FATF Recommendations. Global AML Standards

Ever wondered why AML laws in Australia look similar to AML laws in the UK, US, Singapore, and dozens of other countries?

It's because they're all based on the same framework: the FATF Recommendations.

FATF (Financial Action Task Force) is the global standard-setter for anti-money laundering and counter-terrorism financing. Their 40 Recommendations are the blueprint that countries worldwide use to build their AML/CTF regimes.

Understanding FATF helps you understand why Australian AML laws are structured the way they are. And why they keep evolving.

What Is FATF?

The Financial Action Task Force (FATF) is an inter-governmental body established in 1989 by the G7 nations. Its mandate: Combat money laundering, terrorism financing, and proliferation financing (funding weapons of mass destruction).

FATF has 40 member countries/jurisdictions plus numerous observer organizations. Members include major economies: Australia, US, UK, EU nations, China, India, Japan, Singapore, and more.

FATF's role:

• Set international standards for AML/CTF through the 40 Recommendations
• Monitor implementation by reviewing how well countries comply
• Identify high-risk jurisdictions with weak AML/CTF frameworks (grey/black lists)
• Publish guidance on emerging ML/TF risks and best practices

FATF doesn't have enforcement powers. It can't fine countries or businesses. But it has influence. Countries that don't comply face reputational damage and can be cut off from the global financial system.

The 40 Recommendations

The FATF Recommendations are organized into seven categories:

A. AML/CTF Policies and Coordination

Countries should:

• Identify, assess, and understand ML/TF risks
• Apply a risk-based approach (resources focused on highest risks)
• Coordinate AML/CTF policy across government agencies
• Designate competent authorities for AML/CTF supervision and enforcement

Australia's implementation: AUSTRAC is the designated authority. National ML/TF Risk Assessments conducted regularly. Risk-based approach mandated in AML/CTF Act.

B. Money Laundering and Confiscation

Countries should:

• Criminalize money laundering based on the Vienna and Palermo Conventions
• Enable confiscation of proceeds of crime
• Enable freezing of terrorist assets

Australia's implementation: Money laundering criminalized under Criminal Code Act. Proceeds of Crime Act enables asset confiscation. Counter-Terrorism Financing Act enables asset freezing.

C. Terrorism Financing and Proliferation Financing

Countries should:

• Criminalize terrorism financing
• Implement targeted financial sanctions related to terrorism and proliferation
• Monitor non-profit organizations to ensure they're not misused for terrorism financing

Australia's implementation: Terrorism financing criminalized. Sanctions implemented through Autonomous Sanctions Act and DFAT Consolidated List.

D. Preventive Measures

This is where most AML/CTF obligations for businesses come from. FATF Recommendations require:

Recommendation 10: Customer Due Diligence (CDD)

• Identify and verify customer identity
• Identify beneficial owners
• Understand the purpose and nature of business relationship
• Conduct ongoing due diligence throughout the relationship

Australia's implementation: Part A and Part B of AML/CTF Act require CDD for reporting entities. Rules specify verification methods, timing, and acceptable documents.

Recommendation 11: Record-Keeping

• Maintain records of transactions for at least 5 years
• Maintain records of customer identification for at least 5 years after relationship ends

Australia's implementation: AML/CTF Act requires 7 years (stricter than FATF minimum).

Recommendation 12: Politically Exposed Persons (PEPs)

• Have appropriate risk management systems to determine if customers are PEPs
• Obtain senior management approval for establishing relationships with PEPs
• Conduct enhanced due diligence on PEPs

Australia's implementation: AML/CTF Rules require PEP screening and enhanced CDD for foreign PEPs.

Recommendation 16: Wire Transfers

• Require originat or and beneficiary information on wire transfers
• Monitor and report suspicious international fund transfers

Australia's implementation: International Funds Transfer Instructions (IFTIs) reporting to AUSTRAC.

Recommendation 20: Suspicious Transaction Reporting

• Financial institutions must report suspicious transactions to financial intelligence unit
• Protect reporters from liability ("tipping off" prohibitions)

Australia's implementation: Suspicious Matter Reports (SMRs) required within 3 business days (24 hours for terrorism financing). Tipping off is criminal offense.

E. Transparency and Beneficial Ownership

Countries should:

• Ensure adequate transparency of legal persons (companies) and legal arrangements (trusts)
• Ensure beneficial ownership information is available to competent authorities

Australia's implementation: Beneficial ownership identification required under AML/CTF Act. ASIC maintains company registry. Government considering beneficial ownership register.

F. Powers and Responsibilities of Competent Authorities

Countries should:

• Establish a financial intelligence unit (FIU) to collect and analyze suspicious transaction reports
• Give law enforcement adequate investigation powers
• Supervise and enforce AML/CTF compliance

Australia's implementation: AUSTRAC is the FIU. Australian Federal Police and state police have investigation powers. AUSTRAC supervises reporting entities and can impose civil penalties.

G. International Cooperation

Countries should:

• Cooperate internationally on ML/TF investigations
• Provide mutual legal assistance
• Enable extradition for ML/TF offenses

Australia's implementation: AUSTRAC shares financial intelligence with foreign counterparts. Mutual assistance treaties enable cooperation. Extradition Act allows extradition for ML/TF offenses.

Risk-Based Approach: A Core FATF Principle

FATF emphasizes a risk-based approach. That means:

• Identify where ML/TF risks are highest
• Apply enhanced measures to high-risk areas
• Apply simplified measures to low-risk areas
• Don't waste resources on low-risk activities

Example in practice:

• High-risk customer: Foreign PEP buying property through offshore company. Apply ECDD: source of funds verification, senior management approval, enhanced monitoring.
• Low-risk customer: Australian resident with verified employment buying property with mortgage. Standard CDD sufficient.

This principle is embedded in Australia's AML/CTF Act. Your AML program must be "appropriate to the nature, size and complexity" of your business. Risk assessment is mandatory. Enhanced CDD applies to high-risk customers.

FATF Mutual Evaluations

Every few years, FATF conducts mutual evaluations of member countries. Independent assessors review:

• Whether the country's AML/CTF laws align with FATF Recommendations
• How effectively the regime is implemented
• Whether supervisors enforce compliance
• Whether financial intelligence is used effectively

Countries receive ratings:

• Compliant — Fully meets FATF standards
• Largely Compliant — Minor deficiencies
• Partially Compliant — Significant deficiencies
• Non-Compliant — Major deficiencies

Australia's most recent mutual evaluation (2015) found Australia "largely compliant" on most Recommendations. But there were gaps, notably:

• Lack of AML/CTF coverage for gatekeeper professions (lawyers, accountants, real estate)
• Beneficial ownership transparency issues

That's why Tranche 2 is happening. The 2026 expansion addresses FATF's key recommendations for Australia.

FATF Grey and Black Lists

FATF monitors all countries, not just members. Twice yearly, FATF publishes:

High-Risk Jurisdictions (Black List)
Countries with serious AML/CTF deficiencies. FATF calls for countermeasures (restrictions on financial transactions).

Current examples: North Korea, Iran

Jurisdictions Under Increased Monitoring (Grey List)
Countries working with FATF to address deficiencies but not yet compliant.

Recent examples have included: Pakistan, Myanmar, Panama, Syria, Yemen, others

Why it matters for Australian businesses:

When conducting customer due diligence, customers from grey/black list jurisdictions are automatically high-risk. Enhanced due diligence applies. Transactions involving these jurisdictions require extra scrutiny.

AUSTRAC guidance references FATF lists. Your risk assessment should consider them.

FATF Guidance and Typologies

Beyond the 40 Recommendations, FATF publishes:

Guidance documents on specific topics:

• Virtual assets (cryptocurrency)
• PEPs
• Beneficial ownership
• Risk-based approach for specific sectors
• COVID-19-related ML/TF risks

Typology reports explaining how criminals launder money:

• Trade-based money laundering
• Real estate money laundering
• Professional money laundering networks
• Terrorist financing methods

These reports inform AUSTRAC's guidance. When AUSTRAC publishes sector-specific risk indicators, they're often based on FATF typologies.

Why FATF Matters for Your Business

Even if you never read the FATF Recommendations directly, they shape your obligations:

Australia implements FATF standards. The AML/CTF Act is built on FATF's framework. When you comply with Australian law, you're complying with international standards.

FATF drives regulatory change. Tranche 2? That's Australia addressing FATF recommendations. FATF says gatekeepers need AML obligations. Australia implements it.

FATF guidance influences AUSTRAC. When FATF publishes guidance on emerging risks (like cryptocurrency or COVID-related fraud), AUSTRAC incorporates it into Australian guidance. Staying current with FATF helps you anticipate regulatory changes.

High-risk jurisdictions affect your risk assessment. FATF grey/black lists tell you which countries pose higher ML/TF risks. If your customers involve those jurisdictions, enhanced CDD applies.

The Bottom Line

FATF Recommendations are the global blueprint for AML/CTF. The 40 Recommendations cover everything from customer due diligence to international cooperation.

Australia is a FATF member and implements FATF standards through the AML/CTF Act and AUSTRAC. Tranche 2 (expanding AML to lawyers, accountants, real estate) is Australia aligning with FATF's long-standing recommendations.

While you don't need to memorize the FATF Recommendations, understanding that they exist helps you see the bigger picture. Your AML obligations aren't arbitrary. They're part of a coordinated international effort to combat money laundering and terrorism financing.

And when AUSTRAC says "check FATF guidance," now you know why. Because FATF is where global AML standards come from.