AML country risk refers to the level of money laundering, terrorist financing, and broader financial crime risk associated with a particular country or jurisdiction, based on factors such as the strength of its legal and regulatory framework, the effectiveness of its law enforcement and supervisory authorities, its levels of corruption, its exposure to organised crime, and its track record of international cooperation on financial crime matters. Country risk is one of the core risk categories that obliged entities must consider as part of their overall customer risk assessment under EU law — alongside customer risk, product risk, and delivery channel risk — because the jurisdictions to which a customer or transaction is connected (through nationality, residence, place of incorporation, or the location of counterparties) can materially affect the likelihood that a relationship is being used for illicit purposes.
In practice, country risk is assessed using a combination of formal lists and broader contextual indicators. The European Commission maintains a list of high-risk third countries with strategic AML/CFT deficiencies, which automatically triggers mandatory Enhanced Due Diligence for any connected business relationship. The FATF maintains its own parallel lists — commonly referred to as the “black list” (jurisdictions under a call for action) and “grey list” (jurisdictions under increased monitoring) — which heavily influence the EU’s own designations. Beyond these formal lists, compliance professionals also draw on broader indices and assessments — such as Transparency International‘s Corruption Perceptions Index, sanctions exposure, and the jurisdiction’s history of involvement in major financial crime cases — to build a more nuanced picture.
