UK Regulator Warns Fintechs to Improve AML, Sanctions Controls

By Koos Couvée

U.K. payment services providers and electronic money institutions are “under-reporting” transactions indicative of money laundering as well as potential sanctions breaches because of weak compliance controls, the U.K. Financial Conduct Authority warned Tuesday.

Andrew Wigston, head of financial crime at the FCA, told an industry webinar that the fintech sector needs to tackle several “recurring thematic issues” in their customer risk assessments, suspicious-transaction-reporting processes and other aspects of their compliance programs.

“We have seen an increasing number of supervisory issues involving payment firms over the last few years [and] we’ve noticed that these firms are more frequently becoming subject of financial crime intelligence reporting,” Wigston said, adding that some institutions “are still pretty new to financial regulation.”

Tuesday’s webinar provided a more detailed outline of common anti-money laundering failings the FCA highlighted in a March letter to payment institutions and e-money firms, in which it also warned that the sector was failing to protect customers from fraudsters.

Wigston said that senior managers at fintechs frequently lack understanding of U.K. money laundering regulations and compliance standards, while arrangements whereby firms allow other platforms to leverage their payment or e-money license to offer financial services to their own clients are often not subject to adequate oversight.

“They [these failings] have further adverse consequences for firms that operate an agent network,” Wigston said. “We’ve seen business models involving high-risk sectors—gambling, adult services, and crypto—but with limited monitoring and oversight of agents by principals.”

Payment institutions frequently fail to conduct proper risk assessments of individual customers at the onboarding stage, and, despite the sector’s propensity for serving gambling platforms, cryptocurrency exchanges and other high-risk firms often fail to subject such clients to enhanced compliance checks, Wigston said.

“We’ve also seen a failure to challenge customers [on] information relating to their source of funds and source of wealth, and a failure to ensure that [customer due diligence information] is relevant and up to date,” Wigston said.

These failures, combined with the outsourcing of transaction-monitoring systems to third parties located abroad “without sufficient oversight” and “poor” calibration of automated transaction-monitoring controls and a failure to investigate alerts, were exposing many institutions to abuse by financial criminals, according to the regulator.

Wigston also disclosed that the FCA has deployed a relatively new data-analytics tool to assess the sanctions-screening controls of U.K. fintechs, and concluded that far too many firms are overly reliant on third-party data providers, operate global sanctions compliance programs that do not align with U.K. financial embargoes and lack staff with the necessary expertise.

“We’ve seen significant screening backlogs that took place after the imposition of sanctions [against Russia] in the spring of 2022,” Wigston noted. “That was often coupled with backlogs in ongoing due diligence reviews, and some firms continue to have this backlog well into the later part of the year.”

Tuesday’s webinar included detailed guidance from two officials at the U.K. financial intelligence unit on how firms should submit suspicious activity reports, or SARs.

Electronic payment institutions filed almost 92,000 SARs—roughly 10 percent of the total—to UKFIU in the financial year ending in March 2022, compared to 640,000 reports filed by banks.

The warning from the regulator comes as Britain’s National Crime Agency, or NCA, warned in its latest National Strategic Assessment of organized crime threats that e-money firms and other fintechs play a growing role in transnational money laundering networks, and, in some cases, are completely under the control of criminals.

“New methods have emerged, primarily through cryptocurrency and electronic money institutions, which sometimes have weaker controls and occasionally are purely criminal,” Graeme Biggar, the NCA’s director general, said in a speech in London Tuesday marking the publication of the report. “They are used to transfer criminal proceeds globally by organized crime groups likely attracted by simpler and quicker procedures for opening accounts.”

U.K. officials are also concerned that money launderers who provide U.K. drug traffickers with an avenue for exchanging large volumes of illicit cash for cryptocurrency are growing in reach and capability.

“Over the last year we have also seen the emergence of global money laundering networks based out of Moscow and Dubai that link the street cash from drug sales in the U.K. with the cryptocurrency made by ransomware groups in Russia, the sanctions oligarchs want to evade, and the payments to drug cartels in South America,” Biggar said.

Contact Koos Couvée at

Topics : Anti-money laundering , Cryptocurrencies
Source: United Kingdom , United Kingdom: Financial Conduct Authority , United Kingdom: National Crime Agency
Document Date: July 18, 2023