Which Countries Require EDD and Extra Measures of Security
The European Commission and FATF constantly update lists of high-risk countries. Organizations have to closely monitor those lists and make sure that their customers from those countries go through Enhanced Due Diligence.
In the previous article (https://www.basisid.com/what-refers-to-anti-money-laundering-and-what-are-the-last-regulatory-requirements/) we have examined what is money laundering. In this article we will take a closer look at countries that require Enhanced Due Diligence (EDD). We will discuss countries that are considered high-risk by various organizations and look into what to do if you have customers from those countries.
FATF Blacklist and High-Risk Third Countries
In this article we will talk a lot about the Financial Action Task Force or FATF and the European Commission. One of their goals is to prevent Money Laundering and Terrorist Financing. Terrorist Financing is quite easy to understand – it’s obtaining, using, storing and spending money with the purpose of helping terrorist organizations. Terrorism Financing is usually a part of a bigger scheme called Money Laundering. Money Laundering is an illegal process, during which individuals or organizations try to hide the origins of illegally obtained finances through complex sequences of various transactions. Sets of laws and regulations that prevent Money Laundering and Terrorist Financing are respectively called Anti Money Laundering (AML) and Counter-Financing of Terrorism (CFT). These definitions are crucial to understanding why it’s important to pay extra attention to customers from certain countries.
Financial regulators such as FATF and European Commission always try to engage every single country and each organization because even if a few organizations don’t abide by the rules and conceal data or allow for Money Laundering and Terrorist Financing, the whole financial system falls apart. That’s why cooperation is the key. However, there are some countries that do not wish to cooperate or enforce financial regulations. That’s why FATF and the European Commission have created lists of high-risk third countries that do not cooperate. Article 9.2 of the Fourth EU Money Laundering Directive enables the European Commission to identify high-risk third countries. Those countries have strategic insufficiencies in their national AML and CFT processes, which poses a notable menace to the Financial System as a whole. According to regulation 33(1)(b) of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 EDD has to be applied to any person or organization established in one of the high-risk third countries to mitigate risks of Money Laundering and Terrorist Financing. The list of countries is always updated and currently, there are 23 countries: Afghanistan, American Samoa, The Bahamas, Botswana, Democratic People’s Republic of Korea, Ethiopia, Ghana, Guam, Iran, Iraq, Libya, Nigeria, Pakistan, Panama, Puerto Rico, Samoa, Saudi Arabia, Sri Lanka, Syria, Trinidad and Tobago, Tunisia, US Virgin Islands, Yemen. On the 19th of June 2018, the Fifth EU Money Laundering Directive was published, which expanded the criteria for the assessment of high-risk third countries. This will likely broaden the list in the near future. The European Commission list of high-risk third countries is not the only one. There’s also a so-called FATF blacklist. Calling it a blacklist is quite harsh and the official name for it is the FATF list of Non-Cooperative Countries or Territories. Countries included in the list were regarded uncooperative, however, this created some dissonance among specialists in this area as countries like the Cayman Islands have always been very cooperative and very active in implementing Anti Money Laundering programs while still being included in the list due to obvious weaknesses in their AML systems. The list was published since the year 2000 by the FATF of the Organization for Economic Co-operation and Development (OECD) and constantly updated ever since. In June 2000 the list included 15 countries: the Bahamas, Cayman Islands, Cook Islands, Dominica, Israel, Lebanon, Liechtenstein, Marshall Islands, Nauru, Niue, Panama, Philippines, Russian Federation, Saint Kitts and Nevis, Saint Vincent and the Grenadines. Now, however, as of the 21st of February 2020, there are only 2 countries: Iran and the Democratic People’s Republic of Korea. As the FATF states: “High-risk jurisdictions have significant strategic deficiencies in their regimes to counter money laundering, terrorist financing, and financing of proliferation.”
FATF encourages all jurisdictions to perform EDD on countries who are included in the list. In more severe cases “…countries are called upon to apply counter-measures to protect the international financial system from the ongoing money laundering, terrorist financing, and proliferation financing risks emanating from the country.”
North Korea remains one of the biggest threats to the world’s financial system and is included in both lists. FATF made the following statement about North Korea in 2017: “The FATF remains concerned by the DPRK’s failure to address the significant deficiencies in its anti‑money laundering and combating the financing of terrorism (AML/CFT) regime and the serious threat this poses to the integrity of the international financial system. The FATF urges the DPRK to immediately and meaningfully address its AML/CFT deficiencies. Further, FATF has serious concerns with the threat posed by DPRK’s illicit activities related to the proliferation of weapons of mass destruction (WMDs) and its financing.” Furthermore, according to article 34 of Resolution 2270 of the United Nations Security Council organizations are outlawed from opening branches and bank accounts in North Korea. North Korea remains in the blacklist despite the fact that they have shown the desire to join FATF and become a full member of the Asia Pacific Group on Money Laundering (APG). On April 20, 2016, North Korea even adopted Law on Anti-Money Laundering and Combating Financing of Terrorism, which consists of 40 articles divided among 6 chapters. Despite this, they still have severe deficiencies in AML and threats related to weapons of mass destruction (WMDs) and its financing.
Iran is included in the FATF blacklist due to its wide-spread corruption, systematic money laundering, assistance for foreign terrorist organizations and nontransparent corporate structures with hidden true ownership. Iran has also committed in 2016 to a FATF-backed reform plan to bring AML and CFT laws to an international level. They have even passed 4 bills, which were needed to meet FATF conditions. However, experts say that those bills included loopholes for terrorist organizations to still get financing. Those bills had exemptions that allowed for the support of organizations such as al-Qaeda, Hezbollah, and Hamas. In 2018 Iran’s action plan has expired. FATF urges all its members to: “require an increased supervisory examination for branches and subsidiaries of financial institutions based in Iran; introduce enhanced relevant reporting mechanisms or systematic reporting of financial transactions, and require increased external audit requirements for financial groups with respect to any of their branches and subsidiaries located in Iran.” Iran will stay in the blacklist until they fully implement the action plan and address deficiencies identified with respect to CFT. Iran’s biggest issue remains Terrorist Financing and excluding them from the blacklist now would most likely mean a severe risk for the international financial system.
As you may have noticed, the FATF list of Non-Cooperative Countries or Territories is significantly shorter than the list of high-risk third countries published by the European Commission. It is because there’s a second list called jurisdiction under increased monitoring, which can informally be referred to as FATF greylist. Countries that are included in the greylist have some strategic deficiencies that have been identified, however, those countries have committed to resolving those issues within a certain timeframe. Those countries are still subject to increased monitoring. FATF supervises those countries very closely and expects them to complete their action plans by the deadline. Despite this fact, EDD is not required by FATF for those countries. But be careful here. Some of the countries are still in the list of high-risk third countries and require EDD by the European Commission.
Countries in the greylist: Albania, The Bahamas, Barbados, Botswana, Cambodia, Ghana, Iceland, Jamaica, Mauritius, Mongolia, Myanmar, Nicaragua, Pakistan, Panama, Syria, Uganda, Yemen, Zimbabwe.
The European Commission is a member of FATF and supports its work in ensuring global compliance with international standards. The Commission takes FATF blacklist as a starting point for the list of high-risk third countries and currently both of the countries from the FATF blacklist are included in the list published by the Commission. However, it is not guaranteed that it will stay this way in the future. Hence, it’s always a good practice to check both lists to stay compliant.
In addition to those two lists, sanctioned individuals, organizations and countries may also require EDD during the onboarding process. Sanctions are punitive measures imposed by regulatory bodies to protect the society from entities that pose a significant risk. In the modern days usually individuals get sanctioned for laundering money, being affiliated with terrorist organizations, violating human rights, trafficking drugs or humans or being arm dealers. Alongside with Know Your Customer (KYC) organizations such as banks, gambling platforms, cryptocurrency trading platforms and other FinTechs are required to perform a sanction screening. It is done using sanctioned lists that are created by various organizations such as European Union’s consolidated list of those who are subject to EU financial sanctions or Interpol’s sanctions list of international fugitives. Those lists contain comprehensive data about those individuals and are being updated constantly. Companies usually use solutions like BASIS ID to perform sanction screening as it doesn’t require hiring new human resources and making big investments into understanding the legal aspect of compliance, developing complicated solutions and training staff.
There are also sanctiones posed against whole countries, however, the terms vary significantly. For example, US can impose sanctions against activities that benefit energy, intelligence or defense sectors in Russia. It means that US companies or citizens have to perform additional due diligence to ensure the absence of transactions related to energy, intelligence or defense sectors as well as ensure that an individual is not a Specially Designated National (SDN).
As sanctions are very region-specific, it is very risky to generalize them. Hence, it is best to research, which country-specific sanctions are imposed within the legislation of one’s business. The best way to ensure full compliance is to find a KYC provider that can perform Sanction Screening and AML check alongside with EDD.
It leads to a question:
What Should Companies Do When They Encounter Clients From One Of The Lists?
- If a person is in high-risk third countries list or the FATF black list, then EDD must be performed with a few rare exceptions.
- To mitigate possible risks it is also advised to monitor countries from the FATF greylist and also consider performing EDD on clients from other countries if that region has high level of corruption, is a tax haven or an offshore or has flawed AML legislation.
- Be aware of your legislation and closely monitor any changes in the legislation or one of the lists for high-risk countries and individuals.
In addition to that it is also necessary to continue monitoring those individuals even after the initial onboarding process. You should pay close attention to transactions those individuals or organizations perform and make sure that you know the source of their funds as well as intentions of the transactions as they can go against AML and CFT laws.
The safest and the most effective way to stay compliant and mitigate as much risk as possible related to any sort of financial fraud is to use services of modern eKYC providers such as BASIS ID. In addition to seamless KYC they also provide AML and Sanction Screening as well as EDD and ongoing monitoring, which are triggered automatically for high-risk customers. And in order to obtain additional information about such clients, PEP, Adverse Media & Watchlist Screenings are also performed. BASIS ID has access to Sanction Lists from 230 countries and 42820 sources. Thanks to the fact that most of the processes are automated, the onboarding is extremely quick and only benefits user experience. This method raises conversion and keeps customers satisfied. Also, BASIS ID keeps an eye on the changes of different legislations across the world and adjusts their platform accordingly. This way you don’t have to worry about issues related to compliance while also keeping your costs low.