FATF ¦ IO5 Legal Per­sons and Ar­range­ments

Immediate Outcome 5: Strengthening Transparency of Legal Persons and Arrangements to Counter Financial Crime

Immediate Outcome 5 targets a foundational vulnerability in anti-money laundering and counter-terrorist financing (AML/CFT) regimes: the misuse of legal persons and legal arrangements — such as companies, trusts, foundations and nominee structures — as vehicles to hide illicit proceeds or to obscure control. The Financial Action Task Force (FATF) frames this risk area around ensuring that basic and beneficial ownership information is accessible to competent authorities without impediments. When countries fail to identify, assess and mitigate these risks, criminal actors exploit opacity to layer and integrate illicit funds, shield illicit ownership, and frustrate investigations. Effective implementation of Immediate Outcome 5 reduces the attractiveness of corporate and fiduciary structures to criminals by making them less effective as tools of concealment.

How countries should identify and assess the risks

An effective approach begins with a clear, documented understanding of which types and forms of legal persons and arrangements exist in the jurisdiction, how frequently they are created, and whether their use is increasing in complexity. This includes assessing domestic entities and foreign-created entities with sufficient links to the country. Authorities should examine the roles played by gatekeepers — company formation agents, trust and company service providers, lawyers, accountants and other advisers — and the prevalence and functioning of trustees, nominee directors and nominee shareholders.

Risk assessments, typologies and case studies are critical:

• they provide concrete evidence of how legal entities and arrangements have been used in money laundering (ML) or terrorist financing (TF);
• identify recurring methods (for example misuse of bearer shares, nominee arrangements, or complex cross‑border structures); and
• help prioritise regulatory and supervisory actions.

Key measures to prevent misuse

Risk-informed measures to prevent misuse must be proportionate, targeted and regularly updated as risks evolve.

Core measures include:

• ensuring sufficient transparency in ownership and control structures;
• prohibiting or restricting instruments that most readily obscure ownership (for example through strict controls or conversion requirements for bearer shares and bearer share warrants); and
• addressing risks posed by nominee directors and shareholders through registration, disclosure or licensing frameworks for service providers and gatekeepers.

Registries and alternative mechanisms for holding basic data — company registers, oversight of trust service providers, and obligations on gatekeepers to collect and verify beneficial ownership — are central to prevention. Where registries do not hold full beneficial ownership data, countries should maintain complementary mechanisms (regulatory reporting, supervisory databases, or mandatory disclosures to designated authorities) that allow authorities and obliged entities to obtain accurate information quickly.

Ensuring availability of adequate, accurate and timely information

Timely access to basic and beneficial ownership (BO) information is the operational heart of Immediate Outcome 5. Competent authorities must be able to obtain accurate, up‑to‑date basic information and BO data for all types of domestic legal persons and arrangements, and for foreign-created entities that pose ML/TF risks and have sufficient links with the country.

This requires:

• Clear legal obligations on legal persons, registries, trustees and service providers to collect and retain verified BO information, and to update it within defined timeframes when changes occur.
• Technical and administrative arrangements that make BO data readily accessible — either publicly, via controlled access mechanisms, or through efficient disclosure channels to competent authorities and obliged entities — so that law enforcement, supervisors and financial institutions can use the information without undue delay.
• Multi-source verification practices that use registries, tax and regulatory databases, financial institutions’ customer due diligence (CDD) records, and gatekeeper records to cross-check and corroborate BO information.

Particular attention should be given to trusts and similar arrangements: authorities must be able to obtain basic and BO information about the arrangement, the residence and identity of trustees and equivalents, and details of assets managed or held in relation to the trust. Where trustees or service providers are within the country, disclosure obligations and supervisory oversight should ensure that this information is kept current and accessible.

Bastian Schwind-Wagner _Follow

"Immediate Outcome 5 demands clear, enforceable rules that make ownership and control of legal persons and arrangements transparent. When registries, trustees and gatekeepers reliably collect and update beneficial ownership information, investigators and reporting entities can follow the money more quickly and effectively.

Sustainable implementation requires ongoing resources, robust supervision and international cooperation to address cross-border structures. Proportionate sanctions and regular risk assessments ensure the framework adapts to new typologies and remains a meaningful deterrent."

Addressing bearer instruments and nominee arrangements

Bearer shares, bearer share warrants, nominee shareholders and nominee directors present acute transparency challenges. Countries should prohibit or tightly regulate the issuance and transfer of bearer instruments, require immobilisation or conversion where these instruments exist, and ensure licensing and oversight regimes for nominees and company formation agents that reveal underlying beneficial owners. Documentation and supervisory checks demonstrating how frequently these features appear in investigations — and whether they have impeded access to BO data — help shape targeted reforms and enforcement priorities.

Facilitating access for financial institutions and DNFBPs

Immediate Outcome 5 is operationally linked to the obligations of financial institutions and designated non‑financial businesses and professions (DNFBPs) under related FATF Recommendations. FIs and DNFBPs must be able to obtain BO and control information as part of CDD processes. The jurisdiction must facilitate such access by ensuring that the necessary information is available through registries, public authorities, or designated mechanisms and by enabling disclosure by trustees and service providers. Effective information-sharing channels between registries, supervisors, law enforcement and reporting entities reduce delays and improve the quality of intelligence in investigations.

Supervision, sanctions and remediation

Transparency regimes require active supervision and credible sanctions to be effective. Supervisory authorities should monitor the accuracy and timeliness of BO information, test and verify registry data, assess gatekeeper compliance, and apply proportionate, dissuasive sanctions where obligations are breached. Case examples where sanctions and remedial actions led to measurable improvements are persuasive indicators of system effectiveness. Complementary measures — such as discrepancy reporting requirements, mandatory verification at point of registration, and public reporting on compliance — reinforce incentives to maintain accurate BO records.

International cooperation and cross-border risks

Because many legal arrangements and corporate structures are transnational, the ability of competent authorities to obtain and exchange information internationally is a key element of Immediate Outcome 5. Assessors should consider how readily a country responds to and fulfils incoming requests for basic and beneficial ownership information, the typical timeframes for responses, and the sources used to satisfy such requests. Where foreign entities present risks to the domestic system, a country’s risk assessment and mitigation measures should reflect the cross-border dimension and support international investigative cooperation.

Resourcing and sustainability

Sustained implementation requires that the relevant authorities — registries, supervisors, law enforcement and tax authorities — have adequate resources and technical capacity. Without sufficient staffing, IT systems, legal mandates and training, even robust statutory frameworks will not deliver timely, accurate BO information. Periodic reviews of capacity and the allocation of resources based on the assessed risks are necessary to maintain system performance.

Measuring effectiveness—what assessors look for

Assessment of Immediate Outcome 5 focuses on five core questions:

• whether the country understands its ML/TF risks related to legal persons and arrangements;
• whether measures are in place to prevent misuse (including dealing with bearer instruments and nominees);
• whether competent authorities can obtain BO information for legal persons in a timely manner;
• whether authorities can likewise access detailed information for trusts and similar arrangements; and
• whether effective, proportionate and dissuasive sanctions exist for non‑compliance.

Evidence includes documented risk assessments, statistics and typologies from investigations, registry practices and supervisory findings, examples of timely access to BO data in investigations, sanction records, and data on international cooperation outcomes.

Conclusion

Immediate Outcome 5 demands that jurisdictions remove obstacles to transparency and ensure that both the private sector and public authorities can obtain reliable ownership and control information quickly.

Achieving this requires a comprehensive, risk‑based framework:

• clear legal obligations on registries, trustees and gatekeepers;
• robust verification and multi-source approaches;
• targeted measures for high‑risk instruments and nominee arrangements;
• effective supervision and sanctions; and
• adequate resourcing.

When correctly implemented, Immediate Outcome 5 transforms legal persons and arrangements from tools of concealment into structures that are transparent and accountable — significantly reducing their value for money laundering and terrorist financing.

Dive deeper

• FATF ¦ The FATF Recommendations ¦ Link
• FATF ¦ Luxembourg’s measures to combat money laundering and terrorist financing ¦ Link