MONEYVAL’s Typologies 2026: AML Screening Service For Banks

In December last year, MONEYVAL published its updated typologies report examining how virtual assets and virtual asset service providers are being misused for money laundering, terrorist financing, proliferation financing, and sanctions evasion .

The report reflects measurable regulatory compliance requirement from financial institutions now because approximately 81% of surveyed jurisdictions now require VASPs to be licensed or registered.

However, implementation remains uneven because only 46% of jurisdictions have operationalised the Travel Rule. Enforcement against unlicensed operators is inconsistent, and sanctions evasion and proliferation financing risks are not always fully integrated into national risk assessments.

For banks, this widening gap increases expectations around sanctions controls, transaction monitoring, and documentation standards. An AML screening service can support institutions in meeting these expectations by strengthening alert review, sanctions alignment, and audit traceability.

To understand why these expectations are increasing and where the pressure points lie, it is necessary to examine the MONEYVAL report in detail. This article analyses the key compliance themes and the supervisory signals from this report sends to financial institutions.

Insights From The MONEYVAL 2025 Report

The MONEYVAL typologies report examines how jurisdictions regulate and supervise virtual assets and virtual asset service providers within AML and sanctions frameworks. Beyond identifying emerging crypto risks, the report evaluates regulatory alignment with FATF standards, supervisory capabilities, enforcement practices, and cross-border cooperation. The following insights summarise the most relevant regulatory observations and typologies identified in the report.

1. Compliance with FATF Recommendation 15  

The report examines how jurisdictions implement FATF Recommendation 15 governing virtual assets and VASPs. Around 81% of surveyed jurisdictions now require VASPs to be licensed or registered, showing broad regulatory alignment with FATF standards.

However, enforcement challenges remain because identifying offshore or unregistered operators is difficult in a digital and cross-border ecosystem.

2. Supervisory Designation and Oversight  

Supervisory responsibilities for VASPs have largely been assigned to financial regulators, central banks, or financial intelligence units. The report notes that over 90% of jurisdictions have designated competent authorities responsible for oversight.

Despite these frameworks, monitoring effectiveness still varies due to differences in regulatory expertise, resources, and ecosystem visibility.

3. Preventive Measures and Sanctions Controls  

VASPs are generally required to implement preventive AML measures similar to those applied to financial institutions. These include customer due diligence, transaction monitoring, record keeping, and suspicious activity reporting.

In addition, VASPs must apply sanctions screening and comply with international sanctions regimes, although the operational maturity of these controls still varies between jurisdictions.

4. Travel Rule Implementation  

The Travel Rule remains one of the most significant operational challenges highlighted in the report. At the time of analysis, only about 46% of jurisdictions had operationalised Travel Rule requirements, creating inconsistencies in how originator and beneficiary information is shared across borders.

This uneven implementation limits transparency in certain virtual asset transfers.

5. Sanctions Evasion Typologies  

Virtual assets are increasingly used in sanctions evasion strategies. The report highlights techniques such as peer-to-peer transfers, intermediary wallet structures, and layered transactions designed to obscure ownership.

These methods exploit regulatory differences between jurisdictions and weaknesses in cross-border transaction transparency.

6. Proliferation Financing Risks  

The report also identifies risks linked to proliferation financing involving virtual assets. Certain state-linked cyber groups have conducted cryptocurrency thefts followed by laundering through mixers, cross-chain transfers, and fragmented wallet structures.

These operations rely on technologies that obscure transaction origins before funds move into other financial channels.

7. Fraud and Money Mule Networks  

Fraud schemes involving virtual assets continue to expand, particularly through online investment scams and social-engineering fraud. Criminal groups frequently instruct victims to purchase cryptocurrency and transfer it to controlled wallets.

At the same time, money mule networks have adapted to the crypto ecosystem by recruiting individuals to open exchange accounts or facilitate transfers.

8. Mixers, Privacy Tools, and DeFi  

Anonymity-enhancing technologies play a significant role in several typologies identified in the report. Mixers, tumblers, and privacy-focused assets can obscure transaction trails and disrupt tracing efforts.

Decentralised finance platforms and cross-chain bridges further complicate monitoring by enabling rapid movement between blockchain networks.

9. Supervisory Capacity and Licensing Pressure  

The expansion of licensing regimes has increased pressure on supervisory authorities responsible for reviewing VASP applications and monitoring compliance.

Regulators must assess governance structures, operational controls, and AML frameworks for a rapidly evolving sector, which places additional demands on regulatory expertise and resources.

10. Reporting and Public-Private Cooperation  

The report highlights the growing role of collaboration between regulators, financial institutions, and VASPs.

Around 40% of surveyed jurisdictions reported active public-private partnership initiatives, which help authorities identify emerging typologies and improve information sharing between industry and regulators.

11. Sanctions Enforcement Capability  

VASPs are subject to sanctions compliance obligations similar to those applied to traditional financial institutions. Supervisory authorities have the power to impose asset freezes and administrative penalties when sanctions violations occur.

However, enforcement outcomes differ depending on investigative capabilities and technical expertise.

12. Cross-Border Cooperation  

International cooperation remains essential in addressing virtual asset-related financial crime. Financial intelligence units, regulators, and law enforcement agencies regularly exchange information through established cooperation channels.

However, the speed of blockchain transactions means effective coordination requires rapid response and specialised technical capabilities.

Core Gaps Identified in the MONEYVAL 2025 Report  

While the MONEYVAL 2025 report records substantial regulatory progress, it also identifies structural weaknesses that limit effectiveness in practice .

The following differences do not stem from a lack of legal frameworks. Instead, they arise from uneven implementation, limited enforcement reach, and varying levels of supervisory maturity across jurisdictions.

1. Uneven Depth of Risk Assessments  

Most jurisdictions have conducted national or sectoral risk assessments addressing virtual assets and VASPs. However, the report notes that the quality and depth of these assessments vary considerably. In several cases, analyses rely heavily on international typologies rather than domestic case data or intelligence.

Sanctions evasion and proliferation financing risks are not consistently integrated into these assessments. While money laundering and terrorist financing risks are generally addressed, emerging threats linked to state-sponsored actors, anonymising tools, and cross-chain activity are sometimes acknowledged only at a high level.

2. Weak Detection of Unlicensed and Offshore VASPs  

Although most jurisdictions have introduced licensing or registration requirements, the identification of unlicensed or offshore VASPs remains a challenge. The report highlights that detection often depends on indirect methods such as media monitoring, intelligence reports, or ad hoc findings rather than systematic supervisory mapping of the market.

Given the cross-border and digital nature of virtual asset services, operators may provide services into jurisdictions without physical presence. Where monitoring tools and cross-border cooperation mechanisms are limited, this creates blind spots in regulatory coverage. The existence of a licensing regime does not automatically ensure full ecosystem visibility.

3. Incomplete Travel Rule Implementation  

Travel Rule implementation represents one of the clearest operational gaps identified in the report. At the time of data collection, only approximately almost half of surveyed jurisdictions had operationalised Travel Rule requirements. While legislative reforms are ongoing, enforcement remains uneven.

This fragmentation affects transparency in cross-border virtual asset transfers. Where originator and beneficiary information is not consistently transmitted or verified, screening and monitoring controls may be applied inconsistently across jurisdictions. The result is a patchwork of compliance standards in an inherently cross-border ecosystem.

4. Data Collection and Supervisory Technology Constraints  

The report repeatedly emphasises the limitations of structured data collection. Many authorities lack granular information on transaction volumes, geographic exposure, customer profiles, and cross-border flows involving virtual assets.

In some jurisdictions, the absence of a fully developed supervisory framework further restricts data availability. Although certain members have adopted blockchain analytics tools and enhanced reporting mechanisms, adoption is not uniform. Without reliable and structured data inputs, risk assessments may remain qualitative and reactive.

Strengthening AML Screening Service Execution in Response to MONEYVAL’s Findings  

The MONEYVAL's report shows that regulatory frameworks have expanded faster than operational maturity. For banks, this increases execution pressure. Typologies involving sanctions evasion, proliferation financing, fraud networks, and cross-chain activity add complications to alert review.

The Travel Rule implementation creates further differences in maintaining cross-border transparency. Screening must therefore move beyond simple name matching and incorporate contextual assessment and structured escalation.

An AML screening service supports this change by standardising alert handling and improving documentation quality. As supervisory focus extends to governance and traceability, institutions must demonstrate that screening decisions are consistent, well-reasoned, and auditable.

Effective screening also requires integration with transaction monitoring. Many risks identified in the report emerge through behavioural patterns rather than static identifiers. Coordinated workflows ensure that alerts are assessed within broader transaction context rather than in isolation.

The MONEYVAL report highlights growing complexity in sanctions enforcement, virtual asset typologies, documentation standards, and cross-border transparency .

For banks, this requires structured execution, consistent alert handling, and defensible audit trails. Lucinity supports this through focused solutions that strengthen an AML screening service without altering institutional governance ownership.

1. Compliance as a Service: Lucinity’s Compliance as a Service model enables banks to manage screening-generated workloads under defined service levels while retaining full regulatory accountability. Alert triage and case preparation are performed within the bank’s systems, ensuring transparency and traceability.

2. Case Manager: The Case Manager centralises alert handling into structured workflows with embedded audit trails. As supervisory scrutiny increasingly focuses on documentation quality and escalation logic, consistent case structuring strengthens defense.

3. Customer 360: Customer 360 consolidates customer data, transaction activity, and risk indicators into a unified view. When alerts are triggered, analysts assess exposure within broader context rather than reviewing isolated data points. This supports consistent escalation decisions and clearer justification under regulatory review.

4. Luci AI Agent: The Luci AI Agent assists analysts by structuring case summaries, highlighting relevant risk indicators, and accelerating documentation tasks. It operates within defined workflows, supporting consistency without replacing governance control. This reduces variability in alert review while maintaining transparency.

Final Thoughts

The MONEYVAL's report shows that regulatory frameworks governing virtual assets have strengthened significantly, yet operational effectiveness remains uneven . Licensing regimes, supervisory structures, and sanctions obligations are largely in place, but gaps in Travel Rule implementation, enforcement consistency, and risk assessment depth continue to create supervisory pressure.

For banks, this means compliance expectations are expanding in scope and complexity. Controls must address evolving typologies, cross-border inconsistencies, and higher documentation standards while remaining consistent and defensible.

To summarise the practical implications of the report, read the following key takeaways:

• Most jurisdictions now require VASP licensing and have designated supervisors, yet enforcement and ecosystem visibility remain uneven.
  
• With only 46% operationalisation at the time of reporting, cross-border transparency gaps continue to affect screening and monitoring consistency.
  
• Typologies involving intermediaries, cross-chain transfers, and state-linked activity require deeper integration into institutional risk frameworks.
  
• Solutions such as Lucinity’s Compliance as a Service and Human AI help banks maintain defensible compliance in line with MONEYVAL’s supervisory signals.

To align your institution with the supervisory expectations outlined in MONEYVAL’s latest report, visit Lucinity today!

FAQs  

1. What is the focus of MONEYVAL’s 2025 typologies report?
The report evaluates how jurisdictions regulate and supervise virtual assets and VASPs, highlighting gaps in Travel Rule implementation, sanctions enforcement, and risk assessment maturity.

2. Why is Travel Rule implementation important for banks?
With only 46% of jurisdictions having operationalised the Travel Rule at the time of reporting, cross-border transparency differences increase reliance on internal screening and monitoring controls.

3. How do emerging typologies affect banking compliance?
Sanctions evasion structures, proliferation financing exposure, fraud networks, and cross-chain transfers require deeper integration between screening, transaction monitoring, and documentation processes.

4. How does Lucinity support AML screening service compliance?
Lucinity supports banks through Compliance as a Service, Case Manager, Customer 360, and Luci AI Agent to standardise alert handling and maintain defensible audit trails.