FATF Methodology for AML/CFT Compliance Assessment 2013 PDF

Methodology FOR ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS Updated June 2023 The Financial Action Task Force (FATF) is an independent inter-governmental body that develops and promotes policies to protect the global financial system against money laundering, terrorist financing and the financing of proliferation of weapons of mass destruction. The FATF Recommendations are recognised as the global anti-money laundering (AML) and counter-terrorist financing (CFT) standard. For more information about the FATF, please visit www.fatf-gafi.org This document and/or any map included herein are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. Citing reference: FATF (2013-2023), Methodology for Assessing Compliance with the FATF Recommendations and the Effectiveness of AML/CFT Systems, updated June 2023, FATF, Paris, France, http://www.fatf-gafi.org/publications/mutualevaluations/documents/fatf-methodology.html © 2013-2023 FATF/OECD. All rights reserved. No reproduction or translation of this publication may be made without prior written permission. Applications for such permission, for all or part of this publication, should be made to the FATF Secretariat, 2 rue André Pascal 75775 Paris Cedex 16, France (fax: +33 1 44 30 61 37 or e-mail: [email protected]) METHODOLOGY FOR ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS ADOPTED IN FEBRUARY 2013 Updated June 2023 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 2 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS TABLE OF ACRONYMS..............................................................................................................................4 INTRODUCTION...........................................................................................................................................5 TECHNICAL COMPLIANCE.....................................................................................................................12 EFFECTIVENESS........................................................................................................................................15 TECHNICAL COMPLIANCE ASSESSMENT...........................................................................................23 EFFECTIVENESS ASSESSMENT..............................................................................................................96 ANNEX I SUPRA-NATIONAL ASSESSMENT.....................................................................................128 ANNEX II MUTUAL EVALUATION REPORT TEMPLATE...............................................................129 ANNEX III FATF GUIDANCE DOCUMENTS.......................................................................................170 LEGAL BASIS OF REQUIREMENTS ON FINANCIAL INSTITUTIONS AND DNFBPS AND VASPS.....................................................................................................................................................................173 GENERAL GLOSSARY............................................................................................................................175 INFORMATION ON UPDATES MADE TO THE FATF METHODOLOGY.........................................190 TABLE OF CONTENTS 3 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS TABLE OF ACRONYMS AML/CFT Anti-Money Laundering / Countering the Financing of Terrorism (also used for Combating the financing of terrorism) BNI Bearer-Negotiable Instrument CDD Customer Due Diligence CFT Countering the financing of terrorism DNFBP Designated Non-Financial Business or Profession FATF Financial Action Task Force FIU Financial Intelligence Unit IO Immediate Outcome IN Interpretive Note ML Money Laundering MOU Memorandum of Understanding MVTS Money or Value Transfer Service(s) NPO Non-Profit Organisation Palermo Convention The United Nations Convention against Transnational Organized Crime 2000 PEP Politically Exposed Person R. Recommendation RBA Risk-Based Approach SRB Self-Regulating Bodies STR Suspicious Transaction Report TCSP Trust and Company Service Provider Terrorist Financing The International Convention for the Suppression of the Financing Convention of Terrorism 1999 TF Terrorist Financing UN United Nations UNSCR United Nations Security Council Resolutions VASP Virtual Asset Service Provider Vienna Convention The United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances 1988 4 ACRONYMS METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS INTRODUCTION 1. This document provides the basis for undertaking assessments of technical compliance with the revised FATF Recommendations, adopted in February 2012, and for reviewing the level of effectiveness of a country’s Anti-Money Laundering / Countering the Financing of Terrorism (AML/CFT) system. It consists of three sections. This first section is an introduction, giving an overview of the assessment Methodology 1, its background, and how it will be used in evaluations/assessments. The second section sets out the criteria for assessing technical compliance with each of the FATF Recommendations. The third section sets out the outcomes, indicators, data and other factors used to assess the effectiveness of the implementation of the FATF Recommendations. The processes and procedures for Mutual Evaluations are set out in a separate document. 2. For its 4th round of mutual evaluations, the FATF has adopted complementary approaches for assessing technical compliance with the FATF Recommendations, and for assessing whether and how the AML/CFT system is effective. Therefore, the Methodology comprises two components: The technical compliance assessment addresses the specific requirements of the FATF Recommendations, principally as they relate to the relevant legal and institutional framework of the country, and the powers and procedures of the competent authorities. These represent the fundamental building blocks of an AML/CFT system. The effectiveness assessment differs fundamentally from the assessment of technical compliance. It seeks to assess the adequacy of the implementation of the FATF Recommendations, and identifies the extent to which a country achieves a defined set of outcomes that are central to a robust AML/CFT system. The focus of the effectiveness assessment is therefore on the extent to which the legal and institutional framework is producing the expected results. 3. Together, the assessments of both technical compliance and effectiveness will present an integrated analysis of the extent to which the country is compliant with the FATF Standards and how successful it is in maintaining a strong AML/CFT system, as required by the FATF Recommendations. 4. This Methodology is designed to assist assessors when they are conducting an assessment of a country’s compliance with the international AML/CFT standards. It reflects the requirements set out in the FATF Recommendations and Interpretive Notes, which constitute the international standard to combat money laundering and the financing of terrorism and proliferation, but does not amend or override them. It will assist assessors in identifying the systems and mechanisms developed by countries with diverse legal, regulatory and financial frameworks in order to implement effective AML/CFT systems; and is also useful for countries that are reviewing their own systems, including in 1 The terms “assessment”, “evaluation” and their derivatives are used throughout this document, and refer to both mutual evaluations undertaken by the FATF and FSRBs and third-party assessments ( i.e. assessments undertaken by the IMF and World Bank). INTRODUCTION 5 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS relation to technical assistance needs. This Methodology is also informed by the experience of the FATF, the FATF-style regional bodies (FSRBs), the International Monetary Fund and the World Bank in conducting assessments of compliance with earlier versions of the FATF Recommendations. RISK AND CONTEXT 5. The starting point for every assessment is the assessors’ initial understanding of the country’s risks and context, in the widest sense, and elements which contribute to them. This includes: the nature and extent of the money laundering and terrorist financing risks ; the circumstances of the country, which affect the materiality of different Recommendations (e.g., the makeup of its economy and its financial sector); structural elements which underpin the AML/CFT system; and other contextual factors which could influence the way AML/CFT measures are implemented and how effective they are. 6. The ML/TF risks are critically relevant to evaluating technical compliance with Recommendation 1 and the risk-based elements of other Recommendations, and to assess effectiveness. Assessors should consider the nature and extent of the money laundering and terrorist financing risk factors to the country at the outset of the assessment, and throughout the assessment process. Relevant factors can include the level and type of proceeds-generating crime in the country; the terrorist groups active or raising funds in the country; exposure to cross-border flows of criminal or illicit assets. 7. Assessors should use the country’s own assessment(s) of its risks as an initial basis for understanding the risks, but should not uncritically accept a country’s risk assessment as correct, and need not follow all its conclusions. Assessors should also note the guidance in paragraph 16, below on how to evaluate risk assessments in the context of Recommendation 1 and Immediate Outcome 1. There may be cases where assessors cannot conclude that the country’s assessment is reasonable, or where the country’s assessment is insufficient or non-existent. In such situations, they should consult closely with the national authorities to try to reach a common understanding of what are the key risks within the jurisdiction. If there is no agreement, or if they cannot conclude that the country’s assessment is reasonable, then assessors should clearly explain any differences of understanding, and their reasoning on these, in the Mutual Evaluation Report (MER); and should use their understanding of the risks as a basis for assessing the other risk-based elements (e.g. risk-based supervision). 8. Assessors should also consider issues of materiality, including, for example, the relative importance of different parts of the financial sector and different DNFBPs; the size, integration and make-up of the financial sector; the relative importance of different types of financial products or institutions; the amount of business which is domestic or cross-border; the extent to which the economy is cash-based; and estimates of the size of the informal sector and/or shadow economy. Assessors should also be aware of population size, the country’s level of development, geographical factors, and trading or cultural links. Assessors should consider the relative importance of different sectors and issues in the assessment of both technical compliance and of effectiveness. The most important and relevant issues to the country should be given more weight when determining ratings 6 INTRODUCTION METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS for technical compliance, and more attention should be given to the most important areas when assessing effectiveness, as set out below. 9. An effective AML/CFT system normally requires certain structural elements to be in place, for example: political stability; a high-level commitment to address AML/CFT issues; stable institutions with accountability, integrity, and transparency; the rule of law; and a capable, independent and efficient judicial system. The lack of such structural elements, or significant weaknesses and shortcomings in the general framework, may significantly hinder the implementation of an effective AML/CFT framework; and, where assessors identify a lack of compliance or effectiveness, missing structural elements may be a reason for this and should be identified in the MER, where relevant. 10. Other contextual factors that might significantly influence the effectiveness of a country’s AML/CFT measures include the maturity and sophistication of the regulatory and supervisory regime in the country; the level of corruption and the impact of measures to combat corruption; or the level of financial exclusion. Such factors may affect the ML/FT risks and increase or reduce the effectiveness of AML/CFT measures. 11. Assessors should consider the contextual factors above, including the risks, issues of materiality, structural elements, and other contextual factors, to reach a general understanding of the context in which the country’s AML/CFT system operates. These factors may influence which issues assessors consider to be material or higher-risk, and consequently will help assessors determine where to focus their attention in the course of an assessment. Some particularly relevant contextual factors are noted in the context of individual immediate outcomes addressed in the effectiveness component of this Methodology. Assessors should be cautious regarding the information used when considering how these risk and contextual factors might affect a country’s evaluation, particularly in cases where they materially affect the conclusions. Assessors should take the country’s views into account, but should review them critically, and should also refer to other credible or reliable sources of information (e.g. from international institutions or major authoritative publications), preferably using multiple sources. Based on these elements the assessors should make their own judgement of the context in which the country’s AML/CFT system operates, and should make this analysis clear and explicit in the MER. 12. Risk, materiality, and structural or contextual factors may in some cases explain why a country is compliant or non-compliant, or why a country’s level of effectiveness is higher or lower than might be expected, on the basis of the country’s level of technical compliance. These factors may be an important part of the explanation why the country is performing well or poorly, and an important element of assessors’ recommendations about how effectiveness can be improved. Ratings of both technical compliance and effectiveness are judged on a universal standard applied to all countries. An unfavourable context (e.g., where there are missing structural elements), may undermine compliance and effectiveness. However, risks and materiality, and structural or other contextual factors should not be an excuse for poor or uneven implementation of the FATF standards. Assessors should make clear in the MER which factors they have taken into account; why and how they have done so, and the information sources used when considering them. INTRODUCTION 7 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS GENERAL INTERPRETATION AND GUIDANCE 13. A full set of definitions from the FATF Recommendations are included in the Glossary which accompanies the Recommendations. Assessors should also take note of the following guidance on other points of general interpretation, which is important to ensure consistency of approach. 14. Financial Institutions –Assessors should have a thorough understanding of the types of entities that engage in the financial activities referred to in the glossary definition of financial institutions. It is important to note that such activities may be undertaken by institutions with different generic names (e.g., “bank”) in different countries, and that assessors should focus on the activity, not the names attached to the institutions. 15. VASPs and virtual assets - Assessors should also have a thorough understanding of the financial institutions, DNFBPs and VASPs that engage in covered activities under the Glossary definition of virtual asset service provider. In particular, assessors should note that the requirements of the FATF Standards relating to virtual assets and associated providers are applied by Recommendation 15 (“New Technologies”). INR.15 explicitly confirms that the FATF Definitions of property, proceeds, funds, funds or other assets or other corresponding value in the Glossary include Virtual Assets. Assessors should bear this in mind when assessing any Recommendations (for technical compliance) or related Immediate Outcomes (for effectiveness) using those terms. 2 See the Note to Assessors in R.15 for more detailed guidance. 16. Evaluating the country’s Assessment of risk – Assessors are not expected to conduct an independent risk assessment of their own when assessing Recommendation1 and Immediate Outcome 1, but on the other hand should not necessarily accept a country’s risk assessment as correct. In reviewing the country’s risk assessment, assessors should consider the rigour of the processes and procedures employed; and the internal consistency of the assessment (i.e. whether the conclusions are reasonable given the information and analysis used). Assessors should focus on high-level issues, not fine details, and should take a common-sense approach to whether the results are reasonable. Where relevant and appropriate, assessors should also consider other credible or reliable sources of information on the country’s risks, in order to identify whether there might be any material differences that should be explored further. Where the assessment team considers the country’s assessment of the risks to be reasonable the risk-based elements of the Methodology could be considered on the basis of it. 17. When assessing Recommendation 1, assessors should concentrate their analysis on the following elements: (1) processes and mechanisms in place to produce and coordinate the risk 2 The terms property, proceeds, funds, funds or other assets and/or corresponding value are used in R.3 (criteria 3.4 and 3.5), R.4 (criteria 4.1, 4.2 and 4.4), R.5 (criteria 5.2, 5.3 and 5.4), R.6 (criteria 6.5, 6.6 and 6.7), R.7 (criteria 7.2, 7.4 and 7.5), R.8 (criteria 8.1 and 8.5), R.10 (criteria 10.7), R.12 (criterion 12.1), R.20 (criterion 20.1), R.29 (criterion 29.4), R.30 (criteria 30.2, 30.3 and 30.5), R.33 (criterion 33.1), R.38 (criteria 38.1, 38.3 and 38.4) and R.40 (criterion 40.17). The words virtual assets need not appear or be explicitly included in legislation referring or defining those terms, provided that there is nothing on the face of the legislation or in case law that would preclude virtual assets from falling within the definition of these terms. 8 INTRODUCTION METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS assessment(s); (2) the reasonableness of the risk assessment(s); and, (3) the alignment of risk-based measures with the risks identified (e.g., exemptions, higher or lower risks situations). 18. When assessing Immediate Outcome 1, assessors, based on their views of the reasonableness of the assessment(s) of risks, should focus on how well the competent authorities use their understanding of the risks in practice to inform policy development and activities to mitigate the risks. 19. Risk-based requirements - For each Recommendation where financial institutions and Designated Non-Financial Businesses or Professions (DNFBPs) should be required to take certain actions, assessors should normally assess compliance on the basis that all financial institutions and DNFBPs should have to meet all the specified requirements. However, an important consideration underlying the FATF Recommendations is the degree of risk of money laundering or terrorist financing for particular types of institutions, businesses or professions, or for particular customers, products, transactions, or countries. A country may, therefore, take risk into account in the application of the Recommendations (e.g., in the application of simplified measures), and assessors will need to take the risks, and the flexibility allowed by the risk-based approach, into account when determining whether there are deficiencies in a country’s preventive measures, and their importance. Where the FATF Recommendations identify higher risk activities for which enhanced or specific measures are required, all such measures must be applied, although the extent of such measures may vary according to the specific level of risk. 20. Exemptions for low-risk situations – Where there is a low risk of money laundering and terrorist financing, countries may decide not to apply some of the Recommendations requiring financial institutions and DNFBPs to take certain actions. In such cases, countries should provide assessors with the evidence and analysis which was the basis for the decision not to apply the Recommendations. 21. Requirements for financial institutions, DNFBPs, VASPs and countries - The FATF Recommendations state that financial institutions, DNFBPs and VASPs “should” or “should be required to” take certain actions, or that countries “should ensure” that certain actions are taken by financial institutions, DNFBPs, VASPs or other entities or persons. In order to use one consistent phrase, the relevant criteria in this Methodology use the phrase “Financial institutions (DNFBPs and VASPs) should be required”. 22. Law or enforceable means – The note on the Legal basis of requirements on financial institutions, DNFBPs and VASPs (at the end of the Interpretive Notes to the FATF Recommendations) sets out the required legal basis for enacting the relevant requirements. Assessors should consider whether the mechanisms used to implement a given requirement qualify as an enforceable means on the basis set out in that note. Assessors should be aware that Recommendations 10, 11, and 20 contain requirements which must be set out in law, while other requirements may be set out in either law or enforceable means. It is possible that types of documents or measures which are not considered to be enforceable means may nevertheless help contribute to effectiveness, and may, therefore, be considered in the context of effectiveness analysis, without counting towards meeting requirements of technical compliance (e.g., voluntary codes of conduct issued by private sector bodies or non- binding guidance by a supervisory authority). INTRODUCTION 9 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 23. Assessment for DNFBPs – Under Recommendations 22, 23 and 28 (and specific elements of Recommendations 6 and 7), DNFBPs and the relevant supervisory (or self-regulatory) bodies are required to take certain actions. Technical compliance with these requirements should only be assessed under these specific Recommendations and should not be carried forward into other Recommendations relating to financial institutions. However, the assessment of effectiveness should take account of both financial institutions and DNFBPs when examining the relevant outcomes. 24. Financing of Proliferation – The requirements of the FATF Standard relating to the financing of proliferation are limited to Recommendation 7 (“Targeted Financial Sanctions”), Recommendation 15 (“New Technologies”) and Recommendation 2 (“National Co-operation and Co-ordination”). In the context of the effectiveness assessment, all requirements relating to the financing of proliferation are included within Outcome 11, except those on national co-operation and co-ordination, which are included in Immediate Outcome 1. Issues relating to the financing of proliferation should be considered in those places only, and not in other parts of the assessment. 25. National, supra-national and sub-national measures - In some countries, AML/CFT issues are addressed not just at the level of the national government, but also at state/province or local levels. When assessments are being conducted, appropriate steps should be taken to ensure that AML/CFT measures at the state/provincial level are also adequately considered. Equally, assessors should take into account and refer to supra-national laws or regulations that apply to a country. Annex I sets out the specific Recommendations that may be assessed on a supra-national basis. 26. Financial Supervision – Laws and enforceable means that impose preventive AML/CFT requirements upon the banking, insurance, and securities sectors should be implemented and enforced through the supervisory process. In these sectors, the relevant core supervisory principles issued by the Basel Committee, IAIS, and IOSCO should also be adhered to. For certain issues, these supervisory principles will overlap with or be complementary to the requirements set out in the FATF standards. Assessors should be aware of, and have regard to, any assessments or findings made with respect to the Core Principles, or to other relevant principles or standards issued by the supervisory standard-setting bodies. For other types of financial institutions, it will vary from country to country as to whether these laws and obligations are implemented and enforced through a regulatory or supervisory framework, or by other means. 27. Sanctions – Several Recommendations require countries to have “effective, proportionate, and dissuasive sanctions” for failure to comply with AML/CFT requirements. Different elements of these requirements are assessed in the context of technical compliance and of effectiveness. In the technical compliance assessment, assessors should consider whether the country’s framework of laws and enforceable means includes a sufficient range of sanctions that they can be applied proportionately to greater or lesser breaches of the requirements 3. In the effectiveness assessment, assessors should 3 Examples of types of sanctions include: written warnings; orders to comply with specific instructions (possibly accompanied with daily fines for non-compliance); ordering regular reports from the institution on the measures it is taking; fines for non-compliance; barring individuals from employment within that sector; replacing or restricting the powers of managers, directors, and controlling owners; imposing conservatorship or suspension or withdrawal of the license; or criminal penalties where permitted. 10 INTRODUCTION METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS consider whether the sanctions applied in practice are effective at ensuring future compliance by the sanctioned institution; and dissuasive of non-compliance by others. 28. International Co-operation – In this Methodology, international co-operation is assessed in specific Recommendations and Immediate Outcomes (principally Recommendations 36-40 and Immediate Outcome 2). Assessors should also be aware of the impact that a country’s ability and willingness to engage in international co-operation may have on other Recommendations and Immediate Outcomes (e.g., on the investigation of crimes with a cross-border element or the supervision of international groups), and set out clearly any instances where compliance or effectiveness is positively or negatively affected by international co-operation. 29. Draft legislation and proposals – Assessors should only take into account relevant laws, regulations or other AML/CFT measures that are in force and effect by the end of the on-site visit to the country. Where bills or other specific proposals to amend the system are made available to assessors, these may be referred to in the report, but should not be taken into account in the conclusions of the assessment or for ratings purposes. 30. FATF Guidance - assessors may also consider FATF Guidance as background information on how countries can implement specific requirements. A full list of FATF Guidance is included as an annex to this document. Such guidance may help assessors understand the practicalities of implementing the FATF Recommendations, but the application of the guidance should not form part of the assessment. INTRODUCTION 11 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS TECHNICAL COMPLIANCE 31. The technical compliance component of the Methodology refers to the implementation of the specific requirements of the FATF Recommendations, including the framework of laws and enforceable means; and the existence, powers and procedures of competent authorities. For the most part, it does not include the specific requirements of the standards that relate principally to effectiveness. These are assessed separately, through the effectiveness component of the Methodology. 32. The FATF Recommendations, being the recognised international standards, are applicable to all countries. However, assessors should be aware that the legislative, institutional and supervisory framework for AML/CFT may differ from one country to the next. Provided the FATF Recommendations are complied with, countries are entitled to implement the FATF Standards 4 in a manner consistent with their national legislative and institutional systems, even though the methods by which compliance is achieved may differ. In this regard, assessors should be aware of the risks, and the structural or contextual factors for the country. 33. The technical compliance component of the Methodology sets out the specific requirements of each Recommendation as a list of criteria, which represent those elements that should be present in order to demonstrate full compliance with the mandatory elements of the Recommendations. Criteria to be assessed are numbered sequentially for each Recommendation, but the sequence of criteria does not represent any priority or order of importance. In some cases, elaboration (indented below the criteria) is provided in order to assist in identifying important aspects of the assessment of the criteria. For criteria with such elaboration, assessors should review whether each of the elements is present, in order to judge whether the criterion as a whole is met. COMPLIANCE RATINGS 34. For each Recommendation assessors should reach a conclusion about the extent to which a country complies (or not) with the standard. There are four possible levels of compliance: compliant, largely compliant, partially compliant, and non-compliant. In exceptional circumstances, a Recommendation may also be rated as not applicable. These ratings are based only on the criteria specified in the technical compliance assessment, and are as follows: 4 The FATF Standards comprise the FATF Recommendations and their Interpretive Notes. 12 TECHNICAL COMPLIANCE METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS Technical compliance ratings Compliant C There are no shortcomings. Largely compliant LC There are only minor shortcomings. Partially compliant PC There are moderate shortcomings. Non-compliant NC There are major shortcomings. Not applicable NA A requirement does not apply, due to the structural, legal or institutional features of a country. When deciding on the level of shortcomings for any Recommendation, assessors should consider, having regard to the country context, the number and the relative importance of the criteria met or not met. 35. It is essential to note that it is the responsibility of the assessed country to demonstrate that its AML/CFT system is compliant with the Recommendations. In determining the level of compliance for each Recommendation, the assessor should not only assess whether laws and enforceable means are compliant with the FATF Recommendations, but should also assess whether the institutional framework is in place. 36. Weighting – The individual criteria used to assess each Recommendation do not all have equal importance, and the number of criteria met is not always an indication of the overall level of compliance with each Recommendation. When deciding on the rating for each Recommendation, assessors should consider the relative importance of the criteria in the context of the country. Assessors should consider how significant any deficiencies are given the country’s risk profile and other structural and contextual information (e.g., for a higher risk area or a large part of the financial sector). In some cases a single deficiency may be sufficiently important to justify an NC rating, even if other criteria are met. Conversely a deficiency in relation to a low risk or little used types of financial activity may have only a minor effect on the overall rating for a Recommendation. 37. Overlaps between Recommendations – In many cases the same underlying deficiency will have a cascading effect on the assessment of several different Recommendations. For example: a deficient risk assessment could undermine risk-based measures throughout the AML/CFT system; or a failure to apply AML/CFT regulations to a particular type of financial institution or DNFBP could affect the assessment of all Recommendations which apply to financial institutions or DNFBPs. When considering ratings in such cases, assessors should reflect the deficiency in the factors underlying the rating for each applicable Recommendation, and, if appropriate, mark the rating accordingly. They should also clearly indicate in the MER that the same underlying cause is involved in all relevant Recommendations. 38. Comparison with previous ratings - Due to the revision and consolidation of the FATF Recommendations and Special Recommendations in 2012, and the introduction of separate TECHNICAL COMPLIANCE 13 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS assessments for technical compliance and effectiveness, the ratings given under this Methodology will not be directly comparable with ratings given under the 2004 Methodology. 14 TECHNICAL COMPLIANCE METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS EFFECTIVENESS 39. The assessment of the effectiveness of a country’s AML/CFT system is equally as important as the assessment of technical compliance with the FATF standards. Assessing effectiveness is intended to: (a) improve the FATF’s focus on outcomes; (b) identify the extent to which the national AML/CFT system is achieving the objectives of the FATF standards, and identify any systemic weaknesses; and (c) enable countries to prioritise measures to improve their system. For the purposes of this Methodology, effectiveness is defined as “The extent to which the defined outcomes are achieved”. 40. In the AML/CFT context, effectiveness is the extent to which financial systems and economies mitigate the risks and threats of money laundering, and financing of terrorism and proliferation. This could be in relation to the intended result of a given (a) policy, law, or enforceable means; (b) programme of law enforcement, supervision, or intelligence activity; or (c) implementation of a specific set of measures to mitigate the money laundering and financing of terrorism risks, and combat the financing of proliferation. 41. The goal of an assessment of effectiveness is to provide an appreciation of the whole of the country’s AML/CFT system and how well it works. Assessing effectiveness is based on a fundamentally different approach to assessing technical compliance with the Recommendations. It does not involve checking whether specific requirements are met, or that all elements of a given Recommendation are in place. Instead, it requires a judgement as to whether, or to what extent defined outcomes are being achieved, i.e. whether the key objectives of an AML/CFT system, in line with the FATF Standards, are being effectively met in practice The assessment process is reliant on the judgement of assessors, who will work in consultation with the assessed country. 42. It is essential to note that it is the responsibility of the assessed country to demonstrate that its AML/CFT system is effective. If the evidence is not made available, assessors can only conclude that the system is not effective. THE FRAMEWORK FOR ASSESSING EFFECTIVENESS 43. For its assessment of effectiveness, the FATF has adopted an approach focusing on a hierarchy of defined outcomes. At the highest level, the objective in implementing AML/CFT measures is that “Financial systems and the broader economy are protected from the threats of money laundering and the financing of terrorism and proliferation, thereby strengthening financial sector integrity and contributing to safety and security”. In order to give the right balance between an overall understanding of the effectiveness of a country’s AML/CFT system, and a detailed appreciation of how well its component parts are operating, the FATF assesses effectiveness primarily on the basis of eleven Immediate Outcomes. Each of these represents one of the key goals which an effective AML/CFT system should achieve, and they feed into three Intermediate Outcomes which represent the major thematic goals of AML/CFT measures. This approach does not seek to assess directly the effectiveness with which a country is implementing individual Recommendations; or the performance of specific organisations, or institutions. Assessors are not expected to evaluate directly the High-Level Objective EFFECTIVENESS 15 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS or Intermediate Outcomes, though these could be relevant when preparing the written MER and summarising the country’s overall effectiveness in general terms. 44. The relation between the High-Level Objective, the Intermediate Outcomes, and the Immediate Outcomes, is set out in the diagram below: High-Level Objective: Financial systems and the broader economy are protected from the threats of money laundering and the financing of terrorism and proliferation, thereby strengthening financial sector integrity and contributing to safety and security. Intermediate Outcomes: Immediate Outcomes: 1 Money laundering and terrorist financing risks are understood and, where appropriate, actions coordinated domestically to combat money laundering and the financing of terrorism and Policy, coordination and cooperation proliferation. mitigate the money laundering and financing of terrorism risks. 2 International cooperation delivers appropriate information, financial intelligence, and evidence, and facilitates action against criminals and their assets. 3 Supervisors appropriately supervise, monitor and regulate financial institutions, DNFBPs and VASPs for compliance with AML/CFT requirements commensurate with their risks. Proceeds of crime and funds in support 4 Financial institutions, DNFBPs and VASPs adequately apply AML/CFT of terrorism are prevented from preventive measures commensurate with their risks, and report entering the financial and other sectors suspicious transactions. or are detected and reported by these sectors. 5 Legal persons and arrangements are prevented from misuse for money laundering or terrorist financing, and information on their beneficial ownership is available to competent authorities without impediments. 6 Financial intelligence and all other relevant information are appropriately used by competent authorities for money laundering and terrorist financing investigations. 7 Money laundering offences and activities are investigated and offenders are prosecuted and subject to effective, proportionate Money laundering threats are detected and dissuasive sanctions. and disrupted, and criminals are sanctioned and deprived of illicit 8 Proceeds and instrumentalities of crime are confiscated. proceeds. Terrorist financing threats 9 Terrorist financing offences and activities are investigated and are detected and disrupted, terrorists persons who finance terrorism are prosecuted and subject to are deprived of resources, and those effective, proportionate and dissuasive sanctions. who finance terrorism are sanctioned, thereby contributing to the prevention 10 Terrorists, terrorist organisations and terrorist financiers are of terrorist acts. prevented from raising, moving and using funds, and from abusing the NPO sector. 11 Persons and entities involved in the proliferation of weapons of mass destruction are prevented from raising, moving and using funds, consistent with the relevant UNSCRs. 16 EFFECTIVENESS METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS SCOPING 45. Assessors must assess all eleven of the Immediate Outcomes. However, prior to the on-site visit, assessors should conduct a scoping exercise, in consultation with the assessed country, which should take account of the risks and other factors set out in paragraphs 5 to 10 above. Assessors should, in consultation with the assessed country, identify the higher risk issues, which should be examined in more detail in the course of the assessment and reflected in the final report. They should also seek to identify areas of lower/low risk, which may not need to be examined in the same level of detail. As the assessment continues, assessors should continue to engage the country and review their scoping based on their initial findings about effectiveness, with a view to focusing their attention on the areas where there is greatest scope to improve effectiveness in addressing the key ML/TF risks. LINKS TO TECHNICAL COMPLIANCE 46. The country’s level of technical compliance contributes to the assessment of effectiveness. Assessors should consider the level of technical compliance as part of their scoping exercise. The assessment of technical compliance reviews whether the legal and institutional foundations of an effective AML/CFT system are present. It is unlikely that a country that is assessed to have a low level of compliance with the technical aspects of the FATF Recommendations will have an effective AML/CFT system (though it cannot be taken for granted that a technically compliant country will also be effective). In many cases, the main reason for poor effectiveness will be serious deficiencies in implementing the technical elements of the Recommendations. 47. In the course of assessing effectiveness, assessors should also consider the impact of technical compliance with the relevant Recommendations when explaining why the country is (or is not) effective and making recommendations to improve effectiveness. There may in exceptional circumstances be situations in which assessors conclude that there is a low level of technical compliance but nevertheless a certain level of effectiveness (e.g., as a result of specific country circumstances, including low risks or other structural, material or contextual factors; particularities of the country’s laws and institutions; or if the country applies compensatory AML/CFT measures which are not required by the FATF Recommendations). Assessors should pay particular attention to such cases in the MER, and must fully justify their decision, explaining in detail the basis and the specific reasons for their conclusions on effectiveness, despite lower levels of technical compliance. USING THE EFFECTIVENESS METHODOLOGY 48. An assessment of effectiveness should consider each of the eleven Immediate Outcomes individually, but does not directly focus on the Intermediate or High-Level Outcomes. For each of the Immediate Outcomes, there are two overarching questions which assessors should try to answer: To what extent is the outcome being achieved? Assessors should assess whether the country is effective in relation to that outcome (i.e. whether the country is achieving the results expected of a well-performing AML/CFT system). They should base their conclusions principally on the Core Issues, supported by the examples of information and the examples of specific EFFECTIVENESS 17 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS factors; and taking into account the level of technical compliance, and contextual factors. What can be done to improve effectiveness? Assessors should understand the reasons why the country may not have reached a high level of effectiveness and, where possible, make recommendations to improve its ability to achieve the specific outcome. They should base their analysis and recommendations on their consideration of the core issues and on the examples of specific factors that could support the conclusions on core issues, including activities, processes, resources and infrastructure. They should also consider the effect of technical deficiencies on effectiveness, and the relevance of contextual factors. If assessors are satisfied that the outcome is being achieved to a high degree, they would not need to consider in detail what can be done to improve effectiveness (though there may still be value in identifying good practises or potential further improvements, or ongoing efforts needed to sustain a high level of effectiveness). Characteristics of an Effective System 49. The boxed text at the top of each of the Immediate Outcomes describes the main features and outcomes of an effective system. This sets out the situation in which a country is effective at achieving the outcome, and provides the benchmark for the assessment. Core Issues to be considered in determining whether the Outcome is being achieved 50. The second section sets out the basis for assessors to judge if, and to what extent, the outcome is being achieved. The core issues are the mandatory questions which assessors should seek to answer, in order to get an overview about how effective a country is under each outcome. Assessors’ conclusions about how effective a country is should be based on an overview of each outcome, informed by the assessment of the core issues. 51. Assessors should examine all the core issues listed for each outcome. However, they may vary the degree of detail with which they examine each in order to reflect the degree of risk and materiality associated with that issue in the country. In exceptional circumstances, assessors may also consider additional issues which they consider, in the specific circumstances, to be core to the effectiveness outcome (e.g., alternative measures which reflect the specificities of the country’s AML/CFT system, but which are not included in the core issues or as additional information or specific factors). They should make clear when, and why, any additional issues have been used which are considered to be core. Examples of information that could support the conclusions on Core Issues 52. The Examples of Information sets out the types and sources of information which are most relevant to understanding the extent to which the outcome is achieved, including particular data points which assessors might look for when assessing the core issues. The supporting information and 18 EFFECTIVENESS METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS other data can test or validate assessors’ understanding of the core issues, and can provide a quantitative element to complete the assessors’ picture of how well the outcome is achieved. 53. The supporting information and data listed are not exhaustive and not mandatory. The data, statistics, and other material which are available will vary considerably from country to country, and assessors should make use of whatever information the country can provide in order to assist in reaching their judgement. 54. Assessment of effectiveness is not a statistical exercise. Assessors should use data and statistics, as well as other qualitative information, when reaching an informed judgement about how well the outcome is being achieved, but should interpret the available data critically, in the context of the country’s circumstances. The focus should not be on raw data (which can be interpreted in a wide variety of ways and even with contradictory conclusions), but on information and analysis which indicates, in the context of the country being assessed, whether the objective is achieved. Assessors should be particularly cautious about using data relating to other countries as a comparison point in judging effectiveness, given the significant differences in country circumstances, AML/CFT systems, and data collection practices. Assessors should also be aware that a high level of outputs does not always contribute positively towards achieving the desired outcome. Examples of specific factors that could support the conclusions on core issues 55. The factors section of the Methodology sets out examples of the elements which are normally involved in delivering each outcome. These are not an exhaustive list of the possible factors, but are provided as an aid to assessors when considering the reasons why a country may (or may not) be achieving a particular outcome (e.g., through a breakdown in one of the factors). In most cases, assessors will need to refer to the factors in order to reach a firm conclusion about the extent to which a particular outcome is being achieved. It should be noted that the activities and processes listed in this section do not imply a single mandatory model for organising AML/CFT functions, but only represent the most commonly implemented administrative arrangements, and that the reasons why a country may not be effective are not limited to the factors listed. It should be noted that assessors need to focus on the qualitative aspects of these factors, not on the mere underlying process or procedure. 56. Assessors are not required to review all the factors in every case. When a country is demonstrably effective in an area, assessors should set out succinctly why this is the case, and highlight any areas of particular good practice, but they do not need to examine every individual factor in this section of the Methodology. There may also be cases in which a country is demonstrably not effective and where the reasons for this are fundamental (e.g., where there are major technical deficiencies). In such cases, there is also no need for assessors to undertake further detailed examination of why the outcome is not being achieved. 57. Assessors should be aware of outcomes which depend on a sequence of different steps, or a value-chain to achieve the outcome (e.g., Immediate Outcome 7, which includes investigation, prosecution and sanctioning, in order). In these cases, it is possible that an outcome may not be achieved because of a failure at one stage of the process, even though the other stages are themselves effective. EFFECTIVENESS 19 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 58. Assessors should also consider contextual factors, which may influence the issues assessors consider to be material or higher risk, and consequently, where they focus their attention. These factors may be an important part of the explanation why the country is performing well or poorly, and an important element of assessors’ recommendations about how effectiveness can be improved. However, they should not be an excuse for poor or uneven implementation of the FATF standards. CROSS-CUTTING ISSUES 59. The Immediate Outcomes are not independent of each other. In many cases an issue considered specifically under one Immediate Outcome will also contribute to the achievement of other outcomes. In particular, the factors assessed under Immediate Outcomes 1 and 2, which consider (a) the country’s assessment of risks and implementation of the risk-based approach; and (b) its engagement in international co-operation, may have far-reaching effects on other outcomes (e.g., risk assessment affects the application of risk-based measures under Immediate Outcome 4, and the deployment of competent authorities’ resources relative to all outcomes; international co-operation includes seeking co-operation to support domestic ML investigations and confiscation proceedings under Immediate Outcomes 7 and 8). Therefore, assessors should take into consideration how their findings for Immediate Outcomes 1 and 2 may have a positive or negative impact on the level of effectiveness for other Immediate Outcomes. These cross-cutting issues are reflected in the notes to assessors under each Immediate Outcome. CONCLUSIONS ON EFFECTIVENESS 60. For each individual Immediate Outcome, assessors should reach conclusions about the extent to which a country is (or is not) effective. In cases where the country has not reached a high level of effectiveness, assessors should also make recommendations about the reasons why this is the case, and the measures which the country should take to improve its ability to achieve the outcome. 61. Effectiveness is assessed in a fundamentally different way to technical compliance. Assessors’ conclusions about the extent to which a country is more or less effective should be based on an overall understanding of the degree to which the country is achieving the outcome. The Core Issues should not be considered as a checklist of criteria, but as a set of questions which help assessors achieve an appropriate understanding of the country’s effectiveness for each of the Immediate Outcomes. The core issues are not equally important, and their significance will vary according to the specific situation of each country, taking into account the ML/TF risks and relevant structural factors. Therefore, assessors need to be flexible and to use their judgement and experience when reaching conclusions. 62. Assessors’ conclusions should reflect only whether the outcome is being achieved. Assessors should set-aside their own preferences about the best way to achieve effectiveness, and should not be unduly influenced by their own national approach. They should also avoid basing their conclusions on the number of problems or deficiencies identified, as it is possible that a country may have several weaknesses which are not material in nature or are offset by strengths in other areas, and is therefore able to achieve a high overall level of effectiveness. 20 EFFECTIVENESS METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 63. Assessors’ conclusions on the level of effectiveness should be primarily descriptive. Assessors should set out clearly the extent to which they consider the outcome to be achieved overall, noting any variation, such as particular areas where effectiveness is higher or lower. They should also clearly explain the basis for their judgement, e.g., problems or weaknesses which they believe are responsible for a lack of effectiveness; the core issues and the information which they considered to be most significant; the way in which they understood data and other indicators; and the weight they gave to different aspects of the assessment. Assessors should also identify any areas of particular strength or examples of good practice. 64. In order to ensure clear and comparable decisions, assessors should also summarise their conclusion in the form of a rating. For each Immediate Outcome there are four possible ratings for effectiveness, based on the extent to which the core issues and characteristics are addressed: High level of effectiveness; Substantial level of effectiveness; Moderate level of effectiveness; and Low level of effectiveness. These ratings should be decided on the basis of the following: Effectiveness ratings High level of The Immediate Outcome is achieved to a very large extent. effectiveness Minor improvements needed. Substantial level The Immediate Outcome is achieved to a large extent. of effectiveness Moderate improvements needed. Moderate level of The Immediate Outcome is achieved to some extent. effectiveness Major improvements needed. Low level of The Immediate Outcome is not achieved or achieved to a negligible extent. effectiveness Fundamental improvements needed. RECOMMENDATIONS ON HOW TO IMPROVE THE AML/CFT SYSTEM 65. Assessors’ recommendations to a country are a vitally important part of the evaluation. On the basis of their conclusions, assessors should make recommendations of measures that the country should take in order to improve its AML/CFT system, including both the level of effectiveness and the level of technical compliance. The report should prioritise these recommendations for remedial measures, taking into account the country’s circumstances and capacity, its level of effectiveness, and any weaknesses and problems identified. Assessors’ recommendations should not simply be to address each of the deficiencies or weaknesses identified, but should add value by identifying and prioritising specific measures in order to most effectively mitigate the risks the country faces. This could be on the basis that they offer the greatest and most rapid practical improvements, have the widest-reaching effects, or are easiest to achieve. EFFECTIVENESS 21 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 66. Assessors should be careful to consider the circumstances and context of the country, and its legal and institutional system when making recommendations, noting that there are several different ways to achieve an effective AML/CFT system, and that their own preferred model may not be appropriate in the context of the country assessed. 67. In order to facilitate the development of an action plan by the assessed country, assessors should clearly indicate in their recommendations where a specific action is required, and where there may be some flexibility about how a given priority objective is to be achieved. Assessors should avoid making unnecessarily rigid recommendations (e.g., on the scheduling of certain measures), so as not to hinder countries efforts to fully adapt the recommendations to fit local circumstances. 68. Even if a country has a high level of effectiveness, this does not imply that there is no further room for improvement. There may also be a need for action in order to sustain a high level of effectiveness in the face of evolving risks. If assessors are able to identify further actions in areas where there is a high degree of effectiveness, then they should also include these in their recommendations. POINT OF REFERENCE 69. If assessors have any doubts about how to apply this Methodology, or about the interpretation of the FATF Standards, they should consult the FATF Secretariat or the Secretariat of their FSRB. 22 EFFECTIVENESS METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS TECHNICAL COMPLIANCE ASSESSMENT RECOMMENDATION 1 ASSESSING RISKS AND APPLYING A RISK-BASED APPROACH 5 OBLIGATIONS AND DECISIONS FOR COUNTRIES Risk assessment 1.1 Countries 6 should identify and assess the ML/TF risks for the country, 1.2 Countries should designate an authority or mechanism to co-ordinate actions to assess risks. 1.3 Countries should keep the risk assessments up-to-date. 1.4 Countries should have mechanisms to provide information on the results of the risk assessment(s) to all relevant competent authorities and self-regulatory bodies (SRBs), financial institutions and DNFBPs. Risk mitigation 1.5 Based on their understanding of their risks, countries should apply a risk-based approach to allocating resources and implementing measures to prevent or mitigate ML/TF. 1.6 Countries which decide not to apply some of the FATF Recommendations requiring financial institutions or DNFBPs to take certain actions, should demonstrate that: (a) there is a proven low risk of ML/TF; the exemption occurs in strictly limited and justified circumstances; and it relates to a particular type of financial institution or activity, or DNFBP; or (b) a financial activity (other than the transferring of money or value) is carried out by a natural or legal person on an occasional or very limited basis (having regard to quantitative and absolute criteria), such that there is a low risk of ML/TF. 5 The requirements in this recommendation should be assessed taking into account the more specific risk based requirements in other Recommendations. Under Recommendation 1 assessors should come to an overall view of risk assessment and risk mitigation by countries and financial institutions/DNFBPs as required in other Recommendations, but should not duplicate the detailed assessments of risk-based measures required under other Recommendations. Assessors are not expected to conduct an in-depth review of the country’s assessment(s) of risks. Assessors should focus on the process, mechanism, and information sources adopted by the country, as well as the contextual factors, and should consider the reasonableness of the conclusions of the country’s assessment(s) of risks. 6 Where appropriate, ML/TF risk assessments at a supra-national level should be taken into account when considering whether this obligation is satisfied. TECHNICAL COMPLIANCE ASSESSMENT 23 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 1.7 Where countries identify higher risks, they should ensure that their AML/CFT regime addresses such risks, including through: (a) requiring financial institutions and DNFBPs to take enhanced measures to manage and mitigate the risks; or (b) requiring financial institutions and DNFBPs to ensure that this information is incorporated into their risk assessments. 1.8 Countries may allow simplified measures for some of the FATF Recommendations requiring financial institutions or DNFBPs to take certain actions, provided that a lower risk has been identified, and this is consistent with the country’s assessment of its ML/TF risks 7. 1.9 Supervisors and SRBs should ensure that financial institutions and DNFBPs are implementing their obligations under Recommendation 1 8. OBLIGATIONS AND DECISIONS FOR FINANCIAL INSTITUTIONS AND DNFBPS Risk assessment 1.10 Financial institutions and DNFBPs should be required to take appropriate steps to identify, assess, and understand their ML/TF risks (for customers, countries or geographic areas; and products, services, transactions or delivery channels)9. This includes being required to: (a) document their risk assessments; (b) consider all the relevant risk factors before determining what is the level of overall risk and the appropriate level and type of mitigation to be applied; (c) keep these assessments up to date; and (d) have appropriate mechanisms to provide risk assessment information to competent authorities and SRBs. Risk mitigation 1.11 Financial institutions and DNFBPs should be required to: (a) have policies, controls and procedures, which are approved by senior management, to enable them to manage and mitigate the risks that have been identified (either by the country or by the financial institution or DNFBP); (b) monitor the implementation of those controls and to enhance them if necessary; and 7 Where the FATF Recommendations identify higher risk activities for which enhanced or specific measures are required, countries should ensure that all such measures are applied, although the extent of such measures may vary according to the specific level of risk. 8 The requirements in this criterion should be assessed taking into account the findings in relation to Recommendations 26 and 28. 9 The nature and extent of any assessment of ML/TF risks should be appropriate to the nature and size of the business. Competent authorities or SRBs may determine that individual documented risk assessments are not required, provided that the specific risks inherent to the sector are clearly identified and understood, and that individual financial institutions and DNFBPs understand their ML/TF risks. 24 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS (c) take enhanced measures to manage and mitigate the risks where higher risks are identified. 1.12 Countries may only permit financial institutions and DNFBPs to take simplified measures to manage and mitigate risks, if lower risks have been identified, and criteria 1.9 to 1.11 are met. Simplified measures should not be permitted whenever there is a suspicion of ML/TF. TECHNICAL COMPLIANCE ASSESSMENT 25 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS RECOMMENDATION 2 NATIONAL CO-OPERATION AND CO-ORDINATION 2.1 Countries should have national AML/CFT policies which are informed by the risks identified, and are regularly reviewed. 2.2 Countries should designate an authority or have a co-ordination or other mechanism that is responsible for national AML/CFT policies. 2.3 Mechanisms should be in place to enable policy makers, the Financial Intelligence Unit (FIU), law enforcement authorities, supervisors and other relevant competent authorities to co-operate, and where appropriate, co-ordinate and exchange information domestically with each other concerning the development and implementation of AML/CFT policies and activities. Such mechanisms should apply at both policymaking and operational levels. 2.4 Competent authorities should have similar co-operation and, where appropriate, co- ordination mechanisms to combat the financing of proliferation of weapons of mass destruction. 2.5 Countries should have cooperation and coordination between relevant authorities to ensure the compatibility of AML/CFT requirements with Data Protection and Privacy rules and other similar provisions (e.g. data security/localisation). 10 10 For purposes of technical compliance, the assessment should be limited to whether there is co-operation and, where appropriate, co-ordination, whether formal or informal, between the relevant authorities. 26 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS RECOMMENDATION 3 MONEY LAUNDERING OFFENCE 3.1 ML should be criminalised on the basis of the Vienna Convention and the Palermo Convention (see Article 3(1)(b)&(c) Vienna Convention and Article 6(1) Palermo Convention) 11. 3.2 The predicate offences for ML should cover all serious offences, with a view to including the widest range of predicate offences. At a minimum, predicate offences should include a range of offences in each of the designated categories of offences 12. 3.3 Where countries apply a threshold approach or a combined approach that includes a threshold approach 13, predicate offences should, at a minimum, comprise all offences that: (a) fall within the category of serious offences under their national law; or (b) are punishable by a maximum penalty of more than one year’s imprisonment; or (c) are punished by a minimum penalty of more than six months’ imprisonment (for countries that have a minimum threshold for offences in their legal system). 3.4 The ML offence should extend to any type of property, regardless of its value, that directly or indirectly represents the proceeds of crime. 3.5 When proving that property is the proceeds of crime, it should not be necessary that a person be convicted of a predicate offence. 3.6 Predicate offences for money laundering should extend to conduct that occurred in another country, which constitutes an offence in that country, and which would have constituted a predicate offence had it occurred domestically. 3.7 The ML offence should apply to persons who commit the predicate offence, unless this is contrary to fundamental principles of domestic law. 3.8 It should be possible for the intent and knowledge required to prove the ML offence to be inferred from objective factual circumstances. 3.9 Proportionate and dissuasive criminal sanctions should apply to natural persons convicted of ML. 11 Note in particular the physical and material elements of the offence. 12 Recommendation 3 does not require countries to create a separate offence of “participation in an organised criminal group and racketeering”. In order to cover this category of “designated offence”, it is sufficient if a country meets either of the two options set out in the Palermo Convention, i.e. either a separate offence or an offence based on conspiracy. 13 Countries determine the underlying predicate offences for ML by reference to (a) all offences; or (b) to a threshold linked either to a category of serious offences or to the penalty of imprisonment applicable to the predicate offence (threshold approach); or (c) to a list of predicate offences; or (d) a combination of these approaches. TECHNICAL COMPLIANCE ASSESSMENT 27 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS 3.10 Criminal liability and sanctions, and, where that is not possible (due to fundamental principles of domestic law), civil or administrative liability and sanctions, should apply to legal persons. This should not preclude parallel criminal, civil or administrative proceedings with respect to legal persons in countries in which more than one form of liability is available. Such measures are without prejudice to the criminal liability of natural persons. All sanctions should be proportionate and dissuasive. 3.11 Unless it is not permitted by fundamental principles of domestic law, there should be appropriate ancillary offences to the ML offence, including: participation in; association with or conspiracy to commit; attempt; aiding and abetting; facilitating; and counselling the commission. 28 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS RECOMMENDATION 4 CONFISCATION AND PROVISIONAL MEASURES 4.1 Countries should have measures, including legislative measures, that enable the confiscation of the following, whether held by criminal defendants or by third parties: (a) property laundered; (b) proceeds of (including income or other benefits derived from such proceeds), or instrumentalities used or intended for use in, ML or predicate offences; (c) property that is the proceeds of, or used in, or intended or allocated for use in the financing of terrorism, terrorist acts or terrorist organisations; or (d) property of corresponding value. 4.2 Countries should have measures, including legislative measures, that enable their competent authorities to: (a) identify, trace and evaluate property that is subject to confiscation; (b) carry out provisional measures, such as freezing or seizing, to prevent any dealing, transfer or disposal of property subject to confiscation 14; (c) take steps that will prevent or void actions that prejudice the country’s ability to freeze or seize or recover property that is subject to confiscation; and (d) take any appropriate investigative measures. 4.3 Laws and other measures should provide protection for the rights of bona fide third parties. 4.4 Countries should have mechanisms for managing and, when necessary, disposing of property frozen, seized or confiscated. 14 Measures should allow the initial application to freeze or seize property subject to confiscation to be made ex-parte or without prior notice, unless this is inconsistent with fundamental principles of domestic law. TECHNICAL COMPLIANCE ASSESSMENT 29 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS RECOMMENDATION 5 TERRORIST FINANCING OFFENCE 5.1 Countries should criminalise TF on the basis of the Terrorist Financing Convention15. 5.2 TF offences should extend to any person who wilfully provides or collects funds or other assets by any means, directly or indirectly, with the unlawful intention that they should be used, or in the knowledge that they are to be used, in full or in part: (a) to carry out a terrorist act(s); or (b) by a terrorist organisation or by an individual terrorist (even in the absence of a link to a specific terrorist act or acts). 16 5.2bis TF offences should include financing the travel of individuals who travel to a State other than their States of residence or nationality for the purpose of the perpetration, planning, or preparation of, or participation in, terrorist acts or the providing or receiving of terrorist training. 5.3 TF offences should extend to any funds or other assets whether from a legitimate or illegitimate source. 5.4 TF offences should not require that the funds or other assets: (a) were actually used to carry out or attempt a terrorist act(s); or (b) be linked to a specific terrorist act(s). 5.5 It should be possible for the intent and knowledge required to prove the offence to be inferred from objective factual circumstances. 5.6 Proportionate and dissuasive criminal sanctions should apply to natural persons convicted of TF. 5.7 Criminal liability and sanctions, and, where that is not possible (due to fundamental principles of domestic law), civil or administrative liability and sanctions, should apply to legal persons. This should not preclude parallel criminal, civil or administrative proceedings with respect to legal persons in countries in which more than one form of liability is available. Such measures should be without prejudice to the criminal liability of natural persons. All sanctions should be proportionate and dissuasive. 5.8 It should also be an offence to: (a) attempt to commit the TF offence; (b) participate as an accomplice in a TF offence or attempted offence; (c) organise or direct others to commit a TF offence or attempted offence; and 15 Criminalisation should be consistent with Article 2 of the International Convention for the Suppression of the Financing of Terrorism. 16 Criminalising TF solely on the basis of aiding and abetting, attempt, or conspiracy is not sufficient to comply with the Recommendation. 30 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS (d) contribute to the commission of one or more TF offence(s) or attempted offence(s), by a group of persons acting with a common purpose 17. 5.9 TF offences should be designated as ML predicate offences. 5.10 TF offences should apply, regardless of whether the person alleged to have committed the offence(s) is in the same country or a different country from the one in which the terrorist(s)/terrorist organisation(s) is located or the terrorist act(s) occurred/will occur. 17 Such contribution shall be intentional and shall either: (i) be made with the aim of furthering the criminal activity or criminal purpose of the group, where such activity or purpose involves the commission of a TF offence; or (ii) be made in the knowledge of the intention of the group to commit a TF offence. TECHNICAL COMPLIANCE ASSESSMENT 31 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS RECOMMENDATION 6 TARGETED FINANCIAL SANCTIONS RELATED TO TERRORISM AND TERRORIST FINANCING Identifying and designating 6.1 In relation to designations pursuant to United Nations Security Council 1267/1989 (Al Qaida) and 1988 sanctions regimes (Referred to below as “UN Sanctions Regimes”), countries should: (a) identify a competent authority or a court as having responsibility for proposing persons or entities to the 1267/1989 Committee for designation; and for proposing persons or entities to the 1988 Committee for designation; (b) have a mechanism(s) for identifying targets for designation, based on the designation criteria set out in the relevant United Nations Security Council resolutions (UNSCRs); (c) apply an evidentiary standard of proof of “reasonable grounds” or “reasonable basis” when deciding whether or not to make a proposal for designation. Such proposals for designations should not be conditional upon the existence of a criminal proceeding; (d) follow the procedures and (in the case of UN Sanctions Regimes) standard forms for listing, as adopted by the relevant committee (the 1267/1989 Committee or 1988 Committee); and (e) provide as much relevant information as possible on the proposed name18; a statement of case 19 which contains as much detail as possible on the basis for the listing 20; and (in the case of proposing names to the 1267/1989 Committee), specify whether their status as a designating state may be made known. 6.2 In relation to designations pursuant to UNSCR 1373, countries should: (a) identify a competent authority or a court as having responsibility for designating persons or entities that meet the specific criteria for designation, as set forth in UNSCR 1373; as put forward either on the country’s own motion or, after examining and giving effect to, if appropriate, the request of another country. 18 In particular, sufficient identifying information to allow for the accurate and positive identification of individuals, groups, undertakings, and entities, and to the extent possible, the information required by Interpol to issue a Special Notice 19 This statement of case should be releasable, upon request, except for the parts a Member State identifies as being confidential to the relevant committee (the 1267/1989 Committee or 1988 Committee). 20 Including: specific information supporting a determination that the person or entity meets the relevant designation; the nature of the information; supporting information or documents that can be provided; and details of any connection between the proposed designee and any currently designated person or entity 32 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS (b) have a mechanism(s) for identifying targets for designation, based on the designation criteria set out in UNSCR 1373 21; (c) when receiving a request, make a prompt determination of whether they are satisfied, according to applicable (supra-) national principles that the request is supported by reasonable grounds, or a reasonable basis, to suspect or believe that the proposed designee meets the criteria for designation in UNSCR 1373; (d) apply an evidentiary standard of proof of “reasonable grounds” or “reasonable basis” when deciding whether or not to make a designation 22. Such (proposals for) designations should not be conditional upon the existence of a criminal proceeding; and (e) when requesting another country to give effect to the actions initiated under the freezing mechanisms, provide as much identifying information, and specific information supporting the designation, as possible. 6.3 The competent authority(ies) should have legal authorities and procedures or mechanisms to: (a) collect or solicit information to identify persons and entities that, based on reasonable grounds, or a reasonable basis to suspect or believe, meet the criteria for designation; and (b) operate ex parte against a person or entity who has been identified and whose (proposal for) designation is being considered. Freezing 6.4 Countries should implement targeted financial sanctions without delay 23. 6.5 Countries should have the legal authority and identify domestic competent authorities responsible for implementing and enforcing targeted financial sanctions, in accordance with the following standards and procedures: 21 This includes having authority and effective procedures or mechanisms to examine and give effect to, if appropriate, the actions initiated under the freezing mechanisms of other countries pursuant to UNSCR 1373 (2001) 22 A country should apply the legal standard of its own legal system regarding the kind and quantum of evidence for the determination that “reasonable grounds” or “reasonable basis” exist for a decision to designate a person or entity, and thus initiate an action under a freezing mechanism. This is the case irrespective of whether the proposed designation is being put forward on the relevant country’s own motion or at the request of another country. 23 For UNSCR 1373, the obligation to take action without delay is triggered by a designation at the (supra-) national level, as put forward either on the country’s own motion or at the request of another country, if the country receiving the request is satisfied, according to applicable legal principles, that a requested designation is supported by reasonable grounds, or a reasonable basis, to suspect or believe that the proposed designee meets the criteria for designation in UNSCR 1373. TECHNICAL COMPLIANCE ASSESSMENT 33 METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS (a) Countries should require all natural and legal persons within the country to freeze, without delay and without prior notice, the funds or other assets of designated persons and entities. (b) The obligation to freeze should extend to: (i) all funds or other assets that are owned or controlled by the designated person or entity, and not just those that can be tied to a particular terrorist act, plot or threat; (ii) those funds or other assets that are wholly or jointly owned or controlled, directly or indirectly, by designated persons or entities; and (iii) the funds or other assets derived or generated from funds or other assets owned or controlled directly or indirectly by designated persons or entities, as well as (iv) funds or other assets of persons and entities acting on behalf of, or at the direction of, designated persons or entities. (c) Countries should prohibit their nationals, or 24 any persons and entities within their jurisdiction, from making any funds or other assets, economic resources, or financial or other related services, available, directly or indirectly, wholly or jointly, for the benefit of designated persons and entities; entities owned or controlled, directly or indirectly, by designated persons or entities; and persons and entities acting on behalf of, or at the direction of, designated persons or entities, unless licensed, authorised or otherwise notified in accordance with the relevant UNSCRs. (d) Countries should have mechanisms for communicating designations to the financial sector and the DNFBPs immediately upon taking such action, and providing clear guidance to financial institutions and other persons or entities, including DNFBPs, that may be holding targeted funds or other assets, on their obligations in taking action under freezing mechanisms. (e) Countries should require financial institutions and DNFBPs to report to competent authorities any assets frozen or actions taken in compliance with the prohibition requirements of the relevant UNSCRs, including attempted transactions. (f) Countries should adopt measures which protect the rights of bona fide third parties acting in good faith when implementing the obligations under Recommendation 6. De-listing, unfreezing and providing access to frozen funds or other assets 6.6 Countries should have publicly known procedures to de-list and unfreeze the funds or other assets of persons and entities which do not, or no longer, meet the criteria for designation. These should include: (a) procedures to submit de-listing requests to the relevant UN sanctions Committee in the case of persons and entities designated pursuant to the UN Sanctions Regimes , in the view of the country, do not or no longer meet the criteria for designation. Such 24 “or”, in this particular case means that countries must both prohibit their own nationals and prohibit any persons/entities in their jurisdiction. 34 TECHNICAL COMPLIANCE ASSESSMENT METHODOLOGY ASSESSING TECHNICAL COMPLIANCE WITH THE FATF RECOMMENDATIONS AND THE EFFECTIVENESS OF AML/CFT SYSTEMS procedures and criteria should be in accordance with procedures adopted by the 1267/1989 Committee or the 1988 Committee, as appropriate 25; (b) legal authorities and procedures or mechanisms to de-list and unfreeze the funds or other assets of persons and entities designated pursuant to UNSCR 1373, that no longer meet the criteria for designation; (c) with regard to designations pursuant to UNSCR 1373, procedures to allow, upon request, review of the designation decision before a court or other independent competent authority; (d) with regard to designations pursuant to UNSCR 1988, procedures to facilitate review by the 1988 Committee in accordance with any applicable guidelines or procedures adopted by the 1988 Committee, including those of the Focal Point mechanism established under UNSCR 1730; (e) with respect to designations on the Al-Qaida Sanctions List, procedures for informing designated persons and entities of the availability of the United Nations Office of the Ombudsperson, pursuant to UNSCRs 1904, 1989, and 2083 to accept de-listing petitions; (f) publicly known procedures to unfreeze the funds or other assets of persons or entities with the same or similar name as designated persons or entities, who are inadvertently affected by a freezing mechanism (i.e. a false positive), upon verification that the person or entity involved is not a designated person or entity; and (g) mechanisms for communicating de-listings and unfreezings to the financial sector and the DNFBPs immediately upon taking such action, and providing guidance to financial institutions and other persons or entities, including DNFBPs, that may by holding targeted funds or other assets, on their obligations to respect a de-listing or unfreezing action. 6.7 Countries should authorise access to frozen funds or other assets which have been determined to be necessary for basic expenses, for the payment of certain types of fees, expenses and service charges, or for extraordinary expenses, in accordance with the procedures set out in UNSCR 1452 and any successor resolutions. On the same grounds, countries should authorise access to funds or other assets, if freezing measures are applied to persons and entities designated by a (supra-)national country pursuant to UNSCR 1373. 25 The procedures of the 1267/1989 Committee are set out in UNSCRs 1730; 1735; 1822; 1904; 1989; 2083 and any successor resolutions. The procedures of the 1988 Committee are set out in UNSCRs 1730; 1735; 1822; 1904; 1988; 2082; and any successor resolutions. TECHNICAL COMPLIANCE ASSE

FATF Methodology for AML/CFT Compliance Assessment 2013 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue