Mexico
Report on the Observance of Standards and Codes: FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism

This report assesses the Observance of Standards and Codes on the Financial Action Task Force (FATF) Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) for Mexico. The report highlights that Mexico has removed specific exemptions to customer identification obligations, implemented online reporting forms and a new automated transmission process for reporting transactions to the financial intelligence unit. Financial institutions with a reporting obligation (reporting institutions) now require occasional customers performing transactions equivalent to or exceeding US$3,000 in value to be identified so that the transactions can be aggregated daily.

Abstract

This report assesses the Observance of Standards and Codes on the Financial Action Task Force (FATF) Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) for Mexico. The report highlights that Mexico has removed specific exemptions to customer identification obligations, implemented online reporting forms and a new automated transmission process for reporting transactions to the financial intelligence unit. Financial institutions with a reporting obligation (reporting institutions) now require occasional customers performing transactions equivalent to or exceeding US$3,000 in value to be identified so that the transactions can be aggregated daily.

Assessment of measures in place as of 12 September 2003

Introduction

1. This Report on the Observance of Standards and Codes for the FATF 40 Recommendations for Anti-Money Laundering and 8 Special Recommendations for Combating the Financing of Terrorism (FATF 40+8 Recommendations) was prepared by representatives of member jurisdictions of the Financial Action Task Force (FATF) and members of the FATF Secretariat.1 The report provides a summary of the level of compliance with the FATF 40 Recommendations, as adopted in 1996, and the FATF 8 Special Recommendations on Terrorist Financing, adopted in 2001, and provides recommendations to strengthen compliance. The views expressed in this report are those of the assessment team as adopted by the FATF and do not necessarily reflect the view of the government of the United Mexican States, the International Monetary Fund (IMF) or the World Bank.

Information and Methodology Used for the Assessment of measures in place as of 12 September 2003

2. In preparing the detailed assessment, assessors reviewed relevant anti-money laundering and counter terrorist financing laws and regulations, supervisory and regulatory systems in place to deter money laundering (ML) and terrorist financing (FT), and criminal law enforcement systems. The evaluation team met with officials from relevant Mexican government agencies and the private sector in Mexico City from 8 to 12 September 2003. Meetings took place with representatives from the Secretariat of Finance and Public Credit (SHCP) and the following units which are a part of it: the Attached General Directorate for Transaction Investigations (DGAIO), the Federal Fiscal Attorney’s Office (PFF), the General Customs Administration (Customs), and the Service for the Administration and Alienation of Assets (SAE). As well, meetings took place with the Secretariat of Foreign Affairs, the Attorney General’s Office (PGR), and the Federal Investigations Agency (AFI). The evaluation team also met with representatives of the National Banking and Securities Commission (CNBV), the National Insurance and Bonding Commission (CNSF), the National Retirement Savings System Commission (CONSAR), and representatives from the commercial banking, insurance, securities, pensions, and retirement funds sectors. This assessment is based on the information available as of 12 September 2003.

Overview of the financial sector

3. Currently, there are 32 commercial banks with 7,765 branches and 80 Foreign Financial Representative Offices operating in Mexico, with 7,765 branches. Seven commercial banks represent eighty-eight percent of total assets in the banking sector. Commercial banks, foreign exchange companies and general commercial establishments are allowed to offer money exchange services. In 2002, total money remittances equalled 9,815 million dollars. As of June 2003, money remittances reached 9,134 million dollars. Mexico has 81 insurance companies, 1 mutual insurance company, 13 bonding institutions, 211 credit unions, 28 money exchange houses. Despite the size of Mexico’s retirement pension fund sector, both bonding institutions and retirement pension funds seem to have a low risk of being involved in money laundering. While casinos are not permitted in Mexico, gambling is legally allowed through national lotteries, horse races and sport pools.

General Situation of Money Laundering and Financing of Terrorism

4. Mexico reports that the main source of illegal proceeds is drug trafficking. Mexico acts as the main bridge between the southern and northern countries of the American continent. Drug trafficking activity in Mexico is also linked to other serious offences, including organised crime, firearms trafficking and money laundering. Mexico’s ability to combat drug trafficking is impeded, in part, by official corruption and the significant resources and technology of drug trafficking organisations. Mexico also reports that in the last three years its efforts to combat corruption have resulted in more than 26,300 arrests of people (including more than 140 public officers) involved in the drug cartels at all levels.

Main Findings, Part 1: Summary of AML/CFT measures in place at the time of the on-site visit (8-12 September 2003)

5. Mexico has made progress since 2000. It has removed specific exemptions to customer identification obligations, implemented on-line reporting forms and a new automated transmission process for reporting transactions to the FIU, and slightly reduced the delay in reporting transactions overall. Financial institutions with a reporting obligation (reporting institutions) now require occasional customers performing transactions equivalent to or exceeding USD 3,000 in value to be identified so that the transactions can be aggregated daily. Transactions performed in monetary instruments exceeding a daily aggregate of USD 10,000 in value must be reported to the FIU. Regardless of their value, any transactions that are considered to be suspicious or unusual must also be reported. Financial institutions have also implemented programs for screening new employees and verifying the character and qualifications of their board members and high-ranking officers. International co-operation between FIUs at the operation level appears to be working satisfactorily. Additionally, the FIU now provides general statistical feedback to financial institutions concerning their compliance with the reporting obligation. Mexico has also developed an overall AML strategy and plan.

6. However, there are a number of deficiencies in the system. The most significant of these are as follows. First, Mexico does not have a separate offence of terrorist financing and the blocking of terrorist assets could be improved. Although Mexico submitted draft legislation to the Mexican Congress in September 2003 to criminalise terrorist financing, that legislation has not yet been passed. Mexico is strongly encouraged to pass that legislation as soon as possible. Second, the reporting system suffers from significant delays, most of which originate within the financial institutions themselves. Third, bank and trust secrecy continue to impede many aspects of Mexico’s AML/CFT system, particularly for law enforcement, prosecutorial and judicial authorities during investigations and prosecutions. Among these impediments is the lack of clear procedures for allowing law enforcement, prosecutorial and judicial authorities direct access to financial information during the course of investigations and prosecutions. Fourth, the Supervisory Commissions must substantially improve their process of verifying the compliance of Reporting Institutions with AML measures because the current approach is resulting in uneven application of AML measures overall. Fifth, limited co-ordination among key government institutions and procedural barriers, such as the requirement of an SHCP complaint for the issuance of an indictment, impede effective money laundering prosecution. Sixth, an unnecessarily high burden of proof and the lack of value-based confiscation measures frustrate confiscation. Finally, the absence of legislation to establish procedures for international co-operation limits the effectiveness of co-operation in money laundering and confiscation proceedings.

A. Criminal Justice Measures and International Co-operation

(a) Criminalisation of money laundering and financing of terrorism

7. Money laundering (ML) has been a criminal offence in Mexico since 1990. The current offence–Article 400-Bis of the Federal Penal Code (FPC)–was introduced in 1996 and is an all-crimes money laundering offence that incorporates the essential elements required by the United Nations Convention Against Illicit Traffic in Narcotic Drugs and Psychotropic Substances, 1988 (the Vienna Convention) and the United Nations Convention Against Transnational Organised Crime (the Palermo Convention). Moreover, once the prosecution has demonstrated the indicia of criminality, the law requires states the burden of proof shifts to the defendant to establish the legitimate origin of the property. However, prosecutors are still finding it difficult to prove the nexus between criminal proceeds and a particular crime, and to persuade judges to apply the burden-shifting provision.

8. Criminal liability does not extend to corporations or other legal persons. However, where necessary for public safety, a judge can order the suspension or dissolution of a legal entity if one of its members or representatives engages in criminal conduct in the name of, on behalf of, or for the benefit of the legal entity. As well, the legal entity can be ordered to pay fines as reparation for any damages caused by criminal offences committed by its directors or managers.

9. Money laundering is punishable by a term of imprisonment from five to fifteen years and a fine from 1,000 to 5,000 days of wages. If the offence is committed by a government official who is in charge of the prevention, investigation or prosecution of crime, the penalty is increased by fifty percent and the official is barred from holding employment in a public institution for a period equal to the length of the term of imprisonment imposed. Nevertheless, although Article 400-Bis is a comprehensive money laundering offence on paper, which has been in force for many years, the number of convictions for the offence remains quite low (only 56 convictions for money laundering during the period from 2000 to September 2003), and procedural obstacles, difficulties establishing the elements of the offence, stringent bank secrecy laws, and only limited favourable jurisprudence have all limited its ineffectiveness.

10. Mexico does not have a separate offence of terrorist financing. Terrorist financing is only punishable as an ancillary offence, in that it is a crime to intentionally provide support for the commission of a criminal offence or aid a criminal following the commission of a crime in fulfillment of a promise made before the offence was committed. This offence is punishable by a term of imprisonment from 18 months to 30 years. If the funds used to finance terrorism had an illicit origin, engaging in conduct set out in Article 400-Bis could also be a money laundering violation, but only in cases where a terrorist act was committed or attempted. Moreover, the offence may not apply to legally obtained funds transferred or collected with intent to finance terrorism abroad, unless that terrorism produces an effect in Mexico. This approach does not meet the essential elements required by the UN International Convention for the Suppression of the Financing of Terrorism (1999) (Terrorist Financing Convention), nor the Eight Special Recommendations.

(b) Confiscation of Proceeds of Crime or Property used to Finance Terrorism

11. The text of Mexican laws on forfeiture and abandonment incorporate many of the elements of a comprehensive confiscation system. The Federal Penal Code and Federal Penal Procedures Code provide a broad basis for confiscating the proceeds, instruments and objects of all intentional crimes. In addition, Articles 29 and 30 of the Federal Law Against Organised Crime (FLAOC) establish an ability to reverse the burden of proof in cases involving the assets of criminal organisations by authorising a prosecutor, with prior judicial approval, to seize all property of a presumed member of a criminal organisation or all property presumed linked to members of a criminal organisation, and by precluding the release of that property unless the claimant can establish its legitimate origin. Mexican law also includes express authority to confiscate property held by nominees. Restraint and forfeiture are not restricted by type of asset, although the procedures established provide for different methods for restraint and notification depending upon the type of asset. The law also sets out a default judgment procedure (abandonment) for truncating proceedings when no claimant appears, procedures for giving notice to third parties and protecting their rights, and procedures for the management and disposal of seized and confiscated assets. Mexican law also permits the sharing of forfeited assets or the proceeds of their sale with local or foreign authorities that assist in investigations leading to forfeiture or abandonment, although to date Mexico has not yet shared such assets with a foreign government.

12. Nevertheless, significant legislative weaknesses remain and, as in the case of the money laundering offence, confiscation has been of only limited effectiveness in practice. Once deficiency is the lack of clarity on the level of proof required in confiscation proceedings, which has led to the application of a criminal standard of proof for establishing the relationship between the property and the offence. This is an unnecessarily elevated standard for confiscation once an individual’s responsibility for a criminal offence is established through conviction on a criminal standard. In addition, because the forfeiture system is purely property-based, it is not possible to confiscate property based upon the value of the proceeds generated or the assets involved in the offence. This creates difficulties for the prosecutor who must establish a direct link between the offence, the offender and the property itself. Likewise, forfeiture of property in the hands of nominees is impeded by the requirement of establishing both the underlying offence and the nominee’s intent to conceal the property, giving presumptive validity to the transfer of offence-related property when the person who conveyed title did not have valid title to the property in the first place.

13. Mexico’s ability to trace, seize, freeze and confiscate offence-related property is also limited by the inability of law enforcement and prosecutorial authorities to directly access financial information in a timely way. The effectiveness of forfeiture proceedings is also limited by the length of criminal proceedings.

14. Mexican authorities have issued restraint orders in relation to the UN resolutions S/RES/1267(1999) and S/RES/1373(2001) concerning the freezing of terrorist assets, but it appears that compliance with these orders has been incomplete in that some financial institutions report having rejected transactions being attempted by designated persons rather than accepting the transactions and subsequently freezing the assets.

(c) The FIU and Processes for Receiving, Analysing, and Disseminating Intelligence: Functions and Authority

15. Mexico’s financial intelligence unit, the DGAIO, has been operational since 1997 and is a member of the EGMONT Group. DGAIO is a well-organised FIU that has succeeded in developing systems for receiving, storing and analysing the various types of reports that it receives. The DGAIO receives reports on three different types of transactions: relevant transactions which are large cash transactions over USD 10,000 in value, suspicious transactions (STRs), and concerning transactions which are suspicious transactions involving an employee of a financial institution. The DGAIO also receives customs declarations made by persons transporting currency or monetary instruments of a value exceeding USD 10,000. Currently, there is no legal requirement to report transactions suspected of being related to terrorist financing.

16. The DGAIO is empowered to co-operate with foreign competent authorities. Exchanges of financial information and intelligence occur pursuant to agreements or treaties executed with foreign countries, and are subject to international reciprocity principles. International co-operation at the operational level appears to be working satisfactorily, with the DGAIO exchanging information with the United States, and co-operating in joint investigations.

17. The number of cases that the DGAIO processes has been increasing annually; however, overall the results have been limited. DGAIO could benefit from direct access to collateral information such as criminal intelligence information, commercial databases, local land registries and immigration records. The staff of the DGAIO appear to be highly skilled and well-trained; however, they should also receive specific training on terrorist financing. DGAIO’s analysis is extremely thorough; however, refocusing the scope of this analysis would be desirable in order to reduce the length of time it takes to pass the information on to the law enforcement and prosecutorial authorities.

(d) Law Enforcement and Prosecution Authorities, Powers and Duties

18. The investigation and prosecution of all federal offences, including money laundering, is responsibility of the PGR. The PGR has a police force (the AFI) which is under the immediate command of the Public Prosecutor. Since July 17, 2000, the PGR has had a dedicated national anti-money laundering unit responsible for prosecuting money laundering offences—the Special AML Unit. The PGR has recently been reorganised to place the Special AML Unit within the Office of the Deputy Attorney General for Investigations Specialised in Organised Crime (SIEDO), a move that should provide it with expanded powers of investigation. Although terrorism is investigated through the PGR’s Special Anti-Terrorism Unit, terrorist financing itself is not investigated as an offence, except in the context of persons who aid or assist in the commission of a terrorist offence.

19. The PGR has broad powers of investigation at its disposal and can use any investigative methods it considers appropriate (even one not specifically provided for in law), provided that the method does not violate the law. The PGR requests warrants of arrest, searches for and submits evidence, verifies that judgments are legally developed, and requests the application of penalties.

20. Law enforcement agencies have a wider range of investigative techniques available in investigations involving organised crime, including the use of infiltration agents, wiretapping private communications, offering rewards, providing for the protection of persons, reducing sanctions to secure effective co-operation of persons involved in the criminal activity, and broader authority to seize assets. However, legislative authority for the use of such techniques could be strengthened, particularly with regard to the use of infiltration agents, which is a technique restricted to intelligence gathering and subject to practical impediments for agents acting in an undercover capacity. As well, there is no framework in which the supervisory commissions can co-operate spontaneously with the PGR or the judicial authorities. They can only do so once a formal request for co-operation has been made.

21. In money laundering cases involving a financial institution that is part of the formal financial sector, a formal complaint must be first filed by the PFF before money laundering charges can be laid. This procedural requirement creates duplication since both the PGR and the PFF conduct their own independent analysis of the case. Consequently, the requirement that the PFF issue a formal complaint in such cases should be removed.

22. Mexican law does not set out clear procedures through which law enforcement, prosecutorial and judicial authorities can obtain financial and trust information directly from financial institutions. Consequently, bank and trust secrecy laws impede the access of these authorities to financial information during the investigations and prosecutions. To comply with bank and trust secrecy laws, prosecutorial/law enforcement authorities and the DGAIO must obtain the required information (even basic information such as an account statement) by making a request to the relevant supervisory commission. Even though judicial authorities could obtain financial information directly from the financial institution in principle, there are no clear procedures in law for doing so. Consequently, in practice, judicial authorities also obtain financial information through the relevant supervisory commission. However, unlike suspicious and large cash transaction reports which pass through the supervisory commissions in an encrypted format, requests for information are unencrypted. Moreover, the supervisory commission reviews each request to ensure that it is founded and motivated properly. The corresponding response from the financial institution is also processed through the supervisory commission. Giving the supervisory commissions access to such information risks compromising the investigation itself. These weaknesses need to be addressed. Legislation must be passed to allow appropriate gateways through bank and trust secrecy during the investigation and prosecution of cases involving ML, FT or other serious offences.

(e) International Co-operation

23. Although Mexico has no specific statute governing the provision of mutual legal assistance in criminal matters, it can provide mutual legal assistance pursuant to international treaties and conventions to which it is a party. Mexico has ratified 17 bilateral treaties, and a number of international conventions (including the Vienna and Palermo Conventions) which urge international co-operation. Where no treaty exists, Mexican courts can still provide mutual legal assistance in response to a letter rogatory request from a foreign court. However, as described below, the lack of specific mutual legal assistance legislation inhibits Mexico’s ability to provide timely and effective formal mutual legal assistance in money laundering and terrorist financing cases.

24. The scope of available mutual legal assistance includes seizure of evidence, searches, the taking of witness statements, identification of assets, and other measures not prohibited by law. Assistance can be provided in investigations involving either the predicate offence or the money laundering offence. In investigations involving organised crime, the more intrusive investigatory powers of the FLAOC can be invoked in response to a mutual legal assistance request. However, because Mexico’s mutual legal assistance obligations are performed on the basis of the same provisions applicable to domestic investigations and prosecutions, bank and trust secrecy inhibit international co-operation in the same way that they inhibit domestic investigations and prosecutions. Mexico has provided information and spontaneous assistance in a small number of FT cases, but remains restricted in providing formal mutual legal assistance.

25. Mexico does not have specific legislation authorising the enforcement of foreign confiscation orders, and confiscation may be limited to domestic proceedings in which a conviction and confiscation order is issued in Mexico. In addition, the inability of courts to issue value-based confiscation orders impedes the execution of foreign confiscation orders in the same way as it impedes domestic confiscation proceedings.

26. The International Extradition Act (IEA) is a reasonably comprehensive piece of legislation that establishes the procedures for authorising extradition pursuant to a treaty or when no bilateral extradition treaty applies. Extradition is possible for both intentional offences and serious offences of criminal negligence. Mexican nationals can be extradited, but only in “exceptional cases”. The requirement under Article 7 of the IEA that a formal complaint be issued in the requesting country if such a complaint would be required to prosecute similar conduct in Mexico, may inhibit extradition in ML cases because of the requirement of an SHCP complaint under Article 400-Bis. Moreover, because terrorist financing has not yet been criminalised, it is unclear whether there is a sufficient basis for extradition in terrorist financing cases.

B. Preventive Measures for Financial Institutions

(a) Financial Institutions

27. The following regulated financial institutions are subject to AML measures: credit institutions (both commercial and development banks and limited scope financial institutions (i.e. non-bank banks)), securities firms, investment companies, licensed foreign exchange companies (casas de cambio) and savings and loan companies (which are supervised by the CNBV); insurance companies, other insurance intermediaries, and bond companies (which are supervised by the CNSF), and retirement funds (which are supervised by CONSAR).

28. The general AML measures are scattered throughout various laws and regulations issued by the SHCP. More specific details of AML procedures are set out in the operation manuals of the financial institutions themselves. The law obligates financial institutions to develop operation manuals and submit them for approval by the SHCP. However, overall, implementation of AML measures is inconsistent between different types of financial institutions and amongst financial institutions of the same type.

29. Financial institutions are required to identify customers (both natural and legal persons) at the time a business relationship is established (i.e. an account is opened) and prior to any transaction being conducted. Customers performing large transactions (exceeding USD 10,000) with specified monetary instruments must be identified at the time the transaction is being performed. Foreign natural and legal persons are identified according to procedures as rigorous as those which apply to Mexican nationals. Financial institutions are not allowed to hold anonymous or numbered accounts. Failure to comply with these customer identification requirements can be sanctioned with a fine. However, because financial institutions are not required to regularly update their customers’ files, customer identification information held on file may be outdated.

30. Exclusively non-face-to-face accounts are not held at Mexican banking institutions. Customers opening any type of account must undergo the full identification procedure described above, even if the account is ultimately going to be operated through the internet (in which case, the customer must also obtain the bank’s specific authorisation).

31. Financial institutions are legally obligated to take “reasonable measures” to identify the person(s) under whose name an account is being opened or a transaction is being carried out. However, this obligation only applies if there are doubts as to whether the customer is acting on behalf of another person. Consequently, financial institutions are not obligated to identify the beneficial owner of a legal person. The trustees, settlors and beneficiaries of a trust must be identified.

32. Simplified customer identification procedures may be performed if an account is being established for payroll deposits or a business relationship that, due to its characteristics, is meant for low-income customers. However, the type of transactions performed and the profile of the customers involved evidently features a low risk of money laundering.

33. Customers that are also “entities that integrate the Financial System” (as set out in paragraph 28) are exempt from customer identification and verification procedures. However, this exception does not apply to money remitters, unlicensed foreign exchange offices (centros cambiarios) or foreign financial institutions or government agencies based in countries and territories which have been identified by the SHCP as being high risk or having favourable tax systems.

34. Although the CNBV’s inspections have detected breaches relating to the customer identification requirements, the number of such infringements is much less than those relating to other types of breaches. The CNBV has required non-compliant financial institutions to make appropriate adjustments to their procedures, to gather the information necessary to properly integrate the customer identification files, and where appropriate has applied sanctions.

35. There is no legal obligation to include the originator information (name, account number and address) and any attached messages with a wire transfer. Nevertheless, the MBA requires all international credit institutions to attach complete originator information to all wire transfers directed to Mexican banks and, since July 2003, has required Mexican banks to reject international transfers that do not include at least the name of the sender.

36. Financial institutions are required to collect and maintain records of customer identification information, all customer transactions, and customer contracts. However, record keeping obligations would benefit from being more clearly defined. Moreover, a significant proportion of financial intermediaries (mainly banks) do not manage their customers’ business relations on a consolidated basis. Failure to comply with recording requirements is punishable by two to ten years imprisonment and a pecuniary punishment. The law gives supervisory commission inspectors sufficient access to the records of the financial institutions being inspected, enabling them to perform their tasks appropriately.

37. Financial institutions are obligated to report large cash transactions and suspicious transactions to the DGAIO in a timely manner. Attempted transactions must also be reported. There is no express obligation to identify or report transactions suspected of being related to terrorist financing; however, the supervisory commissions have requested financial institutions to include the suspicion of being connected with FT as one of the criteria for considering a transaction to be unusual. As well, the United Nations and OFAC lists of potential terrorists and terrorist organisations have been disseminated to all financial institutions so that reports can be made concerning any natural or legal persons included on those lists. Financial institutions should be required to develop and apply specific criteria for identifying transactions suspected of being related to terrorist financing. Such transactions should be reported to the DGAIO.

38. Although some financial institutions have computer-based procedures for detecting suspicious transactions, some still employ manual processes. Once a suspicious transaction is detected by front-line staff, it is reported to a special committee (the Control Committee) of the financial institution. The Control Committee reviews the transaction and, if it considers the transaction suspicious, reports it to the DGAIO. The law prohibits the employees, officers, external auditors, managers or board members of a financial institution from informing anyone (other than the competent authorities) that a report has been made to the DGAIO. A similar prohibition applies to the officers of the supervisory commissions and the SHCP.

39. The law requires a suspicious transaction to be reported within three working days of the financial institution becoming aware of it. However, the financial institutions have interpreted this to mean within three working days of the Control Committee’s decision on whether or not the transaction is suspicious. Because the Control Committees do not meet on a regular basis, this can result in a considerable delay between the time the transaction occurs and the time it is transmitted to the DGAIO.

40. To comply with bank secrecy laws, financial institutions cannot report directly to the DGAIO, but must do so through their supervisory commission. To facilitate that process, a completely integrated system was introduced in mid-2002 to allow reporting forms to be compiled on-line and sent electronically in an encrypted format to the DGAIO. This process is almost instantaneous.

41. Overall, the quality of reports is quite low; about 70% do not contain all the information required by the electronic form, and need to be returned. Additionally, a large number of suspicious transaction reports do not contain sufficient information to explain why the transaction was considered to be suspicious. In those cases, the DGAIO makes a request to the supervisory commission for additional information from the respective financial institution. Both the DGAIO and the supervisory commissions should provide regular specific feedback to financial institutions, with a view to improving the quality of reports.

42. Financial institutions are required to implement internal AML programs, training, and stringent employee screening procedures (especially for higher-level employees). Persons who have been indicted for a crime punishable by more than one year in prison are prohibited from being board members, external auditors, officers, director generals, or compliance officers. Restrictions also apply to persons who have been previously banned from practicing commercial activities or holding positions in the public sector or financial system. On-site inspections have confirmed that banks and securities firms comply with these requirements. Strict shareholder acquisition and control rules also apply to banks, securities firms, insurance companies, and casas de cambio.

43. The supervisory commissions conduct on-site inspections. Foreign subsidiaries of banking entities authorised to operate in Mexico can also be subject to on-site inspections by their home supervisory authority. Particular attention is given to the monitoring systems for accounts and transactions, especially the criteria embedded in the systems to detect suspicious transactions, the information flow, and the actual functioning of the system. The inspectors also test the AML knowledge of personnel. However, six years after the adoption of unusual transaction reporting requirements, the CNBV still is not conducting meaningful evaluations of whether Reporting Institutions are reporting as they should. Inspections by the supervisory authorities do not assess the syllabus of training programs. In these respects the inspection process takes a rather formalistic approach focused on confirming the existence of measures without fully assessing their quality. At the time of the on-site visit in 2003, neither money remitters nor unlicensed foreign exchange offices (centros cambiarios) were legally obligated to implement internal AML policies, procedures, controls, or employee training, information dissemination or screening procedures. As well, supervision of branches/subsidiaries of Mexican financial institutions located abroad is very passive and inadequate to effectively assess compliance with AML measures.

44. When weaknesses are detected during the inspection process, the CNBV is empowered to implement corrective actions. For instance, the CNBV can temporarily suspend some or all operations of a non-compliant financial institution when serious and frequent violations occur, and can advise the SHCP to revoke its licence. The supervisory commissions can also admonish, suspend or veto any board member or senior officer who commits a felony or does not comply with the AML laws. However, the sanctioning process is flawed because the ability of the supervisory commissions to impose sanctions (other than fines) is quite limited.

45. Although the CNBV reports commencing seventy-nine administrative sanctions proceedings against various financial institutions between 2001 to 2003, to date, very few fines have been imposed, and there are no cases of senior officers being suspended or the authorisation/licence of a financial institution being suspended or revoked for violations of AML provisions. The Mexican authorities should ensure that infringements of AML provisions directly activate an effective sanctioning process. Recently passed legislation may address this issue; however, it is too soon to assess its effectiveness.

(b) Controls and monitoring of cash and cross border transactions

46. Article 9 of the Customs Law requires that all cross-border transactions worth USD 10,000 or more must be declared to the customs authority. Failure to do so is an administrative offence. Failure to declare currency in excess of USD 30,000 upon entering or leaving Mexico is a criminal offence, and is punishable by three months to six years imprisonment. If convicted, the amount exceeding USD 30,000 becomes the property of the Federal Fiscal Authority, unless the defendant can establish its legal origin.

Summary assessment against the FATF Recommendations

47. Mexico is compliant or largely compliant with some of the FATF 40 Recommendations, particularly those relating to international co-operation, the money laundering offence and the ratification and implementation of the Vienna Convention. However, there are a number of deficiencies that must be addressed. For instance, AML/CFT measures should be extended to money remitters and unlicensed foreign exchange offices. Customer identification requirements—especially those relating to the determination of beneficial ownership—should be strengthened. Systems for reporting suspicious transactions should be improved. Enhancements should also be made to the supervisory and regulatory framework. Clear procedures should be created to address issues relating to financial secrecy and direct access to financial information by appropriate authorities. As well, Mexico needs to criminalise terrorist financing and quickly adopt and implement more comprehensive anti-terrorist financing measures.

Table 1.

Recommended Action Plan to Improve Compliance with the FATF Recommendations

article image
article image
article image
article image
article image
Table 2.

Other Recommended Actions

article image

Assessment of measures in place as of 15 May 2004

Introduction

48. This half of the Report summarises the AML/CFT measures implemented by Mexico between 13 September 2003 and 15 May 2004. Where appropriate, it reassesses the level of compliance with the FATF 40 Recommendations, as adopted in 1996, and the FATF 8 Special Recommendations on Terrorist Financing, adopted in 2001. It also provides additional recommendations to strengthen Mexico’s AML/CFT system. Unless stated otherwise, the situation described above remains the same.

Information and Methodology Used for the Assessment of measures in place as of 15 May 2004

49. In preparing this half of the Report, the assessors reviewed relevant anti-money laundering and counter terrorist financing laws and regulations, and supervisory and regulatory systems implemented between 13 September 2003 and 15 May 2004. This assessment is based on the information available as of 15 May 2004.

Main Findings, Part 2: Summary of AML/CFT measures implemented between 13 September 2003 and 15 May 2004

50. Mexico has made progress since the on-site visit of 8-12 September 2003. In particular, Mexico has extended AML/CFT obligations to money remitters and unlicensed foreign exchange offices (centros cambiarios). The Tributary Administration Service (SAT) is the competent authority for supervising, overseeing, inspecting and, where appropriate, issuing sanctions against both sectors. Customer identification and record keeping requirements have been strengthened. Additionally, Mexico has amended the law to more clearly define the powers and obligations of the financial intelligence unit (FIU) and to restructure its operations. As well, financial institutions are now obligated to report transactions suspected of being related to domestic terrorism. However, there is still no legal obligation to report any transaction suspected of relating to terrorist financing, regardless of whether the terrorism is somehow connected to Mexico.

A. Criminal Justice Measures and International Co-operation

(a) Criminalisation of money laundering and financing of terrorism

51. In the seven-month period between September 2003 and March 2004, the PGR started 25% more money laundering investigations than it did during the previous eight-month period. During the same period, the SHCP issued more than twice as many formal complaints for money laundering as were issued during the previous year. However, although the system continues to achieve some results, the number of convictions for money laundering offences remains relatively low. Consequently, overall, the offence remains ineffective.

(b) Confiscation of Proceeds of Crime or Property

52. Mexico’s freezing and confiscation system continued to achieve some limited results between September 2003 and March 2004. In particular, Mexico continues to have difficulty confiscating assets. No steps were taken to improve the system as recommended by the FATF.

(c) The FIU and Processes for Receiving, Analysing, and Disseminating Intelligence: Functions and Authority

53. Mexico’s financial intelligence unit, which is now called the Financial Intelligence Unit of the Ministry of Finance and Public Credit (FIU), has also undergone a restructuring. However, it is still too early to fully assess the overall effect that this restructuring will have on the FIU’s performance in the long term.

54. In May 2004, Mexico adopted secondary laws legislation which more clearly elaborate the powers of the FIU and assign it additional responsibilities. For instance, the FIU is now responsible for: providing direct input concerning legislative amendments; interpreting AML/CFT legislation; designing reporting forms; co-operating directly with authorities in the course of a criminal proceeding; liaising with regulatory authorities on issues of AML/CFT compliance; liaising with foreign countries and intergovernmental organisations; and participating in national and international AML/CFT fora and events. Some of these functions that are now enumerated responsibilities of the FIU were previously performed by other authorities within the SHCP or were carried out without a specific designation of responsibility. As well, the FIU’s obligation to receive, compile and analyse transactions and other information has been expanded from money laundering transactions to include transactions that may be related to terrorism. The FIU is also now legally obligated to issue typologies and guidelines on probable cases within the scope of its authority. Additionally, the FIU must report to the regulatory commissions—including the SAT (which is now responsible for supervising money remitters and unlicensed foreign exchange offices) concerning financial institutions that fail to comply or comply in an untimely manner with their reporting obligations.

55. Although the FIU still obtains financial information (such as account statements) from financial institution through the Supervisory Commissions, the FIU is now empowered to request information directly from other individuals or sources as needed. These provisions should improve the FIU’s access to information with the SHCP and clarify it’s authority for requesting information from other sources. As such, these provisions may improve its ability to conduct a timely analysis; however, it is still too early to assess how effective these new measures will ultimately be.

(d) Law Enforcement and Prosecution Authorities, Powers and Duties

56. In May 2004, Mexico reassigned some procedural responsibilities to the FIU in money laundering cases involving the Mexican financial system. The FIU is now legally obligated to co-operate with the authorities concerning criminal procedures in ML/FT cases. Additionally it will perform follow-up and control proceedings in cases originating from an SHCP complaint and will provide assistance to the PGR as needed. How these liaison relationships function in practice may be of particular importance to more effective AML/CFT enforcement. Moreover, improving the communication, co-operation and coordination between the SHCP and the PGR should be made a priority in Mexico’s implementation of AML/CFT measures.

(e) International Co-operation

57. Between 13 September 2003 and 15 May 2004, Mexico did not take any of the action recommended by the FATF or implement any new measures in this area.

B. Preventive Measures for Financial Institutions

(Measures implemented between 13 September 2003 and 15 May 2004)

58. Mexico extended AML/CFT obligations (including those relating to customer identification, record keeping and reporting) to money remitters and unlicensed foreign exchange offices (centros cambiarios). Mexico also designated the Tributary Administration Service (SAT) as the authority responsible for supervising and, where appropriate, imposing sanctions on money remitters and unlicensed foreign exchange offices who do not comply with their AML obligations. The SAT is authorised to require sector participants to modify their client identification, due diligence policies and AML/CFT measures when it is considered necessary for their correct implementation. Although the SAT has been designated to supervise and impose sanctions on money remitters and unlicensed foreign exchange offices, it is too soon to adequately assess the SAT’s authority and ability to co-operate with other regulatory supervisors and competent authorities.

59. All financial institutions (including money remitters, unlicensed foreign exchange offices and retirement funds) are now obligated to collect additional information in the course of identifying customers, including information establishing the customer’s domicile or residency status and identifying legal representatives and beneficiaries. These additional identification obligations exist regardless of whether the customer is a natural or legal person. Prior to establishing a commercial relationship, the financial institution must also conduct a personal interview with the customer or legal representative. Financial institutions are prohibited from opening accounts or executing any type of contracts unless the customer has satisfactorily complied with the identification procedures.

60. Financial institutions are also obligated to strictly implement their customer identification policies in cases of correspondent accounts opened by financial institutions domiciled abroad and incorporated in jurisdictions which insufficiently apply AML/CFT measures. As well, financial institutions are prohibited from carrying out correspondent transactions with financial institutions or intermediaries that do not have a physical presence in any jurisdiction.

61. Mexico has better defined the obligation of financial institutions to take reasonable measures to identify beneficial owners. Financial institutions must know the corporate structure and controlling interests of legal persons; identify the partners, associates (or the equivalent of associates) of companies or civil associations; and identify the trustees, mandators, commission agents, shareholders or participants of trusts, mandates, commissions or organisations. Financial institutions must also take reasonable measures and establish procedures to identify beneficial owners. The term beneficial owner is defined as the natural person who ultimately owns or controls a customer, exercises ultimate control over a legal person or contract and/or the person on whose behalf a transaction is being conducted.

62. All financial institutions are also now obligated to perform the client identification procedures described above on anyone performing a wire transfer. The customer identification process must include a personal interview with the customer. Regardless of whether the wire transfer is domestic or cross-border, the sending financial institution must gather, keep and transmit with the wire transfer at least the name, address and, when applicable, the account number of the sender.

63. Customer identification information must be kept current. Financial institutions must randomly solicit client identification and domicile information to verify that it matches with the customer identification file. If it does not, the file must be updated. Records of transactions and transaction reports must be kept for at least ten years. Client identification files must be kept for the duration of the account or contract and afterwards for a period of not less than ten years.

64. Financial institutions are also now obligated to classify their clients according to their level of risk. In making this classification, the financial institution must consider the client’s background, profession, activity or business purpose, origin of funds involved, and other circumstances such as whether the client is a politically exposed person. Transactions by high-risk clients must be given particular attention.

65. Financial institutions are now obligated to report transactions which are suspected of being related to domestic terrorism (in addition to those suspected of being related to money laundering). The legislation also provides more specific guidance as to what types of transactions are unusual. As well, financial institutions must follow specified internal procedures which may shorten the length of time that it takes for suspicious and unusual transactions to be reported to the FIU from the time that they are performed by the financial institution.

66. As is the case with other types of financial institutions, money remitters and unlicensed foreign exchange offices (centros cambiarios) that report transactions to the FIU are protected from liability if those reports are made in good faith. As well, persons are prohibited from informing any unauthorised persons that such a report has been made.

67. Credit institutions are now obligated to have computer-based procedures which allow them to detect unusual/suspicious transactions; manage customer accounts on a consolidated basis; send transaction reports to the FIU electronically in encrypted format; classify and detect possible unusual transactions; analyse historical patterns of activity on individual accounts; and retain historical records of possible unusual and concerning transactions.

68. All financial institutions are obligated to establish either a committee or a compliance officer (depending on the size of the financial institution) which is responsible for overseeing the financial institution’s implementation of AML/CFT measures including: submitting client identification and due diligence policies to the financial institution’s Audit Committee for approval; being informed of operations with high risk clients and making recommendations as appropriate; establishing and disseminating the criteria for classifying the risk level of clients; disseminating the officially recognised lists of people linked to terrorism or other illegal activities; determining whether unusual or concerning transactions should be reported to the FIU; approving AML/CFT training programs; and informing the financial institution’s competent area of behaviour being performed by its directors, officials, employees or legal representatives which may result in a breach of the New General Provisions. Financial institutions are also required to hold annual AML/CFT training programs. Money remitters and unlicensed foreign exchange (centros cambiarios) offices must also adopt employee screening measures.

69. Foreign branches and subsidiaries of Mexican financial institutions which are located in jurisdictions which apply AML/CFT measures more rigorously than Mexico are obligated to comply with the more rigorous measures and inform the Mexican home financial institution of such instances.

70. All of the regulatory authorities (including the SAT) can now penalise financial institutions with fines up to 100,000 days of the minimum general daily salary set out in the Official Gazette. Fines can be imposed on both the financial institutions themselves and their employees.

Summary assessment against the FATF Recommendations

71. Since 12 September 2003, Mexico has made important changes to its AML/CFT systems. For instance, AML/CFT measures were extended to money remitters and unlicensed foreign exchange offices. Customer identification requirements were strengthened, including those relating to the determination of beneficial ownership. The financial intelligence unit was restructured with a view to improving systems relating to the reporting of transactions. As a result of these efforts, Mexico is now compliant or largely compliant with a majority of the FATF 40 Recommendations requiring specific action. However, a number of deficiencies must still be addressed, such as those relating to financial secrecy. In particular, Mexico needs to criminalise terrorist financing and to implement more comprehensive anti-terrorist financing measures as soon as possible.

Table 3.

Recommended Action Plan to Improve Compliance with the FATF Recommendations

article image
article image
article image
article image
article image
Table 4.

Other Recommended Actions

article image

Authorities’ response

72. The government of the United Mexican States had no additional comments on this report.

1

The assessment team consisted of: Mr. Dick Bos, Deputy Head of the Meldpunt Ongebruikelijke Transacties (MOT–the financial intelligence unit [FIU] of the Netherlands) who served as a law enforcement expert; Mr. Daniel Claman, Attorney with the Asset Forfeiture and Money Laundering Section Department of Justice of the United States who served as a legal expert; Dr. Mario Gara, Financial Analyst of the Ufficio Italiano dei Cambi (the FIU of Italy) who served as a financial expert; Mr. José-María Fernández Lacasa, Technical Advisor of the General Directorate of the Treasury and Financial Policy, Ministry of Economy of Spain who served as a financial expert; and Mr. John Carlson and Ms. Valerie Schilling from the FATF Secretariat.