FATF Recommendation 13 (Correspondent Banking and Similar Relationships) and its application to VASP–VASP relationships require enhanced due diligence before onboarding. This is because such arrangements carry elevated ML/TF risk, especially in cross-border settings.

Required CDD practices include:

Assess the nature and purpose of the VASP relationship (C): Understand why the relationship is being established and the expected services/products.

Obtain approval from senior management (D): Senior management oversight ensures risk is accepted at the appropriate governance level.

Assess the VASP’s supervision and if a license/registration is needed (E): Confirm regulatory oversight, licensing, and compliance with AML/CFT obligations.

Options A and B are not core FATF requirements for CDD in this context — local authority approval may be a domestic regulatory requirement in some countries, but not a FATF baseline, and profitability assessment is a business decision, not an AML measure.

Blockchain’s immutability ensures that all transactions remain permanently recorded and tamper-proof, enabling blockchain analytics to trace illicit funds. This property is leveraged in crypto forensic investigations and AML monitoring.

A 51% attack refers to a situation where a single miner or group controls more than 50% of the blockchain network’s computational (hashing) power. This majority control allows them to manipulate the blockchain ledger by double-spending or blocking transactions.

This term is widely recognized in blockchain security contexts and is referenced in typology papers on crypto financial crime risks, including those issued by UAE authorities and FATF.

Supporting extracts:

DFSA AML thematic reviews mention the risk of manipulation and double spending in blockchains susceptible to 51% attacks.

Typology reports on cryptoasset risks highlight computational power concentration as a core vulnerability.

“51% refers to the percentage of total mining power or computational power in the network” is the standard definition across crypto AML/CFT frameworks 【 31.92._TFS_Typology_Paper_Eng__4.pdf; AMLCFT_Guidance_for_FIs.pdf 】 .

Thus, C is correct.

Proof of Work (PoW) consensus achieves network consensus by requiring participants (miners) to solve complex cryptographic puzzles, which verifies transactions and secures the blockchain. This computational work makes it difficult and costly to alter the blockchain.

Dependency on electricity (A) is a criticism rather than an advantage. PoW promotes decentralization rather than centralization (B). It provides strong security for large networks rather than small ones (D).

This principle is fundamental in Bitcoin and many other cryptocurrencies and is frequently referenced in AML/CFT guidance to understand the transaction validation process and network security.

CDD includes verifying the customer’s identity using reliable, independent documentation before or during onboarding.

Money laundering risk increases if the business operates in or near high-risk jurisdictions (D) or regions associated with narcotics production (C), as these are common sources of illicit funds.

An increase in volume and users (A) or supporting various cryptoassets (B) alone does not necessarily increase ML risk. Recent licensing (E) may indicate regulatory compliance, potentially lowering risk.

Directly sending to a scam cluster is a strong indicator of active participation rather than passive exposure, triggering SAR obligations.

Mining generates new cryptoassets (A) by rewarding miners for solving complex cryptographic puzzles. It also validates transactions on the blockchain (D) by confirming and recording them in blocks, ensuring the integrity of the ledger.

While mining indirectly contributes to network security, the core security mechanisms involve consensus protocols beyond mining alone (B). Optimizing network functionality (C) is usually a development task rather than a mining function.

Attribution data involves linking blockchain addresses to real-world entities, which is derived from a combination of public sources (blockchain explorers, public databases) and non-public sources (law enforcement databases, commercial analytics, exchange records).

Relying solely on blockchain data (C) or darknet sources (D) is insufficient. Business records (A) are part of non-public sources.

DFSA and FATF AML guidance underscore the multi-source approach for effective forensic attribution.

Misconfigured or poorly designed smart contracts can enable rug pull scams, where developers create fraudulent decentralized finance (DeFi) projects or tokens and then withdraw liquidity or funds abruptly, leaving investors with worthless assets.

Phishing (A) and SIM attacks (B) relate to social engineering and telecom fraud, respectively, and ransomware (D) is malware demanding payment. Rug pulls specifically exploit smart contract vulnerabilities.

The DFSA and AML thematic reviews on crypto highlight rug pull scams as a key operational and financial crime risk linked to smart contract vulnerabilities.