A practical framework helping financial institutions navigate environmental crime risks through governance, best practices and scalable structures tailored to their specific operational exposure.

This framework provides a structured, risk-based approach to identifying, assessing, and managing environmental crime exposure. It supports informed decision-making, regulatory alignment, and practical implementation across governance, controls and reporting functions.

The illegal clearing of forests and natural ecosystems for agriculture, development, or resource extraction.
Trafficking of protected flora and fauna and derivatives across domestic and international borders.
Extractive activities occurring without proper permits, in protected areas, or in contravention of relevant laws.

Do you understand your organisation’s specific vulnerabilities to environmental crime and associated financial crime risks?
Are you confident you would be able to spot potential links to environmental and related financial crime, even if through indirect exposure?
Are you using the most up-to-date technology and tools to conduct due diligence and manage financial crime risks?
Are you confident your team would know what to do if a potential suspicion was raised internally? How would you report such suspicions to relevant authorities?
Do you have the framework in place to continue to grow and support your company’s anti-environmental crime and anti-financial crime efforts?
Do you review and refresh your policies, systems and controls annually to ensure they continue to be robust in the face of evolving risks?

In order to understand and mitigate environmental crime risks, it is essential to carry out periodic business-wide risk assessments to understand and manage exposure to environmental crime and associated financial crimes. Conducting thorough risk assessments allows firms to identify potential exposure and develop strategies to manage them effectively.

When assessing exposure to illegal wildlife trade, financial institutions could, for example:
Assess both the impact and likelihood of environmental crime risks
Understand the jurisdictional risk exposure of your firm
Define key mitigating controls
Map against firm’s risk appetite
Map against long term environmental crime and anti-financial crime strategy

When assessing exposure to illegal mining activities, financial institutions could, for example:
Setting overarching rules and guidelines and specific operational steps in relation to potential environmental crime exposure; for example, through No Peat, No Deforestation and No exploitation (NDPE), Mining and Metals, or Forestry and Agricultural Commodities policies.
It is important for firms to set out clear policies and procedures for an effective organisation-wide response to tackling potential links to environmental crime and associated financial crime. These policies and procedures provide a framework for identifying, assessing, and mitigating risks across all levels of a firm.

Financial institutions should develop specific policies addressing:

Financial institutions could develop specific policies addressing:
Starting from the top with senior leadership is important to ensure there is buy-in for the policies and procedures from everyone across the organisation. Leadership should also ensure clear responsibilities are in place to make sure employees know how specific policies apply to their roles and teams.
Clear procedures should define and streamline communication and coordination among different departments and roles, which can help ensure no risks go undetected.
Policies and procedures should be displayed in a way that is accessible, effective, and understood by all relevant staff.
Management information (MI) helps provide senior leadership with a comprehensive understanding of environmental and financial crime risks and how these are being managed across your firm.
Senior management can only make the right decisions if they have the right level of data being fed to them on a regular basis, and if this data is both specific and up to date.
Your MI plan should outline what level of information and data you are providing, to whom, and how frequently.
Regulators will often want to see what MI is being fed into senior management and other levels of the organisation.
In many countries, it is a regulatory requirement for MLROs to produce annual reports. These should reference all associated financial crimes, including those linked to environmental crime.
Statistics on transactions/clients flagged for potential links to deforestation, illegal mining, and wildlife trafficking
Updates on regulatory developments affecting all three environmental crime areas
Client exposure metrics broken down by environmental crime risk type and geography
Tracking of internal training completion rates on environmental crime topics
External developments in criminal methodologies across all environmental crime types
Cross-correlation analysis showing connections between different environmental crime types in client portfolios
Performance metrics on environmental crime risk mitigation efforts
Policies should be reviewed regularly to account for new risks and external events. This is especially important for environmental crime risks, as these crimes are often transnational, evolving quickly and heavily impacted by external events.
Policy makers should understand that the highest risk commodities and jurisdictions may change over time as new trends emerge and put in place a mechanism for updating these as new information comes to light.

Financial institutions could develop specific policies addressing:
Progress towards commitments made in policies should be published on an annual basis (e.g. in a report or on a firm’s website) using quantifiable metrics.
A good governance and management framework will help keep a pulse on whether your firm is effectively implementing all components of its strategic framework.
A good governance framework sets out how your company will monitor, evaluate, and manage adherence to its environmental crime and financial crime strategies and policies.
As part of this, your firm should map out which governing bodies and leadership will be responsible for oversight of your policies, as well as which body is responsible for the detailed monitoring and testing of effectiveness.
ESG governance can be an important line of defence against environmental and financial crime risks as well. By asking the right questions and holding your organisation accountable to certain environmental and governance standards, you can increase both your environmental crime understanding and risk analysis.
Having clear policies and procedures for due diligence and ongoing monitoring is essential for keeping your firm safe from environmental crime and associated financial crime exposure - as is red flag screening.
Firms should conduct thorough due diligence on customers, staff, suppliers, investments, and third parties to identify and prevent direct and indirect links to environmental crime and associated financial crimes.
Due diligence should be robust, rigorous and verifiable by third parties.
The responsibility for due diligence should not be shifted onto other businesses in the value chain; businesses should each feel responsible for conducting thorough due diligence on their entire supply chain and for assessing risks related to all their activities.
Due diligence across the industry can be improved by effective internal and external communication and information sharing.
Firms should be ambitious with their screening and aim to go beyond standard industry practice. For example, this might include screening not just for illegal deforestation but more widely, in alignment with initiatives such as the Consumer Goods Forum’s Forest Positive Coalition.
Data should be requested directly from a third party where it is not publicly available.
Ongoing monitoring helps firms screen business relationships against specific environmental and financial crime data and red flags to identify any potential links to criminal convictions both during onboarding and on an ongoing basis. High risk third parties should be reviewed on at least an annual basis and non-compliant entities and those which are making too little measurable progress should be identified and engaged with.
Due diligence results should feed into policy decisions (e.g. certain trends or techniques that are being observed should be used to update high risk commodities or geographies).
The importance of having clear policies and procedures for reporting suspicious activity and transactions cannot be overstated. As outlined in the Typologies, Red Flags and Reporting panel of this toolkit, the financial services sector plays an essential role in identifying and reporting activities with links to environmental and related financial crimes.
It is important to have an effective internal reporting framework where staff know when, how, and who to report to when suspicions of links to environmental crime or related financial crimes arise.
It is important to have clear procedures as well on how to report any suspicions to relevant authorities. Your firm’s Money Laundering Reporting Officer (MLRO) should oversee and report suspicious financial activities to relevant authorities.
It is crucial to implement effective systems and controls to identify and manage direct and indirect environmental and financial crime exposure. It is also key to innovate and use the latest technologies across these systems and controls.

Financial institutions can leverage specialised tools for monitoring illegal wildlife trade:
The most effective systems and controls integrate innovative technologies and tools that work within your business environment – ask your teams what systems, software, and platforms they need to ensure success. Some potential systems and tools include:
End-to-end SaaS screening, monitoring, and investigations platforms that can help optimise the effectiveness and efficiency of identifying and assessing potential links to environmental crime and related financial crime risks.
Risk mapping software that helps search and investigate network connections between individuals and legal entities.
Automated ongoing monitoring systems that can conduct daily ongoing screening across all clients and counterparties, incorporating a rich array of data sources, as well as specific key word searches and red flag indicators.
eIDV tools that can perform live biometric facial recognition and verify documents for authenticity.
Digital risk assessment diagnostic and benchmarking tools to provide automated, tailored financial and environmental crime risk assessment reports.
Climate and environmental data analytics tools, which can analyse data to identify emerging trends and patterns associated with environmental crime risk.
Satellite imagery, geospatial and remote sensing data to monitor land use changes in areas where firms have investments, particularly in sectors like agriculture, forestry, and mining.
Supply chain transparency tools to trace the origin of products and commodities in investment portfolios. Blockchain technology, for example, enables transparent and immutable records of supply chain transactions.

Financial institutions can leverage specialised tools for monitoring illegal mining:
Promoting a culture of openness, education, and awareness is important for ensuring the effectiveness of any anti-environmental crime and related financial crime response at your firm. Ensuring a strong culture and effective training goes beyond box ticking and should be embedded in the day-to-day actions of the firm. A strong culture will also help prevent inappropriate and risky behaviour that could damage reputation or lead to financial or legal consequences, and protect against employee, stakeholder, or investor backlash.
Promoting a positive and consistent message.
Embedding transparency and accountability into day-to-day decisions.
Creating an environment of safety over fear.
Incentivising and recognising positive behaviour.
Companies should ensure all staff possess the skills, knowledge, and expertise needed to carry out their functions effectively. Many staff will not be fully aware of the scale and impact of environmental crime and associated financial crimes, or how it relates to their specific role and daily work. Busy staff also face multiple competing priorities. Raising awareness of environmental and associated financial crime risks through periodic training is therefore vital to ensure that focus on these threats is not lost.
Firms should incorporate environmental and financial crime risks into their enterprise-wide financial crime training programmes, given their status as predicate crimes to money laundering.
Training should incorporate guidance on how to spot signs of environmental crime and associated financial crime risks, and then how to report these internally. Having a clear internal reporting system that is understood by all staff is vital.
Staff across all functions of a business should be given appropriate training on how to implement anti-financial crime policies, systems, and controls.
Training and awareness building can take many forms. It is worth considering incorporating a blend of digital learning, classroom-based training, and other educational resources such as research reports, to appeal to individuals with different learning styles/preferences.

Financial institutions could incorporate in their training:

Financial institutions should incorporate in their training:
Without robust governance structures and reliable management information, even the best-designed environmental crime strategies risk being poorly implemented, inconsistently applied, or simply forgotten under competing business pressures. Effective governance ensures that the right people have visibility of the right risks at the right time, enabling informed decision-making at board and senior management level. It also provides a mechanism for holding the organisation accountable to its commitments and demonstrating to regulators, clients, and other stakeholders that environmental and associated financial crime risks are being actively and seriously managed.
Firms should clearly define which governing bodies — such as the board, risk committee, or audit committee — hold ultimate responsibility for oversight of the firm's environmental crime and associated financial crime strategy and policies.
Responsibility for day-to-day monitoring, testing, and reporting should be clearly assigned to a named function or individual, such as the Chief Risk Officer, MLRO, or Head of Compliance, ensuring there is no ambiguity about who owns this agenda.
ESG governance structures should be integrated with financial crime governance, recognising the significant overlap between environmental crime risk and ESG risk exposure.
Incentive structures and performance frameworks should reflect and reward adherence to environmental crime and anti-financial crime policies, helping to embed accountability throughout the organisation.
Firms should develop a formal management information plan that sets out what data and reporting is produced, who receives it, and how frequently — ensuring that information flows are proportionate to the level of risk and seniority of the recipient.
Senior management and boards can only make sound decisions if the data reaching them is timely, accurate, and specific. Generic or overly aggregated reporting is unlikely to surface the nuanced risks associated with environmental crime.
Key metrics to include in MI reporting might cover: the number of environmental crime-related suspicious activity reports (SARs) filed; outcomes of due diligence reviews on high-risk clients or supply chains; training completion rates; findings from periodic assessments; and any regulatory developments or emerging typologies relevant to the firm's risk profile.
MI should be dynamic and updated regularly, rather than produced only as a reactive or annual exercise.
A good governance framework should include a clear plan for how the firm will test the effectiveness of its controls on an ongoing basis, using the Three Lines of Defence model as a guide (see Periodic Assessment section).
Governance bodies should review the outputs of compliance monitoring and internal audit functions and ensure that findings and remediation actions are tracked to completion.
Where gaps or weaknesses are identified, governance structures should ensure these are escalated appropriately and addressed within a defined timeframe.
If firms don’t consistently review and assess their effectiveness in detecting potential links to environmental crime and associated financial crimes at all levels of the business, efforts will invariably stagnate and cannot be effectively evaluated, which risks inefficiency and wasted resource.

Financial institutions should periodically assess:
1st Line of Defence: Quality Assurance
Scoring and assessment done on an individual or team basis, by the functions that own and manage the risk.
2nd Line of Defence: Compliance Monitoring
Periodic assessments of your policies and procedures across specific thematic areas or sections of your organisation, by the functions that oversee the risk or who specialise in compliance.
3rd Line of Defence: Internal Audit
Evaluating the effectiveness of the approach, reporting into a board or committee, by functions that sit outside the risk management processes of the first two lines of defence.
Environmental, social, and governance (ESG) factors are critical in helping financial institutions and other businesses manage their exposure to environmental crime risk. As more firms are facing increasing pressure to identify ESG risks and incorporate them into risk management efforts – both from external stakeholders like customers and clients and internal stakeholders like shareholders - understanding how environmental and financial crimes factor into ESG risk is paramount to ensuring the long-term success of your business.

Financial institutions should integrate into their ESG frameworks:
Investment exclusion criteria for businesses linked to illegal forest clearing and land grabbing
Positive screening for companies with zero-deforestation commitments and implementation Portfolio forest footprint assessments and net-positive nature targets
Support for sustainable landscape management and agroforestry systems
Indigenous rights considerations in land-based investment decisions
Investment exclusion criteria for businesses connected to illegal wildlife trade
Positive screening for companies supporting wildlife conservation
Portfolio biodiversity impact assessments
Support for sustainable alternatives to wildlife products
Community engagement in areas affected by wildlife trafficking
Investment exclusion criteria for businesses without mineral supply chain verification
Assessment of mining-related water pollution and ecosystem damage
Human rights considerations including child labour and forced labour in mining
Community engagement in mining regions to understand social impacts
Firms should adhere to key international standards and frameworks such as the Forest Stewardship Council (FSC), the Roundtable on Sustainable Palm Oil (RSPO), and the No Deforestation, Peat and Exploitation (NDPE) Commitment, the Kimberley Process.
Firms should adhere to the recommendations as laid out by The Financial Action Task Force (FATF):
The FATF recommends that environmental crime – which includes illegal logging, forestry crimes, illegal mining, and the illegal wildlife trade – be considered a predicate crime to money laundering in all countries’ national legislation.(FSC), the Roundtable on Sustainable Palm Oil (RSPO), and the No Deforestation, Peat and Exploitation (NDPE) Commitment, the Kimberley Process.
Several of the FATF’s 40 Recommendations are of particular relevance to environmental crime, including:
Recommendation 4
Competent authorities should freeze or seize and confiscate assets laundered or proceeds from predicate offences.
Recommendation 10
Financial institutions are required to undertake Customer Due Diligence (CDD) whilst establishing business relationships and when carrying out transactions which are of a suspicious nature.
Recommendations 20 & 23
If a financial institution has reasonable grounds to suspect that funds may be the proceeds of a criminal activity, it should promptly report its suspicions to the FIU.

Financial institutions could incorporate these key frameworks:
Accountability Framework initiative (AFi) core principles
Forest Stewardship Council (FSC) certification
Round table on Sustainable Palm Oil (RSPO) standards
Convention on International Trade in Endangered Species (CITES)
United for Wildlife Financial Taskforce principles
The UNODC Global Programme for Combating Wildlife and Forest Crime
OECD Due Diligence Guidance for Responsible Supply Chains of Minerals
Extractive Industries Transparency Initiative (EITI)
Kimberley Process for diamonds
Firms should benchmark their ESG criteria against the United Nations Sustainable Development Goals (SGDs), as this can help align firm practices with SDGs. It is important to keep in mind how environmental crime relates to all SDGs, but some key ones to consider are:
SDG 3: Good Health and Well Being
Firms can help decrease health related consequences of environmental crime, such as exposure to mercury from illegal mining, or the spread of zoonotic diseases via the illegal wildlife trade.
SDG 6: Clean Water and Sanitation
Firms can help decrease water contamination and pollution from illegal mining.
SDG 8: Decent Work and Economic Growth
Given the prevalence of forced labour in deforestation and illegal mining, firms can help promote productive and decent work for all, as well as inclusive and sustainable economic growth.
SDG 12: Responsible Consumption and Production
By promoting high standards for investments and clients related to production and consumption, firms can help reduce deforestation, illegal land conversion, illegal mining, and the illegal wildlife trade
SDG 13: Climate Action
By reducing deforestation, firms can help mitigate climate change and its impacts.
SDG 15: Life on Land
By integrating anti-deforestation commitments into ESG frameworks, firms can help protect and promote sustainable use of forests and other ecosystems, including halting land degradation and biodiversity loss.
Firms should also bear in mind the EU Taxonomy Regulation:
The EU Taxonomy Regulation establishes a classification framework that defines when an economic activity can be considered sustainable in the EU. The regulation came into effect in 2020 and applies to financial institutions, requiring them to disclose the proportion of their financial activities that are taxonomy-eligible and aligned. The framework serves as an important market transparency tool and helps direct investments to the economic activities most in line with environmental and sustainability objectives.
Firms should adhere to the Sustainable Finance Disclosure Regulation (SFDR):
The SFDR, adopted into law in March 2021, sets stringent minimum-disclosure standards to prevent greenwashing in investment products that claim ESG or ESG-related objectives. Applicable to all EU financial institutions and financial advisors, the SDFR aims to bring higher transparency to sustainability-related disclosures in the financial services sector at both the entity and financial product levels. This dual-level, double materiality reporting is intended to be integrated into their investment decision-making processes.
While the SDFR does not primarily focus on deforestation, the regulation’s mandatory and voluntary disclosures will expose financial institutions which invest in companies with detrimental land-use practices that negatively affect biodiversity-sensitive areas, or those that lack a policy regarding deforestation. However, land degradation falls under the banner of voluntary rather than mandatory disclosures under the SFDR.
By integrating ESG criteria and controls, financial institutions can significantly mitigate their exposure to environmental crime risk and associated financial crime, thereby contributing to global sustainability goals and ensuring a successful business.