Technical Compliance Methodology

For Official Use FATF/WGEI(2012)56/ANN1
Financial Action Task Force

Groupe d’Action Financière 13-Nov-2012
___________________________________________________________________________________________
English - Or. English
For Official Use
FATF/WGEI(2012)56/ANN1
Working Group on Evaluations and Implementation
REVISED TECHNICAL COMPLIANCE METHODOLOGY - ANNEX
10-14 December 2012, Nuveau Centre de Conférences Luxembourg - Kirchberg (NCCK), Luxembourg
FATF-XXIV
Please bring this document with you to the meeting as no paper copy will be available at that time.
John CARLSON, Tel.: +(33-1) 45 24 79 46, john.carlson@fatf-gafi.org

Tom NEYLAN, Tel.: +(33-1) 45 24 98 53, tom.neylan@fatf-gafi.org
Alvin KOH, Tel.: +(33-1) 45 24 96 44, alvin.koh@fatf-gafi.org
JT03330667
English - Or. English
This document and any map included herein are without prejudice to the status of or sovereignty over any territory, to the delimitation of
international frontiers and boundaries and to the name of any territory, city or area.
REVISED TECHNICAL COMPLIANCE METHODOLOGY – ANNEX
Recommendation 1 – Assessing Risks & Applying a Risk-Based Approach1
Obligations and decisions for Countries
Risk assessment
1.1 Countries2 should take steps to identify and assess the money laundering and terrorist financing
risks for the country,
1.2 Countries should designate an authority or mechanism to coordinate actions to assess risks.
1.3 Countries should keep the risk assessments up-to-date.
1.4 Countries should have mechanisms to provide information on the results of the risk assessment to
all relevant competent authorities and self-regulatory bodies (SRBs), financial institutions and
DNFBPs.
Risk mitigation
1.5 Based on their understanding of their risks, countries should apply a risk-based approach to
allocating resources and implementing measures to prevent or mitigate money laundering and
terrorist financing.
1.6 Countries which decide not to apply some of the FATF Recommendations requiring financial
institutions or DNFBPs to take certain actions, should demonstrate that:
(a) there is a proven low risk of money laundering and terrorist financing; the exemption
occurs in strictly limited and justified circumstances; and it relates to a particular type of
financial institution or activity, or DNFBP; or
(b) a financial activity (other than the transferring of money or value) is carried out by a natural
or legal person on an occasional or very limited basis (having regard to quantitative and
absolute criteria), such that there is low risk of money laundering and terrorist financing.
1.7 Where countries identify higher risks, they should ensure that their AML/CFT regime addresses
such risks, including through: (a) requiring financial institutions and DNFBPs to take enhanced
measures to manage and mitigate the risks, or (b) requiring financial institutions and DNFBPs to
ensure that this information is incorporated into their risk assessments.
1
The requirements in this recommendation should be assessed taking into account the more specific risk
based requirements in other Recommendations.
2
Where appropriate, AML/CFT risk assessments at a supra-national level should be taken into account when
considering whether this obligation is satisfied.
2
1.8 Countries may allow simplified measures for some of the FATF Recommendations requiring
financial institutions or DNFBPs to take certain actions, provided that, a lower risk has been
identified, and this is consistent with the country’s assessment of its ML/TF financing risks3.
1.9 Supervisors and SRBs should ensure that financial institutions and DNFBPs are implementing
their obligations under Recommendation 14.
Obligations and decisions for FIs and DNFBPs
Risk assessment
1.10 Financial institutions and DNFBPs should be required to take appropriate steps to identify, assess,
and understand their money laundering and terrorist financing risks (for customers, countries or
geographic areas; and products, services, transactions or delivery channels)5. This includes being
required to:
(a) document their risk assessments,
(b) consider all the relevant risk factors before determining what is the level of overall risk and
the appropriate level and type of mitigation to be applied,
(c) keep these assessments up to date, and
(d) have appropriate mechanisms to provide risk assessment information to competent
authorities and SRBs.
Risk mitigation
1.11 Financial institutions and DNFBPs should be required to:

(a) have policies, controls and procedures, which are approved by senior management, to
enable them to manage and mitigate the risks that have been identified (either by the
country or by the financial institution or DNFBP);
(b) monitor the implementation of those controls and to enhance them if necessary; and
(c) take enhanced measures to manage and mitigate the risks where higher risks are identified.
1.12 Countries may only permit financial institutions and DNFBPs to take simplified measures to
manage and mitigate risks, if lower risks have been identified, and criteria 1.9 to 1.11 are met.
Simplified measures should not be permitted whenever there is a suspicion of money laundering or
3
Where the FATF Recommendations identify higher risk activities for which enhanced or specific measures
are required, countries should ensure that all such measures are applied, although the extent of such
measures may vary according to the specific level of risk.
4
The requirements in this criterion should be assessed taking into account the findings in relation to
Recommendations 26 and 28.
5
The nature and extent of any assessment of money laundering and terrorist financing risks should be
appropriate to the nature and size of the business. Competent authorities or SRBs may determine that
individual documented risk assessments are not required, provided that the specific risks inherent to the
sector are clearly identified and understood, and that individual financial institutions and DNFBPs
understand their money laundering and terrorist financing risks.
3
Recommendation 2 - National Cooperation and Coordination
2.1 Countries should have national AML/CFT policies which are informed by the risks identified, and
are regularly reviewed.
2.2 Countries should designate an authority or have a coordination or other mechanism that is
responsible for national AML/CFT policies.
2.3 Mechanisms should be in place to enable policy makers, the FIU, law enforcement authorities,
supervisors and other relevant competent authorities to co-operate, and where appropriate,
coordinate domestically with each other concerning the development and implementation of
AML/CFT policies and activities. Such mechanisms should apply to both policymaking and
operational levels.
2.4 Competent authorities should have similar co-operation, and where appropriate co-ordination,
mechanisms to combat the financing of proliferation of weapons of mass destruction.
4
Recommendation 3 - Money Laundering Offence
3.1 Money laundering should be criminalised on the basis of the Vienna Convention and the Palermo
Convention (see Article 3(1)(b)&(c) Vienna Convention and Article 6(1) Palermo Convention)6.
3.2 The predicate offences for money laundering should cover all serious offences, with a view to
including the widest range of predicate offences. At a minimum, predicate offences should include
a range of offences in each of the designated categories of offences7.
3.3 Where countries apply a threshold approach or a combined approach that includes a threshold
approach8, predicate offences should at a minimum comprise all offences that:
(a) fall within the category of serious offences under their national law; or
(b) are punishable by a maximum penalty of more than one year’s imprisonment; or
(c) are punished by a minimum penalty of more than six months imprisonment (for countries
that have a minimum threshold for offences in their legal system).
3.4 The offence of ML should extend to any type of property, regardless of its value, that directly or
indirectly represents the proceeds of crime.
3.5 When proving that property is the proceeds of crime, it should not be necessary that a person be
convicted of a predicate offence.
3.6 Predicate offences for money laundering should extend to conduct that occurred in another country,
which constitutes an offence in that country, and which would have constituted a predicate offence
had it occurred domestically.
3.7 The offence of money laundering should apply to persons who commit the predicate offence,
unless this is contrary to fundamental principles of domestic law.
3.8 It should be possible for the intent and knowledge required to prove the offence of money
laundering to be inferred from objective factual circumstances.
3.9 Proportionate criminal sanctions should apply to natural persons convicted of money laundering.
3.10 Criminal liability and sanctions, and, where that is not possible (due to fundamental principles of
domestic law), civil or administrative liability and sanctions, should apply to legal persons. This
should not preclude parallel criminal, civil or administrative proceedings with respect to legal
persons in countries in which more than one form of liability is available. Such measures are
without prejudice to the criminal liability of natural persons. All sanctions should be proportionate.
3.11 There should be appropriate ancillary offences to the offence of money laundering, including:
participation in; association with or conspiracy to commit; attempt; aiding and abetting; facilitating;
6
See Annex XX for these Articles. Note in particular the physical and material elements of the offence.
7
R.3 does not require countries to create a separate offence of “participation in an organised criminal group
and racketeering”. In order to cover this category of “designated offence”, it is sufficient if a country meets
either of the two options set out in the Palermo Convention i.e. either a separate offence or an offence
based on conspiracy.
8
Countries determine the underlying predicate offences for money laundering by reference to (a) all
offences, or (b) to a threshold linked either to a category of serious offences or to the penalty of
imprisonment applicable to the predicate offence (threshold approach), or (c) to a list of predicate offences,
or (d) a combination of these approaches.
5
and counselling the commission; unless this is not permitted by fundamental principles of domestic
law.
6
Recommendation 4 - Confiscation and Provisional Measures
4.1 Countries should have measures, including legislative measures, that enable the confiscation of the
following:
(a) property laundered;
(b) proceeds of, or instrumentalities used, or intended for use, in money laundering or predicate
offences;
(c) property that is the proceeds of, or used in, or intended or allocated for use in the financing
of terrorism, terrorist acts or terrorist organisations; or
(d) property of corresponding value.
4.2 Countries should have measures, including legislative measures, that enable their competent
authorities to:
(a) identify, trace and evaluate property that is subject to confiscation.
(b) carry out provisional measures, such as freezing or seizing, to prevent any dealing, transfer
or disposal of property subject to confiscation9;
(c) take steps that will prevent or void actions that prejudice the country’s ability to freeze or
seize or recover property that is subject to confiscation; and
(d) take any appropriate investigative measures.
4.3 Laws and other measures should provide protection for the rights of bona fide third parties.
4.4 Countries should have mechanisms for managing, and when necessary disposing of, property
frozen, seized or confiscated.
9
Measures should allow the initial application to freeze or seize property subject to confiscation to be made
ex-parte or without prior notice, unless this is inconsistent with fundamental principles of domestic law.
7
Recommendation 5 – Terrorist Financing Offence
5.1 Countries should criminalise terrorist financing on the basis of the Terrorist Financing
Convention10.
5.2 Terrorist financing offences should extend to any person who wilfully provides or collects funds by
any means, directly or indirectly, with the unlawful intention that they should be used, or in the
knowledge that they are to be used, in full or in part: to carry out a terrorist act(s); or by a terrorist
organisation; or by an individual terrorist,11.
5.3 Terrorist financing offences should extend to any funds whether from a legitimate or illegitimate
source.
5.4 Terrorist financing offences should not require that the funds: (a) were actually used to carry out or
attempt a terrorist act(s); or (b) be linked to a specific terrorist act(s).
5.5 It should be possible for the intent and knowledge required to prove the offence to be inferred from
objective factual circumstances.
5.6 Proportionate criminal sanctions should apply to natural persons convicted of terrorist financing.
5.7 Criminal liability and sanctions, and, where that is not possible (due to fundamental principles of
domestic law), civil or administrative liability and sanctions, should apply to legal persons. This
should not preclude parallel criminal, civil or administrative proceedings with respect to legal
persons in countries in which more than one forms of liability is available. Such measures should
be without prejudice to the criminal liability of natural persons. All sanctions should be
proportionate.
5.8 It should also be an offence to:
(a) attempt to commit the offence of terrorist financing.
(b) participate as an accomplice in a terrorist financing offence or attempted offence;
(c) organise or direct others to commit a terrorist financing offence or attempted offence;
(d) contribute to the commission of one or more terrorist financing offence(s) or attempted
offence(s), by a group of persons acting with a common purpose12.
5.10 Terrorist financing offences should be designated as money laundering predicate offences.
5.11 Terrorist financing offences should apply, regardless of whether the person alleged to have
committed the offence(s) is in the same country or a different country from the one in which the
terrorist(s)/terrorist organisation(s) is located or the terrorist act(s) occurred/will occur.
10
Criminalisation should be consistent with Article 2 of the International Convention for the Suppression of
the Financing of Terrorism. See Annex XX for this Article.
11
Criminalising terrorist financing solely on the basis of aiding and abetting, attempt, or conspiracy is not
sufficient to comply with the Recommendation.
12
Such contribution shall be intentional and shall either: (i) be made with the aim of furthering the criminal
activity or criminal purpose of the group, where such activity or purpose involves the commission of a
terrorist financing offence; or (ii) be made in the knowledge of the intention of the group to commit a
terrorist financing offence.
8
Recommendation 6 – Targeted Financial Sanctions related to Terrorism & Terrorist Financing
Identifying and designating
6.1 In relation to designations pursuant to United Nations Security Council resolutions (UNSCRs)
1267 and 1988, and related resolutions, countries should:
(a) identify a competent authority or a court as having responsibility for proposing persons or
entities to the 1267 Committee for designation; and for proposing persons or entities to
the 1988 Committee for designation;
(b) have a mechanism(s) for identifying targets for designation, based on the designation
criteria set out in the relevant UNSCRs;
(c) apply an evidentiary standard of proof of “reasonable grounds” or “reasonable basis” when
deciding whether or not to make a proposal for designation. Such proposals for
designations should not be conditional upon the existence of a criminal proceeding;
(d) follow the procedures and (in the case of UNSCR 1267 and its successor resolutions)
standard forms for listing, as adopted by the relevant committee (the 1267 Committee or
1988 Committee); and
(e) provide as much relevant information as possible on the proposed name13; a statement of
case14 which contains as much detail as possible on the basis for the listing15; and (in the
case of proposing names to the 1267 Committee), specify whether their status as a
designating state may be made known.
6.2 In relation to designations pursuant to UNSCR 1373, countries should:
(a) identify a competent authority or a court as having responsibility for designating persons or
entities that meet the specific criteria for designation, as set forth in UNSCR 1373;
(b) have a mechanism(s) for identifying targets for designation, based on the designation
criteria set out in resolution 137316;
(c) when receiving a request, make a prompt determination of whether they are satisfied that
the request is supported by reasonable grounds, or a reasonable basis, to suspect or believe
that the proposed designee meets the criteria for designation in UNSCR 1373;
(d) apply an evidentiary standard of proof of “reasonable grounds” or “reasonable basis” when
deciding whether or not to make a designation17. Such (proposals for) designations should
not be conditional upon the existence of a criminal proceeding; and
13
In particular, sufficient identifying information to allow for the accurate and positive identification of
individuals, groups, undertakings, and entities, and to the extent possible, the information required by
Interpol to issue a Special Notice
14
This statement of case should be releasable, upon request, except for the parts a Member State identifies as
being confidential to the relevant committee (the 1267 Committee or 1988 Committee).
15
Including: specific information supporting a determination that the person or entity meets the relevant
designation; the nature of the information; supporting information or documents that can be provided; and
details of any connection between the proposed designee and any currently designated person or entity
16
This includes having authority and effective procedures or mechanisms to examine and give effect to, if
appropriate, the actions initiated under the freezing mechanisms of other countries pursuant to resolution
1373 (2001)
9
(e) when requesting another country to give effect to the actions initiated under the freezing
mechanisms, provide as much identifying information, and specific information supporting
the designation, as possible
6.3 The competent authority(ies) should have legal authorities and procedures or mechanisms to:
(a) collect or solicit information to identify persons and entities that, based on reasonable
grounds, or a reasonable basis to suspect or believe, meet the criteria for designation; and
(b) operate ex parte against a person or entity who has been identified and whose (proposal for)
designation is being considered.
Freezing
6.4 Countries should implement targeted financial sanctions without delay18.

6.5 Countries should have the legal authority and identify domestic competent authorities responsible
for implementing and enforcing targeted financial sanctions, in accordance with the following
standards and procedures:
(a) Countries should require all natural and legal persons within the country to freeze, without
delay and without prior notice, the funds or other assets of designated persons and entities.
(b) The obligation to freeze should extend to: (i) all funds or other assets that are owned or
controlled by the designated person or entity, and not just those that can be tied to a
particular terrorist act, plot or threat; (ii) those funds or other assets that are wholly or
jointly owned or controlled, directly or indirectly, by designated persons or entities; and
(iii) the funds or other assets derived or generated from funds or other assets owned or
controlled directly or indirectly by designated persons or entities, as well as (iv) funds or
other assets of persons and entities acting on behalf of, or at the direction of, designated
persons or entities.
(c) Countries should prohibit their nationals, or19 any persons and entities within their
jurisdiction, from making any funds or other assets, economic resources, or financial or
other related services, available, directly or indirectly, wholly or jointly, for the benefit of
designated persons and entities; entities owned or controlled, directly or indirectly, by
designated persons or entities; and persons and entities acting on behalf of, or at the
direction of, designated persons or entities, unless licensed, authorised or otherwise notified
in accordance with the relevant UNSCRs.20
17
A country should apply the legal standard of its own legal system regarding the kind and quantum of
evidence for the determination that “reasonable grounds” or “reasonable basis” exist for a decision to
designate a person or entity, and thus initiate an action under a freezing mechanism. This is the case
irrespective of whether the proposed designation is being put forward on the relevant country’s own motion
or at the request of another country.
18
For UNSCR 1373, the obligation to take action without delay is triggered by a designation at the (supra-)
national level, as put forward either on the country’s own motion or at the request of another country.
19
“or”, in this particular case means that countries must both prohibit their own nationals and prohibit any
persons/entities in their jurisdiction.
20
Countries should ensure that in the context of processing wire transfers, financial institutions take freezing
action and comply with prohibitions from conducting transactions with designated persons and entities, as
per obligations set out in the relevant UNSCRs relating to the prevention and suppression of terrorism and
10
(d) Countries should have mechanisms for communicating designations to the financial sector
and the DNFBPs immediately upon taking such action, and providing clear guidance to
financial institutions and other persons or entities, including DNFBPs, that may be holding
targeted funds or other assets, on their obligations in taking action under freezing
mechanisms.
(e) Countries should require financial institutions and DNFBPs to report to competent
authorities any assets frozen or actions taken in compliance with the prohibition
requirements of the relevant UNSCRs, including attempted transactions.
(f) Countries should adopt measures which protect the rights of bona fide third parties acting in
good faith when implementing the obligations under Recommendation 6.
De-listing, unfreezing and providing access to frozen funds or other assets
6.7 Countries should have publicly known procedures to de-list and unfreeze the funds or other assets
of persons and entities which do not or no longer meet the criteria for designation. These should
include:
(a) procedures to submit de-listing requests to the Security Council in the case of persons and
entities designated pursuant to UNSCR 1267 and its successor resolutions that, in the view
of the country, do not or no longer meet the criteria for designation. Such procedures and
criteria should be in accordance with procedures adopted by the 1267 Committee or the
1988 Committee, as appropriate21.
(b) legal authorities and procedures or mechanisms to delist and unfreeze the funds or other
assets of persons and entities designated pursuant to UNSCR 1373, that no longer meet the
criteria for designation.
(c) With regard to designations pursuant to UNSCR 1373, procedures to allow, upon request,
review of the designation decision before a court or other independent competent authority.
(d) With regard to designations pursuant to UNSCRs 1267 and 1988, a mechanism through
which a designated person or entity can challenge their designation, with a view to having it
reviewed by a competent authority or a court.
(e) With respect to designations on the Al-Qaida Sanctions List, countries’ procedures should
include informing designated persons and entities of the availability of the United Nations
Office of the Ombudsperson, pursuant to UNSCR 1904, to accept de-listing petitions.
(f) publicly known procedures to unfreeze the funds or other assets of persons or entities with
the same or similar name as designated persons or entities, who are inadvertently affected
by a freezing mechanism (i.e. a false positive), upon verification that the person or entity
involved is not a designated person or entity.
(g) mechanisms for communicating de-listings and unfreezings to the financial sector and the
DNFBPs immediately upon taking such action, and providing guidance to financial
institutions and other persons or entities, including DNFBPs, that may by holding targeted
funds or other assets, on their obligations to respect a de-listing or unfreezing action.
6.8 Countries should authorise access to frozen funds or other assets which have been determined to be
necessary for basic expenses, for the payment of certain types of fees, expenses and service
21
The procedures of the 1267 committee are set out in UNSCRs 1730; 1735; 1822; 1904; 1989; and any
successor resolutions. The procedures of the 1988 committee are set out in UNSCRs 1730; 1735; 1822;
1904; 1988; and any successor resolutions.
11
charges, or for extraordinary expenses, in accordance with the procedures set out in UNSCR 1452
and any successor resolutions. On the same grounds, countries should authorise access to funds or
other assets, if freezing measures are applied to persons and entities designated by a
(supra-)national country pursuant to UNSCR 1373 and as set out in UNSCR 1963.
.
.
12
Recommendation 7 – Target Financial Sanctions related to Proliferation
7.1 Countries should implement targeted financial sanctions without delay against persons and entities
designated pursuant to United Nations Security Council resolution (UNSCR) 1718 and its
successor resolutions, or UNSCR 1737 and its successor resolutions.
7.2 Countries should establish the legal authority and identify competent authorities responsible for
implementing and enforcing targeted financial sanctions, and should do so in accordance with the
following standards and procedures.
(a) Countries should require all natural and legal persons within the country to freeze, without
delay and without prior notice, the funds or other assets of designated persons and entities.
(b) The freezing obligation should extend to: (i) all funds or other assets that are owned or
controlled by the designated person or entity, and not just those that can be tied to a
particular act, plot or threat of proliferation; (ii) those funds or other assets that are wholly
or jointly owned or controlled, directly or indirectly, by designated persons or entities; and
(iii) the funds or other assets derived or generated from funds or other assets owned or
controlled directly or indirectly by designated persons or entities, as well as (iv) funds or
other assets of persons and entities acting on behalf of, or at the direction of designated
persons or entities.
(c) Countries should ensure that any funds or other assets are prevented from being made
available by their nationals or by any persons or entities within their territories, to or for the
benefit of designated persons or entities unless licensed, authorised or otherwise notified in
accordance with the relevant Security Council resolutions.
(d) Countries should have mechanisms for communicating designations to financial institutions
and DNFBPs immediately upon taking such action, and providing clear guidance to
financial institutions and other persons or entities, including DNFBPs, that may be holding
targeted funds or other assets, on their obligations in taking action under freezing
mechanisms.
(e) Countries should require financial institutions and DNFBPs to report to competent
authorities any assets frozen or actions taken in compliance with the prohibition
requirements of the relevant UNSCRs, including attempted transactions.
(f) Countries should adopt measures which protect the rights of bona fide third parties acting in
good faith when implementing the obligations under Recommendation 7.
7.3 Countries should adopt measures for monitoring and ensuring compliance by financial institutions
and DNFBPs with the relevant laws or enforceable means governing the obligations under
Recommendation 7. Failure to comply with such laws, or enforceable means should be subject to
civil, administrative or criminal sanctions.
7.4 Countries should have publicly known procedures to submit de-listing requests to the Security
Council in the case of designated persons and entities, that, in the view of the country, do not or no
longer meet the criteria for designation22. These should include:
22
Such procedures and criteria should be in accordance with any applicable guidelines or procedures adopted
by the Security Council pursuant to resolution 1730 (2006) and any successor resolutions, including those
of the Focal Point mechanism established under that resolution.
13
(a) enabling listed persons and entities to petition a request for delisting at the Focal Point for
de-listing established pursuant to UNSCR 1730, or informing designated persons or entities
to petition the Focal Point directly;
(b) publicly known procedures to unfreeze the funds or other assets of persons or entities with
the same or similar name as designated persons or entities, who are inadvertently affected
by a freezing mechanism (i.e. a false positive), upon verification that the person or entity
involved is not a designated person or entity.
(c) authorising access to funds or other assets, where countries have determined that the
exemption conditions set out in UNSCRs 1718 and 1737 are met, in accordance with the
procedures set out in those resolutions;
(d) mechanisms for communicating de-listings and unfreezings to the financial sector and the
DNFBPs immediately upon taking such action, and providing guidance to financial
institutions and other persons or entities, including DNFBPs, that may be holding targeted
funds or other assets, on their obligations to respect a de-listing or unfreezing action.
7.6 With regard to contracts, agreements or obligations that arose prior to the date on which accounts
became subject to targeted financial sanctions:
(a) Countries should permit the addition to the accounts frozen pursuant to UNSCRs 1718 or
1737 of interests or other earnings due on those accounts or payments due under contracts,
agreements or obligations that arose prior to the date on which those accounts became
subject to the provisions of this resolution, provided that any such interest, other earnings
and payments continue to be subject to these provisions and are frozen;
(b) Freezing action taken pursuant to UNSCR 1737 should not prevent a designated person or
entity from making any payment due under a contract entered into prior to the listing of
such person or entity, provided that: (i) the relevant countries have determined that the
contract is not related to any of the prohibited items, materials, equipment, goods,
technologies, assistance, training, financial assistance, investment, brokering or services
referred to in the relevant Security Council resolution; (ii) the relevant countries have
determined that the payment is not directly or indirectly received by a person or entity
designated pursuant to UNSCR 1737; and (iii) the relevant countries have submitted prior
notification to the 1737 Sanctions Committee of the intention to make or receive such
payments or to authorise, where appropriate, the unfreezing of funds, other financial assets
or economic resources for this purpose, ten working days prior to such authorisation.
14
Recommendation 8 – Non-profit organisations
8.1 Countries should:

(a) review the adequacy of laws and regulations that relate to entities that can be abused for the
financing of terrorism, including non-profit organisations (NPOs).
(b) undertake domestic reviews of their NPO sector, or have the capacity to obtain timely
information on its activities, size and other relevant features, using all available sources of
information, in order to identify the features and types of NPOs that are particularly at risk
of being misused for terrorist financing by virtue of their activities or characteristics.
(c) periodically reassess their NPO sector by reviewing new information on the sector’s
potential vulnerabilities to terrorist activities.
8.2 Countries should conduct outreach to the NPO sector concerning terrorist financing issues.
8.3 Countries should have clear policies to promote transparency, integrity, and public confidence in
the administration and management of all NPOs.
8.4 Countries should apply the following standards to NPOs which account for (i) a significant portion
of the financial resources under the control of the sector; and (ii) a substantial share of the sector’s
international activities. Such NPOs should be required to:
(a) maintain information on: (i) the purpose and objectives of their stated activities; and (ii) the
identity of person(s) who own, control or direct their activities, including senior officers,
board members and trustees. This information should be publicly available either directly
from the NPO or through appropriate authorities;
(b) issue annual financial statements that provide detailed breakdowns of incomes and
expenditure;
(c) have controls in place to ensure that all funds are fully accounted for, and are spent in a
manner that is consistent with the purpose and objectives of the NPO’s stated activities;
(d) be licensed or registered23;
(e) follow a “know your beneficiaries and associated NPOs” rule; and
(f) maintain, for a period of at least five years, records of domestic and international
transactions24, and the information in (a) and (b) above, and make these available to
competent authorities upon appropriate authority.
8.5 Competent authorities should monitor the compliance of NPOs with Criterion 8.4, and should be
able to apply proportionate sanctions for violations of the requirements by NPOs or persons acting
on behalf of these NPOs25.
23
Specific licensing or registration requirements for AML/CFT purposes are not necessary. For example, in
some countries, NPOs are already registered with tax authorities and monitored in the context of qualifying
for favourable tax treatment (such as tax credits or tax exemptions).
24
Such records should be sufficiently detailed to verify that funds have been spent in a manner consistent
with the purpose and objectives of the organisation.
25
The range of such sanctions might include freezing of accounts, removal of trustees, fines, de-certification,
de-licensing and de-registration. This should not preclude parallel civil, administrative, or criminal
proceedings with respect to NPOs or persons acting on their behalf where appropriate.
15
8.6 Authorities should be able to investigate and gather information on NPOs, including through:
(a) domestic cooperation, coordination and information-sharing among authorities or
organisations that hold relevant information on NPOs;
(b) full access to information on the administration and management of particular NPOs
(including financial and programmatic information); and
(c) mechanisms to ensure that relevant information is promptly shared with competent
authorities, in order to take preventive or investigative action, when there is suspicion or
reasonable grounds to suspect that a particular NPO is: a front for fundraising by a terrorist
organisation; or being exploited as a conduit for terrorist financing, including for the
purpose of escaping asset freezing measures; or concealing or obscuring the clandestine
diversion of funds intended for legitimate purposes, but redirected for the benefit of
terrorists or terrorist organisations.
8.7 Countries should identify appropriate points of contact and procedures to respond to international
requests for information regarding particular NPOs suspected of terrorist financing or other forms
of terrorist support.
[8.8 The authorities responsible for supervision, monitoring and investigation of their NPO sector
should have adequate financial, human and technical resources.]
16
Recommendation 9 – Financial Institution Secrecy Laws
9.1 Financial institution secrecy laws should not inhibit the implementation of the FATF
Recommendations26.
26
Areas where this may be of particular concern are the ability of competent authorities to access information
they require to properly perform their functions in combating ML or FT; the sharing of information
between competent authorities, either domestically or internationally; and the sharing of information
between financial institutions where this is required by R.13, R.16 or R.17.
17
Recommendation 10 - Customer Due Diligence27
10.1 Financial institutions should be prohibited from keeping anonymous accounts.
When CDD is required[28]
10.2 Financial institutions should be required to undertake customer due diligence (CDD) measures
when:
(a) establishing business relations;
(b) carrying out occasional transactions above the applicable designated threshold (USD/€
15,000). This also includes situations where the transaction is carried out in a single
operation or in several operations that appear to be linked;
(c) carrying out occasional transactions that are wire transfers in the circumstances covered by
Recommendation 16 and its Interpretive Note;
(d) there is a suspicion of money laundering or terrorist financing, regardless of any
exemptions or thresholds that are referred to elsewhere under the FATF Recommendations;
or
(e) the financial institution has doubts about the veracity or adequacy of previously obtained
customer identification data.
Required CDD measures for all customers
10.3 Financial institutions should be required to identify the customer (whether permanent or
occasional, and whether natural or legal person or legal arrangement) and verify that customer’s
identity using reliable, independent source documents, data or information (identification data).
10.4 Financial institutions should be required to verify that any person purporting to act on behalf of the
customer is so authorised, and identify and verify the identity of that person.
10.5 Financial institutions should be required to identify the beneficial owner and take reasonable
measures to verify the identity of the beneficial owner, using the relevant information or data
obtained from a reliable source such that the financial institution is satisfied that it knows who the
beneficial owner is.
10.6 Financial institutions should be required to understand and, as appropriate, obtain information on,
the purpose and intended nature of the business relationship.
10.7 Financial institutions should be required to conduct ongoing due diligence on the business
relationship. This should include:
(a) scrutinising transactions undertaken throughout the course of that relationship to ensure that
the transactions being conducted are consistent with the financial institution’s knowledge of
27
The principle that financial institutions conduct CDD should be set out in law.
28
Financial institutions do not have to repeatedly perform identification and verification every time that a
customer conducts a transaction. An institution is entitled to rely on the identification and verification steps
that it has already undertaken, unless it has doubts about the veracity of that information, see criteria 10.2.
18
the customer, their business and risk profile, including where necessary, the source of
funds; and
(b) ensuring that documents, data or information collected under the CDD process is kept up-
to-date and relevant, by undertaking reviews of existing records, particularly for higher risk
categories of customers.
Specific CDD measures required for legal persons and legal arrangements
10.8 For customers that are legal persons or legal arrangements, the financial institution should be
required to understand the nature of the customer’s business and its ownership and control
structure.
10.9 For customers that are legal persons or legal arrangements, the financial institution should be
required to identify the customer and verify its identity through the following information:
(a) name, legal form and proof of existence;
(b) the powers that regulate and bind the legal person or arrangement, as well as the names of
the relevant persons having a senior management position in the legal person or
arrangement; and
(c) the address of the registered office, and if different, a principal place of business.
10.10 For customers that are legal persons29, the financial institution should be required to identify and
take reasonable measures to verify the identity of beneficial owners through the following
information:
(a) the identity of the natural persons (if any30) who ultimately have a controlling ownership
interest31 in a legal person; and
(b) to the extent that there is doubt under (a) as to whether the person(s) with the controlling
ownership interest are the beneficial owner(s) or where no natural person exerts control
through ownership interests, the identity of the natural persons (if any) exercising control of
the legal person or arrangement through other means; and
(c) where no natural person is identified under (a) or (b) above, the identity of the relevant
natural person who holds the position of senior managing official.
10.11 For customers that are legal arrangements, the financial institution should be required to identify
and take reasonable measures to verify the identity of beneficial owners through the following
information:
29
Where the customer or the owner of the controlling interest is a company listed on a stock exchange and
subject to disclosure requirements (either by stock exchange rules or through law or enforceable means)
which impose requirements to ensure adequate transparency of beneficial ownership, or is a majority-
owned subsidiary of such a company, it is not necessary to identify and verify the identity of any
shareholder or beneficial owner of such companies. The relevant identification data may be obtained from
a public register, from the customer or from other reliable sources.
30
Ownership interests can be so diversified that there are no natural persons (whether acting alone or
together) exercising control of the legal person or arrangement through ownership.
31
A controlling ownership interest depends on the ownership structure of the company. It may be based on a
threshold, e.g. any person owning more than a certain percentage of the company (e.g. 25%).
19
(a) for trusts, the identity of the settlor, the trustee(s), the protector (if any), the beneficiaries or
class of beneficiaries32, and any other natural person exercising ultimate effective control
over the trust (including through a chain of control/ownership);
(b) for other types of legal arrangements, the identity of persons in equivalent or similar
positions.
CDD for Beneficiaries of Life Insurance Policies
10.12 In addition to the CDD measures required for the customer and the beneficial owner, financial
institutions should be required to conduct the following CDD measures on the beneficiary of life
insurance and other investment related insurance policies, as soon as the beneficiary is identified or
designated:
(a) for a beneficiary that is identified as specifically named natural or legal persons or legal
arrangements – taking the name of the person;
(b) for a beneficiary that is designated by characteristics or by class or by other means–
obtaining sufficient information concerning the beneficiary to satisfy the financial
institution that it will be able to establish the identity of the beneficiary at the time of the
payout;
(c) for both the above cases, the verification of the identity of the beneficiary should occur at
the time of the payout.
10.13 Financial institutions should be required to include the beneficiary of a life insurance policy as a
relevant risk factor in determining whether enhanced CDD measures are applicable. If the financial
institution determines that a beneficiary who is a legal person or a legal arrangement presents a
higher risk, it should be required to take enhanced measures which should include reasonable
measures to identify and verify the identity of the beneficial owner of the beneficiary, at the time of
payout.
Timing of verification
10.15 Financial institutions should be required to verify the identity of the customer and beneficial owner
before or during the course of establishing a business relationship or conducting transactions for
occasional customers; or (if permitted) may complete verification after the establishment of the
business relationship, provided that:
(a) this occurs as soon as reasonably practicable;
(b) this is essential not to interrupt the normal conduct of business; and
(c) the money laundering and terrorist financing risks are effectively managed.
10.16 Financial institutions should be required to adopt risk management procedures concerning the
conditions under which a customer may utilise the business relationship prior to verification.
32
For beneficiaries of trusts that are designated by characteristics or by class, financial institutions should
obtain sufficient information concerning the beneficiary to satisfy the financial institution that it will be
able to establish the identity of the beneficiary at the time of the payout or when the beneficiary intends to
exercise vested rights.
20
Existing customers
10.17 Financial institutions should be required to apply CDD requirements to existing customers33 on the
basis of materiality and risk, and to conduct due diligence on such existing relationships at
appropriate times, taking into account whether and when CDD measures have previously been
undertaken and the adequacy of data obtained.
Risk-Based Approach
10.18 Financial institutions should be required to perform enhanced due diligence where the risks of
money laundering or terrorist financing are higher.
10.19 Financial institutions may only be permitted to apply simplified CDD measures where lower risks
have been identified, through an adequate analysis of risks by the country or the financial
institution. The simplified measures should be commensurate with the lower risk factors, but are
not acceptable whenever there is suspicion of money laundering or terrorist financing or specific
higher risk scenarios apply.
Failure to satisfactorily complete CDD
10.20 Where a financial institution is unable to comply with relevant CDD measures:
(a) it should be required not to open the account, commence business relations or perform the
transaction; or should be required to terminate the business relationship and
(b) it should be required to consider making a suspicious transaction report in relation to the
customer.
CDD and tipping-off
10.21 In cases where financial institutions form a suspicion of money laundering or terrorist financing,
and they reasonably believe that performing the CDD process will tip-off the customer, they should
be permitted not to pursue the CDD process, and instead should be required to file a suspicious
transaction report.
33
Existing customers as at the date that the new national requirements are brought into force.
21
Recommendation 11 – Record Keeping
11.1 Financial institutions should be required by law to maintain all necessary records on transactions,
both domestic and international, for at least five years following completion of the transaction.
11.2 Financial institutions should be required by law to keep all records obtained through CDD
measures, account files and business correspondence, and results of any analysis undertaken, for at
least five years following the termination of the business relationship or after the date of the
occasional transaction.
11.3 Transaction records should be sufficient to permit reconstruction of individual transactions so as to
provide, if necessary, evidence for prosecution of criminal activity.
11.4 Financial institutions should be required to ensure that all CDD information and transaction records
are available swiftly to domestic competent authorities upon appropriate authority.
22
Recommendation 12 – Politically Exposed Persons (PEPs)
12.1 In relation to foreign PEPs, in addition to performing the CDD measures required under R.10,
financial institutions should be required to:
(a) put in place risk management systems to determine whether a customer or the beneficial
owner is a PEP;
(b) obtain senior management approval before establishing (or continuing, for existing
customers) such business relationships;
(c) take reasonable measures to establish the source of wealth and the source of funds of
customers and beneficial owners identified as PEPs; and
(d) conduct enhanced ongoing monitoring on that relationship.
12.2 In relation to domestic PEPs or persons who have been entrusted with a prominent function by an
international organisation, in addition to performing the CDD measures required under R.10,
financial institutions should be required to:
(a) put in place reasonable measures to determine whether a customer or the beneficial owner
is such a person; and
(b) in such cases, when there is higher risk business relationship, adopt the measures in
criterion 12.1 (b) to (d).
12.3 Financial institutions should be required to apply the requirements of criteria 12.1 and 12.2 to
family members or close associates of all types of PEP.
12.4 In relation to life insurance policies, financial institutions should be required to take reasonable
measures to determine whether the beneficiaries and/or, where required, the beneficial owner of the
beneficiary, are PEPs. This should occur at the latest at the time of the payout. Where higher risks
are identified, financial institutions should be required to inform senior management before the
payout of the policy proceeds, to conduct enhanced scrutiny on the whole business relationship
with the policyholder, and to consider making a suspicious transaction report
23
Recommendation 13 – Correspondent banking
13.1 In relation to cross-border correspondent banking and other similar relationships, financial
institutions should be required to:
(a) gather sufficient information about a respondent institution to understand fully the nature of
the respondent’s business and to determine from publicly available information the
reputation of the institution and the quality of supervision, including whether it has been
subject to a money laundering or terrorist financing investigation or regulatory action;
(b) assess the respondent institution’s AML/CFT controls;
(c) obtain approval from senior management before establishing new correspondent
relationships; and
(d) clearly understand the respective AML/CFT responsibilities of each institution.
13.2 With respect to “payable-through accounts”, banks should be required to satisfy themselves that the
respondent bank:
(a) has performed CDD obligations on its customers that have direct access to the accounts of
the correspondent bank; and
(b) is able to provide relevant CDD information upon request to the correspondent bank.
13.3 Financial institutions should be prohibited from entering into, or continuing, correspondent banking
relationships with shell banks. They should be required to satisfy themselves that respondent
financial institutions do not permit their accounts to be used by shell banks.
24
Recommendation 14 – Money or Value Transfer Services
14.1 Natural or legal persons that provide money or value transfer services (MVTS providers) should be
required to be licensed or registered34.
[14.2. Countries should take action to identify natural or legal persons that carry out MVTS without a
licence or registration, and apply sanctions to them.]
14.3 MVTS providers should be subject to monitoring for AML/CFT compliance.
14.4 Agents for MVTS providers should be required to be licensed or registered by a competent
authority, or the MVTS provider should be required to maintain a current list of its agents
accessible by competent authorities in the countries in which the MVTS provider and its agents
operate.
14.5 MVTS providers that use agents should be required to include them in their AML/CFT
programmes and monitor them for compliance with these programmes.
34
Countries need not impose a separate licensing or registration system with respect to licensed or registered
financial institutions which are authorised to perform MVTS.
25
Recommendation 15 – New Technologies
15.1 Countries and financial institutions should identify and assess the money laundering or terrorist
financing risks that may arise in relation to the development of new products and new business
practices, including new delivery mechanisms, and the use of new or developing technologies for
both new and pre-existing products.
15.2 Financial institutions should be required to:
(a) undertake the risk assessments prior to the launch or use of such products, practices and
technologies; and
(b) take appropriate measures to manage and mitigate the risks.
26
Recommendation 16 – Wire Transfers
Ordering financial institutions
16.1 Financial institutions should be required to ensure that all cross-border wire transfers of USD/EUR
1,000 or more are always accompanied by the following:
(a) Required and accurate35 originator information:
(i) the name of the originator;
(ii) the originator account number where such an account is used to process the
transaction or, in the absence of an account, a unique transaction reference number
which permits traceability of the transaction; and
(iii) the originator’s address, or national identity number, or customer identification
number, or date and place of birth.
(b) Required beneficiary information:
(i) the name of the beneficiary; and
(ii) the beneficiary account number where such an account is used to process the
transaction.
16.2 Where several individual cross-border wire transfers from a single originator are bundled in a batch
file for transmission to beneficiaries, and when a country decides to exempt ordering financial
institutions from the requirements of criterion 16.1 in respect of originator information, financial
institutions should be required to include the originator’s account number or unique transaction
reference number, and the batch file should contain required and accurate originator information,
and full beneficiary information, that is fully traceable within the beneficiary country.
16.3 If countries apply a de minimis threshold for the requirements of C.16.1, financial institutions
should be required to ensure that all cross-border wire transfers below any applicable de minimus
threshold (no higher than USD/EUR 1,000) are always accompanied by the following:
(a) Required originator information:
(i) The name of the originator, and
(ii) The originator account number where such an account is used to process the
which permits traceability of the transaction.
(b) Required beneficiary information:
(i) The name of the beneficiary, and
(ii) The beneficiary account number where such an account is used to process the
which permits traceability of the transaction
35
“Accurate” is used to describe information that has been verified for accuracy; i.e. financial institutions
should be required to verify the accuracy of the required originator information.
27
16.4 The information mentioned in c.16.3 need not be verified for accuracy. However, the financial
institution should be required to verify the information pertaining to its customer where there is a
suspicion of money laundering or terrorist financing.
16.5 For domestic wire transfers, the ordering financial institution should be required to ensure that the
information accompanying the wire transfer includes originator information as indicated for cross-
border wire transfers, unless this information can be made available to the beneficiary financial
institution and appropriate authorities by other means.
16.6 Where the information accompanying the wire transfer can be made available to the beneficiary
financial institution and appropriate authorities by other means, the ordering financial institution
need only be required to include the account number or a unique transaction reference number,
provided that this number or identifier will permit the transaction to be traced back to the originator
or the beneficiary. The ordering financial institution should be required to make the information
available within three business days of receiving the request either from the beneficiary financial
institution or from appropriate competent authorities. Law enforcement authorities should be able
to compel immediate production of such information.
16.7 The ordering financial institution should be required to maintain all originator and beneficiary
information collected, in accordance with Recommendation 11.
16.8 The ordering financial institution should not be allowed to execute the wire transfer if it does not
comply with the requirements specified above at 16.1-16.7.
Intermediary financial institutions
16.9 For cross-border wire transfers, an intermediary financial institution should be required to ensure
that all originator and beneficiary information that accompanies a wire transfer is retained with it.
16.10 Where technical limitations prevent the required originator or beneficiary information
accompanying a cross-border wire transfer from remaining with a related domestic wire transfer,
the intermediary financial institution should be required to keep a record, for at least five years, of
all the information received from the ordering financial institution or another intermediary financial
institution.
16.11 Intermediary financial institutions should be required to take reasonable measures, which are
consistent with straight-through processing, to identify cross-border wire transfers that lack
required originator information or required beneficiary information.
16.12 Intermediary financial institutions should be required to have risk-based policies and procedures for
determining: (a) when to execute, reject, or suspend a wire transfer lacking required originator or
required beneficiary information; and (b) the appropriate follow-up action.
Beneficiary financial institutions
16.13 Beneficiary financial institutions should be required to take reasonable measures, which may
include post-event monitoring or real-time monitoring where feasible, to identify cross-border wire
transfers that lack required originator information or required beneficiary information.
28
16.14 For cross-border wire transfers of USD/EUR 1,000 or more36, a beneficiary financial institution
should be required to verify the identity of the beneficiary, if the identity has not been previously
verified, and maintain this information in accordance with Recommendation 11.
16.15 Beneficiary financial institutions should be required to have risk-based policies and procedures for
determining: (a) when to execute, reject, or suspend a wire transfer lacking required originator or
required beneficiary information; and (b) the appropriate follow-up action.
Money or value transfer service operators
16.16 Money or value transfer service (MVTS) providers should be required to comply with all of the
relevant requirements of R.16 in the countries in which they operate, directly or through their
agents.
16.17 In the case of a MVTS provider that controls both the ordering and the beneficiary side of a wire
transfer, the MVTS provider should be required to:
(a) take into account all the information from both the ordering and beneficiary sides in
order to determine whether an STR has to be filed; and
(b) file an STR in any country affected by the suspicious wire transfer, and make
relevant transaction information available to the Financial Intelligence Unit.
36
Countries may adopt a de minimis threshold for cross-border wire transfers (no higher than
USD/EUR1,000). Countries may, nevertheless, require that incoming cross-border wire transfers below the
threshold contain required and accurate originator information.
29
Recommendation 17 – Reliance on Third Parties
17.1 If financial institutions are permitted to rely on third-party financial institutions and DNFBPs to
perform elements (a)-(c) of the CDD measures set out in Recommendation 10 (identification of the
customer; identification of the beneficial owner; and understanding the nature of the business) or to
introduce business, the ultimate responsibility for CDD measures should remain with the financial
institution relying on the third party, which should be required to:
(a) obtain immediately the necessary information concerning elements (a)-(c) of the CDD
measures set out in Recommendation 10;
(b) take steps to satisfy itself that copies of identification data and other relevant documentation
relating to CDD requirements will be made available from the third party upon request
without delay;
(c) satisfy itself that the third party is regulated, and supervised or monitored for, and has
measures in place for compliance with, CDD and record-keeping requirements in line with
Recommendations 10 and 11.
17.2 When determining in which countries the third party that meets the conditions can be based,
countries should have regard to information available on the level of country risk.
17.3 For financial institutions that rely on a third party that is part of the same financial group, relevant
competent authorities37 may also consider that the requirements of the criteria above are met in the
following circumstances:
(a) That group applies CDD and record-keeping requirements, in line with Recommendations
10 to 12, and programmes against money laundering and terrorist financing, in accordance
with Recommendation 18;
(b) The implementation of those CDD and record-keeping requirements and AML/CFT
programmes is supervised at a group level by a competent authority.
(c) Any higher country risk is adequately mitigated by the group’s AML/CFT policies.
37
The term relevant competent authorities in R.17 means (i) the home authority, that should be involved for
the understanding of group policies and controls at group-wide level, and (ii) the host authorities, that
should be involved for the branches/subsidiaries.
30
Recommendation 18 – Internal Controls and Foreign Branches and Subsidiaries
18.1 Financial institutions should be required to implement programmes against money laundering and
terrorist financing, which have regard to the ML/TF risks and the size of the business, and which
include the following internal policies, procedures and controls:
(a) compliance management arrangements (including the appointment of a compliance officer
at the management level);
(b) screening procedures to ensure high standards when hiring employees;
(c) an ongoing employee training programme; and
(d) an independent audit function to test the system.
18.2 Financial groups should be required to implement group-wide programmes against money
laundering and terrorist financing, which should be applicable, and appropriate to, all branches and
majority-owned subsidiaries of the financial group. These should include the measures set out in
18.1 and also:
(a) policies and procedures for sharing information required for the purposes of CDD and
money laundering and terrorist financing risk management;
(b) the provision, at group-level compliance, audit, and/or AML/CFT functions, of customer,
account, and transaction information from branches and subsidiaries when necessary for
AML/CFT purposes; and
(c) adequate safeguards on the confidentiality and use of information exchanged.
18.3 Financial institutions should be required to ensure that their foreign branches and majority-owned
subsidiaries apply AML/CFT measures consistent with the home country requirements, to the
extent that host country laws and regulations permit.
If the host country does not permit the proper implementation of AML/CFT measures consistent
with the home country requirements, financial groups should be required to apply appropriate
additional measures to manage the money laundering and terrorist financing risks, and inform their
home supervisors.
31
Recommendation 19 – Higher Risk Countries
19.1 Financial institutions should be required to apply enhanced due diligence, proportionate to the
risks, to business relationships and transactions with natural and legal persons (including financial
institutions) from countries for which this is called for by the FATF.
19.2 Countries should be able to apply countermeasures proportionate to the risks: (a) when called upon
to do so by the FATF, and (b) independently of any call by the FATF to do so.
19.3 Countries should have measures in place to ensure that financial institutions are advised of
concerns about weaknesses in the AML/CFT systems of other countries.
32
Recommendation 20 – Reporting of Suspicious Transactions
20.1 If a financial institution suspects or has reasonable grounds to suspect that funds are the proceeds of
a criminal activity38, or are related to terrorist financing, it should be required, by law, to report
promptly its suspicions to the financial intelligence unit (FIU).
20.2 Financial institutions should be required to report all suspicious transactions, including attempted
transactions, regardless of the amount of the transaction.
38
“Criminal activity” refers to: (a) all criminal acts that would constitute a predicate offence for money
laundering in the country; or (b) at a minimum, to those offences that would constitute a predicate offence,
as required by Recommendation 3.
33
Recommendation 21 – Tipping-off and Confidentiality
21.1 Financial institutions and their directors, officers and employees should be protected by law from
both criminal and civil liability for breach of any restriction on disclosure of information imposed
by contract or by any legislative, regulatory or administrative provision, if they report their
suspicions in good faith to the FIU. This protection should be available even if they did not know
precisely what the underlying criminal activity was, and regardless of whether illegal activity
actually occurred.
21.2 Financial institutions and their directors, officers and employees should be prohibited by law from
disclosing the fact that a suspicious transaction report or related information is being filed with the
FIU.
34
Recommendation 22 – DNFBPs: Customer Due Diligence
22.1 Designated non-financial businesses and professions (DNFBPs) should be required to comply with
the CDD requirements set out in Recommendation 10 in the following situations:
(a) Casinos – when customers engage in financial transactions39 equal to or above USD/EUR
3,000.
(b) Real estate agents – when they are involved in transactions for a client concerning the
buying and selling of real estate40.
(c) Dealers in precious metals and dealers in precious stones – when they engage in any cash
transaction with a customer equal to or above USD/EUR 15,000.
(d) Lawyers, notaries, other independent legal professionals and accountants when they prepare
for or carry out transactions for their client concerning the following activities:
- buying and selling of real estate;
- managing of client money, securities or other assets;
- management of bank, savings or securities accounts;
- organisation of contributions for the creation, operation or management of
companies;
- creation, operation or management of legal persons or arrangements, and buying
and selling of business entities.
(e) Trust and company service providers when they prepare for or carry out transactions for a
client concerning the following activities:
- acting as a formation agent of legal persons;
- acting as (or arranging for another person to act as) a director or secretary of a
company, a partner of a partnership, or a similar position in relation to other legal
persons;
- providing a registered office, business address or accommodation, correspondence
or administrative address for a company, a partnership or any other legal person or
arrangement;
- acting as (or arranging for another person to act as) a trustee of an express trust or
performing the equivalent function for another form of legal arrangement;
- acting as (or arranging for another person to act as) a nominee shareholder for
another person.
22.2 In the situations set out in Criterion 22.1, DNFBPs should be required to comply with the record-
keeping requirements set out in Recommendation 11.
39
Conducting customer identification at the entry to a casino could be, but is not necessarily, sufficient.
Countries must require casinos to ensure that they are able to link customer due diligence information for a
particular customer to the transactions that the customer conducts in the casino. “Financial transactions”
does not refer to gambling transactions that involve only casino chips or tokens.
40
This means that real estate agents should comply with the requirements set out in Recommendation 10 with
respect to both the purchasers and the vendors of the property.
35
22.3 In the situations set out in Criterion 22.1, DNFBPs should be required to comply with the PEPs
requirements set out in Recommendation 12.
22.4 In the situations set out in Criterion 22.1, DNFBPs should be required to comply with the new
technologies requirements set out in Recommendation 15.
22.5 In the situations set out in Criterion 22.1, DNFBPs should be required to comply with the reliance
on third-parties requirements set out in Recommendation 17.
36
Recommendation 23 – DNFBPs: Other Measures
23.1 The requirements to report suspicious transactions set out in Recommendation 20 should apply to
all DNFBPs subject to the following qualifications:
(a) Lawyers, notaries, other independent legal professionals and accountants 41 when, on behalf
of or for a client, they engage in a financial transaction in relation to the activities described
in criterion 22.1(d)42.
(b) Dealers in precious metals or stones - when they engage in a cash transaction with a
customer equal to or above USD/EUR 15,000.
(c) Trust and company service providers when, on behalf or for a client, they engage in a
transaction in relation to the activities described in criterion 22.1(e).
23.2 In the situations set out in criterion 23.1, DNFBPs should be required to comply with the internal
controls requirements set out in Recommendation 18.
23.3 In the situations set out in criterion 23.1, DNFBPs should be required to comply with the higher-
risk countries requirements set out in Recommendation 19.
23.4 In the situations set out in criterion 23.1, DNFBPs should be required to comply with the tipping-
off and confidentiality requirements set out in Recommendation 2143.
41
Lawyers, notaries, other independent legal professionals, and accountants acting as independent legal
professionals, are not required to report suspicious transactions if the relevant information was obtained in
circumstances where they are subject to professional secrecy or legal professional privilege. It is for each
country to determine the matters that would fall under legal professional privilege or professional secrecy.
This would normally cover information lawyers, notaries or other independent legal professionals receive
from or obtain through one of their clients: (a) in the course of ascertaining the legal position of their client,
or (b) in performing their task of defending or representing that client in, or concerning judicial,
administrative, arbitration or mediation proceedings.
42
Where countries allow lawyers, notaries, other independent legal professionals and accountants to send
their STRs to their appropriate self-regulatory bodies (SRBs), there should be forms of co-operation
between these bodies and the FIU
43
Where lawyers, notaries, other independent legal professionals and accountants acting as independent legal
professionals seek to dissuade a client from engaging in illegal activity, this does not amount to tipping-off.
37
Recommendation 24 – Transparency and Beneficial Ownership of Legal Persons44
24.1 [Countries should take measures to prevent the misuse of legal persons for money laundering or
terrorist financing.]
24.2 Countries should have mechanisms that identify and describe: (a) the different types, forms and
basic features of legal persons in the country; and (b) the processes for the creation of those legal
persons, and for obtaining and recording of basic and beneficial ownership information; and should
make this information publicly available.
24.3 Countries should assess the money laundering and terrorist financing risks associated with all types
of legal person created in the country.
Basic Information
24.4 Countries should require that all companies created in a country are registered in a company
registry, which should record the company name, proof of incorporation, legal form and status, the
address of the registered office, basic regulating powers, and a list of directors. This information
should be publicly available.
24.5 Companies should be required to maintain the information set out in Criterion 24.4, and also to
maintain a register of their shareholders or members45, containing the number of shares held by
each shareholder and categories of shares (including the nature of the associated voting rights).
This information should be maintained within the country at a location notified to the company
registry46.
24.6 Countries should have mechanisms that ensure that the information referred to in criteria 24.4 and
24.5 is accurate and updated on a timely basis.
Beneficial Ownership Information
24.7 Countries should use one or more of the following mechanisms to ensure that information on the
beneficial ownership of a company is obtained by that company and available at a specified
44
Assessors should consider the application of all the criteria to all relevant types of legal persons. The
manner in which these requirements are addressed may vary according to the type of legal person involved:
1. Companies - The criteria below set out the measures required by R.24 with specific reference to
companies.
2. Foundations, Anstalt, and limited liability partnerships - countries should take similar measures and
impose similar requirements as those required for companies, taking into account their different forms
and structures.
3. Other types of legal persons - countries should take into account the different forms and structures of
those other legal persons, and the levels of money laundering and terrorist financing risks associated
with each type of legal person, with a view to achieving appropriate levels of transparency. At a
minimum, all legal persons should ensure that similar types of basic information are recorded.
45
The register of shareholders and members can be recorded by the company itself or by a third person under
the company’s responsibility.
46
In cases in which the company or company registry holds beneficial ownership information within the
country, the register of shareholders and members need not be in the country, if the company can provide
this information promptly on request.
38
location in their country; or can be otherwise determined in a timely manner by a competent

authority:
(a) Requiring companies or company registries to obtain and hold up-to-date information on
the companies’ beneficial ownership;
(b) Requiring companies to take reasonable measures to obtain and hold up-to-date information
on the companies’ beneficial ownership;
(c) Using existing information, including: (i) information obtained by financial institutions
and/or DNFBPs, in accordance with Recommendations 10 and 22; (ii) information held by
other competent authorities on the legal and beneficial ownership of companies; (iii)
information held by the company as required in criterion 24.4 above; and (iv) available
information on companies listed on a stock exchange, where disclosure requirements ensure
adequate transparency of beneficial ownership.
24.8 Countries should require that the beneficial ownership information is accurate and as up-to-date as
possible.
24.9 Countries should ensure that companies cooperate with competent authorities to the fullest extent
possible in determining the beneficial owner, by:
(a) requiring that one or more natural persons resident in the country is authorised by the
company47, and accountable to competent authorities, for providing all basic information
and available beneficial ownership information, and giving further assistance to the
authorities; and/or
(b) requiring that a DNFBP in the country is authorised by the company, and accountable to
competent authorities, for providing all basic information and available beneficial
ownership information, and giving further assistance to the authorities; and/or
(c) taking other comparable measures, specifically identified by the country.
24.10 All the persons, authorities and entities mentioned above, and the company itself (or its
administrators, liquidators or other persons involved in the dissolution of the company), should be
required to maintain the information and records referred to for at least five years after the date on
which the company is dissolved or otherwise ceases to exist, or five years after the date on which
the company ceases to be a customer of the professional intermediary or the financial institution.
Other Requirements
24.11 Competent authorities, and in particular law enforcement authorities, should have all the powers
necessary to obtain timely access to the basic and beneficial ownership information held by the
relevant parties.
24.12 Countries that have legal persons able to issue bearer shares or bearer share warrants should apply
one or more of the following mechanisms to ensure that they are not misused for money laundering
or terrorist financing:
(a) prohibiting bearer shares and share warrants;
(b) converting bearer shares and share warrants into registered shares or share warrants (for
example through dematerialisation);
(c) immobilising bearer shares and share warrants by requiring them to be held with a
regulated financial institution or professional intermediary; or
47
Members of the company’s board or senior management may not require specific authorisation by the
company.
39
(d) requiring shareholders with a controlling interest to notify the company, and the company
to record their identity; or
(e) using other mechanisms identified by the country.
24.13 Countries that have legal persons able to have nominee shares and nominee directors should apply
one or more of the following mechanisms to ensure they are not misused:
(a) requiring nominee shareholders and directors to disclose the identity of their nominator to
the company and to any relevant registry, and for this information to be included in the
relevant register; or
(b) requiring nominee shareholders and directors to be licensed, for their nominee status to be
recorded in company registries, and for them to maintain information identifying their
nominator, and make this information available to the competent authorities upon request. ;
or
(c) using other mechanisms identified by the country.
24.14 There should be liability and proportionate sanctions, as appropriate for any legal or natural person
that fails to comply with the requirements.
[24.15 Countries should rapidly provide international cooperation in relation to basic and beneficial
ownership information, on the basis set out in Recommendations 37 and 40. This should include:
(a) facilitating access by foreign competent authorities to basic information held by company
registries;
(b) exchanging information on shareholders; and
(c) using their competent authorities’ investigative powers, in accordance with their domestic
law, to obtain beneficial ownership information on behalf of foreign counterparts.]
24.16 Countries should monitor the quality of assistance they receive from other countries in response to
requests for basic and beneficial ownership information or requests for assistance in locating
beneficial owners residing abroad.
40
Recommendation 25 – Transparency and Beneficial Ownership of Legal Arrangements48
25.1 [Countries should take measures to prevent the misuse of legal arrangements in relation to money
laundering and terrorist financing]
25.2 Countries should require:
(a) trustees of any express trust governed under their law49 to obtain and hold adequate,
accurate, and current information on the identity of the settlor, the trustee(s), the protector
(if any), the beneficiaries or class of beneficiaries, and any other natural person exercising
ultimate effective control over the trust.
(b) trustees of any trust governed under their law to hold basic information on other regulated
agents of, and service providers to, the trust, including investment advisors or managers,
accountants, and tax advisors.
(c) professional trustees to maintain this information for at least five years after their
involvement with the trust ceases.
25.3 Countries should require that any information held pursuant to this Recommendation is accurate
and updated on a timely basis.
25.4 All countries should take measures to ensure that trustees disclose their status to financial
institutions and DNFBPs when forming a business relationship or carrying out an occasional
transaction above the threshold.
25.5 Trustees should not be prevented by law or enforceable means from providing competent
authorities with any information relating to the trust50; or from providing financial institutions and
DNFBPs, upon request, with information on the beneficial ownership and the assets of the trust to
be held or managed under the terms of the business relationship.
25.6 Competent authorities, and in particular law enforcement authorities, should have all the powers
necessary to be able to obtain timely access to information held by trustees, and other parties (in
particular information held by financial institutions and DNFBPs), on the beneficial ownership and
control of the trust, including: (a) the beneficial ownership; (b) the residence of the trustee; and (c)
any assets held or managed by the financial institution or DNFBP, in relation to any trustees with
which they have a business relationship, or for which they undertake an occasional transaction.
[25.7 Countries should rapidly provide international cooperation in relation to information, including
beneficial ownership information, on trusts and other legal arrangements, on the basis set out in
Recommendations 37 and 40. This should include:
48
The measures required by R.25 are set out with specific reference to trusts. This should be understood as
referring to express trusts (as defined in the glossary). In relation to other types of legal arrangement with a
similar structure or function, countries should take similar measures to those required for trusts, with a
view to achieving similar levels of transparency. At a minimum, countries should ensure that information
similar to that specified in respect of trusts should be recorded and kept accurate and current, and that such
information is accessible in a timely way by competent authorities.
49
Countries are not required to give legal recognition to trusts. Countries need not include the requirements
of Criteria 25.2; 25.3; and 25.6 in legislation, provided that appropriate obligations to such effect exist for
trustees (e.g. through common law or case law).
50
Domestic competent authorities or the relevant competent authorities of another country pursuant to an
appropriate international cooperation request.
41
(a) facilitating access by foreign competent authorities to basic information held by registries
or other domestic authorities;
(b) exchanging domestically available information on the trusts or other legal arrangement; and
(c) using their competent authorities’ investigative powers, in accordance with domestic law, in
order to obtain beneficial ownership information on behalf of foreign counterparts.]
25.8 Countries should ensure that trustees are either (a) legally liable for any failure to perform the
duties relevant to meeting their obligations; or (b) that there are proportionate sanctions, whether
criminal, civil or administrative, for failing to comply51 .
25.9 Countries should ensure that there are proportionate sanctions, whether criminal, civil or
administrative, for failing to grant to competent authorities timely access to information regarding
the trust referred to in criterion 25.2.
51
This does not affect the requirements for proportionate sanctions for failure to comply with requirements
elsewhere in the Recommendations.
42
Recommendation 26 – Regulation and Supervision of Financial Institutions
26.1 Countries should designate one or more supervisors that have responsibility for regulating and
supervising (or monitoring) financial institutions’ compliance with the requirements to combat
money laundering and terrorist financing.
[26.2 The designated supervisors should have adequate financial, human and technical resources and
sufficient operational independence and autonomy to ensure freedom from undue influence or
interference. There should also be processes to ensure that the staff of these supervisors maintain
high professional standards, including standards concerning confidentiality, and should be of high
integrity and be appropriately skilled.]
Market Entry
26.3 Core principles financial institutions should be required to be licensed. Other financial institutions,
including those providing a money or value transfer service or a money or currency changing
service, should be licensed or registered. Countries should not approve the establishment of shell
banks.
26.4 The relevant supervisor should have powers to prevent criminals or their associates from holding
(or being the beneficial owner of) a significant or controlling interest, or holding a management
function, in a financial institution.
Risk-based approach to supervision and monitoring
26.5 Financial institutions should be subject to:
(a) for core principles institutions - regulation and supervision in line with the core principles,
where relevant for AML/CFT. This should include applying consolidated group supervision
for AML/CFT purposes.
(b) for financial institutions providing a money or value transfer service, or a money or
currency changing service - systems for monitoring and ensuring compliance with national
requirements to combat money laundering and terrorist financing.
(c) for all other financial institutions - regulation and supervision or monitoring, having regard
to the risk of money laundering or terrorist financing in that sector.
26.6 The frequency and intensity of on-site and off-site AML/CFT supervision of financial institutions
or groups should be determined on the basis of:
(a) the money laundering and terrorist financing risks and the policies, internal controls and
procedures associated with the institution or group, as identified by the supervisor’s
assessment of the institution’s or group’s risk profile;
(b) the money laundering and terrorist financing risks present in the country; and
(c) the characteristics of the financial institutions or groups, in particular the diversity and
number of financial institutions and the degree of discretion allowed to them under the
RBA.
26.7 The supervisor should review the assessment of the money laundering and terrorist financing risk
profile of a financial institution or group (including the risks of non-compliance) periodically, and
when there are major events or developments in the management and operations of the financial
institution or group.
43
Recommendation 27 – Powers of Supervisors
27.1 Supervisors should have powers to supervise or monitor and ensure compliance by financial
institutions, with requirements to combat money laundering and terrorist financing.
27.2 Supervisors should have the authority to conduct inspections of financial institutions.
27.3 Supervisors should be authorised to compel[52] production of any information relevant to
monitoring compliance with the AML/CFT requirements.
27.4 Supervisor should be authorised to impose sanctions in line with Recommendation 35 for failure to
comply with the AML/CFT requirements.. This should include powers to impose a range of
disciplinary and financial sanctions, including the power to withdraw, restrict or suspend the
financial institution’s licence.
52
[The supervisor’s power to compel production of or to obtain access for supervisory purposes should not
be predicated on the need to require a court order.]
44
Recommendation 28 – Regulation and Supervision of DNFBPs
Casinos
28.1 Countries should ensure that casinos are subject to AML/CFT regulation and supervision. At a
minimum:
(a) Countries should require casinos to be licensed.
(b) Competent authorities should have powers to prevent criminals or their associates from
holding (or being the beneficial owner of) a significant or controlling interest, or holding a
management function, or being an operator of a casino.
(c) Casinos should be supervised for compliance with AML/CFT requirements.
Other DNFBPs
28.2 There should be a designated competent authority or self-regulatory body (SRB) responsible for
monitoring and ensuring compliance of DNFBPs with AML/CFT requirements.
28.3 Countries should ensure that the other categories of DNFBPs are subject to systems for monitoring
compliance with AML/CFT requirements.
28.4 The designated competent authority or SRB should:
(a) have adequate powers to perform its functions, including powers to monitor compliance.
(b) have powers to prevent criminals or their associates from being professionally accredited,
or holding (or being the beneficial owner of) a significant or controlling interest, or holding
a management function in a DNFBP.
(c) have sanctions available in line with Recommendation 35 to deal with failure to comply
with AML/CFT requirements.
All DNFBPs
28.5 Supervision of DNFBPs should be performed on a risk-sensitive basis. This should include:
(a) determining the frequency and intensity of AML/CFT supervision of DNFBPs on the basis
of their understanding of the ML/TF risks, taking into consideration the characteristics of
the DNFBPs, in particular their diversity and number.
(b) taking into account the money laundering and terrorist financing risk profile of those
DNFBPs, and the degree of discretion allowed to them under the RBA, when assessing the
adequacy of the AML/CFT internal controls, policies and procedures of DNFBPs.
[28.6 The supervisor or SRB should have adequate financial, human and technical resources to perform
its functions. There should also be processes to ensure that the staff of those authorities maintain
45
Recommendation 29 – Financial Intelligence Units
29.1 Countries should establish a financial intelligence unit (FIU), with responsibility for acting as a
national centre for receipt and analysis of: suspicious transaction reports; and other information
relevant to money laundering, associated predicate offences and terrorist financing, and for the
dissemination of the results of that analysis.53
29.2 The FIU should serve as the central agency for the receipt of disclosures filed by reporting entities,
including:
(a) suspicious transaction reports filed by reporting entities as required by Recommendation 20
and 23; and
(b) any other information as required by national legislation (such as cash transaction reports,
wire transfers reports and other threshold-based declarations/disclosures).
29.3 The FIU should:
(a) in addition to the information that entities report to the FIU, be able to obtain and use
additional information from reporting entities, as needed to perform its analysis properly;
and
(b) have access to the widest possible range54 of financial, administrative and law enforcement
information that it requires to properly undertake its functions.
29.4 The FIU should conduct:
(a) operational analysis, which uses available and obtainable information to identify specific
targets, to follow the trail of particular activities or transactions, and to determine links
between those targets and possible proceeds of crime, money laundering, predicate offences
and terrorist financing; and
(b) strategic analysis, which uses available and obtainable information, including data that may
be provided by other competent authorities, to identify money laundering and terrorist
financing related trends and patterns.
29.5 The FIU should be able to disseminate, spontaneously and upon request, information and the
results of its analysis to relevant competent authorities, and should use dedicated, secure and
protected channels for the dissemination.
29.6 The FIU should protect information by:
(a) having rules in place governing the security and confidentiality of information, including
procedures for handling, storage, dissemination, and protection of, as well as access to
information;
(b) ensuring that its staff members of the FIU have the necessary security clearance levels and
understanding of their responsibilities in handling and disseminating sensitive and
confidential information; and
53
Considering that there are different FIU models, Recommendation 29 does not prejudge a country’s choice
for a particular model, and applies equally to all of them.
54
This should include information from open or public sources, as well as relevant information collected
and/or maintained by, or on behalf of, other authorities and, where appropriate commercially held data.
46
(c) ensuring that there is limited access to its facilities and information, including information
technology systems.
29.7 The FIU should be operationally independent and autonomous, by:
(a) having the authority and capacity to carry out its functions freely, including the autonomous
decision to analyse, request and/or forward or disseminate specific information;
(b) being able to make arrangements or engage independently with other domestic competent
authorities or foreign counterparts on the exchange of information;
(c) when it is located within the existing structure of another authority, having distinct core
functions from those of the other authority; and
(d) being able to obtain and deploy the resources needed to carry out its functions, on an
individual or routine basis, free from any undue political, government or industry influence
or interference, which might compromise its operational independence.
[29.8 The FIU should be provided with adequate financial, human and technical resources, in a manner
that secures its autonomy and independence and allows it to conduct its mandate effectively.
Countries should have in place processes to ensure that the staff of the FIU maintain high
professional standards, including standards concerning confidentiality, and should be of high
47
Recommendation 30 – Responsibilities of Law Enforcement and Investigative Authorities
30.1 There should be designated law enforcement authorities that have responsibility for ensuring that
money laundering, predicate offences and terrorist financing offences are properly investigated,
within the framework of national AML/CFT policies.
30.2 Law enforcement investigators of predicate offences should either be authorised to pursue the
investigation of any related money laundering and terrorist financing offences during a parallel
financial investigation55, or be able to refer the case to another agency to follow up with such
investigations.
30.3 There should be one or more designated competent authorities to expeditiously identify, trace, and
initiate freezing and seizing of property that is, or may become, subject to confiscation, or is
suspected of being proceeds of crime.
30.4 Countries should ensure that Recommendation 30 also applies to those competent authorities,
which are not law enforcement authorities, per se, but which have the responsibility for pursuing
financial investigations of predicate offences, to the extent that these competent authorities are
exercising functions covered under Recommendation 30.
30.5 Anti-corruption enforcement authorities which are designated to investigate money laundering and
terrorist financing offences arising from, or related to, corruption offences under Recommendation
30, should also have sufficient powers to identify, trace, and initiate freezing and seizing of assets.
[30.6 Law enforcement authorities and prosecutorial authorities should have adequate financial, human
and technical resources. There should be processes to ensure that the staff of these authorities
maintain high professional standards, including standards concerning confidentiality, and should be
of high integrity and be appropriately skilled.]
55
A ‘parallel financial investigation’ refers to conducting a financial investigation alongside, or in the
context of, a (traditional) criminal investigation into money laundering, terrorist financing and/or predicate
offence(s).
A ‘financial investigation’ means an enquiry into the financial affairs related to a criminal activity, with a
view to: (i) identifying the extent of criminal networks and/or the scale of criminality; (ii) identifying and
tracing the proceeds of crime, terrorist funds or any other assets that are, or may become, subject to
confiscation; and (iii) developing evidence which can be used in criminal proceedings.
48
Recommendation 31 – Powers of Law Enforcement and Investigative Authorities
31.1 Competent authorities conducting investigations of money laundering, associated predicate

offences and terrorist financing should be able to obtain access to all necessary documents and
information for use in those investigations, and in prosecutions and related actions. This should
include powers to use compulsory measures for:
(a) the production of records held by financial institutions, DNFBPs and other natural or legal
persons;
(b) the search of persons and premises;
(c) taking witness statements; and
(d) seizing and obtaining evidence.
31.2 Competent authorities conducting investigations should be able to use a wide range of investigative
techniques for the investigation of money laundering, associated predicate offences and terrorist
financing, including:
(a) undercover operations;
(b) intercepting communications;
(c) accessing computer systems; and
(d) controlled delivery.
31.3 Countries should have mechanisms in place:
(a) to identify, in a timely manner, whether natural or legal persons hold or control accounts;
and
(b) to ensure that competent authorities have a process to identify assets without prior
notification to the owner.
31.4 Competent authorities conducting investigations of money laundering, associated predicate
offences and terrorist financing should be able to ask for all relevant information held by the FIU.
49
Recommendation 32 – Cash Couriers
32.1 Countries should implement a declaration system or a disclosure system for incoming and outgoing
cross-border transportation of currency and bearer negotiable instruments (BNIs).
32.2 In a declaration system, all persons making a physical cross-border transportation of currency or
BNIs, which are of a value exceeding a pre-set, maximum threshold of USD/EUR 15,000, should
be required to submit a truthful declaration to the designated competent authorities. Countries may
opt from among the following three different types of declaration system:
(a) A written declaration system for all travellers;
(b) A written declaration system for travellers carrying amounts above a threshold; and/or
(c) An oral declaration system for all travellers.
32.3 In a disclosure system, travellers should be required to give a truthful answer and provide the
authorities with appropriate information upon request, but are not required to make an upfront
written or oral declaration.
32.4 Upon discovery of a false declaration or disclosure of currency or BNIs or a failure to declare or
disclose them, designated competent authorities should have the authority to request and obtain
further information from the carrier with regard to the origin of the currency or BNIs and their
intended use.
32.5 Persons who make a false declaration or disclosure should be subject to proportionate sanctions,
whether criminal, civil or administrative.
32.6 Information obtained through the declaration/disclosure process should be available to the financial
intelligence unit (FIU) either through: (a) a system whereby the FIU is notified about suspicious
cross-border transportation incidents; or (b) by making the declaration/disclosure information
directly available to the FIU in some other way.
32.7 At the domestic level, countries should ensure that there is adequate co-ordination among customs,
immigration and other related authorities on issues related to the implementation of
Recommendation 32.
32.8 Competent authorities should be able to stop or restrain currency or BNIs for a reasonable time in
order to ascertain whether evidence of money laundering or terrorist financing may be found in
cases:
(a) where there is a suspicion of money laundering, terrorist financing or predicate offences; or
(b) where there is a false declaration or false disclosure.
32.9 Countries should ensure that the declaration/disclosure system allows for international co-operation
and assistance, in accordance with Recommendations 36 to 40. To facilitate such co-operation,
information56 shall be retained when:
(a) a declaration or disclosure which exceeds the prescribed threshold is made; or
(b) there is a false declaration or false disclosure; or
(c) there is a suspicion of money laundering, or terrorist financing
56
At a minimum, the information should set out (i) the amount of currency or BNIs declared, disclosed or
otherwise detected, and (ii) the identification data of the bearer(s).
50
32.10 Countries should ensure that strict safeguards exist to ensure proper use of information collected
through the declaration/disclosure systems and without restricting either: (i) trade payments
between countries for goods and services; or (ii) the freedom of capital movements, in any way.
32.11 Persons who are carrying out a physical cross-border transportation of currency or BNIs that are
related to terrorist financing, money laundering or predicate offences should be subject to: (a)
proportionate sanctions, whether criminal, civil or administrative; and (b) measures consistent with
Recommendation 4 which would enable the confiscation of such currency or BNIs;
[32.12 Competent authorities responsible for implementing Recommendation 32 should have adequate
financial, human and technical resources. Countries should have processes or training in place to
ensure that the staff of these authorities maintain high professional standards, including standards
concerning confidentiality, and should be of high integrity and be appropriately skilled.]
51
Recommendation 33 – Statistics
33.1 Countries should maintain comprehensive statistics on matters relevant to the effectiveness and
efficiency of their AML/CFT systems. This should include keeping statistics on:
(a) Suspicious transaction reports, received and disseminated;
(b) ML & FT investigations, prosecutions and convictions;
(c) Property frozen; seized and confiscated; and
(d) Mutual legal assistance or other international requests for co-operation.
52
Recommendation 34 – Guidance and Feedback
34.1 Competent authorities, supervisors, and SRBs should establish guidelines and provide feedback,
which will assist financial institutions and DNFBPs in applying national measures to combat
money laundering and terrorist financing, and in particular, in detecting and reporting suspicious
transactions.
53
Recommendation 35 – Sanctions
35.1 Countries should ensure that there is a range of proportionate sanctions, whether criminal, civil or
administrative, available to deal with natural or legal persons that fail to comply with the
AML/CFT requirements of Recommendations 6, and 8 to 23.57
35.2 Sanctions should be available in relation not only to the legal persons that are financial institutions
or businesses but also to their directors and senior management.
57
The sanctions should be directly or indirectly applicable for a failure to comply. They need not be in the
same document that imposes or underpins the requirement, and can be in another document, provided there
are clear links between the requirement and the available sanctions.
54
Recommendation 36 – International Instruments
36.1 Countries should become a party to, [and fully implement], the Vienna Convention, the Palermo
Convention, the United Nations Convention against Corruption (the Merida Convention) and the
Terrorist Financing Convention.[58]
58
The relevant articles are: the Vienna Convention (Articles 3-11, 15, 17 and 19), the Palermo Convention
(Articles 5-7, 10-16, 18-20, 24-27, 29-31, & 34), the Merida Convention (Articles 14-17, 23-24, 26-31, 38,
40, 43-44, 46, 48, 50-55, 57-58), and the Terrorist Financing Convention (Articles 2-18).
55
Recommendation 37 – Mutual Legal Assistance
37.1 Countries should have a legal basis that allows them to rapidly provide the widest possible range of
mutual legal assistance in relation to money laundering, associated predicate offences and terrorist
financing investigations, prosecutions and related proceedings.
37.2 Countries should use a central authority, or another established official mechanism, for the
transmission and execution of requests. There should be clear processes for the timely prioritisation
and execution of mutual legal assistance requests. To monitor progress on requests, a case
management system should be maintained.
37.3 Mutual legal assistance should not be prohibited or made subject to unreasonable or unduly
restrictive conditions.
37.4 Countries should not refuse a request for mutual legal assistance :
(a) on the sole ground that the offence is also considered to involve fiscal matters; or
(b) on the grounds of secrecy or confidentiality requirements on financial institutions [or
DNFBPs59].
37.6 Countries should maintain the confidentiality of mutual legal assistance requests that they receive
and the information contained in them, subject to fundamental principles of domestic law, in order
to protect the integrity of the investigation or inquiry.
37.7 Where mutual legal assistance requests do not involve coercive actions, countries should not make
dual criminality a condition for rendering assistance.
37.8 Where dual criminality is required for mutual legal assistance, that requirement should be deemed
to be satisfied regardless of whether both countries place the offence within the same category of
offence, or denominate the offence by the same terminology, provided that both countries
criminalise the conduct underlying the offence.
37.9 Powers and investigative techniques should be available for use in response to requests for mutual
legal assistance, and, if consistent with the domestic framework, in response to a direct request
from foreign judicial or law enforcement authorities to domestic counterparts. These should
include:
(a) all of the specific powers required under R.31 relating to the production, search and seizure
of information, documents, or evidence (including financial records) from financial
institutions, or other natural or legal persons, and the taking of witness statements; and
(b) a broad range of other investigative techniques that are available domestically (including
the other techniques required under R.31), as well as any additional powers or techniques.
[37.10 The authorities responsible for mutual legal assistance should have adequate financial, human and
technical resources. There should be processes to ensure that the staff of these authorities maintain
59
Except where the relevant information that is sought is held in circumstances where legal professional
privilege or legal professional secrecy applies.
56
Recommendation 38 – Mutual Legal Assistance: Freezing and Confiscation
38.1 Countries should have the authority to take expeditious action in response to requests by foreign
countries to identify, freeze, seize, or confiscate:
(a) laundered property from,
(b) proceeds from,
(c) instrumentalities used in, or
(d) instrumentalities intended for use in,
money laundering, predicate offences, or terrorist financing; or
(e) property of corresponding value.
38.2 Countries should have the authority to provide assistance to requests for cooperation made on the
basis of non-conviction based confiscation proceedings and related provisional measures, unless
this is inconsistent with fundamental principles of domestic law. At a minimum, countries should
have the authority to act in circumstances when a perpetrator is unavailable by reason of death,
flight, absence, or the perpetrator is unknown.
38.3 Countries should have: (a) arrangements for co-ordinating seizure and confiscation actions with
other countries, and (b) mechanisms for managing, and when necessary disposing of, property
frozen, seized or confiscated.
38.4 Countries should be able to share confiscated property with other countries, in particular when
confiscation is directly or indirectly a result of co-ordinated law enforcement actions.
57
Recommendation 39 - Extradition
39.1 Countries should be able to execute extradition requests in relation to money laundering and
terrorist financing without undue delay. In particular, countries should:
(a) ensure money laundering and terrorist financing are extraditable offences;
(b) ensure that they have a case management system, and clear processes for the timely
execution of extradition requests including prioritisation where appropriate; and
(c) not place unreasonable or unduly restrictive conditions on the execution of requests.
39.2 Countries should either:
(a) extradite their own nationals or,
(b) where they do not do so solely on the grounds of nationality, should, at the request of the
country seeking extradition, submit the case without undue delay to its competent
authorities for the purpose of prosecution of the offences set forth in the request.
39.3 Where dual criminality is required for extradition, that requirement should be deemed to be
satisfied regardless of whether both countries place the offence within the same category of
offence, or denominate the offence by the same terminology, provided that both countries
criminalise the conduct underlying the offence.
39.4 Consistent with fundamental principles of domestic law, countries should have simplified
extradition mechanisms60 in place.
[39.5 The authorities responsible for extradition should have adequate financial, human and technical
resources. There should also be processes to ensure that the staff of these authorities maintain high
professional standards, including standards concerning confidentiality, and should be of high
60
Such as allowing direct transmission of requests for provisional arrests between appropriate authorities,
extraditing persons based only on warrants of arrests or judgments, or introducing a simplified extradition
of consenting persons who waive formal extradition proceedings.
58
Recommendation 40 – Other Forms of International Cooperation
General Principles
40.1 Countries should ensure that their competent authorities can rapidly provide the widest range of
international cooperation in relation to money laundering, associated predicate offences and
terrorist financing. Such exchanges of information should be possible both spontaneously and upon
request.
40.2 Competent authorities should:
(a) have a lawful basis for providing cooperation;
(b) be authorised to use the most efficient means to cooperate;
(c) have clear and secure gateways, mechanisms or channels that will facilitate and allow for
the transmission and execution of requests;
(d) have clear processes for the prioritisation and timely execution of requests, and
(e) have clear processes for safeguarding the information received.
40.3 Where competent authorities need bilateral or multilateral agreements or arrangements to
cooperate, these should be negotiated and signed in a timely way, and with the widest range of
foreign counterparts.
40.4 Upon request, requesting competent authorities should provide feedback in a timely manner to
competent authorities from which they have received assistance, on the use and usefulness of the
information obtained.
40.5 Countries should not prohibit, or place unreasonable or unduly restrictive conditions on, the
provision of exchange of information or assistance. In particular, competent authorities should not
refuse a request for assistance on the grounds that:
(a) the request is also considered to involve fiscal matters; and/or
(b) laws require financial institutions or DNFBPs (except where the relevant information that is
sought is held in circumstances where legal professional privilege or legal professional
secrecy applies) to maintain secrecy or confidentiality; and/or
(c) there is an inquiry, investigation or proceeding underway in the requested country, unless
the assistance would impede that inquiry, investigation or proceeding; and/or
(d) the nature or status (civil, administrative, law enforcement, etc.) of the requesting
counterpart authority is different from that of its foreign counterpart.
40.6 Countries should establish controls and safeguards to ensure that information exchanged by
competent authorities is used only for the purpose for which the information was sought or
provided, or with prior authorisation by the requested competent authority.
40.7 Competent authorities should maintain appropriate confidentiality for any request for cooperation
and the information exchanged, consistent with both parties’ obligations concerning privacy and
data protection. At a minimum, competent authorities should protect exchanged information in the
same manner as they would protect similar information received from domestic sources.
Competent authorities should be able to refuse to provide information if the requesting competent
authority cannot protect the information effectively.
59
40.8 Competent authorities should be able to conduct inquiries on behalf of foreign counterparts and
exchange with their foreign counterparts all information that would be obtainable by them if such
inquiries were being carried out domestically.
Exchange of Information between FIUs
40.9 FIUs should have an adequate legal basis for providing cooperation on money laundering,
associated predicate offences and terrorist financing61.
40.10 FIUs should provide feedback to their foreign counterparts, upon request and whenever possible,
on the use of the information provided, as well as on the outcome of the analysis conducted, based
on the information provided.
40.11 FIUs should have the power to exchange:
(a) all information required to be accessible or obtainable directly or indirectly by the FIU, in
particular under Recommendation 29; and
(b) any other information which they have the power to obtain or access, directly or indirectly,
at the domestic level, subject to the principle of reciprocity.
Exchange of information between financial supervisors62
40.12 Financial supervisors should have a legal basis for providing cooperation with their foreign
counterparts (regardless of their respective nature or status), consistent with the applicable
international standards for supervision, in particular with respect to the exchange of supervisory
information related to or relevant for AML/CFT purposes.
40.13 Financial supervisors should be able to exchange with foreign counterparts information
domestically available to them, including information held by financial institutions.
40.14 Financial supervisors should be able to exchange the following types of information when relevant
for AML/CFT purposes, in particular with other supervisors that have a shared responsibility for
financial institutions operating in the same group:
(a) regulatory information, including information on the domestic regulatory system, and
general information on the financial sectors;
(b) prudential information, in particular for Core Principle Supervisors, including information
on the financial institution’s business activities, beneficial ownership, management, and fit
and properness; and
(c) AML/CFT information, including internal AML/CFT procedures and policies of financial
institutions, customer due diligence information, customer files, samples of accounts and
transaction information.
40.15 Financial supervisors should be able to conduct inquiries on behalf of foreign counterparts, and, as
appropriate, to authorise or facilitate the ability of foreign counterparts to conduct inquiries
themselves in the country, in order to facilitate effective group supervision.
61
FIUs should be able to provide cooperation regardless of whether their counterpart FIU is administrative,
law enforcement, judicial or other in nature
62
This refers to financial supervisors which are competent authorities and does not include financial
supervisors which are SRBs.
60
40.16 Financial supervisors should ensure that they have the prior authorisation of the requested financial
supervisor for any dissemination of information exchanged or use of that information for
supervisory and non-supervisory purposes, unless the requesting financial supervisor is under a
legal obligation to disclose or report the information. In such cases, at a minimum, the requesting
financial supervisor should promptly inform the requested authority of this obligation.
Exchange of information between law enforcement authorities
40.17 Law enforcement authorities should be able to exchange domestically available information with
foreign counterparts for intelligence or investigative purposes relating to money laundering,
associated predicate offences or terrorist financing, including the identification and tracing of the
proceeds and instrumentalities of crime.
40.18 Law enforcement authorities should also be able to use their powers, including any investigative
techniques available in accordance with their domestic law, to conduct inquiries and obtain
information on behalf of foreign counterparts. The regimes or practices in place governing such
law enforcement cooperation, such as the agreements between Interpol, Europol or Eurojust and
individual countries, should govern any restrictions on use imposed by the requested law
enforcement authority.
40.19 Law enforcement authorities should be able to form joint investigative teams to conduct
cooperative investigations, and, when necessary, establish bilateral or multilateral arrangements to
enable such joint investigations.
Exchange of information between non-counterparts
40.20 Countries should permit their competent authorities to exchange information indirectly63 with non-
counterparts, applying the relevant principles above. Countries should ensure that the competent
authority that requests information indirectly always make it clear for what purpose and on whose
behalf the request is made.
63
Indirect exchange of information refers to the requested information passing from the requested authority
through one or more domestic or foreign authorities before being received by the requesting authority.
Such an exchange of information and its use may be subject to the authorisation of one or more competent
authorities of the requested country.
61
ANNEX I – EXCERPTS FROM UN CONVENTIONS
International Convention for the Suppression of the Financing of Terrorism, Article 2:
1. Any person commits an offence within the meaning of this Convention if that person by any
means, directly or indirectly, unlawfully and wilfully, provides or collects funds with the intention
that they should be used or in the knowledge that they are to be used, in full or in part, in order to
carry out:
(a) An act which constitutes an offence within the scope of and as defined in one of the treaties
listed in the annex; or
(b) Any other act intended to cause death or serious bodily injury to a civilian, or to any other
person not taking an active part in the hostilities in a situation of armed conflict, when the
purpose of such act, by its nature or context, is to intimidate a population, or to compel a
government or an international organization to do or to abstain from doing any act.
2. (a) On depositing its instrument of ratification, acceptance, approval or accession, a State Party
which is not a party to a treaty listed in the annex may declare that, in the application of this
Convention to the State Party, the treaty shall be deemed not to be included in the annex referred to
in paragraph 1, subparagraph (a). The declaration shall cease to have effect as soon as the treaty
enters into force for the State Party, which shall notify the depositary of this fact;
(b) When a State Party ceases to be a party to a treaty listed in the annex, it may make a declaration
as provided for in this article, with respect to that treaty.
3. For an act to constitute an offence set forth in paragraph 1, it shall not be necessary that the funds
were actually used to carry out an offence referred to in paragraph 1, subparagraphs (a) or (b).
4. Any person also commits an offence if that person attempts to commit an offence as set forth in
paragraph 1 of this article.
5. Any person also commits an offence if that person:
(a) Participates as an accomplice in an offence as set forth in paragraph 1 or 4 of this article;
(b) Organizes or directs others to commit an offence as set forth in paragraph 1 or 4 of this
article;
(c) Contributes to the commission of one or more offences as set forth in paragraphs 1 or 4 of
this article by a group of persons acting with a common purpose. Such contribution shall be
intentional and shall either:
(i) Be made with the aim of furthering the criminal activity or criminal purpose of the
group, where such activity or purpose involves the commission of an offence as set
forth in paragraph 1 of this article; or
(ii) Be made in the knowledge of the intention of the group to commit an offence as set
forth in paragraph 1 of this article.
62
UN Convention against Transnational Organised Crime (Palermo Convention), Article 6:
Criminalization of the laundering of proceeds of crime
1. Each State Party shall adopt, in accordance with fundamental principles of its domestic law, such
legislative and other measures as may be necessary to establish as criminal offences, when
committed intentionally:
(a) (i) The conversion or transfer of property, knowing that such property is the proceeds of crime,
for the purpose of concealing or disguising the illicit origin of the property or of helping
any person who is involved in the commission of the predicate offence to evade the legal
consequences of his or her action;
(ii) The concealment or disguise of the true nature, source, location, disposition, movement or
ownership of or rights with respect to property, knowing that such property is the proceeds
of crime;
(b) Subject to the basic concepts of its legal system:
(i) The acquisition, possession or use of property, knowing, at the time of receipt, that such
property is the proceeds of crime;
(ii) Participation in, association with or conspiracy to commit, attempts to commit and aiding,
abetting, facilitating and counselling the commission of any of the offences established in
accordance with this article.
2. For purposes of implementing or applying paragraph 1 of this article:
(a) Each State Party shall seek to apply paragraph 1 of this article to the widest range of
predicate offences;
(b) Each State Party shall include as predicate offences all serious crime as defined in article 2
of this Convention and the offences established in accordance with articles 5, 8 and 23 of
this Convention. In the case of States Parties whose legislation sets out a list of specific
predicate offences, they shall, at a minimum, include in such list a comprehensive range of
offences associated with organized criminal groups;
(c) For the purposes of subparagraph (b), predicate offences shall include offences committed
both within and outside the jurisdiction of the State Party in question. However, offences
committed outside the jurisdiction of a State Party shall constitute predicate offences only
when the relevant conduct is a criminal offence under the domestic law of the State where it
is committed and would be a criminal offence under the domestic law of the State Party
implementing or applying this article had it been committed there;
(d) Each State Party shall furnish copies of its laws that give effect to this article and of any
subsequent changes to such laws or a description thereof to the Secretary-General of the
United Nations;
(e) If required by fundamental principles of the domestic law of a State Party, it may be
provided that the offences set forth in paragraph 1 of this article do not apply to the persons
who committed the predicate offence;
(f) Knowledge, intent or purpose required as an element of an offence set forth in paragraph 1
may be inferred from objective factual circumstances.
63
UN Convention against illicit traffic in narcotic drugs and psychotropic substances (Vienna Convention);
Article 3(1):
1. Each Party shall adopt such measures as may be necessary to establish as criminal offences under
its domestic law, when committed intentionally:
(a) (i) The production, manufacture, extraction; preparation, offering, offering for sale,
distribution, sale, delivery on any terms whatsoever, brokerage, dispatch, dispatch in transit,
transport, importation or exportation of any narcotic drug or any psychotropic substance
contrary to the provisions of the 1961 Convention, the 1961 Convention as amended or the
1971 Convention;
(ii) The cultivation of opium poppy, coca bush or cannabis plant for the purpose of the
production of narcotic drugs contrary to the provisions of the 1961 Convention and the
1961 Convention as amended;
(iii) The possession or purchase of any narcotic drug or psychotropic substance for the purpose
of any of the activities enumerated in (i) above;
(iv) The manufacture, transport or distribution of equipment, materials or of substances listed in
Table I and Table II, knowing that they are to be used in or for the illicit cultivation,
production or manufacture of narcotic drugs or psychotropic substances;
(v) The organization, management or financing of any of the offences enumerated in (i), (ii),
(iii) or (iv) above;
(b) (i) The conversion or transfer of property, knowing that such property is derived from any
offence or offences established in accordance with subparagraph a) of this paragraph, or
from an act of participation in such offence or offences, for the purpose of concealing or
disguising the illicit origin of the property or of assisting any person who is involved in the
commission of such an offence or offences to evade the legal consequences of his actions;
(ii) The concealment or disguise of the true nature, source, location, disposition, movement,
rights with respect to, or ownership of property, knowing that such property is derived from
an offence or offences established in accordance with subparagraph a) of this paragraph or
from an act of participation in such an offence or offences;
(c) Subject to its constitutional principles and the basic concepts of its legal system:
(i) The acquisition, possession or use of property, knowing, at the time of receipt, that such
property was derived from an offence or offences established in accordance with
subparagraph a) of this paragraph or from an act of participation in such offence or
offences;
(ii) The possession of equipment or materials or substances listed in Table I and Table II,
knowing that they are being or are to be used in or for the illicit cultivation, production or
(iii) Publicly inciting or inducing others, by any means, to commit any of the offences
established in accordance with this article or to use narcotic drugs or psychotropic
substances illicitly;
(iv) Participation in, association or conspiracy to commit, attempts to commit and aiding,
abetting, facilitating and counselling the commission of any of the offences established in
accordance with this article.
64

Technical Compliance Methodology

Uploaded by

Copyright:

Available Formats

Technical Compliance Methodology

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Technical Compliance Methodology

Uploaded by

Copyright:

Available Formats

For Official Use FATF/WGEI(2012)56/ANN1

Financial Action Task Force

Working Group on Evaluations and Implementation

REVISED TECHNICAL COMPLIANCE METHODOLOGY - ANNEX

John CARLSON, Tel.: +(33-1) 45 24 79 46, john.carlson@fatf-gafi.org

REVISED TECHNICAL COMPLIANCE METHODOLOGY – ANNEX

Recommendation 1 – Assessing Risks & Applying a Risk-Based Approach1

Obligations and decisions for Countries

Obligations and decisions for FIs and DNFBPs

1.11 Financial institutions and DNFBPs should be required to:

Recommendation 2 - National Cooperation and Coordination

Recommendation 3 - Money Laundering Offence

Recommendation 4 - Confiscation and Provisional Measures

Recommendation 5 – Terrorist Financing Offence

Recommendation 6 – Targeted Financial Sanctions related to Terrorism & Terrorist Financing

Identifying and designating

6.4 Countries should implement targeted financial sanctions without delay18.

De-listing, unfreezing and providing access to frozen funds or other assets

Recommendation 7 – Target Financial Sanctions related to Proliferation

Recommendation 8 – Non-profit organisations

8.1 Countries should:

Recommendation 9 – Financial Institution Secrecy Laws

Recommendation 10 - Customer Due Diligence27

10.1 Financial institutions should be prohibited from keeping anonymous accounts.

When CDD is required[28]

Required CDD measures for all customers

CDD for Beneficiaries of Life Insurance Policies

Failure to satisfactorily complete CDD

CDD and tipping-off

Recommendation 11 – Record Keeping

Recommendation 12 – Politically Exposed Persons (PEPs)

Recommendation 13 – Correspondent banking

Recommendation 14 – Money or Value Transfer Services

Recommendation 15 – New Technologies

Recommendation 16 – Wire Transfers

Ordering financial institutions

Intermediary financial institutions

Beneficiary financial institutions

Money or value transfer service operators

Recommendation 17 – Reliance on Third Parties

Recommendation 18 – Internal Controls and Foreign Branches and Subsidiaries

Recommendation 19 – Higher Risk Countries

Recommendation 20 – Reporting of Suspicious Transactions

Recommendation 21 – Tipping-off and Confidentiality

Recommendation 22 – DNFBPs: Customer Due Diligence

Recommendation 23 – DNFBPs: Other Measures

Recommendation 24 – Transparency and Beneficial Ownership of Legal Persons44

Beneficial Ownership Information

location in their country; or can be otherwise determined in a timely manner by a competent

Recommendation 25 – Transparency and Beneficial Ownership of Legal Arrangements48

Recommendation 26 – Regulation and Supervision of Financial Institutions

Recommendation 27 – Powers of Supervisors

Recommendation 28 – Regulation and Supervision of DNFBPs

Recommendation 29 – Financial Intelligence Units

Recommendation 30 – Responsibilities of Law Enforcement and Investigative Authorities

Recommendation 31 – Powers of Law Enforcement and Investigative Authorities

31.1 Competent authorities conducting investigations of money laundering, associated predicate

Recommendation 32 – Cash Couriers

Recommendation 34 – Guidance and Feedback