantly across sources and jurisdictions, and institutions cannot be expected to navigate this complexity alone. Regulators need to do more than audit compliance, they need to actively help define the boundaries of applicability. The industry needs clearer guidance, and it needs it soon.

Cyberpsychology: Our mental autopilot is the attack surface

Fraudsters are not just technically sophisticated. They are strategists. They study patterns, test messages, and run continuous experiments to identify what works. They operate with deliberate moral disengagement — framing victims as abstractions and fraud as harmless — which is how they sustain what they do over time. Their primary weapon is heuristics: the mental shortcuts we all rely on to make fast decisions. Fraudsters feed false inputs into our decision-making autopilot, and the digital environment makes this structurally easier — fewer social cues, more time pressure, more persuasive design.

The cognitive biases consistently exploited are well documented: urgency, authority, trust, social proof, cognitive overload, isolation, and scarcity. Social engineering fraud follows a deliberate grooming process — establishing trust, building empathy, creating escalation, then dependency and isolation — until the authorised fraud happens and the victim believes they acted of their own free will. Understanding this process is not just intellectually interesting. It is operationally essential for building effective defences.

Why do people fall for fraud? It is not about age or intelligence. Fraudsters exploit routine, predictability, and cognitive overload, conditions that affect everyone. And one counterintuitive but well-supported finding: knowledge of technology creates overconfidence, making tech-savvy people more vulnerable in certain situations, not less. The most effective defense is simple: make people pause and think. The right friction, at the right moment, in plain language, disrupts the autopilot before the damage is done.

Fraud is a society problem and demands a holistic response

Fraud is not a banking problem. It is not a technology problem. It is a society problem. Social engineering, money mule accounts, and AI-powered scams are scaling faster than any single institution can respond to alone. AML and fraud cannot stay siloed — they are both crime, and the response needs to be integrated, cross-border, and cross-sector. Education matters as much as detection.

One of the sharpest framings of the day: the financial crime industry has long operated like the blind men and the elephant — each function touching a different part and reaching a different conclusion. Fraud teams see one piece. AML teams see another. Sanctions teams see another. But today, the elephant is also changing shape. Financial crime is evolving faster than any siloed system can track, and a fragmented view is no longer enough.

A holistic approach is customer-centric, not transaction-centric. It looks across all layers simultaneously. And one insight worth highlighting: regulators design rules to make compliance predictable, but that predictability is exactly what criminals exploit to find the edges of the system.

Worldline's Fraud Solution: Protecting the full payment journey

At Worldline, staying at the forefront of financial crime and fraud prevention is a responsibility we take seriously. That is why we are building a holistic approach to fraud and financial crime, protecting the customer across the entire journey, from payment initiation to payment monitoring.

The challenges discussed in Amsterdam — fragmented data, explainable AI, sanctions complexity, social engineering, and the need for cross-sector collaboration — are exactly the areas where Worldline is investing today, so that our clients are ready for what comes next.

Want to continue the conversation? Reach out to our team to explore how Worldline can support your institution's fraud and financial crime journey.