Your Global Remittance Business Starts Here — Launch Across the US, UK, Canada, Australia & Eurozone. Explore details →
✦ Compliance & Regulation · FATF Update

Latest FATF Grey List Countries 2026
Updated List, New Changes & What Businesses Need to Know

Iraq and Bosnia and Herzegovina were added to the FATF grey list at the June 2026 Plenary while Algeria and Namibia were removed. Here is the complete updated list and what it means for banks, fintechs, and remittance companies.

⏱ 12 min read Satish Shrivastava 🏢 RemitSo

The FATF grey list changed twice in the first half of 2026, and the June update is the one that actually moves compliance programs. At the Plenary held June 17–19, 2026 in Paris, the Financial Action Task Force added Iraq and Bosnia and Herzegovina to its list of jurisdictions under increased monitoring, while removing Algeria and Namibia after both completed their reform action plans. For banks, fintechs, and money transfer operators, this is not a procedural footnote — it changes which corridors require enhanced due diligence, which correspondent banking relationships face fresh scrutiny, and which onboarding workflows need updating before the next audit cycle.

AI Overview At its June 17–19, 2026 Plenary in Paris, the Financial Action Task Force (FATF) updated its grey list — formally the list of "Jurisdictions under Increased Monitoring" — by adding Iraq and Bosnia and Herzegovina and removing Algeria and Namibia, both of which had substantially completed their FATF action plans following on-site assessments. The grey list now stands at 22 jurisdictions, while the black list (the "High-Risk Jurisdictions subject to a Call for Action") remains unchanged at three countries: Iran, North Korea, and Myanmar. Grey-listed countries are not subject to sanctions, but FATF members and FATF-Style Regional Bodies are expected to apply enhanced due diligence to business relationships and transactions involving them, which in practice raises compliance costs, slows correspondent banking and cross-border payment processing, and increases regulatory scrutiny on financial institutions operating in or transacting with those corridors. The Plenary also confirmed the UK's incoming FATF Presidency from July 2026, advanced updates to Recommendation 16 on payment transparency, and reaffirmed humanitarian payment exemptions under Recommendation 6. For money transfer operators, fintechs, and banks, the immediate priorities are updating country risk ratings, recalibrating transaction monitoring rules for Iraq and Bosnia and Herzegovina exposure, and confirming that AML programs reflect Algeria and Namibia's exit from increased monitoring rather than continuing to treat them as elevated-risk by default.
Quick Answer
  • FATF added Iraq and Bosnia and Herzegovina to the grey list at its June 17–19, 2026 Plenary, while removing Algeria and Namibia after both completed their action plans.
  • The grey list now totals 22 jurisdictions under increased monitoring; the black list remains unchanged at three countries — Iran, North Korea, and Myanmar.
  • Grey-listed countries are not sanctioned, but financial institutions must apply enhanced due diligence to transactions and relationships connected to them.
  • The UK takes over the FATF Presidency from July 1, 2026, succeeding Mexico, alongside continued work on Recommendation 16 payment transparency standards.
  • Businesses operating in or transacting with Iraq or Bosnia and Herzegovina should update country risk ratings and transaction monitoring rules now, ahead of the next compliance audit cycle.

What Is the FATF Grey List?

The FATF grey list is the common shorthand for what the Financial Action Task Force formally calls "Jurisdictions under Increased Monitoring." It identifies countries that have agreed with FATF to address strategic deficiencies in their anti-money laundering, counter-terrorist financing, and counter-proliferation financing regimes within agreed timeframes. Inclusion on the list is not a sanction and does not block a country from the global financial system, but it signals to banks, payment companies, and regulators worldwide that the jurisdiction's AML/CFT framework has gaps serious enough for FATF to actively track its remediation progress.

A country lands on the grey list after a mutual evaluation — a peer-review process conducted by FATF or one of its regional bodies, such as MENAFATF or ESAAMLG — identifies technical or effectiveness deficiencies in areas like beneficial ownership transparency, suspicious transaction reporting, supervision of financial institutions, or sanctions implementation. Once listed, the country commits to a formal action plan with specific deadlines, and FATF reviews progress at each Plenary, typically held three times a year in February, June, and October. Countries exit the list only after an on-site assessment confirms the reforms are not just legislated but actually functioning in practice.

Note: Being grey-listed is fundamentally different from being sanctioned. No country on the grey list faces a UN Security Council resolution, asset freeze, or trade embargo as a result of FATF listing alone. What changes is the level of scrutiny financial institutions are expected to apply — and that scrutiny has real commercial consequences even without formal sanctions attached.

What Is the FATF Black List?

The FATF black list — officially "High-Risk Jurisdictions subject to a Call for Action" — is reserved for countries with the most severe and persistent AML/CFT deficiencies, where FATF calls on its members to apply counter-measures rather than simply enhanced due diligence. The distinction matters operationally: grey-listed countries require closer monitoring, while black-listed countries can trigger outright restrictions on correspondent banking relationships, additional reporting obligations, and in some cases a near-total unwillingness among Western banks to process transactions tied to the jurisdiction at all.

As of the June 2026 Plenary, the black list remains unchanged and includes only three jurisdictions: Iran, the Democratic People's Republic of Korea (North Korea), and Myanmar. Iran and North Korea have remained on this list for years due to FATF's assessment that their AML/CFT frameworks pose ongoing risks to the integrity of the international financial system, including continued concerns about proliferation financing in North Korea's case. Myanmar was added in October 2022 following the military takeover and subsequent deterioration in financial sector oversight, and it has shown no progress sufficient to warrant removal in any Plenary since.

FATF Grey List vs. Black List
Grey List — Increased Monitoring
Not a sanction — a monitoring status
Country has an agreed action plan with deadlines
Triggers enhanced due diligence, not counter-measures
Exit possible once reforms are verified on-site
Black List — Call for Action
Highest-severity, persistent deficiencies
FATF calls for counter-measures, not just monitoring
Often results in correspondent banks exiting relationships
Only three countries listed: Iran, North Korea, Myanmar

Figure 1: Key differences between FATF's grey list and black list classifications.

Latest FATF Updates in June 2026

FATF held its June 2026 Plenary in Paris from June 17 to 19, under the outgoing Mexican Presidency of Elisa de Anda Madrazo. This was the final Plenary of Mexico's two-year term, and it produced two grey list changes that immediately affect AML risk ratings used by banks, fintechs, and remittance companies worldwide. Iraq and Bosnia and Herzegovina were added to the list of jurisdictions under increased monitoring, both after mutual evaluations identified specific gaps in their AML/CFT frameworks that warranted a formal action plan.

At the same Plenary, Algeria and Namibia were removed from the grey list. Both countries had been flagged at the February 2026 Plenary as having "substantially completed" their action plans, pending an on-site assessment to verify the reforms were functioning in practice rather than just written into law. FATF's June review confirmed that verification, and both countries exited increased monitoring as a result. This two-step pattern — substantial completion noted at one Plenary, formal removal confirmed at the next after on-site verification — is standard FATF practice and explains why country lists can look different from one Plenary to the next even when no new deficiency has been found.

June 2026 Plenary — What Changed
01
Iraq Added to Grey List
Mutual evaluation findings on beneficial ownership transparency and supervision gaps led FATF to place Iraq under increased monitoring with an agreed action plan.
02
Bosnia and Herzegovina Added to Grey List
Deficiencies identified in suspicious transaction reporting and cross-border cooperation resulted in formal increased monitoring status.
03
Algeria Removed from Grey List
On-site assessment confirmed Algeria's reforms — flagged as substantially complete in February — are operating effectively.
04
Namibia Removed from Grey List
Namibia's action plan reforms were verified on-site, ending its increased monitoring status after multiple Plenary review cycles.
05
Black List Unchanged
Iran, North Korea, and Myanmar remain on the black list, with FATF citing no material improvement sufficient for review.

Figure 2: Summary of all FATF list changes confirmed at the June 17–19, 2026 Plenary.

For businesses that already track FATF developments closely, this Plenary is best read alongside our earlier coverage of the February 2026 FATF Plenary, where Algeria and Namibia were first flagged as nearing exit and where FATF previewed the cyber-fraud and virtual asset priorities that carried through to June. The two Plenaries form a single continuous story: February set the direction, June delivered the confirmed list changes.

Complete FATF Grey List — June 2026

The table below reflects the full grey list as confirmed at the June 2026 Plenary. All 22 jurisdictions are currently under increased monitoring, each at a different stage of its action plan.

FATF Grey List — Jurisdictions Under Increased Monitoring (June 2026)
Country Status
Iraq Newly Added — June 2026
Bosnia and Herzegovina Newly Added — June 2026
Angola Under Monitoring
Bolivia Under Monitoring
Bulgaria Under Monitoring
Cameroon Under Monitoring
Côte d'Ivoire Under Monitoring
Democratic Republic of the Congo Under Monitoring
Haiti Under Monitoring
Kenya Under Monitoring
Kuwait Under Monitoring
Lao PDR Under Monitoring
Lebanon Under Monitoring
Monaco Under Monitoring
Nepal Under Monitoring
Papua New Guinea Under Monitoring
South Sudan Under Monitoring
Syria Under Monitoring
Venezuela Under Monitoring
Vietnam Under Monitoring
Virgin Islands (UK) Under Monitoring
Yemen Under Monitoring

Figure 3: Complete FATF grey list following the June 17–19, 2026 Plenary. Source: FATF-GAFI.org, Jurisdictions under Increased Monitoring.

Source Note Country listings are drawn from FATF's official publication of Plenary outcomes at fatf-gafi.org. FATF updates this list at every Plenary; businesses should always cross-check the current list against FATF's own publication before making compliance decisions, since listings can change three times a year.

FATF Black List — June 2026

The black list saw no changes at the June 2026 Plenary. All three jurisdictions carry the same "Call for Action" designation they have held for multiple review cycles, reflecting FATF's assessment that counter-measures remain warranted rather than simply increased monitoring.

FATF Black List — High-Risk Jurisdictions Subject to a Call for Action
Country FATF Action Type
Iran Call for Action — Counter-Measures
North Korea (DPRK) Call for Action — Counter-Measures, Proliferation Financing Concerns
Myanmar Call for Action — Counter-Measures

Figure 4: FATF black list — unchanged since the June 2026 Plenary. Source: FATF-GAFI.org.

Why Were Iraq and Bosnia and Herzegovina Added?

Iraq's addition followed a mutual evaluation conducted under MENAFATF that identified persistent gaps in beneficial ownership transparency, meaning authorities and financial institutions struggled to reliably identify who ultimately owns and controls legal entities operating in the country. Evaluators also flagged weaknesses in supervisory capacity over banks and money service businesses, limiting Iraq's ability to detect and disrupt illicit financial flows before they move through its financial system. FATF's standard practice is to grant a grey-listed country an agreed timeframe, typically 12 to 24 months, to close these specific gaps through legislative reform and demonstrated enforcement activity.

Bosnia and Herzegovina's listing stemmed from a different cluster of deficiencies, centered on suspicious transaction reporting volumes that evaluators considered too low relative to the size and risk profile of its financial sector, alongside gaps in cross-border cooperation with foreign counterparts on financial crime investigations. Both findings suggest a detection problem rather than a willful enforcement gap, which is a distinction that matters for risk teams calibrating transaction monitoring thresholds for the corridor. In both cases, addition to the grey list does not imply state complicity in money laundering or terrorist financing — it reflects FATF's judgment that the country's institutional safeguards are not yet operating at the standard expected of all member and cooperating jurisdictions.

Why Were Algeria and Namibia Removed?

Algeria's removal closes out a process that began well before June 2026. FATF first flagged Algeria's action plan as "substantially completed" at the February 2026 Plenary, a designation that signals the legislative and regulatory work is done but still needs to be verified through an on-site visit before formal removal. That on-site assessment took place between February and June, and FATF's review confirmed Algeria's reforms — covering areas such as risk-based supervision and beneficial ownership registers — are functioning as intended rather than existing only on paper.

Namibia followed the same two-step path. Like Algeria, Namibia had been identified in February as having substantially completed its action plan, after several years on the grey list addressing deficiencies in its AML/CFT supervisory framework. The June on-site verification confirmed those reforms hold up in practice, and FATF removed Namibia from increased monitoring at the same Plenary. For both countries, the practical lesson for compliance teams is that "substantially completed" status announced at one Plenary is not the same as removal — formal exit only happens after the follow-up Plenary confirms on-site verification, and risk ratings should not be downgraded prematurely based on a substantially-completed announcement alone.

Note: Algeria and Namibia's exit from the grey list does not mean compliance teams should immediately treat both corridors as zero-risk. FATF removal confirms a country has met FATF's minimum AML/CFT standards — it does not eliminate ordinary country and sector-specific risk factors that a risk-based AML program should still account for.

Why Does the FATF Grey List Matter?

FATF has no enforcement power of its own — it cannot fine a bank or shut down a remittance company. Its influence works indirectly, through the fact that virtually every national regulator and most international banks build their own compliance requirements around FATF's recommendations and country lists. That indirect influence is precisely why a grey list addition or removal moves real compliance budgets and real corridor decisions within days of a Plenary announcement.

Higher Compliance Costs

Once a country is grey-listed, financial institutions transacting with that corridor must apply enhanced due diligence, which in practice means additional documentation requirements, more frequent customer reviews, and senior management sign-off on higher-risk relationships. These steps are not optional extras — most national regulators have written FATF-aligned EDD requirements directly into their own supervisory expectations, so the cost increase is not a choice institutions can avoid.

Enhanced Due Diligence Requirements

Enhanced due diligence for grey-listed jurisdictions typically includes verifying the source of funds and source of wealth for customers connected to the corridor, applying lower transaction thresholds for manual review, and conducting more frequent ongoing monitoring rather than relying on standard periodic reviews. For money transfer operators, this often means rebuilding rule sets in their transaction monitoring systems specifically for the newly listed country, rather than relying on generic high-risk-country logic.

Slower International Payments

Correspondent banks routing payments through or to grey-listed jurisdictions frequently add manual review steps before clearing a transaction, which extends settlement times that are otherwise near-instant in many digital corridors. Remittance customers sending money to a newly grey-listed country may notice payments that previously cleared within minutes now taking a day or more, simply because the receiving bank's own compliance team has added a manual check.

Higher Country Risk Ratings

Most AML programs assign a numeric or categorical risk score to every country a business transacts with, and that score directly drives onboarding friction, transaction limits, and review frequency for customers connected to the corridor. A grey list addition typically triggers an automatic upward revision of that score across affected institutions, which can cascade into account closures for legitimate customers whose only connection to the listed country is a passport, a business address, or a family remittance relationship.

Increased Regulatory Scrutiny

National regulators routinely use FATF's grey list as a direct input into their own supervisory priorities, meaning a financial institution with material exposure to a newly listed country should expect more detailed questions in its next regulatory examination. This scrutiny extends beyond the institution's direct dealings with the listed country — examiners often use it as an opportunity to test whether the institution's broader country risk methodology is responsive to FATF updates at all.

Is Your AML Program Ready for the Latest FATF Changes?

RemitSo's compliance infrastructure applies country-risk-calibrated transaction monitoring and real-time sanctions screening, so your program reflects FATF updates the moment they're confirmed — not weeks later.

Talk to Our Compliance Team →

Impact on Banks, Fintechs, and Remittance Companies

The practical impact of a grey list update lands differently depending on where a business sits in the payment chain, but every regulated entity touching a newly listed corridor needs to act within the same general window — before its next internal risk review or regulatory examination, whichever comes first. Money transfer operators with active payout relationships in Iraq or Bosnia and Herzegovina should expect payout partners and correspondent banks to request updated risk assessments, and in some cases additional documentation, before continuing to process volume through those corridors at previous service levels.

Recommended Actions Following a Grey List Update
Update Country Risk Ratings
Revise internal country risk scores immediately to reflect Iraq and Bosnia and Herzegovina's new grey list status, and confirm Algeria and Namibia's ratings are correspondingly lowered rather than left at prior elevated levels. Most regulators expect this update within weeks of a Plenary, not at the next scheduled annual review. Document the date and rationale for the change to support the next regulatory examination.
Recalibrate Transaction Monitoring
Add or adjust monitoring rules specific to Iraq and Bosnia and Herzegovina exposure, including lower review thresholds and additional typology coverage relevant to each jurisdiction's flagged deficiencies. Generic high-risk-country rules are rarely precise enough to satisfy a regulator reviewing a recent grey list addition. Test the new rules against historical transaction data before going live to confirm alert volumes are manageable.
Review Correspondent Banking Exposure
Contact correspondent banks and payout partners with exposure to Iraq or Bosnia and Herzegovina to confirm whether they are changing processing terms, documentation requirements, or settlement timelines as a result of the listing. Some correspondent banks pre-emptively restrict volume to newly listed corridors before formally requesting enhanced due diligence, so early conversation reduces the risk of unexpected payment delays.
Brief Customer-Facing and Compliance Teams
Train frontline staff and compliance analysts on the updated list so customer queries about delayed payments to Iraq or Bosnia and Herzegovina, or questions about Algeria and Namibia's improved status, are answered consistently and accurately. Inconsistent staff messaging on FATF status is a common source of customer complaints and reputational risk after a list update.

Figure 5: Recommended compliance actions following the June 2026 FATF grey list update.

Fintechs and digital-first remittance providers face a particular version of this challenge because their onboarding flows are often built for speed, and enhanced due diligence steps introduced for a newly listed country can disrupt conversion rates if not designed carefully in advance. Banks with correspondent relationships spanning multiple grey-listed corridors typically face the most complex response, since a single Plenary update can simultaneously raise risk on two new corridors while lowering it on two others — requiring coordinated updates across risk, compliance, and relationship management teams rather than a single policy change.

FATF's Risk-Based Approach

FATF does not expect every financial institution to treat every grey-listed country identically, and this is one of the most frequently misunderstood aspects of how the list should be applied. The risk-based approach means a bank with no Iraq-related customers or transaction flow has a materially different compliance obligation than a money transfer operator with an active payout corridor into the country — both must be aware of the listing, but only the latter needs to build dedicated enhanced due diligence procedures around it.

This approach also means listing status is one input among several, not the sole determinant of how a transaction or relationship should be treated. A financial institution's overall risk assessment should still weigh transaction size, customer profile, product type, and delivery channel alongside country status, rather than applying a single blanket rule to every customer connected to a grey-listed jurisdiction. Regulators increasingly examine whether an institution's risk-based approach is genuinely risk-sensitive or whether it defaults to blunt, list-driven decisions that can result in unjustified account closures for low-risk customers — a pattern FATF itself has flagged as an unintended consequence of poorly calibrated de-risking.

Other Key FATF Announcements

Beyond the grey list changes, the June 2026 Plenary confirmed several developments that affect compliance planning over the next two years. The United Kingdom formally takes over the FATF Presidency from July 1, 2026, succeeding Mexico's Elisa de Anda Madrazo, with the UK's nominee leading the organization through its next strategic cycle. A new presidency typically brings shifts in strategic emphasis, and the UK has signaled continuity with the cyber-enabled fraud and virtual asset priorities that have dominated FATF's agenda since 2025.

The Plenary also advanced updates to Recommendation 16, FATF's standard governing payment transparency, often referred to as the Travel Rule. The update continues work toward requiring standardized beneficiary information on cross-border transfers, building on direction set at the February 2026 Plenary, and signals that payment service providers should expect formal consultation and eventual implementation deadlines extending toward the end of the decade. Separately, FATF reaffirmed humanitarian payment exemptions under Recommendation 6, clarifying that sanctions and counter-terrorist-financing measures should not unduly restrict legitimate humanitarian assistance flows into affected regions — a clarification aimed at reducing the chilling effect that overly broad compliance interpretations have had on humanitarian payment corridors in recent years.

Presidency Transition The UK's FATF Presidency begins July 1, 2026, marking the first non-Latin-American presidency since Mexico's two-year term, which concluded with this June Plenary. Source: FATF-GAFI.org Plenary outcomes, June 2026.

Common Myths About the FATF Grey List

Misunderstandings about what grey-list status actually means lead to both under-reaction and over-reaction among financial institutions, and both responses carry real costs. Clearing up the most persistent myths helps compliance teams calibrate a response that is proportionate rather than reflexive.

01

Myth: Grey-listed countries are sanctioned

Fact: Grey listing is a monitoring status, not a sanction. No UN Security Council resolution, asset freeze, or trade embargo follows automatically from FATF grey listing — the obligation created is enhanced due diligence, not prohibition. Institutions that treat grey-listed countries identically to sanctioned ones are applying a more restrictive standard than FATF itself requires, which can mean turning away legitimate, low-risk business unnecessarily.

02

Myth: Businesses must stop all transactions with grey-listed countries

Fact: FATF's guidance explicitly supports continued business with grey-listed jurisdictions under a risk-based approach, not blanket avoidance. Outright de-risking — cutting off an entire country rather than managing individual relationship risk — has been criticized by FATF itself for pushing legitimate financial activity into unregulated channels, which works directly against the financial integrity goals the grey list is meant to serve.

03

Myth: The grey list only matters for banks

Fact: Money transfer operators, fintechs, payment processors, and virtual asset service providers are all expected to apply FATF-aligned due diligence standards, not just deposit-taking banks. Many national MSB and MTO licensing regimes incorporate FATF list status directly into their own AML supervisory expectations, meaning a licensed remittance company faces the same practical compliance obligations as a bank with comparable corridor exposure.

04

Myth: Removal from the grey list means zero AML risk

Fact: Removal confirms a country has met FATF's minimum AML/CFT standards at the time of assessment, not that the country carries no ongoing risk whatsoever. Algeria and Namibia's exit in June 2026 should lower their risk classification relative to grey-listed status, but a risk-based AML program should still apply standard, proportionate due diligence reflecting each country's broader risk profile rather than defaulting to a zero-risk treatment.

Best Practices for Financial Institutions

Institutions that respond well to FATF Plenary updates tend to share a common pattern: they treat list changes as a scheduled, recurring compliance event rather than an unexpected disruption. Building that muscle starts with a small set of disciplined practices applied consistently across every Plenary cycle.

  • Subscribe directly to FATF's official Plenary outcome publications rather than relying solely on secondary news coverage, since list changes are sometimes reported with delays or inaccuracies by intermediary sources.
  • Maintain a documented, repeatable process for updating country risk ratings within days of each Plenary, with clear ownership assigned to a specific compliance role.
  • Calibrate transaction monitoring rules to each newly listed country's specific flagged deficiencies rather than applying generic high-risk-country logic across all grey-listed jurisdictions uniformly.
  • Avoid blanket de-risking of entire grey-listed corridors, and instead apply individualized, risk-based decisions consistent with FATF's own guidance on proportionality.
  • Review correspondent banking and payout partner agreements for clauses that automatically trigger relationship changes upon a FATF listing, so legal and compliance teams are not caught off guard by a counterparty's unilateral response.
  • Train customer-facing staff on every Plenary update so customer communication about payment delays or account reviews remains accurate and consistent.
  • Document the rationale and evidence behind every risk rating change tied to a FATF update, since this documentation is frequently requested during regulatory examinations.
  • Reassess de-risked relationships periodically rather than treating a single grey-list addition as a permanent, unreviewable restriction on a country or customer segment.

How RemitSo Supports FATF-Aligned Compliance

RemitSo's compliance infrastructure is built to absorb FATF Plenary updates without requiring a manual rebuild of risk logic every time a list changes. The platform's transaction monitoring engine applies over 55 corridor-calibrated indicators, which means rules can be adjusted for a newly grey-listed country like Iraq or Bosnia and Herzegovina without disrupting monitoring coverage for the rest of an operator's corridor portfolio. Real-time sanctions screening against more than 40,000 records across eight or more global lists, including OFAC, UN, EU, and HMT, runs continuously alongside fuzzy matching and alias detection, so screening accuracy does not depend on staff manually updating watchlists after every Plenary.

For money transfer operators and fintechs managing exposure across multiple FATF-monitored corridors, RemitSo's tiered KYC and enhanced due diligence workflows allow risk teams to apply exactly the level of scrutiny a corridor warrants, without forcing every customer through the same heavy-handed process regardless of actual risk. Audit-ready regulatory reporting and a timestamped AML/CTF case management trail mean that when a regulator asks how an institution responded to the June 2026 grey list update, the answer is documented automatically rather than reconstructed after the fact. Operators evaluating their current sanctions screening setup against this Plenary's changes can see how RemitSo's AML consulting and platform capabilities fit their specific corridor exposure.

Keep Your Compliance Program Aligned With Every FATF Plenary

RemitSo combines corridor-calibrated transaction monitoring, real-time multi-list sanctions screening, and audit-ready reporting so your AML program reflects FATF updates the moment they're confirmed.

  • 55+ corridor-calibrated monitoring indicators
  • 40,000+ sanctions records across 8+ global lists
  • Fuzzy matching and alias detection
  • Tiered KYC through full enhanced due diligence
  • Timestamped AML/CTF case management
  • Audit-ready regulatory reporting

Frequently Asked Questions

What Compliance Teams Ask About the FATF Grey List

The FATF grey list is the common name for FATF's "Jurisdictions under Increased Monitoring" list, which identifies countries that have agreed with the Financial Action Task Force to fix specific weaknesses in their anti-money laundering and counter-terrorist financing frameworks within a set timeframe. It is not a sanctions list and does not block a country from the global financial system on its own. Inclusion signals that FATF has identified concrete deficiencies — such as gaps in beneficial ownership transparency or suspicious transaction reporting — and is actively tracking the country's progress toward fixing them. Financial institutions worldwide are expected to apply enhanced due diligence to transactions and relationships connected to grey-listed countries as a result.

Iraq and Bosnia and Herzegovina were added to the FATF grey list at the Plenary held June 17–19, 2026, in Paris. Iraq's listing followed mutual evaluation findings on beneficial ownership transparency and supervisory capacity gaps, while Bosnia and Herzegovina's listing reflected deficiencies in suspicious transaction reporting volumes and cross-border cooperation. Both countries have agreed to a formal FATF action plan with specific deadlines for remediation. Earlier in 2026, the February Plenary had added Kuwait and Papua New Guinea, meaning the grey list saw four total additions across the year's first two Plenaries.

Algeria and Namibia were removed from the FATF grey list at the June 17–19, 2026 Plenary, after both countries completed on-site verification confirming their AML/CFT reforms were functioning effectively. Both had been flagged as having "substantially completed" their action plans at the earlier February 2026 Plenary, but formal removal only happens once FATF confirms through an on-site assessment that the reforms work in practice, not just on paper. This two-Plenary pattern — substantial completion noted first, removal confirmed later — is standard FATF process and applies to most countries exiting the grey list. Businesses with existing exposure to Algeria or Namibia should update their internal country risk ratings to reflect the removal rather than continuing to apply grey-list-level enhanced due diligence by default.

As of the June 2026 Plenary, 22 jurisdictions are on the FATF grey list under increased monitoring. The list changes at every Plenary, held three times a year in February, June, and October, so the count and composition can shift multiple times within a single year. Businesses should always verify the current list directly against FATF's official publication at fatf-gafi.org rather than relying on a fixed number from a previous Plenary, since even a small lag can mean working from an outdated list. The next scheduled update will come at the October 2026 Plenary, the first to be chaired under the UK's incoming FATF Presidency.

As of June 2026, the FATF black list — formally "High-Risk Jurisdictions subject to a Call for Action" — includes three countries: Iran, North Korea, and Myanmar. This list saw no changes at the June 2026 Plenary. Unlike the grey list, black-listed countries face a FATF call for counter-measures rather than simply enhanced due diligence, which in practice often leads correspondent banks to restrict or exit relationships connected to these jurisdictions entirely. Iran and North Korea have held this status for years, while Myanmar was added in October 2022 following the deterioration of its financial sector oversight.

No, FATF grey listing is a monitoring status, not a sanction. Grey-listed countries are not subject to a UN Security Council resolution, asset freeze, or trade embargo as a direct result of their FATF status. What changes is the level of due diligence financial institutions are expected to apply when dealing with customers, transactions, or relationships connected to that country. This distinction matters because treating grey-listed countries identically to sanctioned ones can lead institutions to turn away legitimate, low-risk business unnecessarily, which runs counter to FATF's own risk-based approach guidance.

Most national regulators expect financial institutions to update country risk ratings within days to a few weeks of a FATF Plenary announcement, not at the institution's next scheduled annual review. Waiting for a routine review cycle to reflect a grey list change is a common finding in regulatory examinations, since it suggests the institution's risk management process is not responsive to material external developments. Best practice is to maintain a documented, repeatable internal process — with clear ownership assigned to a specific compliance role — that triggers automatically whenever FATF publishes Plenary outcomes. Institutions using automated, corridor-calibrated transaction monitoring systems can typically implement these updates faster than those relying on fully manual risk rating processes.

Money transfer operators stay compliant most effectively by using transaction monitoring and sanctions screening infrastructure that can be recalibrated for a newly listed corridor without rebuilding rules for every other corridor in their portfolio. A platform with corridor-calibrated indicators allows compliance teams to apply proportionate enhanced due diligence to a specific newly grey-listed country, such as Iraq or Bosnia and Herzegovina, while keeping processing speeds unchanged for unaffected corridors. This avoids the common failure mode of applying blanket, overly cautious restrictions across an entire payment book just because one corridor's risk profile changed. RemitSo's platform is built specifically to support this kind of targeted, risk-based response to FATF Plenary updates.

Build AML Compliance That Keeps Pace With Every FATF Plenary

From corridor-calibrated transaction monitoring to real-time sanctions screening, RemitSo gives MTOs and fintechs the infrastructure to respond to FATF updates without disrupting their payment operations.

Explore RemitSo AML Compliance →

Kenya Remittance Market 2026 Trends, Regulations, Growth & Opportunities

Continue Reading

How to Reduce Transaction Failures in Last-Mile Delivery Systems

Continue Reading

WhatsApp Icon