Anti-money laundering and counter-terrorist financing: Supervision Report: 2023-24 (Accessible)

Question 1

Foreword

Accepted Answer

A strong, transparent, and well-regulated financial system is fundamental to the UK’s economic growth and global competitiveness. By maintaining robust defences against illicit finance, we not only safeguard our national security but also create an environment that attracts investment and supports growth. The government’s commitment to tackling the threat of money laundering, terrorist financing, and corruption is an important part of this mission.

A growing threat requires an ambitious response. That is why this Government has committed not only to continue to deliver the Economic Crime Plan 2023-26, but also to develop an ambitious government-wide anti-corruption strategy.

Against this backdrop, HM Treasury’s annual supervision report for the financial year 2023-24 provides an important insight into the activities of the UK’s 25 anti-money laundering/counter terrorist financing (AML/CTF) supervisors. Supervision plays a crucial role in the UK AML/CTF regime, ensuring that over 90,000 businesses maintain strong and proportionate controls, and supporting them to remain responsive to the latest risks in their sector.

This year the Treasury has significantly expanded the information which this report provides. It includes new metrics on the guidance and training supervisors provide for firms and data on how supervisors are targeting activity according to risk. This reflects our commitment to strengthening oversight, supporting businesses in their compliance efforts, and recognising the value of effective supervision.

The information in this report will be important in helping to inform long-term decisions on structural reform to the UK supervisory system, as well as improvements to the Money Laundering Regulations. By prioritising the effectiveness of our AML/CTF regime, we are not just tackling economic crime; we are building a stronger, more prosperous UK.

Emma Reynolds MP, Economic Secretary to the Treasury

Question 2

1.  Introduction

Accepted Answer

The UK has a comprehensive anti-money laundering and counter-terrorist financing (AML/CTF) supervision regime, responsible for ensuring that a range of firms engaging in high-risk activities take effective action to identify and prevent money laundering and terrorist financing.

AML/CTF supervisors play a critical role in protecting the UK against the threat of economic crime. This includes important actions such as registering regulated firms, updating them on the latest risks in their sector, overseeing firms’ application of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (‘the MLRs’), supporting and monitoring firms’ compliance and effectiveness, and taking enforcement action where necessary.

HM Treasury works closely with the supervisors - the Financial Conduct Authority (FCA), His Majesty’s Revenue and Customs (HMRC), the Gambling Commission (GC) and the 22 legal and accountancy Professional Body Supervisors (PBSs) - as well as with the Office for Professional Body Anti-Money Laundering Supervision (OPBAS).

This is HM Treasury’s 12th report on AML/CTF supervision. This report provides information on the activities of AML/CTF supervisors in the 2023-24 financial year and fulfils HM Treasury’s obligation, under Section 51 of the Money Laundering Regulations (MLRs), to publish an annual report on supervision activity using information requested from supervisors.

Each chapter of the report considers a different area of supervisory activity:

Chapter 2 covers the responsibility of supervisors to register businesses for supervision under the MLRs, and to assess money laundering and terrorist financing risks within their populations.
Chapter 3 details each supervisor’s risk-based approach to monitoring compliance with the MLRs by their population using various methods such as desk-based reviews, onsite visits, and other supervisory interventions.
Chapter 4 outlines supervisors’ use of enforcement action to promote compliance with the AML/CTF standards among their supervised population.
Chapter 5 explores supervisors’ educational role in supporting firms to take a risk-based approach by sharing relevant guidance and risk assessments, and covers collaboration with other supervisors, law enforcement, and the private sector.

Economic Crime Plan 2023-26 and the UK’s AML/CTF regulatory and supervisory regime

The government takes a robust and holistic approach to tackling all forms of economic crime, with sustained action to improve the response spanning law enforcement, industry and a range of key public bodies such as HMRC, the FCA and Companies House. An effective AML/CTF regulatory and supervisory regime is a critical component of this whole-system approach.

The government has committed to continued delivery of the Economic Crime Plan 2023-26 (ECP2), a strategy agreed between the public and private sectors which sets out a programme of specific actions and milestones that span the whole of the UK’s economic crime landscape.

ECP2 set out a range of specific actions to improve the effectiveness of the AML/CTF regulatory and supervisory regime, building on commitments from the 2022 review of the MLRs These include:

AML/CTF supervisors taking action to make further improvements to their effectiveness.
HM Treasury and OPBAS strengthening their existing oversight of the AML/CTF supervisors.
HM Treasury consulting on a potential package of changes to improve the effectiveness of the MLRs and reform the UK’s AML/CTF supervisory regime.

Reforming the UK’s future supervision regime

HM Treasury committed in ECP2 to continue strengthening the UK’s AML/CTF supervision regime, and in 2023 consulted on four potential options for reform. This government remains committed to reforming the UK’s AML/CTF supervision regime and will announce a plan for reform as a priority. While reform is implemented, however, the quality and consistency of the current supervision system remains immensely important. It is also vital that the UK can measure and assess the effectiveness of the supervision regime, both before and after any reform.

Improving the effectiveness of the Money Laundering Regulations

AML/CTF supervision can only be effective if it is underpinned by clear and robust regulations which are targeted at high-risk activity. HM Treasury is committed to working with supervisors, regulated firms and law enforcement to continue improving and updating the MLRs as needed, including to reflect changes in threats to the UK.

In 2024 HM Treasury ran a public consultation on potential changes to improve the effectiveness of the MLRs. The consultation covered a range of issues identified in the 2022 Review of the MLRs and other priority issues raised by stakeholders. HM Treasury is considering the consultation feedback carefully and developing detailed proposals on each issue.

Preparing for the Financial Action Task Force’s next assessment of the UK

The Financial Action Task Force (FATF), an intergovernmental organisation which sets global standards for AML/CTF, has now begun its fifth round of assessments of global efforts to tackle money laundering, and terrorist and proliferation financing. As part of this, the UK will undergo an in-depth evaluation by its peers, resulting in a new Mutual Evaluation Review. The assessment, which will be published in 2028, but for which data is already being gathered and preparation has begun, will consider the effectiveness of the UK’s AML/CTF/CPF (Counter Proliferation Financing) regime and the UK’s technical compliance with the FATF’s 40 Recommendations.

This round of FATF assessments will be based on a new methodology, which has been revised to place a greater emphasis on effectiveness, risk and context. Mutual evaluations in this round will assess the effectiveness of the supervision of financial institutions and virtual asset service providers, and supervision of non-financial businesses and professions, separately. This will provide a clearer overview of the level of effectiveness of supervision in these distinct areas, and stronger and more targeted recommendations for improvement.

As a leading member of FATF, the government welcomes a renewed international focus on the effectiveness of supervision and expects supervisors to demonstrate effective implementation of the required standards. Indeed, many of the supervisors demonstrate this implementation in their own publications and reports of supervisory activity and enforcement, such as those which the government requires the PBSs to publish under Regulation 46A of the MLRs (see Annex C), which provide more context and explanation to many of the statistics in this report.

OPBAS also continues to drive improvements in supervisory effectiveness through its updated Sourcebook for Professional Body Anti-Money Laundering Supervisors, which was published in January 2023 and aims to deliver a stronger and more consistent standard of supervision of the accountancy and legal sectors.

Updating the UK’s National Risk Assessments

Understanding the nature and extent of money laundering, terrorist financing and proliferation financing (PF) risk is crucial to inform effective and appropriately risk-based supervision. HM Treasury and the Home Office are jointly responsible for publishing periodic assessments of money laundering and terrorist financing risk, and the Treasury is responsible for publishing equivalent assessments of proliferation financing risk.

The government is aware that these assessments provide important insight to all actors who help tackle economic crime. The MLRs require supervisors to refer to the National Risk Assessments of Money Laundering and Terrorist Financing when they carry out their own AML/CTF risk assessments. Regulated persons under the MLRs must also undertake their own risk assessments of PF, and manage and mitigate PF risks. The third ML/TF National Risk Assessment (NRA) was jointly published by HM Treasury and the Home Office in December 2020 and has continued to support supervisors in building a robust intelligence picture of relevant sectors. The Treasury also published the UK’s first PF NRA in 2021.

Work on the next NRA on ML/TF is underway, underpinned by a rigorous process undertaken in collaboration with law enforcement, UK government departments and other key stakeholders to identify and assess risks. It will be published in 2025. The Treasury has also begun the process of updating the PF NRA which will be published in due course.

The role of supervision in sanctions compliance

Following Russia’s full-scale invasion of Ukraine in February 2022, the government acted quickly to impose an unprecedented package of coordinated sanctions alongside our international partners.

UK persons, including supervised firms, are required under the Sanctions and Anti-Money Laundering Act (SAMLA) to screen their activity against the UK sanctions list, to prevent funds, economic resources or services being provided to designated persons or for the provision of any other prohibited activity. Additionally, under the MLRs, supervisors should consider the systems and controls that a relevant firm has in place to mitigate the risks of breaching relevant sanctions relating to counter-terrorism and counter-proliferation sanctions, as part of their AML/CTF compliance checks.

Methodology for this report and additional metrics for 2023-24

This report is informed by an annual data return which HM Treasury collects from all AML/CTF supervisors in accordance with Regulation 51 of the MLRs. The return consists of a quantitative datasheet with key metrics across the main areas of supervisory activity, and a qualitative return which allows supervisors to provide more detail around their activities across the relevant period (including case studies). Types of data that supervisors are required to collect and submit to HM Treasury are set out in Schedule 4 of the MLRs, but data requests are subject to change from year to year.

For the 2023-24 reporting period, HM Treasury requested several new metrics as part of the quantitative return. This reflected our commitment under ECP2 to develop a framework to better evaluate the effectiveness of AML/CTF supervision, in order to enhance HMT oversight of the supervisors and support the continuous improvement of supervision. The additional metrics were developed with input from all supervisors, as well as OPBAS and the National Crime Agency, and were designed with FATF methodology in mind to include data that will be required as part of the UK’s next Mutual Evaluation Report (MER).

Since data collection for some of the new metrics was not possible retrospectively, for the 2023-24 reporting period supervisors were asked to provide this data on a ‘best endeavours’ basis, with a view to providing the data in full for the 2024-25 period. As a result, this year’s report only includes metrics where most or all supervisors were able to provide a figure. The new metrics in this report are as follows:

Supervision activities

Onsite visits and desk-based reviews split by risk categorisation.
Businesses assessed via supervisory interventions other than onsite visits or desk-based reviews.
Proportion of businesses found to be non-compliant or require a higher risk categorisation after being randomly selected for assessment.
Number of Suspicious Activity Reports (SARs) assessed by supervisors for quality, and how many of those were assessed as inadequate.

Ensuring compliance

Formal and informal enforcement actions split by risk categorisation.
Fines split by risk categorisation.
Number of enforcement actions published online.
Number of unregistered businesses identified as undertaking AML/CTF-regulated activity, and the enforcement actions taken against them.

Cooperation, coordination and information sharing

Number of guidance/training materials shared related to money laundering and terrorist financing risk.
Number of guidance/training materials shared relating to compliance with the MLRs.
Average email open rates, monthly hits, and attendance/views.
Numbers related to referrals, disclosures and information requests made under various AML/CTF-related information- and intelligence-sharing gateways.

The new metrics build on the data already requested of supervisors to capture the pillars of effective supervision, such as improved firm understanding of risk and AML/CTF obligations. The new metrics also have a renewed focus on the effectiveness of supervisors’ own risk-based approach to supervision by asking for interventions and enforcement actions split by risk categorisation.

This year, the new metrics begin to transition from merely counting the number of interventions a supervisor makes, to assessing the effectiveness of those interventions. This is achieved by examining outcomes of assessments and any subsequent changes in compliance ratings. However, as the data provided this year was on a ‘best endeavours’ basis to allow for supervisors to restructure their data gathering processes, HM Treasury anticipates having a more comprehensive picture next year.

Taken together with existing data, the new metrics will enable HM Treasury to build up a more holistic picture of each supervisor’s effectiveness over time. HM Treasury recognises, however, that not all metrics will be equally relevant for every supervisor and that the qualitative element of supervisors’ existing returns remain important to elaborate and contextualise the data provided (for more contextual information, see supervisors’ Regulation 46A reports in Annex C). Naturally, some metrics will be more helpful to assess individual supervisor trends over time and it is not possible to directly compare individual supervisors, given that every supervisor operates in a different context and with different constraints. HM Treasury also recognises the work involved for supervisors in collecting this data and remains committed to making the reporting process as streamlined as possible for supervisors going forwards.

HM Treasury has sought to capture the data reported by supervisors as accurately as possible, issuing clarification requests to supervisors where information was unclear or different to previous returns. It is important to note that some of these metrics are newly implemented and still in the process of being fully integrated. As such, caution should be exercised when interpreting them, as further refinement and clarification of definitions may be necessary.

Question 3

2.  Gatekeeping and risk assessment

Accepted Answer

This chapter covers supervisors’ work during 2023-24 to register businesses for supervision, and to understand the distribution of money laundering and terrorist financing risk across their population.

Effective gatekeeping

‘Gatekeeping’ is a core function of supervisors, ensuring that businesses in scope of the Money Laundering Regulations (MLRs) have registered for supervision and demonstrated they meet the minimum necessary standards. It involves checking as appropriate that the firms in question have the necessary systems in place to identify and prevent illicit financial flows, and that positions of significant influence over regulated businesses are not held by those who cannot demonstrate integrity and competence. All firms intending to carry out regulated activity should be subject to effective gatekeeping assessments, designed to be proportionate and not overly burdensome for legitimate business.

Supervisors deliver their gatekeeping function in different ways. Some integrate anti-money laundering/counter-terrorist financing (AML/CTF) registration and ‘fit and proper’ checks into broader processes for the purposes of their other functions. For instance, the FCA also supervises financial firms under the Financial Services and Markets Act (FSMA) and operates a broader Senior Managers and Certification Regime. Others, such as HMRC, carry out a dedicated AML/CTF registration process and AML/CTF-specific fit and proper checks on key individuals. The MLRs provide that, at a minimum, supervisors must ensure that key individuals in supervised firms have not been convicted of certain criminal offences including those related to money laundering, terrorist financing, fraud, tax evasion or organised crime.

Risk assessment

The MLRs require AML/CFT supervisors to take a risk-based approach to the supervision of their population. Supervisors must understand the ML/TF risks of their supervised populations to target resources effectively on monitoring the activities that are most likely to be exploited by criminals. This approach ensures that supervision is focused where it will have the greatest impact in ensuring businesses are detecting, deterring, and disrupting criminal activity, whilst minimising unnecessary burdens.

An effective risk-based approach requires a clear understanding of the supervised population; successfully differentiating between types of firms, the services they provide, their clients, and other sector-specific factors. In addition to supervisors’ own activities and knowledge of their sectors, there are various resources published by the government, law enforcement agencies, and leading international AML/CTF bodies to assist supervisors in building an understanding of ML/TF risks within their regulatory population. These include the UK’s National Risk Assessments, the National Crime Agency’s (NCA) risk assessments and briefings, and publications by the Financial Action Task Force (FATF).

For all tables in this chapter, the data for the 2021-22 and 2022-23 periods is included as a means of comparison with the data covered in the previous HM Treasury supervision report. It should be noted that due to the specific attributes and differences between the regulated sectors – including size of supervised population, differences in risk distribution within the population, and differing contexts in which the supervisors operate – it is not always appropriate to compare supervisors based on quantitative data alone.

Summary of activity across all supervisors

Supervisors received a total of 13,058 applications from businesses for AML/CTF supervision in 2023-24, with 954 of those rejected. However, this does not take into account that many businesses withdraw applications in anticipation of rejection. For comparison, there were 12,856 applications in 2022-23, with 742 rejected.

According to supervisors’ returns, approximately 9% of the supervised population were categorised as high-risk in 2023-24, compared to approximately 10% in 2022-23. This is broadly in line with prior years of 2021-22 (11%) and 2020-21 (9%).

Table 2.A Gatekeeping activity of all supervisors

	2021-22	2022-23	2023-24
Total applications for supervision	16,515	12,856	13,058
Total applications rejected	350	742	954

Source: HMT annual return data

Table 2.B 1. Risk assessment activity of all supervisors

	2021-22	2022-23	2023-24
Total supervised population size	101,098	95,914	94,937
Proportion of supervised businesses assessed as high risk (%)	11%	10%	9%
Proportion of supervised businesses assessed as medium risk (%)	43%	38%	31%
Proportion of supervised businesses assessed as low risk (%)	46%	52%	60%

Source: HMT annual return data

The FCA’s gatekeeping and risk assessment activity

The Financial Conduct Authority (FCA) is the supervision authority for financial services firms and virtual asset service providers in the UK. The sectors which the FCA regulates include:

Retail banking
Wholesale financial market
Investment management
General insurance and protection
Retail lending
Retail investments
Pensions and retirement income

As well as supervision under the MLRs, the FCA also supervises firms under the FSMA, the Payment Services Regulations and the Electronic Money Regulations.

In 2023-24, approximately 17,200 firms were registered with the FCA for AML/CTF supervision. This number is an approximation because the precise number of firms supervised changes frequently due to the specific activities they undertake. The FCA’s total supervisory remit, including firms outside the scope of the MLRs, extends to around 42,000 firms.

Gatekeeping activity

As of January 2020, the FCA became the AML/CTF supervisor for cryptoasset businesses, such as exchanges and custodian wallets, which are active in the UK. The FCA’s gateway assessment for cryptoasset firms seeking to register for AML/CTF supervision involves reviewing each firm’s controls framework against the requirements in the MLRs. This is with a view to assessing the inherent risks that the applicant firm’s business model presents against the strength of its controls. The FCA’s assessment covers the design of the Business-wide Risk Assessment, Customer Due Diligence (CDD), Enhanced Due Diligence (EDD), Transaction Monitoring and Suspicious Activity policies and procedures. In 2023-24 this process identified significant weaknesses in cryptoasset firms’ controls, resulting in 86% of initial crypto registrations received being rejected, withdrawn or refused.

For FSMA firms, the FCA can assess fitness and propriety through several measures, including, for example, the Senior Managers & Certification Regime. Thus, as part of the examination of these firms, existing intelligence concerning fitness and propriety would be considered.

In the 2023-24 reporting period, the FCA received 275 applications for AML/CTF supervision with 154 approved (56%- 6 cryptoasset firms, 148 other firms), and 120 rejected, withdrawn or refused (44%- 36 cryptoasset, 84 other).

The FCA can issue ‘minded to refuse’ letters prior to declining an application for a licence to practice, which often leads to a firm withdrawing its application for supervision before a formal rejection.

Table 2.C The FCA’s gatekeeping activity

	2021-22	2022-23	2023-24
Applications for supervision	270	292	275
Applications rejected	161	142	120

Source: HMT annual return from the FCA

Risk assessment

The FCA’s approach to assessing ML/TF risk in its population starts with reviewing the risks in each sub-sector on a periodic basis as part of a ‘portfolio analysis’ exercise. This is led by FCA supervision teams with financial crime specialist supervisors feeding in their own views of ML/TF risks. The FCA combines this portfolio analysis with details from its financial crime supervisory and intelligence work, REP-CRIM data (financial crime data returns) received from around 5,700 firms, and external risk assessments from law enforcement to identify which sectors pose the greatest ML/TF risk and where greatest resource is directed.

Based on risk assessments of its sectors, the FCA’s view is that, in the reporting year 2023-24, retail banking, e-money, wholesale banking, wealth management and cryptoasset firms remained particularly vulnerable to financial crime and posed the greatest risk of being exploited for money laundering.

In the 2023-24 reporting period, the FCA categorised c3,000 firms within its population as high risk, c8,950 as medium risk, and c5,100 as low risk.

Table 2.D The FCA’s risk assessment activity

	2021-22	2022-23	2023-24
Population size	Approx. 21,500	Approx. 18,000	Approx. 17,200
Proportion of supervised businesses assessed as high risk	23%	25%	17%
Proportion of supervised businesses assessed as medium risk	72%	69%	53%
Proportion of supervised businesses assessed as low risk	5%	6%	30%

Source: HMT annual return from the FCA

The Gambling Commission’s gatekeeping and risk assessment activity

The Gambling Commission (GC) is the AML/CTF supervisory authority for all online (remote) and land-based (non-remote) casinos operating in Great Britain or providing casino facilities to British customers. The Gambling Commission is also the regulator for other gambling businesses operating in Great Britain or providing gambling services to British customers, including betting, lotteries, bingo, and arcades.

During the 2023-24 reporting period, the total size of the GC’s supervised population was 247, and the majority of supervised casinos were remote casino operators.

Many remote and non-remote casinos have part, or all, of their ownership structure based outside of the UK. These jurisdictions vary, but the GC frequently sees companies, holding companies, trusts, and beneficial owners based in the British Virgin Islands, Cyprus, Malta, Sweden, Israel, and the United States.

Gatekeeping activity

Any gambling company operating in Great Britain, or with customers based in Great Britain, must hold the appropriate licence issued by the GC. Within these licenced businesses, individuals who hold certain key management functions must hold personal management licences issued by the GC. Holders of personal management licences and personal functional licences are subject to a five-year maintenance cycle where, every five years, their identity, integrity, and criminality is reassessed. Licensees are also required to report certain events to the GC, including if they are subject to any criminal investigation or disciplinary sanction.

The GC has the power to issue these licences under the Gambling Act 2005 and, through specialist guidance and support from their AML team, considers AML/CTF compliance when assessing new licence applications.

The GC also regulates individuals who work within the casino sector. In the 2023-24 reporting period, this amounted to 11,622 personal functional licences and 2,053 personal management licences.

In the reporting period, the GC received 14 applications for casino licences, with 11 granted. Of the 11 granted, four were for entities where the GC already licensed one or more companies in the group, one was from an existing licensee, and six applications were for new licencees. Two applications were withdrawn after the GC issued ‘minded to refuse’ letters, while one was rejected for non-payment. The data for previous years was not collected on the basis that the GC does not register businesses but licenses them instead; for the purposes of this year’s data, HM Treasury considers licence applications to be equivalent to registration applications.

Table 2.E The GC’s gatekeeping activity

	2021-22	2022-23	2023-24
Applications for supervision	Data not collected	Data not collected	14
Applications rejected	Data not collected	Data not collected	1

Source: HMT annual return from the GC

Risk assessment

The GC’s ML/TF risk assessment of the gambling industry (which covers all gambling sectors) was published in November 2023. The risk assessment identified remote gambling, particularly remote casinos and betting, along with non-remote casino and off-course betting, as being exposed to a high risk of money laundering. In addition, the risk assessment identified that gambling is currently at medium risk of being exposed to terrorist financing.

The GC assessed that the remote casino sector continued to demonstrate a high risk of non-compliance with the MLRs. Customers not being physically present for identification and verification purposes continued to pose a high risk in relation to stolen or fraudulent identification, enabling criminals to spend their proceeds of crime through gambling.

The non-remote casino sector continued to be rated as having a higher ML risk relative to other gambling sectors. Widespread compliance failings, particularly in relation to personal management, licence holders’ competency levels and inadequate CDD and EDD checks have enabled high levels of transactions to occur.

In the 2023-24 reporting period, there were 97 high, 37 medium, and 113 low risk firms identified.

Table 2.F The GC’s risk assessment activity

	2021-22	2022-23	2023-24
Population size	265	263	247
Proportion of supervised businesses assessed as high risk	33%	42%	39%
Proportion of supervised businesses assessed as medium risk	5%	7%	15%
Proportion of supervised businesses assessed as low risk	62%	51%	46%

Source: HMT annual return from the GC

HMRC’s gatekeeping and risk assessment activity

HMRC is the supervisory body for estate agency businesses, letting agency businesses, art market participants, high value dealers, money service businesses, bill payment service providers, telecommunications, digital and IT payment services, trust and company service providers who are not supervised by the FCA or PBSs, and accountancy service providers who are not supervised by one of the accountancy PBSs.

The total size of the population supervised by HMRC was 36,096 in 2023-24, consisting of 27,803 firms and 8,293 sole practitioners. At the time the annual returns were completed, these totals broke down by sector as follows:

Table 2.G Breakdown of HMRC’s supervised businesses

Sector	Number of supervised businesses (2022/23)	Number of supervised businesses (2023/24)	Year on year change
Accountancy Service Providers	16504	16422	-82
Art Market Participants	1135	1264	+129
Bill Payment Service Providers	273	246	-27
Estate Agency Businesses	15234	16450	+1216
High Value Dealers	310	251	-59
Letting Agency Businesses	1921	2149	+228
Money Service Businesses	1049	983	-66
Telecommunications, Digital and IT Payment Service Providers	82	71	-11
Trust and Company Service Providers	1540	1553	+13
Total HMRC	35411	36096	+685

Source: HMT annual return from HMRC

Gatekeeping activity

In 2023/24 HMRC received 9,893 applications for AML supervision, with 8,404 accepted and 601 rejected; the remainder were still to be determined at the end of the reporting period. The percentage of refusals was highest in the money service business, trust and company service provider, and high value dealer sectors.

HMRC is required to conduct fit and proper tests on certain individuals within money service businesses and trust and company service providers. In addition, HMRC is required to carry out criminality tests for key individuals in accountancy service providers, art market participants, high value dealers, estate agency businesses and letting agency businesses to ensure that individuals with a relevant criminal conviction are not able to hold relevant positions. In the 2023-24 reporting period, HMRC received 89,976 applications for Beneficial Owners, Officers or Managers (BOOM) approval, with 62,288 approved, 42 rejected and 213 invalidated by disciplinary measures.

Table 2.H HMRC’s gatekeeping activity

	2021-22	2022-23	2023-24
Applications for supervision	13,196	9,967	9,893
Applications rejected	21	438	601

Source: HMT annual return from HMRC

Risk assessment

HMRC draws on external reports to conduct detailed risk assessments for each sector, such as the National Risk Assessment, FATF publications, and information from HM Treasury, the Home Office, the NCA, and HMRC’s Risk and Intelligence Service. It also draws on findings from its own investigations into the sectors and the knowledge of experienced staff.

Overall, HMRC reported that most firms and sole practitioners within their supervised population were classified as low risk for 2023-24, but that 9% and 38% were considered high and medium risk, respectively.

However, these high and medium risk firms are not evenly distributed across all of HMRC’s sectors. HMRC identified money service businesses, art market participants, and trust and company service providers as the sectors presenting the highest inherent risks for money laundering. Money service businesses were also identified as presenting the highest inherent risk of being exploited for terrorist financing.

HMRC does not consider that each business within these sectors represents the same level of risk, however. Instead, it considers factors such as the nature of the product offered, geographical risk and client size, while also considering the impact on risk of business size, scope or reach, and any potential relationships or links to other businesses.

Table 2.I HMRC’s risk assessment activity

	2021-22	2022-23	2023-24
Population size	36,960	35,411	36,096
Proportion of supervised businesses assessed as high risk	7%	4%	7%
Proportion of supervised businesses assessed as medium risk	26%	27%	30%
Proportion of supervised businesses assessed as low risk	67%	69%	73%

Source: HMT annual return from HMRC

Gatekeeping and risk assessment activity by the Professional Body Supervisors

The 22 Professional Body Supervisors (PBSs) are responsible for AML/CTF supervision for the accountancy and legal sectors. These cover a range of services including accountancy, auditing, bookkeeping, legal, and notarial. The sizes of PBSs’ supervised populations vary from fewer than 10 to just under 10,000. Some PBSs supervise both firms and sole practitioners, whereas others solely supervise one of these types of business.

During the 2023-24 reporting period, there were 33,830 accountancy businesses and 7,564 legal businesses supervised by PBSs. Of the supervised businesses in the accountancy sector, 57% were firms and 43% were sole practitioners. Of the supervised businesses in the legal sector, 74% were firms and 26% were sole practitioners.

Gatekeeping activity

PBSs have rejected a higher percentage of registration applications than in previous reporting periods, with the proportion of applications rejected by PBSs increasing to 7.5% from 6.2% in 2022-23 and 5.5% in 2021-22. In all, PBSs received 3,108 applications for supervision in the 2023-24 reporting period, with 2,811 of those accepted and 233 rejected. The difference between the number of applications received but not reported as approved /rejected is due to those applications still being assessed at the end of the reporting period.

Some PBSs, such as the Bar Standards Board, authorise firms to practice rather than provide membership.

In addition to their own professional body ‘fit and proper’ checks and standards, under Regulation 26 of the MLRs, supervisors have a responsibility to approve beneficial owners, officers, or managers of firms (BOOMs). The processes used by PBSs to evaluate applications for new regulated entities and to determine whether to provide them with the authority to practice in the legal and accountancy sectors vary from supervisor to supervisor, but some examples are:

Requiring evidence of staff having received sufficient AML/CTF training.
Requiring evidence of staff holding certain qualifications.
Requiring evidence of staff having relevant work experience in the AML sector.

PBSs must also receive sufficient information to determine whether an individual applying for approval has been convicted of a relevant criminal offence, which would include evidence of a criminality check.

In the 2023-24 reporting period, PBSs received 9,085 applications for BOOM approval, with 8,857 accepted and 210 rejected. The remainder were invalidated by disciplinary measures.

Risk assessment

Of the population supervised by PBSs in 2023-24, 8% were identified as high risk, 22% as medium risk, and 70% as low risk. Due to the diverse nature of their populations and distribution of ML/TF risk within their supervised populations, percentages of supervised businesses in each risk category vary significantly between PBSs. However, high/medium/low risk assessments are undertaken by each PBS using its own criteria and therefore may not be directly comparable.

Table 2.J Gatekeeping activity by the Professional Body Supervisors

	2021 - 22		2022 - 23		2023 - 24
Supervisors	Applications for supervision	Applications rejected	Applications for supervision	Applications rejected	Applications for supervision	Applications rejected
ACCA (Association of Chartered Certified Accountants)	646	0	391	0	345	0
AIA (Association of International Accountants)	35	2	45	1	57	3
CIMA (Chartered Institute of Management Accountants)	151	8	115	5	105	6
CIOT (Chartered Institute Of Taxation)	88	4	94	17	84	22
ATT (Association of Taxation Technicians)	45	5	39	8	72	11
ICAEW (Institute of Chartered Accountants in England and Wales)	141	0	122	1	142	0
ICAI (Institute of Chartered Accountants in Ireland)	0	0	24	0	24	0
ICAS (Institute of Chartered Accountants of Scotland)	132	0	142	0	148	0
ICB (Institute of Certified Bookkeepers)	259	0	279	5	238	3
IFA (Institute of Financial Accountants)	223	55	121	37	140	32
AAT (Association of Accounting Technicians)	771	88	687	85	1215	150
IAB (Institute of Accountants and Bookkeepers)	149	4	168	1	152	2
IPA (Insolvency Practitioners Association)	6	2	6	1	50	0
SRA (Solicitors Regulation Authority)	449	0	231	0	218	0
Law Society of Northern Ireland	6	0	4	0	3	0
Law Society of Scotland	22	0	18	0	11	0
CLC (Council for Licensed Conveyancers)	10	0	9	1	8	3
BSB (Bar Standards Board - General Council of the Bar)	0	0	0	0	0	0
General Council of the Bar Northern Ireland	0	0	0	0	0	0
CILEx (Chartered Institute of Legal Executives)	5	0	1	0	0	0
Faculty of Advocates	1	0	1	0	1	0
Faculty Office of the Archbishop of Canterbury	46	0	124	0	119	1
Total PBSs	3,185	168	2,597	162	3,108	233
Accountancy PBSs	2,646	168	2,209	161	2,748	229
Legal PBSs	539	0	388	1	360	4

Source: HMT annual returns from the PBSs

Table 2.K Risk assessment activity by the Professional Body Supervisors

	2021-22				2022-23				2023-24
Supervisors	Population size	High risk	Medium risk	Low risk	Population size	High risk	Medium risk	Low risk	Population size	High risk	Medium risk	Low risk
ACCA	6,846	13%	18%	70%	6,951	13%	17%	70%	6,995	8%	17%	75%
AIA	314	11%	17%	71%	320	8%	18%	74%	338	7%	20%	72%
CIMA	1,598	1%	6%	93%	1,619	2%	13%	85%	1,646	3%	13%	85%
CIOT	889	6%	91%	3%	860	8%	90%	2%	858	12%	87%	1%
ATT	590	4%	93%	3%	595	4%	92%	4%	618	11%	87%	2%
ICAEW	10,476	3%	67%	31%	10,402	2%	67%	30%	9,911	3%	68%	29%
ICAI	462	0%	3%	96%	471	1%	29%	70%	468	1%	30%	69%
ICAS	881	5%	20%	75%	824	5%	29%	67%	758	5%	22%	73%
ICB	3,036	0%	0%	0%	3,098	27%	9%	64%	3,171	26%	9%	65%
IFA	1,983	15%	43%	42%	1,981	17%	30%	53%	1,815	14%	26%	60%
AAT	5,856	3%	41%	56%	6,202	6%	43%	51%	6,337	4%	40%	56%
IAB	704	40%	54%	7%	719	40%	51%	9%	744	43%	46%	12%
IPA	276	7%	58%	35%	267	6%	55%	40%	171	16%	53%	31%
SRA	6,408	5%	30%	65%	6,007	3%	1%	96%	5,683	3%	5%	92%
Law Society of Northern Ireland	450	11%	66%	22%	435	12%	69%	19%	427	15%	66%	19%
Law Society of Scotland	721	8%	48%	44%	686	3%	33%	64%	647	8%	26%	66%
CLC	226	5%	11%	84%	231	11%	11%	77%	205	13%	11%	76%
BSB	489	0%	0%	100%	486	0%	0%	100%	466	1%	10%	89%
General Council of the Bar Northern Ireland	0	N/A	N/A	N/A	0	N/A	N/A	N/A	0	N/A	N/A	N/A
CILEx	28	29%	39%	32%	21	14%	43%	43%	10	0%	0%	100%
Faculty of Advocates	7	0%	0%	100%	8	0%	0%	100%	8	0%	0%	100%
Faculty Office of the Archbishop of Canterbury	133	73%	27%	0%	124	14%	28%	58%	118	16%	31%	53%

Source: HMT annual returns from the PBSs (acronyms can be found in Table 2.J or Annex A)

Question 4

3.  Monitoring supervised businesses

Accepted Answer

The Money Laundering Regulations (MLRs) require supervisors to monitor their supervised populations effectively and to vary the frequency and intensity of their supervision based on the different risk profiles within their supervised populations.

Risk-based approach to supervision

Supervisors use a range of tools to assess whether firms are complying with the MLRs, including:

Desk-based reviews (DBRs) – these will typically be based on a review by the supervisor of documents provided by the firm to demonstrate the adequacy of its Anti-Money Laundering/Counter-Terrorist Financing (AML/CTF) policies, controls and procedures. Relevant documents might include the firm’s ML/TF risk assessment, examples of customer due diligence for a sample of clients, and staff training records. Supervisors will often supplement this with a questionnaire, or in some cases a virtual or telephone interview with the firm’s Money Laundering Reporting Officer (MLRO), or other members of staff. DBRs will conclude with the communication to the firm of the outcome of the review and any recommendations for improvements. Where more serious issues are identified, the supervisor will undertake follow-up work with the firm or initiate formal enforcement action (see Chapter 4).
Onsite visits – these are generally expected to involve an in-person visit to the firm’s premises or place of work, and are often combined with desk-based work. Onsite visits allow supervisors to verify that adequate policies, procedures and controls are in place, as well as to secure the benefits of in-person interviews with the firm’s MLRO or other members of staff.
Other supervisory interventions – This year for the first time we have asked supervisors to record the number of other interventions they undertake apart from DBRs and onsite visits, in order to gain a more holistic overview of their work. These are interventions which are not intended to allow for a formal judgement to be reached about a firm’s compliance (as with DBRs and onsite visits), but are a key component of a supervisor’s risk-based approach. These might include questionnaires aimed at a particular sub-sector of firms, engagement with boards and senior management to discuss specific aspects of compliance, or reviews of data held by the supervisor to look for ‘red flags’ which may indicate poor compliance by one or more firms. These interventions may act as a trigger for a DBR or onsite visit based on issues identified.

Onsite visits and DBRs can be categorised as ‘full-scope’ or ‘targeted’. Full-scope assessments involve a comprehensive review of a firm’s risks, compliance, policies, procedures, training and reporting, and may include a Customer Due Diligence (CDD) file review. Targeted assessments focus on specific aspects of a firm’s AML activity, including one or more of the elements of a full-scope assessment. While a full-scope assessment will be comprehensive enough to allow the supervisor to reach a judgement about whether the firm is compliant, generally compliant or non-compliant overall, a targeted assessment will only allow a judgement to be reached about the firm’s compliance with the specific aspect being assessed. This is the first year of annual reporting that this distinction has been recorded.

This section of the report presents data from AML/CTF supervisors’ annual returns to HM Treasury, detailing the number and type of supervision interventions (onsite visits, DBRs and other interventions). For the first time, the data is broken down by the risk level of the firm being assessed (as determined by the supervisors’ risk assessment processes) and by whether assessments were ‘targeted’ or ‘full-scope’. Additionally, it includes the outcomes of supervisors’ assessments in terms of whether firms were found to be compliant/generally compliant/non-compliant, also split by risk. It also includes data on full-time equivalent (FTE) staff and the amount of money spent by each supervisor on AML/CTF, as well as data on supervisors’ quality assurance of Suspicious Activity Reports (SARs).

For all tables in this chapter, the data for the 2021-22 and 2022-23 periods is included as a means of comparison with the data covered in the previous HM Treasury supervision report. It should be noted that due to the specific attributes and differences between the regulated sectors – including size of supervised population, differences in risk distribution within the population, and differing contexts in which the supervisors operate – it is not always appropriate to compare supervisors based on quantitative data alone.

Summary of activity across all supervisors

There were a total of 9,013 direct supervision actions (desk-based reviews and onsite visits) conducted across all 25 supervisors in 2023-24, representing the highest total since the pre-pandemic figure of 10,550 in 2019-20. This represents 10% of supervised firms being subject to direct supervision action in 2023-24, compared to 6% in 2022-23; the pre-pandemic figure was 11% in 2019-20.

There were a total of 708 FTE (Full Time Equivalent) staff and a total expenditure of £45m dedicated to AML/CTF supervision across all supervisors in 2023-24. However, it is difficult to calculate exact figures as the AML/CTF function of many supervisors is integrated into wider supervision activity; these figures therefore represent a ‘best estimate’.

In the reporting period 2023-24, 996 firms were asked to share SARs with their supervisor, with 466 of those being assessed by a supervisor for quality. Of those, 52 were assessed as inadequate because they did not have glossary codes, and a further 5 were assessed as inadequate for other reasons.

There was significant variation in supervisors’ approaches as to how they used the supervisory tools at their disposal. Some supervisors increased their focus on onsite visits, while others continued to invest more in DBRs. Some supervisors increasingly pursue innovative methods of supervision, such as the FCA’s in-house data analysis tools that tap into multiple data sources (see below).

Table 3.A Supervision activity of all supervisors

	2021-22	2022-23	2023-24
Total number of DBRs and onsite visits as a % of total supervised population	5%	6%	10%
Total FTE staff dedicated to AML/CTF	458	508	708
Total expenditure on AML/CTF	£33m	£35.5m	£45m
Firms asked to share SARs	490	657	996

Source: HMT annual return data

The FCA’s monitoring activity

In 2023-24 there were 77 full-time financial crime specialist employees dedicated to AML/CTF supervision at the FCA, including dedicated resources being applied to the assessment and supervision of cryptoasset businesses in particular. The FCA spent an estimated £6m on AML/CTF supervision in the reporting period. However, these figures do not include staff and resources in the FCA’s wider supervision and enforcement teams, which will also contribute to AML/CTF supervision.

The FCA’s supervision approach in 2023-24 was intended to be agile, risk-based, and targeted, making significant enhancements to their AML/CTF supervisory programmes to be data-led and proportionate over the last 2-3 years to get maximum coverage of their supervised population.

The key elements of the data-led approach included:

Modular Assessment Proactive Programme (MAPP): This approach replaced the FCA’s previous Systematic AML Programme (SAMLP). It focuses on reviewing specific financial crime risks across multiple firms simultaneously, allowing the FCA to more frequently assess the largest and most important firms and to compare risk mitigation across them.
Outliers/Proactive AML Programme (PAMLP): The FCA developed in-house data analysis tools that tapped into REP-CRIM (the annual AML return submitted by firms) and other data sources. The tool analysed large amounts of firm data to identify hotspots, outliers, and emerging themes, driving supervisory attention and focus.
Focused Supervisory Interventions (FSI): The FCA targeted engagement with firms on specific issues or risk indicators identified through assessing firm-related data and intelligence. This ongoing work enabled various sectors to understand their potential micro and macro financial crime risks and respond accordingly.
Multi-firm work: The FCA undertook multi-firm work to identify risks, conduct reviews, and provide feedback to individual firms and the industry.

Risk and compliance assessments

During the 2023-24 reporting period, the financial crime specialists within the FCA conducted a total of 816 DBRs and 21 onsite visits.

Table 3.B The FCA’s Desk Based Reviews and onsite visits, split by risk

Source: HMT annual return from the FCA

Of the DBRs, 656 (345 full-scope, 311 targeted) were completed on high-risk firms, 128 (58 full-scope, 70 targeted) on medium-risk firms, and 32 (12 full-scope, 20 targeted) on low-risk firms. Of the onsite visits, 19 full-scope visits were conducted on high-risk businesses with a further 2 full-scope visits on medium-risk businesses.

The FCA reported that of the firms subject to an assessment by financial crime specialists in 2023-24, 7% were found to be compliant, 19% were generally compliant and 3% were non-compliant. The remaining assessments conducted did not reach a point in the FCA’s review cycle by which the final rating could be determined for the reporting year 2023-24.

Common issues of non-compliance identified by the FCA through DBRs, onsite visits and multi-firm work included:

Ineffective ML business-wide risk assessments.
Customer risk assessments not always being in place or not sufficiently holistic and robust.
Enhanced due diligence not risk-sensitive and granular.
Compliance monitoring needing improvement and quality assurance.

Other supervisory interventions

Throughout the reporting period, the FCA issued ‘Dear CEO’ letters addressed to firms highlighting areas of weaknesses and where improvements were expected. The FCA sent 171 firms ‘Dear CEO’ letters in 2023-24.

Table 3.C The FCA’s monitoring activity

	2021-22	2022-23	2023-24
Total DBRs	78	231	816
Total onsite visits	0	7	21
FTE staff dedicated to AML/CTF	40.4	52.8	77
Estimated expenditure on AML/CTF	£3.5m	£4m	£6m
% of businesses assessed as compliant	36%	43%	7%
% of businesses assessed as generally compliant	13%	16%	19%
% of businesses assessed as non-compliant	22%	4%	3%

Source: HMT annual return from the FCA

Box 3.A Case study: the FCA’s monitoring activity

As of 10 January 2020, the FCA became the AML/CTF supervisor for cryptoasset businesses who are active in the UK. 44 firms are now registered with the FCA and supervised under the MLRs.
In the 2023-24 reporting period, 83 assessments were conducted amongst these 44 firms. These include: 12 targeted desk-based reviews, 2 full-scope onsite visits, and 69 full-scope desk-based reviews. This supervisory work identified a range of MLR-related issues which led to remedial work undertaken by those firms.
The FCA has stressed to the sector the importance of adherence to the MLRs and that it will take action where it sees actual/potential serious misconduct using the powers it has under the MLRs by either imposing or issuing a direction or opening an investigation into firms, where necessary and appropriate.
The FCA continues to address the issue of unregistered cryptoasset businesses by maintaining a list of those believed to be operating without registration. This list helps identify entities unaware of or refusing to comply with registration requirements and is regularly updated based on new information or responses from listed businesses.
For the three largest crypto firms and for 12 other large crypto firms, not FCA-registered but advertising legally into the UK, the FCA have adopted an ‘enhanced’ supervisory model which takes a more proactive approach to these firms’ supervision. A priority is assessing these firms’ financial crime controls, and the FCA have a named supervisor for each of these firms.

The Gambling Commission’s monitoring activity

During the 2023-24 reporting period, the Gambling Commission (GC) had 5 full-time employees dedicated to AML/CTF. However, AML/CTF work is integrated into the wider work of the GC, with 159 supporting employees in licensing, enforcement, compliance, intelligence, legal and forensic accountant teams. The GC spent an estimated £227,700 on AML supervision, with the caveat that as AML/CTF supervision is not the sole focus for the majority of the teams, it is difficult to provide an accurate estimate of expenditure; accordingly, the AML/CTF expenditure figure relates to expenses mainly within the AML team.

Risk and compliance assessments

During the 2023-24 reporting period, the GC carried out a total of 32 DBRs and 8 onsite visits; all of these were full-scope as opposed to targeted. Of the DBRs, 20 were completed on high-risk firms, 6 on medium-risk firms, and 6 on low-risk firms. Of the onsite visits, 5 were conducted on high-risk businesses with a further 3 on medium-risk businesses.

Table 3.D The GC’s Desk Based Reviews and onsite visits, split by risk

Source: HMT annual return from the GC

During the 2023-24 reporting period, the GC found that of the firms subjected to a DBR or onsite visit, 50% were found to be compliant, 25% were generally compliant, and 25% were non-compliant.

Some causes of non-compliance identified by the GC over the reporting periods were:

Inadequate documented policies, procedures and controls.
Inadequate CDD procedures, or no ongoing CDD monitoring.
Inadequate client risk assessment records.
No periodic review of compliance with MLRs.
Inadequate training.
Inadequate firm-wide risk assessment.
Inadequate electronic checks or record retention.
Inadequate record keeping.

Other supervisory interventions

The GC has powers of entry to inspect, question, access written or electronic records, and remove and retain any items relevant to a suspected offence under the Gambling Act 2005, or a breach of a licence condition. Any gambling company operating in Great Britain or providing gambling services to British customers must hold the appropriate licence issued by the GC.

The GC also requires annual assurance statements from their highest impact operators. These statements are intended to be a concise self-assessment of the risks to the licensing objectives posed by the business, how well the business is managing those risks, where the business needs to improve, and how it will do so. This information is useful when combined with other information received from and about an operator, such as intelligence or ‘key event’ submissions, as the content can assist in determining the action the operator is taking in managing risks, which can then be tested during any compliance assessment.

Table 3.E The GC’s monitoring activity

	2021-22	2022-23	2023-24
Total DBRs	32	25	32
Total onsite visits	9	9	8
FTE staff dedicated to AML/CTF	4	4	5
Estimated expenditure on AML/CTF	£212,900	£193,400	£227,700
% of businesses assessed as compliant	20%	18%	50%
% of businesses assessed as generally compliant	29%	23%	25%
% of businesses assessed as non-compliant	51%	59%	25%

Source: HMT annual return from the GC

Box 3.B Case study: the GC’s monitoring activity

At the end of April 2023, members of the GC’s Compliance Team conducted an on-site assessment of a high-end casino in London.
This premises assessment looked at on-site controls and compliance, including AML provisions for ID verification, customer due diligence, cash handling (and other payment controls), staff knowledge and experience, and transaction/table monitoring procedures.
The premises assessment was followed by a full policies and procedures review, a day interviewing key individuals within the business about their controls, and two days reviewing customer records to test controls (including those relating to AML) in practice for effectiveness and implementation.
The assessment found that improvements were required to the operator’s ML/TF risk assessment, their customer due diligence process, the sanctions process and the enhanced customer due diligence process for Politically Exposed Persons (PEPs).
While issues were found in these areas, it was judged that there was not a significant risk to the licensing objectives under the Gambling Act (including keeping crime out of gambling), so the matter was not escalated for a Section 116 review. Instead, an Improvement Notice was issued. This required the operator to make improvements at pace in advance of the Commission conducting a follow-up assessment.
In October 2023, the follow-up assessment took place and the operator was found to have rectified the issues found in the original assessment and was therefore classed as compliant.

HMRC’s monitoring activity

HMRC had 412.6 full-time equivalent (FTE) employees dedicated to AML supervision in 2023-24. This demonstrates a year-on-year increase in supervisory staff from the 343 and 397 full-time employees dedicated to AML supervision in 2021-22 and 2022-23, respectively. HMRC’s total expenditure on AML/CTF supervision for 2023-24 was an estimated £23.5m.

Risk and compliance assessments

During the 2023-24 reporting period, HMRC conducted a total of 499 DBRs and 944 onsite visits.

Table 3.F HMRC’s Desk Based Reviews and onsite visits, split by risk

Source: HMT annual return data from HMRC

Of the DBRs, 187 (96 full-scope, 91 targeted) were completed on high-risk firms, 88 (42 full-scope, 46 targeted) on medium-risk firms, and 224 (28 full-scope, 196 targeted) on low-risk firms. Of the onsite visits, 487 (330 full-scope, 157 targeted) were conducted on high-risk businesses, 210 (101 full-scope, 109 targeted) were conducted on medium-risk businesses, and 247 (91 full-scope, 156 targeted) were conducted on low-risk businesses.

Of the 1,443 onsite visits and desk-based reviews conducted in 2023-24, 615 visits resulted in assessments of non-compliance (43%). The number of assessment outcomes may not equal the total number of interventions for a number of reasons, including where the case is closed without a supervision outcome such as where other law enforcement groups are leading the case.

HMRC also undertook intervention activity on firms that should have been registered for supervision, but were not, closing 323 of these cases in the reporting period.

The most frequent forms of non-compliance identified in cases closed by HMRC during the 2022-23 reporting period included:

Inadequate firm-wide risk assessment
Inadequate policies, controls, and procedures
Inadequate record-keeping
Inadequate customer due diligence measures, including in cases requiring enhanced customer due diligence

Other supervisory interventions

HMRC conducted Mass Market Interventions (MMIs) across 2023-24. MMIs are a light-touch intervention that aim to encourage businesses to comply with requirements by targeting specific areas of non-compliance, for example by prompting them to update their risk assessments, policies and controls. In 2023-24 HMRC undertook 996 MMIs, 35% of which were businesses whose registration had expired and who re-registered with HMRC within 4 weeks of contact.

In addition, HMRC undertook random dip-sampling of medium- and low-risk businesses to ensure that their risking processes were effective; 123 businesses were randomly selected for a DBR or an onsite visit, and of these, 46 were found to require a higher risk categorisation while 67 were found to be non-compliant.

Table 3.G HMRC’s monitoring activity

	2021-22	2022-23	2023-24
Total DBRs	1426	834	499
Total onsite visits	289	907	944
FTE staff dedicated to AML/CTF	343	397	412.6
Estimated expenditure on AML/CTF	£25m	£27m	£23.5m
% of businesses assessed as compliant	7%	15%	12%
% of businesses assessed as generally compliant	15%	17%	17%
% of businesses assessed as non-compliant	31%	28%	43%

Source: HMT annual return from HMRC

Box 3.C Case study: HMRC’s monitoring activity

A business provided high risk Trust and Company Service Provider (TCSP) services of company formation, registered office, and nominee director/shareholder services but assessed the risk of providing these services to be low.
The business provided these services to both UK and offshore customers, including those operating in high risk third countries (geographic areas of operation risk).
The majority (90%) of services were provided without face-to-face contact with customers, but the business assessed this to be low risk (delivery channel risk).
The business failed to identify and assess the risks it was subject to, leading to a lack of appropriate policies, controls and procedures in place to mitigate those risks, include not applying EDD measures to high-risk customers.
In one instance, the business continued to offer services to clients via a business relationship with an intermediary customer despite that intermediary’s refusal to provide requested CDD information.
The Nominated Officer (NO) was provided with advice and guidance from HMRC throughout the intervention, beginning in early 2023, on steps to take to correct non-compliance identified, but this was not taken on board.
The business’ registration was cancelled, and it was determined to be not F&P (fit and proper) under MLR58, owing to the seriousness of its failings, their risk, and likelihood the NO would not comply with MLR obligations.

Monitoring activity by Professional Body Supervisors

Across the PBSs, there were 213 FTE employees dedicated to AML/CTF in 2023-24, just under the equivalent of 10 FTE per PBS. This continues a year-on-year increase from the reporting periods covered in previous supervision reports. The total expenditure on AML/CTF supervision of all PBSs for the reporting period was an estimated £15.5m. A PBS-by-PBS breakdown of staffing and expenditure levels can be found in Annex B. As noted above, due to the specific attributes and differences between the regulated sectors, it is not always appropriate to compare supervisors based on quantitative data alone.

Risk and compliance assessments

PBSs conducted a total of 2,656 DBRs (481 on high-risk businesses, 724 on medium-risk businesses and 1,451 low-risk businesses) and 1,557 onsite visits (462 on high-risk businesses, 515 on medium-risk businesses and 580 on low-risk businesses) during the 2023-24 reporting period, meaning that roughly 10% of their supervised population was subject to direct supervisory activity.

Table 3.H Accountancy PBS’ DBRs and onsite visits, split by risk

Source: HMT annual return from accountancy PBSs

Table 3.I Legal PBS’ DBRs and onsite visits, split by risk

Source: HMT annual return from legal PBSs

Across the reporting period, PBSs reported the most common breaches identified as:

Inadequate documented policies and procedures.
Inadequate CDD procedures.
Inadequate client risk assessment or records.
No or inadequate firm-wide risk assessment.

Many PBSs also noted that a lack of knowledge or understanding of the regulations was a common theme among firms with non-compliance or poor procedures. This was sometimes due to the size of the firm or their available resources. Often, this was linked to firms using templates or third-party policies without fully tailoring them to the individual firm.

In the 2023-24 reporting period, accountancy PBSs reported that 14% of the businesses on which they conducted onsite visits and DBRs were non-compliant with the MLRs. Legal PBSs reported that 20% of their assessments resulted in a non-compliant rating.

Other supervisory interventions

PBSs also assessed a total of 4,674 businesses via interventions other than DBRs or onsite visits, including:

Requiring supervised firms to complete an annual AML form, then providing bespoke support to firms where responses indicate a lack of understanding of the MLRs.
Thematic reviews on aspects of AML supervision such as BOOMs or Register of Overseas entities, leading to analysis of the regulated population.
Requiring firms to respond to questionnaires sent out by the supervisor.
Reviews of supervisory data held by PBSs to look for ‘red flags’ which may indicate poor compliance by one or more firms.

Some PBSs also undertook random dip-sampling of medium- and low-risk businesses; 558 businesses were randomly selected for a DBR or an onsite visit, with 4% of those found to require a higher risk categorisation and 13% found to be non-compliant.

Table 3.J Monitoring activity by PBSs

	2021-22					2022-23					2023-24
Supervisors	Total DBRs	Total onsite	Compliant	Generally compliant	Non-compliant	Total DBRs	Total onsite	Compliant	Generally compliant	Non-compliant	Total DBRs	Total onsite	Compliant	Generally compliant	Non-compliant
ACCA	299	0	0%	91%	9%	326	12	5%	88%	7%	285	34	1%	92%	7%
AIA	18	0	0%	89%	11%	36	1	3%	95%	3%	35	8	0%	85%	7%
CIMA	3	21	17%	29%	54%	2	22	21%	13%	67%	7	30	19%	27%	54%
CIOT	49	0	49%	27%	24%	29	3	16%	66%	19%	39	1	20%	55%	25%
ATT	24	0	63%	17%	21%	32	1	21%	70%	9%	29	0	7%	52%	41%
ICAEW	568	424	15%	70%	14%	450	676	14%	70%	16%	669	664	12%	56%	16%
ICAI	5	51	89%	4%	4%	1	53	48%	28%	13%	45	9	28%	46%	26%
ICAS	40	30	34%	46%	20%	31	56	45%	45%	10%	55	41	61%	24%	15%
ICB	32	113	30%	0%	70%	75	63	10%	8%	82%	599	9	3%	0%	4%
IFA	173	0	16%	47%	38%	155	1	17%	58%	25%	121	2	19%	52%	29%
AAT	125	109	70%	17%	14%	150	106	63%	16%	21%	282	137	2%	74%	21%
IAB	36	255	30%	44%	26%	24	176	41%	47%	10%	0	156	58%	40%	3%
IPA	38	12	84%	16%	0%	57	31	67%	33%	0%	17	13	73%	13%	13%
SRA	132	164	16%	37%	9%	96	151	27%	47%	27%	358	335	16%	41%	17%
Law Society of Northern Ireland	105	51	59%	27%	13%	69	111	49%	32%	14%	53	110	55%	31%	18%
Law Society of Scotland	49	14	38%	17%	44%	58	23	30%	46%	25%	67	51	1%	97%	3%
CLC	17	25	24%	29%	48%	5	51	7%	43%	43%	11	27	11%	45%	66%
BSB	278	0	0%	0%	0%	10	0	10%	0%	0%	31	0	100%	0%	0%
General Council of the Bar Northern Ireland	0	0				0	0				0	0
CILEx	28	0	79%	21%	0%	21	0	81%	19%	0%	0	0
Faculty of Advocates	7	0	100%	0%	0%	0	8	100%	0%	0%	7	0	100%	0%	0%
Faculty Office of the Archbishop of Canterbury	64	18	96%	2%	1%	38	10	4%	96%	2%	129	20	44%	48%	8%
Total PBSs	2090	1287				1665	1555				2839	1647
Accountancy PBSs	1410	1015				1368	1201				2183	1104
Legal PBSs	680	272				297	354				656	543

Source: HMT annual return from PBSs (acronyms can be found in Table 2.J or Annex)^{[footnote 1]}

Box 3.D Case study: monitoring activity by an accountancy PBS

An accountant for a club identified a decline in bar profits and a significant increase in profits from two gaming machines, raising suspicion of potential money laundering.
The accountant sought guidance from an accountancy PBS on whether to report the matter and continue acting for the client.
They were advised on their professional obligations under the MLRs to submit a Suspicious Activity Report (SAR).
The accountant was directed to resources from the accountancy PBS, as well as general AML guidance and NCA’s SAR portal to support their decision-making and reporting.
The firm’s SAR procedures and the quality of SARs submitted will now be reviewed by the accountancy PBS in a Practice Assurance Review.

Box 3.E Case study: monitoring activity by a legal PBS

A legal PBS’s Monitoring Officer found inadequate AML/CTF measures in a firm, with notable deficiencies in client due diligence and source of funds checks.
The PBS’s Professional Conduct Committee reviewed the inspection report and identified reliance on personal knowledge over proper documentation, directing a follow-up AML/CTF inspection.
The subsequent inspection noted significant improvements, including the implementation of an AML/CTF checklist for new and existing clients.
The Monitoring Officer’s review of 12 files during the follow-up inspection raised no AML/CTF queries.
The legal PBS recognised the firm’s progress and adherence to the AML/CTF regime, providing positive feedback to the firm.

Question 5

4.  Ensuring compliance

Accepted Answer

Compliance strategies and enforcement

The Money Laundering Regulations (MLRs) require supervisors to ensure that regulated firms which breach the regulations are subject to effective, proportionate, and dissuasive measures. This means that disciplinary measures should be effective at ensuring future compliance by sanctioned businesses, proportionate to the severity of the breach, and dissuasive of non-compliance by others.

Supervisors have a wide range of sanctioning powers available to them to achieve this, including:

Fines
Public censures
Suspension or cancellation of registration
Referral to law enforcement agencies and/or prosecutors

Several supervisors also derive broader sanctioning powers from pieces of legislation other than the MLRs (such as the Proceeds of Crime Act, the Financial Services and Markets Act, the Legal Services Act, and the Gambling Act, or through the By-Laws and Regulations of the Professional Body). Action taken under this separate legislation is only included in this section where these powers were used in response to money laundering breaches.

Direct comparisons between supervisors on levels of fines and numbers of cancellations/suspensions may not be appropriate due to the differing population sizes, risk categorisations of each supervisor’s population, and the differing contexts in which supervisors operate.

Summary of enforcement action across all supervisors

For the 2023/24 period, HM Treasury requested that supervisors provide enforcement data broken down by the assessed risk level of the business in terms of money laundering and terrorist financing. As discussed, this should allow for a fuller picture of how supervisors are targeting enforcement action.

The total sum of fines across all 25 supervisors in 2023-24 was £41.5m compared to £196.5m in 2022-23. It should be noted that significant year-on-year changes in this aggregate figure are common and driven largely by the outcomes of FCA enforcement action against large financial institutions, and should not be taken as representative of trends across all supervisors.

Across all supervisors, £14.5m of fines were issued to high-risk businesses, £26.5m of fines were issued to medium-risk businesses (this was driven by 3 large fines from the FCA), and £598,300 of fines to low-risk businesses. The average fine amount across all supervisors was approximately £34,000.

Given the heightened risk of money laundering associated with Trust and Company Service Providers (TCSPs), the supervisors overseeing these entities (predominantly HMRC and the PBSs) have separately reported enforcement actions taken against them for 2023-24. In total, fines amounting to £1.5m were imposed on TCSPs, and the memberships of 51 supervised businesses operating as TCSPs were revoked.

Excluding TCSPs, the memberships/registrations/authorisations of 27 high-risk businesses were cancelled, alongside seven medium-risk and 20 low-risk businesses.

As mentioned, all supervisors have a range of actions available from formal actions such as fines and suspension or cancellations of registrations, to informal actions like guidance or reminder letters.

Table 4.A All supervisors’ formal and informal actions, split by risk

Source: HMT annual return data

Across all 25 supervisors, 180 formal actions and 707 informal actions were taken against high risk businesses, 179 formal actions and 401 informal actions were taken against medium risk businesses, and 121 formal actions and 490 informal actions were taken against low risk businesses.

Under the MLRs, supervisors can publish information about enforcement actions publicly. In the 2023-24 reporting period, the 25 supervisors published a total of 1,015 of their enforcement actions online.

Table 4.B Enforcement actions by all supervisors

	2021-22	2022-23	2023-24
Cancellations of membership	48	47	47
Number of fines	614	1,007	1,227
Value of fines	£503.5m	£196.5m	£41.5m
Formal actions taken	1,141	1,129	524
Informal actions taken	1,391	1,861	1,930
Number of fines on TCSPs	No data collected	83	103
Value of fines on TCSPs	No data collected	£562,200	£1.5m

Source: HMT annual return data

The FCA’s enforcement action

The FCA derives its enforcement powers from both the MLRs and the Financial Services and Markets Act 2000 (FSMA). Both acts provide the FCA with extensive powers to impose sanctions on supervised firms within its remit, including:

Suspensions and restrictions
Prohibition of practice
Public censure
Disgorgement (fining a firm to negate any profit made from a transaction that breached Anti-Money Laundering (AML) standards)
Prosecution of firms and individuals who undertake regulated activities without authorisation

In the relevant reporting period, the FCA issued three fines under the MLRs and the FSMA for a total sum of over £26m, all on medium risk businesses, for significant failings in anti-money laundering systems and financial crime control, including inadequate risk assessments, outdated policies, and lack of compliance checks. The FCA published all three of these enforcement actions online.

The FCA takes a range of formal actions against businesses beyond financial penalties. It has the authority under the MLRs and FSMA to issue public censures, business restrictions, pursue criminal prosecutions, and impose other measures such as withdrawing a firm’s authorization, prohibiting individuals from operating in financial services, seeking injunctions, and suspending firms from specific activities for up to 12 months. In total, the FCA executed 15 formal actions, including seven against high-risk businesses, seven against medium-risk businesses, and one against a low-risk business.

Table 4.C FCA’s formal and informal actions taken, split by risk

High Risk		Medium Risk		Low Risk
Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken
7	108	7	8	1	2

Source: HMT annual return from the FCA

The FCA publishes enforcement decisions in Final or Decision Notices, outlining the facts, identified deficiencies, and rationale for concluding serious misconduct, helping the regulated sector understand and mitigate risks.

By virtue of Regulation 69 of the MLRs, an authorised officer acting on behalf of a supervisor may enter and inspect a premises without a warrant if they have reasonable grounds to believe that breaches of the MLR have occurred. The FCA exercised this power on 27 occasions in the 2023-24 reporting period.

Table 4.D Enforcement actions by the FCA

	2021-22	2022-23	2023-24
Cancellations of membership	No data	No data	5
Number of fines	5	7	3
Value of fines	£476.5m	£139m	£26m
Formal actions taken	13	10	15
Informal actions taken	10	31	118

Source: HMT annual return from the FCA

Box 4.A Case study: the FCA’s enforcement action

In 2023-24, the FCA’s action against three firms culminated in approximately £26m in financial penalties. Penalties were issued under FSMA for ADM Investor Services International Limited, Bastion Capital London Limited and ED&F Man Capital Markets Ltd.
ADM Investor Services International Limited were fined £6,470,600 in October 2023 for inadequate AML systems and controls, including basic customer risk assessments, lack of firm-wide risk assessment, insufficient ongoing monitoring, and outdated policies.
In July 2023, the FCA fined Bastion Capital London Limited £2,452,700 for serious financial crime control failings, including executing £71.5bn in suspicious trades for clients between January 2014 and September 2015, which facilitated tax reclaims and fund transfers, resulting in a €22.7m loss for one client.
In June 2023, the FCA fined ED&F Man Capital Markets Ltd £17,219,300 for serious failings in its oversight of trading, which allowed clients to illegitimately reclaim £20m in withholding tax from Danish authorities through inadequate compliance checks and oversight, generating £5.06m in fees for Man Capital Markets.

The Gambling Commission’s enforcement action

The Gambling Commission (GC) supervises its sector via a licensing regime rather than a membership or registration scheme and undertakes numerous enforcement actions for breaches of licence conditions and codes of practice relating to AML/CTF breaches. The GC derives its powers to do so from the Gambling Act 2005, and these powers include:

Entering an operator’s premises to inspect, question, access written or electronic records, and remove and retain any items relevant to a suspected offence or a breach of a licence condition.
Removing or amending licence conditions.
Revoking or suspending licences.
Imposing financial penalties (which can be either fines or regulatory settlements).
Imposing individual licence conditions or imposing licence conditions for a class of licence.
Issuing a warning.

The GC issued seven financial sanctions during the 2023-24 reporting period, for a total value of over £9m. This amounted to six financial sanctions on high risk businesses for a total of £9m and a single financial sanction on a medium risk business for £29,200. This included a sanction on one individual who held a Personal Management Licence (PML) for AML failings after a warning had already been issued against said individual.

In addition to financial penalties, the GC can also utilise other forms of enforcement action in response to AML breaches, including:

Public censure.
Prohibition on members of management.
Regulatory settlements.
Formal warnings.
Impositions of additional licence conditions on a licence holder or on a class of licence.

A total of eight casino operators underwent the special measures process, a system designed to help supervised businesses achieve compliance before formal action is taken. Of these operators, seven were classified as high risk while one was low risk.

Table 4.E GC’s formal and informal actions taken, split by risk

High risk		Medium risk		Low risk
Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken
6	8	1	0	0	1

Source: HMT annual return from the GC

The GC published 16 enforcement actions during the 2023-24 reporting period, seven of which were for casino operator licence holders and nine of which were for casino PML holders.

Table 4.F Enforcement actions by the GC

	2021-22	2022-23	2023-24
Cancellations of membership	0	0	0
Number of fines	10	19	7
Value of fines	£23.5m	£53.5m	£9m
Formal actions taken	5	8	7
Informal actions taken	14	12	9

Source: HMT annual return from the GC

Box 4.B Case study: the GC’s enforcement action

Within the reporting period, the GC published a public statement relating to a case where a large remote casino and betting operator was found to be deficient in several areas of AML compliance, including:
- Enhanced customer due diligence and Know Your Customer (KYC) procedures that proved ineffective in mitigating money laundering risks.
- The failure to conduct financial sanctions checks on new customers prior to their initial deposits.
- A lack of independent verification checks, with an over-reliance on customers’ annual self-verification of KYC information.
- Procedural documentation that lacked sufficient detail in defining criteria for “at risk” and “not at risk” customers for the purpose of risk profiling.
The combined financial settlement for both the casino and betting licences was £582,120.

HMRC’s enforcement action

HMRC uses a wide range of enforcement tools to drive compliance in their supervised population, including:

Financial penalties
Referral to law enforcement
Suspension or cancellation of a business’ registration

During the 2023-24 reporting period, HMRC issued a total of 977 fines for breaches related to AML and CTF regulations, amounting to over £5m. This includes 940 fines issued to high-risk businesses totalling £5m, seven fines imposed on medium-risk businesses amounting to £206,200, and 14 fines levied on low-risk businesses equating to £62,800. Additionally, there were 16 penalties totalling £48,490 for either failure to notify or failure to provide information.

In addition to issuing fines, HMRC can implement a variety of enforcement actions, both formal (such as those listed above) and informal (such as issuing warning letters), to address AML breaches. During the 2023-24 reporting period, HMRC undertook a total of 24 further formal actions, including seven against high-risk businesses, four against medium-risk businesses, and 13 against low-risk businesses In addition, HMRC conducted 687 informal actions, which comprised 251 actions against high-risk businesses, 114 against medium-risk businesses, and 322 against low-risk businesses. There were an additional 133 formal actions and 77 informal actions made against businesses that operate across multiple sectors and therefore were difficult to categorise into high, medium or low risk.

Table 4.G HMRC’s formal and informal actions taken, split by risk

High risk		Medium risk		Low risk		Other (multiple sectors)
Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken
7	251	4	114	13	322	133	77

Source: HMT annual return from HMRC

HMRC cancelled the membership of 29 businesses, split by sector as follows:

Table 4.H HMRC’s registration cancellations, split by sector

Sector	Registrations cancelled
Accountancy Service Provider	6
Estate Agency Business	17
Money Service Business	5
Trust and Company Service Provider	1
Total	29

Source: HMT annual return from HMRC

HMRC published a total of 775 of their enforcement actions in the 2023-24 enforcement period.

During the reporting period, HMRC issued 26 fines amounting to £271,180 to businesses acting as TCSPs. HMRC took further enforcement actions by cancelling the registration of one supervised business acting as a TCSP and suspending the registration of another.

Pursuant to Regulation 69 of the MLRs, an authorised officer acting on behalf of a supervisor may enter and inspect a premises without a warrant if they have reasonable grounds to believe that breaches of the MLRs have occurred. During the 2023-24 reporting period, HMRC exercised this power on 39 occasions.

HMRC investigated 452 suspected ‘Policing the Perimeter’ (PTP) cases in 2023-24. These investigations confirmed 323 businesses trading while unregistered. Of these, 210 applied to be registered and 118 were subsequently ‘struck off’ or ‘ceased to trade’ on Companies House. A further 36 PTP investigations were ‘not in scope’, while 18 businesses investigated were ‘registered with another supervisor’.

Table 4.I Enforcement actions by HMRC

	2021-22	2022-23	2023-24
Cancellations of membership	8	0	29
Number of fines	283	770	977
Value of fines	£2.5m	£5.5m	£5.5m
Formal actions taken	531	493	157
Informal actions taken	383	559	764
Number of fines on TCSPs	No data collected	5	26
Value of fines on TCSPs	No data collected	£31,000	£271,180

Source: HMT annual return from HMRC

Box 4.C Case study: HMRC’s enforcement action

A luxury goods brand was fined £161,185 in the 2023-24 period for non-compliance with the MLRs.
The business is registered for supervision with HMRC as a high value dealer (HVD), handling cash payments of €10,000 or more (or equivalent in any currency) in exchange for goods.
It was selected for a routine visit to ensure appropriate due diligence measures were applied when customers paid large amounts of cash.
The UK’s National Risk Assessment (NRA) identifies the HVD sector as attractive to criminals seeking to convert criminal proceeds into high-value or luxury portable assets, which can be easily moved outside the UK or used to conceal the origins of criminally derived cash.
Specific failures of the business included inadequate identification and assessment of money laundering and terrorist financing risks; failure to establish and maintain policies, controls, and procedures to manage and mitigate these risks; inadequate customer due diligence measures to identify and verify customers, including politically exposed persons; failure to keep copies of documents and information to satisfy customer due diligence requirements; and insufficient measures to ensure employees were aware of relevant laws and received regular training on recognising and dealing with transactions related to money laundering and terrorist financing.
The business paid the fine and promptly implemented changes to their MLR processes.

Enforcement action by Professional Body Supervisors

PBSs have a range of enforcement tools available to them under the MLRs, both formal and informal, including:

Public censures
Financial penalties
Suspension, restriction, or withdrawal of membership or authorization to practice
The ability to direct members to take action to remedy non-compliance

In the 2023-24 reporting period, PBSs issued 240 fines amounting to £851,200. This is an increase in the number and total value of fines compared to 2022-23, with 211 fines totalling £640,800 last year.

The risk distribution of fines is as follows:

91 fines on high risk businesses totalling £200,400 (83 fines from accountancy PBSs, eight fines from legal PBSs).
63 fines on medium risk businesses amounting to £115,200 (all from accountancy PBSs).
86 fines on low risk businesses coming to £535,500 (55 from accountancy PBSs, 31 from legal PBSs).

PBSs possess the authority to impose fines or revoke memberships and registrations of supervised businesses for reasons not related to AML. Many PBSs enforce additional regulations or codes of practice, and breaches of these regulations can result in action which may be indirectly related to AML but is not directly caused by it. During the 2023-24 period, PBSs cancelled a total of 110 memberships, suspended an additional 30, and issued 359 fines amounting to £2.5m for reasons other than AML/CTF.

It should be noted that for some legal PBSs, the power to cancel memberships is not vested in the legal PBS itself, but in an independent statutory tribunal.

PBSs took a total of 478 formal actions and 1116 informal actions across the reporting period, breaking down as:

160 formal actions (138 from accountancy PBSs, 22 from legal PBSs) and 340 informal actions (310 accountancy from PBSs, 30 from legal PBSs) on high risk businesses.
167 formal actions (145 from accountancy PBSs, 22 from legal PBSs) and 279 informal actions (195 from accountancy PBSs, 84 from legal PBSs) on medium risk businesses.
107 formal actions (87 from accountancy PBSs, 20 from legal PBSs) and 165 informal actions (131 from accountancy PBSs, 34 from legal PBSs) on low risk businesses.

Table 4.J Formal and informal actions taken by Professional Body Supervisors, split by risk

	High risk		Medium risk		Low risk
	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken	Number of formal actions taken	Number of informal actions taken
Total PBSs	160	340	167	279	107	165
Accountancy	138	310	145	195	87	131
Legal	22	30	22	84	20	34

Source: HMT annual returns from PBSs

As in previous years, PBSs have carried out additional activities to promote compliance within their supervised populations. These vary across bodies but include:

Use of risk bulletins to quickly share new information with businesses
Providing additional support to businesses who require action after a review
Publishing guidance on compliance with the MLRs

During the 2023-24 reporting period, PBSs published 221 enforcement actions online. These were primarily made available on PBSs’ own websites, but occasionally through other media such as digital magazines.

During the reporting period, PBSs issued 77 fines amounting to £971,800 to businesses acting as TCSPs. PBSs took further enforcement action by cancelling the membership of 50 supervised businesses acting as TCSPs and suspending the membership of three more.

Excluding TCSPs, the memberships/registrations/authorisations of 22 high risk businesses were cancelled, alongside seven medium risk and 20 low risk businesses.

PBSs identified a total of 72 unregistered businesses undertaking AML/CTF-regulated activity across the 2023-24 reporting year, taking enforcement action against 67 of them.

The population sizes, risk categorisations, and levels of non-compliance vary significantly between the 22 PBSs, with some supervisors not finding a single member within their supervised population to be non-compliant, and therefore not issuing any fines, suspensions, or cancellations.

Table 4.K Enforcement actions by Professional Body Supervisors

				2021-22							2022-23							2023-24
Supervisors	Cancellations of membership	Number of fines	Value of fines	Formal actions taken	Informal actions taken	Number of fines on TCSPs	Value of fines on TCSPs	Cancellations of membership	Number of fines	Value of fines	Formal actions taken	Informal actions taken	Number of fines on TCSPs	Value of fines on TCSPs	Cancellations of membership	Number of fines	Value of fines	Formal actions taken	Informal actions taken	Number of fines on TCSPs	Value of fines on TCSPs
ACCA	0	12	£56,000	17	299	No data collected	No data collected	3	20	£58,500	20	338	19	No data collected	1	4	£28,900	33	319	4	£28,900
AIA	7	18	£10,600	2	16	No data collected	No data collected	6	24	£36,300	1	35	3	£8,000	11	28	£36,000	41	4	7	£4,100
CIMA	0	0	£0	2	19	No data collected	No data collected	2	3	£33,700	0	19	3	£33,685	0	3	£2,000	7	0	0	£0
CIOT	1	8	£3,700	0	25	No data collected	No data collected	0	15	£11,900	0	27	0	£0	1	15	£12,200	5	58	0	£0
ATT	0	6	£3,400	0	9	No data collected	No data collected	0	10	£5,100	1	25	0	£0	0	10	£9,600	4	40	0	£0
ICAEW	7	53	£267,000	39	104	No data collected	No data collected	2	35	£218,300	62	113	No data collected	No data collected	2	39	£92,000	59	156	0	£0
ICAI	0	0	£0	2	0	No data collected	No data collected	0	7	£5,500	7	3	0	£0	0	0	£0	8	0	1	£2,000
ICAS	0	2	£20,000	30	0	No data collected	No data collected	0	1	£4,000	48	0	0	£0	0	4	£3,000	37	0	0	£0
ICB	1	91	£121,400	91	7	No data collected	No data collected	1	29	£31,800	101	23	0	£0	7	15	£13,300	12	290	0	£0
IFA	1	3	£5,300	4	65	No data collected	No data collected	3	6	£26,000	4	54	0	£0	1	5	£24,600	11	41	5	£8,000
AAT	14	44	£43,400	62	157	No data collected	No data collected	19	22	£33,200	80	166	39	£65,267	25	58	£115,400	82	5	28	£64,000
IAB	2	39	£6,700	269	32	No data collected	No data collected	7	6	£4,500	154	39	1	£200	0	15	£30,400	107	0	7	£4,000
IPA	0	2	£13,500	8	44	No data collected	No data collected	0	0	£0	30	73	0	£0	0	5	£37,500	2	29	0	£0
SRA	6	35	£385,500	28	110	No data collected	No data collected	0	28	£136,600	68	156	13	£424,000	0	34	£454,900	23	0	25	£855,700
Law Society of Northern Ireland	0	0	£0	20	42	No data collected	No data collected	0	1	£500	29	58	0	£0	0	1	£500	36	50	0	£0
Law Society of Scotland	0	2	£3,000	15	16	No data collected	No data collected	0	0	£0	10	23	0	£0	0	0	£0	6	61	N/A	N/A
CLC	1	1	£1,200	2	29	No data collected	No data collected	4	4	£35,000	2	50	0	£0	1	4	£15,400	4	31	1	£5,000
BSB	0	0	£0	0	0	No data collected	No data collected	0	0	£0	0	0	0	£0	0	0	£0	0	0	0	£0
General Council of the Bar Northern Ireland	0	0	£0	0	0	No data collected	No data collected	0	0	£0	0	0	0	£0	0	0	£0	0	0
CILEx	0	0	£0	0	6	No data collected	No data collected	0	0	£0	0	4	0	£0	0	0	£0	0	0	0	£0
Faculty of Advocates	0	0	£0	0	2	No data collected	No data collected	0	0	£0	0	0	0	£0	0	0	£0	0	7	0	£0
Faculty Office of the Archbishop of Canterbury	0	0	£0	1	2	No data collected	No data collected	0	0	£0	1	47	0	£0	0	0	£0	1	25	0	£0
Total PBSs	40	316	£940,700	592	984			47	211	£640,800	618	1253	78	£531,200	49	240	£875,700	478	1116	78	£971,700
Accountancy PBSs	33	278	£551,000	526	777			43	178	£468,700	508	915	65	£107,200	48	201	£404,900	408	942	52	£111,000
Legal PBSs	7	38	£389,700	66	207			4	33	£172,100	110	338	13	£424,000	1	39	£470,800	70	174	26	£860,700

Source: HMT annual return from PBSs (acronyms can be found in Table 2.J or Annex A)

Box 4.D Case study: accountancy PBS enforcement action

An accountancy PBS conducted an onsite monitoring review in June 2023 at a regional firm and identified extensive inadequacies in the firm’s AML procedures, including documentation of risk assessments and ongoing client due diligence.
They reported the firm to the PBS’s Practice Assurance Committee (PAC) for formal follow-up action.
The PAC reviewed the case in November 2023 and made the following decisions:
The firm must confirm that all CDD will be updated for all clients by 31 May 2024.
The firm was required to undergo a follow-up visit, paid for by the firm, by 31 July 2024.
The firm was also issued a Practice Assurance penalty of £4000.

Box 4.E Case study: legal PBS enforcement action

After an inspection conducted in October 2022, where numerous AML issues were identified (including an outdated AML policy referring to an unrelated practice, an outdated and erroneous practice-wide risk assessment, and lack of AML training for the principal), a legal PBS initiated disciplinary action against a sole practitioner, Person A, and their practice, Practice A.
At the October 2023 disciplinary hearing, the respondent did not attend, and the hearing proceeded in their absence.
The sanctions imposed were as follows:
A disqualification for three years for Person A and a personal fine of £1000.
A fine of £5000 for Practice A.
Costs awarded to the legal PBS amounting to £2673.

Question 6

5.  Cooperation, coordination and information sharing

Accepted Answer

Enhancing collaboration for effective outcomes

Collaboration and information sharing among Anti-Money Laundering/Counter-Terrorist Financing (AML/CTF) supervisors, law enforcement, and the private sector are essential for sharing skills, knowledge, and experience. These relationships improve supervisors’ monitoring of their members, assist law enforcement investigations, and mitigate risks through a shared understanding of common risk factors.

This work starts with effective communication between a supervisor and its population. This must meet two objectives:

Supporting firms to comply with the Money Laundering Regulations (MLRs) by explaining how the MLRs apply to their sector and what proportionate controls might look like;
Supporting firms to detect and prevent money laundering and terrorist financing by sharing up-to-date information about illicit finance activity in their sector.

Supervisors use a range of methods to share their expertise with the businesses they regulate. The MLRs are not prescriptive in this respect and allow supervisors to communicate with their populations as they see fit, although one piece of guidance for each sector is approved by HM Treasury. Supervisors and law enforcement authorities should consider whether a firm has followed its sector-specific guidance when deciding if it has breached its AML/CTF obligations.

As well as communicating with their populations, supervisors play a crucial role in sharing information with the wider AML/CTF system. As part of the Economic Crime Plan 2, improving information-sharing between the public and private sectors was highlighted as a key action to improve the effectiveness of the UK’s AML/CTF regime. Efficient information sharing is crucial to combatting illicit finance as it ensures that all parts of the UK’s counter-illicit finance regime are working together effectively and towards the same aims.

Regulation 50(1) of the MLRs requires all AML/CTF supervisors to take appropriate steps to:

Cooperate with other supervisory authorities, HM Treasury, and law enforcement authorities in relation to the development and implementation of policies to counter money laundering and terrorist financing.
Coordinate activities to counter money laundering and terrorist financing with other supervisory authorities and law enforcement authorities.
Cooperate with overseas authorities to ensure the effective supervision of a relevant person where that person is established either a) in the UK with its head office in another country or b) in another country but with its head office in the UK.

Regulation 52 of the MLRs grants supervisory authorities the power to disclose information relevant to their supervisory functions, provided the disclosure supports the effective exercise of:

The functions of the receiving authority under the MLRs as related to money laundering, terrorist financing, or the integrity of the international financial system.
Law enforcement functions.
Equivalent functions performed by an overseas authority.

Regulation 66 of the MLRs gives supervisors specific powers to require information and documents from relevant persons, payment service providers, or connected persons, such as:

Issuing written notices to individuals or entities, requiring them to provide specified information, produce specified documents, or attend meetings to answer questions.
This includes the power to require individuals or entities to provide copies of any suspicious activity disclosures made to the National Crime Agency (NCA).

Regulation 67 of the MLRs allows supervisors to use their powers under Regulation 66 to assist foreign authorities with certain money laundering-related functions, while Regulation 68 allows supervisors to request assistance from foreign authorities to obtain necessary information or documents that are not available in the UK.

As outlined in Chapter 1, for the 2023-24 reporting period HM Treasury requested a range of additional metrics in relation to information sharing and cooperation, as part of a more rigorous approach to measuring effective supervision. Supervisors agreed to share some of this information on a ‘best endeavours’ basis; consequently, the dataset in this section is incomplete as supervisors gather comprehensive data for the next reporting year.

Throughout the reporting period, supervisors undertook various actions to disseminate up-to-date information on AML/CTF-related issues to their supervised populations. These included:

Information to help understanding of ML/TF risk, including 481 guidance/training materials shared, an average of 958 monthly hits on online published risk material and an average attendance of risk-related webinars/training of 391 across all supervisors.
Information to help compliance understanding, including 480 guidance/training materials shared, an average of 942 monthly hits on online published compliance material and an average attendance of compliance-related webinars/training of 441 across all supervisors.

It should be noted that it can be difficult for supervisors to separate out ML and TF training materials as they are often delivered together in one package; however, HM Treasury recommends that TF and PF (Proliferation Financing) are given distinct, sufficient focus in future materials.

Most supervisors provide these materials online, through webinars, hosting forums, and posting updates to their websites or mailing lists, whilst others offer other forms of communication with their supervised populations, such as a telephone line to call with AML-related enquiries, membership magazines, provision of training events, or AML/CTF sessions at professional conferences.

During the reporting period, supervisors reported various actions under the legal gateways listed above to support the broader goal of coordinating activities to counter money laundering and terrorist financing. These break down as follows:

768 requests made to another supervision authority or to a law enforcement agency under Regulation 50
2,580 referrals to either another supervision authority, or to Companies House, under Regulation 52
844 information requirements issued under Regulation 66
Six information requests in support of foreign authorities under Regulation 67
Two information requests from foreign authorities under Regulation 68
Five disclosures submitted to the NCA under Part 3 of the Terrorism Act 2000
322 disclosures submitted to the NCA under Parts 7 or 8 of the Proceeds of Crime Act 2002
415 other referrals to law enforcement for ML/TF-related matters

In their annual returns, supervisors highlighted their regular attendance at a range of forums and discussion groups to coordinate AML/CTF activities, including:

The Anti-Money Laundering Supervisors’ Forum (AMLSF), which all supervisors are invited to attend. HM Treasury, the DBT, the Home Office, the NCA and OPBAS also attend.
The Accountancy Anti-Money Laundering Supervisors’ Group (AASG), which is attended by accountancy sector professional bodies and HMRC.
The Legal Sector Affinity Group (LSAG), which is attended by legal sector professional bodies.

Supervisors noted their continued involvement in Intelligence Sharing Expert Working Groups (ISEWGs), set up by OPBAS in conjunction with the National Economic Crime Centre, for the accountancy and legal sectors. These national and regional groups share intelligence, including typology reports, alerts and case studies, between PBSs, statutory supervisors, and law enforcement. ISEWGs continue to support collaborative working, purposeful information sharing and a more consistent approach to AML supervision.

Other intelligence-sharing activities were noted by supervisors including membership of the Financial Crime Information Network (FIN-NET). Established by the FCA, FIN-NET helps to facilitate the sharing of operational information between law enforcement, the government, and supervisors. Working relationships with law enforcement agencies were also noted by many supervisors. Some supervisors also use the Shared Intelligence Service (SIS) to facilitate information and intelligence sharing between supervisory bodies.

The FCA communicates information about money laundering risks in a variety of ways:

Contributing to the preparation of the UK’s National Risk Assessment
The FCA’s own Annual Report
‘Dear CEO’ letters
Portfolio letters
Publishing summaries of findings from multi-firm reviews
Speeches and other publications
Dialogue between supervisory staff and firms
Dialogue with trade bodies
Money Laundering Reporting Officer (MLRO) forums

Throughout the reporting period, the FCA carried out various actions to provide up-to-date information on AML/CTF-related issues to their supervised populations. These actions included:

Providing information to help understanding of ML/TF risk, including 13 guidance/training materials shared.
Providing information to help compliance understanding, including five guidance/training materials shared.

The FCA supports a wide array of domestic law enforcement agencies, regulatory bodies, and regulated businesses, actively participating in networks such as FIN-NET, the Joint Money Laundering Intelligence Task Force (JMLIT), and the Economic Crime Threat Group. Through frameworks like ECP2, the FCA collaborates with HM Treasury, Companies House, and law enforcement to share intelligence and improve financial crime controls, ensuring a coordinated approach to financial crime prevention.

The FCA collaborates with international regulators and law enforcement agencies on AML through intelligence sharing and secondments, including staff placements at the NECC and support for the NCA Kleptocracy Cell. Intelligence sharing is enhanced via mechanisms such as FIN-NET, JMLIT, and SIS. The FCA also strengthens interagency cooperation with HMRC through full-time placements of its staff.

Throughout the 2023-24 reporting period, the FCA undertook various actions to support the broader goal of coordinating activities to counter money laundering and terrorist financing. These actions can be categorised as follows:

Five disclosures submitted to the NCA under Part 3 of the Terrorism Act 2000.
197 disclosures submitted to the NCA under Parts 7 or 8 of the Proceeds of Crime Act 2002.
Five other referrals to law enforcement for ML/TF-related matters.

The Gambling Commission (GC) provide relevant information to their supervised sector using the following:

ML/TF risk assessment of the gambling industry.
Casino guidance (approved by HM Treasury).
Emerging risks publications.
Various OFSI updates.
The AML hub of the GC’s website and through updates on the news page of the GC’s website.
Targeted emails covering relevant topics to MLROs and other individuals within firms, e.g. information on the economic crime levy.
Email newsletters.
Public statements of enforcement action and common operator failings on the GC’s website, as well as good practice guidelines.
Attendance at industry meetings such as Gambling Anti-Money Laundering Group (GAMLG), Betting and Gaming Council (BGC) and Industry Lawyers Group (ILG) meetings

Throughout the reporting period, the GC also carried out various actions under Regulations 17(1), 47(1), and 47(3) to provide up-to-date information on AML/CTF-related issues to their supervised populations. These actions included:

Providing information to help understanding of ML/TF risk, including four guidance/training materials shared.
Providing information to help compliance understanding, including three guidance/training materials shared.
An 84% open rate of emails to do with ML/TF risk or compliance understanding, an average of 1407 monthly hits on online material, and an average attendance of training/webinars of 80.

The GC collaborates with various supervisory authorities and law enforcement agencies, including the FCA, HMRC and their Illicit Finance Team, the SRA, the Public Sector Affinity Group, and the Office for Professional Body Supervision. The Commission also engages with private institutions such as banks and think tanks, and is a full member of JMLIT.

The GC maintains regular contact with HM Treasury regarding their projects, publications, and its own casino guidance and ML/TF risk assessments, frequently sharing embargoed documents for early feedback.

Examples of the Commission’s engagement with other supervisory authorities and law enforcement bodies during the relevant period include:

Contributing to internal NCA publications.
Contributing to the consultation for the MLRs.
Being part of the government’s MSB Strategy Delivery Group (as the supervisor of casino MSBs).
Contributing to the NCA’s quarterly publications on emerging risks.
Collaborating with HMRC regarding casinos offering MSB services.
Contributing towards HM Treasury’s National Risk Assessment 2025.
Having regular catch-ups with HM Treasury regarding the economic crime levy.

Throughout the 2023-24 reporting period, the GC carried out several initiatives to support the objective of coordinating efforts to combat money laundering and terrorist financing. These initiatives can be categorised as follows:

193 information requirements issued under Regulation 66.
Two disclosures submitted to the NCA under Parts 7 or 8 of the Proceeds of Crime Act 2002.
Two other referrals to law enforcement for ML/TF-related matters.

HMRC actively collaborates with various supervisors and organisations to combat money laundering. HMRC is a regular participant in the Anti Money Laundering Supervisors Forum (AMLSF), working alongside central government departments and Companies House. Additionally, HMRC is a member of the Public Sector Affinity Group (PSAG), participates in the Accountancy AML Supervisors’ Group (AASG), and engages with the Legal Sector Affinity Group (LSAG) when relevant. These collaborations help to ensure a coordinated and effective approach to AML/CTF efforts across different sectors.

HMRC frequently holds catch-up meetings with OPBAS at a policy working level and engage with officials from HM Treasury across different levels of seniority. This ongoing communication ensures alignment and collaboration on key policy issues.

Throughout the 2023-24 reporting period, HMRC undertook numerous actions aimed at enhancing the coordination of efforts combat money laundering and terrorist financing. These initiatives can be categorised as follows:

Eight requests made to law enforcement agencies under Regulation 50.
1735 referrals or disclosures to another supervisory authority under Regulation 52.
One referral to Companies House under Regulation 52.
504 information requirements issued under Regulation 66.
Five information requests in support of foreign authorities under Regulation 67.
Two requests made to foreign authorities under Regulation 68.
18 disclosures submitted to the NCA under Parts 7 or 8 of the Proceeds of Crime Act 2002.
Nine other referrals to law enforcement for ML/TF-related matters.

Throughout the reporting period, HMRC also carried out various actions under Regulations 17(1), 47(1), and 47(3) to provide up-to-date information on AML/CTF-related issues to their supervised populations. These actions included:

Providing information to help understanding of ML/TF risk, including 20 guidance/training materials shared with an average email open rate of 31.4% and a total attendance at training/webinars of 9602.
Providing information to help compliance understanding, including 39 guidance/training materials shared with an average email open rate of 32.3% and a total attendance at training/webinars of 19,695.
It should be noted that HMRC provided actual attendance figures rather than an average.

The PBSs cooperate with other supervisory authorities, HM Treasury, other government departments and law enforcement through a variety of means, including their involvement in AMLSF, AASG, LSAG and ISEWGs.

Processes for sharing information and intelligence are not uniform across all PBSs, making it challenging to provide a comprehensive summary beyond the data presented here on each PBS’s specific activities in this area. More information about PBS activity in this area is available in the Regulation 46A reports, hyperlinked at Annex C.

During the 2023-24 reporting period, PBSs reported various actions to support the broader goal of coordinating activities to counter money laundering and terrorist financing. These break down as follows:

741 requests made to law enforcement agencies under Regulation 50.
810 referrals or disclosures to another supervisory authority under Regulation 52.
19 information requests made to law enforcement under Regulation 50.
34 referrals to Companies House under Regulation 52.
147 information requirements issued under Regulation 66.
One information request in support of foreign authorities under Regulation 67.
105 disclosures submitted to the NCA under Parts 7 or 8 of the Proceeds of Crime Act 2002.
399 other referrals to law enforcement for ML/TF-related matters.

Throughout the reporting period, supervisors undertook various actions under Regulations 17(1), 47(1), and 47(3) to disseminate up-to-date information on AML/CTF-related issues to their supervised populations. These include:

Providing information to help understanding of ML/TF risk, including 481 guidance/training materials shared with an average email open rate of 43.5% and an average attendance at training/webinars of 409.
Providing information to help compliance understanding, including 433 guidance/training materials shared with an average email open rate of 36.1% and an average attendance at training/webinars of 609.

As in previous years, PBSs have carried out additional activities to promote compliance within their supervised populations. These vary across bodies but include:

Use of risk bulletins to quickly share new information with businesses.
Providing additional support to businesses who require action after a review.
Publishing guidance on compliance with the MLRs.

Question 7

Annex A: List of supervisors and their acronyms

Accepted Answer

Accountancy sector Professional Body AML/CTF supervisors

AAT (Association of Accounting Technicians)
ACCA (Association of Chartered Certified Accountants)
AIA (Association of International Accountants)
ATT (Association of Taxation Technicians)
CIMA (Chartered Institute of Management Accountants)
CIOT (Chartered Institute Of Taxation)
IAB (Institute of Accountants and Bookkeepers)
ICAEW (Institute of Chartered Accountants in England and Wales)
ICAI (Institute of Chartered Accountants in Ireland)
ICAS (Institute of Chartered Accountants of Scotland)
ICB (Institute of Certified Bookkeepers)
IFA (Institute of Financial Accountants)
IPA (Insolvency Practitioners Association)

Legal sector Professional Body AML/CTF Supervisors

BSB (Bar Standards Board - General Council of the Bar)
CILEx (Chartered Institute of Legal Executives)
CLC (Council for Licensed Conveyancers)
Faculty of Advocates
Faculty Office of the Archbishop of Canterbury
General Council of the Bar Northern Ireland
Law Society of Northern Ireland
Law Society of Scotland
SRA (Solicitors Regulation Authority)

Public sector AML/CTF supervisors

FCA (Financial Conduct Authority)
GC (Gambling Commission)
HMRC (His Majesty’s Revenue and Customs)

Question 8

Annex B: Breakdown of PBS staffing/expenditure levels

Accepted Answer

Supervisors	Total supervised population	FTE staff assigned to AML/CTF Supervision^{[footnote 2]}	Estimated annual expenditure on AML/CTF supervision
ACCA	6,995	7	£2m ^{[footnote 3]}
AIA	338	3	£95,000
CIMA	1,646	4.55	£439,800
CIOT	858	7.2	£615,900
ATT	618	7.2	£615,900^{[footnote 4]}
ICAEW	9,911	88	£5m
ICAI	468	5	No data provided
ICAS	758	9.5	£660,000
ICB	3,171	5	£456,900
IFA	1,815	7.01	£407,300
AAT	6,337	9	£783,600
IAB	744	3.2	£387,900
IPA	171	2	£228,600
SRA	5,683	29.07	£3m ^{[footnote 5]}
Law Society of Northern Ireland	427	9	65%^{[footnote 6]}
Law Society of Scotland	647	7.25	£432,000
CLC	205	2.4	£158,900
BSB	466	2	£143,700
General Council of the Bar Northern Ireland	0	0	£0
CILEx	10	0.5	£46,500
Faculty of Advocates	8	2	£30,000
Faculty Office of the Archbishop of Canterbury	118	0.6	No data provided^{[footnote 7]}

Source: HMT annual return from PBSs

Question 9

Annex C: Regulation 46A reports published by PBSs

Accepted Answer

Regulation 46A of the Money Laundering Regulations requires Professional Body Supervisors to publish an annual report on their supervision activities, including on the monitoring and enforcement of compliance with the Regulations. These reports contain a range of additional detail and provide useful context for the information in this report. The reports can be found at the following hyperlinks:

Compliance figures may not add up to 100% where not all assessments resulted in a compliance rating. ↩
Figures for FTE (Full Time Equivalent) staff may be fractional where individuals only spend a proportion of their time on AML/CTF-related activities. ↩
Expenditure figure includes wider costs relating to audit monitoring and compliance with ACCA’s Practising Regulations. The figure also does not include fees payable to OPBAS or other costs relating to AML/CTF supervisory activities. ↩
CIOT and ATT share resources for staff and expenditure, and so duplicate figures are given for CIOT and ATT. ↩
This figure includes the cost of other staff who assist in AML/CTF work without it being their primary role. ↩
Percentage of overall spend provided by LSNI on the basis that this is more appropriate than a numerical spend figure. ↩
No discrete figure available due to multiple functions being discharged by the Faculty Office. ↩

Cookies on GOV.UK

Foreword

1. Introduction

Economic Crime Plan 2023-26 and the UK’s AML/CTF regulatory and supervisory regime

Reforming the UK’s future supervision regime

Improving the effectiveness of the Money Laundering Regulations

Preparing for the Financial Action Task Force’s next assessment of the UK

Updating the UK’s National Risk Assessments

The role of supervision in sanctions compliance

Methodology for this report and additional metrics for 2023-24

2. Gatekeeping and risk assessment

Effective gatekeeping

Risk assessment

Summary of activity across all supervisors

The FCA’s gatekeeping and risk assessment activity

Gatekeeping activity

Risk assessment

The Gambling Commission’s gatekeeping and risk assessment activity

Gatekeeping activity

Risk assessment

HMRC’s gatekeeping and risk assessment activity

Gatekeeping activity

Risk assessment

Gatekeeping and risk assessment activity by the Professional Body Supervisors

Gatekeeping activity

Risk assessment

3. Monitoring supervised businesses

Risk-based approach to supervision

Summary of activity across all supervisors

The FCA’s monitoring activity

Risk and compliance assessments

Other supervisory interventions

The Gambling Commission’s monitoring activity

Risk and compliance assessments

Other supervisory interventions

HMRC’s monitoring activity

Risk and compliance assessments

Other supervisory interventions

Monitoring activity by Professional Body Supervisors

Risk and compliance assessments

Other supervisory interventions

4. Ensuring compliance

Compliance strategies and enforcement

Summary of enforcement action across all supervisors

The FCA’s enforcement action

The Gambling Commission’s enforcement action

HMRC’s enforcement action

Enforcement action by Professional Body Supervisors

5. Cooperation, coordination and information sharing

Enhancing collaboration for effective outcomes

Summary of information sharing and cooperation across all supervisors

The FCA’s information sharing and cooperation

The Gambling Commission’s information sharing and cooperation

HMRC’s information sharing and cooperation

Information sharing and collaboration by Professional Body Supervisors

Annex A: List of supervisors and their acronyms

Accountancy sector Professional Body AML/CTF supervisors

Legal sector Professional Body AML/CTF Supervisors

Public sector AML/CTF supervisors

Annex B: Breakdown of PBS staffing/expenditure levels

Annex C: Regulation 46A reports published by PBSs

Is this page useful?

Help us improve GOV.UK

Help us improve GOV.UK