Fecha de última actualización: 22/11/2025
One of the main objectives of the Financial Action Task Force — FATF — is the establishment of guidelines on the prevention of money laundering and terrorist financing. It also promotes the effective implementation of legal and operational measures to that end. To achieve this objective, the FATF issued the 40 Recommendations. This article analyses the seventeenth recommendation, which focuses on reliance on third parties when carrying out customer due diligence measures.
The seventeenth FATF Recommendation sets out the general criteria that apply when there is reliance on third parties in the performance of customer due diligence measures.
There is an Interpretive Note that elaborates on the content of the Recommendation. This guidance clarifies that when the Recommendation refers to “third parties”, it means financial institutions and other entities subject to anti-money laundering and counter-terrorist financing obligations.
The FATF states that countries may permit financial institutions to rely on third parties to perform certain customer due diligence measures set out in Recommendation 10. However, the Recommendation clearly establishes that the ultimate responsibility for the application of customer due diligence measures remains with the institution relying on the third party.
In order to rely on third parties for the application of customer due diligence measures, Recommendation 17 sets out a number of essential criteria:
- The institution relying on the third party must have immediate access to the information obtained about the customer. This crucial information includes the customer’s true identity, the beneficial owner of the transaction, and the nature of the business relationship. In addition, the relying institution must have access to copies of the data supporting the information obtained by the third party.
- The financial institution must ensure that the third party is subject to regulation with regard to customer due diligence requirements. Furthermore, it must verify that the third party has sufficient measures in place to comply with these obligations.
- Available information on a country’s level of risk must be taken into account when determining the countries in which the third party may be located.
Finally, Recommendation 17 states that where a financial institution relies on a third party that belongs to the same group, and that third party effectively applies group-wide customer due diligence and anti-money laundering policies under consolidated supervision, competent authorities may consider that the necessary safeguards are already met at the internal level. In such cases, where country risk is adequately mitigated through group-wide policies, it would not be necessary to impose additional checks on the third party.
Are you interested in learning more about the 40 FATF Recommendations? Discover our series of articles where we explain each of them and their significance.
- Recommendation 1: Risk assessment and application of a risk-based approach.
- Recommendation 2: National cooperation and coordination.
- Recommendation 3: Money laundering offense.
- Recommendation 4: Confiscation and provisional measures.
- Recommendation 5: Terrorist financing offense.
- Recommendation 6: Targeted financial sanctions related to terrorism and terrorist financing.
- Recommendation 7: Targeted financial sanctions related to the proliferation of weapons of mass destruction.
- Recommendation 8: Non-profit organizations.
- Recommendation 9: Banking secrecy.
- Recommendation 10: Customer due diligence.
- Recommendation 11: Record-keeping.
- Recommendation 12: Politically Exposed Persons.
- Recommendation 13: Correspondent banking.
- Recommendation 14: Money or value transfer services.
- Recommendation 15: New technologies
- Recommendation 16: Transparency in payments.
- Recommendation 17: Reliance on Third Parties.
- Recommendation 18: Internal controls, foreign branches, and subsidiaries.
I am an obliged entity and looking for an AML tool.
Great! You’ve come to the right place at the right time. Request a demo with the Pibisi team and tell us what you need with no obligation.
I’m not sure if I’m an Obliged Entity…
No problem, it’s a very common question. Take our simple questionnaire and find out NOW.
If you want to stay updated with new articles, subscribe to our newsletter if you haven’t done so already.
And if you’d like to suggest a topic you’d like us to write an article about, or you simply want to get in touch with us, you can do so via our contact form.
