Report on Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism

This report reviews observance of standards and codes on the Financial Action Task Force (FATF) Recommendations for antimoney laundering and combating the financing of terrorism (AML/CFT) for Germany. The report reveals that the AML/CFT framework is not fully in line with the FATF Recommendations. There are weaknesses in the legal framework and in sanctioning for noncompliance with AML/CFT requirements. German authorities regularly use a broad range of legal procedures to seize, confiscate, and forfeit property, but they confiscate and forfeit a lot less property than the courts issue orders for.


This report reviews observance of standards and codes on the Financial Action Task Force (FATF) Recommendations for antimoney laundering and combating the financing of terrorism (AML/CFT) for Germany. The report reveals that the AML/CFT framework is not fully in line with the FATF Recommendations. There are weaknesses in the legal framework and in sanctioning for noncompliance with AML/CFT requirements. German authorities regularly use a broad range of legal procedures to seize, confiscate, and forfeit property, but they confiscate and forfeit a lot less property than the courts issue orders for.

A. Introduction

This Report on the Observance of Standards and Codes for the FATF 40 Recommendations for Anti-Money Laundering (AML) and 9 Special Recommendations on Combating the Financing of Terrorism (CFT) was prepared by the Legal Department of the IMF.1 The report provides a summary of the AML/CFT measures in place in Germany and of the level of compliance with the Financial Action Task Force (FATF) 40+9 Recommendations, and contains recommendations on how the AML/CFT system could be strengthened. The assessment is based on the information available at the time of the on-site mission conducted from May 15 to June 5, 2009, and other verifiable information subsequently provided by the authorities. It was conducted using the 2004 Methodology as updated. The Detailed Assessment Report (DAR) on which this document is based was adopted by the FATF plenary on February 18, 2010. The views expressed here, as well as in the full assessment report, are those of the staff team, and do not necessarily reflect the views of the Government of Germany or the Executive Board of the IMF.

B. Key Findings

1. Germany has introduced a number of measures in recent years to strengthen its anti-money laundering and combating the financing of terrorism (AML/CFT) regime. Germany has generated a relatively large number of prosecutions for money laundering (ML) and of orders to confiscate assets. These achievements occurred even though Germany has shortcomings identified in this assessment against the Financial Action Task Force (FATF) 40+ 9 Recommendations.

2. Many indicators suggest that Germany is susceptible to ML and terrorist financing (TF) including because of its large economy and financial center, as well as its strategic location in Europe and its strong international linkages. Substantial proceeds of crime are generated in Germany, presently estimated to be €40 to €60 billion (approximately $60–80 billion), inclusive of tax evasion, annually. Terrorists have carried out terrorist acts in Germany and in other nations after being based in Germany. Germany is also estimated to have a large informal sector (> €400 billion or >$560 billion) and the use of cash is reportedly high. Germany’s currency is the Euro (€), which is used widely across Europe, thus making it attractive to organized criminals and tax evaders. Key factors that may reduce Germany’s risk profile for ML include its strong legal tradition, the rule of law, its political environment, and having an effective single financial regulator.

3. The core elements of Germany’s AML/CFT regime are established in the German Criminal Code (CC), which contains the ML and TF offenses; the Money Laundering Act (AML Act); and the sector-specific laws such as the Banking Act. The AML Act established Germany’s financial intelligence unit (FIU) within the Federal Criminal Police Office (BKA), imposes customer due diligence (CDD) obligations on a wide range of financial institutions (FIs), and requires these FIs to submit suspicious transaction reports (STRs) to the competent authorities. The Act was most recently amended in August 2008, when Germany transposed the third EU Money Laundering Directive,2 and its Implementing Directive,3 into national law.

4. The AML/CFT framework is not fully in line with the FATF Recommendations. There are weaknesses in the legal framework and in sanctioning for noncompliance with AML/CFT requirements. The recommendations to address these include:

  • amending the CC to: criminalize (i) ML in a way that covers all serious predicate offenses, and (ii) TF in a way fully consistent with international standards;

  • amending the AML Act to: (i) improve preventive measures notably by imposing a reporting obligation based on suspicion rather than knowledge and that relates to the proceeds of criminal activity; and (ii) clearly establish that the FIU should carry out more of the core functions of an FIU as contemplated by the FATF standard;

  • fully and effectively implementing the UN Security Council Resolutions (UNSCRs) on TF;

  • applying sanctioning powers more effectively for breaches of AML/CFT obligations;

  • strengthening the effective implementation of AML/CFT obligations imposed on designated non-financial businesses and professions (DNFBPs); and

  • improving the collection of statistics and the provision of guidance and feedback to FIs.

C. Legal Systems and Related Institutional Measures

5. The principal AML provisions of the CC are largely consistent with the FATF standard but there are some technical deficiencies. In particular, two of the FATF-designated categories of offenses are not predicates for ML, and the ML offense itself cannot be applied to persons convicted of a predicate offense (without the assessors being convinced that this was justified by fundamental principles of German law). In addition, legal persons are not subject to criminal liability due to fundamental principles of German law, although those involved in an ML criminal offense, may be subject to administrative fines imposed by the criminal courts.

6. Germany’s criminal justice system appears to achieve effective outcomes for dealing with profit motivated crimes; however, the ML offense is not the primary tool used for this purpose. German courts obtain more than 300 ML convictions yearly, but many are for less serious ML conduct. Serious ML conduct (for example, involving organized crime) is usually pursued via predicate offenses that carry more severe sanctions than the ML offense. The high burden of proof required to show that proceeds relate to a predicate crime and the inability to convict for ML, persons convicted of the predicate, are also reasons cited for not pursuing the ML offense.

7. In August 2009, Germany enhanced its CFT requirements by criminalizing the financing of terrorist acts and individual terrorists but technical deficiencies still remain. The financing of terrorist organizations was already criminalized and all three CFT offenses are predicates for ML. However, they are not fully consistent with the FATF standard, because, inter alia, they do not cover all offenses designated under the UN TF Convention; a “terrorist act” does not cover serious bodily injuries; and “funds” must, in some cases, be “not merely insubstantial.” Poor statistics meant that effective implementation of TF offenses could not be established.

8. German authorities regularly use a broad range of legal procedures to seize, confiscate, and forfeit property but they confiscate and forfeit a lot less property than the courts issue orders for. The procedures apply to all criminal offenses, including ML and TF and to property that is used or intended to be used for carrying out offenses. The way that professional secrecy is interpreted by some professions is a limitation on the ability of law enforcement authorities (LEAs) to locate and trace property.

9. Terrorist funds or other assets may be frozen, without delay, largely in line with relevant UNSCRs. However, some requirements to freeze do not apply to all EU residents, and, some apply, as far as certain EU residents are concerned, only to funds, not other assets.

10. The AML Act requires reporting entities to submit STRs to the relevant Land police or prosecutorial body with a copy to the FIU, which is the national center for receiving STRs. The reporting system has been structured this way because, under the German Constitution, states (Länder) are responsible for policing and law enforcement. The FIU’s mandate includes supporting the Federal and Länder LEAs in the prevention and prosecution of ML and TF.

11. In practice, the processing and analysis of STRs is split between the Länder LEAs and the FIU, with the FIU carrying out only limited case-specific analysis. The Land recipient of the STR establishes whether there are grounds to undertake a full investigation. The FIU contributes modestly to this process, with Länder police and prosecutorial officials valuing mainly its access to information from foreign FIUs. The FIU checks STRs against its own database of all previous STRs and searches other BKA databases. It is solely responsible for requesting or exchanging information with foreign FIUs. Information yielded by these processes is forwarded to the Land LEA that received the STR. The FIU does not, as such, disseminate disclosures of STRs concerning suspected ML or TF activities to the investigative bodies.

12. The FIU focuses its analytic work on the elaboration of patterns and trends, which it disseminates to reporting entities and investigative bodies. It maintains statistics on a range of ML and TF matters, publishes an annual report and other documents, and informs reporting entities and LEAs of ML and TF typologies and methods. Overall, while the FIU discharges its legal mandate, it does not carry out fully all the FIU functions required under the standard.

13. LEAs have most powers necessary to carry out their ML and TF investigations and are generally effective. The authorities that investigate and prosecute ML are mainly the Länder police and prosecutors, and for TF also the BKA. For ML, they generally favor pursuing predicate offenses due to the nature of the ML offense.

14. Germany has two, largely effective, regimes in place to monitor cross-border physical transportation of currency and negotiable instruments of €10,000 or more. One applies to movements between Germany and non-EU countries and requires travelers to complete a declaration; and the other applies to movements within the EU and requires travelers to disclose information if asked. The Customs Administration implements both regimes, has broad powers, and operates using a risk-based approach. Data from the regimes are, in practice, accessible by Customs, some Länder LEAs, and the BKA, including the FIU; however, much of the data are stored for one year only, considerably diminishing its utility for identifying cash couriers, trends, or typologies. More needs to be done to inform travellers entering the EU through German airports of their declaration obligation.

D. Preventive Measures—Financial Institutions

15. The AML Act applies CDD and record-keeping requirements to credit institutions, financial services institutions, financial enterprises, insurance companies, insurance intermediaries, and investment companies, as well as a broad range of nonfinancial sector persons or entities. The scope of the activities of all these entities covers the vast majority of the financial activities listed under the FATF standard. The amendments of the AML Act in 2008 strengthened the existing requirements and explicitly introduced a risk-based approach to the implementation of CDD measures (although some elements of that approach were already in place). The preventive measures apply equally to all persons and entities subject to the Act. Additional CDD provisions have also been laid out in sector-specific laws.

16. Notwithstanding the generally adequate framework of preventive measures, the structure of the measures in specific areas is problematic. These include: the very broad CDD exemptions granted with respect to specified “low-risk” customers, which appear to conflict with some basic monitoring and record-keeping obligations; the treatment of all the EU and European Economic Area (EEA) member states and jurisdictions on the EU’s third country equivalence list as a single risk category when determining certain low risk scenarios; the treatment of the EU/EEA as a single domestic market in terms of correspondent banking obligations; and the concept of what constitutes “senior management” in relation to the approvals processes for politically-exposed persons (PEPs) and correspondent banking relationships.

17. One area of particular concern is the verification of beneficial ownership (including the determination of whether a customer is a PEP). The measures in place do not fully conform to the FATF standard; and there appears to be a wide variety of interpretations among individual institutions of what is required. The BaFin issued a circular clarifying some aspects of the expected approach in July 2009, and this may assist for the future.

18. Institutions generally retain records for ten years pursuant to commercial law requirements, but may have inadequate records on low-risk customers. Institutions are exempted from several key CDD components in low-risk situations, thereby bringing into question what information they would record and have available for the authorities about low-risk customers.

19. Institutions implement effectively EU Regulation 1781/2006 on wire transfers which meets the requirements of the FATF standard.

20. The statutory provisions relating to the monitoring of transactions, including transactions with persons in countries that do not or insufficiently apply the FATF standard are generally weak, but specific guidance has been provided to institutions in the form of the BaFin circulars, which highlight weaknesses in the AML/CFT regimes of other countries, typically (but not exclusively) in line with the public statements made by the FATF.

21. STR reporting is well established, but the reporting obligation fails to meet the FATF standard in several key areas. The “evidential” basis upon which STRs are to be filed is significantly higher than the FATF concept of “suspects or has reasonable grounds to suspect.” The linkage of the obligation to the ML or TF offenses also sets a more restricted trigger for reporting than is envisaged by FATF with the “proceeds of criminal activity.” Moreover, filing the reports directly with Länder LEAs means that STRs are treated as criminal complaints. In addition, certain limitations in the range and definitions of the predicate offenses narrow further the scope of the reporting obligation. Overall, these factors discourage reporting and result in comparatively fewer STRs being filed in Germany than in other countries, thus denying the FIU and LEAs access to a wider intelligence base.

22. Some internal control requirements are in place, but these need to be improved and implemented more effectively by FIs. These requirements do not apply to the more than 72,000 insurance intermediaries. The legislative requirements for the role of compliance officers need to be broadened and the officers’ oversight responsibilities strengthened. The obligation to train staff is limited and there is no obligation for FIs to put in place screening procedures to ensure high standards when hiring them.

23. Shell banks are effectively prohibited from operating in Germany. German banks and insurers operating outside Germany are subject to an obligation to implement AML/CFT measures at least equivalent to German requirements. However, there are no explicit provisions requiring attention to equivalency in EU and EEA states that do not or insufficiently apply the FATF Recommendations. Germany prohibits banking entities from operating in non-EU or EEA countries where measures consistent with German requirements cannot be implemented. However, there are no obligations imposed at all regarding investment sector operations outside Germany, and German FIs are not required to pay attention to their operations in countries with weak AML/CFT regimes.

24. The BaFin is responsible for most FI supervision in Germany, has adequate AML/CFT supervisory powers, and uses a risk-based approach for its supervision. The AML/CFT supervisory arrangements rely heavily on a statutory regime of annual external audits. At the time of the on-site visit, the methodology for these audits had not been updated to reflect the 2008 AML Act, and there were some doubts about the quality of audit reports for some cooperative banks. Although the number of on-site inspections is low, significant risk-based, off-site monitoring and analysis enables the auditors and the BaFin to focus on-site work on higher-risk entities. Germany is moving to, but has not yet fully implemented, a system of private sector issued AML/CFT guidance approved by the BaFin. The BaFin abrogated most of its previous guidance as a result of the new AML Act, but nonetheless states that it continues to apply supervisory principles set out in the abrogated guidance when those principles are in line with the new laws and the private sector guidance. This has caused confusion in parts of the financial sector. Länder authorities seem generally unfamiliar with their AML/CFT supervisory responsibilities for insurance intermediaries and apply insufficient resources to supervise them. Administrative fines are not available to sanction failure to comply with all AML/CFT requirements due to the constitutional principle of specificity. Moreover, the fines that are available are neither proportionate nor dissuasive, and are not applied effectively.

25. The money or value transfer service (MVTS) sector is subject to AML/CFT requirements under the Banking Act and is supervised by the BaFin. There are about 40 licensed MVTS operators in Germany.

E. Preventive Measures—DNFBPs

26. The AML Act imposes AML/CFT requirements on lawyers, patent attorneys, notaries, legal advisers, auditors, chartered accountants, tax advisers, tax agents, trust and company service providers (TCSPs), real estate agents, persons trading in goods, and gambling casinos, but implementation by these businesses and professions is uneven. The requirements are essentially identical to those imposed on FIs. Supervisory arrangements have been established for most of these businesses and professions. There is no systematic implementation of AML/CFT measures by, or supervision of, real estate agents, independent TCSPs, dealers in precious metals and dealers in precious stones. The legal and accounting professions are generally familiar with their obligations but lack awareness of their ML and TF vulnerabilities. They are also subject to strict professional secrecy obligations which contribute to a low level of reporting of suspicious transactions and complicate cooperation with investigative authorities. Overall, the effectiveness of implementation in the DNFBP sector is difficult to ascertain.

F. Legal Persons and Arrangements and Non-Profit Organizations

27. The extent of information available on the ownership and control of German legal persons varies greatly by type of legal entity. The main information sources are public registers, but they do not always include information on the beneficial ownership and control of the legal entities. The information available is considerably limited in the case of non-listed stock corporations that issue bearer shares, and is close to non-existent in the case of private foundations.

28. The Treuhand is a commonly used legal arrangement in Germany, but disclosure obligations in place are insufficient to ensure transparency of the beneficial ownership and control of such arrangements.

29. Germany prevents abuse of the non-profit organization (NPO) sector for TF purposes through (a) measures to ensure the transparency of the sector; and (b) targeted, intelligence-driven monitoring, surveillance, investigation and suppression of extremists and terrorist activities. A formal review of the NPO sector has been undertaken. Legislative and regulatory provisions have been introduced to enhance responsibilities and oversight of NPOs. Enforcement actions have been taken under the new provisions. Outreach activities to promote awareness of TF vulnerabilities among NPOs have also been undertaken.

G. National and International Cooperation

30. The framework in place enables the provision of comprehensive and timely mutual legal assistance (MLA) and extradition. While no material obstacles were identified in this area, assessors were unable to establish fully whether MLA is being provided in an effective manner due to the absence of statistics. However, Germany has a solid system in place for extradition and grants a high percentage of requests in a timely manner. In addition, the authorities appear to be providing a wide range of international administrative cooperation with their foreign counterparts except in relation to nonfinancial businesses and professions.

H. Other Issues

31. The BaFin operates an automated account access system, which is an efficient tool that complements AML/CFT efforts. The system enables the BaFin, upon request, to provide certain authorities (including LEAs) with information about whether a particular person (natural or legal) has a bank or safe custody account with institutions operating in Germany.

Summary Table of Observance and Key Recommendations

article image
article image
article image
article image

Compliant (C): the Recommendation is fully observed with respect to all essential criteria.

Largely compliant (LC): there are only minor shortcomings, with a large majority of the essential criteria being fully met.

Partially compliant (PC): the country has taken some substantive action and complies with some of the essential criteria. Non-compliant (NC): there are major shortcomings, with a large majority of the essential criteria not being met.

Not applicable (NA): a requirement or part of a requirement does not apply, due to the structural, legal or institutional features of a country.


The assessment team consisted of Steve Dawe (team leader), Nadine Schwarz (deputy team leader; both LEG), Mariano Federici, Richard Chalmers, Nicholas Burbidge, Horst Intscher and John Abbot (all LEG consultants). The assessment team was also accompanied by Giovanni Francesco D’Ecclesiis (observer).


Directive 2005/60/EC of the European Parliament and of the Council October 26, 2005 on the prevention of the use of the financial system for the purposes of money laundering and terrorist financing (third EU Directive).


Commission Directive 2006/70/EC of August 1, 2006.

Germany: Report on Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism
Author: International Monetary Fund