In a stark reminder of the rapidly evolving financial crime landscape, the Financial Action Task Force (FATF) has released its latest report on 20 June 2025: Complex Proliferation Financing and Sanctions Evasion Schemes. The document delivers a sobering assessment of persistent vulnerabilities across the global financial system that are enabling the financing of weapons of mass destruction (WMD), especially by sanctioned actors like the Democratic People’s Republic of Korea (DPRK). For seasoned AML/CFT professionals, the report should serve not only as a critical reference, but as a renewed call to action.
Persistent Global Weaknesses
The FATF’s data reveals a significant implementation gap: only 16% of jurisdictions have demonstrated high or substantial effectiveness in implementing Immediate Outcome 11 (IO.11) — the measure of countries’ ability to apply targeted financial sanctions (TFS) under the UN Security Council Resolutions related to proliferation.
Similarly, a mere 13% of countries are technically compliant with Recommendation 7 (R.7), FATF’s standard that mandates the implementation of TFS to prevent proliferation financing (PF). The disconnect between technical compliance and effective implementation is more than procedural — it is a systemic risk, and one that illicit actors are exploiting with increasing sophistication.
Evolving Threatscape: State and Non-State Actors
The DPRK remains the most prominent actor in the PF ecosystem. The report outlines how Pyongyang has raised billions through cyber-enabled heists, such as the $1.5 billion theft from ByBit in February 2025, along with the continued exploitation of overseas IT workers and illicit trade networks.
However, the risk landscape is broadening. The FATF also identifies Iran and Russia — though not sanctioned under R.7 — as leveraging complex trade and financial architectures to circumvent sanctions. Iran’s ties to transnational criminal organisations and Hezbollah’s penetration of financial institutions exemplify how criminalised markets now form the backbone of PF schemes. Meanwhile, Russia’s strategic alignment with the DPRK through a Comprehensive Strategic Partnership Treaty raises new PF concerns, including military and financial integration.
Four Typologies: Sophisticated and Strategic
Based on case studies and national submissions, the FATF report outlines four primary typologies used by actors evading PF-related sanctions:
Use of Intermediaries: Sanctions evaders rely on front and shell companies, often layered across jurisdictions, and involve third-country transshipments, complicating end-user and beneficial ownership analysis.
Obfuscation of Beneficial Ownership (BOI): Legal entity misuse, complex shareholding, and the abuse of nominee structures hinder financial institutions’ ability to map transactional flows and real control.
Exploitation of Virtual Assets and Technology: The DPRK has aggressively used pseudonymous wallets, mixers, and anonymity-enhancing cryptocurrencies (AECs), targeting the slow implementation of FATF’s Recommendation 15 across jurisdictions.
Maritime and Shipping Sector Manipulation: Techniques include altering vessel IDs, ship-to-ship transfers, disabling AIS, and forged documentation — all to conceal the true origin and destination of illicit cargo.
Compliance and Enforcement Gaps
The report lays bare the reality that most jurisdictions are either underestimating or misidentifying their PF risk exposure. Nearly half of countries failed to confirm if they even have PF vulnerabilities, often citing geographic isolation or absence of direct trade with sanctioned states as mitigating factors — a dangerously narrow view in a world of third-party intermediaries and decentralized finance.
Moreover, FATF criticises the global reliance on legacy data sources like the UNSCR 1718 Panel of Experts (dissolved in 2024) and calls for dynamic, context-driven risk assessments, particularly as DPRK bankers and entities regain financial connectivity through strategic partnerships, notably with Russia.
The Call for a Coordinated Global Response
To address these mounting challenges, FATF recommends:
Updating PF typologies and risk indicators regularly to reflect geopolitical shifts and technological innovation.
Enhancing public-private partnerships to enable real-time risk detection and targeted information sharing.
Developing a globally accepted definition of WMD PF in the FATF Glossary within five years.
Conducting a horizontal review of global PF risk assessments to benchmark progress and harmonise approaches.
Implications for the Financial Industry
For advanced AML/CFT practitioners, this report is not merely a typologies document — it is a directive. Financial institutions must integrate the new typologies and risk indicators into their transaction monitoring and sanctions screening programs. Compliance teams should revisit their BOI controls, re-evaluate exposure to virtual asset service providers (VASPs), and enhance due diligence in sectors vulnerable to dual-use goods procurement.
The report also affirms the necessity of proactive intelligence sharing, scenario-based red teaming of PF vulnerabilities, and participation in public-private information exchanges — particularly in jurisdictions with high trade volume, financial centrality, or geopolitical significance.
Leave a Reply