Understanding AML Regulations

The goal of AML regulations is to prevent money laundering and terrorism financing within the financial systems in the UK. The UK is a member of FATF – the Financial Action Task Force – which is an international organization that oversees AML and CTF regulations and requirements.

As a result, financial institutions and other regulated businesses must implement Know Your Customer procedures so that they can understand the risk associated with onboarding a new consumer.

The KYC process generally includes validating someone's identity using information like their name, address, and date of birth. It also requires organizations to conduct PEP and sanctions list screenings – which identify politically exposed persons or people who cannot do business in the UK due to terrorist or trafficking activities.

Failure to comply with these regulations could result in substantial fines and other sanctions.

AML Regulations in the UK


The UK has a robust framework to prevent money laundering and terrorist financing and meets all of the FATF’s global standards and obligations.

The Financial Conduct Authority, the FCA, is the primary financial services regulator in the UK. They oversee banks, credit unions, and any other business that engages in financial activities, and all of these organizations much register with them.

The FCA has the power to investigate potential money laundering and terrorism financing and can enforce regulations in conjunction with other law enforcement agencies. They share this responsibility with the HMRC – Her Majesty's Revenue and Customs – which is the agency that issues AML guidance and compliance requirements for KYC procedures.

Other agencies in the UK that can enforce AML regulations include the National Crime Agency (NCA) and the Serious Fraud Office (SFO). They can issue warrants and arrest individuals that violate any AML laws.


The Proceeds of Crime Act of 2002 is the principal AML regulation in the UK. This act defines money laundering and requires businesses to implement effective controls and procedures to detect and prevent money laundering. This includes customer due diligence, transaction monitoring, and reporting of suspicious activities.

The Terrorism Act specifically governs counter-terrorism financing and also imposes specific due diligence and reporting requirements.

The Money Laundering, Terrorist Financing and Transfer of Funds Regulations implemented in 2017 tightened controls in the private sector and introduced requirements for written AML and CTF risk assessments.

AML Requirements

There are several requirements for an AML policy to be considered effective in the UK.

First, an AML program must be put into place that outlines KYC procedures and customer due diligence measures. These must include PEP and sanctions list screenings. They must apply a risk-based approach and perform these assessments when onboarding new customers.

Businesses must also report suspicious activity to the National Crime Agency when detected, and there must be a Money Laundering Reporting Officer appointed to oversee this compliance program.

Regulated firms must also ensure that their AML employees have proper training and resources available to implement procedures and remain up to date with regulatory changes.

Consequences of Non-Compliance

Failure to comply with UK AML regulations can result in up to 14 years of imprisonment and a wide range of financial penalties, depending on the severity of the crime.

The FCA can also impose sanctions to restrict business operations and recover assets that were involved in money laundering through court proceedings.

Changes After Brexit

The Brexit Withdrawal Agreement, all AML regulations imposed by the EU will continue to apply in the UK until December 31, 2020.

The UK issued the Sanctions and Anti-Money Laundering Act to help with transitioning away from EU regulations. This gives the government power to lift or impose sanctions and set a lower requirement for doing so. This has led to the belief that the UK intends to implement stricter requirements than what the EU has put in place.

The EU’s Fifth Anti-Money Laundering Directive

So far, the UK has agreed to continue to apply the EU’s Fifth Anti-Money Laundering Directive – 5AMLD – during the transition period. This directive came into force in January 2020 and relates to transparency into beneficial ownership, communication between AML supervisors and the European Central Bank, PEPs and high-risk third countries, and providing financial intelligence units with access to information.

After Brexit, this will have to change slightly, as the states that remain part of the EU will have to begin treating the UK as a third country. Once this happens, they will no longer have simplified verification and will require the UK to provide enhanced due diligence checks.

This could potentially slow down existing processes and may harm trade. It will take time to implement these new procedures, and the UK must decide if it will continue to implement the directive on its own. If the UK chooses to reduce regulations it may give them a competitive advantage over the EU to attract business. but will also increase exposure to potential criminal activities.

The largest impact will be whether the UK is treated as an equivalent jurisdiction in terms of due diligence obligations. For instance, right now the UK is a member of Europol, which allows for the sharing of information across member states when conducting investigations.

If the EU treats the UK as a third-country member, they would no longer have access to the data and could not continue to run operations from Europol. They may be able to negotiate a special agreement like the United States did to gain access to the data, but it is still unclear if this will occur.

The EU’s Sixth Anti-Money Laundering Directive

The Sixth Anti-Money Laundering Directive aims to standardize the definition of money laundering across member states and includes 22 predicate offenses like tax crimes and cyber-crimes.

Whether this directive will still apply to the UK is less of a concern, since the laws in place already comply with most of it. Historically the UK has been strict with AML laws, and most organizations expect this rigorous approach to continue.