Meeting FATF Recommendations by 2024 in any business

Document with FATF recommendations


    icon newsletter
    Get the latest news right in your inbox

    The FATF recommendations, or GAFI, are required in much of the world to act against money laundering and illegal practices in the context of financial transactions and movements. It is very important to understand the role that these 40 recommendations play in the economy and in all companies in the financial sector and its related areas.

    This intergovernmental body, which has been in operation since 1989, has created and established a series of compliance standards and laws that actively act to combat money laundering, terrorist financing and other major risks that can threaten the international financial system.

    Although it may seem that only large companies, corporations and institutions are subject to the international standards defined by the FATF recommendations, every business and organization, no matter how small, must take into account these 40 key points.

    What is FATF - GAFI?

    FATF is the acronym used to refer to the Financial Action Task Force. Similarly, FATF is the acronym for the Financial Action Task Force. We can consider it the most authoritative international organization in the prevention and fight against money laundering.

    The FATF was created and promoted by the Ministries and jurisdictional bodies of the member states, which were initially those of the G8 but which currently extend to 39 jurisdictions and two international member organizations (European Commission and the Cooperation Council for the Arab States).

    Both the World Bank and the International Monetary Fund are participating members of the institution. It is important to note that the FATF acts as an ally of other international organizations that have the same purpose such as the Latin American Financial Action Task Force (GAFILAT), the Committee of Experts on Evaluation of Anti-Money Laundering Measures (MONEYVAL) or the APG (Asia/Pacific Group on Money Laundering).

    The FATF's objectives are not only focused on policy formulation but also on active operations to prevent illegal activities, organized crime, corruption and the damage they cause to society.

    The body monitors states for real and effective implementation of the current 40 recommendations and makes constant demands to those that are not complying with them, either by passive action of their governments by not transposing the FATF recommendations into their local regulations in an effective manner or to companies that are not complying with the standards of countries that have done their job well.

    What are the FATF recommendations for 2023?

    The FATF recommendations are 40 points that establish compliance measures for the public and private sector, as well as for users and citizens, to combat money laundering and the illegal and harmful activities that originate from it.

    The risks associated with fraud and illegal activities are a crucial detriment to both companies and customers, preventing economic growth and causing economic losses on both sides and penalties for companies.

    These 40 FATF recommendations can be consulted in full on the official FATF website. The current version, with its 40 basic recommendations, was approved in 2012. However, in 2023, the FATF recommendations were modified during the month of March to adapt them to the needs of today's economy and organizations.

    Among these recent modifications, those aimed at remote and online (virtual) operations of companies obliged to establish exhaustive anti-fraud controls in their processes of new clients onboarding or opening of new accounts and transactions stand out.

    While all 40 recommendations should be carefully considered and procedures established to comply with all of them, in this article we want to highlight three in particular that we believe are more relevant today than ever and, if properly understood, can help to comply with the rest by transforming the operations of the affected companies in a more agile way:

    • The records to comply with AML standards are found in recommendation 11. It makes a proposal on how to keep them, store them securely and carry out operations related to customers under minimum standards.
    • In the previous recommendation, recommendation 10, we find ways to establish frameworks of trust to operate with customers and the prior controls to be carried out before giving them access to the company's products and services. Here, Know Your Customer (KYC) stands out as one of the most agile and effective procedures for complying with this recommendation.
    • One recommendation is particularly cross-cutting. Number 15 deals with how technology, digital platforms and IT tools integrated into companies' systems and operations can combat money laundering with absolute effectiveness. This recommendation indicates what digital processes should look like and how to offer products and services remotely in an appropriate manner. In addition, it defines exactly the technical and regulatory standards that must be followed by the technological solutions that make this possible for companies.

    Are the FATF recommendations mandatory?

    Yes, they are. Compliance with the FATF Recommendations is a legal imperative. If your business operates in any of the 39 markets that adhered to the FATF standards, it is obliged to comply with its 40 points since the national legislations of these states have already included them and are ensuring their compliance.

    However, it is not only these 39 countries that sanction companies that have not adapted their processes to these international standards. As we have seen, there are 9 other international organizations attached to FATF/GAFI that ensure compliance with AML (Anti-Money Laundering) regulations. In total, more than 200 jurisdictions around the world apply measures against companies that do not carry out this type of control.

    This is the case, for example, in Mexico, Andorra, Monaco or the Czech Republic. For this reason, we must carefully monitor the AML regulations of the markets in which we operate. In any case, complying with the FATF recommendations is synonymous with a quality risk management and fraud prevention strategy, helping the growth and smooth running of any business. We should not consider not complying with them in any case.

    Companies and sectors affected by FATF Standards

    The FATF recommendations affect any natural or legal person in all the territories and jurisdictions detailed above. However, there are a number of areas and types of activity that, due to their dynamics and operations, are fully affected and are exposed to a more exhaustive control by the body in question and by the authorities of the member states. The industries most impacted by the FATF are:

    Some of the recommendations even specifically address companies, indicating good practices to be followed when operating.

    How to easily comply with FATF recommendations

    The FATF has launched a complete methodology for the analysis and evaluation of companies' compliance with its standards. This methodology establishes an evaluation process carried out by the organization itself on companies and states, although companies can voluntarily carry it out on their own initiative to identify weak points and adapt their processes to comply.

    Financial and compliance departments are using the tools created and implemented by RegTech partners to comply with FATF standards and recommendations by 2023.

    In this year and next 2023, we will see how not only leaders will make use of technology and digital platforms in SaaS format to comply not only with FATF standards but also with any regulation in all sectors. From micro-enterprises to SMEs are already integrating money-laundering prevention systems in days and under a pay-per-use model without having to resort to costly and time-consuming processes of process adaptation.

    Meet the most stringent regulations with automated RegTech technology

    Newsletter icon

    Get the latest news right in your inbox


    Trust, identity and automation services

    Tecalis creates disruptive digital product to make the most innovative companies grow and evolve. We drive growth and digital transformation processes to bring the future to businesses today.

    KYC (Know Your Customer) Video Identity Verification, Digital Onboarding and Authentication (MFA/2FA) solutions and services enable our customers to provide their users with an agile and secure experience.

    Our RPA (Robot Process Automation) software enables the creation of sustainable, scalable, productive and efficient business models through BPM (Business Process Management), allowing unlimited growth.


    Advanced and Qualified Electronic Signature and Certified Communication services (Electronic Burofax) allow customer acquisition, contracting and acceptance processes that used to take days or weeks to be completed and approved in minutes or seconds.

    Customer Onboarding (eKYC), Digital Signature (eSignature) services and Automated Fraud Prevention are making it possible for companies to operate online and without borders.


    As an EU-certified Trust Services Provider and an established RegTech partner, we help organizations comply with the most demanding regulatory standards in their sector and region, including AML (Anti-Money Laundering), eIDAS (Electronic IDentification, Authentication and etrust Services), GDPR (General Data Protection Regulation), SCA (Strong Customer Authentication) or PSD2 (Payment Services Directive) regulations thanks to Tecalis Anti-Fraud Controls and Document Verification.