Preventive Measures (to be taken by financial institutions and nonfinancial businesses)
4. Secrecy laws should not prevent implementation of the recommendations.
5. Financial institutions and nonfinancial businesses should have an obligation to carry out customer due diligence, including identifying and verifying customer identity.
6. Financial institutions and nonfinancial businesses should have special measures in place for politically exposed persons.
7. Financial institutions and nonfinancial businesses should have special measures in place for correspondent banking.
8. Financial institutions and nonfinancial businesses should have measures in place to address money-laundering threats from new technologies and from business that is not conducted face to face.
9. Financial institutions and nonfinancial businesses should rely on third parties for customer identification and for introduced business.
10. Financial institutions and nonfinancial businesses should adhere to a five-year record-keeping requirement.
11. Financial institutions and nonfinancial businesses should pay special attention to complex, unusual large transactions and to all unusual patterns of transactions.
12. Customer identification should be applied to designated nonfinancial businesses and professions (DNFBPs).
13. Financial institutions and nonfinancial businesses should have an obligation to report suspicious transactions to financial intelligence units.
14. Legal protection should be granted for persons reporting their suspicions in good faith, and prohibitions against tipping off should be established.
15. Financial institutions and nonfinancial businesses should have measures in place for internal controls, compliance, and audit.
16. Requirements for reporting and monitoring suspicious activity should be applied to DNFBPs.
17. A country should have effective, proportionate, and dissuasive sanctions for money-laundering offenses.
18. A country should not allow the establishment of shell banks.
19. Financial institutions and nonfinancial businesses should consider monitoring of cross-border cash transportation and should develop a system for reporting currency transactions above a fixed amount.
20. Financial institutions and nonfinancial businesses should consider applying FATF requirements to other businesses beyond DNFBPs.
21. Special attention should be given to higher-risk countries.
22. AML requirements should be applied to foreign branches and subsidiaries.
23. Financial institutions should be subject to adequate regulation, supervision, and monitoring.
24. DNFBPs need to be subject to regulation, supervision, and monitoring.
25. Competent authority should provide guidelines on reporting, along with feedback on effectiveness.