Introduction: AML/CFT in Morocco is no longer open to interpretation
“Compliance with anti-money laundering rules is not an option; it is a clear legal obligation.” That statement, attributed in the business press to Hazim Sebbata, captures the mood of the moment rather well. In Morocco, the debate has shifted. We are no longer asking whether businesses should build anti-money laundering and counter-terrorist financing systems. The real question is much more practical: how quickly can they close the compliance gap before a regulator, a professional body, or a criminal investigation forces the issue?
On the ground, the change is visible. A Casablanca accounting firm I recently discussed with had been operating for years with decent tax and corporate procedures, yet no structured AML/CFT framework at all. No client risk scoring. No beneficial ownership checklist. No internal escalation note. Then came a formal request linked to the ANRF Maroc declaration soupçon process. The partners were less shocked by the legal basis than by a brutal realization: they had assumed these obligations were mainly for banks. They were wrong.
That misunderstanding is still common, and honestly, in 2024, seeing businesses discover the existence of the ANRF during a control is worrying. Moroccan law has evolved significantly under the influence of FATF standards and the regional evaluations conducted by the MENAFATF/GAFIMOAN. The compliance burden is broader, more technical, and more enforceable than many directors think. The reputational cost is serious. The administrative cost can be heavy. And the criminal exposure, especially for managers who neglect internal controls, is very real.
This article breaks down the conformité LBC/FT Maroc entreprises framework in plain English, but without oversimplifying. We will look at the legal architecture created by Law No. 43-05 and strengthened by Law No. 12-18, identify the businesses and professionals that are actually subject to the rules, explain customer due diligence and beneficial ownership obligations, clarify how suspicious transaction reports are made to the ANRF, and detail the sanctions that can affect both the company and its directors. We will also discuss costs, timelines, and what a realistic programme conformité anti-blanchiment Maroc looks like for a Moroccan SME.
If you are a business owner, a finance manager, an accountant, a lawyer, a real estate intermediary, or simply a student trying to understand how Moroccan AML/CFT law works in practice, this is the legal map you need.
Why AML/CFT compliance became unavoidable in 2024
Three forces explain the current pressure. First, the law itself became more demanding after the reform introduced by Law No. 12-18. Second, Moroccan supervisory bodies such as Bank Al-Maghrib, ACAPS, and the AMMC have become more explicit in their sectoral expectations. Third, cross-border business now depends increasingly on proving compliance. International banks, insurers, investors and correspondent institutions routinely ask Moroccan counterparties to show internal AML/CFT procedures before they open accounts, approve financing or validate partnerships.
In clear terms, AML/CFT is no longer just a legal checkbox. It is now part of market access.
What non-compliant Moroccan companies really risk
The risk is not limited to a fine. A business may face a supervisory warning, a formal injunction, a disciplinary referral to its professional order, restrictions on operations, or the loss of commercial credibility with banks and foreign partners. For directors, the danger is sharper when failures are structural: absence of internal procedures, no compliance officer, no due diligence on clients, no suspicious transaction reporting despite obvious red flags. That is where the discussion moves from weak governance to possible personal liability.
What this article will help you understand
You will find here the answer to a few practical questions Moroccan professionals ask constantly: Who is actually subject to the law? What documents must be collected from a client? When does enhanced due diligence apply? How do you identify the beneficial owner of a SARL or SA? How does an ANRF Maroc déclaration soupçon work in practice? And what sanctions under Moroccan law can hit a negligent company or manager?
The Moroccan legal framework: Law 43-05 and the reforms that changed the game
The origin and evolution of Law No. 43-05
Morocco’s core anti-money laundering statute is Law No. 43-05 relating to the fight against money laundering, promulgated by Dahir No. 1-07-79 of 17 April 2007 and published in the Bulletin Officiel No. 5522 of 3 May 2007. This law created the basic architecture of preventive obligations, suspicious transaction reporting, and institutional coordination. It marked the point at which AML ceased to be treated solely as a criminal matter and became a compliance obligation imposed on a wide range of private actors.
That initial framework, however, was not the end of the story. Morocco’s mutual evaluation process highlighted weaknesses, especially around beneficial ownership, risk-based supervision, designated non-financial businesses and professions, and the alignment between preventive and penal rules. The result was a major legislative tightening through Law No. 12-18, published in the Bulletin Officiel No. 6786 of 27 June 2019.
At an ANRF seminar in 2022, a legal director from a Rabat fiduciary firm reportedly admitted that his team had not fully integrated the 2019 changes. That scene is telling. Many firms read the headline reform, but never translated it into internal procedures. That is where the real compliance gap lies.
The reforms introduced by Law No. 12-18
Law No. 12-18 substantially reinforced the Moroccan system. It expanded and clarified the list of persons subject to AML/CFT obligations, strengthened the rules on the identification of the beneficial owner, introduced more developed risk-based due diligence concepts, and enhanced cooperation with supervisory authorities. In practice, it made the old minimalist approach impossible to defend.
One of the most important additions concerns the beneficial owner. Under article 3 bis of Law 43-05 as amended, the obliged entity must identify the natural person or persons who ultimately own or control the customer. In corporate structures, this generally means tracing ownership up to the real individuals who hold, directly or indirectly, more than 25% of capital or voting rights, or who otherwise exercise effective control over management bodies.
Article 3 bis of Law 43-05 requires the identification of the beneficial owner, meaning the natural person who ultimately owns or controls the client or on whose behalf a transaction is conducted.
That may sound straightforward on paper. In reality, it is one of the most neglected duties in Moroccan practice. A Casablanca leasing company saw a financing file frozen for nearly three weeks because the client was a SARL held through two layers of companies and nobody had gathered the shareholder chain up to the natural persons. The file was commercially urgent. The legal issue was basic. This happens more often than many admit.
Application decrees and sector rules
The operational side of the law has also been shaped by Decree No. 2-21-406, published in the Bulletin Officiel No. 7009 of 22 July 2021, which sets out implementation modalities for certain aspects of Law 43-05. In parallel, sector regulators have issued guidance and circulars: Bank Al-Maghrib for credit institutions and payment entities, ACAPS for insurance and social protection operators, and the AMMC for capital market participants.
These texts matter because Moroccan AML/CFT compliance is not built from one statute alone. It is a layered system: statute, decree, sector circulars, professional guidance, and supervisory practice.
The link with the Moroccan Penal Code and terrorism financing rules
The preventive obligations under Law 43-05 operate alongside the criminal provisions of the Moroccan Penal Code, especially articles 574-1 to 574-7, which define and punish money laundering. Article 574-1 is central because it criminalizes acts such as facilitating the false justification of the origin of property or income of an offender, helping invest, conceal, transfer or convert proceeds derived from an offense, and acquiring or using property knowing it derives from criminal conduct.
Article 574-1 of the Moroccan Penal Code: money laundering covers, among other acts, the acquisition, possession, use, conversion, transfer, concealment or disguise of property knowing that it originates from an offense.
Counter-terrorist financing obligations must also be read with Law No. 03-03 relating to the fight against terrorism and the corresponding provisions of the Penal Code, notably articles 218-1 and following. The legal distinction is fundamental. Money laundering concerns the concealment of illicit origin. Terrorism financing may involve funds of licit or illicit origin, provided they are intended to support terrorist acts. Preventive compliance systems in Morocco are built to detect both.
Who is covered? Businesses and professionals subject to AML/CFT obligations in Morocco
The scope of article 2 of Law 43-05
The starting point is article 2 of Law 43-05, as amended. This provision lists the personnes assujetties LBC Maroc, that is, the entities and professionals legally subject to AML/CFT obligations. The list is broad and extends far beyond banks.
It includes, among others, credit institutions and assimilated bodies, payment institutions, insurance and reinsurance undertakings and intermediaries, stock exchange companies and other capital market actors, currency exchange operators, offshore financial participants where relevant, and a wide range of designated non-financial businesses and professions.
Those non-financial professions are where many misunderstandings persist: notaries, lawyers in certain transactional situations, accountants, statutory auditors, tax advisers, real estate agents, dealers in precious metals and stones, casinos, and persons who carry out or assist in financial transactions on behalf of clients. Company service providers and those involved in the creation, management or administration of legal entities also fall within the risk perimeter.
Article 2 of Law 43-05 subjects to AML/CFT obligations both financial institutions and several non-financial professions, including notaries, lawyers in specified activities, accountants, auditors and real estate intermediaries.
Non-financial professions: the hidden front line
A real estate intermediary in Marrakech once told me, half embarrassed and half irritated, that he thought AML rules were “a bank problem.” He changed his mind after an inspection request focused on high-value cash-linked transactions. This is exactly the point: sectors handling property, corporate structuring, investment flows or client funds are exposed whether they like the label or not.
Lawyers are subject to the regime in the situations expressly covered by the law, particularly when they assist in preparing or carrying out transactions for clients involving the purchase and sale of real estate, management of funds, securities or other assets, opening or management of bank or securities accounts, organization of contributions for the creation, operation or management of companies, and creation or management of legal persons or arrangements. The boundaries with professional secrecy require careful handling, but the obligation exists.
Notaries are equally central. Their role in property transfers, company constitutions and escrow-related operations puts them at the heart of transactional risk. The same is true for experts-comptables and commissaires aux comptes. For them, the issue is not theoretical. They are expressly covered and must maintain their own AML/CFT systems.
Financial sector entities
For banks, finance companies, insurers and market actors, the obligation is even less debatable. Bank Al-Maghrib, ACAPS and the AMMC have all developed increasingly detailed expectations regarding customer due diligence, transaction monitoring, internal control and suspicious transaction reporting. If you operate in finance and still rely on generic onboarding forms without risk classification, you are exposed. There is no softer way to say it.
Special cases: associations, foundations, holding structures
Not every association or holding company is automatically an obliged entity under article 2. But many are caught indirectly through the nature of their activities, the services they use, or the transactions they conduct. Associations and foundations may trigger heightened scrutiny where there is cross-border funding, opaque governance or links to high-risk zones. Holding structures, meanwhile, often create beneficial ownership opacity. Even where the entity itself is not the reporting subject, its counterparties will demand complete ownership and control documentation.
The 150,000 MAD threshold and cash operations
Moroccan AML/CFT practice also pays close attention to significant cash transactions. The law and sector guidance require vigilance where transactions are executed in cash beyond relevant thresholds, commonly referenced in practice around 150,000 MAD for heightened control contexts. In Morocco, the “coffee table risk” still exists, what some practitioners jokingly call the table basse problem: informal understandings around substantial sums with very poor documentation. From a compliance angle, those habits are dangerous.
Customer due diligence: what the law requires in practical terms
Standard due diligence: identify and verify the client
The core obligation is simple in theory and demanding in practice: know your customer. The due diligence client entreprise marocaine process starts before entering into a business relationship and applies again when carrying out occasional transactions in relevant risk situations.
For a natural person, this means collecting and verifying identity details using reliable documents: national identity card, passport, address, profession or activity, and where needed the source of funds. For a legal person, the file should include constitutional documents, commercial register extracts, tax identifiers, articles of association, information on directors and authorized signatories, proof of registered office, ownership structure, and beneficial ownership data.
Bank Al-Maghrib circulars and sector guidance insist on verification, not mere collection. A photocopy in a file is not a compliance system. You need to know whether the person exists, whether the company is active, whether the representative is authorized, and whether the ownership narrative makes sense economically.
Simplified due diligence: limited but possible
Simplified due diligence may apply where the risk is demonstrably low, but this should never become an excuse for superficial review. The risk-based approach is not a shortcut. If a client’s profile, transaction pattern, geography or ownership chain raises concerns, simplified treatment becomes inappropriate.
Many small businesses misunderstand this point. They assume long-standing local clients require no refresh because “we know them.” That is precisely how stale files accumulate. The old incomplete file that gets returned three times before validation is not just an administrative annoyance; in AML/CFT, it can become a legal weakness.
Enhanced due diligence for high-risk clients
Vigilance renforcée client risque élevé Maroc applies when the customer or transaction presents a higher risk of money laundering or terrorism financing. This typically includes politically exposed persons, clients linked to high-risk jurisdictions, complex or unusually large transactions without clear economic justification, non-face-to-face business relationships, and structures with opaque ownership.
Law 43-05, as amended, and the related guidance define politically exposed persons through the concept reflected in article 3 ter. These are individuals who hold or have held important public functions, as well as their family members and close associates in certain cases. When dealing with a PEP, the obliged entity must go further: obtain senior management approval, establish source of wealth and source of funds, and perform closer ongoing monitoring.
Enhanced due diligence in Moroccan AML/CFT practice means additional information, deeper verification, management approval for onboarding, and stronger ongoing monitoring where the risk level is high.
In practical terms, many Moroccan firms set review cycles for high-risk files at every 6 to 12 months. That is sensible. Waiting several years to refresh a high-risk relationship is difficult to defend.
Beneficial ownership: the obligation most often ignored
This deserves special emphasis. Under article 3 bis of Law 43-05, identifying the beneficial owner is not optional. If your client is a SARL, SA or any other legal entity, you must identify the real natural persons behind it. Where no one holds more than 25% but effective control exists through agreements, family arrangements or de facto power, the analysis must go beyond percentages.
Refusal to disclose beneficial ownership, or repeated inconsistencies in the corporate chain, is a major red flag. At that point, the business relationship may need to be refused or terminated, and in some cases a suspicious transaction report becomes necessary.
How often should client files be updated?
There is no universal one-size-fits-all timetable written into the law for every category of customer. The logic is risk-based. Low-risk files can be reviewed less frequently. Standard-risk clients often justify periodic refreshes every one to three years depending on the sector. High-risk clients should be reviewed much more closely, often every six to twelve months, and immediately when a trigger event occurs: change of ownership, unusual transaction, sanctions alert, media exposure, regulatory inquiry, or unexplained cash activity.
For a Moroccan SME, this is where digital tools become useful. A basic KYC and screening solution generally costs around 15,000 to 50,000 MAD per year, depending on user volume, sanctions screening modules and whether the provider is international or local. Casablanca pricing is often higher than in other cities, though smaller providers increasingly offer scaled packages for leaner structures.
Suspicious transaction reporting to the ANRF: what businesses must know
The ANRF and its central role
The Autorité Nationale du Renseignement Financier (ANRF) is the Moroccan financial intelligence authority responsible for receiving, analyzing and processing suspicious transaction reports and related information. It sits at the center of the preventive system. Businesses do not report suspicions to the public prosecutor as a first step; they report to the ANRF through the legally established channel.
This matters because the obligations déclaratives blanchiment capitaux Maroc framework is administrative and preventive before it becomes repressive. A suspicious transaction report is not a criminal complaint. It is a protected alert designed to help the competent authority assess whether further intelligence or judicial steps are needed.
When does suspicion arise?
A report is required when suspicion is formed, not when certainty is achieved. That distinction is crucial. The law does not ask the reporting entity to prove the offense. It asks it to react when facts, documents, behavior or transaction patterns reasonably suggest possible laundering or terrorism financing.
Typical indicators include inconsistent source of funds explanations, complex ownership structures with no business rationale, repeated cash deposits just below internal alert levels, rapid movement of funds through dormant accounts, acquisition of real estate through nominees, refusal to provide beneficial ownership documents, use of recently created companies with no operational footprint, and transactions involving high-risk jurisdictions without credible economic justification.
During an audit in Tangier, an accountant reviewing a distribution company noticed a pattern of split payments and fragmented cash movements that looked like classic structuring, or smurfing. The management team had treated it as “commercial flexibility.” It was not. It was exactly the kind of pattern that should trigger escalation.
How to file a suspicious transaction report in practice
The ANRF Maroc déclaration soupçon is made through the authority’s secure online platform. The obliged entity must first register and obtain access credentials. In practice, this means setting up the reporting channel in advance, not waiting for the first emergency. Once the suspicion is established, the report should be filed without delay. Moroccan law does not provide a numerical deadline in days, but voluntary delay after suspicion is formed can itself become problematic.
A practical reporting sequence usually looks like this:
Internal detection by front office, legal, finance, compliance or management.
Escalation to the designated AML/CFT officer or responsible manager.
Rapid internal review of the facts and supporting documents.
Decision to report if suspicion remains after preliminary assessment.
Submission through the ANRF secure platform with all relevant information and attachments.
Preservation of confidentiality and internal records.
The most common mistake is over-investigating internally for too long. Businesses sometimes spend weeks trying to “solve” the file before reporting. That is a strategic error. The law expects diligence, not paralysis.
Legal protection for the reporting entity
Article 18 of Law 43-05 gives legal immunity to persons who report in good faith. This protection covers civil and criminal consequences that might otherwise arise from breaching confidentiality toward the client.
Article 18 of Law 43-05: a person who, in good faith, makes a suspicious transaction report cannot be subject to legal action for breach of professional secrecy or for any resulting prejudice.
This protection is not theoretical. A notary in Fez who made a report concerning a property transaction later faced an angry client complaint. The immunity principle was precisely what shielded him. Good-faith reporting is protected by law.
No tipping-off: never warn the client
Article 20 of Law 43-05 prohibits tipping-off. In plain English, once a suspicious transaction report has been filed, or is about to be filed, the client must not be informed. No hint, no coded warning, no “just so you know, your file is under review.” Violating this rule can seriously compromise the system and expose the professional involved.
This is one of the hardest points for relationship-driven sectors such as real estate, accounting and legal practice. Moroccan business culture often values directness and accommodation. But here the law is strict: silence is part of the obligation.
Building an effective AML/CFT compliance program in Morocco
The five pillars of a workable system
A serious programme conformité anti-blanchiment Maroc usually rests on five pillars: governance, risk assessment, internal controls, training, and independent review. If one of these is missing, the system becomes fragile.
Governance means board or senior management ownership. Someone at the top must understand and support the framework. Risk assessment means mapping your exposure by client type, geography, products, channels and transaction patterns. Internal controls include onboarding procedures, screening, escalation rules, record retention and reporting workflows. Training ensures staff can detect red flags. Independent review means audit or external testing to verify that the system works in real life.
Appointing a compliance officer
Moroccan practice increasingly expects obliged entities to designate a person responsible for AML/CFT matters. The reform logic reflected in article 5 bis of Law 43-05 and sector rules points clearly in that direction. The title may vary, but the function is the same: centralize reporting, oversee implementation, liaise with regulators, maintain procedures, and monitor suspicious situations.
For a small structure, this may be a senior manager with additional training. For a larger company, it should be a dedicated compliance officer. The wrong approach is to assign the role informally to someone already overloaded and then forget about it.
Risk mapping for Moroccan companies
An enterprise-level risk map should not be copied from a foreign template. It must reflect Moroccan reality: cash intensity in certain sectors, family-owned structures, real estate exposure, use of intermediaries, links with Europe and West Africa, occasional documentary weaknesses, and the still-frequent confusion between tax regularity and AML compliance. They are not the same thing.
A practical risk matrix will classify clients by sector, legal form, ownership transparency, geography, transaction volume, use of cash, and PEP exposure. It should also identify vulnerable products or services: property sales, account opening, company formation, fiduciary services, high-value goods, insurance wrappers, and cross-border transfers.
Internal procedures and staff training
Written procedures are indispensable. They should explain onboarding, identification, beneficial ownership checks, risk scoring, enhanced due diligence, suspicious transaction escalation, record retention, refusal of business relationships, and communication with the ANRF or sector regulator. Generic policy binders downloaded from abroad are of little use if they do not fit Moroccan law and practice.
Training is just as important. Front-office staff often see the first red flags. Finance teams detect anomalies in payment patterns. Lawyers and accountants notice inconsistencies in ownership or purpose. Annual or semi-annual training, with attendance records and practical case studies, is increasingly expected. In Morocco, specialized training may cost roughly 5,000 to 15,000 MAD per employee, depending on the provider, duration and certification level. Institutions such as the CFPB, ISCAE-linked programs and targeted professional seminars can be relevant depending on the sector.
Technology and market tools
Moroccan companies, especially in Casablanca and Rabat, increasingly use screening and compliance tools such as World-Check, Dow Jones Risk & Compliance, and some local or regional solutions. These tools help with sanctions screening, PEP detection and adverse media checks, but they do not replace legal judgment. A screening hit is not a conclusion. It is the start of an analysis.
As for cost, an initial compliance audit by a specialized law firm or consultancy generally ranges from 30,000 to 120,000 MAD, depending on the company’s size, sector and complexity. Drafting internal procedures may cost another 20,000 to 60,000 MAD. For a structured SME, an initial implementation budget often falls between 70,000 and 200,000 MAD. That may sound significant. Compared with enforcement, commercial loss and criminal exposure, it is often modest.
A Casablanca accounting practice I know spent around 45,000 MAD over eight months to formalize a lean AML/CFT program: risk mapping, client forms, escalation template, and staff workshop. Their immediate gain was not just legal comfort. They also improved bank interactions and reduced onboarding delays with foreign counterparties.
Sanctions and criminal liability: what directors must understand now
Administrative sanctions under Law 43-05
Article 26 of Law 43-05 provides for administrative sanctions against entities that fail to comply with their AML/CFT obligations. These sanctions may include warnings, injunctions, disciplinary measures, and financial penalties. The fines can range from 50,000 MAD to 2,000,000 MAD, depending on the seriousness of the breach and the applicable supervisory framework. In some sectors, additional consequences may include suspension of activity or withdrawal of approval.
Article 26 of Law 43-05 allows sanctions including financial penalties from 50,000 to 2,000,000 MAD and, where appropriate, disciplinary or restrictive measures affecting the activity itself.
For regulated professions, disciplinary exposure can be severe. A notary, accountant, auditor, insurance intermediary or market professional may face action before the relevant professional or supervisory body in addition to the statutory sanction.
Criminal sanctions for money laundering
On the criminal side, article 574-1 of the Penal Code defines the offense, while the related provisions set out the penalties. In ordinary cases, the offense is punishable by imprisonment from 2 to 5 years and a fine that may reach a very substantial level, including amounts linked to the value of the property involved. Article 574-5 aggravates the situation in cases involving habitual conduct, organized crime, abuse of professional facilities, or recidivism.
The practical lesson is stark. If a company becomes a channel for laundering and management failed to put in place the controls required by law, the discussion may move quickly from compliance failure to criminal exposure.
Can a director be liable even without direct participation?
Yes. This is one of the most misunderstood points in Moroccan business circles. A director does not need to have personally laundered funds to be at risk. If the company was legally obliged to maintain AML/CFT controls and the leadership negligently failed to establish them, personal responsibility may arise through omission, facilitation, or breach of supervisory duties depending on the facts.
This is why the phrase responsabilité pénale dirigeant blanchiment Maroc should not be read as a remote academic concern. In practice, prosecutors and regulators often ask simple questions: Who was responsible? What procedures existed? Who reviewed the file? Why was no report made? If the answers are weak, exposure increases.
Corporate criminal liability
Moroccan law also recognizes the criminal liability of legal persons in many contexts. A company can therefore be sanctioned independently of, or alongside, the individuals who acted in its name or for its benefit. This can include fines, confiscation measures and reputational damage with long-term banking consequences.
Early Moroccan case law and enforcement reality
Publicly accessible Moroccan jurisprudence on AML is still less systematized than practitioners would like, but decisions from the criminal courts and commercial enforcement context show an unmistakable trend: where suspicious flows, false invoicing, concealed beneficial ownership or professional facilitation are established, judges do not treat the matter lightly. Cases involving exchange operations, real estate layering and company-account misuse have already shown that AML is no longer a dormant area of law.
We should be honest here. Morocco has made real progress, but the publication and accessibility of jurisprudence still lag behind what practitioners need for day-to-day benchmarking. That does not mean the risk is theoretical. It means businesses should not wait for a famous precedent before taking the law seriously.
The special role of accounting firms and auditors
Why accountants are on the front line
Audit conformité anti-blanchiment cabinet comptable Maroc is now a recurring topic for a reason. Accountants and auditors sit at a strategic observation point: they review books, cash flows, shareholder structures, tax positions, invoices and supporting documents. They are often the first professionals able to spot inconsistencies between declared business activity and actual financial behavior.
Under article 2 of Law 43-05, experts-comptables and commissaires aux comptes are expressly among the obliged persons. This means they are not merely advisers helping clients comply. They themselves must implement AML/CFT procedures, carry out KYC on their own clients, train staff, and report suspicious transactions to the ANRF where required.
Professional guidance from the Order of Chartered Accountants
The Ordre des Experts-Comptables du Maroc has issued guidance and circulars reminding members of their AML/CFT duties. These communications usually emphasize internal procedures, due diligence, record keeping, continuing education and the priority of statutory reporting obligations over ordinary confidentiality where the law expressly so provides.
Some practitioners still hesitate because of client relationship concerns. But the legal position is clear. Good-faith reporting benefits from the immunity of article 18. Silence in the face of obvious red flags is far more dangerous.
What an AML/CFT audit looks like in practice
An AML/CFT review performed by a law firm, compliance consultancy or accounting specialist generally includes document review, sample testing of client files, interviews with staff, assessment of risk mapping, examination of beneficial ownership practices, review of suspicious transaction escalation, and a final report with gaps and recommendations. For a Moroccan SME, the cost of a focused mission may range from 15,000 to 40,000 MAD. Broader remediation projects cost more.
The deliverables should not be decorative. They should include a gap analysis, an action plan, revised procedures, training support and, ideally, templates for onboarding and escalation.
Current developments and what Moroccan companies should expect next
MENAFATF evaluation and continuing pressure
The GAFIMOAN/MENAFATF mutual evaluation of Morocco and subsequent follow-up reports have played a major role in pushing reform. The message has been mixed but fair: Morocco has made visible institutional and legislative progress, yet some recommendations still face uneven implementation on the ground. That is an honest picture. The framework is stronger. Practice is still catching up.
Institutional coordination and future reforms
The work of the national coordination bodies on AML/CFT continues, and businesses should expect further refinement of supervisory expectations, especially around beneficial ownership transparency, digital reporting, and sector-specific guidance. Attention to virtual assets and crypto-related activity is also likely to intensify. Moroccan law is not static here.
RegTech and the digital turn
There is also a clear rise in RegTech solutions adapted to the Moroccan market. Screening, onboarding workflows, digital archiving and risk scoring are becoming more accessible, including for mid-sized companies. This is good news. Manual compliance remains possible for very small structures, but once transaction volume grows, spreadsheets and improvised checklists become risky.
Looking toward 2025-2026
Controls are likely to become more frequent and more data-driven. Large national projects, international events and the increasing scrutiny attached to cross-border capital flows will push Moroccan companies to prove stronger governance. Businesses that treat AML/CFT as a strategic function will be in a better position not only legally, but commercially.
Conclusion: AML/CFT compliance is a strategic investment for Moroccan businesses
The basic message is simple. Moroccan companies and professionals can no longer afford to improvise on anti-money laundering and counter-terrorist financing. The loi 43-05 blanchiment argent Maroc framework, reinforced by Law No. 12-18, imposes real duties: identify clients, verify beneficial owners, assess risk, apply enhanced due diligence where needed, keep records, train staff, and report suspicions to the ANRF without delay.
If you are an obliged entity, five actions should start immediately. First, confirm whether your activity falls under article 2 of Law 43-05. Second, appoint a responsible AML/CFT person. Third, map your risks and review your client files. Fourth, implement written procedures and staff training. Fifth, ensure your business is registered and operational for ANRF reporting if required.
For many companies, a realistic remediation period is six to twelve months. That is enough to build a serious baseline if management is committed. It is not enough if the subject is delegated, postponed and forgotten.
There is also a business upside that deserves mention. Strong AML/CFT compliance improves access to banking, financing, partnerships and international counterparties. In other words, compliance is not only defensive. It can be commercially useful.
And one final point, because practitioners in Morocco end up repeating it often: ignorance of the law is never a convincing defense before the courts or regulators. If your company handles risky transactions, structures deals, manages client money, sells property, provides accounting or legal transaction support, or operates in finance, now is the time to act. If needed, consult an avocat en droit des affaires au Maroc, seek conseil en conformité réglementaire pour entreprises marocaines, or speak to an avocat spécialisé en droit bancaire et financier au Maroc. In the sanctions phase, remediation is always more expensive.
As one Moroccan compliance practitioner put it to me recently, rather bluntly but quite accurately: “A culture of compliance costs money. A culture of negligence costs the business.”
