What is FATF?

The Financial Action Task Force (FATF) is the global body that sets the international standards for tackling money laundering (ML), terrorist financing (TF) and proliferation financing (PF). 

It doesn’t regulate individual firms and it doesn’t supervise businesses directly. Instead, it shapes how countries design their AML frameworks and how risk is identified and managed worldwide.

For UK accountants, lawyers and property professionals, FATF sits quietly in the background of everyday compliance. Its standards influence the UK’s AML regulations, its National Risk Assessment for Money Laundering and Terrorist Financing (NRA), and the way supervisors expect you to take a risk-based approach in practice.

What FATF does in practice

FATF’s core role is to develop and maintain a set of international anti-money laundering (AML), counter-terrorist financing (CTF) and counter-proliferation financing (CPF) standards, known as the FATF Recommendations. 

These Recommendations set out what countries should have in place to protect the financial system from abuse. They cover areas such as:

• Customer due diligence and beneficial ownership
• Risk-based supervision of regulated sectors
• Suspicious activity reporting and information sharing
• Sanctions, TF and PF controls

FATF doesn’t enforce these standards itself. Each country is responsible for implementing them through domestic law, regulation and supervision. In the UK, that happens through legislation such as the Money Laundering Regulations 2017(as amended) (MLRs), supported by sector guidance and supervisory oversight.

How FATF influences UK AML law

UK AML law is deliberately aligned with FATF standards. When FATF updates its Recommendations or highlights emerging risks, those findings feed into UK policy decisions and regulatory expectations.

This influence shows up in several places:

• The structure and wording of the MLRs
• The UK’s NRA
• Supervisory focus on risk-based decision-making rather than checklist compliance

When supervisors talk about proportionality, enhanced due diligence or higher-risk relationships, that thinking can usually be traced back to FATF principles.

How the risk-based approach appears in UK law

The UK adopts FATF’s standards through domestic legislation and guidance. The Money Laundering Regulations 2017 (as amended) (MLRs) embed the risk-based approach throughout the framework.

Regulation 18 requires every regulated business to carry out a business-wide risk assessment. This assessment must consider the nature of the business, its clients, the services it provides and the geographic areas it operates in.

That firm-level understanding of risk then feeds into:

• customer due diligence decisions;
• whether enhanced due diligence is required;
• how often clients are reviewed; and
• how ongoing monitoring is carried out in practice.

UK law doesn’t prescribe a single way to do this. Instead, it expects firms to demonstrate that their approach is informed by risk and proportionate to it, reflecting FATF’s principles.

FATF risk assessments and country lists

One of FATF’s most visible outputs is its assessment of countries’ AML, CTF and CPF frameworks.

FATF carries out mutual evaluations, which assess how effectively a country applies the international standards. Where weaknesses are identified, jurisdictions may be placed under increased monitoring or, in the most serious cases, subject to a call for action.

These outcomes are:

• The Grey List, for jurisdictions under increased monitoring
• The Black List, for high-risk jurisdictions subject to a call for action

For UK regulated professionals, these lists matter because they directly inform how jurisdictional risk is treated under the MLRs. Connections to jurisdictions identified by FATF usually trigger enhanced due diligence and closer scrutiny.

Why FATF matters to regulated professionals

FATF can feel distant from day-to-day client work, but its influence is practical rather than abstract.

When you’re asked to assess higher-risk clients, consider complex ownership structures or apply enhanced due diligence, you’re responding to risks that FATF has consistently highlighted at a global level.

FATF’s work explains why regulators focus on issues such as:

• transparency of beneficial ownership;
• misuse of corporate structures and trusts;
• cross-border transactions and overseas entities; and
• links to high-risk jurisdictions and sanctions evasion.

From a supervisory perspective, firms are expected to understand these risks, reflect them in their business-wide risk assessment and apply proportionate controls.

FATF and the risk-based approach

A central FATF principle is the risk-based approach. This means resources should be focused where risk is highest, rather than applying the same checks to every client regardless of context.

In practice, this approach expects you to:

• identify where your business is exposed to higher ML, TF or PF risk;
• understand why those risks exist;
• apply enhanced measures where risk justifies it; and
• document how and why decisions were made.

This is why, during an AML inspection, supervisors look at whether your reasoning makes sense in context.

FATF, proliferation financing and emerging risks

In recent years, FATF has placed increasing emphasis on proliferation financing, which relates to the funding of weapons of mass destruction.

This focus has influenced UK expectations around sanctions screening, export controls and high-risk jurisdictions. For firms with international clients, complex supply chains or overseas payments, this has expanded the scope of what “financial crime risk” looks like in practice.

It’s also one reason why AML obligations now explicitly reference ML, TF and PF together, rather than treating money laundering in isolation.

How FATF expectations show up in inspections

During AML reviews, supervisors don’t usually reference FATF directly. But its influence is visible in what they test. Common themes include:

• whether your risk assessments reflect known global risks;
• how you’ve identified and mitigated jurisdictional exposure;
• whether enhanced due diligence is genuinely risk-led; and
• how well your policies align with real-world threats.

Firms that understand the bigger picture tend to find it easier to explain their approach and justify their decisions.

Final thoughts

FATF sets the direction of travel for global AML. While it doesn’t regulate individual firms, its standards shape the rules you work under and the risks your supervisor expects you to manage.

Seeing FATF as the foundation rather than a distant international body can make AML feel more coherent. Many of the requirements that feel demanding or abstract make more sense when viewed through the lens of global risk and financial system integrity.

A clear understanding of FATF helps you move from procedural compliance to informed, risk-based judgement, which is exactly what UK regulators are looking for.