Vixio Enforcement Outlook finds AML still dominant but scrutiny widening
Europe saw a surge in enforcement against payments firms and banks in the first half of 2025, with regulators across the continent doubling down on anti-money laundering (AML) and reporting failures while increasingly reaching for licence actions alongside fines, according to new research by Vixio.
The Payments Enforcement Outlook 2025 recorded 123 enforcement actions in Europe during the six-month period, compared with 48 in Asia-Pacific and 46 in North America. The report suggests supervisors are moving beyond purely financial penalties to “more interventionist” measures, including licence revocations, suspensions and remedial orders.
Across all regions, AML failings continued to dominate. Europe accounted for 29 AML-related actions, 25 of which carried financial penalties. Germany, Lithuania and Ukraine featured prominently among national authorities taking action, while notable cases included Revolut, fined $4.08m (€3.5 million), and Bunq, fined €2.6 million, for deficiencies in customer due diligence.
Vixio’s researchers note that enforcement levels in the European Union are being shaped by the bloc’s new AML architecture, including the creation of the Anti-Money Laundering Authority (AMLA) and implementation of the sixth AML directive (6AMLD). These developments have prompted national regulators to align with stricter reporting and governance expectations ahead of the new single rulebook’s rollout.
Licence actions gain traction
The report highlights a notable rise in non-financial interventions. Instead of relying solely on fines, several European authorities opted to restrict or withdraw licences, or to issue remedial orders compelling firms to overhaul compliance frameworks.
Vixio interprets this as a shift towards enforcement that “goes beyond punishment” to drive systemic improvement.
“Licence-based measures are emerging as a preferred tool in cases where regulators believe financial penalties alone will not achieve behavioural change,” the report notes.
Beyond AML: reporting and internal controls in focus
After AML, the second largest category of European enforcement was a catch-all group of governance breaches, including weak safeguarding arrangements and inadequate internal controls.
Reporting failures accounted for 13 actions and 11 fines, underscoring growing attention on data quality and the timeliness of regulatory submissions.
Analysts suggest this trend reflects regulators’ broader interest in operational resilience and the accuracy of information flowing from fintech and payment service providers, especially as cross-border systems and digital asset integrations expand.
While North America recorded fewer overall cases, enforcement remains financially significant. The standout event was Block’s $80 million settlement with 47 states and Washington DC over AML deficiencies, followed by an additional $40 million penalty from the New York Department of Financial Services (NYDFS). Together, the actions underline a shift towards state-level coordination even as some federal agencies take a lighter touch.
According to Vixio, a “deregulatory tilt” at the federal level has created space for state regulators to step up scrutiny. Several smaller AML cases in Florida, carrying fines as low as $3,000, suggest an attempt to broaden oversight rather than rely on large headline penalties alone.
In Asia-Pacific, 13 AML penalties were issued during the period, five of them in Singapore, where the Monetary Authority of Singapore (MAS) continues to prioritise remediation over large financial sanctions under its National AML Strategy. The report interprets the region’s approach as “preventive rather than punitive”, with an emphasis on improving compliance culture.
A new phase of supervision
Across all regions, Vixio’s findings indicate an evolution in regulatory enforcement – one that favours corrective action and ongoing supervision over one-off fines. The shift comes as payment ecosystems grow more complex, with new entrants, digital assets and instant payment systems increasing compliance risks.
For payment institutions, the message is clear: financial penalties may no longer be the primary concern. Instead, licence restrictions and reputational consequences could define the next phase of global payments oversight.
