The financial inclusion community has a pivotal opportunity to help shape amendments to the global anti-money laundering, terrorist, and proliferation financing (AML/CFT/CPF) standards set by the Financial Action Task Force (FATF). With a public consultation open until December 6, 2024, the FATF is seeking feedback on revisions that will better align its risk-based standards with financial inclusion policy objectives. These updates, particularly to Recommendation 1 (R.1), could address challenges that contribute to exclusion – including stringent documentation requirements and costs related to financial services, both of which are often linked directly to AML/CFT/CPF requirements. The revisions aim to promote proportional AML/CFT measures so that lower-risk individuals and small businesses are not disproportionately burdened by compliance requirements intended for higher-risk scenarios.
These revisions will have major implications for financial inclusion efforts, and the financial inclusion community has a role to play in actively participating, identifying areas where revisions could go further, and advocating for an implementation that prioritizes inclusion alongside risk management.
These revisions will have major implications for financial inclusion efforts, and the financial inclusion community has a role to play in actively participating, identifying areas where revisions could go further, and advocating for an implementation that prioritizes inclusion alongside risk management.
Regulators called on to encourage simplified measures
By revising R.1, the FATF aims to promote the full implementation of a risk-based approach encouraging AML/CFT measures that are proportionate to both high- and low-risk situations. While the FATF has always been clear that countries and regulated institutions must employ enhanced due diligence measures where higher risks are identified, its language relating to lower risks has been weaker. Currently, R.1 merely acknowledges that “countries may decide to allow simplified measures” in lower money laundering and terrorist financing (ML/FT) risk scenarios. Consequently, many countries have opted not to permit simplified due diligence in these cases, leading regulated institutions to implement overdesigned and excessive compliance measures.
FATF is therefore proposing to replace the “may decide” language with a clear requirement that “countries should allow and encourage simplified measures.” This revision will compel countries to create a regulatory environment where financial institutions can simplify due diligence measures to lower-risk individuals and small businesses. This will enable them to access financial services without facing excessive compliance hurdles. In turn, this has the potential to foster more inclusive financial ecosystems that better accommodate the needs of low-income consumers.
While the new language is welcome, it’s worth considering whether the proposal goes far enough. For higher-risk situations, FATF uses more forceful language, requiring countries to “ensure that their AML/CFT/CPF regime adequately addresses such risks.” Moreover, for measures responding to lower proliferation financing risks, R.1 requires countries to “ensure that the measures applied are commensurate with the level of proliferation financing risk.” Expanding the use of “ensure” to cover all risk levels – including lower ML/FT risks – would send a more definitive message to countries and providers about applying proportionate measures in lower-risk scenarios.
Encouraging proportionality and flexibility
Another proposed change in R.1 would replace the use of “commensurate” with “proportionate.” “Commensurate” is currently used to describe the relationship between the identified risks and appropriate risk mitigation measures to be adopted. Seemingly synonymous with “commensurate”, “proportionate” is more familiar language to AML/CFT/CPF regulators in the risk-based context and is meant to be read as appropriately corresponding to the level of identified risk and effectively mitigating the risks. This clarification may help prevent excessive or misaligned controls that may exclude lower-risk customers.
In principle, proportionate approaches to AML/CFT requirements better align with financial inclusion goals, enabling regulators and providers to focus resources on areas with higher risk while providing accessible, low-friction services to those with lower risks. Whether the proposed language will have that effect in practice will depend on how regulators interpret the requirement that the measures, even though simplified, must still effectively mitigate the risks. Regulators that aim for a high level of effectiveness might prefer a very limited application of simplified due diligence measures.
Supervisors to identify and address over-compliance
Currently, financial regulatory and supervisory agencies in many low and middle-income countries are concerned that simplifications or exemptions at a national or institutional level may not be condoned by the FATF assessors. Therefore, some AML/CFT/CPF supervisors tend to be overly strict when evaluating how providers implement risk-based approaches. The proposed revisions introduce an additional essential directive for supervisors, requiring them to “review and take into account the risk mitigation measures undertaken by financial institutions.” This proposal is intended to ensure that proportionate, risk-based measures are designed and implemented by regulated institutions.
A closer supervisory review of risk mitigation measures may reduce over-compliance—a situation where financial institutions overestimate risks or adopt risk mitigation measures that are too strict, often due to a lack of capacity or fears of regulatory penalties. Over-compliance by providers can be detrimental to inclusion, as it tends to increase the cost of services and impose higher barriers to entry for low-income individuals and small enterprises who may struggle to meet stringent requirements. Whether this revision will have the intended effect will also depend on the supervisor’s interpretation of the requirement that simplified measures must still effectively mitigate the identified risks.
Adjusting the risk levels of remote engagements
With the rapid growth of digital identity systems and remote financial services, the FATF recognized the need to reassess the riskiness of such remote transactions. Thanks to advancements in digital ID technology, remote customer verification is often as reliable as in-person processes. Since 2003, however, the FATF has classified non-face-to-face business relationships as potentially higher risk. Now, it’s proposing that these transactions should only be viewed as a potentially higher risk situation if “appropriate risk mitigation measures” are not in place. This proposal aligns closer with the FATF’s 2020 Digital ID Guidance, which notes that non-face-to-face customer identification and transactions employing reliable digital ID systems with appropriate risk mitigation measures may even present a lower risk.
By updating its risk classification of remote engagements, the FATF is signaling its support for innovations in the financial sector that broaden access to secure, regulated financial services. The revision will support the use of digital verification methods to facilitate access to financial services for populations in remote or underserved areas where in-person interactions may be impractical, costly, or too difficult.
Encouraging application of low-risk exemption
The FATF standards allow countries to exempt particular types of regulated institutions from some AML/CFT/CPF due diligence requirements “provided there is a proven low risk” of ML/FT/PF.
“Proven” is viewed as a higher bar that requires more than an appropriate risk assessment. Many countries, therefore, refrain from applying the exemption. The FATF is now proposing to replace “proven risk” with “assessed risk.” This revision will clarify that countries may use their national risk assessments to lighten the compliance burden of low-risk institutions, including those serving lower-risk customers.
What can the financial inclusion community do?
Revisions to the FATF standards have the potential to significantly benefit the global landscape of financial inclusion. What is the role of the financial inclusion community in ensuring this becomes a reality?
Here’s what those in the financial inclusion community can do:
- Participate in the consultation process: The proposed revisions will need to be adopted by the FATF members and sending them a strong signal that the financial inclusion community supports the changes will help.
- Read the proposed revisions: Familiarize yourself with the details of the FATF’s proposed changes to Recommendation 1.
- Engage in dialogue: Discuss the proposed changes within your networks and encourage other stakeholders to participate. Collective engagement is key to refining these standards and ensuring that they are globally impactful.
- Submit feedback: The FATF welcomes written comments on the proposed revisions by December 6, 2024. Inclusion experts should not be shy to point out the limited scope of revisions and the areas where the changes may fall short of expectations.
- Contact CGAP: If you have any questions related to the revisions to discuss, reach out to us at CGAP. We are here to support and welcome further discussions.