KYC, KYB & AML compliance checklist
Algeria KYC, KYB & AML
A source-backed 2026 implementation dataset for customer and business verification in Algeria. It incorporates Law No. 25-10's July 2025 AML/CFT/CPF amendments, the beneficial-owner register, current Banque d'Algerie controls, CTRF e-DS reporting, payment-service licensing, targeted financial sanctions and the personal-data framework as amended by Law No. 25-11.
- Reviewed
- 16 July 2026
- Version
- 1.0
- control areas
- 11
- implementation checks
- 41
Direct answer
What does the Algeria compliance checklist cover?
The Algeria checklist translates primary KYC, KYB and AML rules into 11 control areas and 41 implementation checks. It identifies the relevant authorities, customer and beneficial-owner controls, reporting duties, recordkeeping expectations and evidence teams should retain.
Key regulatory facts
- Primary AML/CFT/CPF law
- Law No. 05-01, most recently amended by Law No. 25-10 of 24 July 2025
- Financial intelligence unit
- Cellule de Traitement du Renseignement Financier (CTRF)
- STR timing
- As soon as suspicion exists, including after execution when necessary; send supplemental information without delay
- STR method
- CTRF e-DS secure online platform and the prescribed CTRF declaration format
- Core AML retention
- At least 5 years from account closure, relationship end or transaction execution, according to record class
- Beneficial-owner register
- 20% ownership or voting rights, then other control, then legal-representative fallback
- BO filing deadline
- Within 1 month after formation or registration and within 1 month after a relevant change
- Bank customer refresh
- At least annually for high risk; maximum 3 years for medium risk and 5 years for low risk under Instruction No. 04-2026
- Cross-border wires
- USD 1,000 equivalent threshold for full verified originator and beneficiary information under Instruction No. 04-2024
- Virtual assets
- Issuing, buying, selling, using, holding, trading, promoting, mining and operating exchange platforms are prohibited by Law No. 25-10
- Targeted sanctions
- Freeze or seize without delay and without prior notice; prevent funds or services being made available and notify the competent bodies
- FATF status
- Removed from increased monitoring on 19 June 2026
Implementation detail
Algeria compliance requirements and actions
Open each control area to review the requirement, recommended implementation action, evidence to retain and the primary-source citation used by the research team.
01Scope, authorities and regulated activitiesStart with the entity, product and authority perimeter. The statute is cross-sector, while Banque d'Algerie and other supervisory instruments apply only within their defined scope.4 items+
Law No. 05-01 covers financial institutions and the listed non-financial businesses and professions, including the expanded categories in Law No. 25-10.
- Implementation action
- Map every legal entity, product, channel and professional activity to the statutory reporting-person category and competent regulator before designing controls.
- Evidence to retain
- Signed perimeter memorandum, entity-product matrix, licence records and supervisor map.
- Primary citation
- Law No. 05-01, art. 4, as amended by Law No. 25-10
CTRF is the specialised financial-intelligence body and the exclusive recipient of suspicious transaction reports.
- Implementation action
- Assign controlled CTRF contacts, e-DS access, report-approval authority and an escalation route that remains available outside normal business hours.
- Evidence to retain
- CTRF reporting procedure, e-DS registration, user-access register and escalation roster.
- Primary citation
- Law No. 05-01, arts. 15 bis and 27; CTRF e-DS notice
Regulation No. 24-03 applies to banks, financial institutions and Algerie Poste. Regulation No. 25-14 extends proportionate AML/CFT/CPF duties to bureaux de change and payment-service providers.
- Implementation action
- Label every Banque d'Algerie control by sector and apply it only where the instrument places the entity within scope.
- Evidence to retain
- Sector applicability matrix, licence classification, approved control mapping and legal review.
- Primary citation
- Banque d'Algerie Regulations Nos. 24-03 and 25-14
A payment-service provider must be an Algerian company authorised and accredited by the Governor of Banque d'Algerie under Regulation No. 25-02; its registered office, payment platform and redundancies must be hosted in Algeria.
- Implementation action
- Do not offer regulated payment services before authorisation and accreditation. Confirm the service, capital, governance, hosting, safeguarding and operating perimeter in the application.
- Evidence to retain
- Authorisation and accreditation, application file, service map, hosting architecture and licence conditions.
- Primary citation
- Banque d'Algerie Regulation No. 25-02, arts. 1-4; Instructions Nos. 03-2025 and 06-2025
02Governance, risk assessment and control ownershipControls must follow documented ML, TF and proliferation-financing risk and be owned, tested and updated.4 items+
Reporting persons must identify, assess, understand and mitigate ML, TF and proliferation-financing risks consistently with national and sector assessments.
- Implementation action
- Maintain enterprise, product, customer, geographic and delivery-channel risk assessments and link the results to onboarding, monitoring, EDD and sanctions controls.
- Evidence to retain
- Risk methodology, data inputs, assessment, mitigation plan and governance approval.
- Primary citation
- Law No. 05-01, arts. 5 bis to 5 bis 3, as amended by Law No. 25-10
Covered Banque d'Algerie institutions must maintain risk-based governance, customer-acceptance rules, internal controls, employee screening, training, compliance oversight and independent testing.
- Implementation action
- Assign accountable management and compliance roles, approve the control framework and test design and operating effectiveness on a risk-based schedule.
- Evidence to retain
- Appointments, charters, policies, training logs, monitoring plan, audit reports and remediation tracker.
- Primary citation
- Regulation No. 24-03; Instruction No. 03-2024
New products, technologies and non-face-to-face channels require a documented risk assessment and proportionate controls before launch.
- Implementation action
- Assess impersonation, fraud, cyber, privacy, sanctions and AML risks before enabling the product or channel; gate production on accepted residual risk.
- Evidence to retain
- Pre-launch risk assessment, threat model, vendor due diligence, test results and launch approval.
- Primary citation
- Instruction No. 03-2024; Regulation No. 24-03
Simplified vigilance is available only where a documented low risk is established and no suspicion exists; higher risk requires reinforced measures.
- Implementation action
- Define approval criteria, prohibited simplifications, evidence requirements and automatic escalation triggers for each risk tier.
- Evidence to retain
- Risk-tier policy, decision rules, approvals, samples and exception log.
- Primary citation
- Law No. 05-01, art. 5 bis 3; Instruction No. 04-2026
03Natural-person CDD and failed verificationIdentity must be verified from reliable independent evidence at every statutory trigger, with a documented outcome when verification fails.3 items+
CDD is required when establishing a relationship, for occasional or linked transactions above the regulatory threshold, for qualifying occasional electronic transfers, whenever suspicion exists and whenever prior identity data are doubtful.
- Implementation action
- Configure relationship, transaction, aggregation, transfer, suspicion and refresh triggers. Keep numeric thresholds in a controlled regulatory register rather than hard-coding an unsupported universal amount.
- Evidence to retain
- CDD trigger matrix, threshold register, aggregation tests, workflow rules and exception reports.
- Primary citation
- Law No. 05-01, art. 7, as replaced by Law No. 25-10
Identify and verify each natural person and representative from reliable independent evidence, verify authority to act and understand the relationship's purpose, expected activity and economic profile.
- Implementation action
- Validate current official identity and address evidence, the mandate, expected flows, countries, counterparties and source of funds where appropriate.
- Evidence to retain
- Identity and authenticity results, mandate, customer profile, expected-activity baseline, source evidence and risk rationale.
- Primary citation
- Law No. 05-01, art. 7; Banque d'Algerie Instruction No. 04-2026
Anonymous or fictitious-name accounts are prohibited, and verification normally precedes activation or execution. Any permitted deferral must be low risk and tightly controlled. If customer or beneficial-owner identification cannot be completed, refuse or stop the relationship or transaction, close an existing account where required and consider an STR.
- Implementation action
- Default to pre-activation verification. Route failed or overdue CDD to decline, restriction or exit and require a recorded CTRF-reporting decision without tipping off the customer.
- Evidence to retain
- Account-opening rules, deferral approval, completion report, failure reason, decline or closure and STR decision.
- Primary citation
- Regulation No. 24-03, arts. 6, 17 and 19; Instruction No. 04-2026
04KYB, commercial registry and beneficial ownershipLegal existence, authority and beneficial ownership are separate tests. Registry data must be reconciled with independent ownership and control evidence.4 items+
For a legal person, obtain its legal name, form, registered office, NIF, NIS, statutes, commercial registration, licence, managers, shareholders or members, representatives and activities.
- Implementation action
- Collect current official formation and registry evidence, verify signatory authority and reconcile all material fields against independent sources.
- Evidence to retain
- CNRC extract, statutes, NIF/NIS, licence, management list, mandate and discrepancy log.
- Primary citation
- Banque d'Algerie Instruction No. 04-2026
Identify the natural person who ultimately owns or controls at or above the applicable threshold, then test control by other means and use the senior-management fallback only when no natural person is identified through the first two steps.
- Implementation action
- Trace every ownership layer, calculate direct and indirect interests, test factual and legal control and document any fallback.
- Evidence to retain
- Ownership chart, calculations, control analysis, source records and verified BO files.
- Primary citation
- Law No. 05-01, art. 7 bis, as replaced by Law No. 25-10; Instruction No. 03-2024
Decree No. 23-429 defines the register cascade as at least 20% of capital or voting rights, then factual or legal control, then the legal representative.
- Implementation action
- Apply the 20% register test accurately and do not stop at ownership where another person exercises effective control.
- Evidence to retain
- Percentage calculation, other-control analysis, legal-representative fallback and approval.
- Primary citation
- Executive Decree No. 23-429, art. 8
An Algerian legal person must declare each beneficial owner to CNRC within one month after formation or registration and within one month after a change, then keep a matching, continuously updated internal register for at least five years after expiry or dissolution. State-majority and public-law entities are outside Decree No. 23-429's scope.
- Implementation action
- File a separate declaration for every BO, reconcile it to the internal register and document any exemption before treating the entity as outside the decree.
- Evidence to retain
- CNRC submission and receipt, internal BO register, reconciliation, retention control and exemption analysis.
- Primary citation
- Law No. 05-01, art. 8 bis; Executive Decree No. 23-429, arts. 4-6 and 9-11; CNRC Sidjilcom
05PEPs, enhanced due diligence and remote onboardingHigher-risk and politically exposed relationships require additional evidence, accountable approval and closer monitoring.4 items+
Determine whether a prospective or existing customer or beneficial owner is a domestic, foreign or international-organisation PEP, family member or close associate.
- Implementation action
- Screen before activation and continuously, resolve matches using reliable evidence and record the relationship and role analysis.
- Evidence to retain
- Screening result, match disposition, role evidence, relationship analysis and review date.
- Primary citation
- Law No. 05-01, art. 7 bis 1, inserted by Law No. 25-10
For a PEP relationship, take reasonable measures to establish source of funds and source of wealth, obtain approval from the legal person's decision-making body and apply enhanced continuous monitoring.
- Implementation action
- Collect and corroborate wealth and funds evidence, obtain approval before starting or continuing and configure enhanced review and monitoring.
- Evidence to retain
- Source-of-wealth and source-of-funds file, approval, monitoring plan and review history.
- Primary citation
- Law No. 05-01, art. 7 bis 1
High-risk relationships require additional information, reliable independent corroboration, more frequent refresh, closer monitoring and management approval. Under Instruction No. 04-2026, reviews are at least annual for high risk, within three years for medium risk and within five years for low risk.
- Implementation action
- Configure risk-based refresh clocks and event triggers, with overdue restrictions and documented approval for high-risk relationships.
- Evidence to retain
- Refresh policy, due-date configuration, completed reviews, event log and overdue dashboard.
- Primary citation
- Law No. 05-01, art. 7; Banque d'Algerie Instruction No. 04-2026
Non-face-to-face onboarding is a risk factor and does not reduce identification, verification, sanctions or PEP duties.
- Implementation action
- Use proportionate document-integrity, liveness or presence, device, fraud and manual-escalation controls and validate them before production.
- Evidence to retain
- Remote-onboarding standard, vendor assessment, performance tests, fraud cases and exception log.
- Primary citation
- Instruction No. 03-2024; Instruction No. 04-2026
06Ongoing monitoring, STRs and prohibited disclosureMonitoring must detect activity inconsistent with the known profile and route suspicion promptly and confidentially to CTRF.5 items+
Conduct ongoing monitoring and keep customer and beneficial-owner information current throughout the relationship.
- Implementation action
- Compare activity with the customer's profile, purpose, risk and source of funds, and trigger refresh after material identity, ownership, activity or risk changes.
- Evidence to retain
- Monitoring scenarios, alert decisions, profile-change log, refresh history and governance metrics.
- Primary citation
- Regulation No. 24-03; Instruction No. 04-2026
Examine complex, unusually large, atypical or apparently purposeless activity and preserve the analysis.
- Implementation action
- Document the background, economic purpose, counterparties, funds flow, corroboration and final decision, including why an STR was or was not filed.
- Evidence to retain
- Investigation file, transaction data, supporting documents, decision and reviewer sign-off.
- Primary citation
- Regulation No. 24-03; Instruction No. 03-2024
Submit an STR to CTRF as soon as suspicion exists, even when the transaction cannot be suspended or was already executed. Report attempted activity and provide information that reinforces or refutes the suspicion without delay.
- Implementation action
- Timestamp suspicion formation, submit through the current CTRF route, preserve the receipt and send supplemental information promptly.
- Evidence to retain
- Suspicion timestamp, STR, e-DS receipt, case reference and supplemental submissions.
- Primary citation
- Law No. 05-01, art. 20; Regulation No. 24-03, arts. 25-27
CTRF's e-DS secure online platform is the current published electronic declaration route. Reports must use the prescribed CTRF form and content.
- Implementation action
- Register authorised users, test access, maintain the current form and confirm a contingency route with CTRF if e-DS is unavailable without delaying a legally urgent report.
- Evidence to retain
- e-DS registration, access test, current form, submission receipt and outage escalation record.
- Primary citation
- CTRF e-DS notice of 14 September 2025; Executive Decree No. 06-05
Do not disclose to the customer or a third party that an STR exists, what it contains or what action followed. CTRF may oppose a transaction for up to 72 hours, with any extension requiring judicial authority.
- Implementation action
- Restrict case access, use approved customer communications and implement CTRF opposition and release instructions exactly.
- Evidence to retain
- Access log, confidentiality script, hold timestamp, CTRF notice, court instruction and release record.
- Primary citation
- Law No. 05-01, arts. 17-18 and 32 bis; Regulation No. 24-03, art. 31
07Payments, wires, agents and virtual assetsPayment and transfer controls are sector-specific. Preserve the distinction between PSP licensing, bank-transfer information and the statutory virtual-asset prohibition.3 items+
A PSP may provide only services approved under Regulation No. 25-02. Virtual-asset issuance, purchase, sale, use, holding, trade, promotion, exchange platforms and mining are prohibited; covered institutions must block related activity and report it to CTRF.
- Implementation action
- Map each payment service and agent to the licence, prohibit virtual-asset products and configure detection, blocking and CTRF escalation.
- Evidence to retain
- Licence map, product and agent configuration, virtual-asset prohibition, blocked cases and CTRF receipt.
- Primary citation
- Regulation No. 25-02; Instruction No. 06-2025; Law No. 05-01, art. 6 bis; Regulation No. 24-03, art. 48, as amended
For cross-border electronic transfers of USD 1,000 equivalent or more, covered banks, financial institutions and Algerie Poste must obtain and verify the prescribed originator and beneficiary information.
- Implementation action
- Require complete payer and payee names, account or unique references and the additional verified originator data prescribed by the instruction before execution.
- Evidence to retain
- Payment-field matrix, verification record, message sample, rejection test and audit log.
- Primary citation
- Banque d'Algerie Instruction No. 04-2024
Below USD 1,000 equivalent, cross-border wires still require minimum originator and beneficiary data and risk-based treatment of missing information. No universal automatic cash-threshold report was verified; do not relabel occasional-CDD or cashless-payment thresholds as a CTRF cash report.
- Implementation action
- Configure wire minimum data, missing-data decisions and suspicious-wire escalation. Obtain authority confirmation before building any separate cash-threshold report.
- Evidence to retain
- Threshold register and tests, missing-data queue, decisions, STR receipt and authority confirmation where applicable.
- Primary citation
- Banque d'Algerie Instruction No. 04-2024; Law No. 05-01, art. 7; CTRF reporting index
08Targeted financial sanctionsTargeted sanctions require immediate action independent of the ordinary STR decision path.4 items+
Screen customers, beneficial owners, controllers, representatives, counterparties and transactions against the current UN consolidated list and Algeria's national terrorist list.
- Implementation action
- Screen at onboarding, before relevant transactions, on list changes and after material customer changes, including aliases, transliteration and ownership or control.
- Evidence to retain
- List inventory, update log, screening configuration, test results and match files.
- Primary citation
- Law No. 05-01, art. 20 bis 1; Executive Decrees Nos. 25-101, 25-102 and 25-103; Banque d'Algerie Guideline No. 01/2025
Freeze or seize covered funds and assets without delay and without prior notice and prevent funds, financial services or economic resources from being made available directly or indirectly.
- Implementation action
- Maintain an always-available legal and technical freeze path and do not wait for customer contact, an STR decision or transaction settlement.
- Evidence to retain
- Freeze procedure, system tests, incident timeline, decision record and asset register.
- Primary citation
- Law No. 05-01, art. 20 bis 1; Banque d'Algerie Guideline No. 01/2025
Notify CTRF, the Banking Commission and other competent bodies as required and follow the applicable confirmation, false-positive, delisting, unfreezing and asset-management procedures.
- Implementation action
- Use a controlled notification and escalation matrix and release property only on a valid authority instruction.
- Evidence to retain
- Notification, receipt, authority correspondence, false-positive analysis and release instruction.
- Primary citation
- Banque d'Algerie Guideline No. 01/2025; Executive Decrees Nos. 25-101 to 25-103
A sanctions match and an STR are distinct decisions: implement a mandatory freeze immediately, then assess suspicious reporting separately while preserving confidentiality.
- Implementation action
- Link but do not merge sanctions and STR cases; record the legal basis, decision owner, timing and information barriers for each.
- Evidence to retain
- Decision matrix, linked case records, access controls, STR assessment and audit trail.
- Primary citation
- Law No. 05-01, arts. 20 and 20 bis 1; Regulation No. 24-03
09Records, retention and authority accessRecords must support full reconstruction and be accessible to authorised authorities while remaining confidential.3 items+
Keep customer identity and address documents for at least five years after account closure or relationship end, and transaction documents for at least five years after execution.
- Implementation action
- Map every AML record class to the correct retention event, preserve legal holds and prevent premature deletion.
- Evidence to retain
- Retention schedule, lifecycle configuration, legal-hold procedure and deletion test.
- Primary citation
- Law No. 05-01, art. 14; Regulation No. 24-03, art. 21
Retain CDD, beneficial-ownership, correspondence, account, transaction, wire, analysis and reporting information sufficient to reconstruct the relationship and operation.
- Implementation action
- Preserve source evidence, verification provenance, decisions, message data and changes in a searchable and tamper-evident archive.
- Evidence to retain
- Data-lineage map, immutable logs, sample reconstruction and remediation record.
- Primary citation
- Regulation No. 24-03, art. 21; Instructions Nos. 03-2024 and 04-2024
Professional secrecy cannot be invoked against CTRF for information requested within its mandate, but access to STR and sanctions records must remain tightly restricted.
- Implementation action
- Maintain an authenticated authority-response process, disclosure log and role-based access model for confidential case files.
- Evidence to retain
- Authority-request register, response package, access matrix, disclosure log and retrieval test.
- Primary citation
- Law No. 05-01, arts. 22 and 27
10Privacy, biometrics and international transfersAML necessity does not remove privacy duties. Identity and biometric processing needs a defined legal basis, authority formalities, security and controlled transfers.3 items+
Map each personal-data purpose and complete the applicable prior ANPDP declaration or authorisation. AML necessity does not remove transparency, proportionality or security duties.
- Implementation action
- Record the legal basis and filing route for identity, biometric, transaction, screening and investigation data before production.
- Evidence to retain
- Processing inventory, legal-basis register, ANPDP filing or decision, privacy notice and purpose map.
- Primary citation
- Law No. 18-07, arts. 7-18; ANPDP declaration portal
Appoint a DPO, notify ANPDP, maintain controller and processor registers, secure data and assess biometric KYC. Incident rules are scope-specific: Law No. 25-11's five-day rule is not universal; Article 43 providers notify without delay and other controllers should confirm duties with ANPDP.
- Implementation action
- Maintain DPO, register, security, processor, biometric and incident controls; document the applicable breach rule and notification.
- Evidence to retain
- DPO notice, registers, security design, processor contract, biometric assessment, incident scope analysis and notice.
- Primary citation
- Law No. 18-07, arts. 38-43 and 41 bis to 41 bis 3; Law No. 25-11, arts. 45 bis 6-10
Commercial foreign transfers require ANPDP authorisation and adequate protection, subject to statutory exceptions and the restriction where public security or vital State interests would be harmed.
- Implementation action
- Map hosting and support locations, obtain the applicable approval and contract enforceable recipient safeguards.
- Evidence to retain
- Transfer map, ANPDP authorisation, adequacy assessment, contract, access controls and transfer log.
- Primary citation
- Law No. 18-07, arts. 44-45
11Implementation and audit evidence packA defensible programme links each legal rule to configuration, testing, ownership and dated evidence.4 items+
Run a documented pre-launch regulatory gate covering perimeter, licensing, CDD, BO, PEP, sanctions, monitoring, CTRF reporting, records, privacy, payments and prohibited virtual-asset activity.
- Implementation action
- Block production until accountable owners approve the control design and every material gap has an accepted remediation or launch condition.
- Evidence to retain
- Launch checklist, approvals, test pack, gap register and release decision.
- Primary citation
- Law No. 05-01 as amended; applicable Banque d'Algerie, CNRC and ANPDP instruments
Reliance, agents and outsourcing do not transfer the reporting entity's legal responsibility.
- Implementation action
- Assess each provider, contract immediate access and audit rights, test evidence retrieval, monitor performance and maintain an exit plan.
- Evidence to retain
- Due-diligence file, contract, data-access test, monitoring report, issue log and exit plan.
- Primary citation
- Law No. 05-01; Regulation No. 24-03; Regulation No. 25-02
Track legal and procedural changes from CTRF, Banque d'Algerie, CNRC, ANPDP, the Official Gazette, FATF and MENAFATF.
- Implementation action
- Assign source owners, review official updates on a controlled schedule and assess every change against policies, product rules and existing customers.
- Evidence to retain
- Legal inventory, dated monitoring log, impact assessments, implementation tickets and approvals.
- Primary citation
- Official CTRF, Banque d'Algerie, CNRC, ANPDP, JORADP and FATF publications
Independently test onboarding, BO, PEP, sanctions, payments, monitoring, STR, privacy and retention controls and preserve why each rule is implemented as configured.
- Implementation action
- Run risk-based monitoring and independent assurance, report material findings to governance and verify remediation to closure.
- Evidence to retain
- Control-to-law map, monitoring plan, audit report, issue register, closure evidence and release history.
- Primary citation
- Law No. 05-01, art. 5 bis 3; Regulation No. 24-03; Instruction No. 03-2024

11 control areas and 41 implementation checks, with direct regulatory sources.
Download the Algeria KYC, KYB & AML checklist
Share your work details for immediate access to the source-linked Algeria implementation checklist. Regulatory review date: 16 July 2026.
Get the PDF immediately
Submit your details and the download starts automatically
Reviewed and source-linked
Version 1.0, reviewed 16 July 2026
Trusted by leading compliance teams
Primary-source register
28 sources used for this checklist
Use these links to verify the underlying legislation, regulator guidance, reporting procedures and international status statements.
- Laws and ordinances governing AML/CFT/CPFCTRF · Official legislation index
- Law No. 05-01 on prevention and combating money laundering and terrorist financingCTRF / Republic of Algeria · Primary legislation
- Law No. 25-10 amending Law No. 05-01Official Gazette of Algeria · Primary amending legislation
- Executive Decree No. 23-429 establishing the beneficial-owner public registerOfficial Gazette of Algeria · Primary regulation
- Online beneficial-owner declaration serviceCentre National du Registre du Commerce · Official registry service
- AML/CFT/CPF regulationsBanque d'Algerie · Official regulatory register
- Regulation No. 24-03 on AML/CFT/CPF prevention and controlBanque d'Algerie · Primary regulation
- Regulation No. 25-14 amending Regulation No. 24-03Banque d'Algerie · Primary amending regulation
- Instruction No. 03-2024 on due-diligence obligationsBanque d'Algerie · Primary sector instruction
- Instruction No. 04-2026 on customer knowledgeBanque d'Algerie · Primary sector instruction
- Instruction No. 04-2024 on electronic transfersBanque d'Algerie · Primary sector instruction
- Current AML/CFT/CPF guidelinesBanque d'Algerie · Official guidance register
- Guideline No. 01/2025 on targeted financial-sanctions freezes and seizuresBanque d'Algerie Banking Commission · Official sector guidance
- CTRF e-DS secure online suspicious-reporting platformCTRF · Official reporting procedure
- Suspicious transaction declaration information and formCTRF · Official reporting form
- Executive decrees including current 2025 targeted-sanctions instrumentsCTRF · Official regulation index
- UN Security Council consolidated sanctions listCTRF · Official sanctions-list access
- Algerian national terrorist listCTRF · Official national-list access
- Law No. 18-07 on personal-data protectionOfficial Gazette of Algeria · Primary legislation
- Law No. 25-11 amending the personal-data lawOfficial Gazette of Algeria · Primary amending legislation
- ANPDP personal-data compliance portalANPDP · Official authority portal
- ANPDP processing-declaration portalANPDP · Official filing procedure
- Monetary and Banking Law No. 23-09CTRF / Republic of Algeria · Primary legislation
- Regulation No. 25-02 on authorisation and accreditation of payment-service providersBanque d'Algerie · Primary payment regulation
- Instruction No. 03-2025 on PSP authorisation and accreditation applicationsBanque d'Algerie · Primary licensing instruction
- Instruction No. 06-2025 governing PSP activity and operationsBanque d'Algerie · Primary operating instruction
- Jurisdictions under increased monitoring, 19 June 2026FATF · Official international status statement
- CTRF dissemination of the 19 June 2026 high-risk-country statementsCTRF · Official national dissemination
Direct answers
Algeria KYC, KYB and AML questions
What is Algeria's principal AML/CFT/CPF law?+
Law No. 05-01 of 6 February 2005 is the principal preventive statute. Law No. 25-10 of 24 July 2025 is the latest reviewed amendment and added or strengthened risk-based controls, customer and beneficial-owner due diligence, PEP measures, targeted sanctions, virtual-asset prohibitions and penalties.
Who receives suspicious transaction reports?+
CTRF is the specialised financial-intelligence body and exclusive STR recipient. Its e-DS secure online platform is the current published electronic route, using the prescribed CTRF declaration content.
When must an STR be filed?+
As soon as suspicion exists. The duty can apply after execution where the transaction could not be suspended or later information creates suspicion. Attempted activity and later information reinforcing or refuting the suspicion must also be handled promptly.
Is there a fixed number of days for an STR?+
No general multi-day grace period was identified in the reviewed law. The operative rule is to report as soon as suspicion exists, and covered Banque d'Algerie instruments use immediate or prompt language for relevant suspicious activity.
What beneficial-owner threshold applies?+
Executive Decree No. 23-429 uses at least 20% of capital or voting rights, followed by control through other factual or legal means and then the legal-representative fallback. The percentage is not the only ownership or control test.
When is the beneficial-owner declaration due?+
An Algerian legal person files with the CNRC within one month after formation or registration and within one month after a change. A separate form is required for each beneficial owner, and electronic filing is available.
Can the CNRC register replace independent KYB?+
No. The public register is an important verification source, but a reporting entity must still understand the full ownership and control chain, verify the natural persons and resolve discrepancies against reliable independent evidence.
How often must customer information be refreshed?+
Law No. 25-10 requires risk-proportionate refresh and no more than one year for high-risk customers. Banque d'Algerie Instruction No. 04-2026 specifies at least annual review for high risk, with maximum cycles of three years for medium risk and five years for low risk for institutions within its scope.
What happens when identity cannot be verified?+
The institution should not establish or execute the relationship or transaction, or should close or end the existing relationship where required, and must consider whether the circumstances should be reported to CTRF without alerting the customer.
What rules apply to PEPs?+
Identify PEPs, family members and close associates; establish source of funds and source of wealth; obtain approval from the legal person's decision-making body before starting or continuing; and apply enhanced continuous monitoring.
How long are AML records kept?+
At least five years. Identity and address records run from account closure or relationship end, while transaction records run from execution. The BO register also has a minimum five-year post-expiry or post-dissolution rule.
What is the cross-border wire threshold?+
For covered banks, financial institutions and Algerie Poste, Instruction No. 04-2024 uses USD 1,000 equivalent for the full verified originator and beneficiary information set. Transfers below the threshold still require specified minimum data and verification where suspicion exists.
Are virtual assets licensed in Algeria?+
No licensing route should be inferred. Law No. 25-10 prohibits issuing, buying, selling, using, holding, trading or promoting virtual assets, operating exchange platforms and cryptocurrency mining. Covered institutions must block and report related attempts or transactions.
Does Algeria require an automatic cash-threshold report?+
No universal cash-threshold report was verified in the reviewed current primary sources. Statutory occasional-CDD thresholds and cashless-payment rules must not be relabelled as automatic CTRF cash reports. Obtain current authority confirmation before configuring one.
What happens on a sanctions match?+
Freeze or seize covered assets without delay and without prior notice, prevent funds or services being made available and notify the competent authorities under the applicable procedure. A sanctions freeze must not wait for the separate STR decision.
Do foreign cloud hosting and biometrics require privacy analysis?+
Yes. Map the processing purpose and legal basis, complete the applicable ANPDP declaration or authorisation, assess biometric necessity and security, and obtain ANPDP authorisation before a foreign transfer unless a statutory exception is confirmed.
Does every commercial data breach have a five-day ANPDP deadline?+
The reviewed five-day rule sits within Law No. 25-11's special title for prevention, investigation, prosecution and penal processing, so it should not be presented as a universal commercial deadline. Public communications-network providers have a separate without-delay duty; other controllers should confirm the applicable incident rule with ANPDP.
Is Algeria on the FATF grey list?+
No. FATF removed Algeria from increased monitoring on 19 June 2026 after completion of its action plan. Algeria should continue working with MENAFATF to sustain the improvements, and institutions must still apply their normal documented risk-based controls.
Research and review method
VOVE ID Compliance Research maps the regulatory perimeter, translates obligations into operational controls, links each material claim to a source and records the date and version of every review.
VOVE ID Compliance Research · Reviewed 16 July 2026 · Version 1.0
This checklist is general regulatory information, not legal advice or a licence determination. It reflects sources reviewed on 16 July 2026. Confirm current gazetted law, sector rules, thresholds, filing mechanics and supervisor expectations with Algerian counsel and the competent authority before launch. Sector rules are labelled and must not be applied outside their stated scope. VOVE ID can support evidence collection, screening and audit trails, but the reporting entity remains responsible for risk decisions, customer acceptance, reports and regulatory compliance.