Mauritius 2025 National Risk Assessment Report: What It Means for Trust and Company Service Providers (TCSPs)

The Government of Mauritius recently published its second National Risk Assessment (NRA) report, the last one having been released in 2019. The report serves as a tool for analysing the country's vulnerabilities to money laundering and terrorist financing. It also offers direction to both regulators and industry professionals by highlighting the threats and identifying the areas where enhancements can be made.

In this article, we will be focusing on Trust and Company Service Providers (TCSPs) as this sector stands out as higher risk due to the nature of the services it provides, the complex structures often involved, and the international mix of clients it tends to attract.

We’ve pulled together a summary of the key points from the report, along with a few practical suggestions that TCSPs might want to consider going forward.

Money Laundering Threats

The NRA outlines how criminals use TCSPs to move illicit funds through layered, multi-jurisdictional structures.

Key threats include:

• Creating complex legal arrangements across borders to obscure fund origin

• Moving illicit money through layered entities

• Concealing real beneficial ownership

• Using foreign bank accounts to bypass local oversight

• Engaging in fraud and forgery as predicate offences

• Routing funds through accounts in multiple jurisdictions

These risks demand robust due diligence, especially when onboarding clients with complex or multi-jurisdictional structures.

Money Laundering Vulnerabilities

The report identifies practical weaknesses that increase risk exposure:

• Complex client structures and diverse international clientele

• Blurred beneficial ownership

• Trusts created without a clear stated purpose

• Exposure to foreign PEPs and HNWIs

• Dealings with high-risk jurisdictions

• Poor transaction record-keeping and unusual activity

• Remote onboarding without proper document verification

• Use of unregulated intermediaries

• Inflexible compliance frameworks not tailored to firm size or risk

• Weak compliance culture and under-resourced compliance teams

These vulnerabilities underline the need for active risk assessments, enhanced controls, and regular review of internal procedures.

Terrorist Financing Risks

TF threats, while less visible, are still relevant. TCSPs can be misused through:

• Opaque structures that mask the movement of terrorist funds

• Clients or trusts with international exposure or links to charitable activities

• Non face-to-face relationships and cross-border transactions that reduce visibility

To counter these risks, firms must align TF detection efforts with ML controls and build staff capacity to recognise TF-specific red flags.

Recognised Progress

The NRA acknowledges strong progress in the sector:

• A comprehensive legal and regulatory framework

• Appointment of qualified MLROs

• Documented risk assessments and proper CDD practices

• Active regulatory monitoring

• Screening of key individuals and UBOs

• Skilled staff from professional bodies

• Ongoing AML/CFT training

• Sanctions screening systems in place

These foundations are essential. The next step is to ensure that controls remain effective and responsive to changing risks.

Areas Needing Attention

The report calls for action in three key areas:

• Transaction monitoring: Systems must detect anomalies in real time, not just flag known patterns.

• Red flags and internal reporting: Firms need clearer internal guidance and more confident reporting from staff.

• Audit scope: Independent audits should fully assess terrorist financing controls, not just money laundering.

Final Thoughts

The 2025 NRA highlights the growing complexity of financial services and the increasing expectations on Trust and Company Service Providers. A compliance framework on paper is no longer enough. Its effectiveness depends on how well it is applied in practice.

As face-to-face interactions decline and services shift online, firms must strengthen digital verification, reassess client risk, and limit reliance on unregulated intermediaries. Structures with no clear purpose or layered ownership are more than operational issues. They are warning signs that demand closer scrutiny.

A strong compliance culture, supported by training and regular review, is essential. Firms that take a proactive approach, assess behaviours as well as processes, and embed compliance into daily decisions will be better equipped to manage risk and meet evolving regulatory expectations.

Looking ahead, here are a few questions worth considering:

• Are your controls strong enough to manage high-risk clients and cross-border activities?

• Do your internal systems help staff detect unusual behaviour with confidence?

• When was the last time you reviewed your framework with a fresh lens?

• Is compliance a value in your culture, or simply a requirement?

Need support?

VPR Management Services offers practical, customised support to help you respond confidently to the findings of the 2024 NRA.

• Want a sector-specific analysis of the NRA beyond TCSPs?

• Need help setting up or enhancing your compliance framework?

• Looking to strengthen your compliance culture through training?

→ Reach out to us.