1. UK Financial Crime Framework
FCA Handbook Requirements
The Financial Conduct Authority (FCA) sets out comprehensive requirements for financial crime systems and controls that all regulated firms must follow. These requirements form the foundation of your firm's anti-financial crime framework and are critical to maintaining your authorization and protecting your business from regulatory enforcement.
Systems and Controls (SYSC)
Under SYSC 3.2.6R and SYSC 6.1.1R, your firm must take reasonable care to establish and maintain effective systems and controls for compliance with applicable requirements and standards under the FCA regulatory system and to counter the risk that your firm may be used to further financial crime.
Key SYSC Requirements
Principles for Business
There are 11 Principles for Businesses that apply to all FCA-regulated firms. The key principles relevant to financial crime are:
| Principle | Requirement |
|---|---|
| Principle 1 (Integrity) | Conduct business with integrity; ensure firm is not used to facilitate financial crime |
| Principle 2 (Skill, care) | Conduct business with due skill, care and diligence including robust financial crime controls |
| Principle 3 (Management) | Organise and control affairs responsibly with adequate risk management systems |
| Principle 11 (Regulators) | Deal with regulators openly; disclose anything the FCA would reasonably expect notice of |
Important: Principle 11
Principle 11 is particularly important for financial crime. If you identify a material weakness in your financial crime controls, or discover that your firm has been used to facilitate financial crime, you must inform the FCA proactively rather than waiting for them to discover the issue.
Senior Managers and Certification Regime (SMCR)
Under the Senior Managers and Certification Regime, individuals performing controlled functions must act with integrity in carrying out their accountable functions. The Money Laundering Reporting Officer (MLRO - SMF17) has specific responsibilities:
- Overall responsibility for AML/CTF compliance
- Oversight of SAR reporting to NCA
- Ensuring adequate policies and controls
- Reporting to senior management/board
- Key contact with FCA and law enforcement
UK Financial Crime Legislation
The UK has a comprehensive legislative framework to combat financial crime. Understanding this framework is essential for designing effective controls and ensuring your firm meets all legal obligations.
Primary Legislation
Creates principal money laundering offences and SAR framework. Section 330 creates duty to report - failure is criminal.
Criminalises terrorist financing and creates duties to report suspected terrorist property or financing.
Implements EU directives; sets out CDD, record-keeping, and internal control requirements.
Establishes FCA's regulatory powers and statutory objective to reduce financial crime.
Creates bribery offences and corporate offence of failing to prevent bribery.
Defines fraud offences including false representation, failing to disclose, and abuse of position.
Provides legal framework for UK's post-Brexit sanctions regime.
Key Regulatory Bodies
The following regulatory bodies are responsible for overseeing financial crime compliance in the UK.
Primary regulator with statutory objective to reduce financial crime
Regulates banks/insurers; interest in financial stability implications
Develops policy framework; designates individuals for sanctions
Administers and enforces UK financial sanctions regime
UK Financial Intelligence Unit receiving and analysing SARs
Industry-led guidance approved by FCA on best practice
2. Money Laundering
What is Money Laundering?
Money laundering is the process of concealing or disguising the existence, source, movement, destination, or use of illicitly-derived property or funds to make them appear legitimate. In 2009, the United Nations Office on Drugs and Crime (UNODC) estimated the total amount of money laundered globally was $1.6 trillion - and this figure has only grown since.
Sectors Targeted by Money Launderers
The Three Stages of Money Laundering
Money laundering typically occurs in three stages.
1. Placement
The disposal of initial proceeds derived from illegal activity into the financial system. This is where cash first enters the financial system, making it the most vulnerable stage for detection.
Common Methods
- Depositing cash in amounts below reporting thresholds (structuring/smurfing)
- Purchasing monetary instruments (money orders, traveler's checks)
- Purchasing high-value assets with cash
- Mingling illegal cash with legitimate business revenues
2. Layering
The money is moved through the financial system in complex transactions designed to obscure its criminal origin and create the appearance of legitimacy.
Common Methods
- Wire transfers through multiple jurisdictions
- Buying and selling investments, properties, or companies
- Creating complex corporate structures with shell companies
- Trade-based money laundering through over/under-invoicing
3. Integration
Having obscured the origin, criminals are free to use the funds as apparently 'clean' money or assets.
Common Methods
- Purchasing luxury assets or property
- Investing in legitimate businesses
- Making loans to themselves from offshore companies
- Creating false employment or consultancy arrangements
Money Laundering Red Flags
Your staff should be trained to identify potential money laundering red flags.
Money Laundering Red Flags
- Customer identity difficult to clarify or customer is evasive
- Transactions inconsistent with known legitimate activities
- Complex overseas structures without apparent business need
- Unusual deviations from normal account patterns
- Transactions structured to avoid reporting thresholds
- Consistently rounded-off large cash amounts (£9,900, £8,500)
- Transactions through intermediaries for no apparent reason
- Premature redemption with funds to unrelated third parties
- Large transfers to/from high-risk jurisdictions
- Unusual concern with compliance procedures
- Frequent changes to beneficiary information
- Customer appears nervous when asked routine questions
Best Practice Tip
Train your staff to think critically about whether a transaction or customer behavior "makes sense" from a commercial perspective. If something doesn't add up or seems unnecessarily complex, it warrants further investigation.
3. Terrorist Financing
Understanding Terrorist Financing
Terrorist financing provides funds for terrorist activity. Unlike money laundering, terrorist financing may involve funds raised from legitimate sources, such as personal donations and profits from businesses and charitable organizations, as well as from criminal sources such as drug trafficking, smuggling, fraud, kidnapping and extortion.
| Aspect | Money Laundering | Terrorist Financing |
|---|---|---|
| Source of funds | Always proceeds of crime | Can involve legitimate funds |
| Amount | Often large amounts | Often smaller amounts, harder to detect |
| Direction | Makes dirty money appear clean | Moves money to finance terrorism |
| Detection | Transaction monitoring effective | Harder - funds may have legitimate origins |
Sources of Terrorist Funding
Terrorist organizations obtain funding from various legitimate and illegitimate sources.
Donations from individuals and companies (often unknowingly)
Appeals in name of charitable or religious organizations
Proceeds from commercial enterprises
Gifts from family members
Drug trafficking, kidnapping, smuggling, fraud
Funding from certain jurisdictions
Common Methods of Terrorist Financing
Terrorist Financing Red Flags
Be alert to these indicators that may suggest terrorist financing activity.
Terrorist Financing Red Flags
- Transactions involving countries or regions known for terrorist activity
- Charitable donations inconsistent with customer's financial profile
- Frequent small transactions to multiple recipients in high-risk jurisdictions
- Customers whose stated business has no apparent economic purpose
- Wire transfers with incomplete or incorrect beneficiary information
- Customers reluctant to provide information about business activities
- Unexplained wealth or sudden changes in financial behavior
4. Sanctions Compliance
Understanding Financial Sanctions
Financial sanctions are restrictions put in place by governments and international bodies to achieve specific foreign policy and national security objectives. Sanctions can vary from comprehensive prohibitions on all financial dealings with a sanctioned country, to targeted measures freezing the assets of specific individuals, entities, or sectors.
Encourage change in target country or regime behavior
Pressure to comply with set objectives
When diplomatic efforts have failed
Prevent and suppress terrorist financing
UK Sanctions Regime Post-Brexit
Following Brexit, the UK operates an independent sanctions regime under the Sanctions and Anti-Money Laundering Act 2018.
OFSI Powers
The Office of Financial Sanctions Implementation (OFSI) is responsible for implementing and enforcing the UK's financial sanctions regime:
- Issue licenses for otherwise prohibited activities
- Monitor compliance with financial sanctions
- Investigate suspected sanctions breaches
- Impose civil monetary penalties up to £1 million or 50% of breach value
- Publish details of sanctions breaches and penalties
FCA Sanctions Supervision
Following Russia's invasion of Ukraine and the unprecedented speed and scale of UK sanctions imposed in 2022, the FCA has significantly intensified its sanctions supervision. Firms should expect:
Sanctions Screening Requirements
Screening your customers, transactions, and counterparties against sanctions lists is a mandatory requirement for all UK regulated entities.
1. Customer Screening
- Screen all customers and beneficial owners at onboarding
- Screen existing customers ongoing (ideally real-time, minimum weekly)
- Screen on trigger events (change of ownership, new product)
2. Transaction Screening
- Screen all payment transactions in real-time before processing
- Screen counterparties, intermediary banks, and ultimate beneficiaries
- Check for sanctioned countries, sectors, and commodities
3. Screening Technology
- Use automated screening capable of real-time multi-list screening
- Ensure tools are properly calibrated to catch matches without excessive false positives
- Regularly test and validate effectiveness
- Update immediately when new sanctions lists published
4. Sanctions List Sources
- UK Consolidated List (OFSI)
- UN Security Council Consolidated List
- EU Consolidated List (if EU customers/operations)
- US OFAC lists (if US nexus or USD transactions)
Critical Action Required
If you identify a sanctions breach, you must report it immediately to OFSI and consider your Principle 11 obligations to inform the FCA. The FCA expects firms to self-report sanctions breaches and may take enforcement action for weaknesses in sanctions controls even if OFSI is handling the breach itself.
5. Customer Due Diligence
CDD Requirements
Customer Due Diligence (CDD) is the process of identifying and verifying the identity of your customers and understanding the nature and purpose of their business relationship with your firm. Under Regulation 27 of the MLRs 2017, you must conduct CDD when:
Identification Requirements
Individual Customers
- Official full name
- Date of birth
- Permanent residential address
- Nationality
- Identity reference number
Corporate Customers
- Registered company name and number
- Registered office address
- Legal form and constitution
- Directors and authorized signatories
- Beneficial ownership structure
Source of Funds vs Source of Wealth
| Aspect | Source of Funds | Source of Wealth |
|---|---|---|
| Definition | Where funds for a specific transaction come from | How the customer accumulated their total net worth |
| Timeframe | Current/ongoing cash flow | Historical wealth accumulation |
| Example | "Salary from software engineer at XYZ Ltd" | "15-year career in tech, property investments" |
Beneficial Ownership
For corporate customers, trusts, and other legal entities, you must identify and verify the beneficial owners - the natural persons who ultimately own or control the entity. Under the MLRs, a beneficial owner is any individual who:
If you cannot identify any beneficial owner meeting these criteria, you must record the senior managing official(s) as the beneficial owner(s).
Politically Exposed Persons (PEPs)
A Politically Exposed Person (PEP) is an individual who is or has been entrusted with prominent public functions, including their immediate family members and known close associates.
Prominent public positions in the UK (MPs, senior civil servants, judges)
Prominent public positions in other countries
Senior positions in international organizations (UN, EU, NATO)
Enhanced Due Diligence for PEPs
Obtain approval to establish or continue the business relationship
Take adequate measures to establish both
More frequent reviews and closer scrutiny of transactions
Conduct negative news searches on the PEP and associates
Important Note on PEP Status
An individual remains classified as a PEP for at least 12 months after they cease to hold a prominent public function. The JMLSG guidance recommends firms consider whether enhanced measures should continue beyond 12 months based on a risk assessment of the individual.
Key Risk Factors Before KYC Sign-Off
| Risk Category | Examples of Higher Risk |
|---|---|
| Customer Type | PEPs, sanctioned persons, complex ownership structures, cash-intensive businesses |
| Product/Service | Anonymity products, money transfer services, correspondent banking |
| Geographic | Sanctioned countries, high-risk jurisdictions (FATF list), non-cooperative jurisdictions |
| Interface | Non-face-to-face onboarding, transactions through agents or brokers |
6. Transaction Monitoring
Components of Transaction Monitoring
Transaction monitoring is the process of reviewing customer transactions on an ongoing basis to identify unusual, suspicious, or potentially criminal activity. Effective transaction monitoring helps you detect money laundering, terrorist financing, and other financial crimes.
1. Real-Time Screening
Screening transactions as they occur against:
- Sanctions lists (mandatory for all payments)
- High-risk countries and jurisdictions
- Specific prohibited transaction types
- Transaction limits and velocity rules
2. Post-Transaction Monitoring
Reviewing completed transactions to identify:
- Patterns inconsistent with customer's profile
- Structuring or smurfing to avoid thresholds
- Rapid movement of funds in and out
- Transactions inconsistent with stated business purpose
3. Scenario-Based Monitoring
Using rules tailored to your business to detect specific patterns:
- High-value cash transactions
- Multiple round-amount transactions
- Transactions involving high-risk jurisdictions
- Dormant account activity
- Third-party payments inconsistent with profile
Alert Investigation and Disposition
When transaction monitoring generates an alert, you must follow a structured investigation process.
Investigate within 24-72 hours for high priority alerts
Review CDD, transaction history, and any other relevant information
Record what you reviewed, what you found, and your analysis
False positive (close with rationale), Explainable (document and close), or Suspicious (escalate to MLRO)
Transaction Monitoring Red Flags
Be vigilant for these patterns that may indicate suspicious activity.
Key Red Flags to Monitor
- Transaction patterns inconsistent with known business/financial profile
- Frequent transactions just below reporting thresholds (structuring)
- Rapid movement of funds in/out with no apparent business purpose
- Wire transfers with incomplete or suspicious beneficiary information
- Transactions involving high-risk jurisdictions not consistent with stated business
- Use of multiple accounts/individuals for single transaction
- Unusual cash deposits followed by wire transfers
- Transactions inconsistent with customer's industry/business type
- Reactivation of dormant accounts with sudden large transactions
7. Suspicious Activity Reporting (SARs)
Your Obligation to Report
Under the Proceeds of Crime Act 2002 (POCA), if you know or suspect, or have reasonable grounds for knowing or suspecting, that another person is engaged in money laundering, you must make a Suspicious Activity Report (SAR) to the National Crime Agency (NCA).
Criminal Offence Warning
Failure to report is a criminal offence under Section 330 of POCA, punishable by up to 5 years imprisonment. The test is subjective - based on what you know or suspect.
The MLRO's Role
Your Money Laundering Reporting Officer (MLRO) is the designated individual responsible for receiving internal reports of suspicious activity and deciding whether to submit a SAR to the NCA.
Staff member identifies suspicious activity and reports to MLRO
MLRO reviews report and conducts additional investigation if needed
MLRO decides whether suspicion warrants a SAR to NCA
If yes, MLRO submits SAR through online reporting system
MLRO maintains records of all reports and decisions
What to Include in a SAR
- Details of the subject (name, date of birth, address, etc.)
- Nature of the suspicious activity
- Why you are suspicious (specific red flags or indicators)
- Details of relevant transactions (dates, amounts, counterparties)
- Any other relevant information that would assist law enforcement
Consent SARs
If you want to proceed with a transaction that you suspect involves money laundering, you must submit a "Consent SAR" to the NCA and obtain consent before proceeding.
| Stage | Timeframe | Outcome |
|---|---|---|
| Initial notice period | 7 working days | NCA can refuse or consent (explicit or implicit) |
| Moratorium period | 31 calendar days | If refused, NCA investigates or obtains court order |
| Expiry | After moratorium | May proceed if no court order obtained |
Critical: Tipping Off
It is a criminal offence under POCA to disclose to the customer or any other person that you have submitted a SAR or that an investigation is underway if that disclosure is likely to prejudice an investigation. This is known as "tipping off" and is punishable by up to 2 years imprisonment.
8. Risk Assessment
Business-Wide Risk Assessment
Under Regulation 18 of the MLRs 2017, you must carry out a risk assessment of your business to identify and assess the risks of money laundering and terrorist financing to which your business is subject.
Steps to Conduct a Business Risk Assessment
What risks does your business face based on customer, product, geographic factors?
How likely is each risk to materialize, and what would the impact be?
What controls do you have in place to mitigate each risk?
After applying controls, what level of risk remains?
Where residual risk is too high, what additional controls are needed?
Document your assessment and obtain senior management/board approval
Review at least annually or when significant changes occur
Risk Factors to Consider
When assessing risk, consider these key categories that influence your firm's exposure.
Customer Risk
- Types of customers (retail, corporate, HNW)
- PEPs
- Complex ownership structures
- Cash-intensive businesses
- Non-face-to-face relationships
Product/Service Risk
- Products offered (payments, lending, investment)
- Complexity and anonymity features
- Speed of transactions
- Cross-border capability
Geographic Risk
- Countries you operate in or serve
- Countries involved in transactions
- FATF high-risk jurisdictions
- Sanctioned countries
Distribution Channel Risk
- How customers access services
- Use of agents or introducers
- Non-face-to-face onboarding
- Ease of customer verification
Customer Risk Rating
In addition to your business-wide risk assessment, you must assess the money laundering and terrorist financing risk presented by each customer relationship. The customer risk rating should inform:
Simplified, Standard, or Enhanced
Senior management approval for high-risk
More frequent reviews for higher-risk
Lower thresholds and more scenarios
9. Governance and Controls
Governance Structure
Effective financial crime governance requires active engagement from your board and senior management. The FCA expects:
Three Lines of Defence
The three lines of defence model provides a framework for managing risk across your organization.
First Line of Defence
Business and operational functions that own and manage risks day-to-day
Examples
- Customer-facing staff conducting CDD
- Operations teams processing transactions
- Business unit risk and compliance teams
Responsibility
Implement controls, identify risks, report issues
Second Line of Defence
Oversight functions that monitor and challenge the first line
Examples
- MLRO and financial crime compliance team
- Enterprise risk management function
- Compliance monitoring and testing
Responsibility
Develop policies, provide guidance, oversee first line
Third Line of Defence
Independent assurance over effectiveness of first and second lines
Examples
- Internal audit
- External audit (to extent they review FC controls)
Responsibility
Provide independent assurance, test controls, report to board
Staff Training
Under Regulation 24 of the MLRs, you must provide training to relevant staff on the law relating to money laundering and terrorist financing, how to recognize and deal with suspicious transactions, and data protection requirements.
Different training for different roles
At induction and refreshed annually
Real-world examples and scenarios
Assessments to confirm understanding
Updated for regulatory changes
Records of completion maintained
10. Common Failings and FCA Enforcement
FCA's Approach to Financial Crime Supervision
The FCA has consistently emphasized that financial crime is a key priority. The FCA's approach includes proactive thematic reviews, Dear CEO letters, use of supervisory data returns, increased skilled persons reports (Section 166), and enforcement action for serious failings.
Common Failings Identified by the FCA
The FCA has identified these recurring weaknesses in financial crime controls across regulated firms.
Generic assessments not specific to firm; not updated when business changes; not informing control design
Failure to identify beneficial owners; inadequate verification; not understanding business purpose; insufficient SoF/SoW for high-risk
No periodic reviews; poorly calibrated TM systems; excessive false positives; inadequate alert investigation
Over-reliance on manual screening; delays in list updates; inadequate transaction screening; failure to screen existing customers
Senior management not engaged; inadequate MI; under-resourcing; unclear responsibilities; weak 2nd/3rd line challenge
Generic training not tailored to roles; not kept current; no testing; poor completion rates
Implementation Checklist
Use this checklist to assess your firm's financial crime compliance.
Governance and Strategy
- Board-approved financial crime risk appetite
- Clear allocation of responsibilities (SMCR)
- Regular MI to board/senior management
- Adequate resources allocated
- Clear escalation procedures
Risk Assessment
- Business-wide risk assessment covering ML/TF risks
- Risk assessment reviewed annually
- Customer risk methodology documented
- Evidence risk assessments inform control design
Customer Due Diligence
- CDD conducted before/during onboarding
- Beneficial ownership identified and verified
- Source of funds/wealth for high-risk
- PEP screening with EDD applied
- Senior management approval for high-risk
Ongoing Monitoring
- Periodic reviews based on risk
- TM system appropriate to business
- Scenarios tuned to minimize false positives
- Alert investigation documented
- Trigger events identified and acted upon
Sanctions Compliance
- Automated sanctions screening
- Lists updated immediately on new sanctions
- Existing customers screened ongoing
- Governance of screening technology
- Procedures for freezing and OFSI reporting
SAR Process
- Clear procedures for staff to report to MLRO
- MLRO decision-making documented
- SARs submitted with quality and timeliness
- Records of all reports and decisions
- Tipping off risks managed
Need Expert Support?
MEMA's financial crime specialists can help you implement robust, proportionate controls tailored to your firm's risk profile. From gap assessments to full implementation support, we provide practical, cost-effective solutions.
Explore Financial Crime Services