Image from FATF
In March 2017, FATF published a consolidated assessment ratings of 30 jurisdictions that have gone through the 4th Round of MERs against the 2012 FATF Recommendations, using the 2013 FATF Methodology. The actual publication can be found here.
We did a quick Chi-Square statistical analysis on the results to determine if technical compliance of the 40 Recommendations (R) across the 30 jurisdictions assessed has any significant correlation/association with the effectiveness of AML/CTF program as reflected through the 11 Immediate Outcomes (IO).
R.1 Assessing Risks and Applying a Risk-Based Approach
R.2 National cooperation and coordination
R.3 Money laundering offence
R.4 Confiscation and provisional measures
R.5 Terrorist financing offence
R.6 Targeted financial sanctions related to terrorism & terrorist financing
R.7 Targeted financial sanctions related to proliferation
R.8 Non-profit organisations
R.9 Financial institution secrecy laws
R.10 Customer due diligence
R.11 Record keeping
R.12 Politically exposed persons
R.13 Correspondent banking
R.14 Money or value transfer services
R.15 New technologies
R.16 Wire transfers
R.17 Reliance on third parties
R.18 Internal controls and foreign branches and subsidiaries
R.19 Higher-risk countries
R.20 Reporting of suspicious transactions
R.21 Tipping-off and confidentiality
R.22 DNFBPs: Customer due diligence
R.23 DNFBPs: Other measures
R.24 Transparency and beneficial ownership of legal persons
R.25 Transparency and beneficial ownership of legal arrangements
R.26 Regulation and supervision of financial institutions
R.27 Powers of supervisors
R.28 Regulation and supervision of DNFBPs
R.29 Financial intelligence units
R.30 Responsibilities of law enforcement and investigative authorities
R.31 Powers of law enforcement and investigative authorities
R.32 Cash couriers
R.34 Guidance and feedback
R.36 International instruments
R.37 Mutual legal assistance
R.38 Mutual legal assistance: freezing and confiscation
R.40 Other forms of international cooperation
11 IMMEDIATE OUTCOMES
IO1 Money laundering and terrorist financing risks are understood and, where appropriate, actions co-ordinated domestically to combat money laundering and the financing of terrorism and proliferation.
IO2 International co-operation delivers appropriate information, financial intelligence, and evidence, and facilitates action against criminals and their assets.
IO3 Supervisors appropriately supervise, monitor and regulate financial institutions and DNFBPs for compliance with AML/CFT requirements commensurate with their risks.
IO4 Financial institutions and DNFBPs adequately apply AML/CFT preventive measures commensurate with their risks, and report suspicious transactions.
IO5 Legal persons and arrangements are prevented from misuse for money laundering or terrorist financing, and information on their beneficial ownership is available to competent authorities without impediments.
IO6 Financial intelligence and all other relevant information are appropriately used by competent authorities for money laundering and terrorist financing investigations.
IO7 Money laundering offences and activities are investigated and offenders are prosecuted and subject to effective, proportionate and dissuasive sanctions.
IO8 Proceeds and instrumentalities of crime are confiscated.
IO9 Terrorist financing offences and activities are investigated and persons who finance terrorism are prosecuted and subject to effective, proportionate and dissuasive sanctions.
IO10 Terrorists, terrorist organisations and terrorist financiers are prevented from raising, moving and using funds, and from abusing the NPO sector.
IO11 Persons and entities involved in the proliferation of weapons of mass destruction are prevented from raising, moving and using funds, consistent with the relevant UNSCRs.
R1 with IOs
We observed that achieving better technical compliance with R1 correlates to better effectiveness and compliance with Immediate Outcomes. Scoring well for R1 is closely correlated to 9 out of 11 IOs especially IO3.
- R1 refers to assessing risks and adopting a risk-based approach which is a key pillar of AML/CTF measures. If jurisdictions are not able to achieve a good rating on R1, we think that a number of other recommendations as well as immediate outcomes will be doing badly too.
- In respect of R1's correlation with IO3, which refers to the effectiveness of supervisors' ability to supervise, monitor and regulate, it is rather apparent that without a fundamentally robust risk-based approach, it may be challenging for any jurisdiction to properly regulate various industries for their ability to comply with AML/CTF requirements that commensurate with their risks.
R7, R24, R31 and R34 with IOs
We also observed that compliance with R7, R24, R31 and R34 correlate to better effectiveness and compliance with immediate outcomes (though not as strong as R1 above). Scoring well for R7, R24, R31 and R34 is closely correlated to 7 out of 11 IOs.
R3, R5, R10, R11 and R20 with IOs
We are unable to statistically conclude any correlation between compliance with previous FATF Core Recommendations (R3, R5, R10, R11 and R20) and effectiveness of IOs. Perhaps, these recommendations are so basic and integral that compliance with them is a given. It is probably right to focus more on the other 35 Recommendations going forward.
However, an interesting point we noted from the analysis is for the 30 jurisdictions covered, if the jurisdiction has a NC for any of these 5 recommendations, that jurisdiction's 11 IOs will mostly be low effective.
Other Observations on R22, R23, R28, R24, R25, R7, R8
Without looking at statistical conclusions, some notable results on technical compliance include
- Almost all jurisdictions need to do better for DNFBPs - R22, R23 and R28;
- Almost all jurisdictions need to improve their effort in transparency and beneficial ownership identification - R24 and R25;
- Many jurisdictions need to focus on NPOs and put in place measures to prevent NPOs from being abused for terrorist and terrorism financing activities - R8;
- Several jurisdictions need to do better with prevention, suppression and disruption of proliferation of weapons of mass destruction and its financing - R7 (a key effort to make the world a safer place, would have thought)
It is important to note that of the 30 jurisdictions covered under this consolidated assessment ratings, only 11 are full members of FATF. The remaining 19 are members of FATF Associates Members only such as APG, CFATF and MONEYVAL.
Comparing to FATF MERs on its 35 Member Jurisdictions
When we compare the results of FATF MERs carried out on its 35 full member jurisdictions for their technical compliance of the 40 Recommendations (some have yet to go through the latest FATF MER methodology), the conclusions are rather similar in respect of R22, R23, R28 (DNFBPs); R24 and R25 (Transparency and UBO); and R8 (NPOs).
This may suggest that more developed/advanced jurisdictions (i.e. full FATF members) are not necessarily doing better in respect of these 3 categories as compared to the other non-full member jurisdictions.
If we take the preliminary observations and conclusions above and do a back-of-envelope extrapolation on how other jurisdictions that are not covered here (there are more than 190 jurisdictions in the world that have committed to implement FATF Recommendations) may perform, I suspect the results may be very similar.
Although there has been great progress globally and commendable effort by FATF in leading the charge, I think we need to do better in terms of speed, consistency and effectiveness of AML/CTF implementation so as to cripple money laundering, terrorism financing and proliferation around the world.
Point is more can be done and should be done quickly.