Financial crime regulatory developments: March 2026

Summary: OPBAS’s latest report concludes that AML supervision in the legal and accountancy sectors has improved significantly since 2018. However, although there is an improvement overall, some PBSs continue to underperform, especially in enforcement activity. OPBAS also raises a concern about the dual role of certain PBSs as both membership bodies and supervisors, noting that this can inhibit robust supervisory and disciplinary action.

Impact: This article increases supervisory and enforcement expectations, highlights issues in PBSs acting as both membership bodies and supervisors, and confirms that the transition to FCA-led supervision will help to ensure these issues are resolved more effectively.

Publication source

Summary: This guidance explains how digital identities can be used to meet certain obligations of the UK MLRs and how those regulations interact with the UK Digital Identity and Attributes Trust Framework.

Impact: The guidance makes clear that the use of digital identities does not remove a firm's responsibility to apply a risk-based approach and that firms remain responsible for assessing customer risk, applying EDD, ensuring record keeping requirements are met, as well as making sure the digital service used is suitable for its specific use case. This guidance clarifies that whilst digital verification is acceptable under the MLRs, if aligned to the Trust Framework, it is just one tool within the broader AML framework and does not substitute other controls such as risk assessments and ongoing monitoring.

Publication source 

Summary: The fraud strategy 2026–2029 sets out the UK Government’s system‑wide approach to tackling fraud against individuals and businesses. The strategy is built around three pillars: disrupt, safeguard and respond.

Impact: The fraud strategy 2026–2029 represents a shift from awareness‑led initiatives to a coordinated, intelligence‑driven and partnership‑based model. It places clear expectations on both the public and private sectors to play an active role in preventing, detecting and responding to fraud, with a stronger emphasis on infrastructure‑level disruption and victim outcomes.

Publication source 

Summary: The guidance explains how to interpret “significant influence or control” under Schedule 1A of the Companies Act 2006, which is relevant where an individual or legal person does not meet the ownership or voting thresholds (over 25%) but may still be a PSC.

Impact: The guidance reinforces that PSC identification is substantive rather than purely structural. Companies must look beyond share ownership to understand who truly directs or influences decisions, applying judgement to the specific facts in each case.

Publication source

Summary: The main changes include enhanced due diligence being required only for customers or transactions linked to a FATF Call for Action country, rather than both countries subject to a FATF Call for Action (the “black list”) and Jurisdictions under Increased Monitoring (the “grey list”), the conversion of euro thresholds to sterling, new pooled account rules, and enhanced due diligence requirements for crypto asset correspondent relationships.

Impact: The amendments do not apply yet and will only come into force following Parliamentary approval. However, it is important that firms are considering how these changes might impact their control framework and the necessary uplift required to meet these potential requirements.

Publication source 

Summary: OFSI published a blog to explain how it prioritises financial sanctions licence applications and to improve transparency around decision making. OFSI receives a high volume of applications each year and cannot process all of them immediately, so it applies a structured prioritisation framework to manage competing demands fairly and effectively.

Impact: This article promotes transparency around OFSI's licensing process. It raises expectations on applicants to submit higher-quality, better-evidenced applications.

Publication source

Summary: On 19 March 2026, OFSI imposed a £390,000 monetary penalty on Apple Distribution International Limited (ADI) for breaches of the Russia (Sanctions) (EU Exit) Regulations 2019.

Impact: This serves as a reminder that the UK financial sanctions can apply to non-UK firms where activity involves the UK financial system. Prompt, complete voluntary disclosure can materially reduce penalties.

Publication source

Summary: The PSR published its annual plan and budget for 2026/27 on 26 March 2026, setting out its key aims, regulatory priorities and funding for the year ahead.

Impact: The 2026/27 annual plan and budget highlights the PSR’s intention to deliver effective economic regulation of payment systems in a more cost‑efficient way, whilst continuing to support competition, innovation and consumer outcomes as it moves closer to consolidation with the FCA.

Publication source