AMLD6's UBO Registry Deadline: What July 10 Means for KYC

July 10, 2026 is six weeks away. It is the transposition deadline for AMLD6's beneficial ownership registry provisions — the date by which EU Member States must have national rules in force requiring obliged entities to query interconnected registers, verify multi-source UBO data, and document five years of historical ownership. Most compliance teams are not ready. Many do not know the deadline exists. The firms that miss it will be operating out of compliance with AMLD6 on day one, in a regulatory environment where enforcement precedents from 2024 and 2025 show that "we did not know" is not a defence regulators accept.

What Is AMLD6's Beneficial Ownership Requirement?

The Sixth Anti-Money Laundering Directive — formally adopted by the EU in May 2024 alongside the Anti-Money Laundering Regulation (AMLR) — replaces the beneficial ownership provisions introduced under AMLD5. The core concept has not changed: obliged entities must identify and verify the beneficial owners of their corporate clients, meaning any natural person who ultimately owns or controls 25% or more of shares, voting rights, or other ownership interests. What has changed is the depth, scope, and cross-border reach of that verification obligation.

Under AMLD6, a single query to a national register is no longer sufficient. Obliged entities must perform multi-source verification, cross-checking register data against documents provided by the client, third-party data sources, and — where relevant — queries to BORIS, the EU's new Beneficial Ownership Registers Interconnection System. The register is a starting point, not an endpoint.

AMLA, the EU's new central supervisory authority, is expected to publish final Customer Due Diligence Regulatory Technical Standards by July 10, 2026 — the same deadline. For a detailed breakdown of what those standards require from identity systems, see our analysis of AMLA's CDD RTS and what identity systems must deliver.

Five Things That Change on July 10, 2026

1. Mandatory 5-year historical ownership data. Obliged entities must verify not just current beneficial ownership but ownership structures going back five years. If a corporate client changed hands in 2022, that history is relevant and must be documented.

2. Non-EU entities with EU nexus are in scope. AMLD5 focused primarily on EU-incorporated entities. AMLD6 brings offshore and third-country structures into scope if they hold EU real estate, hold public contracts, or have other qualifying nexus with the EU. A Cayman Islands SPV that owns a Paris apartment is now your compliance problem.

3. BORIS goes live. The Beneficial Ownership Registers Interconnection System links national UBO registers through a central EU platform. Obliged entities with cross-border clients will need workflows for querying BORIS — and for reconciling discrepancies between what BORIS returns and what the client discloses.

4. Harmonized legitimate-interest access for journalists and NGOs. AMLD6 establishes a uniform framework across Member States for third-party access to beneficial ownership information — primarily for investigative journalists, civil society organizations, and academic researchers. This has implications for public accountability and for the reputational risk assessments obliged entities perform during enhanced due diligence.

5. AMLA publishes CDD RTS by July 2026. AMLA's Customer Due Diligence Regulatory Technical Standards, due by July 10, will define with legal precision the acceptable methods for verifying beneficial ownership. This is not optional guidance — it is the technical rulebook. The AMLA authority's mandate and direct supervisory powers mean firms that fall below the RTS thresholds face direct enforcement, not just national supervisor scrutiny.

AMLD5 vs AMLD6 — Key Differences

Area	AMLD5	AMLD6
Ownership threshold	25%	25% (unchanged)
Geographic scope	EU-incorporated entities	EU entities + non-EU entities with EU nexus
Register verification	Single national register query	Multi-source; BORIS cross-border queries required
Historical data	No mandatory look-back period	5 years mandatory
Cross-border interconnection	Voluntary/bilateral	BORIS — mandatory EU platform
Access for journalists/NGOs	Member State discretion	Harmonized EU-wide framework
CDD technical standards	Directive-level principles	Binding RTS from AMLA
Supervisory authority	National FIUs only	National FIUs + direct AMLA supervision

The shift from AMLD5 to AMLD6 is not an incremental tightening. It is a structural redesign of how beneficial ownership is verified, documented, and cross-checked across the Single Market.

What Obliged Entities Must Do Before July 10

Update Your CDD Policy and Procedures

Your CDD policy must explicitly address AMLD6's expanded scope. This means covering non-EU entities with EU nexus, documenting the five-year look-back obligation, and specifying how BORIS queries will be integrated into your onboarding and periodic review workflows. Policies that reference AMLD5 structures without amendment will be non-compliant from July 10.

Build Multi-Source UBO Verification Workflows

The most operationally demanding change is the shift from single-register to multi-source verification. Your process must now include: (a) a query to the relevant national register or BORIS for cross-border structures, (b) review and reconciliation of client-provided ownership documentation, and (c) checks against third-party data sources where the register data is incomplete, out of date, or inconsistent with client disclosures. Where discrepancies exist, they must be escalated and resolved — not ignored.

Map Your Non-EU Client Exposure

Many firms have not audited their client portfolios for non-EU structures that now fall in scope. A systematic review is needed: which corporate clients are incorporated outside the EU? Do any hold EU real estate, participate in EU public procurement, or otherwise have the nexus that triggers AMLD6 obligations? This mapping exercise should be completed before July 10, not after.

Train Your Compliance and Operations Teams

Updated procedures are worthless if the people executing them do not understand what has changed. Training should cover the five-year look-back, the BORIS query process, how to handle discrepancies between register data and client disclosures, and the escalation paths for complex structures. Documentation of that training matters — regulators ask for it.

Review Your Technology Infrastructure

Can your current KYC platform handle BORIS queries? Can it store and surface five years of historical UBO data? Can it flag non-EU structures with EU nexus for enhanced screening? If the answer to any of these is "not yet," you have six weeks to either fix the platform or implement a documented manual workaround that meets the evidentiary standard.

The Automation Imperative

The operational load created by AMLD6 is substantial. A compliance team handling corporate onboarding that currently runs one register query per entity now needs to run multi-source checks, manage historical data, query BORIS for cross-border structures, and document reconciliation decisions. Multiply that across a portfolio of hundreds or thousands of corporate clients and the manual workload becomes impossible to sustain at the required quality level.

This is exactly the problem that autonomous AI agents are built to solve. Rather than adding headcount to absorb the increased workload, firms are deploying AI agents that automate UBO verification workflows end to end — querying registers, cross-referencing data sources, flagging discrepancies, and escalating only the genuinely ambiguous cases to human reviewers. The result is consistent, auditable, scalable beneficial ownership verification that does not degrade under volume pressure.

At Joinble, our AI Agents are designed for exactly this type of multi-source, multi-step compliance workflow. The goal is not to replace compliance judgement — it is to ensure that compliance judgement is applied where it actually matters, not consumed by data retrieval and reconciliation tasks that software can handle more reliably than people.

Who Is Affected

AMLD6 applies to the full range of obliged entities defined under the AMLR. The sectors facing the most immediate operational impact:

Banks and credit institutions — Already accustomed to UBO verification, but the expanded scope and multi-source requirement mean existing processes need revision, not just minor updates.

Crypto-asset service providers (CASPs) — CASPs operating under MiCA face a stacked compliance obligation: the MiCA travel rule takes effect July 1, 2026, nine days before the AMLD6 UBO deadline. For teams already under pressure on MiCA and travel rule compliance, the AMLD6 requirement lands at the worst possible time.

Real estate professionals and agents — Non-EU SPVs and holding structures used for EU real estate acquisitions are explicitly in scope under AMLD6. Agents who previously focused only on EU-incorporated buyers must now apply enhanced scrutiny to offshore structures.

Notaries, lawyers, and accountants — Professional services firms advising on corporate transactions, trust arrangements, or asset transfers must verify beneficial ownership for the structures they advise on. The professional secrecy carve-outs that existed under AMLD5 are narrower under AMLD6.

Trust and company service providers (TCSPs) — Entities that form companies, provide registered office addresses, or act as nominee directors have heightened obligations. They are frequently the first point of entry for complex offshore structures.

Penalties Are Real and Growing

The enforcement environment has changed materially in the past 18 months. Two precedents illustrate the direction of travel.

In January 2026, the UK's Office of Financial Sanctions Implementation fined Bank of Scotland £160,000 for opening and maintaining an account for a sanctioned Russian individual. The case turned on what the bank knew, when it knew it, and whether its beneficial ownership checks were adequate at onboarding. It was not a large fine in absolute terms — but it was a public enforcement action against a major institution for a failure that better UBO verification would have prevented.

In 2024, TD Bank agreed to pay more than $3 billion in penalties following a US Department of Justice investigation into systemic AML control failures. The DOJ found that TD Bank had processed hundreds of millions of dollars in suspicious transactions over years — transactions that adequate beneficial ownership checks and ongoing monitoring would have flagged far earlier. The scale of that failure, and the size of the penalty, reflects what regulators do when systemic weaknesses go unaddressed.

The EU's enforcement trajectory is following the same direction. AMLA's direct supervisory authority over the largest obliged entities, combined with the harmonized penalty framework under the AMLR, means that the fragmented, inconsistent enforcement of the AMLD5 era is ending.

Practical Steps for the Next Six Weeks

Given the time constraint, prioritization matters. The following is a sequenced action plan:

• Week 1–2: Audit your current UBO verification process against AMLD6 requirements. Identify gaps: scope gaps (non-EU entities not currently reviewed), process gaps (single register query with no multi-source check), and data gaps (no historical ownership records).
• Week 2–3: Update your CDD policy and procedures. Get legal sign-off. Ensure the policy explicitly covers the five-year look-back, BORIS query obligations, and the non-EU nexus scope expansion.
• Week 3–4: Map your existing client portfolio for non-EU structures with EU nexus. Flag those clients for enhanced review. This is the highest-risk population for retroactive enforcement.
• Week 4–5: Implement or configure multi-source verification workflows. If your current platform cannot support this, document the compensating controls you will use until the platform is upgraded.
• Week 5–6: Train relevant staff. Document the training. Run a parallel test of the new process on a sample of new onboardings before the deadline hits.

Six weeks is enough time to achieve defensible compliance posture if you start now. It is not enough time to build a perfect process from scratch. Focus on the gaps that carry the highest enforcement risk: non-EU entities with EU nexus, clients with complex or layered ownership structures, and any cases where your current records would not survive a regulatory audit.

FAQ

Does the 25% beneficial ownership threshold change under AMLD6? No. The threshold remains at 25% of shares, voting rights, or other ownership interests, consistent with AMLD5 and the FATF standard. What changes is how that ownership must be verified, documented, and cross-checked — not the threshold itself.

What is BORIS and do obliged entities query it directly? BORIS (Beneficial Ownership Registers Interconnection System) is the EU's central platform that links national UBO registers. In practice, access for obliged entities is expected to flow through competent authorities and designated access points rather than direct API access by every firm. The key operational implication is that cross-border UBO checks must now account for BORIS data, and discrepancies between BORIS and other sources must be resolved — not ignored.

Our clients are all EU-incorporated. Does AMLD6 still affect us? Yes. The multi-source verification requirement, five-year historical data obligation, and AMLA CDD RTS apply regardless of whether your clients are EU or non-EU incorporated. The non-EU nexus expansion adds scope; the enhanced verification requirements apply to all corporate clients.

When do we need to be compliant — July 10, 2026, or July 10, 2027? The Member State transposition deadline is July 10, 2026 — the date by which national rules implementing AMLD6's UBO provisions must be in force. Obliged entities must comply with those national rules from that date. The July 10, 2027 date relates to the implementation period for AMLA's CDD RTS, which gives firms 12 months after the RTS publication to adapt their systems. These are two separate but overlapping timelines.

If AMLA publishes the CDD RTS on July 10, does that mean we have a year to comply? The CDD RTS publication triggers a 12-month implementation period for the technical standards. But AMLD6 itself — including the UBO registry obligations — applies from the Member State transposition date of July 10, 2026. You cannot use the RTS implementation period as a reason to defer beneficial ownership verification improvements that are already required under AMLD6. The two deadlines serve different purposes and cannot be conflated.