GAFI (FAFT) and the forty recommendations

GAFI (FAFT) and the forty recommendations

The Financial Action Task Force on Money Laundering (GAFI), also known as Groupe d’action financière (GAFI), is an intergovernmental organization, creaby the Countries of G7 in 1989 during Paris summit, with the aim to fight the money laundering  phenomenon. Since  2001 this purpose was also extended to terrorism financing, after the event of the terroristic attack on the 11th of September .
Currently GAFI includes thirty-five members, plus the international organizations of EU and the Gulf Co-operation Council.

The tasks given to GAFI  are studying money laundering trends, monitoring legislative, financial and law enforcement activities, and especially issuing recommendations towards the different Countries to reach its own purpose.

From 1990 GAFI has issued forty recommendations and 9 special recommendations regarding the terrorism financing. Those types of  recommendations  focused on giving  standard rules and principles to prevent money laundering and financial terrorist events.

These recommendations allowed countries to have more flexibility to adopt and applicate those rules on their own.

The GAFI’s activity is conducted by different subgroups:

  1. WGEI which interprets the various criteria fixed by the recommendations;

  2. WGTYP which deals with new schemes of money-laundering and financing of terrorism;

  3. WGTM which deals with the problem of the financing of terrorism;

  4. ICRG supports international cooperation among different groups: GAFISUD (South), GAP (Asia), MONEYVAL (European conseil), Euro-Asian group and MenaGAFI.

The forty recommendations were completely reviewed in 1996 and in 2013. The main innovations of the 2013’s recommendations are the following:

  1. An higher level of transparency, allowing countries to have an easier check and control of the real identity of physical persons, and also preventing  hidden assets created by fake companies. These important principles, in particular, were estabilished by recommendations 33 and 34 (this latest one is about trusts). According to the 33 “ Countries should take

  2. measures to prevent the unlawful use of legal persons by money launderers. Countries should ensure that there is adequate, accurate and timely information on the benefic  ownership and control of legal persons that can be obtained or accessed in a timely fashion by competent authorities. In particular, countries that have legal persons that are able to issue bearer shares should take appropriate measures to ensure that they are not misused for money laundering and be able to demonstrate the adequacy of those measures. Countries could consider measures to facilitate access to beneficial ownership and control information to financial institutions undertaking the requirements set out in Recommendation 5.

  3. While according to the 34. “Countries should take measures to prevent the unlawful use of legal arrangements by money launderers. In particular, countries should ensure that there is adequate, accurate and timely information on express trusts, including information on the settlor, trustee and beneficiaries, that can be obtained or accessed in a timely fashion by competent authorities. Countries could consider measures to facilitate access to beneficial ownership and control information to financial institutions undertaking the requirements set out in Recommendation 5.”

  4. Stronger duties estabilished for Politically exposed persons (PEP). According to GAFI, a politically exposed person is an individual “who is or has been entrusted with a prominent public function and are in positions that potentially can be abused for the purpose of committing money laundering offences and related predicate offences, including corruption, as well as terrorist financing”

Other than the Directives, in the USA there are different ways of categorising PEPs according to:

  1. the Bank Secrecy Act Anti-Money Laundering Examination Manual

  2. the Patriot Act.

Generally speaking, banks and other entities are ultimately responsible for determining their local PEPs.

The US Bank Secrecy Act, Anti-Money Laundering Examination Manual states that banks should take all reasonable steps to prevent senior foreign political figures or their families and associates from hiding or moving the corruption’s activities.

The US Definition of a PEP generally includes a current or former senior foreign political figure, a senior official in the executive, legislative, administrative, military or judicial branches of a foreign government (whether elected or not), a senior official of a major foreign political party, or a senior executive of a foreign government-owned corporation.

In addition, there are other ways to find PEPs activities:

  1. a bank have to control any corporation, business, or other entity  – formed by or for the benefit of a PEP- , their immediate family (including the PEP’s parents, siblings, spouse, children  and in-laws) and their close associates (people widely and publicly known to maintain an unusually close relationship with the PEP, and could conduct substantial domestic or international financial transactions on his/her behalf ).

  2. The definitions must be sufficiently flexible to let Banks establish risk-based controls and procedures to ascertain the status of an individual as a PEP and to conduct risk-based scrutiny of accounts held by these individuals.

  3. Risk will vary depending on other factors such as  the banking services used, the account size or the  complexity of the customer link with the bank ( e.g. income sources, financial information, and professional background) .

After the  terrorist attack on WTC twin tower in New York (11 September 2001), with the establishment of the Patriot Act, the PEP’s principles became stricter. PEP’s norms are included in Section 312 of the Patriot Act.

PEPs principles prevent risk of dealing with people who are politically strong and that can potentially lead to boosting or to ruining the financial institution reputation. The price of this reputation damage cannot be paid with a fine or with any kind of punishment as the consequences of financial institution’s negligence in handling their clients may cause the wreckage of their whole business .

Section 312 of the USA Patriot Act requires american financial institutions to perform due diligence, with regard to correspondent accounts established or maintained in foreign financial institutions and private banking accounts established or maintained by non-U.S. people. The final rule issued implements on the general due diligence requirements linked to foreign financial institutions and connected to private banking accounts.

The financial rulemaking point is to improve the due diligence requirements for certain foreign banks:

article 6 adfirms that “Financial institutions should, in relation to politically exposed persons, in addition to performing normal due diligence measures:

a) Have appropriate risk management systems to determine whether the customer is a politically exposed person.

b) Obtain senior management approval for establishing business relationships with such customers.

c) Take reasonable measures to establish the source of wealth and source of funds.

d) Conduct enhanced ongoing monitoring of the business relationship”.

The Patriot Act contains a generic definition of AML, including as more criminal behaviour as possible, such as taxes’s crimes.

In particular, the first recommendation claims that “Countries should criminalise money laundering on the basis of the United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances, 1988 (the Vienna Convention) and the United Nations Convention against Transnational Organized Crime, 2000 (the Palermo Convention).

Countries should apply the crime of money laundering to all serious offences, with a view to including the widest range of predicate offences. Predicate offences may be described by reference to all offences, or to a threshold linked either to a category of serious offences or to the penalty of imprisonment applicable to the predicate offence (threshold approach), or to a list of predicate offences, or a combination of these approaches.

Where countries apply a threshold approach, predicate offences should at a minimum comprise all offences that fall within the category of serious offences under their national law or should include offences which are punishable by a maximum penalty of more than one year’s imprisonment or for those countries that have a minimum threshold for offences in their legal system, predicate offences should comprise all offences, which are punished by a minimum penalty of more than six months imprisonment.

Whichever approach is adopted, each country should at a minimum include a range of offences within each of the designated categories of offences.

Predicate offences for money laundering should extend to conduct that occurred in another country, which constitutes an offence in that country, and which would have constituted a predicate offence had it occurred domestically. Countries may provide that the only prerequisite is that the conduct would have constituted a predicate offence had it occurred domestically.

Countries may provide that the offence of money laundering does not apply to persons who committed the predicate offence, where this is required by fundamental principles of their domestic law”.

Money laundering crime can be divided in three different steps:

  1. The first one called “placement” involves the introduction of cash in a financial system, this money comes from a previous crime;

  2. The second one called “layering”, consists in several behaviours which aim to camouflage the origin of the money’s funds.

  3.  The last one is the “integration”,  when the dirty money are used in legal activities, which produce whealth for their owners.

In the Italian Criminal Code money laundering crime is defined strictly with GAFI’s recommendations and EU’s Regulations. As a matter of fact, art. 648-bis doesn’t include the self-money laundering crime, stating that “Fuori dei casi di concorso nel reato, chiunque sostituisce o trasferisce denaro, beni o altre utilità provenienti da delitto non colposo, ovvero compie in relazione ad essi altre operazioni, in modo da ostacolare l’identificazione della loro provenienza delittuosa, è punito con la reclusione da quattro a dodici anni e con la multa da euro 1.032 a euro 15.493. La pena è aumentata quando il fatto è commesso nell’esercizio di un’attività professionale. La pena è diminuita se il denaro, i beni o le altre utilità provengono da delitto per il quale è stabilita la pena della reclusione inferiore nel massimo a cinque anni. Si applica l’ultimo comma dell’articolo 648 [c.p. 648-quater]”

The self money laundering crime has been only recently introduced in the Italian’s Criminal system, by introducing in the criminal code the new art. 648-ter , which states: “Si applica la pena della reclusione da due a otto anni e della multa da euro 5.000 a euro 25.000 a chiunque, avendo commesso o concorso a commettere un delitto non colposo, impiega, sostituisce, trasferisce, in attivita’ economiche, finanziarie, imprenditoriali o speculative, il denaro, i beni o le altre utilita’ provenienti dalla commissione di tale delitto, in modo da ostacolare concretamente l’identificazione della loro provenienza delittuosa.Si applica la pena della reclusione da uno a quattro anni e della multa da euro 2.500 a euro 12.500 se il denaro, i beni o le altre utilita’ provengono dalla commissione di un delitto non colposo punito con la reclusione inferiore nel massimo a cinque anni.Si applicano comunque le pene previste dal primo comma se il denaro, i beni o le altre utilita’ provengono da un delitto commesso con le condizioni o le finalita’ di cui all’ , articolo 7 del decreto-legge 13 maggio 1991, n. 152 convertito, con modificazioni, dalla , e successive modificazioni. legge 12 luglio 1991, n. 203Fuori dei casi di cui ai commi precedenti, non sono punibili le condotte per cui il denaro, i beni o le altre utilita’ vengono destinate alla mera utilizzazione o al godimento personale.La pena e’ aumentata quando i fatti sono commessi nell’esercizio di un’attivita’ bancaria o finanziaria o di altra attivita’ professionale.La pena e’ diminuita fino alla meta’ per chi si sia efficacemente adoperato per evitare che le condotte siano portate a conseguenze ulteriori o per assicurare le prove del reato e l’individuazione dei beni, del denaro e delle altre utilita’ provenienti dal delitto.Si applica l’ultimo comma dell’articolo 648”

Italian legal system implements the “Risk based approach” system; in case of  particular circumstances, financial institutions can focus mainly on the situations which  show an higher risk of money laundering, leaving more space for the bankers in their action field.

According to the risk based approach, people are ususally divided into three different cathegories, and each cathegory corresponds to a certain level of risk of committing money laundering or illicit financing of terrorism: low, medium and high.

In addition to this, for each one of these cathegories there are different periods of time  to check the census, usually  one year for high profiles, five years for medium and ten for low risk profiles.

According to the 40th recommendation, which aim to have a more efficient international cooperation that would include the sharing of informations among prosecutors of different countries  “Countries should ensure that their competent authorities provide the widest possible range of international co-operation to their foreign counterparts. There should be clear and effective gateways to facilitate the prompt and constructive exchange directly between counterparts, either spontaneously or upon request, of information relating to both money laundering and the underlying predicate offences. Exchanges should be permitted without unduly restrictive conditions. In particular:

a) Competent authorities should not refuse a request for assistance on the sole ground that the request is also considered to involve fiscal matters.

b) Countries should not invoke laws that require financial institutions to maintain secrecy or confidentiality as a ground for refusing to provide co-operation.

c) Competent authorities should be able to conduct inquiries; and where possible, investigations; on behalf of foreign counterparts.

Where the ability to obtain information sought by a foreign competent authority is not within the mandate of its counterpart, countries are also encouraged to permit a prompt and constructive exchange of information with non-counterparts. Co-operation with foreign authorities other than counterparts could occur directly or indirectly. When uncertain about the appropriate avenue to follow, competent authorities should first contact their foreign counterparts for assistance.

Countries should establish controls and safeguards to ensure that information exchanged by competent authorities is used only in an authorised manner, consistent with their obligations concerning privacy and data protection.”

Talking about privacy and data protection, it’s necessary to put a stress on recent innovations thas have been brought up by the new regulation. Infact on December 15 2017  Regulation 2016/679 has been published on the European OfficialJournal: it deals with the processing and protection of individual data. The Regulation 2016/679 requires all operators  to adopt the new rules by May 24 2018.

The Regulation is a legally binding law that European Union Countries have to follow without the possibility to modify it, as opposed to the Directive which just requires  reaching the established results.

One of the main innovations of this Regulation is the explicit recognition of the “right to be forgotten” which has already been covered in our legal system into the rights of the individual. This right is protected by the art. 2 of the Italian Constitution, with relevant consequences on criminal law (often clashing with the freedom of the press, protected by art. 21 of the Constitution.).

Another important new topic is the Principle of accountability, which requires banks – while using data- to guarantee appropriate protective measures required by the regulation, all the data processing activities have to be traceable and recorded in a proper document (art. 30).

The role of the Data Protection Officer has also been  introduced to oversee the respect of the Regulation by all operators, as well as the privacy impact assessment (art. 35), in a situation of risk and in other specific situations.

Both  FIU and law enforcements face money laudering and financial terrorism.

For what that concerns FIU, the art. 26 states that “Countries should establish a FIU that serves as a national centre for the receiving (and, as permitted, requesting), analysis and dissemination of STR and other information regarding potential money laundering or terrorist financing. The FIU should have access, directly or indirectly, on a timely basis to the financial, administrative and law enforcement information that it requires to properly undertake its functions, including the analysis of STR”.

Art. 27, regarding law enforcements, claims that “Countries should ensure that designated law enforcement authorities have responsibility for money laundering and terrorist financing investigations. Countries are encouraged to support and develop, as far as possible, special investigative techniques suitable for the investigation of money laundering, such as controlled delivery, undercover operations and other relevant techniques. Countries are also encouraged to use other effective mechanisms such as the use of permanent or temporary groups specialised in asset investigation, and co-operative investigations with appropriate competent authorities in other countries”.

Since 2000 GAFI introduced another important accomplishment , the so called “Black List”, which contains the list of Non-Cooperative Countries or Territories (NCCTs).

This list includes countries which are judged to be non-cooperative in the global fight against money laundering and financing terrorism,  for lack of infrastructures and resources as well as having a regulation that unables them to face these issues.

Clients from these countries need to receive a stronger due diligence by operators.

1) Organizzazione internazionale on
2) “GAFI – GAFI: nuove raccomandazioni contro il riciclaggio di denaro ed il finanziamento del terrorismo”, by  Agatino Grillo on “”
3) Antiriciclaggio e professionisti, nelle raccomandazioni GAFI più trasparenza e migliore approccio basato sul rischio by Lilla Laperuta on

Salvis Juribus – Rivista di informazione giuridica
Direttore responsabile Avv. Giacomo Romano
Listed in ROAD, con patrocinio UNESCO
Copyrights © 2015 - ISSN 2464-9775
Ufficio Redazione:
Ufficio Risorse Umane:
Ufficio Commerciale:
Metti una stella e seguici anche su Google News
The following two tabs change content below.

Avv. Claudio Tarulli

Articoli inerenti