🌐 Global Standard-Setter · FATF

FATF Standards, Implemented in Practice

The Financial Action Task Force sets the global benchmark every national regulator builds on. One Constellation maps to the FATF 40 Recommendations, the Travel Rule for virtual assets, and the high-risk-jurisdiction list — so satisfying your local supervisor satisfies the global standard.

Book a Demo All Regulations

About FATF

The Global Standard-Setter for AML and CFT

The Financial Action Task Force (FATF) is the inter-governmental body that sets the global standards for combating money laundering, terrorist financing, and proliferation financing. It does not regulate financial institutions directly — that is the role of national supervisors — but its 40 Recommendations form the framework that every major regulator translates into local rules.

FATF assesses each member jurisdiction through Mutual Evaluations, scoring how well the country's laws and supervisory practices implement each Recommendation. Poor scores produce remediation plans; sustained underperformance places a country on the FATF grey list, while serious deficiencies trigger black-list status. Both designations have direct commercial consequences for institutions doing business with those jurisdictions.

For financial institutions, FATF matters in three practical ways: the Recommendations shape every domestic AML rule, FATF guidance defines best practice on emerging issues like virtual assets and beneficial ownership, and the grey- and black-list designations directly drive enhanced due diligence requirements at the customer and transaction level.

The FATF Framework

The 40 Recommendations and Their Practical Reach

The Recommendations cluster into seven thematic groups. Below are the ones that bite hardest at the operational level — and that One Constellation addresses directly.

R.1

Risk-Based Approach

The cornerstone — every institution must identify, assess, and mitigate its money-laundering and terrorist-financing risks. Higher risk requires enhanced measures; lower risk permits simplified ones.

R.10–R.12

Customer Due Diligence & PEPs

Identify and verify customers, identify beneficial owners, and apply enhanced measures to politically exposed persons — domestic, foreign, and international-organisation PEPs alike.

R.16

The Travel Rule

Originator and beneficiary information must travel with funds transfers above the de-minimis threshold. Extended in 2019 to cover virtual-asset transfers between VASPs.

R.20

Reporting of Suspicious Transactions

Promptly report suspicions of money laundering or terrorist financing to the country's Financial Intelligence Unit, with full investigative context.

R.15

Virtual Assets & VASPs

Virtual-asset service providers must be licensed or registered, supervised for AML/CFT compliance, and subject to the same CDD, monitoring, and reporting obligations as traditional financial institutions.

R.19

High-Risk Countries

Apply enhanced due diligence proportionate to the risks for transactions and relationships involving FATF grey-list and black-list jurisdictions, plus countries identified by the institution as higher-risk.

The Obligations in Practice

From Recommendation to Operational Reality

FATF Recommendations land on the institution as concrete operational requirements. Here is how the most consequential ones translate into day-to-day controls.

Risk-Based Methodology (R.1)

Document the institution's ML/TF risk assessment, calibrate controls to the assessed risk, and review the assessment regularly.

One ConstellationFATF-aligned EWRA workpapers, dynamic risk-factor weights, and an audit-ready trail of every methodology change.

Customer Due Diligence (R.10)

Identify the customer and verify the identity using reliable, independent sources. For corporates, identify and verify the beneficial owner.

One ConstellationIdentity verification, document checks, biometrics, and UBO unwrapping that meets every national standard derived from R.10.

PEP Screening (R.12)

Identify whether a customer or beneficial owner is a domestic, foreign, or international-organisation PEP, and apply enhanced measures including senior-management approval.

One ConstellationReal-time PEP screening across global databases — domestic, foreign, and IO categories — with approval workflows wired in.

Travel Rule for Wires & VASPs (R.16)

Pass originator and beneficiary information with every funds transfer above the threshold. For virtual-asset transfers between VASPs, the same rule applies.

One ConstellationTravel Rule message exchange for fiat wires and virtual-asset transfers, supporting major VASP-to-VASP messaging protocols.

Ongoing Monitoring & Reporting (R.20)

Monitor transactions throughout the relationship and report any suspicion to the relevant FIU promptly, with the investigative basis fully documented.

One ConstellationReal-time monitoring with FATF-typology rule libraries, full case management, and FIU-specific report exports.

VASP Compliance (R.15)

Virtual-asset service providers must register, implement CDD and monitoring on a par with banks, and apply the Travel Rule to inter-VASP transfers.

One ConstellationWallet risk scoring, on-chain transaction monitoring, VASP-due-diligence workflows, and Travel Rule integration.

High-Risk Jurisdiction Handling (R.19)

Apply enhanced due diligence to transactions involving FATF grey-listed and black-listed countries, and any other jurisdiction the institution identifies as high-risk.

One ConstellationLive FATF grey/black-list integration, automatic EDD triggers on high-risk jurisdiction exposure, and country-risk scoring built into customer profiles.

Why FATF Status Matters

The Commercial Cost of Grey- and Black-Listing

FATF doesn't fine institutions directly. But its public lists drive every other regulator's response — and the commercial consequences are immediate.

EDD

Mandatory on grey-list jurisdictions

Block

Counter-measures on black-list states

FDI

Loss of foreign direct investment access

Cost

Higher correspondent-banking risk premia

Built to FATF Standards

What FATF-Aligned Compliance Looks Like

40 / 40

Recommendations Mapped

R.16

Travel Rule Native Support

Live

Grey-List / Black-List Feed

VASP

R.15 Workflows Built-In

FATF FAQ

Common Questions

Is my firm directly regulated by FATF?+

No. FATF is a standard-setter, not a supervisor. Your direct regulator is your national authority — MAS, FCA, FinCEN, HKMA, AUSTRAC, EU AMLA, or whoever licenses your firm. But because every national regulator builds on the FATF Recommendations, mapping the platform to FATF standards means it satisfies almost every national rule by construction. We then add jurisdiction-specific extensions where local rules diverge.

How does the platform support the Travel Rule for crypto?+

Recommendation 16 was extended in 2019 to cover virtual-asset transfers. The platform supports Travel Rule message exchange for inter-VASP transfers — passing originator and beneficiary information in the appropriate protocol format. Counterparty VASP due diligence is a built-in workflow, including beneficial-ownership and licensing verification.

How is FATF grey-list and black-list status reflected in monitoring?+

The current FATF lists feed directly into country-risk scoring. Customers and counterparties in grey-listed jurisdictions trigger automatic EDD requirements; black-listed jurisdiction exposure triggers immediate review and, depending on local rules, transaction blocking. The list is refreshed as soon as FATF publishes updates after each plenary.

Does the platform support PEP screening across all FATF categories?+

Yes. R.12 distinguishes between domestic, foreign, and international-organisation PEPs — and requires escalating measures across the categories. Screening covers all three categories, with senior-management approval workflows wired in for foreign PEPs and continuing-EDD obligations applied to family members and close associates.

Is the platform aligned with FATF guidance for VASPs?+

Yes. FATF Recommendation 15 and the supporting guidance for virtual-asset service providers are fully reflected in the crypto workflows — including wallet risk scoring, on-chain monitoring, counterparty VASP due diligence, and Travel Rule message exchange. We work directly with VASPs in 15+ jurisdictions.

Does One Constellation provide regulatory advice on FATF compliance?+

No. We provide the platform that helps you implement FATF-aligned controls and demonstrate them to your national supervisor. The interpretation of how FATF Recommendations translate into your specific licence obligations is the responsibility of your compliance, legal, and MLRO functions — typically supported by external counsel.

FATF-Aligned by Design, Localised by Configuration

See how the 40 Recommendations translate into rule libraries, monitoring scenarios, and exportable evidence — calibrated to whichever national supervisor regulates your firm.