For Startups

Saudi Arabia’s path Through the EU List of High-Risk Third Countries to FATF Membership

Saudi Arabia’s path Through the EU List of High-Risk Third Countries to FATF Membership

The FATF’s Plenary meeting in Orlando, Florida on June 16-21 coincided with its 30th Anniversary. Despite the hot topic caused by the new FATF Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers, which grabs all the public attention, one more important thing was announced: the Kingdom of Saudi Arabia becomes the 39th member of FATF. That, by the way, makes the Kingdom first Arab country to be granted full membership status in the organization (until this time, Saudi Arabia was a member of the Gulf Co-operation Council, the regional FATF member organization).

To become a member of FATF, first of all, a country must be invited by FATF to become an observer. Next, the country must meet a set of special criteria. For instance, the country should be strategically important, and the organization’s geographical balance should be enhanced by the member candidate. Also, the country should provide a written commitment at the political level to endorse and support FATF’s objectives and activity. Finally, the country must successfully pass FATF’s Mutual Evaluation.

Notably, for the last 9 years, there were only 2 countries that became a FATF member. All in all, there were 38 FATF members. Until recently.

Going Back in Time

Interesting fact, in 2018 the Kingdom was denied being granted membership because it was found to have a low-to-moderate level of effectiveness for 7 of the 11 assessed criteria. Moreover, just five months ago, in February 2019, the European Commission was suggesting putting Saudi Arabia to the list of the non-EU countries with strategic deficiencies in their AML/CFT frameworks (spoiler: it didn't happen).

Surprising? Okay, let's take a closer look. Saudi Arabia is a G20 member; one of the richest countries; one of the largest export countries in the world. Moving on, all G20 members, except for Indonesia, which is currently an observer to FATF, are the FATF members (recalling the criteria of membership above, all these starts looking very exciting, isn’t it?). The USA and the UK, other two powerful economies, support Saudi Arabia in becoming a FATF member (besides, the UK also supported the exclusion of Saudi Arabia from the EU list in March 2019). So, the final voting for the Kingdom’s membership at the FATF Plenary Meeting under the US Presidency on June was not controversial and passed very smoothly. By the way, the USA is among the top trade partners of Saudi Arabia.

Does Saudi Arabia’s membership in the FATF affect the theoretical possibility of inclusion to the European AML/CFT list again? Too many questions remain open.

Nevertheless, one thing is clear – being a FATF member is an advantage for the country. First of all, the FATF members have more impact on international AML/CFT policy-making than other countries. They are also assumed to secure more transparent and stable financial system, ensuring that financial markets are not vulnerable to infiltration or abuse by organized crime groups. You will agree, this seems quite attractive to businesses and foreign investors.

Looking at this world-changing, but silent things, we can be sure only in one thing: while doing your business or choosing a jurisdiction for your start-up do not forget to keep in mind that different organizations have different approaches and methodologies of AML/CFT risks evaluation. It is necessary to pay great attention to these differences while implementing the risk-based approach to your operation activity in order to effectively mitigate and manage your business risks.


Disclaimer: the information in this article is provided for informational purposes only. You should not construe any such information as legal, tax, investment, trading, financial, or other advice.


Sergio Mokhniev & Kristina Nikipolska

Compliance Experts at Legal Nodes

Need a lawyer in this area?



European Union

6 years in AML

A Certified Anti-Money Laundering Specialist (CAMS), Member of AML/CFT committee in...

Legal Nodes Blog

For Startups
Terms of Use that your users will actually read

In this article Legal Nodes Team talks about Terms of Use, how to write them effectively and why you need them in the first place. You could find a FREE template at the end of this article....

Legal Nodes Team
Privacy (GDPR)
How Can You Leverage a Privacy Kit More Effectively?

In this article, Punit Bhatia, a leading privacy expert, shares how small businesses can become privacy compliant by using Privacy Kits in an effective and why just branding the documents and templates in name of your company is not a good idea....

Punit Bhatia
Legal Nodes Updates
Legal Nodes in 2020: A Year in Review

Despite the fact that for many 2020 will be strongly associated with the coronavirus pandemic and lockdown measures, it would be a mistake to forget all the good things that happened this year. Especially when the festive season approaches, and ...

Legal Nodes Team
Privacy (GDPR)
Internet data mining. Is it legal in the EU?

Data mining is the process of collecting and analyzing human-readable data for own purposes. More and more businesses are built on that concept, scientists and medics also use automatically combined data from different sources to spawn predictio...

Ewa Wojnarska-Krajewska
Privacy (GDPR)
11 simple (but complete) steps towards the GDPR compliance in 2020

The GDPR can be a wake-up call to sort out your processes, procedures and technology and thereby run a more successful organisation. Data is now more essential than ever, regardless of your activities or market sector. Not only will efficiencies...

Thomas Hayes
Contract Work
Force Majeure Clauses and the Effect of Coronavirus on Businesses

The coronavirus pandemic has made force majeure clauses one of the hottest legal topics worldwide. To help businesses navigate this issue, we asked Tom Bohills, an English qualified lawyer and the Founder of Chronos Law, to explain the backgrou...

Tom Bohills
Privacy (GDPR)
Privacy Policy: Everything you need to know

Privacy Policy (or Privacy Notice) is a public legal statement of the company. It explains how the organisation uses information about its users, customers, or employees....

Legal Nodes Team
Privacy (GDPR)
Initial Privacy Assessment: Everything You Need to Know

A privacy assessment is a methodic review of your state of compliance with personal data protection laws....

Legal Nodes Team
Legal Nodes Updates
Legal Nodes Secures the $50k Grant from the Ukrainian Startup Fund Pitching Competition

We are delighted to announce that Legal Nodes scored the highest during the fifth Ukrainian Startup Fund pitching competition and was awarded a $50k Grant. ...

Legal Nodes Team