Skip to content


What’s happening with the FCA and AML?

Share on facebook
Share on twitter
Share on linkedin

With the change in the anti-money laundering (AML) supervisory approach of the Financial Conduct Authority (FCA), many firms are nervous about whether they will face FCA scrutiny and what to expect if they do.

Nigel Reed, COO of Neopay Ltd, has personally supported over 100 firms in gaining authorisation from the FCA and continues to provide support to them after authorisation to help them with their AML and regulatory compliance. He has shared his insight and experience to assist firms with the changes to the FCA’s approach to AML supervision.

Hi Nigel. Thanks for taking time out to talk to us. I know your team is really busy at the moment.

No problem. The FCA’s approach to AML is causing a lot of concern for people, so if I can help firms understand a bit more and decide where to prioritise their time, so much the better.

There seems to be a general sense that payments and e-money firms are under a lot more scrutiny at the moment. Do you think that’s accurate?

Definitely in terms of AML.  There are three different aspects that are coming together to affect all financial service firms, but payments and e-money are being impacted more than some other sectors.

The first is that the FCA is now operating above pre-covid levels – it has more staff focused on AML supervision, the number of reviews has increased and onsite visits have started again. There also seems to be more cross-team working – for example with Intelligence, Authorisations and Enforcement.

Secondly, the FCA perceives e-money and payments, along with challenger banks, as a higher risk than it did a few years ago, resulting in more monitoring and supervisory activity in our market.

Thirdly, the FCA’s data-led approach is having an impact – it is using data to help drive a more proactive engagement in some cases, so firms are finding themselves under scrutiny sometimes without the warnings they would have had in the past.

Is it AML in general that is coming under more scrutiny, or are there specific areas that firms should be aware of?

There is an increase in general scrutiny, so firms do need to keep on top of all their AML controls, processes, monitoring and review.  That said, there seem to be some specific areas of focus currently – although these change depending on the data analysis.

One of the current focusses is enhanced due diligence – right through the process, so for example risk assessments, operational processes, monitoring and reviews, its effectiveness in practice.  There’s much more attention as well on documentation and evidence of framework decisions and their justifications and reviews.

With risk assessments – firms are expected to take a more granular and sensitive approach than previously and the FCA are expecting a holistic approach across different products and services.  Where they differ – the FCA will expect to see justification and evidence that this has been considered, justified and agreed by the senior team – rather than being a result of different services evolving separately.

In terms of effectiveness, the FCA want to see improvements in quality assurance and testing – that firms are proactively working to improve their processes and adapting to changes in their business but also to the environment.

Adequate resourcing and, more importantly, staff training are also something that the FCA are paying more attention to at the moment.

You said that the FCA’s focus is changing depending on their data analysis. What does this mean and how is that affecting the FCA’s activity?

The FCA is using data to identify hotspots, outliers, and emerging themes to be more proactive and focus its activity on what the analysis indicates to be higher AML risk.

It’s also using data and intelligence to identify pockets of risk for new, lighter-touch interventions, and to target firms it determines have the greatest risk of money laundering for desk-based reviews and onsite visits.

What methods does it use for its data led approach?

There are a few – but to give a couple of examples:

MAPP (Modular Assessment Proactive Programme) is fairly new.  It involves reviewing a specific risk or target area, for example Enhanced Due Diligence, across several firms simultaneously.  It’s quicker for the FCA – meaning it is reviewing far more firms and at a much more detailed level than in the past.

REP-CRIM has been extended to a lot more firms.  (This is the survey that gathers information on AML controls from firms and is used to identify risks and to better target the FCA’s AML activities.) Last year, the number of firms taking part in this survey more than doubled from previous years and the FCA plans to increase this further moving forward.

One of the ways REP-CRIM is used is in PAMLP (the FCA’s Outliers/Proactive AML Programme). The FCA uses data from REP-CRIM, Suspicious Activity Reports (SARs), whistle-blowers and other sources to analyse large amounts of firm data. This helps it to identify where to direct supervisory attention.

We’ve talked a lot about what the FCA are doing. What does it mean for firms?

Basically, more firms are facing scrutiny and supervisory activities than in the past.  In particular, far more firms are finding their AML under scrutiny, but focused on a specific aspect – so for example Enhanced Due Diligence or Sanctions controls – and this is being reviewed in much more detail by the FCA than firms have experienced previously.

What are the issues firms are facing with these reviews?

A lot is the resource requirements, but also some firms are finding their interactions with the FCA quite frustrating. They’re not always clear exactly what the FCA want to see or what the specific concerns are.

Also, the enforcement activity can be very damaging for firms, so for example client’s accounts being frozen or activity leading to third party audits of large volumes of AML files or skilled person reviews and audits of wider regulatory compliance.

In terms of fines, 2021 was an exceptionally high year, with fines over 500 million. 2022 was about half that – more in line with previous figures.  I haven’t seen the final figures for 2023 yet but I get the impression they’re down as the FCA is moving to other enforcement methods.

What would your advice be to firms?

Obviously – talk to Neopay.  But seriously, firms do need to be very careful about this now. The new approach from the FCA means that you’re far more likely to come under scrutiny. Not just that, but it’s likely to be a very comprehensive and detailed review of one particular aspect – and the areas of focus will keep changing depending on the data.

Audits, advice and reviews from third-party specialists such as Neopay are essential now really. But also, document all your discussions and reasonings.  Make sure your AML and compliance training is appropriate for all your staff and covers their different roles and responsibilities.

And be proactive – make sure you have procedures that are not only actively checking the effectiveness or your AML controls and processes but are also adapting and improving them.

And finally, remember your risk assessment is fundamental. The FCA will scrutinise this and the controls surrounding it.

Thanks Nigel – this has been really informative.

No problem.  Just to say – people should feel free to contact us if they need help with their AML or anything else in respect of their compliance.  Things have changed a lot over the last few years, and we’re always here to help.

How Neopay can help

At Neopay, we understand the complexities involved in financial crime reporting and compliance. We are dedicated to empowering businesses to meet their regulatory obligations effectively.

Neopay stands ready to assist payment firms in strengthening their AML frameworks and ensuring compliance with regulatory requirements. With our expertise in regulatory compliance and risk management, we offer tailored solutions to address the specific challenges faced by financial institutions.

If you need advice or audits on risk and mitigations in respect of anti-money laundering (AML), counter-terrorist financing (CTF), or any other regulatory issue, we can help.  And our Integrated Managed Service provides advice on day-to-day compliance issues as well as helping you to review and update your compliance program regularly. Our team of experts stays up-to-date with the latest regulatory developments and can provide guidance on any changes that may impact your business.

From conducting comprehensive risk assessments to developing robust policies and procedures, Neopay provides the necessary support to enhance financial crime controls and mitigate regulatory risks. Our team of experts is dedicated to assisting payment firms in navigating the complex landscape of AML regulations and safeguarding their businesses against illicit activities.

To find out how we can support your business, contact us here.

Share on facebook
Share on twitter
Share on linkedin

Related Posts

Reminder: Consumer Duty board reports due 31 July 2024

As the one-year mark of the Consumer Duty’s implementation approaches, firms are reminded that the first board reports on Consumer Duty implementation and outcomes are due by 31 July 2024.
Read More >

FCA’s multi-firm review: key findings on Consumer Duty outcomes monitoring

The Financial Conduct Authority (FCA) recently published the results of a multi-firm review focusing on outcomes monitoring under the Consumer Duty. This review, which analysed practices across 20 major insurance
Read More >