Apr 19, 2023
4 min read

AML Compliance in the Netherlands—One of the World’s Most Innovative Economies

Learn how financial businesses can stay compliant while keeping customer onboarding smooth and avoiding regulatory fines.

The Netherlands remains an attractive destination for business in 2023. According to a recent PWC report, the country is a leader in technology and innovation and has a competitive business climate. However, financial companies wishing to enter the Dutch market need to be aware of strict anti-money laundering (AML) regulations in the country. 

Recently, the Dutch Central Bank fined US crypto exchange Coinbase 3.3 mln euros ($3.6 mln) for failing to obtain the correct registration in the Netherlands before offering services.

Last year, Rabobank—one of the top-3 biggest banks in the Netherlands—was investigated for suspected violations of the country’s AML law. This followed a 2021 instruction by the Dutch Central Bank (DNB) to fix Rabobank’s customer due diligence procedures.

Let’s dive into AML regulations in the country and how companies can avoid multi-million dollar fines from regulators.

Who’s affected?

The following institutions must comply with AML regulations in the Netherlands:

  • Banks
  • Crypto service providers
  • Investment firms
  • Clearing institutions
  • Insurers
  • Trust services
  • Electronic money institutions
  • Pension funds
  • Real estate agencies

The full list can be found on the Netherlands Financial Intelligence Unit website.

Who’s the regulator?

“AFM supervises the conduct of the entire financial market sector: savings, investment, insurance, loans, pensions, capital markets, asset management, accountancy and financial reporting. ” (source)

The AFM conducts inspections of the country’s financial institutions and, where necessary, enforces regulations (by issuing warnings, filing reports, imposing fines, etc). 

  • The Dutch central bank, De Nederlandsche Bank (DNB) is another key financial regulator which shares responsibilities with the AFM.

The two institutions work together, often sharing information. 

Among other things, the DNB monitors the financial health of the country’s financial institutions and checks that their board members are fit and proper to fulfill their duties. “[The DNB] also verify whether they apply strict checks on their customers to prevent involvement in money laundering and terrorist financing.” (source)

“In line with the Dutch Money Laundering and Terrorism Financing (Prevention) Act (Wwft), the Netherlands Financial Intelligence Unit (FIU-the Netherlands) is the central reporting point where various entities with an obligation to report must report unusual transactions.” (source)

What are the main regulations?

The Netherlands has been a member of the Financial Action Task Force (FATF) since 1990, and the country’s AML legislation is mostly based on FATF Recommendations.

The Anti-Money Laundering and Anti-Terrorist Financing Act (Wet ter voorkoming van witwassen en financieren van terrorisme or “Wwft”) is the country’s primary AML legislation.

In 2020, the Wwft was amended to implement obligations imposed by the EU’s Fifth Anti-Money Laundering Directive (5AMLD).

How to stay compliant

The Wwft requires financial institutions to perform risk assessments of new and existing clients, as well as implement a number of compliance measures, including:

1. Customer Due Diligence

Companies falling under AML regulations in the Netherlands must establish and verify the identities of their customers as part of the Customer Due Diligence process (CDD). The identity verification process requires collecting specific information, such as names, addresses, dates of birth, and official company documentation. The exact information required depends on the industry and can be found on the DNB website.

The following documents are considered as proof of identity in the Netherlands:

  • Identity card
  • Driving license
  • Passport
  • Residence permit

Alternatively, identity information can be verified through reliable electronic sources or eIDs.

2. KYB, or Know Your Business

Financial companies in the Netherlands are obliged to conduct the due diligence procedure on their business clients. This includes collecting basic information, such as the company’s name, registration number, and address, which is verified by documents, electronic sources, or a combination of both. Other key steps include verifying ownership structure and verification of UBOs. 

Generally, the purpose of KYB is to determine the authenticity of the entities companies deal with and ensure that their ownership isn’t being concealed for illicit purposes.

KYB is also usually carried out on the partners of the company that is being dealt with.

3. Transaction monitoring

Firms in the Netherlands should screen customer transactions to promptly detect suspicious activity. 

4. Reporting

All financial institutions must report cash transactions above 15K euros ($16.3K), along with all suspicious transactions, to the Netherlands’ Financial Intelligence Unit (FIU). 

5. Sanctions and PEP screening

Reporting entities should conduct sanctions screening of customers as a part of verification procedures. This website provides instructions on what to do if a customer is found to be present on a sanctions list. 

6. Adverse media screening

Companies operating in the Netherlands should search news sources to see if  customers are involved in adverse media (including terrorist financing, tax crime, financial crime, organized crime, kidnapping, corruption, etc.). An adverse media check may reveal changes in the client’s risk profile before that information is confirmed by official sources. 

7. Record-keeping

Companies in the Netherlands are also required to maintain accurate client records in order to conduct ongoing risk assessments. The data must be retained for no less than five years. If such due diligence data is processed, collected and managed by a relevant third-party, the company is liable to obtain it from the third party without delay.


The Dutch Criminal Code prohibits:

  • Money laundering with intent
  • Habitual money laundering
  • Culpable money laundering (without intent)

From January 2017, the Criminal Code also includes the offense of “simple” money laundering, which is acquiring or possessing an object that derives directly from an offense committed by oneself (with or without intent).

Under the Dutch Criminal Code, money laundering with intent is punishable by a maximum prison term of six years or a maximum fine of 87K euros ($95K). For legal entities, a maximum fine of 870K euros ($948K) can be imposed per offense. 

If the court considers this amount to be inappropriate, a fine of up to 10% of the company’s annual turnover can be imposed.

The heaviest fine imposed by the Dutch authorities was in 2018, when regulators slapped ING Groep NV with a 775 million euros ($900 million) fine for violating AML regulations “for many years and on a structural basis”.


  • Is the Netherlands a high risk country for money laundering?

    The Netherlands has a highly digitized, globalized, and open economy, which makes the country particularly vulnerable to money laundering. However, the FATF has not included the Netherlands in its list of countries with strategic deficiencies.

  • Who regulates AML in the Netherlands?

    The Authority for the Financial Markets (Autoriteit Financiële Markten, or AFM), Dutch Central Bank, and Financial Intelligence Unit regulate Anti-Money Laundering regulations in the Netherlands.

  • What is the Netherlands’ Anti-Money Laundering Act?

    The Anti-Money Laundering and Anti-Terrorist Financing Act (Wet ter voorkoming van witwassen en financieren van terrorisme – Wwft) is the primary AML regulation in the Netherlands.

  • What is KYC in the Netherlands?

    KYC in the Netherlands stands for “Know Your Customer”, or the process of client identity verification during onboarding.

AMLCryptoFinancial InstitutionsKYCNetherlandsPenaltiesRecordkeepingReportingRisk-Based ApproachSanctions