FATF recommendations

About

Contents

List of recommendations

General Glossary

Recommendation

INTERPRETIVE NOTE TO RECOMMENDATION 1 (ASSESSING ML/TF RISKS AND APPLYING A RISK-BASED APPROACH)

The risk-based approach (RBA) is an effective way to combat money laundering and terrorist financing Terrorist financing is the financing of terrorist acts, and of terrorists and terrorist organisations.. In determining how the RBA should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. be implemented in a sector, countries should consider the capacity and anti-money laundering/countering the financing of terrorism (AML/CFT) experience of the relevant sector. Countries should understand that the discretion afforded, and responsibility imposed on, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
1) Acceptance of deposits and other repayable funds from the public.
2) Lending.
3) Financial leasing.
4) Money or value transfer services.
5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
6) Financial guarantees and commitments.
7) Trading in:
a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
b) foreign exchange;
c) exchange, interest rate and index instruments;
d) transferable securities;
8) Participation in securities issues and the provision of financial services related to such issues.
9) Individual and collective portfolio management.
11) Otherwise investing, administering or managing funds or money on behalf of other persons.
12) Underwriting and placement of life insurance and other investment related insurance.
13) Money and currency changing.
and designated non-financial bodies and professions (DNFBPs) by the RBA is more appropriate in sectors with greater AML/CFT capacity and experience. This should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. not exempt financial institutions and DNFBPs from the requirement to apply enhanced measures when they identify higher risk scenarios. By adopting a risk-based approach, competent authoritiesCompetent authorities refers to all public authorities with designated responsibilities for combating money laundering and/or terrorist financing. In particular, this includes the FIU; the authorities that have the function of investigating and/or prosecuting money laundering, associated predicate offences and terrorist financing, and seizing/freezing and confiscating criminal assets; authorities receiving reports on cross-border transportation of currency & BNIs; and authorities that have AML/CFT supervisory or monitoring responsibilities aimed at ensuring compliance by financial institutions and DNFBPs with AML/CFT requirements. SRBs are not to be regarded as a competent authorities., financial institutions and DNFBPs should be able to ensure that measures to prevent or mitigate money laundering and terrorist financing are commensurate with the risks identified, and would enable them to make decisions on how to allocate their own resources in the most effective way.
In implementing a RBA, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
1) Acceptance of deposits and other repayable funds from the public.
2) Lending.
3) Financial leasing.
4) Money or value transfer services.
5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
6) Financial guarantees and commitments.
7) Trading in:
a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
b) foreign exchange;
c) exchange, interest rate and index instruments;
d) transferable securities;
8) Participation in securities issues and the provision of financial services related to such issues.
9) Individual and collective portfolio management.
11) Otherwise investing, administering or managing funds or money on behalf of other persons.
12) Underwriting and placement of life insurance and other investment related insurance.
13) Money and currency changing.
and DNFBPs should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. have in place processes to identify, assess, monitor, manage and mitigate money laundering and terrorist financing Terrorist financing is the financing of terrorist acts, and of terrorists and terrorist organisations. risks. The general principle of a RBA is that, where there are higher risks, countries should require financial institutions and DNFBPs to take enhanced measures to manage and mitigate those risks; and that, correspondingly, where the risks are lower, simplified measures may be permitted. Simplified measures should not be permitted whenever there is a suspicion of money laundering or terrorist financing. Specific Recommendations set out more precisely how this general principle applies to particular requirements. Countries may also, in strictly limited circumstances and where there is a proven low risk of money laundering and terrorist financing, decide not to apply certain Recommendations to a particular type of financial institution or activity, or DNFBP (see below). Equally, if countries determine through their risk assessments that there are types of institutions, activities, businesses or professions that are at risk of abuse from money laundering and terrorist financing, and which do not fall under the definition of financial institution or DNFBP, they should consider applying AML/CFT requirements to such sectors.

Assessing proliferation financing risks and applying risk-based measures

In the context of Recommendation 1, “proliferation financing risk” refers strictly and only to the potential breach, non-implementation or evasion of the targeted financial sanctions obligations referred to Recommendation 7*Paragraphs 1 and 2 of the Interpretive Note to Recommendation 7, and the related footnotes, set out the scope of Recommendation 7 obligations; including that it is limited to targeted financial sanctions and does not cover other requirements of the UNSCRs. The requirements of the FATF Standards relating to proliferation financing are limited to Recommendations 1, 2, 7 and 15 only. The requirements under Recommendation 1 for PF risk assessment and mitigation, therefore, do not expand the scope of other requirements under other Recommendations.. These obligations set out in Recommendation 7 place strict requirements on all natural and legal persons, which are not risk-based. In the context of proliferation financing risk, risk-based measures by financial institutions and DNFBPs seek to reinforce and complement the full implementation of the strict requirements of Recommendation 7, by detecting and preventing the non-implementation, potential breach, or evasion of targeted financial sanctions. In determining the measures to mitigate proliferation financing risks in a sector, countries should consider the proliferation financing risks associated with the relevant sector. By adopting risk-based measures, competent authorities, financial institutions and DNFBPs should be able to ensure that these measures are commensurate with the risks identified, and that would enable them to make decisions on how to allocate their own resources in the most effective way.
Financial institutions and DNFBPs should have in place processes to identify, assess, monitor, manage and mitigate proliferation financing risks*Countries may decide to exempt a particular type of financial institution or DNFBP from the requirements to identify, assess, monitor, manage and mitigate proliferation financing risks, provided there is a proven low risk of proliferation financing relating to such financial institutions or DNFBPs. However, full implementation of the targeted financial sanctions as required by Recommendation 7 is mandatory in all cases.. This may be done within the framework of their existing targeted financial sanctions and/or compliance programmes. Countries should ensure full implementation of Recommendation 7 in any risk scenario. Where there are higher risks, countries should require financial institutions and DNFBPs to take commensurate measures to manage and mitigate the risks. Where the risks are lower, they should ensure that the measures applied are commensurate with the level of risk, while still ensuring full implementation of the targeted financial sanctions as required by Recommendation 7.

Obligations and decisions for countries
ML/TF risks
1. Assessing ML/TF risk - Countries*Where appropriate, AML/CFT risk assessments at a supra-national level should be taken into account when considering whether this obligation is satisfied. should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. take appropriate steps to identify and assess the money laundering and terrorist financing risks for the countryAll references in the FATF Recommendations to country or countries apply equally to territories or jurisdictions., on an ongoing basis and in order to: (i) inform potential changes to the country’s AML/CFT regime, including changes to laws, regulations and other measures; (ii) assist in the allocation and prioritisation of AML/CFT resources by competent authoritiesCompetent authorities refers to all public authorities with designated responsibilities for combating money laundering and/or terrorist financing. In particular, this includes the FIU; the authorities that have the function of investigating and/or prosecuting money laundering, associated predicate offences and terrorist financing, and seizing/freezing and confiscating criminal assets; authorities receiving reports on cross-border transportation of currency & BNIs; and authorities that have AML/CFT supervisory or monitoring responsibilities aimed at ensuring compliance by financial institutions and DNFBPs with AML/CFT requirements. SRBs are not to be regarded as a competent authorities.; and (iii) make information available for AML/CFT risk assessments conducted by financial institutions and DNFBPs. Countries should keep the assessments up-to-date, and should have mechanisms to provide appropriate information on the results to all relevant competent authorities and self-regulatory bodies (SRBs), financial institutions and DNFBPs.
2. Higher risk - Where countries identify higher risks, they should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. ensure that their AML/CFT regime addresses these higher risks, and, without prejudice to any other measures taken by countries to mitigate these higher risks, either prescribe that financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  and DNFBPs take enhanced measures to manage and mitigate the risks, or ensure that this information is incorporated into risk assessments carried out by financial institutions and DNFBPs, in order to manage and mitigate risks appropriately. Where the FATF Recommendations identify higher risk activities for which enhanced or specific measures are required, all such measures must be applied, although the extent of such measures may vary according to the specific level of risk.
3. Lower risk Countries may decide to allow simplified measures for some of the FATF Recommendations requiring financial institutions or DNFBPs to take certain actions, provided that a lower risk has been identified, and this is consistent with the country’s assessment of its money laundering and terrorist financing risks, as referred to in paragraph 3.
  
  Independent of any decision to specify certain lower risk categories in line with the previous paragraph, countries may also allow financial institutions and DNFBPs to apply simplified customer due diligence (CDD) measures, provided that the requirements set out in section B below (“Obligations and decisions for financial institutions and DNFBPs”), and in paragraph 7 below, are met.
4. Exemptions Countries may decide not to apply some of the FATF Recommendations requiring financial institutions or DNFBPs to take certain actions, provided:
  1. there is a proven low risk of money laundering and terrorist financing; this occurs in strictly limited and justified circumstances; and it relates to a particular type of financial institution or activity, or DNFBP; or
  2. a financial activity (other than the transferring of money or value) is carried out by a natural or legal person on an occasional or very limited basis (having regard to quantitative and absolute criteria), such that there is low risk of money laundering and terrorist financing.
  While the information gathered may vary according to the level of risk, the requirements of Recommendation 11 to retain information should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. apply to whatever information is gathered.
5. Supervision and monitoring of risk - Supervisors Supervisors refers to the designated competent authorities or non-public bodies with responsibilities aimed at ensuring compliance by financial institutions (“financial supervisors” 60Including Core Principles supervisors who carry out supervisory functions that are related to the implementation of the FATF Recommendations.) and/or DNFBPs with requirements to combat money laundering and terrorist financing. Non-public bodies (which could include certain types of SRBs) should have the power to supervise and sanction financial institutions or DNFBPs in relation to the AML/CFT requirements. These nonpublic bodies should also be empowered by law to exercise the functions they perform, and be supervised by a competent authority in relation to such functions. (or SRBs for relevant DNFBPs sectors) should ensure that financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  and DNFBPs are effectively implementing the obligations set out below. When carrying out this function, supervisors Supervisors refers to the designated competent authorities or non-public bodies with responsibilities aimed at ensuring compliance by financial institutions (“financial supervisors” 60Including Core Principles supervisors who carry out supervisory functions that are related to the implementation of the FATF Recommendations.) and/or DNFBPs with requirements to combat money laundering and terrorist financing. Non-public bodies (which could include certain types of SRBs) should have the power to supervise and sanction financial institutions or DNFBPs in relation to the AML/CFT requirements. These nonpublic bodies should also be empowered by law to exercise the functions they perform, and be supervised by a competent authority in relation to such functions. and SRBs should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must., as and when required in accordance with the Interpretive Notes to Recommendations 26 and 28, review the money laundering and terrorist financing risk profiles and risk assessments prepared by financial institutions and DNFBPs, and take the result of this review into consideration.
6. Assessing PF risk – Countries*Where appropriate, PF risk assessments at a supra-national level should be taken into account when considering whether this obligation is satisfied. should take appropriate steps to identify and assess the proliferation financing risks for the country, on an ongoing basis and in order to: (i) inform potential changes to the country’s CPF regime, including changes to laws, regulations and other measures; (ii) assist in the allocation and prioritisation of CPF resources by competent authorities; and (iii) make information available for PF risk assessments conducted by financial institutions and DNFBPs. Countries should keep the assessments up-to-date, and should have mechanisms to provide appropriate information on the results to all relevant competent authorities and SRBs, financial institutions and DNFBPs.
7. Mitigating PF risk - Countries should take appropriate steps to manage and mitigate the proliferation financing risks that they identify. Countries should develop an understanding of the means of potential breaches, evasion and non-implementation of targeted financial sanctions present in their countries that can be shared within and across competent authorities and with the private sector. Countries should ensure that financial institutions and DNFBPs take steps to identify circumstances, which may present higher risks and ensure that their CPF regime addresses these risks. Countries should ensure full implementation of Recommendation 7 in any risk scenario. Where there are higher risks, countries should require financial institutions and DNFBPs to take commensurate measures to manage and mitigate these risks. Correspondingly, where the risks are lower, they should ensure that the measures applied are commensurate with the level of risk, while still ensuring full implementation of the targeted financial sanctions as required by Recommendation 7.
Obligations and decisions for financial institutions and DNFBPs
ML/TF risks
1. Assessing MF/TF risks - Financial institutions and DNFBPs should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. be required to take appropriate steps to identify and assess their money laundering and terrorist financing risks (for customers, countries or geographic areas; and products, services, transactions or delivery channels). They should document those assessments in order to be able to demonstrate their basis, keep these assessments up to date, and have appropriate mechanisms to provide risk assessment information to competent authoritiesCompetent authorities refers to all public authorities with designated responsibilities for combating money laundering and/or terrorist financing. In particular, this includes the FIU; the authorities that have the function of investigating and/or prosecuting money laundering, associated predicate offences and terrorist financing, and seizing/freezing and confiscating criminal assets; authorities receiving reports on cross-border transportation of currency & BNIs; and authorities that have AML/CFT supervisory or monitoring responsibilities aimed at ensuring compliance by financial institutions and DNFBPs with AML/CFT requirements. SRBs are not to be regarded as a competent authorities. and SRBs. The nature and extent of any assessment of money laundering and terrorist financing risks should be appropriate to the nature and size of the business. Financial institutions and DNFBPs should always understand their money laundering and terrorist financing risks, but competent authorities or SRBs may determine that individual documented risk assessments are not required, if the specific risks inherent to the sector are clearly identified and understood.
2. Risk management and mitigation - Financial institutions and DNFBPs should be required to have policies, controls and procedures that enable them to manage and mitigate effectively the risks that have been identified (either by the countryAll references in the FATF Recommendations to country or countries apply equally to territories or jurisdictions. or by the financial institution or DNFBP). They should be required to monitor the implementation of those controls and to enhance them, if necessary. The policies, controls and procedures should be approved by senior management, and the measures taken to manage and mitigate the risks (whether higher or lower) should be consistent with national requirements and with guidance from competent authorities and SRBs.
3. Higher risk - Where higher risks are identified financial institutions and DNFBPs should be required to take enhanced measures to manage and mitigate the risks.
4. Lower risk - Where lower risks are identified, countries may allow financial institutions and DNFBPs to take simplified measures to manage and mitigate those risks.
5. When assessing risk, financial institutions and DNFBPs should consider all the relevant risk factors before determining what is the level of overall risk and the appropriate level of mitigation to be applied. Financial institutions and DNFBPs may differentiate the extent of measures, depending on the type and level of risk for the various risk factors (e.g. in a particular situation, they could apply normal CDD for customer acceptance measures, but enhanced CDD for ongoing monitoring, or vice versa).
6. Assessing PF risk - Financial institutions and DNFBPs should be required to take appropriate steps, to identify and assess their proliferation financing risks. This may be done within the framework of their existing targeted financial sanctions and/or compliance programmes. They should document those assessments in order to be able to demonstrate their basis, keep these assessments up to date, and have appropriate mechanisms to provide risk assessment information to competent authorities and SRBs. The nature and extent of any assessment of proliferation financing risks should be appropriate to the nature and size of the business. Financial institutions and DNFBPs should always understand their proliferation financing risks, but competent authorities or SRBs may determine that individual documented risk assessments are not required, if the specific risks inherent to the sector are clearly identified and understood.
7. Mitigating PF risk - Financial institutions and DNFBPs should have policies, controls and procedures to manage and mitigate effectively the risks that have been identified. This may be done within the framework of their existing targeted financial sanctions and/or compliance programmes. They should be required to monitor the implementation of those controls and to enhance them, if necessary. The policies, controls and procedures should be approved by senior management, and the measures taken to manage and mitigate the risks (whether higher or lower) should be consistent with national requirements and with guidance from competent authorities and SRBs. Countries should ensure full implementation of Recommendation 7 in any risk scenario. Where there are higher risks, countries should require financial institutions and DNFBPs to take commensurate measures to manage and mitigate the risks (i.e. introducing enhanced controls aimed at detecting possible breaches, non-implementation or evasion of targeted financial sanctions under Recommendation 7). Correspondingly, where the risks are lower, they should ensure that those measures are commensurate with the level of risk, while still ensuring full implementation of the targeted financial sanctions as required by Recommendation 7.

INTERPRETIVE NOTE TO RECOMMENDATION 2 (NATIONAL COOPERATION AND COORDINATION)

Countries should establish appropriate inter-agency frameworks for co-operation and co-ordination with respect to combating money laundering, terrorist financing and the financing of proliferation. These may be a single framework or different frameworks for ML, TF and PF respectively.
Such frameworks should be led by one or more designated authorities, or another mechanism that is responsible for setting national policies and ensuring co-operation and co-ordination among all the relevant agencies.
Inter-agency frameworks should include the authorities relevant to combating ML, TF and PF. Depending on the national organisation of functions, authorities relevant to such frameworks could include:
1. The competent central government departments (e.g. finance, trade and commerce, home, justice and foreign affairs);
2. Law enforcement, asset recovery and prosecution authorities;
3. Financial intelligence unit;
4. Security and Intelligence agencies;
5. Customs and border authorities;
6. Supervisors and self-regulatory bodies;
7. Tax authorities;
8. Import and export control authorities;
9. Company registries, and where they exist, beneficial ownership registries;
10. Other agencies, as relevant.
Countries should ensure that there are mechanisms in place to permit effective operational co-operation, and where appropriate, co-ordination and timely sharing of relevant information domestically between different competent authorities for operational purposes related to AML, CFT and CPF, both proactive and upon request. These could include: (a) measures to clarify the role, information needs and information sources of each relevant authority; (b) measures to facilitate the timely flow of information among relevant authorities (e.g. standard formats and secure channels), and (c) practical mechanisms to facilitate inter-agency work (e.g. joint teams or shared data platforms).

INTERPRETIVE NOTE TO RECOMMENDATION 3 (MONEY LAUNDERING OFFENCE)

Countries should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. criminalise money laundering on the basis of the United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances, 1988 (the Vienna Convention) and the United Nations Convention against Transnational Organized Crime, 2000 (the Palermo Convention).
Countries should apply the crime of money laundering to all serious offences, with a view to including the widest range of predicate offences. Predicate offences may be described by reference to all offences; or to a threshold linked either to a category of serious offences; or to the penalty of imprisonment applicable to the predicate offence (threshold approach); or to a list of predicate offences; or a combination of these approaches.
Where countries apply a threshold approach, predicate offences should, at a minimum, comprise all offences that fall within the category of serious offences under their national law, or should include offences that are punishable by a maximum penalty of more than one year’s imprisonment, or, for those countries that have a minimum threshold for offences in their legal system, predicate offences should comprise all offences that are punished by a minimum penalty of more than six months imprisonment.
Whichever approach is adopted, each countryAll references in the FATF Recommendations to country or countries apply equally to territories or jurisdictions. should, at a minimum, include a range of offences within each of the designated categories of offences Designated categories of offences means:
- participation in an organised criminal group and racketeering;
- terrorism, including terrorist financing;
- trafficking in human beings and migrant smuggling;
- sexual exploitation, including sexual exploitation of children;
- illicit trafficking in narcotic drugs and psychotropic substances;
- illicit arms trafficking;
- illicit trafficking in stolen and other goods;
- corruption and bribery;
- fraud
- counterfeiting currency;
- counterfeiting and piracy of products;
- environmental crime;
- murder, grievous bodily injury;
- kidnapping, illegal restraint and hostage-taking;
- robbery or theft;
- smuggling; (including in relation to customs and excise duties and taxes);
- tax crimes (related to direct taxes and indirect taxes)
- extortion;
- forgery;
- piracy; and
- insider trading and market manipulation.
When deciding on the range of offences to be covered as predicate offences under each of the categories listed above, each country may decide, in accordance with its domestic law, how it will define those offences and the nature of any particular elements of those offences that make them serious offences.. The offence of money laundering should extend to any type of property Property means assets of every kind, whether corporeal or incorporeal, moveable or immoveable, tangible or intangible, and legal documents or instruments evidencing title to, or interest in such assets., regardless of its value, that directly or indirectly represents the proceeds Proceeds refers to any property derived from or obtained, directly or indirectly, through the commission of an offence. of crime. When proving that property is the proceeds of crime, it should not be necessary that a person be convicted of a predicate offence.
Predicate offences for money laundering should extend to conduct that occurred in another country, which constitutes an offence in that country, and which would have constituted a predicate offence had it occurred domestically. Countries may provide that the only prerequisite is that the conduct would have constituted a predicate offence, had it occurred domestically.
Countries may provide that the offence of money laundering does not apply to persons who committed the predicate offence, where this is required by fundamental principles of their domestic law.
Countries should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. ensure that:
1. The intent and knowledge required to prove the offence of money laundering may be inferred from objective factual circumstances.
2. Effective, proportionate and dissuasive criminal sanctions should apply to natural persons convicted of money laundering.
3. Criminal liability and sanctions, and, where that is not possible (due to fundamental principles of domestic law This refers to the basic legal principles upon which national legal systems are based and which provide a framework within which national laws are made and powers are exercised. These fundamental principles are normally contained or expressed within a national Constitution or similar document, or through decisions of the highest level of court having the power to make binding interpretations or determinations of national law. Although it will vary from country to country, some examples of such fundamental principles include rights of due process, the presumption of innocence, and a person’s right to effective protection by the courts.), civil or administrative liability and sanctions, should apply to legal persons Legal persons refers to any entities other than natural persons that can establish a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, anstalt, partnerships, or associations and other relevantly similar entities.. This should not preclude parallel criminal, civil or administrative proceedings with respect to legal persons in countries in which more than one form of liability is available. Such measures should be without prejudice to the criminal liability of natural persons. All sanctions should be effective, proportionate and dissuasive.
4. There should be appropriate ancillary offences to the offence of money laundering, including participation in, association with or conspiracy to commit, attempt, aiding and abetting, facilitating, and counselling the commission, unless this is not permitted by fundamental principles of domestic law.

INTERPRETIVE NOTE TO RECOMMENDATION 10 (CUSTOMER DUE DILIGENCE)

A.
CUSTOMER DUE DILIGENCE AND TIPPING-OFF
1. If, during the establishment or course of the customer relationship, or when conducting occasional transactions, a financial institution suspects that transactions relate to money laundering or terrorist financing Terrorist financing is the financing of terrorist acts, and of terrorists and terrorist organisations., then the institution should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must.:
  1. normally seek to identify and verify the identity*Reliable, independent source documents, data or information will hereafter be referred to as “identification data” of the customer and the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement., whether permanent or occasional, and irrespective of any exemption or any designated threshold that might otherwise apply; and
  2. make a suspicious transaction report (STR) to the financial intelligence unit (FIU), in accordance with Recommendation 20.
2. Recommendation 21 prohibits financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  , their directors, officers and employees from disclosing the fact that an STR or related information is being reported to the FIU. A risk All references to risk refer to the risk of money laundering and/or terrorist financing. This term should be read in conjunction with the Interpretive Note to Recommendation 1. exists that customers could be unintentionally tipped off when the financial institution is seeking to perform its customer due diligence (CDD) obligations in these circumstances. The customer’s awareness of a possible STR or investigation could compromise future efforts to investigate the suspected money laundering or terrorist financing operation.
3. Therefore, if financial institutions form a suspicion that transactions relate to money laundering or terrorist financing, they should take into account the risk of tipping-off when performing the CDD process. If the institution reasonably believes that performing the CDD process will tip-off the customer or potential customer, it may choose not to pursue that process, and should file an STR. Institutions should ensure that their employees are aware of, and sensitive to, these issues when conducting CDD.
B.
CDD – PERSONS ACTING ON BEHALF OF A CUSTOMER
1. When performing elements (a) and (b) of the CDD measures specified under Recommendation 10, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  should also be required to verify that any person purporting to act on behalf of the customer is so authorised, and should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. identify and verify the identity of that person.
C.
CDD FOR LEGAL PERSONS AND ARRANGEMENTS
1. When performing CDD measures in relation to customers that are legal persons Legal persons refers to any entities other than natural persons that can establish a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, anstalt, partnerships, or associations and other relevantly similar entities. or Legal arrangementsLegal arrangements refers to express trusts or other similar legal arrangements. Examples of other similar arrangements (for AML/CFT purposes) include fiducie, treuhand and fideicomiso.*In these Recommendations references to legal arrangements such as trusts (or other similar arrangements) being the customer of a financial institution or DNFBP or carrying out a transaction, refers to situations where a natural or legal person that is the trustee establishes the business relationship or carries out the transaction on the behalf of the beneficiaries or according to the terms of the trust. The normal CDD requirements for customers that are natural or legal persons would continue to apply, including paragraph 4 of INR.10, but the additional requirements regarding the trust and the beneficial owners of the trust (as defined) would also apply., financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. be required to identify and verify the customer, and understand the nature of its business, and its ownership and control structure. The purpose of the requirements set out in (a) and (b) below, regarding the identification and verification of the customer and the beneficial owner, is twofold: first, to prevent the unlawful use of legal persons Legal persons refers to any entities other than natural persons that can establish a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, anstalt, partnerships, or associations and other relevantly similar entities. and arrangements, by gaining a sufficient understanding of the customer to be able to properly assess the potential money laundering and terrorist financing risks All references to risk refer to the risk of money laundering and/or terrorist financing. This term should be read in conjunction with the Interpretive Note to Recommendation 1. associated with the business relationship; and, second, to take appropriate steps to mitigate the risks. As two aspects of one process, these requirements are likely to interact and complement each other naturally. In this context, financial institutions should be required to:
  1. Identify the customer and verify its identity. The type of information that would normally be needed to perform this function would be:
    1. Name, legal form and proof of existence – verification could be obtained, for example, through a certificate of incorporation, a certificate of good standing, a partnership agreement, a deed of trust, or other documentation from a reliable independent source proving the name, form and current existence of the customer.
    2. The powers that regulate and bind the legal person or arrangement (e.g. the memorandum and articles of association of a company), as well as the names of the relevant persons having a senior management position in the legal person or arrangement (e.g. senior managing directors in a company, trustee The terms trust and trustee should be understood as described in and consistent with Article 2 of the Hague Convention on the law applicable to trusts and their recognition
      Trustees may be professional (e.g. depending on the jurisdiction, a lawyer or trust company) if they are paid to act as a trustee in the course of their business, or non-professional (e.g. a person acting without reward on behalf of family). (s) of a trust).
    3. The address of the registered office, and, if different, a principal place of business.
  2. Identify the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.s of the customer and take reasonable measuresThe term Reasonable Measures means: appropriate measures which are commensurate with the money laundering or terrorist financing risks.*In determining the reasonableness of the identity verification measures, regard should be had to the money laundering and terrorist financing risks posed by the customer and the business relationship. to verify the identity of such persons, through the following information:
    1. For legal persons*Measures (i.i) to (i.iii) are not alternative options, but are cascading measures, with each to be used where the previous measure has been applied and has not identified a beneficial owner.
      
      The identity of the natural persons (if any – as ownership interests can be so diversified that there are no natural persons (whether acting alone or together) exercising control of the legal person or arrangement through ownership) who ultimately have a controlling ownership interest*A controlling ownership interest depends on the ownership structure of the company. It may be based on a threshold, e.g. any person owning more than a certain percentage of the company (e.g. 25%). in a legal person; and
      
      to the extent that there is doubt under (i.i) as to whether the person(s) with the controlling ownership interest are the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.(s) or where no natural person exerts control through ownership interests, the identity of the natural persons (if any) exercising control of the legal person or arrangement through other means.
      
      Where no natural person is identified under (i.i) or (i.ii) above, financial institutions should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. identify and take reasonable measures The term Reasonable Measures means: appropriate measures which are commensurate with the money laundering or terrorist financing risks. to verify the identity of the relevant natural person who holds the position of senior managing official.
    2. For legal arrangements Legal arrangements refers to express trusts or other similar legal arrangements. Examples of other similar arrangements (for AML/CFT purposes) include fiducie, treuhand and fideicomiso.:
      
      Trusts – the identity of the settlor Settlors are natural or legal persons who transfer ownership of their assets to trustees by means of a trust deed or similar arrangement., the trustee(s), the protector (if any), the beneficiaries or class of beneficiaries*For beneficiary(ies) of trusts that are designated by characteristics or by class, financial institutions should obtain sufficient information concerning the beneficiary to satisfy the financial institution that it will be able to establish the identity of the beneficiary at the time of the payout or when the beneficiary intends to exercise vested rights., and any other natural person exercising ultimate effective control over the trust (including through a chain of control/ownership);
      
      Other types of legal arrangements – the identity of persons in equivalent or similar positions.
  Where the customer or the owner of the controlling interest is a company listed on a stock exchange and subject to disclosure requirements (either by stock exchange rules or through law or enforceable means Please refer to the Note on the Legal Basis of requirements on Financial Institutions and DNFBPs.) which impose requirements to ensure adequate transparency of beneficial ownership, or is a majority-owned subsidiary of such a company, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such companies.
  
  The relevant identification data The term identification data refers to reliable, independent source documents, data or information. may be obtained from a public register, from the customer or from other reliable sources.
D.
CDD FOR BENEFICIARIES OF LIFE INSURANCE POLICIES
1. For life or other investment-related insurance business, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  should, in addition to the CDD measures required for the customer and the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement., conduct the following CDD measures on the beneficiary(ies)refers to those natural persons, or groups of natural persons who receive charitable, humanitarian or other types of assistance through the services of the NPO. of life insurance and other investment related insurance policies, as soon as the beneficiary(ies) are identified/designated:
  1. For beneficiary(ies) that are identified as specifically named natural or legal persons Legal persons refers to any entities other than natural persons that can establish a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, anstalt, partnerships, or associations and other relevantly similar entities. or legal arrangements Legal arrangements refers to express trusts or other similar legal arrangements. Examples of other similar arrangements (for AML/CFT purposes) include fiducie, treuhand and fideicomiso. – taking the name of the person;
  2. For beneficiary(ies) that are designated by characteristics or by class (e.g. spouse or children at the time that the insured event occurs) or by other means (e.g. under a will) – obtaining sufficient information concerning the beneficiary to satisfy the financial institution that it will be able to establish the identity of the beneficiary at the time of the payout.
  The information collected under (a) and/or (b) should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. be recorded and maintained in accordance with the provisions of Recommendation 11.
2. For both the cases referred to in 6(a) and (b) above, the verification of the identity of the beneficiary(ies) should occur at the time of the payout.
3. The beneficiary of a life insurance policy should be included as a relevant risk factor by the financial institution in determining whether enhanced CDD measures are applicable. If the financial institution determines that a beneficiary who is a legal person or a legal arrangement presents a higher risk All references to risk refer to the risk of money laundering and/or terrorist financing. This term should be read in conjunction with the Interpretive Note to Recommendation 1., then the enhanced CDD measures should include reasonable measures The term Reasonable Measures means: appropriate measures which are commensurate with the money laundering or terrorist financing risks. to identify and verify the identity of the beneficial owner of the beneficiary, at the time of payout.
4. Where a financial institution is unable to comply with paragraphs 6 to 8 above, it should consider making a suspicious transaction report.
E.
RELIANCE ON IDENTIFICATION AND VERIFICATION ALREADY PERFORMED
1. The CDD measures set out in Recommendation 10 do not imply that financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  have to repeatedly identify and verify the identity of each customer every time that a customer conducts a transaction. An institution is entitled to rely on the identification and verification steps that it has already undertaken, unless it has doubts about the veracity of that information. Examples of situations that might lead an institution to have such doubts could be where there is a suspicion of money laundering in relation to that customer, or where there is a material change in the way that the customer’s account is operated, which is not consistent with the customer’s business profile
F.
TIMING OF VERIFICATION
1. Examples of the types of circumstances (in addition to those referred to above for beneficiaries of life insurance policies) where it would be permissible for verification to be completed after the establishment of the business relationship, because it would be essential not to interrupt the normal conduct of business, include:
  - Non face-to-face business.
  - Securities transactions. In the securities industry, companies and intermediaries may be required to perform transactions very rapidly, according to the market conditions at the time the customer is contacting them, and the performance of the transaction may be required before verification of identity is completed.
2. financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  will also need to adopt risk management procedures with respect to the conditions under which a customer may utilise the business relationship prior to verification. These procedures should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. include a set of measures, such as a limitation of the number, types and/or amount of transactions that can be performed and the monitoring of large or complex transactions being carried out outside the expected norms for that type of relationship.
G.
EXISTING CUSTOMERS
1. Financial institutions should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. be required to apply CDD measures to existing customers*Existing customers as at the date that the national requirements are brought into force. on the basis of materiality and risk, and to conduct due diligence on such existing relationships at appropriate times, taking into account whether and when CDD measures have previously been undertaken and the adequacy of data obtained.
H.
RISK BASED APPROACH*The RBA does not apply to the circumstances when CDD should be required but may be used to determine the extent of such measures.
1. The examples below are not mandatory elements of the FATF Standards, and are included for guidance only. The examples are not intended to be comprehensive, and although they are considered to be helpful indicators, they may not be relevant in all circumstances.
Higher risks
1. There are circumstances where the risk All references to risk refer to the risk of money laundering and/or terrorist financing. This term should be read in conjunction with the Interpretive Note to Recommendation 1. of money laundering or terrorist financing is higher, and enhanced CDD measures have to be taken. When assessing the money laundering and terrorist financing Terrorist financing is the financing of terrorist acts, and of terrorists and terrorist organisations. risks relating to types of customers, countries or geographic areas, and particular products, services, transactions or delivery channels, examples of potentially higher-risk situations (in addition to those set out in Recommendations 12 to 16) include the following:
  1. Customer risk factors:
    - The business relationship is conducted in unusual circumstances (e.g. significant unexplained geographic distance between the financial institution and the customer).
    - Non-resident customers.
    - legal persons Legal persons refers to any entities other than natural persons that can establish a permanent customer relationship with a financial institution or otherwise own property. This can include companies, bodies corporate, foundations, anstalt, partnerships, or associations and other relevantly similar entities. or arrangements that are personal asset-holding vehicles.
    - Companies that have nominee shareholders or shares in bearer form.
    - Business that are cash-intensive.
    - The ownership structure of the company appears unusual or excessively complex given the nature of the company’s business.
  2. Country or geographic risk factors:*Under Recommendation 19 it is mandatory for countries to require financial institutions to apply enhanced due diligence when the FATF calls for such measures to be introduced.
    - Countries identified by credible sources, such as mutual evaluation or detailed assessment reports or published follow-up reports, as not having adequate AML/CFT systems.
    - Countries subject to sanctions, embargos or similar measures issued by, for example, the United Nations.
    - Countries identified by credible sources as having significant levels ofcorruption or other criminal activity Criminal activity refers to: (a) all criminal acts that would constitute a predicate offence for money laundering in the country; or (b) at a minimum to those offences that would constitute a predicate offence as required by Recommendation 3..
    - Countries or geographic areas identified by credible sources as providing funding or support for terrorist activities, or that have designated terrorist organisations The term terrorist organisation refers to any group of terrorists that: (i) commits, or attempts to commit, terrorist acts by any means, directly or indirectly, unlawfully and wilfully; (ii) participates as an accomplice in terrorist acts; (iii) organises or directs others to commit terrorist acts; or (iv) contributes to the commission of terrorist acts by a group of persons acting with a common purpose where the contribution is made intentionally and with the aim of furthering the terrorist act or with the knowledge of the intention of the group to commit a terrorist act. operating within their countryAll references in the FATF Recommendations to country or countries apply equally to territories or jurisdictions..
  3. Product, service, transaction or delivery channel risk factors:
    - Private banking.
    - Anonymous transactions (which may include cash).
    - Non-face-to-face business relationships or transactions.
    - Payment received from unknown or un-associated third parties For the purposes of Recommendations 6 and 7, the term third parties includes, but is not limited to, financial institutions and DNFBPs. Please also refer to the IN to Recommendation 17.
Lower risks
1. There are circumstances where the risk of money laundering or terrorist financing may be lower. In such circumstances, and provided there has been an adequate analysis of the risk by the countryAll references in the FATF Recommendations to country or countries apply equally to territories or jurisdictions. or by the financial institution, it could be reasonable for a country to allow its financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  to apply simplified CDD measures.
2. When assessing the money laundering and terrorist financing risks relating to types of customers, countries or geographic areas, and particular products, services, transactions or delivery channels, examples of potentially lower risk situations include the following:
  1. Customer risk factors:
    - Financial institutions and DNFBPs – where they are subject to requirements to combat money laundering and terrorist financing consistent with the FATF Recommendations, have effectively implemented those requirements, and are effectively supervised or monitored in accordance with the Recommendations to ensure compliance with those requirements.
    - Public companies listed on a stock exchange and subject to disclosure requirements (either by stock exchange rules or through law or enforceable means Please refer to the Note on the Legal Basis of requirements on Financial Institutions and DNFBPs.), which impose requirements to ensure adequate transparency of beneficial ownership.
    - Public administrations or enterprises.
  2. Product, service, transaction or delivery channel risk factors:
    - Life insurance policies where the premium is low (e.g. an annual premium of less than USD/EUR 1,000 or a single premium of less than USD/EUR 2,500).
    - Insurance policies for pension schemes if there is no early surrender optionand the policy cannot be used as collateral.
    - A pension, superannuation or similar scheme that provides retirement benefits to employees, where contributions are made by way of deduction from wages, and the scheme rules do not permit the assignment of a member’s interest under the scheme.
    - Financial products or services that provide appropriately defined and limited services to certain types of customers, so as to increase access for financial inclusion purposes.
  3. Country risk factors:
    - Countries identified by credible sources, such as mutual evaluation or detailed assessment reports, as having effective AML/CFT systems.
    - Countries identified by credible sources as having a low level of corruption or other criminal activity Criminal activity refers to: (a) all criminal acts that would constitute a predicate offence for money laundering in the country; or (b) at a minimum to those offences that would constitute a predicate offence as required by Recommendation 3..
3. Having a lower money laundering and terrorist financing risk for identification and verification purposes does not automatically mean that the same customer is lower risk for all types of CDD measures, in particular for ongoing monitoring of transactions.
Risk variables
1. When assessing the money laundering and terrorist financing risks relating to types of customers, countries or geographic areas, and particular products, services, transactions or delivery channels risk, a financial institution should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. take into account risk variables relating to those risk categories. These variables, either singly or in combination, may increase or decrease the potential risk posed, thus impacting the appropriate level of CDD measures. Examples of such variables include:
  - The purpose of an account or relationship.
  - The level of assets to be deposited by a customer or the size of transactions undertaken.
  - The regularity or duration of the business relationship.
Enhanced CDD measures
1. financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  should examine, as far as reasonably possible, the background and purpose of all complex, unusual large transactions, and all unusual patterns of transactions, which have no apparent economic or lawful purpose. Where the risks of money laundering or terrorist financing are higher, financial institutions should be required to conduct enhanced CDD measures, consistent with the risks identified. In particular, they should increase the degree and nature of monitoring of the business relationship, in order to determine whether those transactions or activities appear unusual or suspicious. Examples of enhanced CDD measures that could be applied for higher-risk business relationships include:
  - Obtaining additional information on the customer (e.g. occupation, volume of assets, information available through public databases, internet, etc.), and updating more regularly the identification data The term identification data refers to reliable, independent source documents, data or information. of customer and beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement..
  - Obtaining additional information on the intended nature of the business relationship.
  - Obtaining information on the source of funds or source of wealth of the customer.
  - Obtaining information on the reasons for intended or performed transactions.
  - Obtaining the approval of senior management to commence or continue the business relationship.
  - Conducting enhanced monitoring of the business relationship, by increasing the number and timing of controls applied, and selecting patterns of transactions that need further examination.
  - Requiring the first payment to be carried out through an account in the customer’s name with a bank subject to similar CDD standards.
Simplified CDD measures
1. Where the risks of money laundering or terrorist financing are lower, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  could be allowed to conduct simplified CDD measures, which should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. take into account the nature of the lower risk. The simplified measures should be commensurate with the lower risk factors (e.g. the simplified measures could relate only to customer acceptance measures or to aspects of ongoing monitoring). Examples of possible measures are:
  - Verifying the identity of the customer and the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement. after the establishment of the business relationship (e.g. if account transactions rise above a defined monetary threshold).
  - Reducing the frequency of customer identification updates.
  - Reducing the degree of on-going monitoring and scrutinising transactions, based on a reasonable monetary threshold.
  - Not collecting specific information or carrying out specific measures to understand the purpose and intended nature of the business relationship, but inferring the purpose and nature from the type of transactions or business relationship established.
  Simplified CDD measures are not acceptable whenever there is a suspicion of money laundering or terrorist financing, or where specific higher-risk scenarios apply.
Thresholds
1. The designated threshold for occasional transactions under Recommendation 10 is USD/EUR 15,000. Financial transactions above the designated threshold include situations where the transaction is carried out in a single operation or in several operations that appear to be linked.
Ongoing due diligence
1. Financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
  1) Acceptance of deposits and other repayable funds from the public.
  2) Lending.
  3) Financial leasing.
  4) Money or value transfer services.
  5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
  6) Financial guarantees and commitments.
  7) Trading in:
  a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
  b) foreign exchange;
  c) exchange, interest rate and index instruments;
  d) transferable securities;
  8) Participation in securities issues and the provision of financial services related to such issues.
  9) Individual and collective portfolio management.
  11) Otherwise investing, administering or managing funds or money on behalf of other persons.
  12) Underwriting and placement of life insurance and other investment related insurance.
  13) Money and currency changing.
  should be required to ensure that documents, data or information collected under the CDD process is kept up-to-date and relevant by undertaking reviews of existing records, particularly for higher-risk categories of customers.

INTERPRETIVE NOTE TO RECOMMENDATION 12 (POLITICALLY EXPOSED PERSONS)

Financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
1) Acceptance of deposits and other repayable funds from the public.
2) Lending.
3) Financial leasing.
4) Money or value transfer services.
5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
6) Financial guarantees and commitments.
7) Trading in:
a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
b) foreign exchange;
c) exchange, interest rate and index instruments;
d) transferable securities;
8) Participation in securities issues and the provision of financial services related to such issues.
9) Individual and collective portfolio management.
11) Otherwise investing, administering or managing funds or money on behalf of other persons.
12) Underwriting and placement of life insurance and other investment related insurance.
13) Money and currency changing.
should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. take reasonable measures The term Reasonable Measures means: appropriate measures which are commensurate with the money laundering or terrorist financing risks. to determine whether the beneficiaries of a life insurance policy and/or, where required, the beneficial ownerBeneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement. of the beneficiaryThe meaning of the term beneficiary in the FATF Recommendations depends on the context:
- In trust law, a beneficiary is the person or persons who are entitled to the benefit of any trust arrangement. A beneficiary can be a natural or legal person or arrangement. All trusts (other than charitable or statutory permitted non-charitable trusts) are required to have ascertainable beneficiaries. While trusts must always have some ultimately ascertainable beneficiary, trusts may have no defined existing beneficiaries but only objects of a power until some person becomes entitled as beneficiary to income or capital on the expiry of a defined period, known as the accumulation period. This period is normally coextensive with the trust perpetuity period which is usually referred to in the trust deed as the trust period.
- In the context of life insurance or another investment linked insurance policy, a beneficiary is the natural or legal person, or a legal arrangement, or category of persons, who will be paid the policy proceeds when/if an insured event occurs, which is covered by the policy.
Please also refer to the Interpretive Notes to Recommendations 10 and 16. are politically exposed persons Foreign PEPs are individuals who are or have been entrusted with prominent public functions by a foreign country, for example Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations, important political party officials.
Domestic PEPs are individuals who are or have been entrusted domestically with prominent public functions, for example Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations, important political party officials.
Persons who are or have been entrusted with a prominent function by an international organisation refers to members of senior management, i.e. directors, deputy directors and members of the board or equivalent functions.
The definition of PEPs is not intended to cover middle ranking or more junior individuals in the foregoing categories.. This should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. occur at the latest at the time of the payout. Where there are higher risks All references to risk refer to the risk of money laundering and/or terrorist financing. This term should be read in conjunction with the Interpretive Note to Recommendation 1. identified, in addition to performing normal CDD measures, financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
1) Acceptance of deposits and other repayable funds from the public.
2) Lending.
3) Financial leasing.
4) Money or value transfer services.
5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
6) Financial guarantees and commitments.
7) Trading in:
a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
b) foreign exchange;
c) exchange, interest rate and index instruments;
d) transferable securities;
8) Participation in securities issues and the provision of financial services related to such issues.
9) Individual and collective portfolio management.
11) Otherwise investing, administering or managing funds or money on behalf of other persons.
12) Underwriting and placement of life insurance and other investment related insurance.
13) Money and currency changing.
should be required to:

inform senior management before the payout of the policy proceeds; and
conduct enhanced scrutiny on the whole business relationship with the policyholder, and consider making a suspicious transaction report.

INTERPRETIVE NOTE TO RECOMMENDATION 13 (CORRESPONDENT BANKING)

The similar relationships to which financial institutions Financial institutions means any natural or legal person who conducts as abusiness one or more of the following activities or operations for or on behalf of a customer:
1) Acceptance of deposits and other repayable funds from the public.
2) Lending.
3) Financial leasing.
4) Money or value transfer services.
5) Issuing and managing means of payment (e.g. credit and debit cards,cheques, traveller's cheques, money orders and bankers' drafts, electronic money).
6) Financial guarantees and commitments.
7) Trading in:
a) money market instruments (cheques, bills, certificates of deposit, derivatives etc.);
b) foreign exchange;
c) exchange, interest rate and index instruments;
d) transferable securities;
8) Participation in securities issues and the provision of financial services related to such issues.
9) Individual and collective portfolio management.
11) Otherwise investing, administering or managing funds or money on behalf of other persons.
12) Underwriting and placement of life insurance and other investment related insurance.
13) Money and currency changing.
should For the purposes of assessing compliance with the FATF Recommendations, the word should has the same meaning as must. apply criteria (a) to (e) include, for example those established for securities transactions or funds transfers, whether for the cross-border financial institution as principal or for its customers.

The term payable-through accountsReferences to "accounts" should be read as including other similar business relationships between financial institutions and their customers. refers to correspondent accountsReferences to "accounts" should be read as including other similar business relationships between financial institutions and their customers. that are used directly by third parties For the purposes of Recommendations 6 and 7, the term third parties includes, but is not limited to, financial institutions and DNFBPs. Please also refer to the IN to Recommendation 17. to transact business on their own behalf.