Status of implementation of Recommendation 15 by FATF Members and Jurisdictions with Materially Important VASP Activity

Virtual assets are inherently international and borderless, meaning a failure to regulate VASPs in one jurisdiction can have serious global implications. This is particularly concerning given emerging trends in this space. Recent reports raise serious concerns about the Democratic Peoples Republic of Korea’s (DPRK) theft  and laundering of hundreds of millions of dollars’ worth of virtual assets for financing the proliferation of weapons of mass destruction, enabling an unprecedented number of recent launches of ballistic missiles.  Ransomware incidents have grown significantly in recent years, and ransomware payments are almost exclusively demanded in virtual assets . Although the increase in ransomware incidents was reported to slow down in 2023, the situation remains a serious concern. Terrorist groups, including ISIL, Al Qaeda and their affiliates, as well as ethnically or racially motivated terrorist entities, are also known to be increasingly using virtual assets to raise and move funds globally .

In October 2018, the FATF strengthened its R.15 to address virtual assets and VASPs. The table below shows the steps FATF members and FSRB jurisdictions with materially important VASP activity have taken to implement the FATF Standards in relation to regulating and supervising VASPs. The purposes of this table are to enable the FATF network to best support these jurisdictions in regulating and supervising VASPs for AML/CFT purposes and to encourage jurisdictions with materially important VASP activity to fully implement Recommendation 15 in a timely manner. This table also seeks to help supervisors/regulators and the private sector around the globe discern the status of implementation of R.15 by jurisdictions with materially important VASP activity. The publication of this table is endorsed by the G20, Financial Stability Board (FSB), and other policy forums and international organisations.  

The focus on FATF members reflects the importance for them to take a leading role on AML/CFT and on those with materially important VASP activity reflects a risk-based approach to addressing the inherent risks of services, products, and customers. This approach aims to address the global nature and risks inherently posed by virtual assets while recognising that jurisdictions should consider all AML/CFT risks and regulatory gaps in their individual jurisdictions. Jurisdictions should thus prioritise implementing the FATF standards for virtual assets based on such risks.

In line with the FATF 2021 Updated Guidance on a Risk-based Approach for VASPs, jurisdictions should consider the risks of virtual asset transfers with jurisdictions that have not taken steps towards regulating or banning VASPs. Subject to their own ML/TF risk assessment, jurisdictions may also consider designating VASPs from jurisdictions which do not effectively implement licensing or registration requirements as higher risk

The table includes all FATF members plus twenty jurisdictions with materially important VASP activity. These jurisdictions were identified based on two criteria: trading volume and userbase, based on open-source datasets from January to December 2022 and cross-checked against data from blockchain analytics companies . It is important to note that large-scale trend data related to virtual assets is difficult to obtain, incomplete, and may change rapidly. This table provides a snapshot in time of jurisdictions that are identified as having materially important VASP activities as well as jurisdictions that are FATF members.  

The table includes all FATF members plus twenty jurisdictions with materially important VASP activity. These jurisdictions were identified based on two criteria: trading volume and userbase, based on open-source datasets from January to December 2022 and cross-checked against data from blockchain analytics companies . It is important to note that large-scale trend data related to virtual assets is difficult to obtain, incomplete, and may change rapidly. This table provides a snapshot in time of jurisdictions that are identified as having materially important VASP activities as well as jurisdictions that are FATF members.  

The information is based on jurisdictions’ responses to the FATF’s 2023 self-reported survey  where relevant survey questions were posed alongside a selection of three possible answer choices (Yes/No/In Progress). In January 2024, all jurisdictions were asked to provide up-to-date information on their progress. 44 jurisdictions provided updates. The FATF Secretariat will reach out to jurisdictions included in the table for materials  to support their responses from January to February 2024. 

Users should note that this table does not provide any assessment on the level of a jurisdiction’s implementation of measures to combat ML/TF and is not related to the FATF’s identification of high-risk and other monitored jurisdictions. Neither the open-source data used to compile the table, nor the data from blockchain analytics companies used for verification purposes, is based on any assessment of a jurisdiction’s illicit finance risks associated with VA or of compliance with the FATF standards. 

A jurisdiction’s inclusion in the table therefore carries no indication – either positive or negative – regarding that jurisdiction’s degree of risk or its level of compliance with R15. The table provides an overview of the implementation status of R15 at the time of the update (from January to March 2024) and identifies each jurisdiction’s rating for R 15, if applicable, at the date of the rating; this information may not reflect the latest implementation progress of each jurisdiction. 

The information in this table does not replicate or replace a mutual evaluation or follow-up assessment of the country’s compliance with R15. While the data has been cross-checked against available assessment results, it has not been subject to detailed analysis against the FATF Methodology.  Users are cautioned to independently verify and confirm the information in this table by undertaking their own independent research before using this information.