The European Banking Authority (EBA) conducted a risk assessment in 2022 to understand the scale and nature of money laundering and terrorist financing (ML/TF) risks in the payment institutions sector. They found that while payment institutions are subject to anti-money laundering and terrorist financing regulations, their systems and controls may not effectively address these risks. AML/CFT supervisors across Europe consider payment institutions to have high inherent ML/TF risks, but their risk-based supervision approaches vary. Weak AML/CFT controls in some payment institutions allow them to operate within the EU and establish themselves in Member States with less stringent authorization processes, posing a cross-border risk. Additionally, there is no consistent EU-level approach to supervising agent networks, which carry significant ML/TF risks, especially in cross-border contexts.