AML regulations and compliance in the Middle East

Key Takeaways

1. Rising financial crime risks in a growing market:
   The Middle East’s rapid economic development and influx of global investment have also made it a target for financial crime. High-profile scandals and ongoing challenges highlight the urgent need for strong financial crime prevention.
2. Complex and evolving AML regulatory landscape:
   Financial institutions in the Middle East must navigate a patchwork of country-specific AML/CFT regulators and regulations, all generally aligned with FATF recommendations.
3. Operational challenges for compliance teams:
   Despite strong regulations, many institutions lag due to legacy systems, manual processes, integration gaps, and high false positives. This makes it difficult to meet increasing regulatory expectations and efficiently detect sophisticated criminal activity.
4. Modern, AI-driven solutions are essential:
   The future of AML compliance lies in cloud-native, AI-powered platforms like SymphonyAI’s Sensa Risk Intelligence. These solutions offer real-time monitoring, automation, multi-language support, and streamlined upgrades.
5. Strategic compliance as a competitive advantage:
   Institutions that modernize their compliance infrastructure, centralize risk management, and use AI for automation will be better equipped to manage risk, accelerate innovation, and meet regulatory demands. This turns compliance from a burden into a business enabler.

How financial institutions can stay ahead of evolving AML risks

The Middle East has become an increasingly important global financial destination, with rapid economic development across the region. This attracts global capital and innovation with a surge of investment in industries like construction, oil and gas, and real estate that has put these countries on the map. Tourism and events are also growing because of these endeavors.

But with growth comes risk and more opportunities for criminals to exploit.  As such, the region continues to grapple with financial crime threats including money laundering, corruption, fraud, and terrorism financing.

Notable scandals and difficulties, such as the Lebanese liquidity crisis, the $3 billion fraud that led to the collapse of NMC Healthcare in the UAE in 2020, and a $2.5 billion tax fraud in Iraq have highlighted just how significant the challenge is. Iran is also currently on the Financial Action Task Force black list. In response, Middle Eastern jurisdictions have been tightening anti-money laundering (AML) and combating the financing of terrorism (CFT) regulations. Firms operating in the region face an increasingly complex compliance landscape, with regulators demanding robust risk-based monitoring and reporting.

Middle Eastern AML Regulators and Regulations

For banks and other financial institutions operating in the Middle East, it is important to understand the compliance landscape across countries. Here are some of the regulators, and the most important laws and regulations within the region.

Egypt – Egyptian Money Laundering and Terrorist Financing Combating Unit (EMLCU)

Egypt’s primary AML/CFT body is the EMLCU, which was established under the Central Bank of Egypt in 2002.

• Core regulation: Law No. 80 of 2002 on Combating Money Laundering (as amended). Egypt’s money laundering law and executive regulations can be found on the EMLCU website.
• Obligations: Customer due diligence, suspicious transaction reporting, sanctions screening, and cooperation with Middle East and North Africa Financial Action Task Force (MENAFATF).

United Arab Emirates (UAE) – Central Bank of the UAE (CBUAE)

The primary financial regulator in the UAE, the CBUAE oversees licensed financial institutions through the Banking and Insurance Supervision Department. Its Regulatory Development Division sets and oversees the AML/CFT policies within the country.

• Core regulation: Federal Law No. 20 of 2018 on AML and Combating the Financing of Terrorism and Illegal Organisations. [1] A more recent regulation, Federal Decree Law No (26) of 2021, amends the previous law, while cabinet decisions have also enacted rulings based on the likes of ultimate beneficial ownership. All can be read on the relevant page of the UAE Ministry of Economy & Tourism website.
• Obligations: The law requires risk-based AML/CFT programs, a compliance officer, and strong customer due diligence (CDD).

Qatar – The Qatar Financial Centre Regulatory Authority (QFCRA)

The QFCRA was regulates firms and individuals conducting financial services in Qatar. It has a dedicated AML/CFT unit that ensures compliance of financial institutions with the country’s laws and regulations.

• Core regulation: Law No. (20) of 2019 on Combating Money Laundering and Terrorism Financing. [2] Similarly to the UAE, Decree Law No. [19] of 2021 amends some provisions within the prior law. All AML/CFT laws and legislations of Qatar can be found on the QFCRA website.
• Obligations: CDD, beneficial ownership checks, sanctions screening and ongoing monitoring.

Saudi Arabia – Saudi Arabian Monetary Agency (SAMA)

Saudi Arabia primarily coordinates AML/CFT efforts via the Permanent Committee for Anti-Money Laundering, which operates under SAMA. Other government departments that deal with AML/CFT laws include the Ministry of Anti-Money Laundering and the Saudi Arabian Financial Intelligence Unit (SAFIU).

• Core regulation: Council of Ministers’ resolution No. (15) dated 17/1/1420H providing for the implementation of the 40 Anti-Money Laundering Recommendations in accordance with the regulations applied in the Kingdom. [3] There are two main laws – the Anti-Money Laundering Law and the Law of Terrorism Crimes and Financing. There are many guidelines available on the Anti-Money Laundering Permanent Committee website.
• Obligations: KYC/CDD, AML transaction monitoring, internal policies to detect and prevent financial crimes, and reporting suspicious activity to SAFIU as quickly as possible.

Oman – Central Bank of Oman

The CBO is in charge of all AML and CFT efforts in Oman. Although they are responsible for supervising and licensing financial institutions, the CBO is also supported by the Capital Markets Authority (CMA), which oversees the insurance and capital market industries within the country.

• Core regulation: The Law on Combating Money Laundering and Terrorism Financing (Royal Decree 30/2016). [4] It is an updated version of a similar law from 2010 (Royal Decree 79/1010). All AML/CFT guidelines can be found on the Central Bank of Oman website.
• Obligations: KYC/CDD, enhanced due diligence (EDD), record-keeping, reporting, and transaction/customer monitoring requirements. Any suspicious activity should be reported to the National Center for Financial Information (NCFI).

Türkiye – MASAK

The Financial Crimes Investigation Board, known in Turkish as Mali Suçlar Araştırma Kurulu (MASAK), enforces AML/CFT policies in Türkiye. Operating under the Ministry of Finance, the board conducts investigations and assists law enforcement agencies in prosecuting criminals.

• Core regulation: The principal AML law is Law No. 5549 on Prevention of Laundering Proceeds of Crime (2006). [5] In 2023, Türkiye also brought in Law No. 6415 on Prevention of the Funding of Terrorism (2023) to more efficiently combat the financing of terrorism. [6] All laws, regulations, and guidelines can be found on the Financial Crimes Investigation Board website.
• Obligations: Appoint a compliance officer and train staff on AML requirements, conduct CDD, monitor and report any suspicious activity to MASAK, and maintain records of transactions and customer information for at least eight years.

Iraq – AML/CFT Office at the Central Bank of Iraq (CBI)

Iraq operates and AML/CFT office within the Central Bank of Iraq to address risks associated with money laundering, terrorism financing, and corruption.

• Core regulation: Law No. 39 of 2015 on Combating Money Laundering and Financing of Terrorism. [7] All regulations and guidelines can be read on Iraq’s Anti-Money Laundering and Countering Financing of Terrorism Office website.
• Obligations: Risk-based AML programs, CDD, and reporting suspicious transactions to the relevant authorities.

Iran – High Council on Anti-Money Laundering

Iran has developed AML/CFT regulations under the supervision of its High Council on Anti-Money Laundering and Financial Intelligence Unit (FIU). However, the FATF has placed Iran on its Black List due to significant deficiencies in its AML/CFT controls.

• Core regulation: Law on Combating Money Laundering (2008, amended 2018). [8] Iran has also recently announced its first action plan against money laundering and terrorism as part of Article 4 of the Executive Regulations for Article 14, Supplementary to the Money Laundering Act, for the Iranian calendar years 1403-1406 (March 2024-March 2027).
• Obligations: KYC/CDD, AML transaction monitoring, notifying the relevant authorities. However, international institutions must apply enhanced countermeasures when engaging with Iran. [9]

Aligning frameworks across the Middle East

Middle Eastern states align their frameworks with FATF recommendations, either as FATF members or through the MENAFATF regional body. FATF’s push for risk-based compliance means firms must:

• Verify identity: Establish strong CDD measures, while also applying enhanced due diligence (EDD) where risk is higher.
• Monitor transactions: Detect and escalate suspicious activity, especially with high-risk jurisdictions or sectors.
• Screen for PEPs and sanctions: Screen for politically exposed persons (PEPs) and ensure that customers are not appearing on sanctions lists or watchlists.
• Check adverse media: Capture reputational risk signals early, before official records emerge.

Despite these measures, the environment remains volatile. The UAE was placed on the FATF Grey List in 2022 for deficiencies in its counter-terrorism financing framework (though it has since been removed in 2024 [10]). Türkiye was also put on the Grey List in 2021 and was removed in 2024 [11]. As mentioned earlier, Iran remains on the FATF Black List, requiring heightened countermeasures.

To read about how a country has managed to remove itself from the FATF Grey List, see our recent blog on the pioneering financial crime prevention efforts in South Africa.

Why compliance struggles to keep up with regulations

Despite strong regulatory frameworks, compliance teams across the Middle East face challenges in operationalizing AML/CFT obligations. This can be for many reasons, the most prominent of which are caused by legacy systems unable to handle real-time detection or advanced typologies, patchy integrations across systems, manual processes slowing investigations and research, and high false positives consuming resources and distracting from real risks.

These weaknesses leave institutions exposed at a time when regulators and global counterparties expect rapid, transparent, and effective compliance. Thankfully, advanced AML software already exists to make things easier.

A modern solution with SymphonyAI’s Sensa Risk Intelligence

The future of AML compliance in the Middle East lies in modern, AI-native infrastructure. SymphonyAI’s Sensa Risk Intelligence (SRI) platform offers exactly that:

• Evergreen architecture: Always up to date with the latest AI advances and regulatory requirements.
• Zero-effort upgrades: Institutions automatically benefit from continuous improvements without major IT projects.
• Modular adoption: Start with AI overlays to existing systems, then scale to a fully centralized risk management platform.
• Agentic AI ecosystem: Sensa Agents automate tasks like case summaries, SAR drafting, and web research, freeing human investigators for strategic work.
• Multi-language coverage: Critical for the Middle East, SRI screens global and local data sources, handling Arabic and non-Western scripts effectively.

This modern architecture ensures financial institutions in the region can meet today’s compliance expectations while preparing for tomorrow’s challenges.

The future of compliance in the Middle East

Compliance in the Middle East is evolving from a reactive function into a strategic enabler. The institutions that thrive will be those that:

• Break free from legacy systems and embrace cloud-native, AI-driven solutions.
• Centralize their compliance operations to unify AML, fraud, sanctions, and KYC / CDD in one ecosystem.
• Leverage real-time risk insights to bring products to market faster and with greater confidence.
• Scale automation beyond the 50/50 Compliance Model, with 80–90% of routine investigative work eventually handled by agents.

Conclusion

The Middle East’s financial future is dynamic, global, and full of opportunity. However, it is also fraught with risk. Staying ahead of sophisticated criminals and complex regulations requires more than incremental improvements. It requires a new compliance operating model.

With Sensa Risk Intelligence, institutions gain the agility, scalability, and intelligence they need to comply with today’s AML/CFT regulations while preparing for the innovations and risks of tomorrow. Evergreen, agentic, and unified, SRI ensures that financial crime prevention teams across the Middle East aren’t just keeping pace but leading the way in compliance.

Get in touch to discover how SymphonyAI can enhance your financial crime prevention operations.

Citations

[1] https://www.moet.gov.ae/en/federal-decree-law-no-20-of-2018-on-anti-money-laundering-and-combating-the-financing-of-terrorism-and-illegal-organisations

[2] https://www.qfcra.com/en-us/AML%20Law%20and%20Legislation/Law%20No.%20(20)%20of%202019%20on%20Combating%20Money%20Laundering%20and%20Terrorism%20Financing%20(1).pdf

[3] https://www.sama.gov.sa/en-US/AntiMoney/Pages/home.aspx

[4] https://cbo.gov.om/Pages/AntiMoneyLaunderingLaw.aspx

[5] https://en.hmb.gov.tr/fcib-legal-framework-of-aml

[6] https://ms.hmb.gov.tr/uploads/sites/2/2022/08/Law_No_6415_TF_Law.pdf

[7] https://www.aml.iq/wp-content/uploads/2017/09/AMLCFT-Law-of-Iraq.pdf

[8] https://wgfacml.asa.gov.eg/en/Laws_of_Countries/Iran/Iran.pdf

[9] https://www.fatf-gafi.org/en/countries/detail/iran.html

[10] https://www.ft.com/content/592b15b3-16d3-44e4-9605-54f027f430c1

[11] https://www.reuters.com/world/middle-east/simsek-indicates-that-turkey-removed-fatf-watchdogs-grey-list-2024-06-28/