Germany's Federal Financial Supervisory Authority urges enhanced AML due diligence on circumvention transactions, with focus on Iran-related schemes

Germany's Federal Financial Supervisory Authority (BaFin) issued a supervisory notice warning that “circumvention transactions” in the financial sector that intentionally bypass legal, regulatory or contractual requirements create significant money laundering and terrorist financing risk and can obstruct compliance with customer due diligence obligations under the German Money Laundering Act (GwG). Where there are indications of circumvention, obliged entities should assume higher risk and apply enhanced due diligence under section 15 GwG; if general or enhanced due diligence cannot be completed, the termination obligation applies and suspicious transaction reports under section 43(1) GwG may be required. The notice highlights typical red flags including complex product and settlement structures, shell or front companies, multiple intermediaries across jurisdictions, fragmentation of transactions across actors, and anomalous payment patterns (such as round amounts, generic references, or activity inconsistent with a customer profile). BaFin also reports increased supervisory findings of activity intended to conceal Iran links, noting Iran’s designation as a high-risk third country under the European Commission’s Delegated Regulation (EU) 2016/1675, and emphasising that the Iran nexus should be interpreted broadly beyond direct Iran counterparties or flows. Identified Iran-related circumvention models include the use of “exchange trading houses” in Gulf states as intermediaries, unlicensed “payment agents” operating from jurisdictions such as the United Arab Emirates, Hong Kong, China, Turkey and Switzerland, and misuse of trade finance through techniques such as phantom trade, over- or under-invoicing, multiple invoicing, opaque corporate structures, unjustified pass-through arrangements, and forged or manipulated documentation. Firms are expected to review and adapt risk management and monitoring systems, consider information exchange between obliged entities under section 47(5) GwG, and (for credit institutions) ensure organisational compliance under section 25a of the German Banking Act (KWG), with potential supervisory consequences for serious or persistent breaches.