For Startups

Saudi Arabia’s path Through the EU List of High-Risk Third Countries to FATF Membership

Saudi Arabia’s path Through the EU List of High-Risk Third Countries to FATF Membership

The FATF’s Plenary meeting in Orlando, Florida on June 16-21 coincided with its 30th Anniversary. Despite the hot topic caused by the new FATF Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers, which grabs all the public attention, one more important thing was announced: the Kingdom of Saudi Arabia becomes the 39th member of FATF. That, by the way, makes the Kingdom first Arab country to be granted full membership status in the organization (until this time, Saudi Arabia was a member of the Gulf Co-operation Council, the regional FATF member organization).

To become a member of FATF, first of all, a country must be invited by FATF to become an observer. Next, the country must meet a set of special criteria. For instance, the country should be strategically important, and the organization’s geographical balance should be enhanced by the member candidate. Also, the country should provide a written commitment at the political level to endorse and support FATF’s objectives and activity. Finally, the country must successfully pass FATF’s Mutual Evaluation.

Notably, for the last 9 years, there were only 2 countries that became a FATF member. All in all, there were 38 FATF members. Until recently.

Going Back in Time

Interesting fact, in 2018 the Kingdom was denied being granted membership because it was found to have a low-to-moderate level of effectiveness for 7 of the 11 assessed criteria. Moreover, just five months ago, in February 2019, the European Commission was suggesting putting Saudi Arabia to the list of the non-EU countries with strategic deficiencies in their AML/CFT frameworks (spoiler: it didn't happen).

Surprising? Okay, let's take a closer look. Saudi Arabia is a G20 member; one of the richest countries; one of the largest export countries in the world. Moving on, all G20 members, except for Indonesia, which is currently an observer to FATF, are the FATF members (recalling the criteria of membership above, all these starts looking very exciting, isn’t it?). The USA and the UK, other two powerful economies, support Saudi Arabia in becoming a FATF member (besides, the UK also supported the exclusion of Saudi Arabia from the EU list in March 2019). So, the final voting for the Kingdom’s membership at the FATF Plenary Meeting under the US Presidency on June was not controversial and passed very smoothly. By the way, the USA is among the top trade partners of Saudi Arabia.

Does Saudi Arabia’s membership in the FATF affect the theoretical possibility of inclusion to the European AML/CFT list again? Too many questions remain open.

Nevertheless, one thing is clear – being a FATF member is an advantage for the country. First of all, the FATF members have more impact on international AML/CFT policy-making than other countries. They are also assumed to secure more transparent and stable financial system, ensuring that financial markets are not vulnerable to infiltration or abuse by organized crime groups. You will agree, this seems quite attractive to businesses and foreign investors.

Looking at this world-changing, but silent things, we can be sure only in one thing: while doing your business or choosing a jurisdiction for your start-up do not forget to keep in mind that different organizations have different approaches and methodologies of AML/CFT risks evaluation. It is necessary to pay great attention to these differences while implementing the risk-based approach to your operation activity in order to effectively mitigate and manage your business risks.


Disclaimer: the information in this article is provided for informational purposes only. You should not construe any such information as legal, tax, investment, trading, financial, or other advice.


Sergio Mokhniev & Kristina Nikipolska

Compliance Experts at Legal Nodes

Need a lawyer in this area?



European Union

6 years in AML

A Certified Anti-Money Laundering Specialist (CAMS), Member of AML/CFT committee in...

Legal Nodes Blog

For Startups
Ultimate guide to connecting Virtual Data Protection Officer

Connecting Virtual DPO can greatly reduce start-up’s data protection costs. This article explains who the Data Protection Officer is, why you should consider outsourcing DPO services, and how to pick one that matches the needs of your business....

Legal Nodes Team
Privacy (GDPR)
Cookie Policy: How to Track Website Users Lawfully

The recent study of the Nederlandse Omroep Stichting (the ‘NOS’), a Dutch news media, showed that more than 1,300 Dutch websites violate the privacy of their users. The violation found by the NOS is simple - the users cannot use the websites wit...

Legal Nodes Team
For Startups
Why Your Startup Needs a Founders' Agreement + Template 2021

Founders Agreement – the key step to set clear intentions for you and your partners and to avoid misunderstandings in the future. In a new post on the Legal Nodes blog, we explain what a Founders Agreement is, reasons for your startup to prepare...

Legal Nodes Team
For Startups
Terms of Use that your users will actually read

In this article Legal Nodes Team talks about Terms of Use, how to write them effectively and why you need them in the first place. You could find a FREE template at the end of this article....

Legal Nodes Team
Privacy (GDPR)
How Can You Leverage a Privacy Kit More Effectively?

In this article, Punit Bhatia, a leading privacy expert, shares how small businesses can become privacy compliant by using Privacy Kits in an effective and why just branding the documents and templates in name of your company is not a good idea....

Punit Bhatia
Legal Nodes Updates
Legal Nodes in 2020: A Year in Review

Despite the fact that for many 2020 will be strongly associated with the coronavirus pandemic and lockdown measures, it would be a mistake to forget all the good things that happened this year. Especially when the festive season approaches, and ...

Legal Nodes Team
Privacy (GDPR)
Internet data mining. Is it legal in the EU?

Data mining is the process of collecting and analyzing human-readable data for own purposes. More and more businesses are built on that concept, scientists and medics also use automatically combined data from different sources to spawn predictio...

Ewa Wojnarska-Krajewska
Privacy (GDPR)
11 simple (but complete) steps towards the GDPR compliance in 2020

The GDPR can be a wake-up call to sort out your processes, procedures and technology and thereby run a more successful organisation. Data is now more essential than ever, regardless of your activities or market sector. Not only will efficiencies...

Thomas Hayes
Contract Work
Force Majeure Clauses and the Effect of Coronavirus on Businesses

The coronavirus pandemic has made force majeure clauses one of the hottest legal topics worldwide. To help businesses navigate this issue, we asked Tom Bohills, an English qualified lawyer and the Founder of Chronos Law, to explain the backgrou...

Tom Bohills