Updated FATF standards and financial inclusion – IYKYK
IYKYK (if you know, you know) always seems like quite a divisive phrase to me. When you see it on social media on a meme or caption, it can have several effects:
You can relate. You’re on board with the meme, quote, or photo and agree with the sentiment. You feel like you’re in the club, and there’s a smug ‘ah yes me too’ reaction. You’re glad you’re not alone. Or…
You don’t know what it means or you can’t relate to it. You feel out of the loop, isolated or left behind. Or...
You don’t know what IYKYK even means. See, it’s quite divisive!
Financial inclusion is a hot topic, a buzz word. But it’s more than that now, it’s written into guidance and regulatory expectations. So are you ‘in the club’ or are you being left behind?
Updated FATF standards
On 25 February 2025, the Financial Action Task Force (FATF) published a revised version of its anti-money laundering (AML) and counter-terrorist financing (CTF) standards, specifically to include better promotion of financial inclusion. This builds on several years of focus on financial inclusion and diversity from the FCA, with various consultation papers and speeches covering these in detail. In a world which is still recovering from a global pandemic and cost-of-living crisis, financial inclusion is a not simply an add-on, but is now a consistent thread which must run through all financial crime decision-making.
The changes to FATF standards build on a body of work responding to a 2021 ‘stocktake’, which highlighted how de-risking, financial exclusion, undue targeting of non-profit organisations and curtailment of human rights can take place, when a risk-based approach is not properly applied. In short, financial services should be accessible and affordable, and firms’ risk-based approach and risk appetites are key to this. The revised FATF standards document is 148 pages long so let me unpack the key changes for you:
Recommendation 1 – risk-based approach. This recommendation and its interpretive note have been amended: where member countries identify lower risks as part of their risk assessment, for either money laundering or proliferation financing, simplified measures should be allowed and encouraged as appropriate. The language is now stronger – before it said they may decide to allow simplified measures. In several places, the wording has changed from measures being ‘commensurate with’ to ‘proportionate to’ the risks. The FATF believes this change will encourage financial institutions to apply simplified measures where risks are lower, which will facilitate access to financial services.
The language in the interpretive notes for both recommendation 10 (customer due diligence) and recommendation 15 (new technologies) has changed in a similar way. Financial institutions should be encouraged to apply simplified measures (previously could be allowed to apply simplified measures) and countries should apply risk-based measures which are proportionate (previously commensurate) with the risks.
The glossary of key terms has also been updated, changing ‘commensurate’ to ‘proportionate’ in relation to defining reasonable measures.
FATF is now consulting on updated guidance to reflect the changes to the standards.
Working with us
Firms have a tough job – on one hand they must set and stay within an appropriate risk appetite. This needs to be consistent across the business, in line with what has been agreed by the Board and set at a level which is profitable for the firm, whilst also ensuring that it allows for vulnerable customers having access to financial services. However, there are also costs of compliance, and the riskiest customers often come with the highest price. But the FCA has been clear firms should not de-risk whole sectors, industries, firm types or groups of customers because of this.
If this is proving a challenge for you, and you aren’t sure where to draw the line, or what the regulatory reaction might be to the lines you have drawn, we’d love to work through this challenge with you. We have a wealth of experience in risk assessments, appropriate due diligence and regulatory expectations.
So back to that phrase ‘if you know you know’ - don’t let it be divisive for you and your firm. Make sure financial inclusion is consistently considered throughout your financial crime framework and don’t get left behind. Email me at sam.jarvis@avyse.co.uk