FATF Anti-Money Laundering Standards

The Financial Action Task Force (FATF) is an intergovernmental body established in 1989 at the G7 Paris Summit to develop policies to combat money laundering. Its mandate later expanded to include counter-terrorist financing (CFT) and, more recently, counter-proliferation financing. FATF's 40 Recommendations constitute the internationally recognized standard for AML/CFT frameworks, covering legal systems, financial sector measures, non-financial businesses and professions, international cooperation, and transparency of beneficial ownership. Over 200 jurisdictions have committed to implementing these recommendations through FATF's global network of nine associate FATF-Style Regional Bodies (FSRBs).

FATF conducts mutual evaluations of member countries to assess the technical compliance and effectiveness of their AML/CFT regimes. Countries that fail evaluations may be placed on the "grey list" (jurisdictions under increased monitoring) or the "black list" (high-risk jurisdictions subject to enhanced due diligence). Being grey-listed carries severe economic consequences — it can trigger automatic enhanced due diligence requirements from correspondent banks, result in capital flow restrictions, and damage a country's sovereign credit ratings. Financial institutions with operations in or relationships with grey-listed jurisdictions must implement enhanced controls and document their risk-based approach to the relationship.

For financial institutions, FATF standards translate into specific operational requirements: customer due diligence (CDD) and enhanced due diligence (EDD) programs, beneficial ownership identification, politically exposed person (PEP) screening, ongoing transaction monitoring, suspicious activity reporting (SAR), and record keeping. FATF Recommendation 16 (the "Travel Rule") requires financial institutions to transmit originator and beneficiary information along with wire transfers, a requirement that has become particularly complex in the context of virtual asset service providers (VASPs) and blockchain transactions.

Technology platforms supporting FATF compliance include transaction monitoring systems that apply rule-based and machine learning models to detect suspicious patterns, sanctions screening engines that check customers and transactions against OFAC, UN, EU, and other watchlists in real time, and case management systems that support SAR filing workflows. Engineering teams must ensure these systems handle high transaction volumes with low false positive rates, maintain audit trails that satisfy regulatory examination requirements, and can be updated rapidly when FATF issues new guidance or when watchlists are amended — sometimes within hours of a sanctions designation event.

Compliance-Native Architecture Guide

Design principles and a structured checklist for building software that is compliant by default — not compliant by retrofit. Covers data architecture, access controls, audit trails, and vendor due diligence.