18 November 2025

FATF ¦ R.13 Correspondent Banking

Recommendation 13: Strengthening Controls to Combat Financial Crime

Correspondent banking is the backbone of international finance, enabling cross-border settlements, trade, and liquidity. But it also presents elevated exposure to money laundering and terrorist financing. When one institution (the correspondent) provides services to another (the respondent), risk can propagate across jurisdictions, regulatory regimes, and customer bases. To mitigate this, financial institutions must go beyond standard customer due diligence and apply robust, relationship-specific controls.

What Robust Due Diligence Looks Like in Practice

A strong correspondent banking framework starts with comprehensive knowledge of the respondent institution. Financial institutions should gather sufficient information to fully understand the respondent’s business model, product suite, geographic footprint, and risk profile. This means verifying the institution’s reputation using public sources — such as regulatory publications, sanctions lists, enforcement actions, and credible media — and evaluating the quality of its supervision. It is essential to determine whether the respondent has been subject to investigations or regulatory action related to money laundering or terrorist financing.

Risk assessment must extend to the respondent’s AML/CFT program, focusing on governance, independent testing, transaction monitoring, screening, customer due diligence practices, and the effectiveness of suspicious activity reporting. This assessment should be anchored in documented evidence — policies and procedures, program audits, board oversight materials, and regulator feedback — rather than assurances alone.

Senior management involvement is non-negotiable. Institutions should require formal approval at the executive level before establishing new correspondent relationships. This governance step ensures accountability for risk appetite decisions and evidences informed consideration of cross-border risk factors.

Clear delineation of responsibilities between the correspondent and respondent institutions is vital. Both parties must document who does what across onboarding, screening, monitoring, information sharing, and escalation. This reduces ambiguity, prevents control gaps, and facilitates timely responses to requests for customer due diligence or transaction information.

Bastian Schwind-Wagner _Follow

"Financial institutions face heightened exposure in correspondent banking, making rigorous due diligence essential. Clear responsibilities, senior approval, and verified AML/CFT controls reduce blind spots and strengthen defenses.

Payable-through accounts and shell banks present outsized risks that demand firm guardrails. Consistent standards across banking and securities relationships help safeguard cross-border integrity and regulatory compliance."

Payable‑Through Accounts: A High-Risk Channel Requiring Tighter Controls

Payable-through accounts — correspondent accounts used directly by third parties to transact for themselves — amplify risk. Before permitting such arrangements, the correspondent must be satisfied that the respondent has conducted customer due diligence on the direct-access customers and can provide relevant CDD information promptly upon request. Without assured transparency and data access, monitoring becomes ineffective and the risk of abuse increases. If those assurances are not credible or cannot be operationalized, payable-through access should not be allowed.

Zero Tolerance for Shell Banks

Entering into or maintaining relationships with shell banks is prohibited. A shell bank lacks a physical presence and substantive mind-and-management, making it inherently opaque and vulnerable to misuse. Financial institutions must also ensure that their respondents do not allow shell banks to use their accounts indirectly. This requires proactive checks, covenant-like undertakings in contracts, and ongoing surveillance to detect and prevent nested relationships with shell entities.

Extending These Standards Beyond Banking

The same criteria apply to similar cross-border financial relationships, such as those established for securities transactions or funds transfers, whether the financial institution is acting as principal or on behalf of its customers. The core risks — third-party dependence, jurisdictional fragmentation, and information asymmetry — are present across these channels, so consistent controls are necessary.

Operationalizing the Controls: From Policy to Execution

Policies should mandate (enhanced) due diligence for all new and existing correspondent relationships, with risk ratings driving depth and frequency of reviews. Contracts should embed rights to information, audit, and termination if controls degrade. Monitoring should include behavior-based analytics tailored to correspondent traffic — nested payments, unusual routing patterns, and bursts of activity inconsistent with profile. Escalation protocols must support rapid information requests and timely filing of suspicious activity reports.

Governance and reporting to senior management and the board should cover the inventory of correspondent relationships, risk ratings, material issues, remediation status, testing results, and regulatory developments. Institutions should align their approach with global standards and local regulatory expectations, ensuring that variations in jurisdiction do not dilute control effectiveness.

Conclusion: Raising the Bar for Cross‑Border Integrity

Correspondent banking is indispensable but vulnerable. The measures outlined — thorough respondent understanding, AML/CFT assessment, senior approval, clear allocation of responsibilities, strict control of payable-through accounts, and categorical exclusion of shell banks — form a practical and defensible framework. Applying these standards consistently across analogous financial relationships helps protect the system from abuse, supports regulatory compliance, and preserves trust in cross-border finance.

FATF Ratings Overview

Luxembourg ¦ FATF Effectiveness & Technical Compliance Ratings

Anti-money laundering and counter-terrorist financing measures

Luxembourg Mutual Evaluation Report, September 2023

This assessment was adopted by the FATF at its June 2023 Plenary meeting and summarises the anti-money laundering and counter-terrorist financing (AML/CFT) measures in place in Luxembourg as at the date of the on-site visit: 2-18 November 2022.

The information in this article is of a general nature and is provided for informational purposes only. If you need legal advice for your individual situation, you should seek the advice of a qualified lawyer.

Did you find any mistakes? Would you like to provide feedback? If so, please contact us!

Dive deeper

FATF ¦ The FATF Recommendations ¦ Link
FATF ¦ Luxembourg’s measures to combat money laundering and terrorist financing ¦ Link

« FATF ¦ R.12 Politically Exposed Persons

FATF ¦ R.14 Money or Value Transfer Services (MVTS) »

Bastian Schwind-Wagner _Follow Bastian is a recognized expert in anti-money laundering (AML), countering the financing of terrorism (CFT), compliance, data protection, risk management, and whistleblowing. He has worked for fund management companies for more than 24 years, where he has held senior positions in these areas.

FATF ¦ R.13 Cor­res­pon­dent Bank­ing