26 November 2025
FATF ¦ R.35 Sanctions
Recommendation 35: Accountability at the Top
Building a credible anti-money laundering and counter-terrorist financing (AML/CFT) framework requires more than well-written laws and policies. At its core lies the ability of a country to enforce those rules through sanctions that are effective, proportionate and dissuasive. Without meaningful consequences, even the most sophisticated regulatory framework risks becoming a mere paper exercise.
The Purpose and Scope of Sanctions
Sanctions in the AML/CFT context are designed to ensure that all relevant actors take their obligations seriously. These actors include both natural persons and legal persons who are subject to key international standards, particularly those set out in Recommendations 6 and 8 to 23 of the FATF framework. This scope covers a broad range of requirements, from targeted financial sanctions related to terrorism and proliferation financing, to customer due diligence, record-keeping, reporting of suspicious transactions and internal controls.
Importantly, sanctions are not limited to financial institutions. Designated Non-Financial Businesses and Professions (DNFBPs), such as casinos, lawyers, accountants, real estate agents and dealers in precious metals and stones, must also face meaningful consequences if they fail to comply with AML/CFT requirements. This reflects the reality that money laundering and terrorist financing risks exist well beyond the traditional banking sector.
Individual Accountability: Directors and Senior Management
A key element of an effective sanctions regime is the ability to hold individuals personally accountable. Sanctions should apply not only to institutions and other entities, but also to their directors and senior management. This personal exposure drives a culture of compliance at the top, ensuring that boards and executives cannot simply delegate responsibility and then claim ignorance when failures occur.
When directors and senior leaders know that they may face criminal, civil or administrative sanctions for serious compliance failures, they are more likely to invest adequately in systems, training and oversight. This shift from purely institutional to individual accountability has become a defining feature of modern AML/CFT enforcement.
Effective, Proportionate and Dissuasive Measures
For sanctions to be credible, they must balance three characteristics:
- Effective: Sanctions must be capable of achieving their intended objective, namely changing behaviour and ensuring compliance. Symbolic or rarely enforced penalties will not deter misconduct.
- Proportionate: The severity of sanctions should reflect the nature and seriousness of the violation. Overly harsh penalties for minor breaches can be counterproductive, while lenient treatment of serious violations undermines trust in the system.
- Dissuasive: Potential offenders must perceive the sanctions as sufficiently significant to outweigh any perceived benefit from non-compliance or criminal behaviour.
This triad ensures that sanctions are not merely punitive tools, but instruments that drive sustainable improvement in risk management and compliance culture.
Criminal, Civil and Administrative Options
Countries should maintain a broad toolkit of sanctions: criminal, civil and administrative. Each serves a distinct purpose:
- Criminal sanctions are reserved for the most serious and intentional violations, particularly where there is wilful blindness or active involvement in money laundering or terrorist financing.
- Civil sanctions can be used to address significant breaches that may not meet the criminal threshold but still require a strong response.
- Administrative sanctions allow regulators to respond quickly and flexibly to a wide range of compliance failures, for example through fines, license restrictions, remedial orders or fit-and-proper assessments.
Having this range of options allows authorities to tailor their response to the specific circumstances of each case, strengthening the overall effectiveness of the AML/CFT regime.
Conclusion
An AML/CFT framework without credible sanctions invites non-compliance. By ensuring that sanctions are effective, proportionate and dissuasive, and that they apply to institutions, DNFBPs and their leaders, countries can significantly enhance the integrity of their financial systems. In practice, the real test lies not just in the laws on the books, but in how consistently and transparently these sanctions are imposed.
FATF Ratings Overview
Luxembourg ¦ FATF Effectiveness & Technical Compliance Ratings
Anti-money laundering and counter-terrorist financing measures
Luxembourg Mutual Evaluation Report, September 2023
This assessment was adopted by the FATF at its June 2023 Plenary meeting and summarises the anti-money laundering and counter-terrorist financing (AML/CFT) measures in place in Luxembourg as at the date of the on-site visit: 2-18 November 2022.
Table 1. Effectiveness Ratings
Note: Effectiveness ratings can be either a High- HE, Substantial- SE, Moderate- ME, or Low – LE, level of effectiveness.
IO1 Risk, policy and coordination
Money laundering and terrorist financing risks are identified, assessed and understood, policies are co-operatively developed and, where appropriate, actions co-ordinated domestically to combat money laundering and the financing of terrorism.
Substantial
IO2 International cooperation
International co-operation delivers appropriate information, financial intelligence and evidence, and facilitates action against criminals and their property.
Substantial
IO3 Supervision
Supervisors appropriately supervise, monitor and regulate financial institutions and VASPs for compliance with AML/CFT requirements, and financial institutions and VASPs adequately apply AML/CFT preventive measures, and report suspicious transactions. The actions taken by supervisors, financial institutions and VASPs are commensurate with the risks.
Moderate
IO4 Preventive measures
Supervisors appropriately supervise, monitor and regulate DNFBPs for compliance with AML/CFT requirements, and DNFBPs adequately apply AML/CFT preventive measures commensurate with the risks, and report suspicious transactions.
Moderate
IO5 Legal persons and arrangements
Legal persons and arrangements are prevented from misuse for money laundering or terrorist financing, and information on their beneficial ownership is available to competent authorities without impediments.
Substantial
IO6 Financial intelligence
Financial intelligence and all other relevant information are appropriately used by competent authorities for money laundering and terrorist financing investigations.
Substantial
IO7 ML investigation & prosecution
Money laundering offences and activities are investigated, and offenders are prosecuted and subject to effective, proportionate and dissuasive sanctions.
Moderate
IO8 Confiscation
Asset recovery processes lead to confiscation and permanent deprivation of criminal property and property of corresponding value.
Moderate
IO9 TF investigation & prosecution
Terrorist financing offences and activities are investigated and persons who finance terrorism are prosecuted and subject to effective, proportionate and dissuasive sanctions.
Substantial
IO10 TF preventive measures & financial sanctions
Terrorists, terrorist organisations and terrorist financiers are prevented from raising, moving and using funds.
Moderate
IO11 PF financial sanctions
Persons and entities involved in the proliferation of weapons of mass destruction are prevented from raising, moving and using funds, consistent with the relevant UNSCRs.
Moderate
Table 2. Technical Compliance Ratings
Note: Technical compliance ratings can be either a C – compliant, LC – largely compliant, PC – partially compliant or NC – non compliant.
R.1 Assessing Risks and applying a Risk-Based Approach
C – compliant
R.2 National Co-operation and Co-ordination
C – compliant
R.3 Money laundering offence
C – compliant
R.4 Confiscation and provisional measures
LC – largely compliant
R.5 Terrorist financing offence
C – compliant
R.6 Targeted financial sanctions related to terrorism and terrorist financing
LC – largely compliant
R.7 Targeted financial sanctions related to proliferation
LC – largely compliant
R.8 Non-profit organisations
PC – partially compliant
R.9 Financial institution secrecy laws
C – compliant
R.10 Customer due diligence
C – compliant
R.11 Record-keeping
C – compliant
R.12 Politically exposed persons
C – compliant
R.13 Correspondent banking
C – compliant
R.14 Money or value transfer services (MVTS)
C – compliant
R.15 New technologies
LC – largely compliant
R.16 Payment transparency
C – compliant
R.17 Reliance on third parties
C – compliant
R.19 Higher-risk countries
C – compliant
R.20 Reporting of suspicious transactions
C – compliant
R.21 Tipping-off and confidentiality
C – compliant
R.22 DNFBPs: Customer due diligence
C – compliant
R.23 DNFBPs: Other measures
C – compliant
R.24 Transparency and beneficial ownership of legal persons
LC – largely compliant
R.27 Powers of supervisors
C – compliant
R.28 Regulation and supervision of DNFBPs
C – compliant
R.29 Financial intelligence units
C – compliant
R.30 Responsibilities of law enforcement and investigative authorities
LC – largely compliant
R.32 Cash Couriers
LC – largely compliant
R.33 Statistics
LC – largely compliant
R.34 Guidance and feedback
C – compliant
R.35 Sanctions
LC – largely compliant
R.36 International instruments
LC – largely compliant
R.37 Mutual legal assistance
C – compliant
R.38 Mutual legal assistance: freezing and confiscation
C – compliant
R.39 Extradition
C – compliant
R.40 Other forms of international co-operation
LC – largely compliant
Dive deeper
EU Sanctions Helpdesk
The EU Sanctions Helpdesk platform supports European operators in complying with European Union restrictive measures (also known as sanctions) imposed worldwide.
Aimed primarily at Small and Medium-sized Enterprises (SMEs), the Helpdesk offers resources and personalised help to companies performing sanctions due diligence checks.
What else?
