Blog > AML Regulations in the Middle East: How to Comply

12th April 2023

AML Regulations in the Middle East: How to Comply

The Middle East is an increasingly important financial destination, with economic development across the region attracting global capital and innovation. However, the dramatic growth of certain Middle Eastern countries has led to an increase in financial crime, including money laundering and terrorism financing, which typically exploit the region’s high risk industries such as construction, oil and gas, and real estate. Corruption has also been a traditional financial crime risk in the Middle East, with a number of recent scandals, such as the $3 billion fraud case that led to the collapse of NMC Healthcare in the UAE in 2020. 

Middle Eastern countries have responded to the criminal threats they face by implementing anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations, which impose a range of screening, monitoring, and reporting regulations. To help your firm navigate its compliance landscape, let’s take a closer look at the AML/CFT environment in a number of Middle Eastern jurisdictions. 

Key Middle Eastern AML Regulators and Regulations


The United Arab Emirate’s (UAE) primary financial regulator is the Central Bank of the UAE (CBUAE), which provides supervision for licensed financial institutions and has a mission to “regulate, develop, oversee, and maintain” the UAE’s financial system. The bank carries out its supervisory duties through its Banking and Insurance Supervision Department, which includes the Regulatory Development Division, which sets the UAE’s AML/CFT policies. 

Key UAE AML regulations: The UAE’s main money laundering regulation is the Federal Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations. The law is described as a “key pillar in combating money laundering and the financing of terrorism” and requires financial institutions to implement a risk-based AML/CFT programme and appoint a compliance officer. 

Qatar – QFCRA

Qatar’s financial regulator is the Qatar Financial Centre Regulatory Authority (QFCRA). Established in 2002, the QFCRA has a mandate to “authorise and regulate firms and individuals conducting financial services” and maintains a dedicated AML/CFT unit which works to ensure compliance with Qatar’s AML/CFT rules. The Authority also contributes to “Qatar’s ongoing engagement with international standard-setting bodies”.

Key Qatar AML regulations: Qatar’s Law No. (20) of 2019 on Combating Money Laundering and Terrorism Financing is the state’s primary AML/CFT law. The law sets out a range of risk-based compliance obligations for financial institutions in Qatar, including customer due diligence, beneficial ownership, and customer screening and monitoring.

Saudi Arabia – Ministry of Anti-Money Laundering, SAMA, SAFIU

There are a number of government bodies that address money laundering in Saudi Arabia, including the Ministry of Anti-Money Laundering, the Saudi Arabian Monetary Agency (SAMA), and the Saudi Arabian Financial Intelligence Unit (SAFIU). The AML/CFT efforts of these entities are coordinated through the Permanent Committee for Anti-Money Laundering, which is headquartered at the SAMA head office in Riyadh. 

Key Saudi Arabia AML regulations: The main AML regulation is the Saudi Arabia Cabinet Decision No. 80/1439, approving the Anti‐Money Laundering Law, also known as the AML Law. There are a number of important supporting laws to the AML Law, including the Implementing Regulation to the AML Law October 2017. Similarly, the main CFT law in Saudi Arabia is the Law on Combating Terrorism Crimes and Financing (and its corresponding implementing regulation). The AML and CFT laws impose risk-based compliance obligations on firms within Saudi jurisdiction. 

Oman – CBO, CMA

The Central Bank of Oman (CBO) is Oman’s primary AML/CFT authority, responsible for supervising and licensing all financial institutions in the country, and implementing its AML/CFT regulations. The Capital Markets Authority (CMA) also has an AML/CFT regulatory role but is responsible for supervising Oman’s capital market and insurance sectors. 

Key Oman AML regulations: The principle AML/CFT law in Oman is the Law on

Combating Money Laundering and Terrorism Financing (Royal Decree 30/2016). Like other Middle Eastern states, the AML Law imposes reporting and record-keeping, and screening and monitoring obligations on financial institutions within Oman’s jurisdiction.   

Turkey – MASAK

Turkey’s AML/CFT authority is the Financial Crimes Investigation Board, or Mali Suçlar Araştırma Kurulu (MASAK). Operating under the Ministry of Finance, MASAK has the power to implement AML/CFT policy in Turkey, conduct investigations, and assist law enforcement agencies with prosecutions. 

Key Turkey AML regulations: Implemented in 2006, Turkey’s principle AML law is Law No. 5549 on Prevention of Laundering Proceeds of Crime, which imposes reporting, record-keeping, monitoring and screening obligations on Turkish financial institutions. In 2023, Turkey introduced Law No. 6415 on the Prevention of the Funding of Terrorism, which expanded the definition of terrorism financing and the power of authorities to prosecute alleged cases. 

How to Comply with the Middle East’s AML Regulations

The Middle Eastern states listed above have committed to implementing the AML/CFT standards recommended by the Financial Action Task Force (FATF) – either as members of the FATF, or as members of the Middle Eastern and North Africa FATF (MENAFATF), an FATF-style regional body. 

Following the FATF Recommendations, Middle Eastern jurisdictions must develop and implement risk-based AML/CFT compliance regulations, which require firms to establish individual customer risk levels and deploy proportionate compliance measures in response. In practice, this means that Middle Eastern financial institutions must conduct robust data collection and screening processes, including:

  • Identity verification: Firms should apply customer due diligence (CDD) measures to establish the identity of their customers and build accurate risk profiles. Where customers present a higher risk of financial crime, firms should apply enhanced due diligence (EDD). 
  • Transaction screening: Middle eastern firms must screen customer transactions for suspicious activity, which may include transactions with high risk individuals or transactions involving high risk jurisdictions. 
  • PEP and sanctions screening: To establish customer risk levels, firms must check that customers are not suspected of financial crimes, are not politically exposed persons (PEP), and are not designated on international sanctions lists. To that end, firms must be able to screen customers against the relevant sanctions and watchlists. 
  • Adverse media screening: Firms should screen their customers for involvement in adverse media – which may disclose important risk information before it is confirmed by official sources. Firms should screen for adverse media with a global scope in order to ensure they collect as much risk data as possible.  

Recent AML Developments in the Middle East

The Middle East can be a volatile AML/CFT environment with risk levels varying significantly between jurisdictions. 

Following a Plenary and Working Group Meeting in 2022, the FATF chose to designate the UAE on its list of Jurisdictions Under Increased Monitoring, also known as the Grey List, as a result of failures to address “strategic deficiencies” in its counter-terrorism financing framework. 

Designation on the Grey List means that financial institutions must be alert to an elevated risk of doing business in listed countries, while listed countries are required to work with the FATF to address points on an AML/CFT action plan. The UAE, for example, recently issued guidance for financial institutions on improving their understanding of AML/CFT risk, including implementing digital ID systems to enhance CDD. 

The UAE is not the only Middle Eastern country on the Grey List, and joins Syria, Yemen, and Turkey, which was added in October 2021. Iran is designated on the FATF’s Black List, or High Risk Jurisdictions Subject to a Call for Action, which indicates a high level of AML/CFT risk and requires firms to deploy suitable countermeasures. 

Customer Screening Technology for Middle East AML Compliance

Many financial activities in the Middle East are associated with industries that pose an elevated risk of financial crime but that stretch across borders and involve complex international supply chains. With this in mind, it is critical that firms implement a customer screening solution capable of matching names to watchlists, new stories, and other media in the Middle East and across the world, capturing large volumes of data while minimising noise and false positive AML alerts. 

Ripjar’s Labyrinth Screening platform integrates cutting-edge machine learning technology and advanced analytics to help your firm enhance its customer screening process in the Middle East and beyond. Labyrinth enables searches of thousands of data sources, including news stories, sanctions lists, and watchlists in over 20 foreign languages, taking into account non-Western spelling conventions and characters, such as the use of Arabic, to enable effective, accurate decision making. Fast, flexible and customisable to your risk appetite, Labyrinth Screening offers a powerful advantage in managing the diverse and evolving risk landscape of the Middle East. 

Contact us to discuss how Ripjar can support your AML compliance in the Middle East

Subscribe to Newsletter