EFIPPP Threat Radar 2025

Publication date 19-11-2025

Europol Financial Intelligence Public Private Partnership (EFIPPP) published a new Threat Radar in November. The Threat Radar shows where EFIPPP members see the greatest risks in the areas of money laundering and terrorist financing.

What is EFIPPP and who participate in it?

The EFIPPP is a partnership between financial institutions, FIUs and investigative authorities such as the FIOD, which the AMLC is part of. Other members include the European Commission, the FATF, but also the European Banking Federation. The members are mainly from Europe, but also from the US and the UK. The AMLC is part of the EFIPPP steering group and, together with Deutsche Bank, manages the Threat & Typology work of EFIPPP.

Threat & Typology

This working group conducts ongoing research into risks, including Circumvention of Sanctions, Financing of Terrorism, Crypto and Professional Enablers. In addition, bulletins based on OSINT information are published on a regular basis. In order to keep track of the latest developments and ensure that the organisation is doing the right things, a Threat Radar is published annually. More information about this can be found below.

Threat Radar 2025

EFIPPP has now published the Threat Radar in this form for the fourth time.  The Threat Radar provides insight into where EFIPPP members currently see the greatest risks (their perception thereof) in terms of money laundering and terrorist financing. What is particularly interesting here is the methodology, which is based on the FATF structure.

How is the Threat Radar generated?

The Threat Radar is based on eleven questions. These questions are largely designed to rank, for example, the predicate offences for money laundering as distinguished by the FATF, sectors, client types, or countries (variations in FATF, EU, world) in order of perceived risk. In addition, there are a number of open questions. This year, the questionnaire was completed by 73 experts, 28 from the private sector and 45 from the public sector. The analysis is primarily quantitative and secondarily qualitative.

How does Threat Radar compare to other (national) risk assessments?

The strength of Threat Radar lies in its relatively short turnaround time (a few months), which makes it repeatable on an annual basis. Meanwhile, participation in Threat Radar has become a membership requirement for all EFIPPP members. It is also interesting that both private and public parties participate, which makes it possible to look at any differences in perception. Its usefulness is also increased by the fact that it follows the FATF methodology. This enables it to make an important contribution to the national obligation to gain insight into these anti-money laundering risks and, above all, into the extent to which they relate to each other. This fits in very well with the obligation to give the Risk-Based Approach a much more prominent role in reporting, monitoring, supervision and enforcement. Finally, explicit consideration is given to geographical risks. Meanwhile, the European Commission has decided to use the EFIPPP Threat Radar for the Supra National Risk Assessment.

What are the main threats emerging from the Threat Radar?

This fourth Threat Radar also includes, for the first time, a trend analysis comparing the 4 years. When it comes to underlying predicate offences for money laundering, fraud remains the most significant threat but has been declining over the past 4 years. It is closely followed by drug smuggling, tax offences and organised crime. The digital ecosystem is a growing concern. Initially focused on fintechs/crypto platforms, it has since evolved into cybercrime. Recently, this has expanded to include the misuse of artificial intelligence. New concerns lie in the areas of export control avoidance, undeclared work and fraudulent transfer of assets.

When it comes to terrorist financing, there has been a shift towards financing models that are subject to limited or poor supervision. In addition, there is evidence of further convergence with organised crime.

In terms of sectors and clients, the banking sector and the DNFBP (Designated Non-Financial Businesses and Professions) sector remain the most vulnerable. This mainly concerns correspondent banking, sales channels without personal client contact and money remitters. Growing concern has been noted about insurance (particularly single prime and non-standardised products). There is also an emerging threat of “crime-as-a-service” by professional parties that enable fast, cross-border transactions. Politically exposed persons (PEPs) and their family members are always mentioned.

Geographical risks

The main threats (slightly declining) are still Russia and its satellite states, where the main concern is attempts to circumvent sanctions. According to the Threat Radar, the main concerns with regard to China and Hong Kong are opaque networks and underground banking that mask illegal transfers and money muling flows via India, as well as fraud on fintech platforms.

The Threat Radar also identifies slightly increasing geographical concerns. For South Asia, with widespread activities by Chinese mafias. For the US and the UK, with abusive practices in financial centres. For Africa and Latin America, with regard to contact fraud centres and drug trafficking, and for Central Europe, with regard to money flows from migrants.

Slightly decreasing threats to the Middle East in terms of sanctions circumvention and offshore centres as key destinations for illicit funds.

Want to know more?

The Threat Radar 2025 is not publicly available, but it is available to all members of EFIPPP. In addition to investigative bodies such as the FIOD, all major Dutch financial institutions are also members of EFIPPP. You can request the Threat Radar from your own organisation if it is a member of EFIPPP.