Before entering into a CDD arrangement, you must assess the type and level of money laundering and terrorism financing (ML/TF) and other serious crime risks that the relied-on third party may reasonably be expected to face when providing designated services.

You should consider whether the identified risks aligns with your business having regards to the nature, size and complexity of the intended reliable third party, including its products, services, delivery channels and customer types.

If the nature, size and complexity of the relied on third party is substantially different to your own business, you should carefully consider whether it is appropriate to rely on the third party. In these circumstances, a third party may not have experience implementing identification procedures suitable to your customers and the designated services you provide.

For example, if you propose to rely on a third party to carry out customer identification procedures in relation to a trust that is part of a complex legal structure, you would need to provide the underlying rationale to demonstrate that it is appropriate to rely on a foreign small business that primarily provides services to individual customers.

Assessing the ML/TF risks of foreign entities regulated under equivalent AML/CTF laws 

When assessing third parties located in a foreign jurisdiction, you should also consider the level of ML/TF and other serious crime risk in the foreign country or countries in which they operate or reside.

If customers identified under the CDD arrangement are likely to have substantial connections to the country in which the third party operates, it is important that you believe on reasonable grounds that the third party’s identification procedures are appropriate for the local ML/TF and serious crime risk environment.

The findings and determinations from these assessments of the relied-on third party must be evidence based, clearly documented, and retained by you and reviewed at regular intervals.

Factors to take into account when assessing other jurisdictions 

Factors you may consider include:

• geographical ML/TF risk factors
• contextual factors – political stability, level of corruption, fraud activity, etc.
• evidence of relevant criticism of a jurisdiction, for example, FATF public statements or the existence of the United Nations Security Council or Australian autonomous sanctions in respect of the jurisdiction
• independent and public assessment of the jurisdiction’s overall AML/CTF regime
• recent ML/TF risk assessments
• implementation standards (including quality and effectiveness of supervision).

In considering the suitability of a relied-on third party in a foreign jurisdiction, it is important that the assessment is evidence-based and that the processes and findings are appropriately documented.

Determining comparable jurisdictions for CDD arrangements with a foreign entity 

All FATF members and members of FATF-style Regional Bodies (such as the Asia Pacific Group on Money Laundering (APG), MONEYVAL, etc.) undertake to implement the FATF global standards for combating ML/TF.

You can obtain information on the effectiveness of implementation in these jurisdictions through country specific mutual evaluation reports, which are published on the FATF website and those of FATF-style Regional Bodies, as well as through FATF public statements.

You should generally not rely on third parties subject to AML/CTF regulation in countries or regions that are:

• currently assessed to be non-compliant with FATF Recommendation 10 (Customer Due Diligence), Recommendation 11 (Record Keeping) and/or Recommendation 12 (Politically Exposed Persons)
• publicly listed by FATF as a high risk jurisdiction
• publicly listed by FATF as subject to increased monitoring where the public statement identifies concerns about CDD, record keeping and/or politically exposed persons as grounds for increased monitoring.  

Most countries and regions in the world are not low risk. This does not necessarily mean that the AML/CTF legislation and standards of due diligence in those countries are lower than those in other jurisdictions assessed as low risk.

However, the effectiveness of AML/CTF measures vary significantly, and you will need to consider the risks associated with particular countries. In addition to your own knowledge and experience of the country concerned, particular attention should be paid to any FATF, FATF-style regional body or IMF/World Bank evaluations that have been undertaken.

These evaluations may indicate, for example, that some business sectors in a country or region are well regulated and implementing CDD and record keeping obligations effectively, while other business sectors are not.

In addition to FATF mutual evaluation reports, you may also consider other resources such as Transparency International’s Corruption Perceptions Index, the Department of Foreign Affairs and Trade (DFAT) Sanctions lists or consult relevant reports and databases on corruption risk published by specialised national, international, nongovernmental and commercial organisations.