The Risk Nobody Sees: When Banks Decide You’re Too Expensive to Keep

Why Are Dutch Banks Charging More for Business Accounts?

Money laundering checks cost Dutch banks over €700 million annually. Not a rounding error. Structural cost. Major Dutch banks (ABN Amro, ING, SNS, and Rabobank) started passing this directly to business customers through new monthly fees.

Banks face massive compliance costs. Small business accounts generate minimal revenue. The system responds by raising fees or closing accounts.

The NVB’s support for risk-based anti-money laundering measures matters because the current system treats every transaction like potential evidence. The proposed system focuses resources on areas with real risk.

The difference is operational, not semantic.

Bottom line: Risk-based compliance redirects resources from low-risk businesses to genuine threats, reducing monitoring costs for predictable companies.

What’s Changing: From Unusual to Doubtful Transactions

Under the current Wet ter voorkoming van witwassen en financieren van terrorisme (Wwft), banks must report any transaction appearing “unusual.” Not criminal. Not suspicious. Out of the ordinary.

You receive a large payment from a new client. Unusual.

You make an international transfer larger than your typical pattern. Unusual.

You restructure payments to manage cash flow. Unusual.

Each triggers a compliance response. Each response costs money. Each cost reduces your account’s profitability.

The proposed shift moves from reporting “unusual” activity to flagging only genuinely “suspicious” transactions. This aligns with Dutch practice and with wider EU standards, reducing the flood of low-risk alerts in the system.

Established small businesses with predictable transaction behavior receive fewer information requests, less monitoring, and lower compliance costs.

For businesses in high-risk sectors, nothing gets easier.

Bottom line: Established businesses with stable transaction behaviors face fewer compliance requests. High-risk sectors see no relief.

Why Banks Over-Monitor Low-Risk Customers

DNB supervisor Loes Wenink said something worth reading in December 2025: “We observe financial institutions are sometimes checking these low-risk customers too much. They do so to stay on the safe side and comply with all legal requirements. We’re aware our supervision sometimes contributes to this.”

The regulator admits their own supervision created the problem. Banks over-check low-risk customers because the penalty for under-checking is catastrophic.

ING paid €775 million in 2018 for AML failures. ABN AMRO paid €480 million in 2021. As recently as January 2026, DNB fined digital bank Bunq €2.6 million for repeated AML failures, including weak customer due diligence.

Banks treat every customer like a potential compliance disaster. The safest strategy becomes checking everyone, constantly, regardless of real risk.

The new approach aims to address this by providing banks with clearer guidance on proportionate monitoring. What most founders miss: proportionate doesn’t mean absent.

Bottom line: Massive penalties forced banks to over-check everyone. Risk-based supervision aims to fix regulatory overcorrection without eliminating oversight.

How Risk Classification Affects Your Business

The NVB published baselines on May 31, 2023. If a customer has low or neutral risk, institutions use data from the UBO register. No UBO declarations needed. No copies of identification documents.

This is a tangible administrative reduction if you’re classified as low-risk.

Classification is the problem.

You don’t decide your risk category. Your bank does. Their decisions are based on factors you don’t control:

Sector classification. Cash-intensive businesses, international trade, cryptocurrency-related activities, and non-profit organizations continue to fall into higher-risk categories. The NVB intends to publish approximately 12 additional sector-specific baselines beyond the initial five. Businesses in these categories get more granular guidance and continued scrutiny.

Transaction trends. Large or irregular payments, frequent international transfers, and sudden changes in transaction volume all increase your risk profile regardless of legitimate business reasons.

Client and supplier relationships. Who you do business with affects your risk score. A legitimate transaction with a company in a high-risk jurisdiction can trigger heightened monitoring.

Quality of documentation. Weak financial administration, missing invoices, unclear payment descriptions, and poor record-keeping all signal higher risk to compliance systems.

The shift to risk-based monitoring doesn’t eliminate these factors. It concentrates scrutiny on them.

Bottom line: Banks classify risk based on sector, transaction trends, business relationships, and quality of documentation. You control only documentation integrity.

What Happens When Banks Close Business Accounts

The Dutch government outlined a three-step plan to guarantee access to payment accounts for business clients. They needed a plan. The problem’s severe.

Step one: Request the sector to prepare a covenant for self-regulation.

Step two: Pursue EU-level legislation.

Step three: If necessary, consider national legislation to protect business customers from involuntary closure and restriction of their payment accounts.

This isn’t a theoretical risk. This is regulatory recognition of legitimate businesses losing banking access at a scale requiring government intervention.

The mechanism’s simple. Your bank conducts a periodic review. Your account is flagged (not for wrongdoing, for complexity, cost, or category). The bank decides that the compliance burden exceeds revenue. They close your account.

You receive a letter. You have 60 days. You scramble to find another bank. The new bank sees that you were closed by the previous bank. They classify you as higher risk. The cycle repeats.

I’ve seen this pattern destroy businesses doing nothing wrong. They became too expensive to monitor.

Bottom line: Account closures happen when compliance costs exceed account revenue. Government intervention shows the scale of the problem.

How to Lower Your Compliance Risk Profile

You control your sector? No. Your transaction trends? Sometimes. How does your business appear to compliance systems? Yes.

Preserve proof discipline. Every transaction needs a clear business purpose, a documented invoice, and a traceable payment description. The Belastingdienst requires this. Your bank’s compliance system rewards you for doing the same.

Separate business and personal finances completely. Mixed transactions signal weak controls. Weak controls signal higher risk. Higher risk triggers intensified monitoring.

Document irregular transactions before they happen. Large payments, international transfers, and irregular patterns are legitimate. But legitimate requires proof. Create a paper trail that explains the business purpose before the compliance system signals the transaction.

Know your UBO registration status. Verify your Ultimate Beneficial Owner registration with the Kamer van Koophandel is current and accurate. Differences between your UBO register data and bank records trigger compliance reviews.

Keep consistent transaction descriptions. Vague payment descriptions, such as “services” or “invoice,” create compliance friction. Specific descriptions like “Q1 2026 consulting services per invoice 2026-001” reduce it.

Review your client and supplier base. You’re judged by who you do business with. If a client or supplier operates in a high-risk jurisdiction or sector, document the relationship clearly and maintain enhanced proof standards.

Respond to bank requests immediately. When your bank asks for documentation, they’re conducting a compliance review. Late responses signal weak controls or avoidance. Fast, complete responses signal operational discipline.

Bottom line: Structure determines risk category. Proof discipline, separated finances, specific transaction descriptions, and immediate responses reduce monitoring costs.

What’s Coming Next in Dutch AML Regulation

The draft Implementation Act for the European AML package was published for consultation in July 2025. The legislative proposal is planned for submission to the Dutch Parliament in early 2026.

Changes are moving through the legislative process right now. Implementation minimizes additional bureaucratic burdens by using existing data from the Kamer van Koophandel. No new registration requirements.

The FATF assessed the Netherlands’ AML measures as “delivering good results” with “strong” technical compliance in 2022. The country needs to do more to prevent legal persons from being used for criminal purposes and strengthen risk-based supervision.

The system’s fundamentally sound. This policy shift is about refining execution.

Refinement creates winners and losers. Low-risk businesses with strong documentation and clear transaction behaviors get reduced compliance friction. High-risk sectors and businesses with weak controls get continued or greater scrutiny.

Which category do you fall into? Are you building the controls keeping you in the first group?

Bottom line: Statutory amendments are moving through Parliament now. Strong controls position your business as low-cost to monitor before classification happens.

The Structure That Protects Access

Risk-based compliance isn’t a threat. It’s a sorting mechanism.

Banks keep monitoring. Regulators keep enforcing. The difference lies in where they focus their resources.

If your business operates with clear documentation, separate finances, accurate registrations, and responsive compliance, you are easy to monitor. Cheap to monitor means low risk. Low risk means sustained access.

If your business operates with mixed transactions, vague documentation, late responses, and weak controls, you become expensive to monitor. An expensive-to-monitor means a higher risk. Higher risk means account closure.

The system measures your structure, not your intentions.

Build the structure now. Before your bank decides you’re too expensive to keep.

Frequently Asked Questions

Will my bank automatically reduce monitoring if I’m low-risk?

Not automatically. Banks decide risk categories based on sector, transaction trends, business relationships, and quality of documentation. You have to maintain proof of discipline and operational controls to qualify as minimally risky.

What sectors are considered high-risk for AML purposes?

Cash-intensive businesses, international trade, cryptocurrency-related activities, and non-profit organizations continue to fall into higher-risk categories. The NVB plans to publish approximately 12 additional sector-specific baselines. More granular guidance is coming for these industries.

How do I know if my bank is reviewing my account?

Your bank requests documentation. When they ask for invoices, transaction explanations, or UBO confirmations, they’re conducting a compliance review. Immediate, complete responses show strong controls and reduce your risk profile.

What happens if my bank closes my business account?

You get a letter with 60 days’ notice. The bank doesn’t need to prove wrongdoing. They close accounts when compliance costs exceed revenue. Finding a new bank becomes harder because the closure itself signals a higher risk to other institutions.

Does the UBO register replace all bank documentation obligations?

Only for low-risk customers. The NVB’s May 31, 2023, baselines state that institutions don’t need UBO declarations or ID copies if your UBO register data is up to date and you’re classified as low or neutral risk. High-risk classifications still require full documentation.

How often should I update my transaction descriptions?

Every transaction. Vague descriptions like “services” or “invoice” create compliance friction. Specific descriptions, such as “Q1 2026 consulting services per invoice 2026-001,” reduce monitoring effort and support compliance reviews.

When does the new risk-based system take effect?

The draft Implementation Act for the European AML package was published in July 2025. The legislative proposal is planned for submission to the Dutch Parliament in early 2026. Changes are moving through the process now.

Will this reduce banking fees for small businesses?

For low-risk businesses, yes. Lower monitoring costs translate to reduced fees. High-risk sectors see no fee relief because they require the same, or even greater, compliance resources under risk-based supervision.

Key Takeaways

• Dutch banks shift from flagging “unusual” transactions to only “suspicious” ones, concentrating resources on genuine risk.
• Your bank decides your risk category based on sector, transaction behaviors, business relationships, and documentation standards.
• Low-risk businesses with existing UBO registrations won’t need to provide additional declarations or copies of ID.
• Account closures happen when compliance costs exceed revenue. The Dutch government created a three-step intervention plan because the problem is severe.
• Structure determines risk. Proof discipline, separated finances, specific transaction descriptions, and immediate responses to bank requests reduce monitoring costs.
• High-risk sectors (cash-intensive, international trade, crypto) continue to face scrutiny regardless of the quality of documentation.
• Parliamentary reforms are currently moving through Parliament. Build controls before classification happens.