Checklist de conformité KYC, KYB et AML
Égypte KYC, KYB & AML
A general Egypt implementation baseline under Anti-Money Laundering Law No. 80 of 2002 and its Executive Regulations, with separate Central Bank of Egypt and Financial Regulatory Authority overlays. It is not a complete sector checklist; banks, payment and remittance businesses, foreign-exchange companies, non-bank financial institutions and DNFBPs must apply the rules and reporting instructions issued for their regulated activity.
- Revue le
- 15 July 2026
- Version
- 1.0
- domaines de contrôle
- 7
- contrôles d’implémentation
- 45
Réponse directe
Que couvre la checklist de conformité pour Égypte ?
La checklist pour Égypte traduit les principales règles KYC, KYB et AML en 7 domaines de contrôle et 45 contrôles d’implémentation, avec les autorités, obligations de déclaration et preuves à conserver.
Faits réglementaires clés
- Financial intelligence unit
- EMLCU / Egyptian FIU
- Core framework
- AML Law 80/2002 and Executive Regulations
- Record retention
- At least 5 years
- Suspicion reporting
- Immediately once suspicion exists
Détail d’implémentation
Exigences et actions de conformité pour Égypte
Ouvrez chaque domaine pour consulter l’exigence, l’action recommandée, les preuves à conserver et la source primaire utilisée.
01Applicability and governanceDetermine the regulated activity and make the national and sector-specific AML framework operational.7 éléments+
Map AML scope by activity
- Action d’implémentation
- Document whether each product is a bank, payment, money-transfer, foreign-exchange, securities, financing, insurance or other financial activity, or a covered designated non-financial business or profession. Do not infer the rule set from the fintech label alone.
- Preuves à conserver
- Activity, license and AML-scope memorandum
- Source primaire
- AML Law, art. 1; Executive Regulations
Identify the competent supervisor
- Action d’implémentation
- Map each activity to its statutory supervisor. The CBE supervises banks, foreign-exchange companies, money-transfer entities, payment-system operators and payment-service providers. The FRA supervises insurance, capital markets, central depository and clearing, mortgage finance, financial leasing, factoring, consumer finance and MSME finance. The Ministry of Communications supervises Egypt Post's financial services other than payment systems and services. The Ministry of Trade and Industry supervises covered real-estate brokers; the Ministry of Supply and Internal Trade supervises covered precious-metals and precious-stones dealers; the Ministry of Tourism supervises covered casinos; the Egyptian Bar Association supervises covered lawyers; the Commercial Professions Syndicate supervises covered accountants; and GAFI supervises covered trust and company service providers. The EMLCU supervises covered institutions or DNFBPs for which no other supervisor applies.
- Preuves à conserver
- Activity-to-supervisor matrix, licence inventory, applicability memo and named rule owner
- Source primaire
- AML Law, art. 1; Executive Regulations, definitions and art. 22 bis A
Apply the exact DNFBP activity and threshold scope
- Action d’implémentation
- Apply the AML framework to real-estate brokers when buying or selling property for clients; precious-metals and precious-stones dealers conducting cash transactions of USD 15,000 equivalent or more, including linked transactions; casinos conducting transactions of USD 3,000 equivalent or more, including linked transactions; and professional trust and company service providers performing the activities listed in the Executive Regulations. Lawyers and accountants are covered only when preparing or executing for clients the purchase or sale of real estate; management of funds, securities or other assets; management of bank, savings or securities accounts; organisation of contributions for forming, operating or managing companies; or creation, operation, management, purchase or sale of legal persons, arrangements or businesses. Do not extend this automatically to ordinary litigation or legal advice. When a lawyer, accountant or similar agent supplies CDD information, professional secrecy cannot be invoked to avoid the CDD requirement.
- Preuves à conserver
- DNFBP applicability assessment, linked-transaction aggregation, client-matter classification and CDD evidence
- Source primaire
- AML Law, art. 1; Executive Regulations, definitions and art. 22 bis A
Appoint an AML/CFT manager and alternate
- Action d’implémentation
- Appoint a responsible AML/CFT manager and qualified alternate from senior management. Give both the independence, confidentiality, authority and access required by Articles 35 to 37, and notify the EMLCU of their names and contact details. FRA-supervised legal persons must also comply with Decision 161/2024, register the manager and alternate in the FRA register, notify both the EMLCU and FRA of their contact details, and notify both authorities immediately when either person changes. Notify FRA within one week when the alternate assumes responsibility because of absence or when the manager leaves the institution. Apply any additional CBE or sector-specific approval and fitness requirements.
- Preuves à conserver
- Appointments, register entry, EMLCU and FRA notifications, change log and sector approval
- Source primaire
- Executive Regulations, arts. 35-37; FRA Decision 161/2024, arts. 14-21
Approve a risk-based AML program
- Action d’implémentation
- Maintain board-approved policies, procedures and systems covering institutional risk assessment, CDD, beneficial ownership, PEPs, targeted financial sanctions, monitoring, internal escalation, EMLCU reporting, records, training and assurance.
- Preuves à conserver
- Approved AML/CFT program mapped to controls
- Source primaire
- Executive Regulations, art. 32; FRA Decision 161/2024, arts. 3 and 5
Assess institutional and technology risk
- Action d’implémentation
- Conduct and document an institution-wide ML, TF and proliferation-financing risk assessment proportionate to the institution's size and activities. Cover customers, countries and geographic areas, existing and new products, services, transactions, delivery channels, business practices and technologies before use. The board must approve the assessment. Update it at least annually and whenever material change requires it, and provide the assessment and supporting material to the EMLCU or supervisor on request. Before offering a new product or service relying on modern technology, identify and assess its ML/TF risks, implement proportionate controls and coordinate with the EMLCU before launch.
- Preuves à conserver
- Board-approved annual assessment, methodology, trigger log, launch assessment, controls and EMLCU coordination
- Source primaire
- Executive Regulations, arts. 22 bis C(6) and 29 bis
Apply the stricter sector overlay
- Action d’implémentation
- Add current EMLCU CDD procedures, CBE or FRA rules, license conditions, reporting instructions and product-specific controls. Resolve any conflict against the binding Arabic instrument and obtain local advice where scope is uncertain.
- Preuves à conserver
- Sector-overlay and legal-change register
- Source primaire
- Applicable regulator rule and official Arabic text
02KYC for natural personsIdentify the customer and representative before service, understand the purpose and keep the profile reliable.6 éléments+
Prohibit anonymous or fictitious relationships
- Action d’implémentation
- Do not open or maintain accounts, accept deposits or funds, or provide covered services under anonymous, false or fictitious names.
- Preuves à conserver
- Onboarding prohibition and exception report
- Source primaire
- AML Law, art. 8; Executive Regulations, art. 33
Identify the natural person
- Action d’implémentation
- Collect the full legal name, official identification details, date and place of birth, nationality, address, occupation or business, contact details and other data required by the applicable EMLCU and sector procedure.
- Preuves à conserver
- Completed customer profile
- Source primaire
- AML Law, art. 8; applicable CDD procedure
Verify with reliable independent evidence
- Action d’implémentation
- Verify the identity before the relationship or occasional transaction using valid official documents and reliable independent data or information. Record authenticity, expiry, liveness or non-face-to-face controls where relevant.
- Preuves à conserver
- Identity evidence and verification audit trail
- Source primaire
- Executive Regulations, art. 22 bis A
Verify representatives and authority
- Action d’implémentation
- Identify and verify each person acting for a customer, confirm the authority to act and retain the mandate or other reliable authority evidence.
- Preuves à conserver
- Representative KYC and authority record
- Source primaire
- Executive Regulations, art. 22 bis A(5)
Understand purpose and expected activity
- Action d’implémentation
- Record the nature and purpose of the relationship, expected products, volumes, counterparties, geographies and source of funds needed to understand normal activity and risk.
- Preuves à conserver
- Purpose and expected-activity profile
- Source primaire
- Executive Regulations, art. 22 bis A(2); sector CDD procedure
Resolve failed CDD
- Action d’implémentation
- If required CDD cannot be completed, do not open the account, start or continue the relationship, or execute the transaction. Consider and document whether the reasons require an immediate suspicious-transaction report to the EMLCU.
- Preuves à conserver
- Decline or exit and STR decision
- Source primaire
- Executive Regulations, art. 22 bis C(1)
03KYB and beneficial ownershipVerify legal existence and authority, then trace ownership and control to natural persons.6 éléments+
Verify the legal entity
- Action d’implémentation
- Obtain and independently verify the registered name, legal form, commercial-registration number and status, incorporation or governing documents, registered and operating addresses, tax details where required and regulated licenses through GAFI, the Commercial Registry, ITDA or the competent registry.
- Preuves à conserver
- Current registry evidence and formation documents
- Source primaire
- Executive Regulations, art. 22 bis A; GAFI and ITDA procedures
Understand business activity
- Action d’implémentation
- Document the business model, products, operating locations, expected counterparties, transaction profile and source of funds, and corroborate material claims with reliable evidence.
- Preuves à conserver
- Business and expected-activity profile
- Source primaire
- Executive Regulations, art. 22 bis A
Verify directors, representatives and authority
- Action d’implémentation
- Identify and verify authorized representatives and the natural persons relevant to management or control, and confirm signing, account and transaction authority using current resolutions, powers or mandates.
- Preuves à conserver
- Connected-person KYC and authority chain
- Source primaire
- Executive Regulations, art. 22 bis A
Apply the beneficial-owner cascade
- Action d’implémentation
- Identify and reasonably verify the natural persons with controlling ownership, then persons exercising control through other means. Only when neither can be identified after reasonable measures, identify the natural person holding the senior-management position and record why the fallback was used.
- Preuves à conserver
- Ownership and control chart with BO rationale
- Source primaire
- Executive Regulations, art. 22 bis B(1)-(2)
Resolve legal arrangements and layers
- Action d’implémentation
- Trace all intermediate entities and nominees. For trusts or similar arrangements identify and verify the settlor, trustee, protector, beneficiaries or class of beneficiaries and any other natural person exercising effective control.
- Preuves à conserver
- Full structure chart and arrangement documents
- Source primaire
- Executive Regulations, art. 22 bis B(3)
Keep BO information current
- Action d’implémentation
- Update customer and beneficial-owner data periodically and continuously, with closer attention to higher-risk customers and trigger events. Reconcile declarations against current registry, constitutional and ownership evidence and investigate inconsistencies.
- Preuves à conserver
- BO refreshes and discrepancy outcomes
- Source primaire
- Executive Regulations, art. 22 bis C(4)-(5)
04Risk, PEPs and targeted financial sanctionsUse a documented risk model for CDD and EDD while treating list-based freezing as an immediate legal control.7 éléments+
Assign and explain customer risk
- Action d’implémentation
- Assess customer, ownership, product, service, channel, geography and transaction risk and retain the score, rationale, reviewer and approval. Reassess when facts or external risk information change.
- Preuves à conserver
- Customer risk assessment and decision
- Source primaire
- Executive Regulations, art. 32; FRA Decision 161/2024, art. 3
Identify PEP exposure
- Action d’implémentation
- Determine whether the customer or beneficial owner is or was entrusted with a prominent domestic, foreign or international-organization function. Extend the assessment to family members, close associates, persons acting on their behalf, and controlled legal persons or arrangements.
- Preuves à conserver
- PEP screening and relationship mapping
- Source primaire
- Executive Regulations, definition and art. 32 bis
Apply mandatory PEP controls
- Action d’implémentation
- For covered PEP relationships, obtain senior-management approval before establishing or continuing the relationship, take reasonable measures to establish source of wealth and source of funds, and apply enhanced continuous monitoring.
- Preuves à conserver
- Approval, source analysis and monitoring plan
- Source primaire
- Executive Regulations, art. 32 bis
Screen UN and domestic designation lists
- Action d’implémentation
- Register for EMLCU updates and monitor the relevant UN Security Council terrorism, terrorist-financing and proliferation-financing lists daily. Screen prospective and existing customers, beneficial owners, representatives and transaction parties before onboarding, before transactions and immediately after every list update. Apply Egypt's domestic terrorist-entity and terrorist lists separately under Law 8/2015.
- Preuves à conserver
- Subscription, daily update log, screening results, alert decisions and quality assurance
- Source primaire
- FIU Decision 1/2024; Executive Regulations, arts. 52 and 53 bis A
Freeze the complete UN-designated asset perimeter
- Action d’implémentation
- For a confirmed UN designation, freeze without delay and without prior notice all funds or assets owned or controlled directly or indirectly, wholly or jointly, including assets derived from them and assets held by persons or entities acting on behalf of or at the direction of a designated person. Do not make funds, assets, economic resources, financial services or related services available directly or indirectly to those persons or entities.
- Preuves à conserver
- Match validation, freeze record, blocked transaction, asset-scope analysis and non-availability control
- Source primaire
- FIU Decision 1/2024; Executive Regulations, arts. 52 and 53 bis A
Apply domestic-list freezing and financing prohibitions
- Action d’implémentation
- For domestic designations, immediately freeze the listed person's or entity's funds and assets, including jointly owned funds and generated proceeds. Prohibit direct or indirect financing, collection, receipt, transfer and similar financial services.
- Preuves à conserver
- Domestic-list match, freeze record, financing block and legal escalation
- Source primaire
- Law 8/2015; FIU Decision 1/2024
Report every TFS implementation action immediately
- Action d’implémentation
- Immediately notify the EMLCU and competent supervisor of every freeze, unfreeze, attempted transaction and other implementation action. Preserve the related records and release or deal with frozen assets only under an authorised exemption, delisting or unfreezing decision.
- Preuves à conserver
- Immediate notification, receipt, attempted-transaction record, release authority and case file
- Source primaire
- FIU Decision 1/2024; Executive Regulations, arts. 52 and 53 bis A
05Enhanced due diligenceIncrease information, verification, approval and monitoring in proportion to identified higher risk.5 éléments+
Collect additional information
- Action d’implémentation
- Obtain further customer, ownership, control, business, geography, purpose and transaction information needed to understand and mitigate the higher risk.
- Preuves à conserver
- EDD information pack
- Source primaire
- Risk-based CDD procedures and sector controls
Corroborate identity and activity
- Action d’implémentation
- Use additional reliable independent sources to verify identity, legal existence, ownership, expected activity, source explanations and the reason for complex or unusual features.
- Preuves à conserver
- Independent corroboration record
- Source primaire
- Executive Regulations, arts. 22 bis A-C
Establish source of funds and wealth
- Action d’implémentation
- Establish and, where risk requires, corroborate source of funds and source of wealth. Apply the specific source and approval controls required for PEPs.
- Preuves à conserver
- Source evidence and plausibility analysis
- Source primaire
- Executive Regulations, art. 32 bis
Obtain senior approval
- Action d’implémentation
- Require documented senior-management approval for PEP relationships and other higher-risk relationships specified by the institution's policy or sector rule, including conditions for acceptance or continuation.
- Preuves à conserver
- Approval and conditions
- Source primaire
- Executive Regulations, art. 32 bis; internal risk policy
Increase ongoing scrutiny
- Action d’implémentation
- Set tighter refresh cycles, monitoring scenarios, alert thresholds and escalation requirements proportionate to higher risk and record how the measures reduce that risk.
- Preuves à conserver
- EDD monitoring plan and reviews
- Source primaire
- Executive Regulations, arts. 22 bis C and 32 bis
06Ongoing due diligence and fintech controlsKeep customer knowledge current and connect onboarding data to monitoring, investigations and product change.7 éléments+
Monitor throughout the relationship
- Action d’implémentation
- Monitor transactions and behavior for consistency with the customer's identity, business, ownership, risk, expected activity and source of funds, and identify attempted as well as completed suspicious activity.
- Preuves à conserver
- Monitoring rules, alerts and case outcomes
- Source primaire
- Executive Regulations, arts. 32 and 36
Refresh on risk and trigger events
- Action d’implémentation
- Update CDD, beneficial ownership, authority and risk information periodically and when ownership, management, product use, geography, behavior, sanctions or other material facts change.
- Preuves à conserver
- Review schedule and event-driven reviews
- Source primaire
- Executive Regulations, art. 22 bis C(4)-(5)
Examine unusual activity promptly
- Action d’implémentation
- Route unusual and internally reported activity to the AML/CFT manager through secure channels, investigate promptly and retain the facts, analysis and reporting or closure rationale.
- Preuves à conserver
- Investigation file and decision
- Source primaire
- Executive Regulations, art. 36; FRA Decision 161/2024, art. 6
Govern technology and outsourcing
- Action d’implémentation
- Document data coverage, model or rule logic, alert handling, access, change control, testing and human oversight for automated KYC, screening and monitoring. Assess reliance on third parties without outsourcing accountability.
- Preuves à conserver
- System inventory, tests, vendor controls and change records
- Source primaire
- Executive Regulations, art. 22 bis C(6); FRA Decision 161/2024, arts. 3 and 5
Maintain a linked audit trail
- Action d’implémentation
- Ensure monitoring and case teams can retrieve onboarding purpose, expected activity, ownership structure, risk rating, screening history and prior reviews so KYC is not treated as a static file.
- Preuves à conserver
- Linked customer, monitoring and case record
- Source primaire
- Recommended implementation control; lifecycle obligations
Apply payment and messaging updates
- Action d’implémentation
- Banks operating in Egypt must apply the CBE's ISO 20022 migration for SWIFT messaging used in interbank financial transfers from 21 June 2026. Do not extend this announcement to non-bank payment businesses unless a separate binding CBE circular or licence condition applies to their service.
- Preuves à conserver
- Bank-scope decision, migration evidence, message validation and any separate non-bank CBE authority
- Source primaire
- CBE ISO 20022 announcement, 21 June 2026
Apply the CBE PSO and PSP licensing transition
- Action d’implémentation
- Map payment-system-operator and payment-service-provider activities to the CBE Rules for Licensing and Registration issued in June 2025. Existing payment institutions were required to regularise their position and apply for a CBE licence within the one-year transition ending in June 2026; do not continue covered activity without the required licence, registration or documented CBE status.
- Preuves à conserver
- Activity classification, transition assessment, CBE application or licence, governance and remediation
- Source primaire
- CBE PSO/PSP Licensing and Registration Rules, 17 June 2025
07Reporting, records, privacy and assuranceReport immediately, prevent tipping off, retain retrievable evidence and align privacy implementation with the 2025 regulations.7 éléments+
File suspicious-transaction reports immediately
- Action d’implémentation
- The AML/CFT manager must notify the EMLCU immediately once suspicion exists, regardless of transaction value, including attempted transactions. Internal review must be prompt and must not be used to delay reporting.
- Preuves à conserver
- STR reference, decision and timeline
- Source primaire
- Executive Regulations, art. 36(3); FRA Decision 161/2024, art. 6
Use the prescribed secure channel
- Action d’implémentation
- Use the current EMLCU form and secure electronic channel assigned to the institution. Confirm the supervisor's current portal instruction; CBE's 16 April 2026 circular specifically requires foreign-exchange companies to implement goAML.
- Preuves à conserver
- Portal registration, filing receipt and channel matrix
- Source primaire
- EMLCU instructions; CBE circulars; FRA STR forms
Prevent tipping off
- Action d’implémentation
- Do not disclose directly or indirectly to the customer, beneficiary or unauthorized persons that a suspicious report, examination, investigation or related measure exists. Restrict access to need-to-know personnel.
- Preuves à conserver
- Access controls and communications guidance
- Source primaire
- AML Law, art. 11; Executive Regulations, art. 34 bis A
Retain retrievable AML records
- Action d’implémentation
- Keep transaction, customer, representative and beneficial-owner records for at least five years from account closure or completion of an occasional transaction, and longer when requested by the EMLCU or investigating authorities. Preserve reports, analysis, screening, freezing, training and assurance records under applicable rules.
- Preuves à conserver
- Retention schedule and retrieval evidence
- Source primaire
- AML Law, art. 9; Executive Regulations, art. 34; FRA Decision 161/2024, arts. 8-9
Submit governance and sector returns
- Action d’implémentation
- Prepare the AML/CFT manager's report at least annually for the board and EMLCU. FRA-supervised entities must also meet Decision 161/2024 reporting requirements, including the semiannual suspicion-statistics report to FRA within one week after the period ends and applicable annual reports.
- Preuves à conserver
- Board reports, EMLCU submission and FRA returns
- Source primaire
- Executive Regulations, art. 38; FRA Decision 161/2024, art. 6
Implement the PDPL transition
- Action d’implémentation
- Complete the PDPL transition no later than 1 November 2026. Map each processing purpose to a lawful basis, including legal-obligation processing required for AML compliance rather than relying on blanket consent. Obtain the controller, processor, sensitive-data and other PDPC licences or permits applicable to the processing. A legal-person controller or processor must appoint and register a qualified DPO and maintain accessible DPO contact details. Before a cross-border transfer, determine whether a statutory exception applies. Otherwise obtain the required PDPC licence or permit, confirm the destination's adequacy, obtain the data subject's consent and implement the required contractual, security and record controls. Notify the PDPC within 72 hours after becoming aware of a personal-data breach, immediately when national-security considerations are involved, and notify affected data subjects within three business days after notifying the PDPC. Preserve AML records where AML legislation overrides an erasure or ordinary retention request.
- Preuves à conserver
- Transition plan, lawful-basis register, licences, registered DPO, transfer assessment, contracts, breach chronology and AML retention override
- Source primaire
- PDPL 151/2020; Ministerial Decision 816/2025; official PDPC and DPO guidance
Train, test and remediate
- Action d’implémentation
- Where FRA Decision 161/2024 applies, train relevant employees at least annually. Require the internal-audit function to prepare a report for each calendar year on the AML/CFT manager's work and the institution's compliance. Prepare that report within 15 days after the reporting period, submit it to the board for approval, and provide the approved report to FRA within 45 days after the period ends, together with the external-auditor report. Engage an external auditor registered with FRA to review the internal-control environment, the internal-audit report and compliance with AML/CFT/CPF requirements. The external auditor must provide an annual report to both the institution and FRA within 45 days after the reporting period ends. For institutions outside FRA supervision, apply the training, internal-review and independent-assurance requirements imposed by the applicable sector rule. Independent assurance is recommended only where no binding rule makes it mandatory.
- Preuves à conserver
- Annual training records, internal-audit report, board approval, FRA submission receipt, registered external-auditor appointment and annual external-auditor report
- Source primaire
- FRA Decision 161/2024, arts. 7 and 10-11

7 domaines de contrôle et 45 vérifications d'implémentation avec sources réglementaires directes.
Téléchargez la checklist KYC, KYB et AML pour Égypte
Partagez vos coordonnées professionnelles pour accéder immédiatement à la checklist d'implémentation sourcée pour Égypte. Date de revue réglementaire : 15 July 2026.
Recevez le PDF immédiatement
Envoyez vos coordonnées pour démarrer automatiquement le téléchargement
Revue et sourcée
Version 1.0, revue le 15 July 2026
Approuvé par des équipes conformité de premier plan
Registre des sources primaires
19 sources utilisées pour cette checklist
Utilisez ces liens pour vérifier la législation, les lignes directrices, les procédures de déclaration et les statuts internationaux.
- Anti-Money Laundering Law No. 80 of 2002, current Arabic consolidated textFinancial Regulatory Authority · primary
- Executive Regulations of Anti-Money Laundering Law No. 80 of 2002, current Arabic textFinancial Regulatory Authority · primary
- Anti-Money Laundering Law No. 80 of 2002, historical English translationGeneral Authority for Investment and Free Zones · primary
- Egyptian AML/CFT system and sector-supervisor mapCentral Bank of Egypt · primary
- AML/CFT regulations for banks and foreign-exchange companiesCentral Bank of Egypt · primary
- CBE compliance guidance and record-retention FAQCentral Bank of Egypt · primary
- CBE circulars, including the 16 April 2026 goAML requirement for foreign-exchange companiesCentral Bank of Egypt · primary
- FRA AML/CFT system, legislation, forms and guidanceFinancial Regulatory Authority · primary
- FRA Decision No. 161 of 2024 on AML/CFT controls for non-bank financial activitiesFinancial Regulatory Authority · primary
- FIU Decision No. 1 of 2024 on targeted financial sanctionsEgyptian FIU via Financial Regulatory Authority · primary
- Company incorporation and company-amendment servicesGeneral Authority for Investment and Free Zones · primary
- Commercial Registry legislation and proceduresInternal Trade Development Authority · primary
- Official PDPC Data Subject Consent Guidelines citing Law No. 151/2020 and Decision No. 816/2025Personal Data Protection Center · primary
- CBE Rules for Licensing and Registration of PSOs and PSPs, 17 June 2025Central Bank of Egypt · primary
- Egypt's Economic Rise and KYB's RoleVOVE ID - contextual reading · context
- Egyptian Personal Data Protection Center official portalPersonal Data Protection Center · primary
- Official Data Protection Officer guidancePersonal Data Protection Center · primary
- ISO 20022 migration announcement, 21 June 2026Central Bank of Egypt · primary
- Jurisdictions under Increased Monitoring, 19 June 2026FATF · primary
Réponses directes
Questions KYC, KYB et AML pour Égypte
Which Egyptian AML rules apply to a fintech?+
It depends on the regulated activity, not the fintech label. Start with AML Law 80/2002 and its Executive Regulations, then add the CBE rules for CBE-supervised banking, payment, remittance or foreign-exchange activity, FRA Decision 161/2024 for covered non-bank financial activity, or the controls of another competent supervisor.
How is a beneficial owner identified in Egypt?+
Identify and reasonably verify the natural person with controlling ownership, then anyone controlling the entity by other means. Only if neither can be found after reasonable measures should the senior-management official be used as the fallback, with the reasoning documented. Trusts and similar arrangements require identification of the settlor, trustee, protector, beneficiaries and other effective controllers.
When must a suspicious transaction be reported in Egypt?+
The responsible AML/CFT manager must notify the EMLCU immediately once suspicion exists, regardless of value, including attempted transactions. The institution must follow the current EMLCU form and secure portal instructions and must not tip off the customer.
How long must AML records be kept in Egypt?+
At least five years from account closure or completion of an occasional transaction, and longer if the EMLCU or investigating authorities require it. Sector rules also require preservation of internal analysis, reports, screening, freezing, training and governance records.
What do Egypt's targeted-financial-sanctions rules require?+
Screen current UN Security Council and Egyptian domestic terrorist lists before dealing, during transactions and immediately after list updates. A confirmed designation requires immediate freezing without prior notice, non-dealing, and immediate notification to the EMLCU and competent supervisor using the prescribed process.
Is Egypt currently on the FATF grey list?+
Egypt was not named in FATF's jurisdictions under increased monitoring or jurisdictions subject to a call for action statements published on 19 June 2026. This is not a low-risk designation and does not replace a documented risk assessment.
Méthode de recherche et de revue
VOVE ID Compliance Research cartographie le périmètre réglementaire, traduit les obligations en contrôles opérationnels, relie les affirmations importantes aux sources et date chaque revue.
VOVE ID Compliance Research · Revue le 15 July 2026 · Version 1.0
This is a general Egypt baseline, not legal advice or a complete sector checklist. Confirm whether the activity is supervised by the CBE, FRA or another authority; obtain the current Arabic legal text, EMLCU customer-due-diligence procedures, sector circulars, reporting forms and portal instructions before implementation. Where an English translation differs from the Arabic official text, the official Arabic text controls.