.webp)
What is the FATF Grey List?
Quick answer
The FATF Grey List, officially "Jurisdictions under Increased Monitoring," identifies countries with strategic deficiencies in their AML/CFT regimes that have committed to remediate them on an agreed timeline. It differs from FATF's Black List, which demands outright countermeasures. Banks must apply enhanced due diligence to transactions and counterparties linked to grey-listed jurisdictions.
The full answer
The FATF Grey List is the informal name for FATF's "Jurisdictions under Increased Monitoring" list. A country appears on it because FATF has found strategic deficiencies in its AML or CFT framework during a mutual evaluation, and the country has agreed to address those deficiencies under FATF oversight on a defined timeline. It's a monitored commitment mechanism.
The distinction from the Black List matters in practice. The Black List ("High-Risk Jurisdictions Subject to a Call for Action") triggers active countermeasures, and institutions dealing with Black-Listed countries face the most stringent possible requirements. Grey-listed countries occupy a different position: the deficiencies are real and unresolved, but the government is cooperating. That still generates significant compliance obligations for every institution with exposure to that jurisdiction.
FATF updates both lists three times a year, at plenary sessions typically held in February, June, and October. The February 2023 plenary added South Africa and Nigeria, a significant development given the size of both economies. South Africa completed its action plan and was removed at the October 2023 plenary. Pakistan was listed from 2018 to 2022, a four-year process that meaningfully constrained its correspondent banking access and sovereign borrowing costs.
Countries are listed for specific, documented failures. Common action plan items include: weak beneficial ownership registration and verification frameworks, inadequate supervision of financial institutions and Designated Non-Financial Businesses and Professions (DNFBPs), gaps in financial intelligence unit capabilities, low money laundering prosecution rates, and failure to implement targeted financial sanctions.
The FATF Risk-Based Approach under Recommendation 1 requires institutions to calibrate controls to actual risk. Counterparties and transactions connected to grey-listed jurisdictions sit at the higher end of that spectrum by default. The list currently contains around 20–30 jurisdictions at any given time, though the exact composition changes at each plenary.
Official list: FATF High-Risk and Other Monitored Jurisdictions, updated after each plenary session.
Why this matters
Grey-listing changes the compliance calculus for every institution with exposure to the listed country. The effects run across KYC, transaction monitoring, and correspondent banking.
At minimum, Customer Due Diligence (CDD) requirements tighten immediately. Customers and counterparties from grey-listed jurisdictions require Enhanced Due Diligence (EDD), not standard procedures. That means obtaining more documentation, verifying sources of funds, understanding the business relationship's purpose in detail, and refreshing that verification more frequently.
Correspondent banking takes the hardest hit. FATF Recommendation 13 already demands that correspondent banks assess and monitor the AML/CFT controls of their respondent institutions. Grey-listing adds pressure: the respondent is operating in a jurisdiction FATF has flagged for strategic deficiencies. Many major banks respond by terminating correspondent relationships entirely. The Basel Institute on Governance's Basel AML Index consistently shows grey-listed countries ranking worse on financial transparency and AML effectiveness, which feeds directly into counterparty risk assessments.
Transaction monitoring obligations intensify across the board. Flows involving grey-listed jurisdictions need closer scrutiny, and Suspicious Activity Reports (SARs) or Suspicious Transaction Reports (STRs) need to go out when patterns are unexplained.
Ultimate Beneficial Owners (UBOs) of entities tied to grey-listed jurisdictions get extra scrutiny, particularly when they're also Politically Exposed Persons. The combination of grey-listed jurisdiction plus PEP status is a near-automatic EDD trigger in most compliance frameworks.
For KYB processes specifically, grey-listing changes the baseline risk tier for any corporate counterparty incorporated in or operating primarily from the listed country. That's not optional interpretation. UK FCA guidance, EU AML Directive requirements, and FinCEN advisories all treat FATF grey-listing as a mandatory input to risk classification.
The practical problem for compliance teams is the update cadence. The list changes three times a year. Risk ratings built annually will be stale by the time the next plenary adds a major economy. Institutions that automate grey list monitoring directly into their transaction screening and KYC refresh processes catch status changes within days. Those relying on annual policy reviews often miss a plenary cycle entirely.
The FCA's guidance on money laundering and terrorist financing explicitly identifies FATF's lists as a primary input for determining when enhanced scrutiny applies. That framing is consistent across US, EU, and APAC regulatory regimes.
Related questions
- What is Enhanced Due Diligence (EDD)?
- What is Customer Due Diligence (CDD)?
- What is a Suspicious Activity Report (SAR)?
- What is FATF Recommendation 13 on Correspondent Banking?
- What is the FATF Risk-Based Approach (Recommendation 1)?