Correspondent banking is the provision of banking services by one bank, the correspondent, to another bank, the respondent, so that the respondent can access payment services, clearing, settlement, liquidity, trade finance, cash management, or other cross-border banking capabilities through the correspondent’s infrastructure. FATF’s guidance on correspondent banking explains that these relationships allow respondent institutions to provide services and access markets they could not readily access on their own.
In the financial crime environment, correspondent banking is especially important because it sits at the intersection of cross-border finance, payment infrastructure, and indirect customer access. The correspondent bank may not deal directly with the respondent’s underlying customers, yet it is often processing transactions that originate from them or on their behalf. That structure creates a distinctive control challenge: the correspondent must manage money laundering, terrorist financing, sanctions, fraud, and other financial crime risks arising through a relationship where it may have limited visibility into the underlying activity and where it is relying, to a significant extent, on the respondent’s own controls. FATF and the FFIEC both treat correspondent banking as an area requiring specific due diligence, monitoring, and governance.
From a professional AML perspective, the core risk in correspondent banking is not that the model is inherently improper, but that it can create channels through which higher-risk funds, customers, or jurisdictions access the financial system indirectly. A weak respondent bank, poor transaction transparency, nested relationships, exposure to high-risk geographies, sanctions weaknesses, or inadequate customer due diligence at the respondent level can all increase the risk that the correspondent is used to process suspicious or prohibited activity. FATF’s guidance specifically notes that the objective is to manage, rather than avoid, these risks through a risk-based approach.
This point matters because correspondent banking has long been associated with so-called de-risking, where institutions terminate or avoid relationships with regions, sectors, or respondent types rather than managing the underlying risk. FATF states clearly that this kind of broad de-risking is not in line with the FATF Recommendations and has had serious effects on financial inclusion and cross-border access to banking services. In other words, correspondent banking is a high-risk area, but the expected response is proportionate due diligence and monitoring, not automatic withdrawal from the sector.
A professionally mature correspondent banking framework begins with risk assessment and due diligence. The correspondent should understand the respondent institution’s ownership, management, licensing, business model, products, customer base, geographic exposure, sanctions controls, AML framework, transaction-monitoring capability, and reputation. FATF’s correspondent banking guidance and the FFIEC BSA/AML materials both emphasize that due diligence must be sufficient to understand the nature of the respondent’s business and the quality of its AML controls.
This due diligence is particularly important because correspondent banking often involves reliance on another institution’s control environment. A correspondent is not expected to know every underlying customer in the same way it would know a direct customer, but it is expected to assess whether the respondent’s own systems and controls are credible. FCA guidance on correspondent banking specifically highlights that correspondent banks gather information about respondent banks’ procedures for sanctions screening, politically exposed person identification, and account monitoring. That means the respondent’s control maturity is itself part of the correspondent’s risk exposure.
One of the most sensitive issues in correspondent banking is nested activity, where other financial institutions gain indirect access to the correspondent relationship through the respondent. This can reduce transparency further and make it harder to understand who is really using the payment channel. While not every nested arrangement is improper, it increases the importance of understanding the respondent’s customer base, access controls, and ability to identify and manage downstream institutional relationships. This is a practical inference supported by the wider FATF emphasis on visibility, respondent due diligence, and risk-based monitoring in correspondent relationships.
Monitoring is the next major pillar. FATF says correspondents should put in place and periodically review risk-based procedures specifying the applicable monitoring techniques and the criteria that trigger them. Monitoring in this context is not simply generic transaction review. It should take into account the respondent’s historic behaviour, the types of payment flows expected, the jurisdictions involved, unusual patterns, and the respondent’s responsiveness to prior requests for information. Where volumes, corridors, counterparties, or payment messages shift in ways that are inconsistent with the relationship profile, the correspondent should be able to challenge and investigate effectively.
Sanctions risk is also highly material in correspondent banking. Cross-border payments often involve multiple parties, jurisdictions, and intermediaries, which increases the chance of exposure to sanctioned persons, entities, or geographies. If the respondent’s sanctions controls are weak, the correspondent may face legal and regulatory risk as well as reputational harm. FCA guidance specifically refers to correspondent banks gathering information on respondent sanctions-screening procedures, reflecting how central this issue is in relationship assessment and ongoing oversight.
In the U.S., correspondent banking also carries specific statutory and regulatory obligations under the BSA framework. The FFIEC manual includes dedicated examination procedures for due diligence programs for correspondent accounts for foreign financial institutions, and separate procedures concerning the prohibition on correspondent accounts for foreign shell banks and the requirement to maintain records of owners and agents. These requirements show that correspondent banking is treated as a distinct AML control area rather than just another customer relationship type.
Governance is crucial because correspondent banking risk cannot be managed through onboarding alone. Firms need documented risk appetite, enhanced approval standards, periodic review cycles, escalation routes for unusual activity, and the ability to restrict, remediate, or terminate relationships where control concerns persist. FCA financial crime guidance and FATF materials both point back to systems and controls, proportionate oversight, and ongoing review rather than one-time due diligence.
Ultimately, correspondent banking is a critical part of the global financial system because it enables cross-border payments and access to banking infrastructure. But in the financial crime environment, it is also one of the most sensitive institutional relationships because it can transmit risk from one bank’s customer base and control environment into another bank’s payment channels. For that reason, correspondent banking must be managed through robust due diligence, risk-based monitoring, strong sanctions and AML oversight, and governance that is capable of challenging the relationship when risk indicators deteriorate.
