Cyprus-based cross-border firms drive surge in suspicious activity filings, says Mokas

The Cyprus Securities and Exchange Commission (CySEC) has alerted regulated entities to strengthened anti-money laundering guidelines and new risk reports, as data from the Financial Intelligence Unit (Mokas) pointed to a sharp rise in suspicious transaction reporting and growing cross-border financial activity.

The regulator said the updated framework, issued through a formal circular, aims to enhance the effectiveness of Cyprus’ system for combating money laundering and terrorist financing, placing greater emphasis on the quality and timeliness of reporting by supervised firms.

CySEC explained that the revised guidance issued by Mokas focuses on improving how entities submit suspicious transaction reports, suspicious activity reports and additional information files, reflecting the increasing complexity of financial crime risks.

The commission stressed that high-quality reporting is a cornerstone of an effective compliance system, urging firms to integrate the new guidelines into their internal procedures and risk controls without delay.

The guidance is tailored to different sectors and includes updated indicators to help firms better identify suspicious behaviour, recognising their central role in detecting and reporting illicit activity.

At the same time, CySEC pointed to two newly published strategic reports by Mokas, covering money laundering risks in betting and gambling as well as emerging trends in technology-enabled fraud, including the growing use of so-called money mules.

These reports analyse patterns in submitted reports, highlight vulnerabilities and provide practical indicators to support firms in strengthening their monitoring systems and identifying red flags.

The regulator said the findings are intended to support more effective detection of suspicious activity and improve the overall quality of reporting, while also encouraging closer cooperation between the public and private sectors.

The circular also drew attention to the publication of Mokas’ annual report for 2025, which offers a detailed overview of trends, risks and enforcement outcomes across Cyprus’ financial system.

“The report reflects the work, actions and priorities of the unit in a continuously changing and demanding international environment,” said Maria Kyrmizi Antoniou, head of the Cyprus Financial Intelligence Unit and senior counsel of the Republic.

“During 2025, the unit intensified its efforts to analyse priority reports and increased the number of disseminations to law enforcement authorities,” she added.

According to the report, Mokas carried out 572 disseminations in 2025, marking an increase of around 70 per cent compared with the previous year, while also exchanging information with foreign counterparts in 631 cases.

The unit also issued 77 spontaneous reports and continued to expand cooperation with domestic authorities and private sector stakeholders through a public-private partnership model.

A major development highlighted in the report is the dramatic rise in suspicious transaction and activity reports, which surged from 3,870 in 2024 to more than 24,000 in 2025.

This increase was driven largely by financial technology firms operating from Cyprus under EU passporting rules, with the vast majority of reports relating to activities outside the country.

Mokas noted that most of these cases were automatically forwarded to the relevant financial intelligence units in other European jurisdictions, reflecting the increasingly cross-border nature of financial crime.

The report also showed that crypto asset service providers accounted for the largest share of reporting, with more than 20,000 submissions, highlighting the sector’s growing importance and associated risks.

Traditional financial institutions continued to play a key role, with banks reporting hundreds of cases, often linked to increasingly sophisticated cyber-enabled fraud schemes.

At the same time, professional services such as legal, corporate and accounting firms submitted relatively few reports, though concerns were raised about issues such as insufficient documentation and the concealment of beneficial ownership.

What is more, Mokas said its adoption of a risk-based approach and increased automation has allowed it to prioritise high-risk cases more effectively and improve the speed and impact of its analysis.

This has contributed to a rise in enforcement outcomes, with asset freezing orders in domestic cases exceeding €10 million, rising to more than €27 million when combined with foreign orders.

The report also highlighted ongoing efforts to upgrade technological systems, including the automation of report analysis and enhanced capabilities to track crypto-related transactions.

Looking ahead, authorities are preparing for further changes under a three-year strategy covering 2026 to 2028, aimed at strengthening cooperation, improving reporting quality and enhancing oversight across both traditional and emerging financial sectors.

CySEC reiterated that regulated entities must ensure they are registered with the goAML system and capable of submitting reports efficiently, warning that compliance with the updated framework is essential for maintaining the integrity of Cyprus’ financial system.

The commission added that promoting awareness, strengthening monitoring systems and deepening collaboration remain key priorities as financial crime risks continue to evolve in an increasingly digital and interconnected environment.