AML/CFT guide · FATF
FATF — The Global AML/CFT Standard-Setter
The Financial Action Task Force (FATF) sets the global standard for combating money laundering, terrorist financing, and proliferation financing through its 40 Recommendations, mutual evaluations, and public lists.
Last updated 2026-06-20
FATF — The Global AML/CFT Standard-Setter
The Financial Action Task Force (FATF / GAFI) is the inter-governmental body that sets the global standard for combating money laundering (AML), terrorist financing (CFT), and proliferation financing (CPF). It is a policy-making and standard-setting body — not a treaty organisation and not an enforcement agency. FATF has no power to sanction; it works through peer pressure, mutual evaluation, and public listing. Its standards are transposed into national law by jurisdictions across the world, making FATF the foundation on which most national AML/CFT regimes are built.
Authorities and bodies
- FATF was founded in 1989 by the G7 Summit in Paris, originally comprising the G7, the European Commission, and eight other countries, in response to growing concern over drug-money laundering.
- According to FATF, its Secretariat is housed at the OECD in Paris; FATF is administratively hosted by, but legally distinct from, the OECD.
- Membership comprises member jurisdictions plus two regional organisations — the European Commission and the Gulf Cooperation Council (GCC).
- The "Global Network": FATF together with nine FATF-Style Regional Bodies (FSRBs) extends the standard to 200+ jurisdictions. Key FSRBs include MONEYVAL (Council of Europe, established 1997), the Asia/Pacific Group (APG), CFATF (Caribbean), GAFILAT, GABAC, ESAAMLG, GIABA, MENAFATF, and EAG.
- Observers and partners: the IMF and World Bank are key observer organisations and conduct AML/CFT assessments using the FATF methodology; the UN and others also participate.
Core instruments:
- The 40 Recommendations — the standards themselves (consolidated 2012, updated continuously).
- The Methodology (2013, amended 2022) — how compliance is assessed.
- Mutual Evaluation Reports (MERs) and follow-up.
- The two public lists — "Jurisdictions under Increased Monitoring" (grey) and "High-Risk Jurisdictions subject to a Call for Action" (black).
- Guidance papers (risk-based approach, virtual assets, beneficial ownership, and others).
History timeline
| Year | Instrument / event | What it introduced or changed |
|---|---|---|
| 1989 | G7 Paris Summit | FATF created in response to drug-money laundering; G7 + European Commission + 8 countries. |
| 1990 | First 40 Recommendations | First report plus the original Forty Recommendations on money laundering (then drug-focused). |
| 1996 | First revision of the 40 | Broadened scope beyond drug-money laundering to all serious crime; reflected evolving ML techniques. |
| 2001 (Oct) | 8 Special Recommendations on Terrorist Financing | Post-9/11 mandate expansion to CFT; created the "Eight Special Recommendations" (the "40 + 8"). |
| 2003 | Second revision of the 40 | Modernised customer due diligence, PEPs, and correspondent banking; the 2003 standard became the recognised global AML/CFT benchmark. |
| 2004 (Oct) | 9th Special Recommendation | Added a recommendation on cash couriers (cross-border physical movement of currency/instruments), forming the "40 + 9". |
| 2012 (Feb) | Consolidated Standards | Merged the 40 + 9 into a single set of 40 Recommendations; integrated CFT into the main body; explicitly added countering proliferation financing (CPF) of weapons of mass destruction. This is the current architecture. |
| 2013 | Assessment Methodology | New methodology pairing technical compliance with effectiveness (11 Immediate Outcomes) — basis of the 4th evaluation round. |
| 2019 (Jun) | R.15 + R.16 extended to virtual assets | Interpretive Note to R.15 brought virtual assets and virtual asset service providers (VASPs) into scope and extended the Travel Rule (R.16) to crypto transfers. |
| 2022 (Mar) | R.24 revision (beneficial ownership — legal persons) | Tougher beneficial-ownership standard: countries must ensure timely access to adequate, accurate, up-to-date information via a registry or equivalent mechanism. |
| 2022 | Methodology amended (5th round) | Updated the 2013 methodology with greater weight on effectiveness, CPF, and targeted financial sanctions. |
| 2023 (Feb) | R.25 revision (beneficial ownership — legal arrangements/trusts) | Brought trusts and legal arrangements broadly into line with R.24. |
| 2024 | 5th round of mutual evaluations begins | Under the 2022 methodology; sharper focus on real-world effectiveness. |
Current standards — the 40 Recommendations
The 40 Recommendations (2012 consolidation, updated continuously) are grouped into seven thematic sections. The most widely-cited include:
| Rec(s) | Theme | Substance |
|---|---|---|
| R.1 | Risk-Based Approach (RBA) | Foundation: identify, assess, and understand ML/TF/PF risk; allocate resources proportionately. |
| R.2 | National cooperation/coordination | Domestic AML/CFT/CPF policy coordination. |
| R.3–4 | ML offence + confiscation | Criminalise money laundering; enable freezing and confiscation of proceeds. |
| R.5 | TF offence | Criminalise terrorist financing. |
| R.6 | Targeted financial sanctions — terrorism/TF | Implement UN Security Council Resolution 1267/1373-type targeted financial sanctions: freeze without delay; make no funds available to designated persons. |
| R.7 | Targeted financial sanctions — proliferation | Targeted financial sanctions to implement UN resolutions on WMD proliferation. Mirrors R.6. |
| R.8 | Non-profit organisations | Protect NPOs from terrorist-financing abuse (risk-based). |
| R.10 | Customer Due Diligence (CDD) | Know-your-customer; identify customer and beneficial owner; understand purpose; ongoing monitoring. |
| R.12 | Politically Exposed Persons (PEPs) | Enhanced due diligence for PEPs. |
| R.13 | Correspondent banking | Enhanced due diligence for cross-border correspondent relationships. |
| R.15 | New technologies / virtual assets | Since 2019: virtual assets and VASPs in scope for AML/CFT. |
| R.16 | Wire transfers — the Travel Rule | Originator and beneficiary information must "travel" with transfers; extended to crypto in 2019. |
| R.20 | Suspicious Transaction Reporting (STR/SAR) | Mandatory, timely reporting to the national financial intelligence unit (FIU) on ML/TF suspicion. |
| R.22–23 | DNFBPs | Extend CDD and reporting to lawyers, accountants, casinos, real estate, and dealers in precious metals. |
| R.24 | Beneficial ownership — legal persons | Adequate, accurate, up-to-date beneficial-ownership information via a registry or equivalent (revised 2022). |
| R.25 | Beneficial ownership — legal arrangements | The same for trusts (revised 2023). |
| R.26–35 | Supervision, FIUs, powers | Supervisory regimes, FIU operation, investigative powers, sanctions for non-compliance. |
| R.36–40 | International cooperation | Mutual legal assistance, extradition, and exchange of information. |
Core obligations — targeted financial sanctions (Recommendations 6 and 7)
Recommendation 6 requires every country to implement targeted financial sanctions to comply with UN Security Council resolutions on terrorism and terrorist financing — notably UNSCR 1267 (1999) and its successors (the Al-Qaida/ISIL regime) and UNSCR 1373 (2001) (the autonomous-designation regime). Funds of designated persons and entities must be frozen without delay, and no funds may be made available to them.
Recommendation 7 mirrors R.6 for proliferation financing of weapons of mass destruction, implementing UN resolutions targeting proliferation. Its Interpretive Note covers designations, freezing, de-listing and unfreezing, and access to frozen funds.
"Freeze without delay" and "make no funds available to designated persons" are operationally achievable only where an institution continuously checks its customers and transactions against the relevant designation lists. R.6 and R.7 are therefore the standards that lead national governments to maintain sanctions lists and to require regulated entities to screen against them.
Enforcement — mutual evaluation and the grey/black lists
Mutual Evaluation Reports (MERs) are peer reviews assessing a country on two axes:
- Technical compliance — whether the laws and regulations are in place (rated per Recommendation: Compliant / Largely Compliant / Partially Compliant / Non-Compliant).
- Effectiveness — whether they work in practice, assessed against 11 Immediate Outcomes (such as risk understanding, supervision, targeted-financial-sanctions implementation, and confiscation). Introduced in the 2013 methodology and weighted more heavily under the 2022 methodology.
The two public lists are updated at each Plenary (typically three per year — February, June, and October):
| List | Official name | Meaning |
|---|---|---|
| Grey list | Jurisdictions under Increased Monitoring | Strategic deficiencies; the country has committed to an action plan under FATF monitoring. Not a call for counter-measures, but it triggers enhanced due diligence and de-risking pressure. |
| Black list | High-Risk Jurisdictions subject to a Call for Action | Critical, unaddressed deficiencies; FATF calls on members to apply counter-measures (or enhanced due diligence in certain cases). |
The grey list changes frequently as jurisdictions are added or removed at each Plenary, so the current roster should be checked against the latest FATF publication rather than treated as fixed.
Recent direction
- Beneficial-ownership tightening (2022–2023): R.24 (legal persons, March 2022) and R.25 (trusts and arrangements, February 2023) substantially raised the standard, requiring registries or equivalent mechanisms with accuracy and timeliness requirements.
- Virtual assets: FATF continues to publish annual Targeted Updates on virtual-asset and VASP implementation; its 2024 update found that many jurisdictions still lag on R.15 and the Travel Rule.
- 5th round of mutual evaluations (2024 onward): conducted under the 2022 methodology, with heavier weight on effectiveness, CPF, and targeted-financial-sanctions implementation.
- Plenary cadence: FATF meets approximately three times a year (February, June, and October), with list updates at each Plenary.
Sources & primary authorities
All sources accessed 2026-06-20.
Primary (FATF / inter-governmental organisations):
- FATF — History of the FATF: https://www.fatf-gafi.org/en/the-fatf/history-of-the-fatf.html
- FATF — The 40 Recommendations (2012 consolidated PDF): https://www.fatf-gafi.org/content/dam/fatf-gafi/recommendations/FATF%20Recommendations%202012.pdf.coredownload.inline.pdf
- FATF — Review and history of FATF standards: https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Review-and-history-of-fatf-standards.html
- FATF — IX Special Recommendations: https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Ixspecialrecommendations.html
- FATF — Best Practices, TFS Recommendation 6: https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Bpp-finsanctions-tf-r6.html
- FATF — Proliferation financing topic: https://www.fatf-gafi.org/en/topics/proliferation-financing.html
- FATF — UNSCR proliferation/WMD guidance: https://www.fatf-gafi.org/en/publications/Financingofproliferation/Unscr-proliferation-wmd.html
- FATF — Virtual assets topic: https://www.fatf-gafi.org/en/topics/virtual-assets.html
- FATF — Targeted update on VAs/VASPs (2024): https://www.fatf-gafi.org/en/publications/Fatfrecommendations/targeted-update-virtual-assets-vasps-2024.html
- FATF — R.24 public statement (March 2022): https://www.fatf-gafi.org/en/publications/Fatfrecommendations/R24-statement-march-2022.html
- FATF — R.25 public consultation (October 2023): https://www.fatf-gafi.org/en/publications/Fatfrecommendations/R25-Public-Consultation-Oct-23.html
- FATF — 5th Round Methodology (2022): https://www.fatf-gafi.org/en/publications/Mutualevaluations/5th-Round-Methodology.html
- FATF — Mutual evaluations topic: https://www.fatf-gafi.org/en/topics/mutual-evaluations.html
- FATF — Universal Procedures (2023): https://www.fatf-gafi.org/en/publications/Mutualevaluations/Universal-Procedures-2023.html
- FATF — Black and grey lists landing page: https://www.fatf-gafi.org/en/countries/black-and-grey-lists.html
- FATF — Jurisdictions under Increased Monitoring (February 2026): https://www.fatf-gafi.org/en/publications/High-risk-and-other-monitored-jurisdictions/increased-monitoring-february-2026.html
- FATF — Jurisdictions under Increased Monitoring (June 2025): https://www.fatf-gafi.org/en/publications/High-risk-and-other-monitored-jurisdictions/increased-monitoring-june-2025.html
- APG — FSRBs in the Global Network: https://www.apgml.org/global-network/fatf-style-regional-bodies-fsrbs
- MONEYVAL (Council of Europe) — financing of proliferation: https://www.coe.int/en/web/moneyval/implementation/financing-proliferation
- IMF — Revisions to the FATF Standard (2012 board note): https://www.imf.org/external/np/pp/eng/2012/071712a.pdf
This guide provides general information only and is not legal advice. Current as of 2026-06-20.
Keep this guide current
Monthly sanctions enforcement digest
Regimes change. Get the monthly digest of new designations and enforcement actions — and a heads-up when we publish a downloadable PDF of this FATF guide.