The FATF Grey List: Not an Exclusive List any Country Wants to be on

Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML
The FATF Grey List: Not an exclusive list any country wants to be on

A country being added to the FATF grey list can have far-reaching ramifications. Any country being considered as a new addition to the grey list will try desperately to ensure they’re not added. Showing up on a FATF grey list can adversely impact investment into the country, overall growth, and it can affect the country’s currency—making goods and services more expensive.

Heavy Financial Impact to Financial Institutions

To third parties, risk heightens significantly dealing with a country on the grey list or any entities operating within that country.  Any organization, especially in financial services, will conduct enhanced due diligence on grey-listed organizations. In the most extreme of cases, it can result in de-risking where international financial institutions will exit a customer relationship. This impact can be devastating for a country, especially if correspondent banking services are exited or heavily restricted.

Blacklisted by FATF

There is a remediation step by FATF to prevent a country from being blacklisted. Currently there are three countries on the blacklist. They are:

  • Democratic People’s Republic of Korea
  • Iran
  • Myanmar

After the 2023 FATF Plenary in Paris, there are 23 countries currently on the grey list. In February 2023, two were removed (Cambodia and Morocco.) However, two new countries were added to the FATF Grey List: South Africa and Nigeria. What does this mean and what happens next?

South Africa

It wasn’t a surprise that South Africa was added to the grey list. The result of their mutual evaluation was released in October 2021. It was identified that South Africa has a relatively high volume and intensity of crime, with more than half the reported crimes falling into categories which generate proceeds. The main crimes being corruption, tax crimes, and fraud, then followed by drug trafficking and environmental crime, including wildlife crime. South Africa, in their latest assessment, was assessed as largely compliant or compliant in 20 of the 40 FATF recommendations. By and large, financial institutions (FIs) are doing a good job in understanding risks and taking appropriate action to manage and mitigate these risks. The FATF report does call out some of the smaller FIs not all having comprehensive and effective programs. There is mention of DNFBPs stating many have limited compliance functions and low SAR numbers.

So why was South Africa grey-listed, and what can they do to improve their rating?

There are number of areas on the FATF action plan where South Africa need to improve compliance. The eight areas of focus are:

  1. To improve their response to Mutual Legal Assistance (MLA) requests that help facilitate money laundering and terrorist financing investigations and confiscation of different types of assets.
  2. Improve risk-based supervision and the risk-based approach taken by some smaller FIs and Designated Non-Financial Businesses and Professions. It has been identified that some of these organizations are ticking a box rather than understanding and mitigating their organizations financial crime risk, as evidenced by the low numbers of SAR reports filed by some of these high-risk sectors.
  3. Corporate transparency is also a glaring issue. South Africa needs to improve the transparency and accuracy of beneficial ownership information. They need to substantially improve their mechanisms for ensuring verified and up-to-date beneficial ownership information is available to competent authorities and consider having an authority responsible for this. South Africa also needs to apply sanctions for breaches by legal persons to beneficial ownership obligations.
  4. Increase in Law Enforcement Agencies (LEAs) requests for information from the Financial Intelligence Centre (FIC). Use information that it has received from the regulated sector through Suspicious Activity Reports (SARs). The challenge identified by FATF is that the LEAs lack the required skills and resources to proactively investigate money laundering or terrorist financing, possibly, in part, because of the lack of intelligence due to limited interaction with the FIC.
  5. Closely linked to law enforcement collaboration is that in South Africa, proactive identification and investigation of money laundering networks and professional enablers is not occurring says FATF. Most money laundering convictions are as a result of fraud offences rather than other high- risk money laundering offences or the crimes which generate criminal proceeds. ‘State capture’ is specifically called out as being insufficiently pursued. One of the action points is for South Africa to demonstrate an increase in investigations and prosecutions of serious and complex money laundering and terrorist financing offenses.
  6. Following on from investigations, it was found by FATF that asset recover is low, especially in the case of ‘state capture’. Therefore, the FATF action is for South Africa to enhance its identification, seizure, and confiscation of proceeds of crime.
  7. South Africa needs to update its terrorist financing risk assessment and implement a comprehensive national counter financing of terrorism strategy.
  8. Finally, FATF expects South Africa to ensure effective implementation of targeted financial sanctions and demonstrate an effective mechanism to identify individuals and entities that meet the criteria for domestic designation. 

In the original FATF report, there was repeated mention of “State Capture”, basically corruption. This sustained corruption had generated significant proceeds and undermined agencies that combat this activity. Though this was not called out extensively in the FATF action plan, South Africa is taking steps to address it. However, it seems that corruption is still a systemic problem in South Africa and needs to be addressed. 


A bigger surprise was the addition of Nigeria to the FATF Grey List. Nigeria was assessed and the mutual evaluation report was released in August 2021. In the report, Nigeria was found to be compliant or largely compliant in 26 of the 40 FATF recommendations. They were partially compliant in 11 of 40 recommendations, and non-compliant in 3 of the 40 recommendations, including having not conducted any risk assessments on the not-for-profit organizations.

The authorities have never carried out assessments of the risks resulting from the use of new technologies or new business practices, especially when it comes to VASPs, meaning authorities are not empowered to carry out AML inspections on VASP organizations. The final recommendation to which Nigeria is non-compliant is recommendation 19 relating to higher risk countries. Nigeria does not provide any guidance or documentation to advise FIs on the deficiencies of the AML and CTF regimes of other countries.

Interestingly, where FATF states that Nigeria needs to improve in their AML and CTF measures is quite similar to improvements needed in South Africa.

The FATF action plan for Nigeria laid out nine areas to address, which are:

  1. Nigeria is required to complete its residual money laundering and terrorist financing risk assessment and update its national strategy to ensure alignment with other strategies relating to high-risk predicate offences.
  2. It appears cooperation needs to be enhanced in African nations, as FATF’s action plan includes the requirement for Nigeria to enhance international cooperation in line with ML and TF risks, including timely responses to MLAs.
  3. DNFBPs is another area which appears consistently in multiple, different jurisdictions. One of Nigeria’s action items is to improve AML and CFT risk-based supervision DNFBPs and enhance implementation of preventive measures for high-risk sectors. They also need to improve supervision of FIs.
  4. Another area which appears to be a challenge around the globe is understanding Beneficial Ownership (BO). FATF requires Nigeria to improve access to BO information and ensure it is up to date. Nigeria has to put in place processes to ensure competent authorities have timely access to accurate and up-to-date BO information on legal persons, but also ensure appropriate application of sanctions for breaches of BO obligations.
  5. Like South Africa, Nigeria needs to demonstrate an increase in the dissemination of financial intelligence by the FIU and facilitate appropriate use of this information by LEAs.
  6. Following on from action point 4, Nigeria must also demonstrate an increase in ML investigations and prosecutions, which naturally would increase cooperation between authorities, as required in action point 5.
  7. Nigeria must proactively detect violations of currency declaration obligations and apply appropriate sanctions and maintaining comprehensive data on frozen, seized, confiscated, and disposed assets.
  8. Nigeria needs to increase their investigation and prosecutions of terrorist financing (TF) activity. This is especially prevalent where terrorist organizations such as Boko Haram and Islamic State are prevalent and active in this country. Most attacks occur in the Northeast of Nigeria but there have been increased attacks in the Federal Capital Territory and boarder areas. Nigeria must demonstrate sustained increase in investigations and prosecutions of different types of activities and enhance interagency cooperation on TF investigations.
  9. The final action required of Nigeria is for them to conduct an assessment to understand the risk of TF, specifically with identifying and engaging with Not-for-Profit Organizations (NPOs) at risk of TF abuse. Nigeria also needs to implement risk-based monitoring for the NPOs at risk of TF abuse, without adversely impacting legitimate NPO activities. 

Nigeria and South Africa Areas of Improvement

There are several AML and CTF areas where both Nigeria and South Africa need to improve in order to convince FATF that they have comprehensive and effective controls to manage AML and CTF risks to help mitigate financial crime.

What is interesting is that they share a number of improvement areas in the actions outlined by FATF. Both countries need to increase their cooperation:

  • With third-party country law enforcement authorities
  • With use of financial intelligence
  • To increase and improve the effectiveness of their ML law enforcement investigations
  • To increase the effectiveness of asset recovery

Other areas where they need to improve is increased BO transparency, access to BO information, and effective supervision of DNFBPs. Interestingly, these areas are areas of focus around the globe. There is a constant battle to increase corporate transparency, but also challenges in regulating and supervising DNFBPs, with recent blocking of the Enablers Act in the U.S. by the DNFBPs who would have ultimately been supervised as a result of the act. 

The FATF findings show that there is more to be done globally by governments, government agencies, FIs and all other stakeholders to increase legislation, processes, controls, and cooperation. Additionally, working together to make it a hostile environment, globally, for criminals to operate, move, and clean their illicit wealth. The FATF findings show the importance of us all working together, sharing best practices, learning, and adapting to changing criminal threats.

Public and private partnerships are excellent examples of where collaboration has shown tangible results in helping to tackle financial crime: By sharing intelligence, knowledge, and experience to mitigate financial crime and identify criminals who are abusing the financial system. One thing that is critical is that all industries need to be engaged in this fight. If industries such as DNFBPs are forgotten and left on the sidelines, then this gap provides an easy gateway for criminals to access the financial system unimpeded, allowing them to continue to financially benefit from their crimes without fear of reprisals or prosecution.

Technology can and should play a big part in any plan to tackle financial crime. There are a number of proven technologies that can help to break down barriers between agencies and FIs, facilitating information sharing in a controlled and compliant manner. If used correctly, this would help to resolve some of the action points around the sharing and use of intelligence. It’s vital to aid law enforcement in conducting targeted and effective financial crime investigations, help the FIC to gather relevant information, and ensure FIs fully understand today’s threats and take necessary steps to monitor and mitigate them. Beyond this, information sharing could help with the challenges of BO transparency, providing collective intelligence on corporate structures. BOs would help to validate and verify this information, ensuring effectiveness against one of FATF’s action points. Technology can also aid in information gathering from structured and unstructured third-party sources.

Helping to enrich, cleanse, consolidate and validate information against a specific entity, providing a rich profile of a party and their relationships, and helping to pinpoint suspicion in the data are benefits of cooperation. Finally, technology that learns, such as machine learning, exists. Machine learning will analyze data, looking at changes and decisions against historic data and data across peers to ensure continuous optimization. This will drive ongoing effectiveness for all relevant stakeholders who have an interest in monitoring and mitigating financial crime. It ensures changing and emerging trends and financial crime patterns are spotted early and action can be taken to manage and reduce the risk.

Nigeria and South Africa will eventually be removed from the grey list. When they do, they will be stronger and better equipped, across both the public and private sectors, to monitor, manage and fight financial crime.

U.S. Corporate Transparency Act Deemed Unconstitutional

May 9th, 2024
Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML

Unraveling the Threads of Responsibility: Personal Liability of Senior Management in AML Compliance Failures

February 27th, 2024
Rahul Kadu, Senior Specialist Business Consultant, NICE Actimize & Mohit Agrawal, Senior Specialist Business Consultant, NICE Actimize

The World of AML Risk Assessment

February 13th, 2024
Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML

2024 Predictions: Sanctions, FOMO and Corporate Transparency

January 16th, 2024
Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML
Speak to an Expert