Edition 5 · Wednesday, June 24, 2026
What’s new in compliance. Why it matters. What it means for your operations.
In This Edition
FATF Reshapes Its Grey List
From the Founder
The grey list is not a watchlist you check once a quarter; it is a live input to every country risk score you run. When FATF moves two countries on and two off in a single Friday, a static model is out of date by Monday. Compliance officers who treat it as fixed will explain that gap to an examiner.
Dominic Suszek
Founder and CEO, Global RADAR
30-Second Read
→ FATF added Iraq and Bosnia and Herzegovina to the grey list, removed Algeria and Namibia
→ OFAC sanctioned a nine-target ISIS crypto network, naming on-chain wallet addresses directly
→ UK narrows enhanced due diligence to FATF call-for-action countries from June 30
Skip to: Top Story | Enforcement | Guidance | Calendar
Top story of the week
FATF reshaped its grey list on June 19. The Financial Action Task Force closed its June Plenary by adding Bosnia and Herzegovina and Iraq to its list of jurisdictions under increased monitoring, and by removing Algeria and Namibia after on-site visits confirmed their action plans were complete. Twenty-two jurisdictions now sit on the list. Incoming president Giles Thomson of the United Kingdom takes office July 1, naming fraud, the risk-based approach, and information sharing as his priorities.
Why This Matters
Two countries moving onto the list raises the diligence bar for any relationship touching Bosnia or Iraq, while the two removals let you right-size controls on Algeria and Namibia. The list feeds into your country risk scoring, so a rating that reflects last week is now a documented gap.
Operational Implications
Three steps for this week:
- Update your country risk ratings for Bosnia, Iraq, Algeria, and Namibia today, and run a look-back across open files tied to all four.
- Re-screen relationships in the two added jurisdictions for enhanced due diligence triggers before month end.
- Do not quietly downgrade Algeria and Namibia; removal from the list is not removal of risk, so document the evidence behind any control change before your examiner asks for it.
Enforcement and penalties
- OFAC, June 22: Sanctioned three individuals and six entities, including Syria-based Bitcoin Xchange, for routing crypto to ISIS across Europe, the Middle East, and Africa, naming specific TRON wallet addresses.
- AUSTRAC, June: The Federal Court of Australia imposed civil penalties on Castra Licensee and Princeton Securities after they failed to pay AML infringement notices.
- OCC, June: Announced its monthly enforcement actions, including prohibition orders against two former bank officers for misconduct.
- FCA, June: Published findings from its review of sanctions systems and controls at more than 150 firms, flagging weak screening and alert management.
Why This Matters
Terrorist financing has moved on-chain, and supervisors from Washington to Canberra are pairing entity penalties with named individuals. The OFAC action shows wallet-level attribution is now standard tradecraft, not a novelty, so screening that stops at names and never reaches addresses leaves an exposed flank.
Operational Implications
Two operational moves this week:
- Push the named ISIS wallet addresses into your blockchain screening today and run them against open and recently closed cases.
- Brief your sanctions team that address-level attribution is the new baseline; a program that screens names but not wallets will fail its next exam, so close that gap before the examiner finds it.
New guidance and rulemaking
- In force June 30, 2026: The UK Money Laundering Amendment Regulations narrow the enhanced due diligence trigger to FATF call-for-action countries, currently Iran, North Korea, and Myanmar; monitoring-list countries remain a risk factor.
- Effective July 1, 2026: AUSTRAC Tranche 2 obligations begin for legal, accounting, real estate, and precious-metals businesses.
- FinCEN, June 12: Updated section 314(b) guidance clarifying how institutions can share information with each other about suspected fraud.
Why This Matters
The UK is the first major regime to formally untie its enhanced due diligence trigger from the FATF monitoring list, a real divergence from the US and EU approach. Firms running a single global screening rule will now need country logic that reflects each regime’s own definition.
Operational Implications
A practical playbook:
- Map where your enhanced due diligence rules key off the old high-risk third country list and rewrite them to the June 30 UK definition.
- If you operate in Australia and touch Tranche 2 sectors, confirm your enrolment and risk assessment are complete before July 1.
- Resist running one global rule; the UK and US definitions now diverge, and a single rule will either over-flag or miss, so build country-specific logic instead.
Coming up in the next 30 days
| Date |
Event or deadline |
| June 30, 2026 |
UK Money Laundering and Terrorist Financing Amendment Regulations 2026 come into force, narrowing the enhanced due diligence trigger. |
| July 1, 2026 |
AUSTRAC Tranche 2 obligations commence for legal, accounting, real estate, and precious-metals businesses. |
| July 1, 2026 |
Giles Thomson of the United Kingdom begins his term as FATF President, with fraud and information sharing as stated priorities. |
Next Wednesday
Next Wednesday: with the UK enhanced due diligence changes live as of June 30 and AUSTRAC Tranche 2 in force July 1, we will have the first read on how firms are operationalizing both, and what the new FATF presidency signals for fraud and information sharing.
Want a 30-minute review of your country risk model against the new FATF monitoring list? Book a call with a Global RADAR compliance specialist.
Best regards,
Dominic Suszek
Founder and CEO, Global RADAR
globalradar.com