Core Issues to be considered in determining if the IO is being achieved:

CI 4.1: How well do financial institutions, DNFBPs and VASPs understand their ML/TF risks and AML/CFT obligations?

CI 4.2: How well do financial institutions, DNFBPs and VASPs apply mitigating measures commensurate with their risks?

CI 4.3: How well do financial institutions, DNFBPs and VASPs apply the CDD and record-keeping measures (including beneficial ownership information and ongoing monitoring)? To what extent is business refused when CDD is incomplete?

CI 4.4: How well do financial institutions, DNFBPs and VASPs apply the enhanced or specific measures for: 

(a) PEPs, 

(b) correspondent banking, 

(c) new technologies, 

(d) wire transfer rules, 

(e) targeted financial sanctions relating to TF, and 

(f) higher-risk countries identified by the FATF?

CI 4.5: To what extent do financial institutions, DNFBPs and VASPs meet their reporting obligations on the suspected proceeds of crime and funds in support of terrorism? What are the practical measures to prevent tipping off?

CI 4.6: How well do financial institutions, DNFBPs and VASPs apply internal controls and procedures (including at financial group level) to ensure compliance with AML/CFT requirements? To what extent are there legal or regulatory requirements (e.g., financial secrecy) impeding its implementation?