Checklist de conformité KYC, KYB et AML
Tanzanie KYC, KYB & AML
A territory-aware implementation checklist for regulated fintechs and reporting persons operating in Mainland Tanzania, Tanzania Zanzibar, or both.
- Revue le
- 15 July 2026
- Version
- 1.3
- domaines de contrôle
- 10
- contrôles d’implémentation
- 40
Réponse directe
Que couvre la checklist de conformité pour Tanzanie ?
La checklist pour Tanzanie traduit les principales règles KYC, KYB et AML en 10 domaines de contrôle et 40 contrôles d’implémentation, avec les autorités, obligations de déclaration et preuves à conserver.
Faits réglementaires clés
- AML authorities
- FIU Tanzania; Zanzibar FIU functions under the Zanzibar framework
- Payments authority
- Bank of Tanzania; NPS Act applies in Mainland and Zanzibar
- Company registries
- BRELA (Mainland); BPRA (Zanzibar)
- STR channel
- FIU goAML / prescribed FIU channel
- Mainland threshold reports
- Cash >= USD 10,000; EFT >= USD 1,000; file within 5 working days
- AML retention
- Generally 10 years, measured from the applicable statutory trigger
- Data protection
- PDPA 2022; in Zanzibar only for Union matters
- FATF status
- Not under increased monitoring since June 2025
Détail d’implémentation
Exigences et actions de conformité pour Tanzanie
Ouvrez chaque domaine pour consulter l’exigence, l’action recommandée, les preuves à conserver et la source primaire utilisée.
01Scope, licensing and accountabilityMap the legal entity, territory, regulated activity and reporting-person category before configuring controls. Mainland and Zanzibar do not share one company or general AML statute.4 éléments+
Document territorial and regulatory scope
- Action d’implémentation
- For each entity and product, record whether operations, incorporation, customers and regulated activities fall in Mainland Tanzania, Tanzania Zanzibar, or both. Map the applicable AML statute, sector regulator, FIU reporting route and registry.
- Preuves à conserver
- Approved scope memorandum; entity-product-territory matrix; legal advice and regulatory correspondence.
- Source primaire
- AMLA Cap. 423 R.E. 2023; AMLPOCA No. 10 of 2009 as amended [01][02][03]
Confirm licences before launch
- Action d’implémentation
- Do not operate a payment system, issue a payment instrument or issue electronic money without the licence or approval required by the Bank of Tanzania. Map licence conditions, renewals, agents, outsourcing and material-change approvals.
- Preuves à conserver
- BoT licence or approval; regulatory-perimeter analysis; conditions register; renewal calendar.
- Source primaire
- National Payment Systems Act 2015 ss. 5, 15 and 24; Licensing and Approval Regulations 2015 [12][13][14]
Maintain a risk-based AML/CFT/CPF programme
- Action d’implémentation
- Approve an enterprise risk assessment and proportionate controls covering customers, beneficial owners, products, channels, geography, transactions, agents and new technology. Refresh after material change and when risk intelligence changes.
- Preuves à conserver
- Board-approved risk assessment; methodology; residual-risk decisions; control map; review log.
- Source primaire
- AMLA Cap. 423 R.E. 2023; AML Regulations 2022 as amended [01][04][05]
Appoint accountable compliance leadership
- Action d’implémentation
- Appoint an eligible, sufficiently senior and independent compliance officer or MLRO; define direct escalation, access to records, reporting authority, training, independent testing and board oversight.
- Preuves à conserver
- Appointment and FIU/regulator filing where required; role profile; board minutes; training and audit plans.
- Source primaire
- AMLA and applicable AML regulations [01][04][05]
02Customer due diligence and enhanced due diligenceCDD must establish who the customer and ultimate beneficial owner are, why the relationship exists and whether activity remains consistent with the known risk profile.6 éléments+
Apply CDD at every statutory trigger
- Action d’implémentation
- Identify and verify the customer and ultimate beneficial owner before establishing a relationship or carrying out a covered occasional transaction, and again where ML/TF/PF is suspected, prior information is doubtful, or risk materiality requires it.
- Preuves à conserver
- Trigger matrix; identity records; verification results; customer and beneficial-owner profiles; refresh log.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 16 [01]
Understand purpose, ownership and control
- Action d’implémentation
- For natural persons capture reliable identity, address, occupation, source-of-funds context and purpose. For legal persons and arrangements verify legal existence, powers, directors or equivalent controllers, ownership chain and the natural persons who ultimately own or control them.
- Preuves à conserver
- CDD/KYB file; registry extracts; constitutional documents; ownership chart; control analysis; source-of-funds evidence.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 16; AML Regulations 2022 as amended [01][04][05]
Apply PEP and high-risk controls
- Action d’implémentation
- Use risk-management systems to identify domestic, foreign and international-organisation PEPs, family members and close associates. Obtain senior-management approval, establish source of wealth and funds, apply enhanced monitoring, and use enhanced measures for other high-risk relationships.
- Preuves à conserver
- PEP screening; approval; source-of-wealth/funds assessment; enhanced-review and monitoring records.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 16 [01]
Constrain deferred verification
- Action d’implémentation
- Allow commencement before verification completes only for proven low-risk customers and under adopted risk-management procedures governing use before verification. Statutorily permitted activity includes opening an account and allowing an initial deposit, or depositing funds for new or existing low-risk services. As additional risk controls, set a short completion deadline, prevent withdrawals or higher-risk use, and stop the relationship if verification fails.
- Preuves à conserver
- Proven low-risk assessment; adopted pre-verification procedure; permitted-activity rules; deadline and stop controls; exception log.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s.16; GN 853E of 2023 reg.8(3) [01][05]
Stop and report failed CDD
- Action d’implémentation
- Where CDD cannot be completed, do not commence the relationship or transaction, or terminate an existing relationship as applicable, and submit an STR to the FIU. This refusal-or-termination and reporting outcome is mandatory.
- Preuves à conserver
- Rejected or exited case; mandatory STR decision and receipt; access-controlled audit trail.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s.16 [01]
Apply the tipping-off safeguard as FATF guidance
- Action d’implémentation
- Where there is suspicion and the firm reasonably believes continuing CDD would tip off the customer, use the FATF Recommendation 10 interpretive guidance to stop that CDD process and file an STR. Label this as international guidance rather than a separate rule attributed solely to AMLA section 16.
- Preuves à conserver
- Tipping-off assessment; MLRO approval; STR receipt; restricted case record.
- Source primaire
- FATF Recommendation 10 Interpretive Note [21]
03Business verification and beneficial ownershipRegistry duties are territorial. BRELA requirements below apply to companies incorporated or registered in Mainland Tanzania; Zanzibar entities use BPRA and the Zanzibar Companies Act.4 éléments+
Verify the business independently
- Action d’implémentation
- Obtain a current registry extract, legal name, number, status, registered office, constitutional documents, business activity, licences, directors and authorised signatories from BRELA for Mainland entities or BPRA for Zanzibar entities. Reconcile discrepancies before approval.
- Preuves à conserver
- Dated registry extract; licence checks; constitutional documents; authority matrix; discrepancy resolution.
- Source primaire
- Companies Act Cap. 212 and BRELA rules (Mainland); Zanzibar Companies Act No. 15 of 2013 and BPRA (Zanzibar) [06][07][08]
Identify every ultimate natural-person owner or controller
- Action d’implémentation
- Trace direct and indirect ownership and control through each layer. Record natural persons who ultimately own, exercise substantial control or influence, receive substantial economic benefit, or on whose behalf an arrangement is conducted. Do not stop at a nominee or corporate shareholder.
- Preuves à conserver
- Ownership chart; declarations; shareholder and control records; corroborating registry or source documents.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 16; Companies (Beneficial Ownership) Regulations 2021 (Mainland) [01][07]
Maintain and file Mainland BO information
- Action d’implémentation
- For a Mainland company, maintain the statutory BO register and file Form 14b particulars as required. Apply the Regulations' 30-day periods to the specific events they cover: cessation notices, declarations of beneficial interest and changes, company returns after receiving declarations, and changes of beneficial owners. Do not treat every initial submission as subject to one generic 30-day clock.
- Preuves à conserver
- BO register; Form 14b and event-specific forms; filed acknowledgements; event/deadline matrix; reconciliation record.
- Source primaire
- Companies (Beneficial Ownership) Regulations 2021 regs.3-5 (Mainland only) [07]
Apply Zanzibar company rules separately
- Action d’implémentation
- For a Zanzibar company, obtain and maintain company and ownership information under the Zanzibar Companies Act and BPRA process. Do not treat the Mainland BRELA beneficial-ownership forms or 30-day filing rule as automatically applicable.
- Preuves à conserver
- BPRA extract and filings; Zanzibar legal analysis; ownership records; periodic refresh.
- Source primaire
- Zanzibar Companies Act No.15 of 2013; Companies Regulations 2017; BPRA [08][20]
04Ongoing monitoring and suspicious transaction reportingMonitoring must use the customer’s expected profile and all available information. STR obligations are separate from automatic threshold-reporting rules.4 éléments+
Monitor relationships continuously
- Action d’implémentation
- Scrutinise transactions throughout the relationship for consistency with customer knowledge, business, risk profile and source of funds where necessary. Keep CDD data current, with more frequent reviews for higher-risk customers.
- Preuves à conserver
- Monitoring scenarios; expected-activity profile; alerts and investigations; periodic and event-driven reviews.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 16; AML amendment regulations 2023 reg. 8A [01][05]
File STRs through the prescribed FIU channel
- Action d’implémentation
- After forming suspicion, submit the STR to the FIU within 24 hours and, wherever possible, before the transaction is carried out. Cover proposed and attempted transactions as well as completed activity. Ascertain the purpose of the funds, property, transaction, or proposed or attempted transaction; the origin and ultimate destination; and the identity and address of every ultimate beneficiary, without tipping off the customer, and retain the findings.
- Preuves à conserver
- Suspicion timestamp; inquiry record; proposed, attempted or completed transaction details; goAML filing and receipt; 24-hour SLA evidence.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s.18 [01]
Prevent tipping off and preserve confidentiality
- Action d’implémentation
- Restrict STR and investigation information to authorised personnel, suppress customer-facing signals, and train staff not to disclose that an STR is contemplated or filed.
- Preuves à conserver
- Role-based access; confidentiality policy; training; communication controls; audit logs.
- Source primaire
- AMLA Cap. 423 R.E. 2023 and applicable regulations [01][04]
Keep decision quality auditable
- Action d’implémentation
- Record facts considered, typologies, linked activity, customer explanation, risk indicators, decision-maker, timing and follow-up for both filed and closed alerts.
- Preuves à conserver
- Investigation file; rationale template; QA review; management information and escalation record.
- Source primaire
- AMLA ss. 16-18; AML Regulations 2022 as amended [01][04][05]
05Mainland reporting and wire controlsThis section implements the 2019 Electronic Funds Transfer and Cash Transaction Reporting Regulations, which expressly apply to Mainland Tanzania.5 éléments+
Report Mainland threshold transactions
- Action d’implémentation
- Report a single currency transaction of USD 10,000 equivalent or more and a single electronic funds transfer of USD 1,000 equivalent or more, using the official BoT exchange rate at transaction time. Submit no later than five working days after the transaction.
- Preuves à conserver
- Threshold engine; exchange-rate snapshot; report file and FIU receipt; exception log.
- Source primaire
- EFT and Cash Transaction Reporting Regulations 2019 regs. 2, 5 and 12 (Mainland only) [09]
Aggregate related activity precisely
- Action d’implémentation
- Treat two or more currency transactions or EFTs within 24 hours as one reportable transaction when they total at least USD 10,000 equivalent and are conducted by or on behalf of the same person or entity, or are destined to the same recipient. Do not aggregate different originators solely because they send to the same recipient.
- Preuves à conserver
- 24-hour aggregation logic; originator and recipient linkage; exception tests; filed reports.
- Source primaire
- EFT and Cash Transaction Reporting Regulations 2019 reg. 11 (Mainland only) [09]
Preserve ordering-institution information
- Action d’implémentation
- Ensure every EFT carries the required originator and beneficiary information. An ordering institution must retain it for ten years and must not execute a transfer that lacks the required information.
- Preuves à conserver
- Payment-message schema; completeness validation; rejected-transfer logs; ten-year archive.
- Source primaire
- EFT and Cash Transaction Reporting Regulations 2019 regs. 4 and 9 (Mainland only) [09]
Apply intermediary-institution controls
- Action d’implémentation
- As an intermediary, retain accompanying originator and beneficiary information, keep information received from upstream institutions for at least ten years, identify deficient transfers, and use risk-based rules to execute, reject or suspend them and determine follow-up.
- Preuves à conserver
- Intermediary rules; payment records; deficiency alerts; execute/reject/suspend decisions; follow-up cases.
- Source primaire
- EFT and Cash Transaction Reporting Regulations 2019 reg. 10 (Mainland only) [09]
Assess Zanzibar payment-reporting duties separately
- Action d’implémentation
- Do not extend the Mainland 2019 threshold and wire-transfer regulation to Zanzibar by assumption. Map Zanzibar AMLPOCA rules, FIU directions and any BoT payment-system licence conditions that apply to the Zanzibar operation.
- Preuves à conserver
- Zanzibar reporting matrix; legal advice; regulator instructions; configured jurisdictional rules.
- Source primaire
- AMLPOCA framework and scope of GN 420 of 2019 [02][03][09]
06Targeted financial sanctionsUse the 2022 Prevention of Terrorism (General) Regulations together with both the 2023 and 2024 amendments. Screening alone is not compliance: matching, freezing and reporting must be operational.4 éléments+
Ingest and screen current designations
- Action d’implémentation
- For a UN Security Council designation or update, ensure FIU circulation occurs within 12 hours. Implement the communicated measure within 12 hours of receipt and, in every case, within 24 hours of the UN designation or update. Keep automated intake, escalation and timestamp evidence.
- Preuves à conserver
- UN/FIU source inventory; circulation receipt; ingestion and implementation timestamps; customer, BO and transaction screening logs; SLA tests.
- Source primaire
- POTA General Regulations 2022 reg.4 as amended in 2023 and 2024 [10][11][11B]
Freeze without delay and without prior notice
- Action d’implémentation
- On a confirmed match, prohibit dealing, block availability of funds, assets and related services, and freeze all covered directly or indirectly owned, jointly owned, controlled, derived or directed assets without delay and without notifying the designated party in advance.
- Preuves à conserver
- Match decision; asset map; freeze timestamp; blocked transactions; legal and compliance approvals.
- Source primaire
- Prevention of Terrorism (General) Regulations 2022 regs. 19-20 [10]
Complete the prescribed reporting chain
- Action d’implémentation
- When a funds or asset freeze is effected, notify the Minister and copy the Police Force and FIU within 24 hours of implementation. Separately, under amended regulation 20(4), report without delay any freeze effected, attempted or other transaction, and action taken to comply with the prohibition. For domestic designations, report covered funds or assets to the Committee without delay under regulation 12.
- Preuves à conserver
- Minister, Police and FIU notices and receipts; Committee report; freeze and attempted-transaction report; complete timeline.
- Source primaire
- POTA General Regulations 2022 regs.12 and 20, as amended in 2023 and 2024 [10][11][11B]
Control false positives, delisting and authorised access
- Action d’implémentation
- Use documented match-resolution criteria, keep assets frozen while a true match remains designated, and implement variation, mistaken-identity and delisting decisions only through the competent process.
- Preuves à conserver
- False-positive rationale; escalation; variation or delisting authority; unfreeze approval and timestamp.
- Source primaire
- Prevention of Terrorism (General) Regulations 2022 regs. 15, 21 and 24 [10]
07Record keeping and retrievabilityRetention clocks differ by record type. A single generic 'ten years from creation' rule is not sufficient.3 éléments+
Apply statutory ten-year trigger dates
- Action d’implémentation
- Retain transaction and linked-series records for ten years from completion or last activity; relationship and CDD records for ten years from formal termination; and analysis or risk-assessment records for ten years from completion. Extend retention where a report, investigation or authority requires it.
- Preuves à conserver
- Retention schedule by record class; trigger-date fields; legal holds; deletion approvals.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 17 [01]
Keep records complete and rapidly retrievable
- Action d’implémentation
- Preserve identity and beneficial-owner evidence, account files, correspondence, transaction data, payment messages, monitoring and investigation records, reports and training evidence in a form sufficient to reconstruct activity and respond promptly to lawful requests.
- Preuves à conserver
- Indexed archive; reconstruction test; access controls; authority-request log; backup and integrity evidence.
- Source primaire
- AMLA Cap. 423 R.E. 2023 s. 17; applicable AML regulations [01][04]
Reconcile overlapping payment retention
- Action d’implémentation
- For Mainland EFTs, also preserve ordering and intermediary originator/beneficiary information for the specific ten-year periods required by the 2019 regulation. Apply the longer or more specific lawful rule where obligations overlap.
- Preuves à conserver
- Payment retention map; message archive; tested retrieval; conflict-resolution record.
- Source primaire
- EFT and Cash Transaction Reporting Regulations 2019 regs. 9-10 (Mainland only) [09]
08Payment-system and electronic-money controlsThe National Payment Systems Act applies to Mainland Tanzania and Tanzania Zanzibar. Detailed licence conditions and later BoT instruments must be checked for the specific service.3 éléments+
Map each payment activity to BoT permission
- Action d’implémentation
- Classify payment-system operation, payment instruments, switching or processing, money transfer, e-money issuance and agent activity. Obtain the corresponding licence or approval and do not rely on a partner's permission unless the structure is expressly authorised.
- Preuves à conserver
- Activity-permission matrix; licence or approval; partner responsibility map; launch gate.
- Source primaire
- National Payment Systems Act 2015 ss. 2, 5, 15 and 24; Licensing Regulations 2015 [12][13]
Protect e-money and customer funds
- Action d’implémentation
- Where issuing e-money, implement the required eligible entity structure, trust or special-account arrangements, safeguarding, redemption, reconciliation, liquidity, agent, reporting and governance controls.
- Preuves à conserver
- E-money approval; trust documents; daily reconciliations; safeguarding and redemption tests; returns.
- Source primaire
- National Payment Systems Act 2015 Part VI-VII; Electronic Money Regulations 2015 [12][14]
Maintain operational, security and consumer controls
- Action d’implémentation
- Implement secure and resilient systems, incident management, records, customer-information protection, complaint handling, transparent terms and charges, agent oversight, business continuity and regulatory returns required by the Act, regulations, licence and current BoT instruments.
- Preuves à conserver
- Security and continuity tests; incident register; complaints MI; disclosures; agent monitoring; returns.
- Source primaire
- National Payment Systems Act 2015 ss. 43-53; Licensing Regulations 2015; current BoT publications [12][13][15]
09Personal data protectionThe Personal Data Protection Act 2022 applies in Mainland Tanzania and, in Tanzania Zanzibar, only to Union matters. Confirm whether each Zanzibar processing activity is a Union matter before relying on this framework.4 éléments+
Register and assign privacy accountability where required
- Action d’implémentation
- Determine controller or processor status, complete PDPC registration and renewals where applicable, appoint privacy responsibility, and keep an inventory that labels Zanzibar Union-matter scope.
- Preuves à conserver
- Registration certificate; renewal calendar; DPO or privacy appointment; processing inventory and scope analysis.
- Source primaire
- Personal Data Protection Act 2022 ss. 2 and 14; 2023 Regulations [16][17]
Use a lawful, fair and purpose-limited basis
- Action d’implémentation
- Document the lawful basis, purpose, necessity, proportionality, transparency, accuracy, minimisation, security and retention for KYC, screening, biometrics, monitoring and regulatory reporting. In Zanzibar, apply this statutory control only where the processing concerns a Union matter, while assessing other Zanzibar law separately.
- Preuves à conserver
- Privacy notice; lawful-basis register; data map; DPIA for high-risk processing; retention decision.
- Source primaire
- Personal Data Protection Act 2022, including territorial scope in s. 2 [16]
Enable rights and processor governance
- Action d’implémentation
- Operate authenticated workflows for applicable data-subject rights and complaints. Bind processors by written instructions, confidentiality, security, assistance, deletion or return, audit and subprocessor terms.
- Preuves à conserver
- Rights procedure and request log; processor agreements; due diligence; complaint records.
- Source primaire
- Personal Data Protection Act 2022 and 2023 Regulations [16][17]
Control security incidents and cross-border transfers
- Action d’implémentation
- Maintain proportionate technical and organisational security, breach detection and the applicable notification process. Before an international transfer, document the statutory transfer ground, safeguards and PDPC process. Apply the Zanzibar Union-matter qualification.
- Preuves à conserver
- Security controls; incident plan; breach register and notices; transfer assessment; contracts and approvals.
- Source primaire
- Personal Data Protection Act 2022 and 2023 Regulations [16][17]
10Launch and assurance gateTranslate legal requirements into tested evidence before onboarding customers or moving funds.3 éléments+
Complete pre-launch control testing
- Action d’implémentation
- Test identity and business verification, beneficial-owner tracing, PEP and sanctions screening, deferred-verification restrictions, monitoring, STR escalation, Mainland threshold reporting, wire information, retention, privacy and payment licence gates with positive and negative cases.
- Preuves à conserver
- Signed test plan; test data and results; defects and remediation; compliance launch approval.
- Source primaire
- Implementation synthesis [01]-[18]
Schedule independent assurance
- Action d’implémentation
- Use independent compliance and technical testing proportionate to risk. Report findings, owners and deadlines to senior management or the board and verify closure.
- Preuves à conserver
- Assurance report; board pack; remediation tracker; closure evidence.
- Source primaire
- Risk-based programme and governance duties [01][04][12]
Maintain a legal-change register
- Action d’implémentation
- Monitor FIU, BoT, BRELA, BPRA, PDPC, Gazette and FATF publications. Record territorial impact, effective date, owner, control change and re-test decision.
- Preuves à conserver
- Source register; alerts; impact assessments; version history; retraining and retest records.
- Source primaire
- Official publication channels [03][08][15][18]

10 domaines de contrôle et 40 vérifications d'implémentation avec sources réglementaires directes.
Téléchargez la checklist KYC, KYB et AML pour Tanzanie
Partagez vos coordonnées professionnelles pour accéder immédiatement à la checklist d'implémentation sourcée pour Tanzanie. Date de revue réglementaire : 15 July 2026.
Recevez le PDF immédiatement
Envoyez vos coordonnées pour démarrer automatiquement le téléchargement
Revue et sourcée
Version 1.3, revue le 15 July 2026
Approuvé par des équipes conformité de premier plan
Registre des sources primaires
22 sources utilisées pour cette checklist
Utilisez ces liens pour vérifier la législation, les lignes directrices, les procédures de déclaration et les statuts internationaux.
- 01Tanzania FIU · Anti-Money Laundering Act, Cap.423 R.E.2023
- 02Tanzania FIU · Zanzibar primary legislation
- 03Tanzania FIU · Official legislation portal
- 04Tanzania FIU · AML regulations 2022
- 05Tanzania FIU · Mainland AML amendment regulations 2023 (GN 853E)
- 06BRELA · Mainland company legislation and registry
- 07BRELA · Companies (Beneficial Ownership) Regulations 2021
- 08Zanzibar BPRA · Zanzibar Companies Act and registry
- 09Tanzania FIU · Mainland EFT and Cash Transaction Reporting Regulations 2019
- 10Tanzania FIU · Prevention of Terrorism (General) Regulations 2022
- 11Tanzania FIU · Prevention of Terrorism (General) Amendment Regulations 2023
- 12Bank of Tanzania · National Payment Systems Act 2015
- 13Bank of Tanzania · Payment Systems Licensing and Approval Regulations 2015
- 14Bank of Tanzania · Electronic Money Regulations 2015
- 15Bank of Tanzania · Current acts, regulations, circulars and guidelines
- 16Personal Data Protection Commission · Personal Data Protection Act 2022
- 17Personal Data Protection Commission · Privacy regulations and official guidance
- 18Tanzania FIU · STR and goAML information
- 11BTanzania FIU · Prevention of Terrorism (General) Amendment Regulations 2024
- 19Financial Action Task Force · Tanzania removed from increased monitoring, 13 June 2025
- 20Zanzibar BPRA · Companies Regulations 2017
- 21Financial Action Task Force · Current FATF Recommendations and Interpretive Notes
Réponses directes
Questions KYC, KYB et AML pour Tanzanie
Do the same AML and company laws apply across Tanzania?+
No. Mainland Tanzania and Tanzania Zanzibar have distinct general AML and company frameworks. The National Payment Systems Act applies to both, while each entity must map its territory, activity and regulator.
When is failed CDD reportable?+
Under Mainland AMLA section 16, if CDD cannot be completed, the business relationship must not start or must be terminated as applicable, and an STR must be considered and submitted where required. Separately, FATF Recommendation 10 interpretive guidance says that, where there is suspicion and continuing CDD would tip off the customer, the institution may stop the CDD process and file an STR; this is FATF guidance, not a separate rule attributed to AMLA section 16.
What are the Mainland automatic reporting thresholds?+
Under the 2019 Mainland regulation, report a single currency transaction of at least USD 10,000 equivalent and an EFT of at least USD 1,000 equivalent, generally within five working days. Related-transaction aggregation has a specific 24-hour and USD 10,000 rule.
Does the Tanzania privacy law apply in Zanzibar?+
The Personal Data Protection Act 2022 applies in Zanzibar only for Union matters. Non-Union processing requires a separate Zanzibar-law assessment.
Is Tanzania currently on the FATF grey list?+
No. FATF removed Tanzania from increased monitoring in June 2025, but firms must continue applying risk-based AML/CFT/CPF controls.
Méthode de recherche et de revue
VOVE ID Compliance Research cartographie le périmètre réglementaire, traduit les obligations en contrôles opérationnels, relie les affirmations importantes aux sources et date chaque revue.
VOVE ID Compliance Research · Revue le 15 July 2026 · Version 1.3
Educational implementation checklist, not legal advice. Tanzania has separate Mainland and Zanzibar company and AML frameworks. Confirm territorial scope, reporting-person status, sector rules, licence conditions, FIU instructions and later amendments with Tanzanian counsel and the relevant authority before launch.