Why this matters: The Financial Action Task Force (FATF) Paris Plenary sets the tone for the next phase of anti‑money‑laundering (AML), counter‑terrorist‑financing (CTF) and proliferation‑financing (PF) policy. With a more outcomes‑focused evaluation cycle and important changes to country listings, compliance leaders now have clear signals on where to tune screening and monitoring—without disrupting legitimate flows

For professionals working in financial crime compliance, this meeting isn’t just bureaucratic theatre; it shapes the AML process itself.  Updates to the grey‑list and black‑list inform everything from AML risk assessment to know your business (KYB) onboarding, transaction monitoring thresholds, PEP screening and adverse‑media screening.  Getting these controls right means fewer false positives, more effective investigations and stronger alignment with regulators.  It also influences technology choices—whether to invest in sanctions screening software, AML compliance software or customer screening software—and how to blend enhanced due diligence into routine workflows.

A field note: Midway through the first day, as delegate refrain kept cropping up: “Show us it works.” That simple ask—evidence over promises—captures the pivot now underway. If your programme can’t demonstrate impact in data, narrative case files and timely actions, expect tougher questions this year .

Which four African countries were delisted from the FATF “grey list”?

The decision: Burkina Faso, Mozambique, Nigeria and South Africa completed their FATF action plans and were removed from increased monitoring. The official FATF statement notes that these jurisdictions addressed strategic anti‑money‑laundering and counter‑terrorist‑financing deficiencies within agreed timelines. Major news outlets highlighted the progress: South Africa sharpened its tools to detect money laundering and terrorist financing, Nigeria improved inter‑agency coordination, Mozambique enhanced financial‑intelligence sharing and Burkina Faso strengthened oversight of financial institutions .

Why it’s significant: Grey‑listing raises funding costs and deters investment; an IMF working paper found that capital inflows decline on average by 7.6 % of GDP when a country is placed on the grey list. Other analyses found reductions in cross‑border liabilities of up to 16 %.  Delisting signals tangible progress: sharper detection tools in South Africa, better inter‑agency coordination in Nigeria, improved financial‑intelligence sharing in Mozambique and stronger oversight of gatekeepers in Burkina Faso.  It’s a milestone, not a finish line, but the near‑term compliance signal is How should you recalibrate country risk? Mutual-evaluation.

For practitioners running watch-list screening and sanctions screening tools, these delistings should prompt a review of underlying country-risk matrices, adjustments to customer risk scores and recalibration of transaction screening AML thresholds. As one compliance officer noted, “removing a blanket risk uplift doesn’t mean dropping your guard—it means refocusing it where the evidence points.” This aligns with FATF’s guidance on maintaining risk-based proportionality, which stresses that even when countries exit increased monitoring, residual risks must still inform sanctions screening, customer due diligence and ongoing monitoring frameworks.

Mini-case: How was the risk matrix adjusted after delisting?

A regional bank with trade corridors into West and Southern Africa ran a 12‑month lookback and found that 23 % of sanctions and AML alerts were driven by a “grey‑list” coefficient rather than customer behaviour. After Nigeria and South Africa were delisted, the bank:

• Removed the blanket grey‑list uplift but kept sector‑specific uplifts (e.g., high‑risk money‑services businesses and precious‑metals traders).

• Lowered screening friction for low‑risk retail remittances while raising scrutiny on trade finance involving dual‑use goods.

• Tracked outcomes weekly: false positives fell 19 %, straight‑through processing for low‑risk payments rose 6 %, and true‑positive case yield was maintained.

The bank also invested in real‑time sanctions screening and payment‑screening AML tools to ensure that alerts relating to the newly delisted corridors reflected actual customer behaviour rather than outdated country tags.  By combining cloud‑based compliance automation with human oversight, it reduced manual touch points without compromising on AML investigation process standards.

The result was better customer experience and cleaner alert quality—precisely the kind of effectiveness supervisors will ask to see.

How should modern screening respond?

Facctum’s configuration playbook treats FATF list status as one input—not the only one. We’ve built list management and sanctions screening solutions that ingest country-risk updates automatically and cascade them across payment screening environments. When a jurisdiction moves, a controlled change set updates country-risk coefficients overnight, triggers a 30-day post-change quality review, and refreshes training prompts for investigators working those corridors. This blending of compliance automation with human expertise delivers agility without whiplash.

Who remains on the grey list in 2025?

As of 24 October 2025, jurisdictions still under increased monitoring include: Algeria, Angola, Bolivia, Bulgaria, Cameroon, Côte d’Ivoire, Democratic Republic of the Congo, Haiti, Kenya, Lao PDR, Lebanon, Monaco, Namibia, Nepal, South Sudan, Syria, Venezuela, Vietnam, Virgin Islands (UK) and Yemen . 

Each is progressing action plans agreed with FATF.  The guidance remains consistent: apply a risk‑based approach, avoid blanket de‑risking and ensure humanitarian and NPO flows are not disrupted .

For compliance teams, this means maintaining watch‑list screening for higher‑risk corridors while tailoring customer screening and PEP list checks to the specific sector and purpose of each transaction.  It also underscores the importance of financial crime risk assessment and AML risk assessments that consider geopolitical developments alongside behavioural indicators.

The new mutual‑evaluation cycle: outcomes over paper

What changed: FATF has launched its fifth round of mutual evaluations. Unlike previous rounds that spanned roughly ten years, the new cycle operates on a six‑ to seven‑year timetable and is explicitly risk‑based. According to the Society of Trust and Estate Practitioners (STEP), evaluations will focus on the major risks in each jurisdiction, develop a limited number of strategic key recommended actions, and give countries three years to address those actions. The FATF’s 2022 procedures confirm that countries failing to largely address their key recommended actions within three years will face automatic enhanced measures. The first reports under the new cycle—on Belgium and Malaysia—are scheduled for publication in December 2025.

For firms, this shift elevates AML audit readiness.  The focus on outcomes over paper means you can’t rely solely on static policies; regulators will ask to see how your compliance monitoring workflow feeds case management, how quickly alerts progress through your AML software, and whether your regtech investment translates into tangible results.  The move also encourages adoption of cloud compliance solutions that facilitate rapid adjustments and provide auditable evidence of risk‑based tuning.

Practitioner’s take: “The question won’t be do you have a typology? but does your typology surface cases that lead to outcomes?”

What this means for controls:

Expect supervisors to ask for:

• Detection‑to‑disposition metrics (e.g., % of alerts → cases → suspicious activity reports → investigations with law‑enforcement interest).  These metrics should flow directly from your AML case management system and highlight how your compliance automation resolves alerts.

• Quality indicators (positive predictive value, time‑to‑decision and rework rates).  Examiners will want to see that your transaction monitoring and AI transaction‑monitoring scenarios are producing high‑quality alerts that investigators can disposition efficiently.

• Proof of collaboration (information sharing, asset‑freeze responsiveness, mutual legal assistance).  Demonstrate that your AML audit trails capture interactions with law enforcement and regulators, and that cross‑border cooperation works in practice.

Example in practice:

Ahead of a 2025 review, one institution rewired three transaction‑monitoring scenarios using adverse‑media triggers and counterpart risk signals.  By combining AI transaction monitoring with traditional rule‑based screening, the firm saw its SAR conversion rate rise from 8 % to 13 %, average time‑to‑case closed fall 22 %, and two cases progress to asset freezes within ten days—exactly the kind of effectiveness story examiners expect.  This highlights how regtech AML solutions can enhance detection while supporting a risk‑based approach.

“Black list” unchanged: hold the line on the highest‑risk controls

Status quo: The Democratic People’s Republic of Korea (DPRK), Iran and Myanmar remain subject to FATF’s call for enhanced due diligence and, where appropriate, counter-measures. For DPRK, the FATF urges countries to terminate correspondent relationships with DPRK banks, close subsidiaries and limit transactions. Iran must still address outstanding deficiencies; the FATF calls for increased supervisory examination and prohibits establishment of branches until Iran fully implements Palermo and terrorism-financing conventions. Myanmar remains under enhanced due diligence with a warning that counter-measures could follow. Humanitarian channels must remain protected. Further details are outlined in the FIAU’s summary of high-risk jurisdictions and counter-measures, which reinforces FATF’s guidance for enhanced due diligence.

Case file: When designation dynamics hit the front line.

A correspondent banking unit flagged a trade‑finance transaction involving a DPRK‑linked front company routed through multiple intermediaries. Vessel‑tracking suggested a suspicious trans‑shipment. The bank terminated the relationship, filed SARs across two jurisdictions and implemented route‑based interdiction rules on similar commodities. Loss of fee income stung—but the risk avoided was far greater.

How we keep pace with evasion—and tune for material risk:

• Evasion typologies: layered ownership, shipping‑route anomalies and trade mis‑invoicing patterns feed a money laundering risk assessment and risk‑scoring service consumed by screening.

• Adaptive thresholding: thresholds vary by corridor and product; high‑risk corridors trigger lower materiality thresholds and stricter fuzzy‑matching on name variants.  Our name‑screening AML engine adjusts match tolerances dynamically based on financial crime risk and ensures we don’t miss transliteration variants.

• Alert quality loops: weekly sampling ensures positive predictive value (PPV) and investigator effort stay aligned to risk; if PPV dips below target for a corridor, thresholds ratchet up automatically.  Results feed back into AML case management and compliance data governance processes.

Asset recovery: prepare for faster freezes and smarter cooperation

What’s coming: FATF has approved comprehensive asset-recovery guidance—expected in November 2025—aimed at closing loopholes and strengthening cross-border confiscation frameworks. The forthcoming FATF guidance on asset recovery will help countries build effective systems to recover criminal proceeds across jurisdictions and underscores that making crime unprofitable depends on robust confiscation and cooperation.

For firms, asset recovery isn’t just a legal process—it’s an integral part of the AML investigation process. Robust AML case management systems must track freezing orders, document chain-of-custody, and maintain audit trails that withstand regulatory scrutiny. As new guidance takes effect, expect asset-tracing requests to become more frequent and response windows shorter.

A snapshot from the trenches:

An international payments firm received an urgent freezing order linked to an overseas fraud case. Using pre-agreed playbooks and a cross-border contact list, the firm ring-fenced USD 1.2 million within six hours, documented chain-of-custody, and supported civil recovery proceedings. The lesson: you don’t rise to the occasion—you fall to your level of preparation. The firm now runs quarterly tabletop exercises with counsel and operations.

This example highlights the value of investing in AML compliance software that integrates asset-freeze workflows and can instantly surface data on originators, beneficiaries, and transaction history. A well-defined AML investigation process reduces friction when regulators come calling.

For broader industry insights, see the AMLP Forum’s overview of FATF’s asset-recovery guidance and AI-related risks.

What's on the horizon? AI agents and deepfakes.

Risk on the rise: FATF has commissioned a Horizon Scan on generative AI, agentic AI, and deepfakes, including real cases and mitigation strategies for both the public and private sectors. The initiative explores how criminals use synthetic media and AI agents to perpetrate fraud, impersonation, and other illicit schemes, while offering case studies that compliance teams can use to strengthen safeguards and adapt their controls.

Financial institutions should now assess whether their fraud-prevention systems can keep pace. That includes deploying AI-powered detection tools capable of spotting synthetic identities, voice clones, and other deepfake-enabled scams. Examiners are expected to ask not just whether such controls exist, but how effective they are in your environment.

The takeaway: AI and synthetic media are now a recognised financial-crime risk vector, and regulators will treat their mitigation as part of a modern AML framework.

Participation signals: guests and suspensions

Who’s at the table: Jamaica and Nigeria joined as guest jurisdictions, with Kenya continuing in that role. Russia’s membership remains suspended (a February 2024 decision), and this continues to shape correspondent relationships.

Operational takeaways:

• Engage early with guest-jurisdiction regulators and industry bodies. Facctum prioritises outreach on correspondent banking and NPO safeguarding. Building Know-Your-Business (KYB) relationships in these jurisdictions helps align risk assessments and fosters shared compliance frameworks.

• Treat Russian relationships as non-FATF for regulatory guardrails and keep escalation paths tight. Use AML compliance software to flag any direct or indirect exposure to sanctioned entities and ensure your sanctions screening tools incorporate OFAC updates as well as local regulators’ blacklists.

Quick reference: countries still under increased monitoring—and how to adapt

• Delisted: Burkina Faso, Mozambique, Nigeria and South Africa have been removed from the FATF grey list following completion of their action plans.

• Remaining under increased monitoring: According to the FATF’s October 2025 update on jurisdictions under increased monitoring, the following countries remain subject to enhanced oversight: Algeria, Angola, Bolivia, Bulgaria, Cameroon, Côte d’Ivoire, Democratic Republic of the Congo, Haiti, Kenya, Lao PDR, Lebanon, Monaco, Namibia, Nepal, South Sudan, Syria, Venezuela, Vietnam, Virgin Islands (UK) and Yemen. Each jurisdiction is working through an agreed action plan with the FATF.

• Approach: Maintain a risk-based posture, avoid blanket de-risking, and protect humanitarian and NPO flows by calibrating controls to the corridor, sector and purpose of payment. Further insights are outlined in the FIAU’s summary of FATF public statements and jurisdictions reviewed, which provides context for ongoing monitoring and risk management.

Managing highest‑risk jurisdictions (DPRK, Iran, Myanmar): what good looks like

• DPRK: Terminate correspondent ties; scrutinise trade finance for front-company activity and opaque structures; enforce route-based interdiction. Ensure your sanctions screening tools reflect OFAC SDN sanctions designations and that name-screening AML logic captures transliterations.

• Iran: Apply counter-measures until full implementation of international conventions; increase supervisory reporting and restrict engagement with high-risk financial institutions. Align local controls with SDN sanctions lists and maintain rigorous AML case management for any transactions involving Iranian entities, consistent with the FATF’s call for action on high-risk jurisdictions.

• Myanmar: Maintain enhanced due diligence; prepare for possible escalation to counter-measures; protect humanitarian channels. This includes heightened enhanced due diligence on payment purposes and beneficiaries while ensuring vital aid flows, as outlined in the FIAU’s summary of high-risk jurisdictions and counter-measures.

Implementation example: A bank operating in Asia-Pacific added dual-use commodity checks, tightened adverse-media thresholds for counterparties and enforced complete originator/beneficiary data on cross-border wires—raising true-positive yield by 15 % in affected corridors. Integration of these controls into its AML case-management and sanctions-screening systems provided full auditability for regulators.

What compliance teams should do next

1. Update country risk ratings and correspondents:

   • Tasks: remove grey‑list uplifts for delisted countries; keep sector‑specific overlays; refresh corridor runbooks; notify correspondents of policy changes; run a 30‑day post‑change QA on alert rates.  Integrate these updates into your AML compliance software so that payment screening and customer risk engines use the latest coefficients.

   • Evidence to keep: pre/post false‑positive rates, case yield and any impact on straight‑through processing.  Document how changes affect transaction monitoring and sanctions screening alerts for your next AML audit.

2. Prepare for outcomes‑based evaluations.

   • Tasks: add a detection‑to‑outcome dashboard; standardise case narratives; capture asset‑freeze “time‑to‑action.”  Use compliance automation to push metrics from your AML case management system to management dashboards and ensure they inform strategic decisions.

   • Example metric: after tuning scenarios with counterpart risk and adverse media, one institution lifted SAR conversion from 8 % to 13 % and cut time‑to‑decision by 22 %—numbers that resonate with supervisors.

3. Strengthen asset‑tracing and recovery.

   • Tasks: maintain a cross‑border contact book; pre‑clear legal templates; test 24/7 escalation; log chain‑of‑custody evidence.  Invest in AML investigation process tools that integrate asset‑tracing and provide audit‑ready documentation.

   • Case note: a six‑hour freeze of USD 1.2 m succeeded because roles, runbooks and evidence templates were rehearsed.

4. Incorporate AI‑related financial‑crime risks.

   • Tasks: deploy liveness and cross‑modal checks; red‑team onboarding flows against synthetic IDs; monitor an “AI‑fraud defeat rate”; add staff micro‑trainings on deepfake cues.  Explore AML fintech solutions that enhance your existing screening frameworks with advanced detection capabilities to uncover sophisticated fraud patterns.ustomer onboarding.

5. Stay engaged with regulators and forums.

   • Tasks: participate in consultations on financial inclusion and payment transparency; contribute typology write‑ups; share outcomes data.  Keep abreast of regtech AML developments and align internal standards with evolving guidance.

   • Our practice: we’ve joined working groups with guest jurisdictions on remittance transparency and NPO safeguarding, aligning internal standards with emerging guidance.

6. Monitor forthcoming publications.

   • Watch‑outs: FATF asset‑recovery guidance (expected November 2025) and the Belgium/Malaysia mutual evaluation reports (due December 2025) .

   • Team routine: a monthly “regulatory digest” round‑table to translate publications into control changes (including SEPA and instant‑payment implications).

Conclusion: from box‑ticking to results

The October 2025 Plenary didn’t rewrite AML/CTF/PF.  It rewarded reform that works—and kept the highest‑risk controls steady.  The message for practitioners is unambiguous: regulators will ask how you know your programme is effective and where you can prove it.  That means tracking the real‑world results of suspicious‑activity reporting, asset recovery and cross‑border cooperation—and being ready to explain your rationale when calibrating risk for grey‑listed countries.  Put another way, a strong compliance framework requires evidence that your AML risk assessments and sanctions‑screening efforts translate into meaningful outcomes; while transaction monitoring remains important, robust watchlist management and screening solutions—such as those offered by Facctum—often have the biggest impact

A question to take back to your team this week: If a supervisor walked in tomorrow, could you show, in five minutes, how your screening and monitoring change outcomes for the better? If not, the Plenary has just handed you a practical roadmap to start fixing that—today.