Complete List of AML Regulations and Regulators

Despite the globalization of anti-money laundering efforts, the current state of AML regulations and regulators remains rather fragmented. Even if you manage to comply with global and domestic regulations, this does not particularly protect you from potential penalties issued by other jurisdictions. Furthermore, there are other potential repercussions you may face such as reputational damage. In this post, we will elaborate on the key AML regulations and regulators. 

Why Understanding Global AML Regulations Matters in 2025?

First, let’s start with the importance of global AML regulations. Money laundering and terrorist financing attempts are becoming increasingly global with each passing year due to factors such as cryptocurrencies, fintech innovations, rapid cross-border payments and digital banking. While there are global standards like the FATF (Financial Action Task Force) Recommendations, the fact that each jurisdiction implements them differently can easily lead to complications. 

Furthermore, each year fines issued due to non-compliance with AML regulations total hundreds of millions of dollars and avoiding these penalties is becoming increasingly complex. Moreover, reputational damage and loss of customer trust that come with these multiply the severity of these repercussions even more. Regulators are also increasingly holding senior managers, compliance officers, and board members accountable for non-compliance, which makes it an individual risk at the same time.

Complete List of AML Regulators and Regulations (2025 Update) 

Let’s start with the regulator that sets the global standards: the FATF. As we have mentioned in the previous section, the Financial Action Task Force sets the baseline for global AML efforts and expects its members to comply with its 40 Recommendations. 

In Australia, AUSTRAC (Australian Transaction Reports and Analysis Centre) serves as the national FIU and the main AML regulator. AUSTRAC enforces The AML/CFT Rules, which are subsidiary legislative instruments made under the AML/CFT Act.

In Brazil, COAF (Council for Financial Activities Control), which is the FIU of the country, and BCB (Central Bank of Brazil) oversee financial activities. The foundational AML law in Brazil is the Law No. 9,613/1998, which also led to the creation of COAF. Besides this law, Law 12,683/2012 and Circular 3,978/2020 have further expanded its scope. 

In Canada, FINTRAC (Financial Transactions and Reports Analysis Centre of Canada) is the country’s FIU (Financial Intelligence Unit) and AML regulator. Its primary legislation is PCMLTFA (Proceeds of Crime and Terrorist Financing Act), which establishes the AML obligations for financial institutions and DNFBPs (Designated Non-Financial Businesses and Professions).

In China, the PBoC (People’s Bank of China) is the primary AML authority and the main regulation is the Anti-Money Laundering Law of the PRC. It was first enacted in 2006 and was later revised in 2024 and 2025. 

In the EU, AMLA (EU Anti-Money Laundering Authority) and EBA (European Banking Authority) are its key regulators. However, there are additional regulators and regulations for each country. For example, TRACFIN (Traitement du Renseignement et Action contre les Circuits Financiers clandestins) serves as France’s national FIU and CMF (Code monétaire et financier) is the key AML framework of the country.

In Hong Kong, JIFU (Joint Financial Intelligence Unit) serves as the country’s FIU and HKMA (Hong Kong Monetary Authority) serves as the AML/CFT supervisor. For obligated entities, AMLO (Anti-Money Laundering and Counter-Terrorist Financing Ordinance) is the main AML/CFT law. 

In India, there are three key AML regulators: ED (Enforcement Directorate), FIU-India (Financial Intelligence Unit - India), and RBI (Reserve Bank of India). However, SEBI (Securities and Exchange Board of India) and IRDAI (Insurance Regulatory and Development Authority of India) have also significant roles. These institutions control and regulate AML under the Prevention of Money Laundering Act 2002.

In Indonesia, there are three key authorities when it comes to AML. On the one hand, PPATK (Pusat Pelaporan dan Analisis Transaksi Keuangan) serves as the country’s FIU, and on the other hand, OJK (Otoritas Jasa Keuangan) and Bank Indonesia supervise the obligated entities for AML/CFT compliance. There are three main legal frameworks in Indonesia: Law 8/2010, Law 9/2013, and OJK Regulation No. 8/2023.

In Japan, the JFSA (Financial Services Agency) and the JAFIC (Japan Financial Intelligence Center) enforce the AML regulations. Japan’s AML framework is based on APTCP (Act on the Prevention of Transfer of Criminal Proceeds), FEFTA (Foreign Exchange and Foreign Trade Act), Act on Punishment of Organized Crimes and Control of Proceeds of Crime, and FIEA (Financial Instruments and Exchange Act).

In Malaysia, mainly the BNM (Bank Negara Malaysia) oversees the AML efforts. However, there are other supervisory bodies such as Securities Commission Malaysia and the Labuan Financial Services Authority as well. The primary act on AML in Malaysia is Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001.

In Mexico, Unidad de Inteligencia Financiera serves as the FIU. On the other hand, CNBV (Comisión Nacional Bancaria y de Valores) is the main authority responsible for overseeing compliance with AML regulations in the financial sector. LFPIORPI, which is commonly referred to as the AML Law, LGSNSP, and RSTVA establish the core of Mexico’s AML/CFT framework. 

In the Philippines, AMLC (Anti-Money Laundering Council) is both the country’s FIU and the main AML/CFT authority. AMLC regulates AML efforts primarily under the Republic Act No. 9160 and the Anti-Terrorism Act of 2020 (Republic Act No. 11479).

In Qatar, QFIU (Qatar Financial Information Unit), QCB (Qatar Central Bank), and QFCRA (Qatar Financial Centre Regulatory Authority) are the main AML/CFT authorities. The country’s AML/CFT framework is underpinned by the AML/CFT State Law No. (20) of 2019, which defines the offenses, assigns duties and obligations.

In Russia, Rosfinmonitoring and Bank of Russia are the key AML authorities against financial crimes. The most important three laws in Russia are Federal Law NO. 115-FZ (On Countering Legalization of Proceeds of Crime and Financing of Terrorism), CBR Provision NO. 375-P, and Criminal Code - Art. 174 / 174.1 / 205.1.  

In Saudi Arabia, Saudi Anti-Money Laundering Committee and SAMA (Saudi Central Bank) are the most prominent AML regulators. There are four major laws and regulations in the country: The Law of Combating Terrorist Crimes and its Financing, The AML Law October 2017, Anti-Money Laundering Law, and Combating Terrorism and Financing of Terrorism Law.

In Singapore, the primary AML regulator is the MAS (Monetary Authority of Singapore) and the main AML regulation in Singapore is the CDSA (Corruption, Drug Trafficking, and other Serious Crimes Act 1992). The MAS enforces regulations through specific notices such as MAS Notice 626 and MAS Notice PSN01.

In South Africa, there are several key authorities such as FIC (Financial Intelligence Centre), SARB (South African Reserve Bank), and FSCA (Financial Sector Conduct Authority). Its core legal framework consists of Financial Intelligence Centre Act, Money Laundering and Terrorist Financing Control Regulations, Prevention of Organized Crime Act, and General Laws (Anti-Money Laundering and Combating Terrorism Financing) Amendment Act.

In South Korea, KoFIU (Korea Financial Intelligence Unit) is the main authority for AML enforcement. There are four major acts of AML/CFT legislation: FTRA (Financial Transaction Reports Act), Act on Special Cases Concerning the Prevention of Illegal Trafficking in Narcotics, Act on Regulation and Punishment of Criminal Proceeds Concealment, and Act on Prohibition against the Financing of Terrorism and Proliferation of Weapons of Mass Destruction. 

In Switzerland, MROS (Money Laundering Reporting Office Switzerland) is the country’s FIU and FINMA (Swiss Financial Market Supervisory Unit) is the primary regulator for obligated entities. While AMLA (Anti-Money Laundering Act) establishes the fundamental obligations, FINMASA (Financial Market Supervision Act) grants enforcement authority to the FINMA. FINMA also issued a detailed ordinance in relation to AMLA, which is called FINMA AMLO (Anti-Money Laundering Ordinance).

In Turkey, MASAK (Financial Crimes Investigation Board) oversees the obligated entities. The Law on the Prevention of Laundering Proceeds of Crime No. 5549 and the Law on the Prevention of Terrorism Financing No.6415 are the main regulations of the AML efforts.

In the UK, the AML landscape is a little similar to the U.S. in terms of regulatory fragmentation. It is possible to count numerous authorities who are responsible for overseeing AML compliance such as the FCA (Financial Conduct Authority), the HMRC (HM Revenue & Customs), and the NCA (National Crime Agency). These regulators enforce regulations such as the Proceeds of Crime Act 2002 and Money Laundering Regulations 2017.

In the United Arab Emirates, the CBUAE (Central Bank of the United Arab Emirates) leads the combat against money laundering and financial crimes. The principal legislation in the UAE is the Federal Decree-Law No.20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism.

In the U.S., despite its fragmented system, the main AML regulatory authority is FinCEN (Financial Crimes Enforcement Network). It enforces several regulations such as the BSA (Bank Secrecy Act), CDD (Customer Due Diligence) Rule, the USA PATRIOT Act, BOI (Beneficial Ownership Information) Rule, Corporate Transparency (CTA) Act, and other related regulations. 

Differences Between AML Regulators and FIUs

AML regulators and Financial Intelligence Units often operate within the same AML/CFT ecosystem and have complementary functions. However, there are specific differences between them. 

AML regulators usually act as supervisory and enforcement authorities, which means they ensure that obligated entities are complying with AML/CFT laws and regulations. On the other hand, the purpose of the Financial Intelligence Units is often to collect, analyze, and disseminate financial information. 

When it comes to their relationship to law enforcement, regulators may also refer cases to law enforcement, but they often focus on compliance and governance failures. FIUs are usually responsible for providing analyzed intelligence to authorities to support investigations and prosecutions. 

How RegTech Helps Meet Multi-Jurisdictional AML Requirements

Each jurisdiction enforcing its own AML laws can easily result in many overlaps and complications. You can use RegTech tools like Sanction Scanner to bridge these frameworks so that you can remain simultaneously compliant with regulators such as FinCEN, the FCA, and the EU authorities. 

Furthermore, AML laws evolve continuously due to the dynamic landscape of financial crime. Many RegTech solutions use engines and integrations to update lists, thresholds, and requirements in real time. With these solutions, you can stay up-to-date with whatever change comes up with minimal manual effort. 

Several RegTech companies also allow you to automate AML workflows so that you can remain consistent through necessary procedures such as SAR/STR reporting, and screening of sanctions, PEP, and adverse media, which will make things easier for you in future audits and investigations. 

Last but not least, if you are aiming to achieve global AML compliance, you will most likely need to screen names in multiple languages and alphabets, which is a key requirement of FATF. RegTech businesses that offer AI-driven fuzzy matching can identify equivalent or similar names across transliterations. This way, you can avoid false positives due to spelling variations or transliteration differences and remain compliant.

Checklist: Are You Compliant with AML Regulations in Your Country?

Even though there are incremental differences between jurisdictions, we have listed the most common requirements below. This way, you can have a rough idea of your current compliance status. 

• You have identified the AML laws and the authority
• You have appointed a Compliance Officer
• You have clearly documented the roles, responsibilities, and escalation paths
• Senior managers regularly review the AML risks and reports
• You conducted a documented AML/CFT risk assessment based on factors such as customers, geography, products, and delivery channels
• You have a risk-based approach (RBA)
• You apply proper Customer Due Diligence (CDD) processes to verify customer identity before establishing business relationships
• You collect and verify the beneficial ownership information
• You perform Enhanced Due Diligence (EDD) for high-risk customers
• You screen your customers against sanctions lists, PEP lists, and adverse media
• After onboarding, you conduct ongoing monitoring
• You have threshold triggers for certain transaction amounts
• You have a transaction monitoring system
• Your staff is well-equipped to detect suspicious activities and escalate
• You promptly file Suspicious Transaction Reports (SARs/STRs)
• You maintain audit trails and relevant documentation for the legally required period
• You regularly conduct independent AML audits