Bribery, fraud and anti-money laundering | UK Regulatory Outlook November 2025

Government issues consultation on proposed reforms to AML/CTF supervision regime 

As previously reported, the government has now published its response to the 2023 consultation on improving the anti-money laundering and counter-terrorist financing (AML/CTF) supervision regime (read more in this Insight). The government set out its decision to consolidate responsibility for AML/CTF supervision of legal, accountancy, and trust and company service providers with the Financial Conduct Authority (FCA). 

The government has launched a consultation on proposed reforms to the supervisory system in order to give the FCA the duties, powers and accountability mechanisms necessary for it to be an effective supervisor. The key proposals are: 

• Powers for the FCA to register all in-scope firms, conduct gatekeeping checks and oversee registration. This includes the application of regulation 58 "fit and proper" tests to legal, accountancy and trust and company sectors, to reflect their high-risk status.
• The FCA will be given powers to identify unregistered activity within scope of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs), and bring such businesses under supervision by listing firms supervised by the FCA in a public register.
• The FCA will apply a risk-based approach to supervision, and be able to require relevant information from firms, conduct inspections and exchange information where appropriate with domestic and international authorities.
• The FCA will have the power to impose civil penalties, suspensions, prohibitions and public censures and to initiate criminal proceedings in relation to breaches of the MLRs. It will also need to be able to issue routine, low value fines for non-compliance such as firms that do not register for AML supervision. For this, the government is considering amending the provisions in the MLRs that set out the procedures the FCA follows when taking enforcement action to ensure the FCA can issue them without excessive administrative and cost burdens. 

• The FCA's use of its powers will be appealable to the courts, as is consistent with the current regime for the FCA. All decisions in relation to their AML/CTF supervision of professional services firms will be appealable to the tribunal regime, in keeping with other FCA decisions.   

  The consultation closes on 24 December 2025.  

FCA multi-firm review of risk assessment processes and controls  

The FCA published its findings following a multi-firm review conducted in 2025, focusing on business-wide risk (BWRA) and customer risk assessment (CRA) processes as part of its wider financial crime supervisory work (see more in our Insight).  

The multi-firm review involved building societies, platforms, custody and fund services, payments (e-money) and wealth management firms. The FCA gives examples of good and poor practice in a range of areas, including: 

• Identifying, understanding and assessing risk: While most firms reviewed have a BWRA, most failed to identify relevant risks and tailor assessments to their specific businesses, with some firms focusing mainly on fraud or generic risks, ignoring specific money laundering, sanctions and anti-bribery risks. The FCA encourages firms to conduct comprehensive risk assessments that are both quantitative and qualitative, which consider internal and external factors with appropriate weightings and to assess inherent risks and ensure the firm documents how it is managing these risks.
• Mitigating risk: The FCA found that while financial crime risk was often considered in business strategy, growth and product development, there was little evidence of firms documenting actions resulting from their risk assessments. An example of good practice is where firms formally track BWRA actions and note recommendations on how the firm plans to mitigate or reduce the overall risk.  
• Managing risk: Many firms recognised the importance of governance and oversight; however, senior management appear to better understand fraud risk compared with other financial crime risks. Examples of good practice include recording risk assessment discussions, changes and approvals, as well as implementing regular reviews (quarterly or triggered) of risk assessments to ensure they are responsive to emerging risks and changes in regulatory requirements.  

The FCA expects that firms should be complying with existing requirements in relation to understanding the risks to which they are exposed, with financial crime systems and controls already in place to manage and mitigate risks. The FCA is working with firms where weaknesses were identified and will continue monitoring through supervisory work to drive improvements across the industry.