AML Compliance in Morocco: A 2025 Guide for Fintechs and Regulated Businesses

Morocco has significantly strengthened its fight against money laundering, moving from the Financial Action Task Force (FATF) grey list in 2021 to its removal in February 2023. This progress reflects robust reforms, but it also means fintechs, banks, and other regulated businesses face a complex AML landscape. This guide outlines Morocco’s AML framework, key institutions, and actionable strategies for 2025, tailored for payments, crypto, BNPL, and gig economy platforms.

Morocco’s AML Legal Framework: Law 43-05 and Recent Updates

Morocco’s AML efforts hinge on Law No. 43-05, enacted in 2007 and amended by Law No. 12-18 in 2021. These updates broadened the definition of money laundering, mandated risk-based customer due diligence (CDD), and enhanced beneficial ownership transparency.

Key compliance requirements include:

• Covered Entities: Banks, fintechs, real estate agents, accountants, lawyers, insurers, and other designated non-financial businesses and professions (DNFBPs) must implement AML/CFT programs.
• Risk-Based KYC: Businesses must assess customer risk profiles and apply enhanced due diligence (EDD) for high-risk clients or jurisdictions.
• Beneficial Ownership: Companies must identify, verify, and regularly update information on ultimate beneficial owners (UBOs).
• Suspicious Transaction Reporting: Suspicious activities must be reported to the Autorité Nationale du Renseignement Financier (ANRF), Morocco’s Financial Intelligence Unit.
• Record-Keeping: Transaction and identification data must be retained for at least 10 years.
• Penalties: Non-compliance risks administrative fines or criminal charges.

Key Institutions Driving AML Enforcement

Several regulatory bodies oversee AML/CFT compliance:

• ANRF (FIU): Processes suspicious transaction reports, collaborates with law enforcement, and shapes national AML strategies.
• Bank Al-Maghrib (BAM): Supervises banks, payment institutions, and credit providers, issuing an updated AML/CFT guide in 2025.
• ACAPS: Regulates insurance and pension sectors, aligning rules with Law 12-18.
• AMMC: Oversees capital markets, enforcing AML and securities regulations.
• Ministry of Justice and Public Prosecutor: Leads criminal investigations and prosecutions for money laundering.

In 2025, enhanced inter-agency cooperation—through joint inspections, real-time data sharing, and unified oversight—has bolstered enforcement.

Post-Grey List: FATF and MENAFATF Evaluations

Morocco exited the FATF grey list in February 2023 after completing a 15-point action plan, improving beneficial ownership transparency, expanding ANRF authority, and strengthening sanctions. The Middle East and North Africa Financial Action Task Force (MENAFATF) May 2024 report rated Morocco:

• Largely Compliant with 28 of FATF’s 40 Recommendations.
• Partially Compliant with 10, including burden of proof, corporate criminal liability, and asset recovery.

In 2025, MENAFATF’s ongoing evaluations signal continued scrutiny, with increased audits, stricter penalties, and focus on onboarding and third-party relationships.

What’s New in 2025?

Key developments shaping Morocco’s AML landscape include:

• Digital AML Guide: In March 2025, BAM and ANRF released a detailed AML/CFT guide, outlining KYC procedures, red flags, and transaction monitoring best practices.
• Record Convictions: Money laundering convictions rose to 134 in 2024 (from 74 in 2021), reflecting stronger law enforcement coordination.
• Real Estate Oversight: Since late 2023, Decree 2.21.708 has subjected real estate agents to full AML/CFT obligations, addressing prior supervisory gaps.
• Crypto Regulation: Cryptocurrencies remain banned domestically, but a draft law expected by Q4 2025 will introduce a regulated digital asset framework with rigorous AML/CFT requirements.

AML Compliance Tips for Fintechs and Digital Businesses

For fintechs, BNPL providers, crypto platforms, and gig economy businesses, AML compliance is both a regulatory necessity and a strategic advantage. Here’s how to stay ahead:

1. Risk-Based Onboarding

Tailor Customer Due Diligence (CDD) to risk levels:

• Verify identities of individuals and legal entities.
• Assess the purpose and nature of the relationship.
• Screen for Politically Exposed Persons (PEPs) and Ultimate Beneficial Owners (UBOs).
• Apply Enhanced Due Diligence (EDD) for high-risk clients or jurisdictions.

2. Robust KYB Processes

Under Know Your Business (KYB), identify and verify natural persons owning or controlling 25% or more of an entity. Keep this data updated and accessible for ANRF or regulator requests.

3. Monitor Thresholds and Suspicious Activity

Report to the ANRF:

• Cash transactions exceeding MAD 200,000 (≈ $20,000).
• Suspicious behaviors, such as transaction structuring or forged documents.
• Cross-border transactions showing unusual patterns.

4. Vet Third-Party Vendors

Ensure vendors (e.g., payment processors or KYC providers) comply with Morocco’s AML/CFT standards. Conduct regular audits and maintain contracts specifying compliance responsibilities.

5. Leverage Secure Digital Verification

Without a national eID, digital KYC solutions are critical. Solutions like VOVE ID provide biometric and document-based verification, designed to align with Morocco’s AML/CFT requirements and Law 09-08 on personal data protection, helping fintechs and SMEs streamline compliant onboarding.

6. Invest in Training and Monitoring

• Train staff to identify red flags and suspicious activity.
• Deploy real-time transaction monitoring systems.
• Conduct internal audits to ensure policies are auditable and compliant.

Final Thoughts

Morocco’s AML framework aligns closely with global standards, but stricter enforcement in 2025 demands vigilance. For fintechs and digital businesses, compliance is a legal obligation and a market differentiator. By adopting risk-based KYC/KYB, leveraging solutions like VOVE ID for secure verification, and staying updated on regulations, businesses can build trust, mitigate risks, and thrive in Morocco’s dynamic digital economy.