Know Your Finance (KYF) is a cornerstone for Saudi businesses and their global counterparts,...
In today's dynamic business environment in Saudi Arabia, safeguarding against financial crime starts with mastering global standards for due diligence and Know Your Customer (KYC). Below we provide an overview of essential international best practices to pay attention to. We also offer actionable insights to strengthen your defences and a downloadable comprehensive guide that can help you navigate due diligence with ease.
International standards and best practices for KYC and due diligence are designed to help businesses identify, assess, and mitigate financial crime risks more effectively.
FATF Recommendations
The Financial Action Task Force (FATF) provides globally accepted guidelines for combating financial crime, including standards on effective measures to implement at both the public and private sector levels. FATF issues 40 Recommendations that set out a comprehensive and consistent framework of measures, including on due diligence and KYC.
Under Recommendation 10 (Customer Due Diligence – Financial Institutions) and Recommendation 22 Customer Due Diligence – DNFBPs), FATF recommends businesses undertake customer due diligence (CDD) measures under certain situations:
- Establishing business relations;
- Carrying out occasional transactions above applicable thresholds;
- There is suspicion of money laundering or terrorist financing; or
- The FI has doubts about the veracity or adequacy of previously obtained customer identification data.
FATF identifies specific CDD measures to be taken, including:
- Customer Identification – Verify the customer’s identity using reliable, independent documents or data.
- Beneficial Ownership – Identify and verify the beneficial owner to ensure the institution understands the ownership and control structure, especially for legal entities.
- Business Purpose – Understand and document the purpose and nature of the business relationship.
- Ongoing Monitoring – Continuously monitor the business relationship and transactions to ensure they align with the customer’s profile and, when needed, verify the source of funds.
Also important is the Middle East and North Africa Financial Action Task Force (MENA FATF), the FATF Style Regional Body covering MENA. The MENA FATF works closely with international bodies like the FATF, IMF, and World Bank. It recognises the FATF's 40 Recommendations as globally accepted international standards, along with other standards adopted by member states. The organisation focuses on promoting collaboration and ensuring compliance with these standards.
As a member of the FATF and MENA FATF, Saudi Arabia undergoes mutual evaluations, which are comprehensive peer reviews conducted by the FATF and its regional bodies to assess how effectively member countries are implementing FATF's 40 Recommendations. Saudi Arabia last underwent an evaluation in 2018, which found that the country was achieving good results in fighting terrorist financing, but needed to focus more on pursuing larger scale money launderers. The Kingdom was placed under an enhanced follow-up process following the adoption of its mutual evaluation, and was given an improved rating in 2020, after the FATF found it had taken a number of actions to strengthen its AML/CFT framework. Saudi Arabia will undergo a new mutual evaluation in 2026.
Wolfsberg Group
The Wolfsberg Group provides best practices for financial crime risk management in the banking sector specifically. These include standards for KYC and due diligence.
- The Correspondent Banking Due Diligence Questionnaire (CBDDQ) and Financial Crime Compliance Questionnaire (FCCQ) covering a wide range of financial crime risks. These questionnaires cover a range of due diligence and KYC topics, including customer identification, entity and beneficial ownership, nature of business, ownership structure, and source of funds.
- The questionnaires also specifically cover adverse media screening, PEPs screening, sanctions, transaction monitoring, and suspicious transaction reporting.
Gulf Cooperation Council (GCC)
Saudi Arabia is a member of the Gulf Cooperation Council, which has established AML/CFT expectations for member countries. The GCC aligns with international standards, particularly FATF standards, and member countries cooperate on AML/CFT measures. GCC emphasizes CDD and KYC as a critical component of effective AML efforts, including:
- Customer Identification – Verify customer identities using official government documents (e.g., national ID, passport).
- Beneficial Ownership – Identify ultimate beneficial owners (UBOs) and ensure transparency in corporate structures
- Risk-Based Approach – Tailor CDD measures based on customer risk profiles, applying enhanced due diligence (EDD) for high-risk individuals or entities.
- Purpose and Nature of Business Relationship – Document the intended nature of customer relationships and transactions.
Other Standards to Consider
A range of other organizations provide international standards that incorporate some financial crime due diligence elements. These include:
- The Basel Committee on Banking Supervision (BCBS) offers risk management and compliance principles for banks, including due diligence for customer identification.
- The International Monetary Fund (IMF) publishes reports and technical assistance guides on implementing effective AML/CFT measures, often aligning with FATF standards.
- The Organization for Economic Cooperation and Development (OECD) focuses on combating bribery and corruption at the global level and provides principles relevant to due diligence in cross-border transactions.
- The International Organization of Securities Commissions (IOSCO) sets out global standards for securities regulation and financial markets, offering recommendations for due diligence in the context of securities trading and asset management.
