Global AML Regulations: A 2021 Review of New AMl/CFT Laws & Identity Verification Regulations in the Russian Federation

This is the second installment in a five-part blog series featuring high-risk countries and their regulatory efforts to combat Money Laundering/Terrorist Financing crime. 

Future installments will cover more details on the impact of  new AML/CTF laws, regulations, and crime trends in the MENA, APAC, and EU regions specifically: 

  1. United Arab Emirates (UAE)
  2. Russian Federation
  3. European Union 
  4. Hong Kong, China
  5. Colombia

Stay tuned to our Identity Insights blog as we will release a new part in this series weekly.

“Between 2010 and early 2014, organized criminals and corrupt politicians in Russia moved US$ 20 billion in dirty funds through this laundromat’s complex cleanse-and-spin cycle made up of dozens of offshore companies, banks, fake loans, and proxy agents. The process was then certified as clean by judges in the tiny Republic of Moldova. The newly cleaned funds were then spread across Europe,” The Organized Crime And Corruption Reporting Project (OCCRP) recently reported. In Russia, anti-money laundering & counter-terrorist financing regulations are being implemented in drastic ways particularly over the past two years.

Russian Federation

The Russian Federation has always been seen as a hub for illicit activity, money laundering, and sophisticated crime regimes both in regards to laundering of traditional currency and through cryptocurrency. Bloomberg reports that “[t]he darknet market, where cryptocurrency is used to buy and sell illicit goods online, generated record revenue last year, led by the Russian bazaar Hydra, according to a research report by blockchain forensics firm Chainalysis.” Pseudo-anonymous cryptocurrency transfers are now being used as a major tool for money launderers and terrorist financing within Russia. 

AMl/CFT Laws & Identity Verification Regulations in the Russian Federation

“Eastern Europe has one of the highest rates of cryptocurrency transaction volume associated with criminal activity and, thanks to Hydra, is the only region with a criminal service as one of the top 10 entities sending cryptocurrency value to the region,” Chainalysis said in the report.

“The FBI assumes AML programs are not adequately designed to monitor and detect threat actors’ use of private investment funds to launder money. Additionally, the FBI assumes threat actors exploit this vulnerability to integrate illicit proceeds into the licit global financial system,” it said. 

The Financial Action Task Force (FATF) December 2019 Mutual Evaluation Report Anti-money Laundering And Counter-terrorist Financing Measures Russian Federation,  “Russia has conducted NRAs [National Risk Assessments] for ML and TF. Assessors largely agree with the results. The ML NRA identifies embezzlement of public funds, crimes related to corruption and abuse of power, fraud in the financial sector,and drug trafficking as the prevalent types of criminal activity with the potential to generate illicit proceeds. A large proportion of criminal proceeds generated in Russia are laundered abroad, as recognised by the ML NRA, which makes the pursuit of proceeds of crime to other countries an important focus for the assessment.” 

Despite the risks of anti money laundering and overall enforcement gaps, the following types of AML fraud prevention safeguards are being put into place in the Russian Federation: 

  • A pushc to verify customer identity at the time of onboarding
  • Strengthened aml identity verification tools 
  • Improved digital id verification 

Contact one of our identity specialists to Schedule a Demo of our AML products

Regulating AML/CFT in Russia: Federal Service for Financial Monitoring

According to the Federal Service for Financial Monitoring (Rosfinmonitoring – FSFM) website, its mission is to, “Rosfinmonitoring’s mission: to protect the Russian financial system and economy from threats related to money laundering, terrorist financing, and the financing of the proliferation of weapons of mass destruction.”

The FSFM is the government body responsible for overseeing regulations tied to anti-money laundering and counter-terrorist financing. The Federal Service for Financial Monitoring (FSFM) works in conjunction with national and international groups to propose and enact frameworks that will lower the risk of AML crimes worldwide.   

Rosfinmonitoring’s strategic objectives for the organization for 2021-2021 include: “

  • Objective: to mitigate current risks involving the legalization (laundering) of funds and other criminal assets, terrorist financing, and the financing of the proliferation of weapons of mass destruction
  • Objective: To ensure that organizations conducting transactions with funds or other assets as well as national system’s experts comply with AML/CFT/CPF legislation
  • Objective: To improve the level of economic transparency, inter alia, by identifying beneficial owners of economic entities.
  • Objective: to prevent any misuse of budget funds and to improve the efficiency of their use

For the full list of Rosfinmonitoring’s 2021-2023 strategic objectives, you can visit the regulator’s site. 

Russia’s Basel AML Index Falls To 5.60 Despite Crime Wave

Basel Institute on Governance began publishing these risk scores in  2012. The score is described on the institute’s website as the “only independent, data-based index of the risk of money laundering and terrorist financing (ML/TF) around the world.”

The Basel AML Index compiles data from 16 publicly available data sources including from sources such as the Financial Action Task Force (FATF), Transparency International, the World Bank and the World Economic Forum.

Risk scores cover five domains including:

  1. Bribery and Corruption
  2. Legal and Political Risks
  3. Quality of AML/CFT Framework
  4. Financial Transparency and Standards
  5. Public Transparency and Accountability

Russia’s score fell from 5.75 to 5.60, the interesting aspect of this score falling from previous years is that although Russia reminds in the medium/high-risk category, “reflecting, in particular, its vulnerabilities to a high level of corruption and to political and legal risks” there are major money laundering cases with billions of dollars being laundered annually. This shows that there is much more work for regulators to do to enhance anti-money laundering regulations and fraud prevention efforts. 

Federal Law No. 115-FZ “The AML Law” Remains in Force in 2021

Federal Law No. 115-FZ “On Combating Money Laundering and the Financing of Terrorism” (the “AML Law”) came into force on 1 February 2002. According to a CMS law, the AML Law “is the primary legislative act in the Russian Federation aimed at preventing money laundering activities and the financing of terrorism, and is supported by numerous recommendations, binding instructions and regulations of the CBR and other authorities.”

Federal Law No. 115-FZ establishes a list of “Regulated Entities” which include: 

  • Banks
  • Leasing companies
  • Insurance companies
  • Money transfer companies
  • Investment and securities companies 

Each of these categories of businesses are required to perform specific Know Your Customer procedures and maintain systems to identify suspicious transactions.

Identity Verification Obligations for “Reporting Entities” in Russia

Smooth onboarding and robust identity verification is required by Russian law. The AML law, “set up reporting and other obligations of the Regulated Entities, notaries and professional advisers performing legal and accounting services (the Reporting Entities)”

Specific obligations include: 

  • Identify their customers 
  • Identification of Unique Beneficial Owners
  • Detect suspicious transactions that may be financial crimes
  • Provide regulatory authorities (such as ) with clients’ transaction records and any information on Unique Beneficial Owners that exist in an organization

Identity verification solutions typically focus on validating documentation to ensure that there isn’t any tampering or spoofing before moving on with the customer verification process during onboarding. Whether a bad actor is part of a bribery scheme, laundering funds, or spoofing identities it is important for organizations to have a robust identity verification solution. 

Specific identity documents acceptable from Russian countries include: 

  • Internal (Russian) passport
  • Passport (external)
  • Drivers license 

Successful identity verification services focus not only on validating identification documents but also pinpointing and identifying tampering and fraud. 

Methods typically used in tampering are:

  • scratching
  • dissolving
  • cutting
  • opening using heat, solvents, and other tools
  • Superimposing the impostor’s data on top of the page

Russian passports, like those of the United States, are designed with security measures to detect tampering and fraud but are still in danger of being tampered with and manipulated. These security features include structural features (such as holographic images that are more difficult to recreate), substance features

It is important for banks and financial institutions to be aware of these threats and illicit activities during KYC verification processes and attempt to discover and stop fraudsters whether the verification process is in-person or remote.

Russian Hackers Maintained Access to Denmark Central Bank For Months 

Danmarks Nationalbank (Denmark Central Bank) was infiltrated by Russian hackers as malware was placed on their servers to allow direct access. The attack remained undetected for more than half a year. Initially, the attack was attributed to the Russian Foreign Intelligence Service, the SVR, in specific to its hacking division with monikers such as APT29, The Dukes, Cozy Bear, or Nobelium.

Interestingly enough, there seemed to be no interest in committing any other crime other than the initial intrusion. “Action was taken quickly and consistently in a satisfactory manner, and according to the analyzes performed, there were no signs that the attack has had any real consequences,” Denmark Central Bank wrote in a statement. 

This crime may have just been a flexing of a group’s muscle but the fact that this was even able to occur in such a large bank paints the picture that all banks and financial institutions may need to reevaluate their identity verification services and AML/CFT procedures.

Future  Identity Verification Trends in the Russian Federation

Russia has made strides and improvements with its AML Law but much more needs to be done to lower crime and AML risk. According to the US Department of State’s Bureau of International Narcotics and Law Enforcement Affairs, “Although Russia has made some progress on AML, various investigations have alleged the existence of schemes designed to launder billions of dollars out of Russia. “ Despite the findings in each of the Mutual Evaluation Reports, the Basel Index being lowered, and amendments to legislation, AML monitoring systems and more stringent identity verification should remain a priority for the country in the future. 

Contact one of our identity specialists to Schedule a Demo of our aml products or for more information on our Russian data sources. 

Stay tuned to our Identity Insights blog as we will release a new part in this series each week.

Follow our LinkedIn and Facebook pages for anti-money laundering news and significant regulatory changes.


Headquartered in San Diego, California, IDMERIT provides an ecosystem of identity verification solutions designed to help its customers prevent fraud, meet regulatory compliance and deliver frictionless user experiences. The company is committed to the ongoing development and delivery of offerings that are more cost-effective and comprehensive than other solution providers. IDMERIT was funded by experts who have been sourcing data on personal and business identities across the globe for over a decade. This access to official and trusted data throughout the world has become increasingly important as companies find themselves completing transactions across borders as a standard course of business.

Tony Raval
Tony Raval

Tony Raval brings more than 15 years of leadership in data technology as the Founder and CEO of IDMERIT, headquartered in Carlsbad, California. He leads an executive team including top data tech veterans to execute on his passion of creating a global data universe generating true and trusted intelligence. IDMERIT’s competitive success has come from the company’s ability to perform cross-border transactions, for which Tony and his team have developed a meticulous process and progressive technology. The company was launched as the result of a highly effective engagement with a leading global financial institution, whereby the company was uniquely able to triangulate multiple elements to create a comprehensive, and yet, frictionless experience. Tony has provided data intelligence to companies such as Google, SalesForce, and HP as well as clients across financial, government and other sectors seeking a superior partner in compliance and mitigating risk. He holds a Master’s Degree in computer engineering and data sciences, is an active member of the Entrepreneurs Organization San Diego and dedicated mentor to new entrepreneurs in EO’s Accelerator Program, enjoys meditation and running, and he and his wife Sonal recently celebrated their three-year-old son's birthday.

Get Notified about Industry Updates