05 March 2025

AED ¦ Circulaire N° 768-32

FATF February 2025 Update – What Financial Crime Practitioners Need to Know

The Financial Action Task Force (FATF) plenary in February 2025 produced a set of declarations and calls to action that carry immediate implications for compliance teams, financial institutions and regulators. The latest communiqué highlights jurisdictions with substantial strategic deficiencies in anti–money laundering and countering the financing of terrorism (AML/CFT), renews calls for counter‑measures against the Democratic People’s Republic of Korea (DPRK) and Iran, and reiterates expectations for enhanced vigilance with respect to a broader list of higher‑risk countries. This article summarizes the key points of the FATF statement, explains the operational implications for firms, and sets out practical next steps compliance officers should adopt now.

FATF’s central findings and targeted calls to action

The February 2025 FATF outcomes focus on three tracks: jurisdictions warranting counter‑measures, jurisdictions requiring proportionate enhanced vigilance, and jurisdictions under continued monitoring for remediation of strategic deficiencies.

The most urgent directives concern the DPRK and Iran. FATF reaffirmed longstanding concerns about the DPRK’s persistent inability to address serious AML/CFT weaknesses, compounded by illicit activities linked to proliferation financing. Members are urged to implement counter‑measures to protect their financial systems, including ending correspondent banking relationships with DPRK banks, closing DPRK bank branches and subsidiaries, and limiting business relationships and transactions with DPRK nationals and entities. The communiqué warns that the DPRK has increased connectivity with the international financial system, raising heightened proliferation financing risks and requiring renewed, reinforced counter‑measures and vigilance.

On Iran, FATF recalled past engagement and the expiration of its action plan in 2019, noting the plan was not completed. Given Iran’s failure to adopt key international conventions and finish its remedial measures, FATF has lifted the earlier suspension of counter‑measures and calls for effective counter‑measures in line with Recommendation 19. Members should continue to treat Iranian business relationships and transactions as higher risk, apply strengthened customer due diligence and monitoring, and maintain enhanced suspicious activity reporting to their financial intelligence units.

Bastian Schwind-Wagner _Follow

"The FATF February 2025 plenary underscores urgent AML/CFT risks from the DPRK and Iran and calls for strengthened counter‑measures and enhanced vigilance across several jurisdictions. Financial institutions must reassess exposures, update screening and monitoring, and prioritize robust suspicious activity reporting to protect the integrity of the financial system.

Compliance teams should document all risk‑based decisions, implement proportionate enhanced due diligence for high‑risk relationships, and prepare for intensified supervisory scrutiny. Clear internal communication, frequent transaction reviews, and timely escalation will be essential to meet FATF expectations and reduce the risk of illicit finance."

Jurisdictions requiring proportionate enhanced vigilance

FATF also identified jurisdictions whose AML/CFT regimes present substantial strategic deficiencies and called for proportionate, risk‑based enhanced vigilance.

Myanmar remains a primary example – despite commitments in 2020, insufficient progress has led FATF to require members to apply stronger controls and monitoring proportionate to the risks emanating from Myanmar; further escalation of measures was flagged if no additional progress occurred by October 2024. Financial institutions should therefore pay special attention to business relationships and transactions involving persons and entities from Myanmar, increasing the frequency and depth of transaction reviews and collecting information on the purpose and expected activity underpinning transactions.

Wider list of jurisdictions under ongoing remediation

FATF’s communiqué lists numerous other jurisdictions that have developed action plans with the FATF but still present unsatisfactory AML/CFT frameworks. These include South Africa, Algeria, Angola, Bulgaria, Burkina Faso, Cameroon, Côte d’Ivoire, Democratic Republic of Congo, Croatia, Haiti, Kenya, Lao People’s Democratic Republic, Lebanon, Mali, Monaco, Mozambique, Namibia, Nepal, Nigeria, South Sudan, Syria, Tanzania, Venezuela, Vietnam, and Yemen.

Since February 2025, Laos and Nepal were newly identified as jurisdictions with strategic deficiencies. Financial institutions should consider the FATF’s findings when assessing risks related to customers, correspondents and transactions involving these countries and apply enhanced due diligence and monitoring where appropriate.

Operational implications for compliance programs

The FATF declarations require immediate and practical adjustments to AML/CFT programs.

Jurisdictions subject to counter‑measures – principally the DPRK and potentially Iran depending on domestic implementation choices – should be treated as exceptionally high risk. Firms must review existing correspondent and transactional exposures, terminate prohibited relationships where required, and implement prohibitions such as closure of DPRK bank branches or subsidiaries in host jurisdictions.
Enhanced customer due diligence is required for relationships with persons, entities and financial institutions from the named jurisdictions. This includes obtaining additional identity and ownership information, enhancing source‑of‑fund and source‑of‑wealth checks, applying closer transaction monitoring and increasing the frequency of periodic reviews.
Transaction screening and sanctions compliance need to be recalibrated. Screening rules should be updated to reflect the FATF lists, including flags for jurisdictions under call‑for‑action status, and transaction monitoring scenarios should be adjusted to capture proliferation‑related indicators and other high‑risk typologies referenced by FATF.
Suspicious activity reporting should be amplified – both in quantity and in quality. FATF specifically urges maintaining strengthened reporting mechanisms to financial intelligence units; institutions must ensure their filing teams and front line staff are trained to escalate transactions involving the DPRK, Iran and other listed jurisdictions.

Practical next steps for compliance officers

Begin with a rapid exposure assessment – map all customer, correspondent banking, branch and subsidiary relationships touching the DPRK, Iran, Myanmar and other highlighted jurisdictions. Update internal lists and transaction‑monitoring rules to reflect the February 2025 FATF guidance. Where counter‑measures are prescribed, implement mandatory actions promptly and document the legal and business rationale for any risk‑based decisions. For higher‑risk relationships that remain permitted, apply enhanced due diligence, increase monitoring frequency, require senior approvals for onboarding and continuance, and ensure ongoing screening for proliferation‑related activity. Strengthen suspicious activity reporting workflows and coordinate with the national financial intelligence unit and supervisors when suspicious transactions involve flagged jurisdictions. Finally, communicate the changes across the firm – operations, relationship managers, sanctions and transaction monitoring teams – and refresh training to ensure staff recognize the heightened risks and reporting expectations.

Supervisory and regulatory actions to anticipate

Regulators and supervisors will likely intensify examinations and expect clear documentary evidence of how firms have incorporated the FATF guidance into policies, procedures and controls. Firms should be prepared to demonstrate risk assessments, decision logs for terminating or restricting relationships, enhanced due diligence file evidence and amended transaction monitoring parameters. Where cross‑border branches or subsidiaries are involved, group governance must ensure consistent application of enhanced measures and adequate audits, including external group‑level reviews where FATF has called for that in past statements.

Conclusion

The FATF February 2025 declarations reinforce the global imperative for robust AML/CFT frameworks and immediate, tangible protections against proliferation financing and terrorism financing risks. The DPRK and Iran remain at the top of the risk agenda, with Myanmar and a broader set of jurisdictions requiring proportionate, enhanced vigilance. Compliance teams must move quickly to reassess exposures, tighten onboarding and monitoring, update screening and reporting processes, and prepare for heightened supervisory scrutiny. Documented, proportionate actions and clear escalation channels will be crucial to meeting the FATF expectations and protecting financial systems from the risks identified in the plenary outcome.

The information in this article is of a general nature and is provided for informational purposes only. If you need legal advice for your individual situation, you should seek the advice of a qualified lawyer.

Did you find any mistakes? Would you like to provide feedback? If so, please contact us!

Dive deeper

AED ¦ Circulaires ¦ Link

« IEP ¦ Global Terrorism Index 2025 - Measuring the Impact of Terrorism

FATF ¦ Detecting, Disrupting and Investigating Online Child Sexual Exploitation »

Bastian Schwind-Wagner _Follow Bastian is a recognized expert in anti-money laundering (AML), countering the financing of terrorism (CFT), compliance, data protection, risk management, and whistleblowing. He has worked for fund management companies for more than 24 years, where he has held senior positions in these areas.