Barclays has, today, been hit with a hefty £42 million fine by the Financial Conduct Authority (FCA) following two separate and serious lapses in its financial crime controls. It’s the kind of headline that sends a chill through every compliance team in a UK-regulated business, not just because of the size of the penalty, but because the failures behind it were so avoidable. 

Today’s press release from the FCA has to serve as a wake-up call for every Anti-Money Laundering (AML) compliance team working in regulated businesses. The fine is significant, but the real eye-opener is how easily the failings behind it could have been avoided. 

This wasn’t a case of a minor technical error or a filing slip-up. Instead, it boiled down to simply failing to ask the right questions in the first place and ignoring obvious warning signs when they appeared.

In the first case, Barclays opened a client money account for WealthTek without checking if the firm was authorised to hold client funds – it wasn’t. That allowed £34 million to be deposited before the FCA stepped in. In the second, the bank kept servicing a client even after police raids and clear links to a major money laundering operation. 

For AML professionals, these failures highlight how critical it is to get the basics of Know Your Customer (KYC) and Know Your Business (KYB) right, ask the right questions at the start of a relationship and keep up proper ongoing monitoring. Barclays didn’t just drop the ball once, it tripped over its own controls twice, allowing potentially illicit money to move through its systems unchecked.

The two cases that cost Barclays £42 million

The FCA’s enforcement notice lays out two separate failings that together led to the eye-watering penalty. Though distinct, both paint a picture of gaps in basic due diligence and ongoing monitoring.

In the first case, Barclays Bank UK PLC opened a client money account for WealthTek without carrying out the simplest checks to understand the money laundering risk. One check that could have stopped this was looking up WealthTek on the Financial Services Register. That would have shown WealthTek was not authorised to hold client money – a critical detail that Barclays missed.

The failure to confirm WealthTek’s authorisation status meant Barclays allowed £34 million to be deposited in this account. This opened the door to potential misappropriation or laundering of client funds. When the FCA stepped in, Barclays agreed to make a voluntary payment of £6.3 million to WealthTek’s clients who suffered losses they could not reclaim. Meanwhile, WealthTek’s principal partner now faces criminal charges including money laundering and fraud.

The second incident is equally troubling and highlights a broader failure in Barclays’ Know Your Business (KYB) processes. Barclays Bank PLC kept providing banking services to Stunt & Co despite clear and escalating red flags. Stunt & Co was linked to Fowler Oldfield, a well-known money laundering operation that moved nearly £47 million through its accounts in just over a year.

What’s particularly damning is that Barclays didn’t collect enough information about Stunt & Co at the start of their relationship, nor did it conduct proper ongoing monitoring. Even after police raids on both Stunt & Co and Fowler Oldfield, and after law enforcement raised concerns about suspected money laundering, Barclays didn’t act with the urgency the situation demanded.

It was only when the FCA announced NatWest’s prosecution for its dealings with Fowler Oldfield that Barclays reviewed its own exposure – long after substantial financial crime activity had taken place.

By continuing to provide services to Stunt & Co in this context, Barclays effectively facilitated the movement of funds tied to financial crime.

“The consequences of poor financial crime controls are very real – they allow criminals to launder the proceeds of their crimes, and they allow fraudsters to defraud consumers. Banks need to take responsibility and act promptly, particularly when obvious risks are brought to their attention.“

– Therese Chambers, Joint Executive Director of Enforcement and Market Oversight at the FCA

Why this matters for financial crime teams

These fines highlight how critical good KYB practices are in spotting financial crime risks before they spiral out of control. For compliance teams, it’s a sharp reminder that onboarding isn’t a one-off task.

KYB means digging deep from the start, getting a clear picture of who you’re doing business with, understanding their business model, ownership structure, and the risks they might bring.

In Barclays’ case with Stunt & Co, the bank’s failure to gather enough information upfront and maintain proper ongoing monitoring shows what happens when KYB processes fall short. It’s not enough just to collect documents once and file them away. Regular, risk-based reviews and checks need to be embedded into daily operations, especially when the stakes are this high.

Similarly, the WealthTek failure reveals a basic KYB gap: Barclays didn’t confirm whether WealthTek was authorised to hold client money, a simple but vital check that could have flagged immediate concerns. This kind of oversight undermines the integrity of the whole financial crime control framework.

For AML professionals, this is a call to revisit your KYB frameworks and make sure they don’t just meet the requirements of the law but are actually effective in practice. 

Do you know your clients well enough? Are you continuously updating your understanding of them as circumstances change? How quickly does your process flag and escalate red flags?

In practice, solid KYB helps you spot potential money laundering risks early and keep them from escalating through clear policies, strong data sources, and ongoing monitoring with business clients to make sure suspicious behaviour doesn’t slip through the cracks.

Practical KYB improvements for AML teams

For compliance teams, strengthening KYB means building it into everyday processes rather than treating it as a one-off exercise. Here are a few practical steps that can make a difference:

Start with reliable data sources: Don’t just rely on client-provided info; cross-check with registers, public databases, and intelligence from regulators, authorities, and law enforcement. If something doesn’t add up, dig deeper. For example, regularly consulting the Financial Services Register or company registries can quickly reveal whether a business is authorised or if there are hidden ownership red flags.

Embed ongoing monitoring: Businesses evolve: ownership changes, industries shift, and risk profiles can worsen. Set up trigger points for reviews: police reports, sanctions updates, media alerts, or internal red flags should all prompt a KYB refresh.

Collaborate across teams:  KYB isn’t just a compliance or onboarding issue. Frontline commercial and support staff, relationship managers, and risk officers need to be looped in and trained on key indicators of financial crime risk.

Automate where you can: Technology can scan vast datasets and highlight anomalies faster than manual reviews ever could. Automated KYB solutions that integrate real-time sanctions screening, adverse media checks, and ownership verification are becoming indispensable tools for AML teams.