compliance

AMSF — Generic Guidelines V.2 (April 2026)

AMSF — Generic Guidelines V.2 (21 April 2026)

Major Changes V1 → V2

Acronym: AML/CFT-C → AML/CFT-P-C (explicit inclusion of Proliferation of weapons of mass destruction).
Authority: SICCFIN → AMSF (Autorité Monégasque de Sécurité Financière), independent administrative authority since Law No. 1.549 of 6/7/2023. Administrative sanctioning power (previously: Minister of State).
Integrates Moneyval 2023-2024 reform: 9 laws + 22 regulatory texts (Laws 1.549, 1.550, 1.553, 1.559).
Updated EU framework: 6th Directive, EU regulation of May 2024, AMLA (Frankfurt, operational 2025), MiCA (EU 2023/1114), TFR (EU 2023/1113 — crypto-asset Travel Rule).
New sections: virtual assets, prepaid cards, cash payments (thresholds 10k/30k over rolling 6 months), FICOBAM register, trust register, RIE-IBE.
Structure reorganised into 10 Parts (V1: 8).
Administrative/criminal sanctions schedule significantly more detailed.
STRIX: mandatory annual questionnaire via dedicated tool (penalties for non-response).
goAML: suspicious activity reports exclusively via this tool (PDF removed).

V2 Structure

Glossary / Preface / Flow diagrams Introduction — history and legal framework Part 1 — Risk-based approach Part 2 — Internal organisation obligations Part 3 — Client-level risk assessment Part 4 — Due diligence measures (standard / simplified / enhanced) Part 5 — Ongoing monitoring Part 6 — Doubt or suspicion Part 7 — Sanctions Part 8 — Data retention Part 9 — Registers Part 10 — Miscellaneous provisions Annexes A (asset justification), B (documents), C (BO rules), D (registers)

Monaco Actors

AMSF: supervision + FIU (Financial Intelligence Unit) + Sanctions function.
DBT: asset freezing.
DDE: beneficial ownership register (companies, EIGs, civil partnerships), trust register.
Department of the Interior: register of associations/foundations.
APDP: personal data protection.
DSP: declarations for transport of cash/bearer instruments >€10k.
AMAF: organises AML/CFT-C certification.
Coordination Committee (SO 9.729): national strategy, chaired by Minister of State.

Part 1 — Risk-Based Approach

Overall Risk Assessment (ORA) = mandatory 5-step process: 1. Analysis of inherent risks (structural factors, clients, products/services, channels, geography, technologies). 2. Analysis of existing mitigation measures. 3. Adjustment → residual risk. 4. Consistency with risk appetite. 5. Formalisation (written document approved by senior management), action plan, ongoing monitoring.

Review at least annually + trigger events (new product, new country, new technology, restructuring). Conducted before commencing activity. Must take into account the National Risk Assessment + AMSF Guidelines.

Note: external providers acceptable but the entity must understand the methodology and assume responsibility for results — "turnkey" solutions to be used with caution.

Part 2 — Internal Organisation

Governance: governing body sets risk appetite, allocates resources, compliance structures.
Fitness and propriety (art. 53-2): effective managers, partners, shareholders, BOs. Ongoing screening by AMSF Fitness & Propriety unit.
AML/CFT-P-C Officer: appointed by governing body, notified to AMSF within 15 days (online form).
For financial activities (art. 1 ch. 1-3): Master's degree or banking/finance/economics/legal equivalent + AMAF/AMSF certification (grandfather clause possible). Employer-funded.
Duties: internal procedures, particular examinations, suspicious activity reports, training, annual activity report to AMSF, annual STRIX questionnaire, AMSF point of contact.
Annual report not applicable to entities 15°/15°bis/15°ter.
RIE-BIE (officer for basic and BO information): designated with DDE or Department of the Interior. Natural person residing in Monaco from among partners/staff/directors, or failing that a TCSP/legal adviser/MFO/chartered accountant/notary/lawyer.
Internal procedures: formalised document in French, proportionate, covering entity+client risk assessment, due diligence, monitoring, retention, reports, digital tools.
Ongoing training of staff, internal whistleblowing procedure with designated trusted person.

Part 3 — Client-Level Risk Assessment

From commencement of business relationship or occasional transaction.
Method flexible (typically 3 levels low/medium/high, but any number permitted).
Weighting allowed but: must never prevent classification as high risk; AML/CFT-P-C Officer can override automated rating; the law always prevails for situations with imposed high risk.
Formalisation (Word/Excel/tool) dated, retained, auditable by AMSF.
Automated solutions authorised but criteria/weightings must be documented and adaptable.

Part 4 — Due Diligence Measures

Identification Thresholds (absent suspicion)

Entity / situation	Occasional threshold
General rule	Wire transfer OR ≥€15,000
Casinos (7°)	≥€2,000
Cash dealers in goods (15°, 15°ter)	≥€10,000 in cash
Very high-end goods/services dealers (15°ter)	≥€100,000
Virtual asset service providers (23° to 28°)	≥€1,000
Any suspicion	No threshold

Identification

Natural persons: surname, forename(s), nationality(ies), date/place of birth, address, nature/date/place/issuer of document + valid ID + proof of address if address absent from document or >1 year old.
Legal persons: name, legal form, registered office, partners, directors, effective third-party managers + registry extract + articles of association + proof of list of directors/partners + power of attorney where applicable. Ownership chart recommended.
Monaco clients: mandatory BO register extract; any discrepancy must be reported to DDE (dedicated form) under penalty of criminal sanctions.
Trusts: identification of settlor/trustee/beneficiaries/protector, trust deed, trust register extract.
Documentary verification: original document + copy retained, compliance by appending mention + date + signature. Translation by sworn translator or staff member proficient in the language. PRADO website for authenticity verification.

Socio-Economic Background

Purpose and nature of the relationship, reputation ("socio"), assets and origin of funds ("economic"). Supporting documents listed in Annex A (salaries, sales, inheritances, gifts, winnings, insurance surrenders, etc.).

Simplified Due Diligence

Cumulative conditions: assessed low risk AND no suspicion. Permits: deferring identity verification (max. before 1st transaction), simplifying background collection, extending review frequency. Must be expressly described in internal procedures. Eligible typologies (art. 21 ch. 2 SO): equivalent foreign obliged entities, transparent public authorities/bodies, listed companies.

Enhanced Due Diligence — Legal Cases

Post-identification doubt (re-identification).
PEPs (art. 24 SO): heads of State, ministers, parliamentarians, senior courts, political party leaders, courts of auditors/central banks, ambassadors/military, managers of public enterprises, international organisations. + family (spouse/partner/ascendants/direct descendants + spouses) + close associates (common BO, notorious business ties).
Non-exhaustive list: mayors, etc., depending on power/budget.
Domestic and foreign PEPs both covered.
PEP status does not automatically expire at end of office — case-by-case assessment.
Senior management approval before entering relationship; mandatory asset origin; enhanced ongoing monitoring.
Specific case: life insurance contract beneficiaries.
HTHR (FATF "grey" list + EU via Ministerial Order 2021-703): enhanced measures + possible countermeasures (prohibition of subsidiaries/branches, enhanced external audit, adjusted correspondent relationships).
HTNC (FATF "black" list by Ministerial Order — prevails over AMSF website): automatic suspicious activity report without threshold + mandatory particular examination. Entering relationship remains possible with enhanced measures.
Remote onboarding: refusal if suspicion of contact avoidance; scheduled physical meeting; 1st transaction via account at equivalent regulated institution; 2 official photo documents; eIDAS substantial/high level means (MO 2020-461/462).

Generic High-Risk Factors

Clients (opaque structures, nominee shareholders, cash, complex ownership), products/services (opaque, complex), transactions (abnormal, anonymous, unknown third parties), channels (remote, third-party representative), geography (FATF, sanctions, drugs, terrorism).

Part 5 — Ongoing Monitoring

File updates according to risk level. Indicative frequencies:
Low risk: every 5 years.
Medium risk: every 2-3 years.
High risk: annually.
Very high risk: annually.
Ad hoc review on change (marriage, new BO, new activity, negative press, payment from unknown third party, etc.).
Transaction monitoring automated / manual / hybrid. Automated mandatory for entities 1°-6° and 19° (credit, payment, electronic money, insurance, trusts, TCSP, MFO) except with motivated exemption renewed annually in Q1.
Automated system must: cover all accounts/transactions, discriminating criteria, rapid detection, written reports to Officer, initial validation + periodic reassessment.
Cash (art. 35):
≥€30,000 cumulative over rolling 6 months: absolute prohibition.
≥€10,000: permitted but risk assessment + enhanced due diligence + particular examination.
Prepaid cards / withdrawals: anonymity risks — caps, monitoring, supporting documents.
Virtual assets: origin verification (mining/purchase/transfer), proof-of-ownership via test transaction, blockchain address verification, AMF VASP lists, attention to mixers/tumblers and AECs.
Atypical transactions = complex transaction OR abnormally high amount OR unusual pattern OR no economic/lawful purpose — mandatory particular examination.

Part 6 — Doubt and Suspicion

Particular Examination (art. 14)

In-depth written analysis of an atypical transaction: description, client explanations, external research, conclusion. Submitted to AML/CFT-P-C Officer. Retained for 5 years. Atypical does not necessarily mean suspicious.

Suspicious Activity Report — 3 Mandatory Cases

Link with an HTNC — automatic, no threshold, no suspicion required.
Person subject to sanctions/freezing: potential match → DBT + AMSF report + suspension; confirmed match → immediate freezing + AMSF report + DBT.
Suspicious transaction/attempt: "know, suspect or have reasonable grounds to suspect" proceeds of crime (art. 218-3 Criminal Code: offences punishable by >1 year + limitative list) or terrorism/corruption financing.

Submission

Exclusively via goAML (prior registration of the entity).
Without delay — before execution of the transaction; the entity refrains from executing for 5 business days pending possible FIU objection.
Post-transaction exceptions (art. 39): impossibility of deferral, or deferral would obstruct prosecution.
Types: STR/SAR (suspicious transaction/activity); TFRT/TFRA (terrorism financing); PFTR/PFAR (proliferation); AIFT/AIFA (supplementary information); ANST/ANSA (response to AMSF request).
Supplementary report mandatory for any new information; its absence = deficiency.
Content: client/BO identification, purpose/nature of relationship, transaction description, analysis, execution deadline, attachments.

Professional Exceptions

Auditors, chartered accountants, tax/legal advisers: no reporting obligation during a legal consultation or assessment of client's legal situation.

Confidentiality & Protection

Absolute prohibition on informing the client or any third party (criminal sanctions art. 73).
Group/structure exception (art. 45): exchanges possible within banking/insurance group, within professional structure (auditors/accountants/advisers/notaries/lawyers), or between professionals acting for the same client on the same transaction — under strict conditions (no HTHR/HTNC, equivalent professional secrecy, AML/CFT-P-C purpose, compliance with Law 1.165 Monaco GDPR).
Criminal and civil exoneration for good-faith reporter (art. 44) — including if facts unsubstantiated or case dismissed.
Retention 5 years (extendable +5 years).

Internal Reporting

Dedicated procedure, trusted person, confidentiality, anonymity possible depending on size. Disclosure of whistleblower identity = 3 years imprisonment + €18-90k × 4.

Part 7 — Sanctions

Administrative Sanctions (AMSF — Sanctions Unit)

Breaches art. 64-7 (fine ≤€5,000, doubled on repeat, after unresolved formal notice): failure to submit ORA, failure to notify Officer within 15 days, etc.

Sanctions art. 65-8 (for breaches of Chapters II-IV, VI, X): 1. Warning 2. Reprimand 3. Cease and desist order 4. Prohibition of transactions 5. Compliance order 6. Regular reporting order 7. Financial penalty ≤€1M, or 10% annual NBI/turnover excl. VAT, or double the benefit derived (whichever highest). Up to €10M for banking/financial/insurance/crypto-asset sectors. 8. Suspension/revocation of work permit 9. Suspension/revocation of operating licence/authorisation 10. Prohibition from employment in the sector 11. Suspension (≤10 years) or revocation of management positions 12. Publication (anonymised or not) of the sanction

Suspended sentence possible. Sanctions may be combined. May target directors/employees personally. Appeal to Court of First Instance within 2 months.

Chartered accountants, notaries, bailiffs: sanctions according to their professional regulations (not art. 65-8).

Criminal Sanctions (art. 70 to 80-1)

Examples (natural persons, amount ×5 for legal persons + additional penalties art. 29-3 to 29-8 Criminal Code):

Breach	Sanction (NP)
Obstruction of AMSF inspection	1-6 months + €18-90k
Failure to disclose company BO	6 months + €18-90k
Shell correspondent relationship	€18-90k
Wilful failure to file suspicious activity report	€18-90k × 2
Wilful late filing / HTNC / freezing	€18-90k × 2
FICOBAM non-compliance	€18-90k × 2
Breach of SAR confidentiality	€18-90k × 4
Disclosure of whistleblower identity	3 years + €18-90k × 4
Cash receipt ≥€30k	€18-90k
Unauthorised access to BO / FICOBAM register	6 months-1 year + €18-90k × 10

Part 8 — Data Retention

Subject	Duration
Client + BO + agent identification documents/information + conduct/reputation	5 years from closure of relationship
Transactions (all media)	5 years from execution
Rejected prospects	5 years from the attempt
Information requests (AMSF, Prosecutor, DSP, DSF)	1 year
FICOBAM	5 years after account closure

Extendable +5 years (entity initiative, AMSF request, judicial request). Obsolete documents retained (not replaced). Access limited to persons designated in procedures. Destruction at expiry per documented procedure. Compliance with Law No. 1.565 of 3/12/2024 (personal data protection) — APDP authority.

Part 9 — Registers

Company/EIG BO register (DDE): mandatory for commercial companies, EIGs, Monaco civil partnerships. Extract to be collected before entering relationship. Accessible by obliged entities with AML/CFT-P-C justification. Objection possible by the declarant.
Trust register (DDE — Law No. 214 as amended + SO 8.635): any trust established/transferred in Monaco with Monaco trustee; any non-EU trust purchasing real estate or entering business relationship in Monaco.
Associations/foundations register (Department of the Interior — Law No. 56, SO 10.114): founders, directors, RIE-IBE, BOs. Modifications within 1 month.
FICOBAM (AMSF): register of payment accounts, IBAN bank accounts, safe deposit boxes. Declaration within 1 month by entities 1° and 2°. Direct access by AMSF, Prosecutor, DSP, judges (with logging).

Part 10 — Miscellaneous Provisions

AML/CFT-P-C Officer registration: form to contact@amsf.mc.
goAML registration: entity then user; browsers Chrome/Edge/Firefox ≥90, email accepting noreplygoaml@gouv.mc.
STRIX annual questionnaire via https://amsf.mc/supervision/questionnaire-amsf-strix — mandatory, penalties if incomplete.
Monitoring: Journal de Monaco, AMSF website, asset freezing newsletter.
Automated system exemption: motivated letter, renewed in Q1 annually.
Client awareness: mandatory DSP declaration for transport of cash/bearer instruments >€10k (fine = half the amount + possible seizure).

Annexes

A — Supporting documents by type of fund origin (salary, sale, inheritance, gift, gambling winnings, divorce, dividends, life insurance surrender, escrow, loan, etc.).
B — Documents to collect + visual examples (national ID, passports, biometric permits, residence cards FR/IT/UK/MC; RCI, RSSC extracts; Power of Attorney; trust deed; Articles of Incorporation; Certificate of Registration/Incumbency/Good Standing; share certificate; Nominee agreement; Partnership deed).
C — BO identification schemes: direct holding, indirect holding, mixed, with trust, with usufruct, with listed subsidiary, with minor, majority chain, family group, cross-holdings.
D — Register diagrams.

Referenced Practical Guides

Overall Risk Assessment (Guide #2)
Internal Procedures
PEPs
Suspicious Activity Reports
BOs and Complex Structures
Terrorism Financing
Internal Procedures
Private Banking and Wealth Management

Business Application Implications (Accounting Firm)

Document extraction: must cover complete Annex B — national ID, passport, biometric permit, residence card (MC/FR/IT/UK formats), RCI/RSSC extracts, Monaco BO register, articles of association, trust deed, POA, Articles of Incorporation, Certificate of Incumbency/Good Standing, share certificate, Nominee agreement, Partnership deed.
Mandatory legal person fields: name, legal form, registered office, principal place of business, partners, directors, effective third-party managers.
BO discrepancy reporting to DDE to be implemented (dedicated form, legal representative signature).
Review frequencies: low 5y / medium 2-3y / high 1y / very high 1y — configurable per entity.
Cash thresholds: block ≥€30k cumulative over rolling 6 months; enhanced due diligence alert ≥€10k over 6 months.
PEPs: cover family (spouse/partner/ascendants/descendants + spouses) + close associates (common BO, business ties); status persists after end of office until reassessment.
HTNC: automatic SAR trigger without threshold.
Retention: 5 years + preservation of obsolete documents (no overwriting).
goAML: future integration for suspicious activity reports (STR/SAR/TFRT/TFRA/PFTR/PFAR/AIFT/AIFA/ANST/ANSA).
STRIX: annual AMSF questionnaire — source documents to be retained for 5 years.