January 29, 2026, is an important date for AML/CFT professionals in the European Union — the updated EU high-risk third country list will come into force, directly affecting customer risk assessment, transaction monitoring and the scope of enhanced due diligence (EDD). This is not just a “list adjustment” — it is a clear message from the regulator about how the EU assesses international financial crime risks and what obligations it expects from responsible entities.
On December 3 and 4, 2025, the European Commission adopted two new delegated regulations — (EU) 2026/46 and 2026/83 — amending the list of third countries with strategic deficiencies in their AML/CTF systems. These changes will apply starting from 29 January 2026.
Important point: in the updated version, the total number of high-risk countries is reduced from 41 to 35, reflecting a dynamic and evidence-based approach in line with international assessments.
From a practical point of view, this means one thing: any transactions, customer relationships or structural elements related to these countries automatically require enhanced supervision, including EDD measures, additional documentation, explanation of the origin of funds and more frequent monitoring.
Particularly significant — Russia’s inclusion in the EU’s high-risk list at this point reinforces the trend that risk management is based not only on sanctions regimes, but also on AML/CTF vulnerabilities (including risks of corruption, weak controls, shadow economy, and use of intermediaries).
The European Commission’s announcement indicates that several jurisdictions are being removed from the list:
Such changes often coincide with the FATF’s review of its grey list and progress in addressing strategic deficiencies, but this does not mean automatic risk exclusion for the entities concerned. From a AML/CTF perspective, removal from the list means that the relevant regulatory pressure will decrease, but customer risk assessment must still be based on actual risk factors (business model, transaction profile, UBO structure, etc.).
In practice, the EU list of high-risk third countries is a direct trigger for the following obligations:
1. Mandatory application of enhanced due diligence to transactions and relationships with countries included in the list;
2. Enhanced transaction monitoring (especially international payments, correspondent banking chains, foreign intermediaries);
3. Additional documentation requirements (origin of funds and wealth, economic justification for the transaction);
4. Risk model adjustments (country risk coefficients, scenarios, automated alerts);
5. KYC/KYB data quality review, including UBO checks and sanctions screening.
These changes confirm once again that the AML/CTF environment in Europe is becoming increasingly precise, dynamic, and enforcement-oriented. In 2026, country risk is no longer a “formality” — it is a practical tool that affects both the customer service model and reputation protection, as well as the maturity of internal controls expected by regulators.
If your organization has not yet integrated the update into its KYC/monitoring processes, January 29, 2026 is a date that cannot be ignored.
Need advice? Write to us at [email protected]
aml.plus team
English 
Latvian 
Russian 
Greek