FATF Guidance on the Risk-Based Approach for Trust and Company Service Providers (TCSPs)

Publication details




This Guidance on the Risk-Based Approach to combating Money Laundering and Terrorist Financing was developed by the FATF in close consultation with representatives of the trust and company service providers industries. The Guidance supports the development of a common understanding of what the risk-based approach involves, outlines the high-level principles involved in applying the risk-based approach, and indicates good public and private sector practice in the design and implementation of an effective risk-based approach.

The purpose of this Guidance is to:

  • Support the development of a common understanding of what the risk-based approach involves.
  • Outline the high-level principles involved in applying the risk-based approach.
  • Indicate good practice in the design and implementation of an effective risk-based approach.

However, it should be noted that applying a risk-based approach is not mandatory. A properly applied risk-based approach does not necessarily mean a reduced burden, although it should result in a more cost effective use of resources. For some countries, applying a rules-based system might be more appropriate. Countries will need to make their own determinations on whether to apply a risk-based approach, based on their specific ML/FT risks, size and nature of the activities of the designated non-financial businesses and professions (DNFBPs), and other relevant information. The issue of timing is also relevant for countries that may have applied anti-money laundering/combating the financing of terrorism (AML/CFT) measures to DNFBPs, but where it is uncertain whether the DNFBPs have sufficient experience to implement and apply an effective risk-based approach.

Target audience, status and content of the guidance

This guidance is presented in a way that is focused and relevant for TCSPs. The roles and therefore risks of the different DNFBP sectors are usually separate. However, in some business areas, there are inter-relationships between different DNFBP sectors, and between the DNFBPs and financial institutions. For example, in addition to specialised trust and company service providers, financial institutions, lawyers, and accountants may also undertake the trust and company services covered by the Recommendations.

The FATF definition of TCSP relates to providers of trust and company services that are not covered elsewhere by the FATF Recommendations, and therefore excludes financial institutions, lawyers, notaries, other independent legal professionals and accountants. Separate guidance is being issued for those sectors, and they should therefore apply that guidance. However, all those engaged in TCSP activities may also wish to refer to the TCSPs guidance, as it is more specifically tailored to TCSP services.

TCSPs can take different forms. In some countries they may be predominantly lawyers. In other countries–particularly in countries with a high concentration of non-resident business–TCSPs are independent trust companies or are trust companies that are subsidiaries of banks, and may be other professionals such as accountants. In other countries, trust service providers (e.g. trust companies) and company service providers are separate and distinct categories of entities subject to separate regulatory requirements. As a result, not all persons and businesses active in the TCSP industries provide all of the services listed in the definition of a TCSP. Accordingly, risk should be identified and managed on a service-by-service basis.