FATF Compliance

Definition

The Financial Action Task Force (FATF) is an intergovernmental organization established in 1989 that sets international standards for combating money laundering, terrorist financing, and proliferation financing. FATF's 40 Recommendations constitute the globally recognized standard that countries must implement through their laws, regulations, and institutional frameworks. Compliance with FATF standards is assessed through mutual evaluation reviews conducted by FATF and its regional bodies. Countries found to have strategic deficiencies in their AML/CFT frameworks are placed on the FATF Greylist (formally, the list of Jurisdictions under Increased Monitoring), while those with critical failures may be placed on the Blacklist (High-Risk Jurisdictions subject to a Call for Action), which can severely impair their financial sector's access to correspondent banking and international financial markets.

India became a member of FATF in 2010 and its AML/CFT framework is periodically evaluated against FATF's 40 Recommendations and 11 Immediate Outcomes. India's last mutual evaluation was completed in 2023-24, and based on the findings, India was placed under enhanced monitoring (greylisted) with a requirement to address identified technical compliance and effectiveness deficiencies. As a result, India has undertaken significant legislative strengthening, including amendments to PMLA to expand the definition of reporting entities, bring in virtual asset service providers (VASPs) under AML obligations, strengthen beneficial ownership transparency, and improve inter-agency coordination between FIU-IND, ED, CBI, and CBDT. FATF greylisting has practical implications for Indian banks and businesses in terms of enhanced due diligence from foreign counterparties and correspondent banks.

For financial institutions and designated non-financial businesses and professions (DNFBPs) operating in India, FATF compliance translates into specific obligations around customer due diligence (CDD), enhanced due diligence (EDD) for high-risk customers including PEPs and those from high-risk jurisdictions, suspicious transaction reporting, record keeping, AML training for staff, and independent AML compliance audits. The RBI, SEBI, IRDAI, and PFRDA have each issued sector-specific AML/CFT master directions aligned with FATF recommendations. Virtual asset service providers (VASPs) (including cryptocurrency exchanges) have been brought under PMLA and FATF-aligned AML regulations since 2023, requiring them to register with FIU-IND and implement full AML programs.

Key Points

• FATF's 40 Recommendations are the global standard for AML/CFT; countries failing mutual evaluations may be greylisted, impairing their financial institutions' international access.
• India was subject to enhanced monitoring (greylisting) following a 2023-24 mutual evaluation, prompting legislative and enforcement strengthening of its AML/CFT framework.
• Virtual asset service providers (cryptocurrency exchanges) were brought under PMLA obligations and required to register with FIU-IND following FATF guidance on VASPs.
• Indian financial institutions must apply enhanced due diligence to customers from FATF-greylisted or blacklisted jurisdictions, including more rigorous KYC and transaction monitoring.
• DNFBPs including chartered accountants, company secretaries, real estate agents, and jewelers are subject to PMLA obligations aligned with FATF Recommendation 22.
• FATF compliance requires a documented institutional AML policy, risk-based customer due diligence, STR filing, record keeping for five years, and periodic AML training for staff.