FCA finalises revisions to its Enforcement Guide
Summary: The FCA has published finalised revisions to its Enforcement Guide, including to its investigation publicity policy. It is designed to improve transparency around enforcement investigations and make the guide more user-friendly.
Key updates:
- Introduced a "public interest" test for disclosing investigations.
- Retained the "Exceptional circumstances test" for regulated firms.
- Aims to balance transparency with fairness and reputational concerns
- There is a focus on accelerating investigations as this has taken too long in the past.
Impact: The revisions aim to ensure that both the public and industry have greater confidence in enforcement.
Stakeholder feedback will be used to proactively monitor and guide future updates.
The FCA will launch a sandbox to help firms to experiment safely with AI to support innovation.
Summary: The FCA has launched a new initiative called the "Supercharged Sandbox" aiming to help firms to safely experiment with AI.
In collaboration with NVIDIA, firms will gain access to NVIDIA's accelerated computing platform and AI Enterprise Software Suite, allowing them to test AI solutions more effectively.
The sandbox provides technical expertise, regulatory guidance, and access to high-quality data, helping firms in the early stages of AI exploration.
Impact: Firms can apply to use Supercharged Sandbox through the FCA's website. Successful applicants will be able to experiment from October.
FATF
FATF updates list of Jurisdictions under Increased Monitoring (grey list)
Summary: FATF has updated its list of Jurisdictions under Increased Monitoring.
Jurisdictions added to the list include: Bolivia and Virgin Islands (UK).
Jurisdictions removed from the list: Croatia, Mali, Tanzania.
Impact: Firms should update their jurisdictional risk assessments accordingly.
FATF updates Standards on Recommendation 16 on Payment Transparency
Summary: FATF has revised Recommendation 16 (the "Travel Rule") to enhance the transparency and security of cross-border payments.
For peer-to-peer cross-border payments above USD/EUR 1,000, payment messages must now include information relating to names, dates of birth and addresses.
Institutions must adopt technologies that verify recipient details to reduce fraud and misdirected payments.
Impact: Aims to improve transparency and compliance standards in the context of cross-border payments.
FATF report on Complex Proliferation Financing and Sanction Evasion Schemes
Summary: FATF report on how those involved in the proliferation of weapons of mass destruction evade international sanctions.
Only 16% of jurisdictions assessed by FATF show high or substantial effectiveness in implementing targeted financial sanctions under UN Security Council Resolutions.
North Korea has been identified as playing a significant role in proliferation financing through cyber attacks, overseas IT workers and illicit revenue streams.
Sanctions evasion typologies include layered financial transactions, exploitation of virtual assets, manipulation of trade/shipping documentation, and the use of front companies.
Impact: Firms may face increased scrutiny over the controls in place to manage proliferation financing risk.
New guidance on financial inclusion and AML/CTF measures
Summary: This updated guidance paper aims to support countries and industry to balance the need to include more individuals in the formal financial system whilst maintaining AML/CTF standards.
The report stresses the importance of applying a risk-based approach, as well as reducing the size of the "informal economy" and improving access for vulnerable groups.
Impact: Industry are encouraged to improve financial inclusion initiatives whilst also ensuring AML/CTF controls are effective.
FATF urges stronger global action to address Illicit Finance Risks in Virtual Assets
Summary: This is an update paper on how effectively countries are implementing FATF's AML/CTF standards for virtual assets and virtual asset service providers (VASPs).
The report articulates that although there have been improvements in control frameworks since 2024, there remain areas for enhancement.
Registration of VASPs remains inconsistent and some authorities are finding it challenging to identify those operating as VASPs. Offshore VASPs are providing ongoing challenges.
Impact: VASPs may face increased regulatory scrutiny as jurisdictions aim to manage the risk of regulatory pressures, and international standards set by FATF.
OFSI
Confidential Reporting to OFSI
Summary: OFSI has issued guidance on confidential reporting for reported breaches of UK financial sanctions, including whistleblowers and anyone seeking to report confidentially.
The guidance includes details on protections and privacy, as well as how OFSI processes reports, and when they may require more information.
Impact: This guidance is designed to encourage reporting to OFSI through clarifying the confidentiality and legal protections afforded to those who make a disclosure.
UK GOV
UK digital identity legislation passes another important milestone
Summary: The Data (Use and Access) Act receives Royal Assent. Part 2 of the Act provides a legal foundation for Digital Verification Services.
The law introduces standards, governance ad oversight for digital identity services. It creates a statutory register of certified digital verification service providers, allows the government to issue a UK digital identity trust mark, and enables public authorities to share information with registered providers.
Impact: This legislation paves the way for improved trust in digital transactions across the UK economy (such as those involving age verification, renting property, and employment checks).
European Commission
European Commission updates its list of high-risk countries
Summary: The European Commission has updated its list of high-risk jurisdictions.
Jurisdictions added to the list include: Algeria, Angola, Côte d’Ivoire, Kenya, Laos, Lebanon, Monaco, Namibia, Nepal and Venezuela.
Jurisdictions removed: Barbados, Gibraltar, Jamaica, Panama, the Philippines, Senegal, Uganda and the United Arab Emirates
Impact: Firms should update their jurisdictional risk assessments accordingly.
HMRC
HMRC issues £3.2 million in money laundering penalties
Summary:HMRC has fined 240 businesses a total of £3.2m for breaching anti-money laundering regulations between 1 July and 31 December 2022.Xpress Money Services Ltd, based in London, received the largest fine—£1.4 million—for failing to conduct risk assessments, implement proper controls, and carry out due diligence. However, an additional 179 businesses received smaller fines totalling over £200,000.
Impact: As a result of stricter supervision, the number of money service businesses in the UK has dropped by about a third since 2020.
Get in touch with our financial crime experts
For tailored support on how these regulatory developments are relevant to your sector, business and control environment, please contact us today.
Article written by Mikey Addison
National contact
Luke Firmin Director - Financial Crime - London
This website uses cookies.
Some of these cookies are necessary, while others help us analyse our traffic, serve advertising and deliver customised experiences for you.
For more information on the cookies we use, please refer to our Privacy Policy.
This website cannot function properly without these cookies.
Analytical cookies help us enhance our website by collecting information on its usage.
We use marketing cookies to increase the relevancy of our advertising campaigns.