AML/CFT Law No. 20 of 2019 (Qatar)

What was Qatar's AML/CFT Law No. 20 of 2019?

Law No. (20) of 2019 was Qatar's anti-money-laundering and counter-terrorist-financing statute, enacted in September 2019 to replace the earlier 2010 framework and bring Qatar's AML/CFT regime into closer alignment with the FATF 40 Recommendations. It established the risk-based architecture for the prevention of money laundering and terrorism financing across financial and non-financial sectors, defined obliged-entity categories, mandated customer due diligence and beneficial-ownership identification, and required suspicious-transaction reporting to the Qatar Financial Information Unit (QFIU).

Although Law No. 20 of 2019 has since been replaced by Law No. (20) of 2021 — which refined the framework following Qatar's FATF Mutual Evaluation — the 2019 law remains an important reference. It established the core architecture that the 2021 law preserves and the operating practice that Qatari obliged entities continue to apply day to day. Historical filings, transactions, and enforcement actions originating during the 2019–2021 period continue to be assessed against the 2019 law.

Why the 2019 law mattered

The 2019 law was the foundation of Qatar's modern AML/CFT regime. It replaced a much older 2010 framework that had not kept pace with FATF standards, modernised the country's approach to risk-based supervision, broadened the obliged-entity perimeter to cover DNFBPs explicitly, and gave the QFIU clearer statutory authority. The law was a critical input to Qatar's FATF Mutual Evaluation, and the gaps identified in that evaluation drove the further refinements that became Law No. 20 of 2021.

Who was subject to the law

The 2019 law applied to a broad set of obliged entities that the 2021 law largely preserved. Financial Institutions included banks, exchange houses, money services businesses, finance companies, payment service providers, insurers and reinsurers, brokers, asset managers, and investment firms. Designated Non-Financial Businesses and Professions (DNFBPs) included real-estate brokers and agents, dealers in precious metals and stones, lawyers and other independent legal professionals, accountants and auditors, and trust and corporate service providers. The law was enforced by the Qatar Financial Information Unit (QFIU) in coordination with the Qatar Central Bank, the Ministry of Commerce and Industry, and the Qatar Financial Markets Authority (QFMA).

Core obligations under the 2019 law

The 2019 law established the risk-based AML/CFT framework that remains foundational to the Qatari regime. Every obliged entity had to operate a documented business-wide risk assessment, calibrated CDD and EDD procedures, sanctions screening, transaction monitoring, suspicious-transaction reporting, recordkeeping, training, and a designated Compliance Officer / MLRO function.

Customer Due Diligence was required before establishing the business relationship — verifying Know Your Customer (KYC) data using reliable independent sources, identifying beneficial owners (typically the 25% threshold), and understanding the nature and purpose of the relationship. Enhanced Due Diligence applied to higher-risk customers, PEPs, customers from high-risk jurisdictions, and complex ownership structures. Sanctions screening (see our sanctions screening AML guide) covered UN Security Council lists and Qatar's national designations, with positive matches frozen without delay. Transaction monitoring had to be calibrated to the entity's risk profile (see our primer on transaction monitoring in AML), with any suspicion escalated to the MLRO and reported to the QFIU as a Suspicious Transaction Report (STR). Records had to be retained for at least five years from the end of the customer relationship or completion of the transaction, and ongoing AML/CFT training was required for staff in proportion to their role. Many Qatari entities deployed unified AML screening platforms — see our AML compliance complete guide for the broader programme architecture.

MLRO and Compliance Officer requirements

The 2019 law required every obliged entity to appoint a Compliance Officer / Money Laundering Reporting Officer (MLRO) of sufficient seniority to act independently of commercial functions, with direct access to senior management and the authority to file STRs without management approval. The MLRO was responsible for the entity's AML/CFT framework, training oversight, and reporting on programme effectiveness to senior management.

Suspicious transaction reporting

Where an obliged entity knew, suspected, or had reasonable grounds to suspect money laundering, terrorism financing, or a predicate offence, the MLRO had to file a Suspicious Transaction Report (STR) with the QFIU without delay. Strict tipping-off prohibitions applied — disclosing the existence or content of an STR to the customer was itself an offence. STR data fed Qatari law-enforcement and supervisory action and was a primary input to the QFIU's national typology and risk-assessment work.

Transition to Law No. 20 of 2021

Following Qatar's FATF Mutual Evaluation, the country enacted Law No. (20) of 2021 to address evaluation findings and refine the 2019 framework. The 2021 law preserved the core architecture but tightened beneficial-ownership requirements, more explicitly covered virtual asset service providers (VASPs) and crypto-asset activity, refined the powers and procedures of the QFIU, expanded the penalty schedule, and addressed effectiveness gaps identified by FATF. Institutions whose programmes were built around the 2019 law generally needed to refresh policies, beneficial-ownership procedures, VASP-related controls, and STR practices following the 2021 update — but did not need to reconstruct their framework from scratch.

Why the 2019 law still matters

Although the 2019 law is no longer the operative statute, it remains relevant for several reasons. Historical compliance — transactions, customer relationships, and STR filings from the 2019–2021 period continue to be assessed against the 2019 law. Regulatory continuity — much of the supervisory practice that the QFIU, QCB, and QFMA apply today was established under the 2019 framework. Comparative reference — understanding what changed in the 2021 update requires understanding the 2019 baseline. For any historical investigation, transition project, or compliance archaeology exercise, Law No. 20 of 2019 remains a primary reference.