40 FATF 40 Recommendations
35

Recommendation 35 · Group F · Powers of Competent Authorities

Former: R.17

Sanctions

Recommendation 35 requires every country to ensure there is a range of effective, proportionate and dissuasive sanctions — criminal, civil or administrative — available to deal with natural and legal persons that fail to comply with AML/CFT requirements. Sanctions must be applied not only to financial institutions and DNFBPs but also to their directors and senior management when warranted, and must be sufficiently severe to deter non-compliance.

Who must comply?

  • All financial institutions and DNFBPs
  • Directors and senior management of obliged entities
  • Compliance officers (in egregious cases)
  • Supervisors that impose sanctions

Key requirements

  1. 1

    Range of sanction types

    Countries must have a range of sanctions available — written warnings, financial penalties, restrictions on business, suspensions, removal of officers, revocation of licences, public censure — to match the nature and seriousness of the breach.

  2. 2

    Effectiveness, proportionality and dissuasion

    Sanctions must be (a) effective in achieving compliance, (b) proportionate to the gravity of the violation, and (c) dissuasive enough to discourage future breaches. Token fines defeat the purpose.

  3. 3

    Coverage of natural and legal persons

    Sanctions must apply to both legal persons (institutions) and natural persons (directors, senior managers, compliance officers, employees) where their conduct warrants individual liability.

  4. 4

    Match the requirement breached

    Sanctions must apply to violations of any AML/CFT requirement under the FATF Recommendations — CDD, record-keeping, reporting, internal controls, sanctions screening — not just selected ones.

  5. 5

    Independent and consistent application

    Supervisors and judicial authorities must apply sanctions consistently across similar violations, transparently, and without undue political or industry influence.

  6. 6

    Public communication

    In appropriate cases, sanctions should be made public — as part of deterrence and to inform other obliged entities of the standards being enforced.

Practical example

Example: Mexico's three layers of AML sanctions

A Mexican SOFOM ENR fails to file required ROIs over a 12-month period. Sanctions can stack: (1) administrative — CNBV imposes a fine of up to 100,000 days of salary (~MXN 27.88M), removal of the compliance officer, suspension of operations; (2) criminal — under Art. 400 Bis 1 CPF, the compliance officer and directors face 7.5 to 22.5 years if knowingly facilitating ML; (3) reputational — the CNBV publishes the resolution, the SOFOM loses correspondent relationships, and other counterparties unwind. This is the layered effectiveness that Recommendation 35 demands.

How Mexico implements it

Country-specific section in Spanish — Mexican regulatory references (LFPIORPI, CNBV, SAT, UIF).

México opera tres regímenes de sanciones complementarios:

LFPIORPI Arts. 53-56 — Multas administrativas para AV

Multas de 200 a 65,000 UMA ($23,462 a $7,625,150 MXN con UMA 2026). Aplican al sujeto obligado y, en casos graves, al representante de cumplimiento. La reforma marzo 2026 del Reglamento añadió la autocorrección PLD del Art. 55 Bis.

Sector financiero — Multas CNBV

Para SOFOMes ENR y otras entidades reguladas: 10,000 a 100,000 días de salario (~MXN 2.78M a 27.88M). Adicional: suspensión de actividades, revocación de registro, remoción de funcionarios.

Multas PLD SOFOM ENR

Penal — Art. 400 Bis CPF

Pena base 5-15 años de prisión. Agravante hasta 22.5 años para personal del régimen ALA (Art. 400 Bis 1). Hasta 30 años para servidores públicos (Art. 400 Bis 2). Multa adicional de 1,000 a 5,000 días de salario.

Publicidad de sanciones

La CNBV publica resoluciones sancionadoras en su sitio. El SAT mantiene registro público de sancionados (lista 69-B y similares). La publicidad es elemento de disuasión bajo la R.35.

Milestones

  1. 1990

    Original Recommendation 17 on sanctions

  2. 2012

    Renumbered as Recommendation 35

  3. 2025

    October 2025 update reinforces individual-liability expectations

Related Recommendations

Other Recommendations in Group F — Powers of Competent Authorities

26 R.26 Regulation of financial institutions 27 R.27 Powers of supervisors 28 R.28 Regulation of DNFBPs 29 R.29 Financial intelligence units (FIUs) 30 R.30 Law enforcement responsibilities 31 R.31 Law enforcement powers 32 R.32 Cash couriers 33 R.33 Statistics 34 R.34 Guidance & feedback

Official citation

FATF (2012-2025), International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation, Recommendation 35, FATF, Paris, France. Last updated October 2025.

Read the official text on fatf-gafi.org