Mexico
Report on the Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT)

This report evaluates the observance of standards and codes on Financial Action Task Force recommendations for anti-money laundering and combating the financing of terrorism (AML/CFT) in Mexico. Mexico has a mature AML/CFT regime, with a correspondingly well-developed legal and institutional framework. The financial sector demonstrates a good understanding of the primary money laundering threats from organized crime groups and associated criminal activities as well as tax crimes, but the recognition of corruption as a main threat is uneven. Mexico also has a solid legal and institutional framework in place to seek and provide mutual legal assistance and extradition. The authorities also frequently rely on other forms of international cooperation to exchange information with other countries.

Abstract

This report evaluates the observance of standards and codes on Financial Action Task Force recommendations for anti-money laundering and combating the financing of terrorism (AML/CFT) in Mexico. Mexico has a mature AML/CFT regime, with a correspondingly well-developed legal and institutional framework. The financial sector demonstrates a good understanding of the primary money laundering threats from organized crime groups and associated criminal activities as well as tax crimes, but the recognition of corruption as a main threat is uneven. Mexico also has a solid legal and institutional framework in place to seek and provide mutual legal assistance and extradition. The authorities also frequently rely on other forms of international cooperation to exchange information with other countries.

Key Findings

  • Mexico has a mature AML/CFT regime, with a correspondingly well-developed legal and institutional framework. There has been a significant improvement in some areas of the country’s AML/CFT regime compared to that which existed when the country was last assessed in 2008. It is nonetheless confronted with a significant risk of money laundering (ML) stemming principally from activities most often associated with organized crime, such as drug trafficking, extortion, corruption and tax evasion.

  • Most of the key authorities have a good understanding of ML and terrorist financing (TF) risks, and there is generally good policy cooperation and coordination. Mexico finalized its national risk assessment (NRA) in June 2016 and has since taken some high-level actions to mitigate the risks identified in the NRA. These actions—although leading to some concrete results— have not been sufficiently comprehensive nor prioritized to have resulted in an appropriate allocation of resources at the federal, state, and community levels. A national strategy is being developed based on the NRA findings. The success of these measures will depend on their proper implementation.

  • The financial sector demonstrates a good understanding of the primary ML threats from organized crime groups and associated criminal activities as well as tax crimes, but the recognition of corruption as a main threat is uneven. While recognizing the general threat of organized crimes facing Mexico, designated non-financial businesses and professions’ (DNFBPs) appreciation of the ML risks appears limited. Financial institutions’ (FIs) and DNFBPs’ understanding of more complex ML techniques, such as the misuse of legal persons, is limited.

  • Financial intelligence and other relevant information are made available by the financial intelligence unit (FIU) and accessed on a regular basis by competent authorities. Although the FIU functions well and is producing good financial intelligence, the volume of financial intelligence disseminated to the Procuraduría General de la República (PGR) is limited in number resulting in a low number of financial investigations.

  • Until relatively recently, the PGR did not rank the identification and investigation of ML as one of its key priorities. ML is not investigated and prosecuted in a proactive and systematic fashion, but rather on a reactive, case-by-case basis, notwithstanding the fact that some high-profile investigations have recently been conducted. In view of the serious threats posed by the main predicate offenses (e.g., organized crime or drug trafficking), the competent authorities seem to accord far more priority to the investigation of such offenses than to ML. Consequently, the number of prosecutions and convictions for ML are very low. Significant shortcomings were found in the way in which ML cases are investigated. Specifically, only very rarely are parallel financial investigations conducted and ML is seldom prosecuted as standalone offense. The level of corruption affecting law enforcement agencies (LEAs), in particular at the state level, undermines their capacity to investigate and prosecute serious offenses.

  • Confiscation of proceeds and instrumentalities is not systematically pursued as a policy objective, and not commensurate with the ML/TF risks. The provisional measures available to the authorities are not being used properly and in timely manner, except for the use of FIU’s blocked persons’ list (BPL). Suspicious and falsely declared cash is not being adequately confiscated.

  • Overall, Mexico has a solid institutional and legal framework in place to investigate and prosecute TF and impose targeted financial sanctions (TFS). The authorities have provided FIs with red flags to detect potential TF cases, and the FIU has conducted some analysis related to TF. Nonetheless, Mexico could do more to ensure that the relevant authorities are better equipped with the right tools in terms of training, expertise, and priority setting to be able to effectively detect and disrupt TF.

  • A serious concern across all sectors is that beneficial owners are being identified only to a limited extent, systematically weighing on entities’ effectiveness in assessing and managing ML/TF risks. Owing largely to shortcomings in the legal framework, FIs seek to identify beneficial owners in only limited circumstances (the authorities have promulgated amendments to regulations which they claim will address this gap but these were not in effect at the time of the onsite visit). Where FIs are required to identify beneficial owners (legal persons categorized as high risk and natural persons), FIs unduly rely on customers’ self-declaration to identify beneficial owners. For the majority of legal persons that are not categorized as high risk, FIs need only obtain information on corporate customers’ first layer of legal ownership without seeking to reach the natural persons who ultimately own or control the entity. DNFBPs generally believe it is not their role to identify beneficial owners.

  • The financial sector supervisors have a good understanding of the risks within the sectors for which they are responsible, and have implemented reasonable risk-based approaches to AML/CFT supervision. Oversight of the DNFBPs is less developed and is significantly under-resourced. Generally, sanctions have not been applied, to date, in an effective, proportionate and dissuasive manner.

  • Mexico has a solid legal and institutional framework in place to seek and provide mutual legal assistance (MLA) and extradition. The authorities also frequently rely on other forms of international cooperation to exchange information with other countries. In practice, Mexico has decided as a policy matter to strengthen and favor other forms of cooperation while only pursuing MLA when strictly necessary. It is clear that the use of other forms of cooperation is effective, fluid, and has produced tangible results with the United States of America (U.S.). The provision of MLA by Mexico is somewhat limited by the absence of a legal basis for certain investigation techniques. As regards seeking MLA, the authorities are neither proactive nor seem to accord a high priority to pursuing MLA when the offense has a transnational element, and where evidence or assets are located abroad which has a negative impact on the effectiveness of investigations and prosecutions.

Risks and General Situation

1. Based on the information provided in the NRA and other open source documents, the amount of proceeds generated by predicate crimes committed in and outside of Mexico is high. The main domestic proceeds-generating crimes can be divided into three tiers of magnitude: (i) domestic organized crimes, including drugs and human trafficking, (ii) corruption, and (iii) tax evasion. The country also faces particular risks related to the laundering of proceeds derived from foreign predicate crimes mostly related to Mexican transnational organized crime (e.g., in the U.S., and to a much lower degree South and Central America).

2. Banks are most at threat, but other sectors are vulnerable to ML activities. Banks dominate the financial sector, handle a high volume of transactions, and are well interconnected to the international financial system. Brokerage firms and DNFBPs notably notaries and real estate agents are involved in a high volume of transactions and are exposed to ML threats.

3. Typical ML methods include the use of shell and front companies to conceal beneficial ownership (BO), the purchase and sale of real estate and high-value goods, and cash smuggling on both directions of the U.S.–Mexico border. The high use of cash and relatively large informal economy significantly increases the risk that illicit proceeds may be rechanneled into the regulated formal economy. Nevertheless, according to the Bank of Mexico’s analysis, the restrictions on FIs for receiving cash in U.S. dollars has resulted in a significant decrease in the volume of U.S. dollars cash-in and cash-out of the financial system. However, use of Mexican pesos as cash has increased.

4. The risk of TF appears to be relatively low, although some cases have been detected. The authorities and the private sector agree that the overall TF risk is low.

Findings on Compliance and Effectiveness

5. Since Mexico’s AML/CFT regime has significantly improved since it was last assessed in 2008. It is nonetheless confronted with a significant risk of ML stemming principally from activities most often associated with organized crime, such as drug trafficking and extortion, as well as corruption and tax evasion.

6. Mexico has a strong legal and institutional framework for combating ML/TF and proliferation financing (PF). The legal and institutional framework is particularly strong regarding criminalization of ML and TF, financial intelligence, but less so regarding key preventive measures including identification of beneficial owners and suspicious transaction reporting, regulation and supervision of DNFBPs, and entity transparency.

7. In terms of effectiveness, Mexico achieves substantial results in understanding and combating risks, TFS, and international cooperation. More significant improvements are needed in other areas, notably the investigation and prosecution of ML, and confiscation.

A. Assessment of Risk, Coordination, and Policy Setting

8. The authorities’ understanding of ML and TF risk is relatively good. The NRA was concluded in June 2016 with the involvement of all competent authorities and the private sector. It was developed with the technical assistance of the Inter-American Development Bank and followed the guidance provided by the FATF and other multilateral bodies. This first exercise provides a reasonable basis for updating the country’s AML/CFT strategy and developing the next risk assessment. The NRA considers qualitative and quantitative data from LEAs and also civil, military, and navy intelligence, and supervisory information. The NRA also includes a sectorial risk assessment analysis and the analysis of the responses to the risk perception questionnaire that the FIU sent to the reporting entities. Overall the analysis and understanding of risks appears to rely more on FIU information than on law enforcement information. Although the NRA acknowledges that using front companies is one of the most widespread ML techniques in Mexico, it did not properly reflect the magnitude of the vulnerability owing to the absence of readily available and accurate BO information, nor did it provide an assessment of the risks posed by each type of legal person. Independently from the NRA, the FIU, LEAs, and Servicio de Administración Tributaria (SAT) have conducted analysis of companies that have a higher risk of being misused for ML/tax evasion (in case of SAT) transactions, and thus have a better understanding of those risks.

9. Mexico is developing a national strategy based on the NRA findings. Two high-level groups of officials were created in November 2016 for developing AML/CFT policy and actions in a more coordinated and dynamic way. In this context, the Mexican government has already taken several high-level actions to mitigate some risks noted in the NRA. It has issued new AML/CFT regulations, improved coordination between agencies, and given feedback to financial institutions and DNFBPs concerning the NRA results. However, these actions—although leading to some concrete results—have not been sufficiently comprehensive nor prioritized to have resulted in an appropriate allocation of resources at the federal, state, and community levels. Implementation in some areas remains a concern due to the lack of capacity (e.g., SAT) and the high turn-over of senior officials in critical agencies of the public administration.

10. There is generally good coordination on ML issues between the FIU, PGR, and the supervisors, but less so between LEAs and PGR. Coordination on TF issues is less developed. The lack of inter-agency cooperation on ML, in particular between the PGR and LEAs at the federal and state levels, impedes Mexico’s ability to effectively tackle ML cases.

11. There are no sectors exempted from the AML/CFT requirements, and the authorities have even added some vulnerable activities (VA) that go beyond the standard (e.g., car dealers).

12. The financial sector was closely involved in the development of the NRA and informed of its results; DNFBP involvement was more limited even though they were encouraged to engage. There has been an extensive outreach by the FIU and supervisors to communicate the results of the NRA to all reporting entities.

B. Financial Intelligence, and ML Investigations, Prosecutions and Confiscation

13. Competent authorities at the federal, state, and local levels regularly receive and access a wide range of financial intelligence provided or maintained by the FIU. However, financial intelligence is not regularly used to support ML/TF investigations and trace assets. The FIU functions well and produces good operational and high quality strategic analyses that serve the PGR in launching ML and associated predicate crimes investigations. The FIU has the resources and skills to collect and use a wide variety of intelligence and other relevant information to develop analysis and produce good intelligence. Several competent authorities have direct access to the FIU database which enhances their ability to use financial intelligence in a timely manner, in line with their own operational needs, without having to wait for disseminations from the FIU.

14. However, financial intelligence does not often lead to launching ML investigations. The FIU’s spontaneous disseminations to the PGR related to ML and underlying offenses are generally low. Several other elements affect the launch of ML investigations and the identification and tracking of assets by the PGR notably: (i) the lack of reporting by DNFBPs, delays in the FIU’s disseminations, and deficiencies related to the cash couriers’ regime; and (ii) the lack of BO information, at the federal and state levels, that impairs the FIU’s capacity to identify specific targets and assets, and (iii) the lack of skills of the PGR and LEAs.

15. Mexico has created an institutional and legal framework to investigate ML and predicate offenses. However, in view of the serious threat posed by the main predicate offenses, the competent authorities accord far more priority to the investigation of predicate offenses and scant attention is paid to ML. Two specialized units have been established within the PGR to undertake ML investigations at the federal level, but do not have an equivalent at the state level. In addition, at the federal level, other units are not precluded from conducting investigations into ML deriving from predicate offenses. The multiplicity of units responsible for the investigation of ML gives rise to difficulties in terms of coordination, and in ensuring proper sharing of evidence and information. In light of the extremely low results achieved in terms of number of investigations initiated, prosecutions brought, and convictions secured, the financial and human resources (including specialized training) allocated to these units do not appear to be sufficient. The significant levels of corruption affecting LEAs, in particular at the state level, undermines their capacity to investigate and prosecute serious offenses.

16. The low conviction rate also points to a low degree of effectiveness in the way in which investigations are initiated (e.g., investigations opened without sufficient reasonable grounds) and conducted (e.g., deficiencies in investigation methodology or in the financial investigation, overly long procedures, and lack of internal coordination at the federal and state level). Finally, very rarely is a parallel ML investigation conducted when the competent unit initiates an investigation into the main predicate offenses.

17. Proceeds and instrumentalities of crime are rarely confiscated, and are not pursued as a policy objective. The FIU has endeavored to improve the timeliness of the application of provisional measures on the proceeds and instrumentalities that are subject to confiscation through the BPL system. Technical deficiencies in the cross-border declaration system impair the ability to effectively target and confiscate falsely declared cross-border movements of currency. The number of confiscations is very low given Mexico’s risk profile.

C. Terrorist Financing and Financing Proliferation

18. The Mexican authorities and the private sector demonstrated an understanding of TF risks, which they classify as “low-medium.” Their main focus, as far as TF risks are concerned, is on suspicious transaction reports (STRs) provided by FIs involving high-risk jurisdictions.

19. Mexico has an institutional framework in place to investigate and prosecute TF, with an ad hoc unit, the Specialized Unit on Terrorism, Arms Stockpiling, and Trafficking (UEITA). However, this unit does not have protocols or manuals containing guidelines for the clear identification and prioritization of potential TF cases. Furthermore, it appears that the investigations conducted by the UEITA are investigations based on intelligence gathered by the FIU or the civil intelligence agency and never proceed to the next level, which is the initiation of a criminal investigation.

20. The absence of TF cases results in a lack of experience within the body responsible for the prosecution of TF which makes it difficult to conclude the system is effective. The consequence of the foregoing is that the UEITA has diminished capacity to identify potential TF cases and conduct investigations into these cases using the investigation techniques available under criminal procedure law. Finally, TF is not one of the offenses for which legal persons may be held criminally liable under Mexican law.

21. Mexico has a solid legal and regulatory framework for implementing TFS related to TF and PF. FIs and DNFBPs were able to demonstrate an understanding of their freezing and reporting obligations, and the system in place to detect, freeze, and report assets related to ML (which is the same system as that used for compliance with TFS) appears to be effective, though no positive matches for TF or PF have ever been identified. Weak supervision of DNFBPs raise some concerns over whether there is adequate compliance in the non-financial sector, and deficiencies related to BO may impact the ability of reporting entities to detect potential sanctions evasion. Mexico has yet to put in place a risk-based system for targeted monitoring of its non-profit organization (NPO) sector, though authorities have taken the initial step of conducting a revised risk assessment and are reviewing NPO regulations to revise accordingly.

D. Preventive Measures

22. The financial sector, especially the core FIs, demonstrates a good understanding of the primary ML threats from organized crime groups and associated criminal activities although the recognition of corruption as a main threat is uneven. In contrast, while recognizing the general threat of organized crimes facing Mexico, DNFBPs did not demonstrate adequate appreciation of the ML risks. Both FIs and DNFBPs have limited understanding of more complex ML techniques, such as the misuse of legal persons. Their understanding of TF risks is also less developed.

23. FIs and most DNFBPs generally understand their AML/CFT obligations including customer due diligence (CDD), record keeping, and reporting. The quality of basic CDD measures and record keeping of FIs appears good in general, but is negatively impacted by some technical deficiencies. However, discussions suggested that lawyers and accountants have a lower level of awareness of their AML/CFT obligations.

24. All sectors appear to be identifying their customers, but owing largely to shortcomings in the legal framework,2 beneficial owners are being identified only to a limited extent, systematically weighing on entities’ effectiveness in assessing and managing ML/TF risks. FIs seek to identify beneficial owners in only limited circumstances. Where FIs are required to identify beneficial owners (of legal persons categorized as high risk and natural persons), FIs unduly rely on customers’ self-declaration for this purpose. For the majority of legal persons that are not categorized as high risk, FIs only obtain information on corporate customers’ first layer legal ownership without seeking to reach the natural persons who ultimately own or control the entity. DNFBPs generally believe it is not their role to identify beneficial owners.

25. The methodologies for risk categorization of customers applied by core FIs are not robust enough to reasonably reflect customer risk profiles as evidenced in that FIs only rate a very small portion of domestic politically exposed persons (PEPs) as high risk. DNFBPs are not subject to requirements to identify (foreign or domestic) PEPs. As a result, the risks posed by domestic PEPs are being managed only to a limited extent.

26. While quality of STRs has generally improved over the past few years, concerns remain regarding the substance of reports, timeliness of submissions, and low level of reporting by DNFBPs. The basis of reporting obligations of FIs is somewhat blurred between suspicious and unusual, which may have contributed to cross-sector concerns about the inadequacy of analysis. Unusual transaction reports (UTR)/STR reporting by large FIs is not always as prompt as it should be. Reporting by DNFBPs is generally poor in both quantitative and qualitative terms, a particular concern being that professionals (lawyers and accountants) have not filed a single STR in the past three years.

E. Supervision

27. The financial sector supervisors have a good understanding of the risks within the sectors for which they are responsible and have developed sound models that allow them to differentiate the risks between individual institutions. The situation is far less clear with respect to the DNFBPs, where the basis for the SAT’s appreciation of risk is not fully developed. The sheer number of entities for which the SAT is responsible poses a material challenge to understanding risk at the level of individual businesses.

28. The financial sector supervisors have all adopted risk-based approaches to framing their annual program of onsite inspections. There is good evidence that the inspectors are increasingly identifying key areas of risk and are engaging with the institutions on those aspects. Again, the picture is less encouraging with respect to the DNFBPs. While the SAT employs an AML risk model, the agency is significantly under-resourced and has been able, within the last three years, to inspect fewer than 0.2 percent of the entities for which it is responsible. In addition, the SAT has no authority to monitor for CFT compliance.

29. Sanctions are not being applied in an effective, proportionate, and dissuasive manner. While the financial supervisors have a number of remedial actions available to them, the system is geared very much towards the application of financial penalties for non-compliance with specific obligations. Due to the extended time lag in achieving a final resolution with the institutions, the majority of sanctions applied up to end-2016 were based on pre-2014 provisions, under which the penalties were extremely low. The current legislation potentially provides for more stringent penalties, but the extent to which they will result in more proportionate and dissuasive sanctions (especially for the larger institutions) can only be judged in due course.

30. Generally, the supervisors, often in cooperation with the FIU, have made welcome efforts to conduct outreach to the regulated sectors. The financial sector, in particular, considers that this has significantly improved their understanding of their obligations. Virtually all outreach to the DNFBPs has been undertaken by the FIU rather than the SAT, focusing primarily on reporting obligations, but also addressing the results of the NRA, typologies, and red flag indicators.

F. Transparency of Legal Persons and Arrangements

31. The different types, forms, and basic features of legal persons and arrangements are defined in the Mexican law, and the processes for their creation are described at official government websites. This is public information and can be accessed on the internet.

32. The NRA does not specifically differentiate risks associated with different types of legal persons, although it mentions that using front companies is one of the most widespread ML techniques. However, LEAs, the FIU, and SAT appear to have a good understanding of the risks related to the misuses of the legal persons and arrangements for criminal purposes. According to the authorities, the most widespread phenomenon is the misuse of shell and front companies to perpetrate predicate offenses such as self-dealing, embezzlement, and tax evasion, as well as to invest illicit proceeds from organized criminality and corruption in real estate, restaurants, shops, and other businesses in Mexico, the U.S., or other foreign jurisdictions. There appears to be a not insignificant risk of the misuse of fideicomisos (trusts), although all fideicomisos have to be registered in one way or another.

33. There are a number of measures in place in Mexico that provide safeguards preventing the misuse of legal persons and arrangements. Bearer shares, nominee shares, and nominee directors are not allowed in Mexico. Formation of all types of legal persons (with one exception) has to be conducted through either public notaries or public brokers, who in turn are subject to AML/CFT requirements, including CDD and record-keeping and immediate reporting of this information to the FIU. In the case of fideicomisos, the trustees can only be FIs, which are subject to full range of AML/CFT obligations. All fideicomisos have to be registered either in the Registro Federal de Contribuyentes (RFC), or Trust Control and Transparency System, or Information Department of the Financial System of the Bank of Mexico. These measures, however, are effective only to a limited extent to address the risks of misuse of legal persons and arrangements.

34. There is no obligation to involve a notary when transferring shares in the company if there is no change in the constituting documents, and there is no change in the capital, although the administration of the legal person is legally required to keep a record on the books of any transferring of shares. This impacts the ability of competent authorities to obtain up-to-date information even on the most basic information regarding the legal ownership of companies in a timely manner.

35. The current system of single registers at the federal level (i.e., Registro Público de Comercio—RPC and RFC) has been fully operational only since September 2016. There are six states (Michoacán, Nuevo Léon, San Luis Potosi, Sinaloa, Tamaulipas, and Ciudad de México), where there is a backlog of companies created before September 2016 that have not been yet entered into the single federal registers. Where a legal person has not yet been entered in the RFC/RPC, it may take up to a week for the authorities to retrieve information.

36. The level of compliance with BO obligations among notaries remains weak. Given that the notaries are the central element in ensuring the accuracy and authenticity of the information that is submitted in the federal registers, this raises questions regarding the accuracy of that information.

37. In order to identify BO, authorities often have to rely on investigative techniques or international assistance, which are time-consuming and therefore do not ensure timely access to BO information.

38. There are no specific sanctions foreseen for failure to maintain a register of shareholders or members and update it accordingly (for legal persons); however, any act that is not registered in the books of the legal entity will not have legal validity. Sanctions that are available with regard to notaries and the financial institutions that act in the trustee capacity are not applied effectively.

G. International Cooperation

39. Mexico has a solid legal and institutional framework in place to seek and provide MLA as well as for extradition. The authorities also frequently rely on other forms of international cooperation to exchange information with other countries.

40. Mexico has decided as a policy matter to strengthen and favor other forms of cooperation while only pursuing MLA “when strictly necessary.” This strategy has produced substantial results with the U.S. The effectiveness of MLA is hampered by (i) the lack of specific guidelines for prioritizing foreign requests; (ii) the lack of legal provisions governing controlled deliveries and joint investigation teams. As regards seeking MLA from other countries, the main shortcoming is that the PGR is neither proactive nor seems to accord a high priority to pursuing MLA when the offense has a transnational element and evidence or assets are located abroad.

Priority Actions

The prioritized recommended actions for Mexico, based on these findings, are:

  • Prioritize the investigation of ML and allocate additional resources, strengthen financial investigation and internal coordination within the prosecution units, at the federal and state level. In parallel, the PGR should increase the level of specialization of its units, particularly within those dealing with ML and corruption.

  • Integrate confiscation as policy objective within the national AML/CFT policies.

  • Enhance the quality of STRs by providing further guidance to reporting entities, and increase FIU disseminations to support ML investigations.

  • Initiate parallel financial investigations in accordance with Mexico’s ML/TF risks; to that end Mexico should provide training and technical expertise to PGR and Federal Police.

  • Improve FIs’ and DNFBPs’ (in particular notaries, lawyers, and accountants) understanding of ML risks from corruption and their ability to manage such risks, including by: (i) deepening the NRA analysis of corruption as a ML threat; (ii) requiring entities to determine whether a beneficial owner is a PEP and apply controls in line with the standard; (iii) extending the requirements on PEPs to DNFBPs, and (iv) providing guidance on assessing and managing risks associated with domestic PEPs.

  • Strengthen measures on BO by (i) extending the requirements on identifying beneficial owners including those of legal persons introduced in the February/March 2017 amendments to the entities that are not covered; (ii) engaging all FIs and DNFBPs (in particular, notaries, lawyers, and accountants) to clarify supervisory expectations regarding the requirements on beneficial owners, and providing guidance on best practices; (iii) discouraging the undue reliance on customers’ self-declarations; and (iv) ensuring that adequate, accurate, and current BO information of Mexican legal persons and arrangements is available to competent authorities in a timely manner, by requiring that such information be obtained at the federal level.

  • Review the resources applied to AML/CFT supervision in the light of the risk profiles emerging from the models developed by the supervisors. Immediate attention should be applied to the SAT, which is significantly under-resourced by any measure.

  • Review the financial penalties available to supervisors to establish whether they can realistically be applied in a manner that is effective, proportionate and dissuasive, especially in relation to larger financial institutions. Immediate action should be taken by the SAT to establish a methodology for applying sanctions other than at the minimum level provided under the law.

  • Ensure that the DNFBPs are subject to substantive CFT compliance inspections by either the SAT or another competent authority.

  • Adopt the necessary legislative measures to allow Mexico to provide the widest possible international cooperation. Establish a case management system to facilitate the follow up of both passive and active requests for assistance and adopt proper guidelines describing how requests should be prioritized. Finally, the PGR should take a more proactive approach to ML investigations that have a transnational dimension.

Compliance and Effectiveness Ratings

Compliance Ratings

article image

Effectiveness Ratings

article image

Authorities’ Response

Before and during the Mutual Evaluation process of Mexico, Mexican authorities had been working on amendments to the AML/CFT preventive framework in order to address some deficiencies already identified, even when they came into force after the onsite visit was carried out.

Some of the most important amendments are described as follows:

  • Regarding paragraph 6, improvements have been made on STR reporting and the identification of beneficial owners.

In regards to Recommendation 20 (Reporting of Suspicious Transactions), the revised version of the AML/CFT General Rules issued by the Ministry of Finance and Public Credit (SHCP) states that STRs will be submitted within the three business days counted from the conclusion of the Committee that establishes such transaction as unusual/suspicious (with the referred 60 days for the Committee to carry out the session), being able to submit it as soon as possible.

  • The period established in the AML/CFT General Rules to submit an STR is in accordance with (i) the time it has to be ruled as a suspicious transaction by the Committee (the superior body of an FI which one of its main powers is to approve important matters in accordance with international standards); and (ii) the international context.

  • By the time of the amendments made to the AML/CFT General Rules, FATF had not defined the meaning of “promptly” (i.e., a specified period had not been established). As soon as FATF defines what “promptly” means, the Mexican AML/CFT framework will be in a position to be amended, in case it is needed in order to be in line with the FATF’s definition on this matter.

Regarding the identification of the beneficial owner (BO) shortcoming on paragraph 6, through the latest amendments to the AML/CFT preventive framework, the BO identification regime of legal persons and other legal structures was strengthened, since the definition of BO was broadened and a continuous updating of customer identification files was required, regardless of their risk level, which significantly contributes to a better and more expeditious identification of the BO by FIs.

  • Regarding paragraph 23, in specific to certain technical deficiencies in relation to customer due diligence (CDD) measures, it is important to mention that, as a result of the latest financial reform from February 24, 2017, which is currently fully in force, some technical shortcomings have been addressed. For instance, AML/CFT General Provisions for each sector were amended and a new chapter on Risk Based Approach was added. In general terms, new obligations for FIs in order to establish a methodology, to perform a risk assessment for each of its supervised entities, were implemented. This risk methodology also addresses the deficiency on domestic PEPs on paragraph 25. In addition, it is important to highlight the already existing FIs customer identification policy that shall be based on the customer’s risk level so that when the risk level is higher, FIs must obtain additional information about their main activity, as well as perform an enhanced supervision of their transactional behavior.

1

The assessment team consisted of Richard Lalonde, IMF (team leader); Chady El-Khoury, IMF (FIU and legal expert); Ke Chen, IMF (financial expert); Concepción Verdugo-Yepes, IMF (economist); Sergey Teterukov, FATF Secretariat (financial expert); Alejandra Quevedo, GAFILAT Secretariat (legal expert); Richard Chalmers, consultant (financial expert); Angelique Roberts, U.S. Department of the Treasury (financial expert); Ignacio de Lucas, Spanish Prosecutor (legal expert).

2

The authorities have promulgated amendments to regulations which they claim will address this gap for FIs but these were not in effect at the time of the onsite visit.

Mexico: Report on the Observance of Standards and Codes-FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT)
Author: International Monetary Fund. Legal Dept.