Currency exchange reporting requirements in 2026 are defined by a combination of EU-wide AML mandates, national threshold rules, and automated transaction reporting obligations that every operator must meet. The EU AML Regulation (AMLR) and the 6th AML Directive (AMLD6) set a hard compliance deadline of july 10, 2027, making 2026 the critical preparation year. The European Banking Authority (EBA), the new Anti-Money Laundering Authority (AMLA), and national Financial Intelligence Units (FIUs) are the three regulatory bodies shaping these rules. Operators who treat 2026 as a planning year rather than a compliance year will face serious gaps when enforcement begins.
1. Currency exchange reporting requirements 2026: the EUR 10,000 threshold
The single most important threshold in the new framework is EUR 10,000. The EU-wide cash threshold replaces a patchwork of national limits, including those previously set by countries like the Czech Republic. Any cash payment or deposit at or above this amount triggers a mandatory report to the relevant national FIU. That means currency exchange operators can no longer rely on country-specific rules to determine when to file.
The obligation extends beyond simple exchanges. All cash payments or deposits above the threshold made on credit institution premises must be reported, regardless of the transaction type. Operators who miss this distinction risk non-compliance even when their exchange volumes appear routine.
- The EUR 10,000 limit applies per transaction, not per customer per day
- Structured transactions designed to stay below the threshold trigger separate reporting obligations
- Operators must document the customer's identity and the source of funds at the point of reporting
- Failure to report carries regulatory sanctions, including fines and license suspension
Pro Tip: Set your transaction monitoring system to flag amounts at EUR 9,500 and above, not just at the EUR 10,000 threshold. This gives your compliance team time to review borderline cases before the reporting deadline.
2. EBA's new AML reporting framework and automation mandate

Starting december 31, 2026, the EBA requires AML data submissions using standardized XBRL taxonomies and the Data Point Model (DPM). The EBA published its draft technical specifications on april 16, 2026, to support automated submission by entities under AMLA supervision. Manual spreadsheet reporting will not satisfy these requirements.
AMLA's role is to harmonize supervision across EU member states, replacing many national variances with uniform rules. As KPMG's financial risk analysis notes, AMLD6 still allows some country-level discretion, but the core reporting architecture is now EU-wide. Operators with branches in multiple member states must align all locations to the same technical standard.
The shift to automated Suspicious Transaction Reporting (STR) is the most demanding change in this cycle. STRs must connect directly to FIUnet, the EU's financial intelligence network, with no manual intermediary step. Real-time transaction monitoring powered by AI-driven aggregation is now the baseline expectation, not an advanced feature.
Shifting from manual reporting to real-time automated monitoring is the biggest compliance challenge for currency operators in 2026. Operators who delay technology upgrades risk being unable to meet FIUnet submission formats before the 2027 enforcement date.
The practical steps for meeting the EBA framework are:
- Map your current reporting data against the EBA's XBRL taxonomy fields
- Identify gaps between your transaction management system and the required data points
- Engage your software provider to confirm FIUnet-compatible export formats
- Run parallel reporting (manual and automated) during the transition period
- Test automated STR submissions with your national FIU before december 31, 2026
3. Dual-currency reporting and invoice regulation changes
From april 1, 2026, Serbia requires all invoices paid in foreign currency to display total amounts in both foreign currency and Serbian dinar. Mixed payments must be fully reported in the national currency. This rule ends the prior flexibility that allowed businesses to report in the currency of the transaction alone.
Serbia's rule is a clear example of a broader trend. Multiple jurisdictions are tightening the link between foreign currency transactions and national currency reporting for VAT and accounting purposes. Currency exchange operators who process invoices in foreign currencies must update their ERP and accounting systems to generate dual-currency outputs automatically.
Poland's KSeF electronic invoicing system introduces a separate but related challenge. Operators must track separate invoice dates for economic operation, invoice submission, acceptance, and VAT recognition. Conflating these dates in an ERP system creates VAT cut-off errors that trigger audits. This is not a theoretical risk. Accounting teams transitioning to KSeF in 2026 consistently flag date-field mismatches as the most common implementation error.
| Jurisdiction | Requirement | Effective Date | Key Risk |
|---|---|---|---|
| Serbia | Dual-currency invoice display (foreign + dinar) | April 1, 2026 | VAT reporting errors |
| Poland (KSeF) | Separate dates for submission, acceptance, VAT | 2026 rollout | Cut-off and audit exposure |
| EU (AMLR) | Standardized FIU reporting above EUR 10,000 | July 10, 2027 | Non-compliance sanctions |
Pro Tip: If your accounting system uses a single "invoice date" field, it will not meet KSeF requirements. Ask your ERP vendor specifically about support for multiple event-date fields before your go-live date.
4. Cross-border reporting and OECD CRS automation
Cross-border currency transactions are no longer a gray area. The OECD Common Reporting Standard (CRS) and FATCA frameworks automate the sharing of transaction and balance data between jurisdictions. Authorities receive this data without any action from the operator or the customer. Operators who assume that transactions processed through foreign accounts go unreported are wrong.
This matters for currency exchange businesses that route transactions through correspondent accounts in multiple countries. Each leg of the transaction generates a data record that flows to the relevant tax authority. The absence of a domestic tax document does not create anonymity. It creates a discrepancy, which is a red flag for auditors.
The practical implication is that your compliance risk management approach must account for data that regulators already hold. Filing reports that contradict CRS data is a more serious problem than a late filing. Operators should reconcile their internal transaction records against expected CRS outputs at least quarterly.
5. Common compliance traps to avoid in 2026 reporting workflows
The most dangerous compliance trap is relying on fragmented, manual reporting systems. Experts advise integrating branch-level transaction data to avoid threshold breaches across locations. An operator with five branches can easily miss a customer who splits a EUR 12,000 transaction across three locations on the same day. Without centralized aggregation, none of the individual transactions triggers a report.
- Exchange rate errors: Using the wrong rate when converting foreign currency amounts for FIU reports is a common filing mistake. Always use the official central bank rate for the reporting date, not the commercial rate applied to the customer.
- Outdated technical annexes: Technical reporting system annexes change frequently, as seen with Hungary's ERA system in 2026. Compliance staff must monitor regulatory updates to submission formats, not just the underlying legal requirements.
- Incomplete whistleblowing systems: AMLR requires fully operational internal whistleblowing channels. Many operators have the policy but not the tested system.
- Assuming national rules still apply: AMLA's harmonization means that a rule valid in your jurisdiction last year may now conflict with the EU-wide standard.
Currency exchange operators also underestimate the reporting scope of the Bank Secrecy Act for US-linked transactions. Electronic filing is required for currency transactions over set thresholds, including exchanges and withdrawals. Operators with US dollar transaction volumes must maintain FinCEN-compliant reporting alongside EU obligations.
6. How to prepare your business for the 2027 AMLR deadline
The hard AMLR deadline of july 10, 2027 means that 2026 is the year for implementation and stress testing, not planning. Operators who begin system upgrades in late 2026 will not have enough time to test, correct, and certify their reporting infrastructure before enforcement begins.
The preparation checklist for full compliance includes:
- Test FIUnet reporting formats by running live transactions through your reporting system and confirming output matches EU submission standards
- Train staff on new protocols covering threshold identification, STR filing, dual-currency invoice handling, and CRS reconciliation. A dedicated staff training program tied to 2026 requirements is not optional.
- Upgrade transaction monitoring to AI-driven aggregation that consolidates data across all branches in real time
- Audit your ERP and accounting integrations to confirm they support dual-currency outputs and separate invoice date fields
- Establish a regulatory monitoring process so that changes to technical annexes and submission formats reach your compliance team within days, not weeks
- Stress test your whistleblowing system with documented scenarios to confirm it meets AMLR operational requirements
Operators should also review their AML compliance protocols against the AMLD6 framework now, before national transposition laws finalize the details. Early alignment reduces the rework required when final rules are published.
Key Takeaways
Currency exchange operators who complete system upgrades, staff training, and FIUnet integration in 2026 will meet the July 10, 2027 AMLR deadline with time to correct errors before enforcement begins.
| Point | Details |
|---|---|
| EUR 10,000 threshold | All cash transactions at or above this amount require mandatory FIU reporting across the EU. |
| EBA XBRL automation | AML data submissions must use standardized XBRL taxonomies by december 31, 2026. |
| Dual-currency invoicing | Jurisdictions like Serbia require invoices to display amounts in both foreign and national currency. |
| CRS cross-border data | OECD CRS and FATCA automatically share transaction data across borders, eliminating reporting blind spots. |
| 2027 hard deadline | July 10, 2027 is the AMLR enforcement date. Use 2026 for implementation and testing, not planning. |
Why compliance professionals should stop treating 2026 as a transition year
I have watched currency exchange operators approach regulatory deadlines the same way for years. They read the regulation, note the deadline, and schedule the upgrade for six months before enforcement. That approach worked when regulators issued guidance in plain language and gave operators two years to adapt. The 2026 cycle is different, and I think most compliance teams have not fully absorbed that yet.
The EBA's XBRL taxonomy requirement is not a policy change. It is a technical infrastructure change. You cannot train your way through it in a weekend. I have seen businesses with solid compliance cultures spend four months just mapping their existing data fields to a new reporting schema. When you add FIUnet connectivity testing, dual-currency ERP updates, and staff retraining on top of that, the timeline gets tight very fast.
The operators I respect most right now are the ones treating the july 2027 deadline as a december 2026 deadline. They are running parallel reporting systems today. They are finding errors in their XBRL outputs before regulators do. They are building the kind of institutional knowledge that survives staff turnover.
My honest advice: if your transaction monitoring system still requires manual review to aggregate branch-level data, that is your first problem to solve. Everything else in the 2026 framework assumes you have real-time, centralized visibility. Without it, you are not just at risk of a late filing. You are at risk of not knowing you missed one.
— Bartas
Currexchanger is built for the 2026 compliance cycle
Currency exchange operators facing the 2026 reporting cycle need software that handles FIUnet-ready reporting, real-time multi-currency transaction monitoring, and dual-currency output without manual workarounds.

Currexchanger is a purpose-built platform for currency exchange businesses managing single or multiple branches. It automates AML and KYC compliance workflows, generates reports aligned with EU regulatory formats, and integrates with external verification and accounting systems. The platform's compliance dashboards give operators real-time visibility into transaction thresholds, flagged activity, and reporting status across every location. For operators preparing for the AMLR deadline, Currexchanger's liquidity tracking features also support the multi-currency position monitoring that 2026 reporting standards require.
FAQ
What is the EU cash reporting threshold for currency exchanges in 2026?
The EU-wide cash reporting threshold is EUR 10,000. Any cash payment or deposit at or above this amount must be reported to the relevant national Financial Intelligence Unit.
When does the EU AML Regulation become mandatory?
The AMLR and AMLD6 become fully mandatory on july 10, 2027. Operators must use 2026 to implement and test compliant systems before that enforcement date.
What is XBRL and why does it matter for AML reporting?
XBRL (eXtensible Business Reporting Language) is the standardized data format the EBA requires for AML submissions from december 31, 2026. Operators under AMLA supervision must submit data in this format, not in spreadsheets or proprietary files.
Does OECD CRS affect currency exchange operators?
Yes. The OECD Common Reporting Standard automatically shares transaction and balance data across jurisdictions. Operators cannot assume that foreign-currency transactions processed through overseas accounts go unreported to tax authorities.
What is the biggest compliance risk for multi-branch currency operators?
Fragmented transaction data across branches is the top risk. Without centralized aggregation, a customer can split a large transaction across locations and no single branch triggers the reporting threshold, creating a compliance gap that regulators can identify through cross-branch data analysis.
