AI-Driven Anti-Money Laundering in Central Bank Digital Currencies (CBDCs) and Ethical Considerations: A Question of Traceability and Privacy

The development of Central Bank Digital Currencies (CBDCs) has the potential to transform the financial system of the European Union (EU) and significantly impact the business models of the banking industry. Nevertheless, as with all technologies, CBDCs are a double-edged sword. The digital revolution promised by the CBDCs is, to a certain extent, incompatible with the Anti-Money Laundering (AML) framework. The EU vows that the digital Euro will provide EU citizens with the highest privacy standards and simultaneously that the European Central Bank (ECB) and the Eurosystem will not have access to identification and transactional data. The digital Euro is described as an offline digital Euro that has cash-like privacy levels. However, cash is often associated with illegal activity, particularly money laundering. The very nature of cash-like standards of privacy contradicts the essence of the AML regime, which is based on customer identification, access to data and suspicious activity reports. Due to the multitude of data available to AML gatekeepers and obliged entities, AI tools are increasingly integrated into efforts to monitor transactions, detect suspicious patterns, and even predict illegal activities. While AI tools have numerous advantages, they also raise legal concerns, particularly regarding privacy and compliance with EU law. Generally, the use of AI tools presents exceptional ethical dilemmas, which take the form of a clash between convenience and speed in crime prevention and the protection of fundamental rights. On the one hand, these tools can improve the ability to identify money laundering activities based on “sophisticated” data analysis. On the other hand, the reliance on large-scale data collection and algorithmic decision-making challenges fundamental rights, particularly the right to privacy and data protection. Despite the proposed privacy levels of the digital Euro, CBDCs’ traceability magnifies ethical concerns about AI use in money laundering prevention due to the centralisation of financial and transactional data that can lead to excessive surveillance and data misuse. Integrating AI into CBDC-related AML measures necessitates careful consideration and the provision of guarantees ensuring the protection of fundamental rights. The EU AI Act categorises AI systems (tools) into four categories, namely, unacceptable, high, limited and minimal risk, providing an additional regulatory layer to their use. Due to the sensitive nature of financial data (including identification data) and the societal impact of AML measures, the categorisation of these AI tools will likely fall under the high-risk category. Additionally, the centralisation provided by the CBDCs accelerates direct government involvement in financial data processing. This indicates the need for more stringent oversight to mitigate the risks of data misuse. Against this backdrop, the proposed paper investigates the question of what the impact of the EU AI Act is on the AML framework, specifically in CBDCs, and what is the role of the new AML Authority (AMLA) in relation to the standardisation of AI AML tools.