This comprehensive guide provides an overview of key anti-money laundering (AML) regulations and how firms can achieve compliance to avoid fines and penalties.
In the UK, certain businesses are subject to stringent anti-money laundering (AML) regulations. These include firms such as banks and building societies, gambling, real estate, and the high value and luxury item trade, among others. With the risk of crippling fines and revocation of trading abilities for non-compliance, getting AML compliance right in these firms is business-critical.
Money laundering is the illegal process of making large amounts of money generated by criminal activity, such as terrorist funding or drug trafficking, appear to have come from a legitimate source.
This ill-gotten money is deemed as ‘dirty’ and is then ‘laundered’ to appear ‘clean’ and usable within the financial system. In laundering dirty money, the source, destination, and identity of funds generated by criminal activities is concealed.
Early anti-money laundering legislation was enacted during the Prohibition era in 1930s America, but the September 11th terrorist attacks (and subsequent Patriot Acts and similar worldwide legislation) led to a heightened emphasis on comprehensive money laundering laws in order to combat terrorism and criminal activity financing.
In current times, compliance with anti-money laundering regulations is a much greater challenge for financial institutions, and enforcement has stepped up significantly as well.
In 2018, it was estimated that British financial institutions were spending £5 billion every year fighting financial crime and preventing money being laundered through their network of bank accounts.
Anti-Money Laundering (AML) regulations are a comprehensive set of laws, regulations, and procedures aimed at preventing criminals from disguising illegally obtained funds as legitimate income. These regulations are designed to detect and prevent money laundering activities by mandating the monitoring and reporting of suspicious activity, ensuring that financial institutions have the necessary controls in place. The primary goal of AML regulations is to safeguard the integrity of financial systems and prevent them from being exploited for illicit activities.Â
AML regulations aim to prevent and detect money laundering by identifying and mitigating the risk of financial systems being used to launder money derived from criminal activities. This involves financial institutions implementing robust systems to detect and report suspicious activities, thereby reducing the likelihood of money laundering.Â
AML regulations also promote transparency in financial transactions and corporate structures to prevent the concealment of illicit funds. This is achieved through requirements for financial institutions to know their customers (KYC) and understand the nature of their business (KYB), ensuring a clear picture of financial activities.Â
Protecting the integrity of financial systems is also a key objective of AML regulations. By preventing the influx of illicit funds, these regulations help to maintain the stability of economies and financial institutions. This, in turn, helps to ensure public confidence in the financial system by demonstrating a commitment to preventing and addressing financial crimes.
AML regulations in the UK apply to a wide range of businesses and professions that are deemed at risk of being used for money laundering or terrorist financing activities. In many cases, financial services organisations are supervised for money laundering purposes by the Financial Conduct Authority (FCA), but other authorities supervise specific sectors such as the Gambling Commission, Association of Chartered Certified Accountants and the Law Society. In instances where businesses are not supervised by a professional body or the FCA, HMRC is often the supervisory authority.Â
Essentially, any business that deals with large sums of money or high-value assets is likely to be affected by AML regulations in the UK. Businesses affected by AML regulations in the UK include:
Financial institutions
Accountants
Â
Banks
Â
Estate agents
Â
Solicitors
Â
Gambling businesses
High value dealers
Â
Art market participants
Company service providers
Money service businesses
In the UK, AML regulations are based on a number of domestic and international laws. The UK’s anti-money laundering and counter terrorist financing network consists of primary and secondary legislation and industry guidance, designed to support His Majesty’s Treasury, in accordance with Financial Action Task Force’s (FATF) international standards and EU Directives.
The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR 2017) and its amendments is the primary piece of UK legislation designed to combat money laundering and terrorist financing. The regulations apply to various businesses, including banks, financial institutions, and professional services providers, such as lawyers and accountants.
The key requirements of the regulations include:Â
Customer Due Diligence (CDD): Businesses must carry out CDD checks on their customers to identify and verify their identity, as well as assess the risk of money laundering and terrorist financing.Â
Risk-based approach: Businesses must conduct a risk assessment to identify and assess the risk of money laundering and terrorist financing that they may be exposed to. Taking a risk-based approach ensures that any risks are assessed in line with their severity and resources are allocated to mitigate these appropriately.
Record-keeping: Businesses must keep records of all CDD checks and transactions. You need to keep a record of all customer due diligence measures carried out, including: customer identification documents obtained, risk assessments, policies, controls and procedures, and training records.
Reporting suspicious activity: Businesses must report any suspicious activity to the relevant authorities, such as the National Crime Agency, and must not tip off the customer.
Training and awareness: Businesses must raise awareness and provide training to their staff on the risks of money laundering and terrorist financing.
Sanctions compliance: Businesses must comply with all financial sanctions imposed by the UK government and the European Union.Â
The regulations aim to improve the effectiveness of the UK’s anti-money laundering and counter-terrorist financing framework by enhancing transparency, strengthening the risk-based approach, and increasing cooperation between businesses, law enforcement, and regulatory authorities.
The Financial Services and Markets Act 2000 (FSMA) regulates financial services and markets in the United Kingdom.
It established the Financial Services Authority (FSA) as the regulator for financial services and markets. The FSA was later replaced with the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA).
The FSMA aims to protect consumers, maintain market confidence, and promote competition in the financial services industry. It also provides a framework for regulating financial services and markets in the UK, including setting standards for conduct and ensuring that firms are adequately funded and managed.
The act covers a wide range of financial products and services, including investments, banking, insurance, and mortgages. It also includes provisions for the regulation of market abuse, insider trading, and other types of financial misconduct.
The Proceeds of Crime Act 2002 (POCA) is a UK law that provides a framework for recovering the proceeds of criminal activity. It aims to prevent criminals from benefiting from their crimes by allowing law enforcement agencies to seize and confiscate assets that have been obtained through illegal methods.
Under POCA, law enforcement can obtain court orders to freeze, seize, and forfeit assets that are suspected of being obtained through criminal activity. This includes money, property, and other assets that have been acquired either directly or indirectly through criminal proceeds.
The act also includes provisions for investigating and prosecuting money laundering. It sets out the requirements for businesses and individuals to report suspicious transactions to the authorities and establishes criminal penalties for those who fail to comply.
The POCA is an important tool in the fight against financial crime, as it helps to disrupt the financial networks of criminal organisations and reduce the incentives for committing crimes.
The UK has been a member of the Financial Action Task Force (FATF) since 1990, an independent inter-governmental body that develops and promotes policies to protect the global financial system.
As FATF members, the UK commits to developing and strengthening its AML and CTF framework in order to maintain membership; this is achieved through regulations that outlaw money laundering as well as other forms of corruption, and also require financial institutions to take action to combat these crimes.
A risk-based approach to AML and counter-terrorist financing means that countries, competent authorities and financial institutions, are expected to identify, assess and understand the money laundering and terrorism financing risks to which they are exposed and take AML and counter-terrorist financing measures commensurate to those risks in order to mitigate them effectively.​
Financial Action Task Force
If the MLR 2017 applies to your business, you must take a risk-based approach and develop measures to identify and assess any threat of money laundering and terrorist financing.
Typically, a risk-based approach to AML and CTF involves:
All customers or entities entering into a relationship with a regulated organisation must undergo checks in accordance with anti-money laundering regulations. As a minimum regulatory requirement, FATF recommends that financial institutions undertake customer due diligence measures when:
It’s new business
When establishing new business relations with a customer.​​
More than €15,000
When occasional transactions amount to more than €15,000
You have suspicions
There is a suspicion of money laundering or terrorism financing.​​
There are doubts
The accuracy or adequacy of customer information is in doubt.
The UK has been a member of the Financial Action Task Force (FATF) since 1990, an independent inter-governmental body that develops and promotes policies to protect the global financial system.
As FATF members, the UK commits to developing and strengthening its AML and CTF framework in order to maintain membership; this is achieved through regulations that outlaw money laundering as well as other forms of corruption, and also require financial institutions to take action to combat these crimes.
Effective anti-money laundering (AML) and combatting the financing of terrorism regimes are essential to protect the integrity of markets and of the global financial framework as they help mitigate the factors that facilitate financial abuse.
Min Zhu, Deputy Managing Director of the International Monetary Fund​
Know Your Customer (KYC) checks.
Regulated businesses must comply with Know Your Customer (KYC) obligations in order to ensure the legitimacy of customers. Organisations must verify customers before opening an account or processing a transaction.Â
Â
KYC checks typically require customers to provide proof of identity, address, and sometimes other information related to the situation or transaction in question.Â
People may also be screened for sanctions, political exposure, CCJs and credit checks, depending on their relationships and risk factors.
Ongoing monitoring.
It is also crucial for businesses to monitor their clients throughout their entire relationship with them. While initial KYC checks satisfy AML regulatory requirements at the point of an individual becoming a customer, things can change drastically in a short space of time
A client identified as low-risk at the time of initial onboarding may be elected into a public or governmental position a year later, at which point they would become a Politically Exposed Person (PEP). As such, they would be exposed to far higher risk of financial crime and must be treated with adequate caution.
Sanctions screening.
Similarly, regulatory bodies such as the FATF, the US Department of the Treasury, His Majesty’s Treasury and the EU all have detailed requirements for financial institutions to verify customers against lists of sanctioned individuals, companies and countries.Â
Understanding any risk profile changes to both companies and individuals is critical to AML compliance. Firms must keep tabs on political exposure, sanctions or adverse media and ensure they remain compliant with anti-money laundering regulations
Firms must keep tabs on political exposure, sanctions or adverse media and ensure they remain compliant with anti-money laundering regulations.
And this is just those cases that are being registered! It is hard to identify precisely how many instances of money laundering are flying under the radar without detection – and prosecution.Â
With the number of money laundering cases rocketing, we take a look at some of the most significant cases from recent years and examine some record-breaking fines for AML and CTF failings.
Under Part 7 of the Proceeds of Crime Act, individuals working within regulated organisations are required to submit a Suspicious Activity Report (SAR) to the National Crime Agency if they know, suspect or have reasonable grounds to believe that a person is engaged in, or is attempting to engage in, money laundering or terrorist financing.
The National Crime Agency’s Financial Intelligence Unit receives more that 460,000 SARs a year with each report being analysed for strategic and tactical intelligence before the most sensitive are identified and sent to law enforcement or other organisations for investigation
SARs are often used for multiple purposes by different organisations. The information in a SAR may provide HM Revenue & Customs with taxation information, local police with information about fraud and theft, and a government department with information about a financial product flaw or issue. Reports can be made online through the SAR online system or by using forms for manual reporting.
Suspicious Activity Reports (SARs) are made by financial institutions and other professionals such as solicitors, accountants and estate agents and are a vital source of intelligence not only on economic crime but on a wide range of criminal activity. They provide information and intelligence from the private sector that would otherwise not be visible to law enforcement.
National Crime Agency
Failure to comply with AML regulations can have serious consequences – both civil and criminal. Such penalties range from unlimited fines and reputational damage to sanctions, licence revocation and even jail time.
What’s more, HMRC has a duty to publish details of every business which has not complied with MLR 2017 publicly. This list is available in the public domain and details a business’ name and address, the regulations that have been breached, the amount fined, and whether the firm in question is appealing the penalty.
The number of examples of companies failing to adhere to anti-money laundering regulations is significant. Almost a million (901,255) SARs were registered with the NCA in the period from April 2021 to April 2022, published in their annual report, an increase of 21% on the same period in the previous year.
And this is just those cases that are being registered! It is hard to identify precisely how many instances of money laundering are flying under the radar without detection – and prosecution.
With the number of money laundering cases rocketing, we take a look at some of the most significant cases from recent years and examine some record-breaking fines for AML and CTF failings.
HSBC
In 2012, HSBC was fined a staggering $1.9bn (the largest penalty in such a case) for having insufficient AML measures in place which enabled around $8 billion to be laundered over a seven year period.Â
It also found that HSBC provided services to terrorist organisations and allowed transactions involving blacklisted countries like Iran and North Korea.
Santander
More recently, Santander was fined by the FCA for ‘serious and persistent gaps’ in their anti-money laundering controls, and a lack of due diligence between December 2012 and October 2017.Â
It was estimated that over £298m was successfully processed through business accounts despite red flags being raised. The firm was fined £107.7m.
888.com
888 were fined a record-breaking £9.4m for AML failings and social responsibility.Â
Customers were allowed to gamble large amounts of money without sufficient due diligence and Source of Funds checks, the company failed to identify players at risk of harm and failed to implement guidance on customer interaction from the Gambling Commission.Â
Please note: While we here at NorthRow work with compliance professionals every day, we are not lawyers. This post is a high-level overview of anti-money laundering regulations and compliance. This post should not replace sound legal advice available from professional solicitors or lawyers.
Book your free demo of our ID&V, KYC, KYB, and AML compliance solution and discover how we’ve turned compliance into a competitive advantage for companies like Knight Frank, CloudPay, and Yorkshire Building Society.
Tell us a bit about yourself.
“
The system efficiently and effectively completes our KYC and KYB verification requirements during onboarding.
Robin Kear
Senior Account Executive
