Sanctions & AML — Sanctions and Anti-Money Laundering
International framework on financial sanctions, anti-money laundering, and counter-terrorist financing: FATF, EU AML Directives, SDN lists.
Summary
The domain of sanctions and anti-money laundering (AML) encompasses the totality of national and international regulatory frameworks designed to protect financial systems from being used for criminal purposes, money laundering, terrorist financing, and the circumvention of state sanctions. The most important international standard-setters are the Financial Action Task Force (FATF) in the AML/CFT domain, and national and supranational bodies such as the US Office of Foreign Assets Control (OFAC), the UK Office of Financial Sanctions Implementation (OFSI), the EU, and the UN Security Council in the sanctions domain.
AML frameworks obligate financial institutions and other obligated entities to a risk-based approach: they must identify customers (KYC), monitor transactions, file suspicious activity reports, and maintain internal control systems. Sanctions regimes, by contrast, prohibit certain transactions with listed persons, companies, or countries outright and require active screening of all transactions against sanctions lists.
The interplay between AML and tax transparency is close: beneficial ownership registers serve both tax authorities and AML compliance functions. Politically exposed persons (PEPs), high-risk jurisdictions per FATF classification, and offshore jurisdictions are key concepts in both regulatory domains.
History
The FATF was established in 1989 at the initiative of the G7 to respond to the growing threat of organized money laundering. Its 40 Recommendations (first issued in 1990, most recently revised in 2012 with updates through 2024) constitute the global AML/CFT standard. Within the EU, the FATF Recommendations were transposed into Community law through five preventive Anti-Money Laundering Directives (1AMLD–5AMLD, 1991–2018) and the criminal-law Directive 2018/1673 (often referred to as 6AMLD), progressively expanding the scope of application and tightening requirements.
The terrorist attacks of 11 September 2001 accelerated the integration of counter-terrorist financing (CFT) into the AML framework and led to the massive expansion of sanctions regimes. Following Russia's invasion of Ukraine (2022), Western financial sanctions reached a new dimension: within days, unprecedented asset freezes and transaction prohibitions were imposed, subjecting the compliance capacities of financial institutions worldwide to a historic stress test. The EU AML Authority (AMLA), headquartered in Frankfurt, commenced operations in July 2025; direct supervision of selected obliged entities will begin from mid-2028.
Foundational UN Security Council Resolutions underpin the international sanctions architecture: Resolution 1267 (1999, Al-Qaeda/Taliban sanctions), Resolution 1373 (2001, comprehensive CFT obligations for all member states), and Resolution 1540 (2004, proliferation of weapons of mass destruction). At the national level, states transposed FATF standards into domestic legislation — for example, the Swiss Anti-Money Laundering Act (GwG), the German Money Laundering Act (GwG), and the US Bank Secrecy Act.
Scope
AML and sanctions regulations affect the following actors and matters:
- Financial institutions: Banks, payment service providers, currency exchange offices, insurers — core obligated entities with comprehensive KYC and reporting duties
- Non-financial obligated entities: Notaries, lawyers, tax advisors, real estate agents, casinos, dealers in high-value goods
- Crypto-asset service providers (VASPs): Since FATF Recommendation 15 (2019) and EU MiCA/TFR, AML obligations apply to crypto-asset service providers
- Politically exposed persons (PEPs): Public officials, their family members, and close associates are subject to enhanced due diligence
- Sanctioned persons and entities: Persons on the OFAC SDN list, EU sanctions lists, UK OFSI sanctions lists, or UN sanctions lists are prohibited from conducting transactions
- High-risk jurisdictions: Jurisdictions on FATF watch lists require enhanced due diligence
Key Requirements
Core obligations in the area of sanctions and anti-money laundering:
- Know Your Customer (KYC): Identification and verification of customers, beneficial owners, and principals prior to business commencement
- Risk-Based Approach (RBA): Entities must assess money laundering risks themselves and allocate resources proportionate to risk
- Ongoing transaction monitoring: Automated systems for detecting suspicious transaction patterns
- Suspicious activity reports (SAR/STR): Immediate reporting of substantiated suspicions of money laundering to the Financial Intelligence Unit (FIU)
- Sanctions screening: Real-time matching of all transactions and counterparties against current sanctions lists (OFAC, EU, UN, national)
- Travel Rule: For traditional wire transfers of EUR/USD 1,000 or more, originator and beneficiary data must accompany the transfer. For crypto-asset transfers, the EU TFR 2023/1113 imposes no minimum threshold — all transfers require full originator and beneficiary data
- Internal control systems: Appointment of an AML compliance officer, training obligations, internal audit
Related Frameworks
Corrections & Errata
1 update:
- AMLA operational date imprecise: July 2025, full supervision only from 2028
4 clarifications.
5 notes.