Construction & Property5 min read·May 2026·Architects · Engineers · QSs

The EU AML Single Rulebook and Irish Construction Professionals: What Changes in July 2027

The EU AML Single Rulebook — Regulation EU 2024/1624 — is not a directive. It does not require national transposition. From July 2027, it applies directly, uniformly, and with the force of law across all Member States, including Ireland.

For Irish architects, engineers, and quantity surveyors who are designated persons under the CJ(MLTF)A 2010, this is the most significant change to the AML compliance landscape since the 2021 Amendment Act. Several obligations that do not currently apply to smaller practices will become mandatory regardless of firm size. The 14-month window before July 2027 is not a deferral — it is the implementation period.

The Regulation

What the AMLR Is — and Why It Matters Differently

The existing AML framework in Ireland is built on directives — the Fourth Anti-Money Laundering Directive (2015/849) and the Fifth AMLD (2018/843) — which required national transposition into the CJ(MLTF)A 2010. Transposition created variation: member states interpreted and implemented the directives differently, creating compliance gaps and arbitrage opportunities.

Regulation EU 2024/1624 replaces the directive approach for the substantive AML obligations. A regulation has direct effect in all member states — it is the same law in Dublin, Berlin, and Warsaw without adaptation. Irish designated persons will be subject to requirements defined at EU level, not modified by national legislative choices.

The new Anti-Money Laundering Authority (AMLA), established under Regulation EU 2024/1620 and based in Frankfurt, will supervise the highest-risk obliged entities directly and coordinate national supervisors across the EU. For Irish construction professionals, AMLA's immediate relevance is that it sets the supervisory standards that the Irish supervisory authority — currently the Department of Justice for certain categories — must apply.

Verification Standards

Multi-Source Verification: Nationality and Place of Birth Now Explicit

Under the CJ(MLTF)A 2010 as currently in force, the identification obligation requires establishing a client's identity — name, date of birth, and address — and verifying it from a reliable and independent source. The specific data points to be collected are not exhaustively enumerated in the current Irish legislation.

Regulation EU 2024/1624 is more prescriptive. The AMLR explicitly requires that for individual clients, the following data points are obtained as part of the identification process: nationality and place of birth are added as mandatory fields alongside name, date of birth, and residence address.

Verification must use at least two independent sources. The AMLR formalises a multi-source verification approach that, under current Irish law, is best practice but not always expressly mandated. From July 2027, single-source verification for an individual client is non-compliant on its face.

What changes in your CDD process from July 2027

—Add nationality and place of birth to your client identification form — these become mandatory data points under the AMLR, not optional fields.
—Two independent verification sources required for every individual client — a single document is no longer sufficient regardless of its quality.
—Beneficial ownership verification for corporate clients must trace to natural persons; the AMLR tightens the documentation standard for multi-layered structures.
—Update your CDD template before July 2027, not after — files opened after that date under the old template will be non-compliant immediately.

Independent Audit

Independent Audit Function: Mandatory for All Firms Regardless of Size

This is the change that will have the most immediate operational impact on smaller construction practices.

Under the current CJ(MLTF)A 2010 framework, the requirement to have an independent audit function for AML compliance is effectively calibrated to the size and nature of the firm. A two-partner QS practice with a small number of property transaction clients has, in practice, operated without a formal independent review of its AML framework.

Regulation EU 2024/1624 removes that discretion. The AMLR requires all obliged entities — including all designated persons in the construction and property sector — to have their AML policies, controls, and procedures subject to independent audit. The audit must assess whether the framework is effective, up to date, and consistently applied. 'Independent' means independent of the persons responsible for implementing the AML framework — it cannot be self-assessed.

For small practices without an internal compliance function, this will typically mean commissioning an external AML review from a qualified third party. Building the written AML framework — policies, procedures, risk assessment methodology, staff training records — is the prerequisite for that audit. A practice that has not documented its framework cannot have it independently reviewed.

Staff Integrity

Staff Integrity Assessments Under the AMLR

Regulation EU 2024/1624 introduces explicit requirements on the integrity and competence of staff involved in AML compliance. Obliged entities must take measures to ensure that their employees and agents who have AML responsibilities meet standards of integrity and have the knowledge and skills necessary to carry out their functions effectively.

For construction practices, this translates into two practical requirements. First, staff involved in CDD or compliance functions must have documented training on AML obligations — generic induction training is insufficient if the role involves designated-person compliance work. Second, practices must have a process for assessing the integrity of staff in those roles — which, at minimum, means retaining records of appointment checks and ensuring that the AML compliance role is not held by an individual with a relevant criminal history.

This obligation is incoming, not yet current law. However, the infrastructure to meet it — training records, staff induction documentation, role descriptions for compliance functions — takes time to build and should not be left to the weeks before the July 2027 application date.

The 14-Month Window: What to Build Before July 2027

Now — Q3 2026Update client identification forms to add nationality and place of birth as mandatory fields.

Q3 2026Draft written AML policies and procedures. This is the document a July 2027 independent audit will examine first.

Q3 – Q4 2026Deliver documented AML training to all staff with compliance responsibilities. Retain attendance records.

Q1 2027Commission a gap assessment against the AMLR requirements — identify what the independent audit will find before the auditor does.

Q2 2027Complete independent audit and address findings before the July 2027 application date.

Immediate Action Checklist

Four tasks. Each addresses a specific July 2027 obligation that requires action now to be compliant on the application date.

—Revise your client identification and CDD template to add nationality and place of birth as mandatory fields, and to require two independent verification sources for all individual clients.
—Draft a written AML policies and procedures document covering: firm risk assessment, client risk assessment methodology, CDD procedures, ongoing monitoring, STR obligations, and staff training. This is the prerequisite for independent audit.
—Schedule and deliver formal AML training to all staff with compliance responsibilities. Training must be documented — verbal briefings are not a training record.
—Identify an external AML compliance expert who can conduct your independent file review. The lead time for scoping and scheduling this is longer than most practices expect — do not leave this until Q2 2027.

Regulation EU 2024/1624 is directly applicable. It does not require the Oireachtas to act. On 1 July 2027, it is Irish law.

Oibrio monitors AML designation obligations for Irish construction professionals so your practice is inspection-ready.