The European Banking Authority (EBA) has published a report on the use of SupTech tools in anti-money laundering and countering the financing of terrorism (AML/CFT) supervision, as well as a press release. In November 2024, the EBA surveyed competent authorities on their use of SupTech tools and in January 2025, a workshop was held on AML/CFT SupTech. The EBA's report provides its findings from both programs, considers the current use of SupTech tools at EU level and how the tools are implemented. The EBA concludes that SupTech tools can improve the effectiveness of AML/CFT supervision and competent authorities have identified benefits such as enhanced collaboration, improved data quality and analytics, and the ability to scale supervision under the new EU AML/CFT framework, particularly with the establishment of the Authority for Anti-Money Laundering and Countering the Financing of Terrorism, known as AMLA. Poor data quality and governance, limited resources, legal uncertainty, operational risks, and friction related to institutional transformation are recognised as potentially impeding progress. Various good practices have emerged, including promoting a digital-first culture, adopting structured change management strategies, enhancing data governance and interoperability and leveraging synthetic data to safeguard privacy.

The UK Financial Conduct Authority (FCA) published a new "Wholesale banks supervision" webpage which consolidates insights from the FCA's multi-firm and other supervisory work involving wholesale banks. The webpage covers a range of topics and the outcome of FCA multi-firm reviews, which we summarise here.

Read more.

The European Banking Authority (EBA) has published its fifth opinion on money laundering and terrorist financing (ML/TF) risks. In the report, the EBA highlights the growing vulnerabilities in the EU financial sector arising from the growth of technologies, new financial products such as crypto-assets, and the increasing interconnection of financial products and services across sectors. The EBA states that while tools such as RegTech and AI offer potential for enhanced compliance, their improper implementation (often due to lack of expertise and oversight) has led to serious compliance failures. Competent authorities have reported high or rising ML/TF risks in Fintech firms and crypto-asset service providers linked to weak AML/CFT controls and governance. Additionally, the use of AI by criminals to automate laundering and forge documents is outpacing institutional defences. The EBA notes that supervisory engagement has improved the capability of some sectors to fight financial crime. The EBA emphasises the importance for consistent application of the new EU AML/CFT legal framework.

The UK Office of Financial Sanctions Implementation (OFSI) has updated its general guidance on financial sanctions, introducing a new licensing ground under Section 6.6, permitting the return of funds from designated Money Service Businesses (MSBs) to non-designated persons, subject to strict conditions. To qualify, the MSB must be registered in the UK under the Money Laundering Regulations 2017, the recipient must not be a designated person and no payments will be made to a designated person (whether directly or indirectly), the original payment must have been made prior to the MSB's designation without breaching asset freeze restrictions and the repayment must not undermine efforts to prevent or detect serious crime. OFSI will consult law enforcement authorities to assess crime risk before granting a licence, and only MSBs defined and registered under the 2017 Regulations are eligible. OFSI emphasises that as licensing grounds and exceptions can vary between regimes, it remains essential to consult the relevant, up-to-date legislation.

The Financial Markets Standards Board (FMSB) has published a transparency draft of its Statement of Good Practice (SoGP) on Unauthorised Trading Frameworks for consultation. This draft, which builds on FMSB's prior work on Front Office Supervision, sets out a series of principles-based measures designed to strengthen oversight and control mechanisms aimed at mitigating the persistent risks of unauthorised trading in wholesale financial markets. FMSB notes that, despite the existence of significant risk management frameworks, unauthorised trading continues to pose risks that can result in material financial, reputational and regulatory harm. The SoGP has been designed to promote consistent expectations across jurisdictions and has been developed with input from buy-side and sell-side firms, as well as support from the global regulatory community. The deadline for comments is 15 September.

The Wolfsberg Group (the Group) has released a statement reaffirming its commitment to the risk-based approach (RBA) for financial crime risk management. Further to its 2006 RBA guidance, and in line with the Financial Action Task Force, the Group emphasises that an effective RBA requires financial institutions to identify, assess and understand their exposure to financial crime risks, and to take proportionate, prioritised and outcome-focused action. It outlines three core elements that financial institutions should demonstrate when designing their risk-based programme, including proportionality in programme design, prioritisation of higher-risk areas and a focus on effectiveness over rigid rule-based compliance. The Group confirms it will be updating its 2006 RBA guidance and 2015 FAQs on risk assessments. It encourages stakeholders to consider this statement alongside the broader resources listed therein, to support efforts in addressing financial crime and enhancing collaboration.

HM Treasury (HMT) has published a consultation paper on proposed reforms to the Office of Financial Sanctions Implementation's (OFSI) civil enforcement processes. The aim is to improve the efficiency, transparency and effectiveness of OFSI's enforcement activities. The reforms would apply solely to OFSI's civil enforcement powers concerning financial sanctions breaches, including Russia-related designated person asset reporting and the UK Maritime Services Ban and Oil Price Cap exception, excluding criminal enforcement or non-financial sanctions.

Read more.

The UK Office of Financial Sanctions Implementation (OFSI), part of HM Treasury, has published a sector-specific threat assessment report highlighting significant compliance risks facing UK cryptoasset firms in relation to financial sanctions. Covering the period from January 2022 to May of this year, the report concludes it is "almost certain" that UK cryptoasset firms have underreported suspected sanctions breaches since being designated as "relevant firms" under the UK sanctions regulations, in August 2022. OFSI identifies inadvertent non-compliance due to direct and indirect exposure to designated persons (DPs) and sanctioned entities such as the Russian exchange Garantex, cyber threats from DPRK-linked hackers exploiting cryptoassets to evade sanctions and transfers to Iranian cryptoasset firms with suspected links to DPs. The report emphasises the importance of timely and accurate reporting, enhanced due diligence and the use of blockchain analytics to detect and mitigate sanctions risks. OFSI urges firms to adopt a risk-based approach, conduct retrospective reviews and report any suspected breaches to OFSI, the UK Financial Conduct Authority and the National Crime Agency.

The National Crime Agency (NCA) and the UK Financial Conduct Authority (FCA) have jointly published a set of nine system priorities to combat economic crime in the UK, in line with the UK's second Economic Crime Plan and the National Risk Assessment. Backed by the Home Office, HM Treasury, the National Economic Crime Centre and UK Finance, the priorities seek to enhance public-private collaboration, enabling regulated firms to allocate resources more effectively while maintaining compliance. Key focus areas include money laundering through UK corporate structures linked to certain jurisdictions; fraud originating from international offenders; exploitation of money mules; and criminal cash consolidation via UK banking channels.

Additional priorities target terrorist financing; sanctions evasion by professional enablers; abuse of power by overseas Politically Exposed Persons; and the resilience of the cryptoasset ecosystem against criminal abuse. The only predicate offences explicitly listed in these priorities are those which fall under the definition of economic crimes—namely fraud, sanctions evasion and terrorist financing. However, the priorities concerning money laundering methods are intended to apply to all potential predicate offences, including but not limited to organised immigration crime, drug and firearms offences and human trafficking. A newly established System Prioritisation Governance Group will oversee governance of the priorities, with further guidance expected to be published in due course to support firms in aligning with these objectives.

HM Treasury has published its latest 2025 National Risk Assessment (NRA) of Money Laundering and Terrorist Financing, offering a comprehensive review of the UK's exposure to financial crime. Building on the 2015, 2017, and 2020 assessments, the 2025 NRA evaluates: (i) the UK's AML/CFT framework and the government's response to the 2020 NRA; (ii) overarching money laundering (ML) risks; (iii) overarching terrorist financing (TF) risks; (iv) sector-specific ML/TF risks under the Money Laundering Regulations (MLRs); and (v) emerging cross-cutting risks outside MLR-regulated sectors.

Read more.

HM Treasury (HMT) has published its consultation response in relation to its 2024 consultation on proposals to improve the effectiveness of the UK Money Laundering Regulations (MLRs). The consultation concentrated on four areas: (i) customer due diligence; (ii) system coordination around economic crime; (iii) clarifying scope; and (iv) registration requirements for the Trust Registration Service. The response confirms that a number of updates will be made to the MLRs and associated guidance. On customer due diligence, in particular, the following key changes were confirmed as set out below.

Read more.

The Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025 has been made and published with an accompanying explanatory memorandum. The legislation increases the financial threshold under sections 339A(2) and 339A(6A) of the Proceeds of Crime Act 2002 (POCA) from GBP1,000 to GBP3,000. These thresholds apply to two key exemptions for regulated businesses, such as banks, electronic money institutions and payment institutions, among others set out in schedule 9 of POCA, enabling them to (i) operate a customer account; or (ii) return funds when terminating a customer relationship, without committing a money laundering offence, even where criminal property is suspected (i.e., property believed to represent the proceeds of crime), provided the amount involved is below the threshold. The change aims to reduce the volume of low-value Defence Against Money Laundering (DAML) Suspicious Activity Reports (SAR), which in 2024 accounted for 23,000 submissions but only 0.1% of assets denied. A DAML SAR can be submitted for transactions above the threshold, which means a criminal offence will not be committed by the regulated entity, although the transaction is frozen pending the outcome of the review of the transaction or the lapse of three months. A review of the exit and pay away exemption introduced via the Economic Crime and Corporate Transparency Act 2023 is scheduled for 2026.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on supervisory practices to prevent and detect market abuse under the Markets in Crypto-Assets Regulation (MiCAR). The guidelines, initially released in April through a final report, outline general principles to promote high-quality and effective supervision of market abuse in crypto-assets, alongside more targeted practices to support national competent authorities (NCAs) in detecting and preventing such abuse. The guidelines will now apply from 9 October, being three months after their publication in all official EU languages. NCA's shall confirm by 9 September whether they comply or intend to comply with the guidelines. If an NCA does not comply or does not plan to comply, it must notify ESMA, providing the reasons for its position. ESMA will subsequently publish this information on its website.

The European Commission (EC) has adopted a Delegated Regulation amending a Delegated Regulation it adopted on 10 June, to introduce a review clause requiring the EC to independently assess countries that may pose a threat to the EU financial system, even if they are not publicly identified by the Financial Action Task Force (FATF). The Delegated Regulation adopted on 10 June amended the list of high-risk third countries laid down in Commission Delegated Regulation 2016/1675. The EC states that countries that are not publicly identified as being subject to calls for action or increased monitoring by the FATF might still pose a threat to the integrity of the EU financial system. Where membership of such countries to the FATF is suspended because of gross violations of core principles upon which that standard-setter is built, the threat to the EU financial system is likely to increase. The proposed review clause would require the EC to complete an autonomous assessment of whether such countries are high-risk third countries as referred to in Article 9 of Directive 2015/849 by 31 December.

The UK Financial Conduct Authority (FCA) has published finalised guidance on the treatment of Politically Exposed Persons (PEPs) under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The guidance is intended to help firms apply a proportionate and risk-based approach to managing money laundering risks associated with PEPs, their relatives and close associates.

Read more.

The European Central Bank (ECB) has published a Memorandum of Understanding (MoU) (dated 27 June) that the ECB has entered into with the European Union's Anti-Money Laundering Authority (AMLA) to enhance cooperation between prudential and anti-money laundering supervision. The MoU establishes practical arrangements for cooperation and information exchange, aiming to enhance supervisory effectiveness, maximise efficiency and avoid duplication of efforts. Under the MoU, the AMLA will directly supervise certain high-risk financial institutions (referred to as "selected obliged entities") that are particularly exposed to cross-border money laundering. These include payment institutions, crypto-asset service providers and, in some cases, banks that also fall under the ECB's prudential supervision. Article 92(3) of the AMLA Regulation requires the AMLA and the ECB to conclude a MoU setting out the practical modalities for cooperation and for exchanging information in the performance of their respective tasks by 27 June.

The European Supervisory Authorities (the European Banking Authority, European Insurance and Occupational Pensions Authority and European Securities Markets Authority—the ESAs) have announced the signing of a multilateral Memorandum of Understanding (MoU) (dated 27 June) with the European Union's Anti-Money Laundering Authority (AMLA). The agreement establishes a framework for effective cooperation and information exchange among the four institutions. The MoU outlines practical arrangements for collaboration, aiming to enhance supervisory convergence across the EU's financial sector. It also seeks to facilitate the sharing of relevant information, promote cross-sectoral learning and support capacity building in areas of mutual interest. The agreement is a key component of the AMLA's broader cooperation framework with the financial sector, as required under Article 91 of the AMLA Regulation, which mandates the conclusion of a multilateral MoU with the ESAs by 27 June.

The UK All-Party Parliamentary Group (APPG) on Fair Banking has published its latest report, "No Half Measures – A Blueprint to Beat APP Fraud", alongside a press release. The report assesses the UK's response to authorised push payment (APP) fraud and the early impact of the mandatory reimbursement requirement (MRR) introduced by the UK Payment Systems Regulator (PSR) in October 2024. The APPG recognises the MRR as a step forward in consumer protection but emphasises that it is not a complete solution to fraud. Key gaps remain, particularly in areas such as cryptocurrency platforms and international transfers, which remain outside the scope of the current reimbursement framework. The APPG calls for a balanced, system-wide approach, urging collaboration to effectively combat APP fraud rather than placing disproportionate expectations on financial institutions alone. In Q4 2025, there will be an independent one-year review assessing the impact of the MRR, as well as the PSR's wider policy approach to APP fraud.

Read more.

A Corrigendum to Regulation (EU) 2024/2987, referred to as the revised European Market Infrastructure Regulation (EMIR 3), has been published in the Official Journal of the European Union. This Regulation amends Regulations (EU) No 648/2012 (EMIR), No 575/2013 (Capital Requirements Regulation) and (EU) 2017/1131 (Money Market Fund Regulation) to introduce measures aimed at mitigating excessive exposures to third-country central counterparties. The Corrigendum corrects a legal reference concerning the identification of high-risk third countries for anti-money laundering and counter-terrorist financing purposes. Specifically, it replaces an incorrect reference to Regulation (EU) 2024/1624 with the correct citation to Directive (EU) 2015/849, known as the Anti-Money Laundering Directive.

The Financial Action Task Force (FATF) has published its sixth targeted update on the implementation of its standards for virtual assets (VAs) and virtual asset service providers (VASPs), alongside an updated webpage. The report assesses global progress in applying anti-money laundering and counter-terrorist financing (AML/CFT) measures to VAs and VASPs, noting improvements in regulation and enforcement. However, challenges remain and the report sets out key recommendations on: (i) risk assessment and policy approach to VASPs; (ii) licensing/registering and supervising VASPs; (iii) implementation of the Travel Rule; (iv) addressing emerging and increasing risks related to stablecoins and decentralised finance arrangements; and (v) recommendations for the private sector.

In parallel, FATF has also released Best Practices on Travel Rule Supervision, providing more detailed guidance to assist jurisdictions in effectively supervising compliance with the Travel Rule for VASPs. The guidance offers practical examples and supervisory approaches to address common implementation challenges.

The Financial Action Task Force (FATF) has published updated guidance accompanied by a press release, on financial inclusion and anti-money laundering and counter terrorist financing measures (AML/CFT). The update follows the enhancement of Recommendation 1 of the FATF Standards earlier this year, to emphasise the need for a risk-based approach to AML/CFT controls in a manner that promotes global financial inclusion, without undermining the effectiveness of the measures for the purpose of combatting crime. The guidance now includes practical case studies and sets out ways that national regulators and firms can leverage a risk-based approach to foster financial inclusion while safeguarding financial integrity. Examples of best practice in applying the risk-based approach are included in an Annex to the report.

The Financial Action Task Force (FATF) has published a report and accompanying press release, highlighting significant vulnerabilities in the global financial system's ability to combat proliferation financing (PF) and sanctions evasion. The report finds that only 16% of assessed jurisdictions are effectively implementing targeted financial sanctions. It discusses, amongst other things, trends and methods of sanctions evasion, challenges and good practices in mitigating PF risk and identifies four recommendations for further FATF work on counter proliferation financing.

Read more.

The Economic Crime and Corporate Transparency Act 2023 (Commencement No. 5) Regulations have been made under the Economic Crime and Corporate Transparency Act 2023 (ECCTA). These regulations, made on 10 June, bring into force the following provisions: (i) section 194 which requires the Lord Chancellor to make Civil Procedure Rules enabling courts to dismiss strategic litigation against public participation (SLAPP) claims before trial in certain circumstances and to make certain costs orders; and (ii) section 195, which defines what constitutes a SLAPP claim. The regulations, along with relevant amendments to the Civil Procedure Rules 1998, entered into force on 18 June.

The Financial Action Task Force (FATF) has published revised standards and an accompanying explanatory note, updating its comprehensive framework on recommendations to strengthen global efforts in anti-money laundering, counter-terrorist financing and counter-proliferation financing, as announced during the joint FATF-MONEYVAL Plenary meeting. The FATF update includes amendments to Recommendation 16, which governs the transparency of wire transfers through the payment chain and is commonly referred to as the "Travel Rule. The revised recommendation is aimed to modernise FATF standards in response to the evolving payments landscape, which now includes a broader range of products and services, technologies and business models.

Read more.

The joint FATF-MONEYVAL Plenary meeting, hosted by the Council of the European Union and chaired by FATF President Elisa de Anda Madrazo and MONEYVAL Chair Nicola Muccioli, concluded with significant progress in global efforts towards anti-money laundering (AML), counter-terrorist financing (CFT) and counter-proliferation financing (CPF) efforts.

Key takeaways include:

• The approval of changes to the FATF Standards to enhance cross-border payment security, supporting the G20 initiative to make payments faster, cheaper, more transparent and accessible.
• The adoption of Latvia's mutual evaluation report which assessed the effectiveness of the country's AML, CFT and CPF measures; the report will be published later this year.

Read more.

The European Commission (EC) has adopted a Delegated Regulation amending Delegated Regulation (EU) 2016/1675 to update the list of high-risk third countries with strategic deficiencies in their anti-money laundering and countering the financing of terrorism (AML/CFT) regimes, pursuant to article 9 of the Anti-Money Laundering and Terrorist Financing Directive VI. The amendment has added Algeria, Angola, Côte d'Ivoire, Kenya, Laos, Lebanon, Monaco, Namibia, Nepal and Venezuela to the list. These jurisdictions have made high-level political commitments to address these deficiencies and have developed action plans in cooperation with the Financial Action Task Force (FATF). The EC urges the timely and effective completion of these respective action plans. Barbados, Gibraltar, Jamaica, Panama, the Philippines, Senegal, Uganda and the United Arab Emirates have been removed from the list, having demonstrated significant improvements in their AML/CFT frameworks following the implementation of their respective FATF-agreed action plans. The Regulation will enter into force on the twentieth day following that of its publication in the Official Journal of the European Union, which is on 30 June.

The International Organization of Securities Commissions (IOSCO) has issued a statement calling for platform providers to take stronger action against rising investment fraud, driven by increased retail investor activity on digital platforms. It encourages platform providers to leverage the IOSCO International Securities and Commodities Alerts Network (I-SCAN)—a database launched in March that identifies unlicensed firms or those engaging in illegal activities—to block, warn against or remove illegal investment offerings from their platforms. In the statement, IOSCO has also highlighted effective measures used in some jurisdictions to combat online harm involving financial misconduct, including due diligence on unauthorised offerings, rigorous enforcement of compliance with terms of service, strong processes for detecting scams and proactive engagement with financial regulators and government authorities, including referrals of fraudulent activity.

The European Securities and Markets Authority (ESMA) has published its final report providing technical advice to the European Commission (EC) on changes made by the Listing Act to the Market Abuse Regulation (MAR) and the Markets in Financial Instruments Directive (MiFID II) in relation to small and medium enterprise (SME) growth markets. The Listing Act seeks to promote better access to public capital markets for EU companies, in particular SMEs, by simplifying requirements and reducing administrative burden. ESMA consulted on the advice in December 2024 and this final report includes feedback received in response to the consultation. Much of the MAR technical advice concerns the rules for disclosing inside information during a protracted process. It also covers the approach for identifying trading venues with a significant cross-border dimension under the new cross market order book mechanism (article 25a MAR). The MiFID technical advice concerns the category of multilateral trading facilities (MTF) labelled SME growth markets and the requirements that such an MTF (or MTF segment) must comply with under article 33 MiFID II. In giving its technical advice, ESMA suggests amendments to Commission Delegated Regulation 2017/565 (known as the MiFID Org Reg) or otherwise confirms its view where no amendments would be needed. The EC will adopt the delegated acts for which the technical advice was requested by July 2026.

The European Commission (EC) has adopted a Delegated Regulation supplementing Regulation (EU) 2023/1114 on markets in cryptoassets (MiCAR), with regard to regulatory technical standards (RTS) specifying the arrangements, systems and procedures for persons to prevent, detect and report market abuse, the templates to be used for reporting suspected market abuse and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations. Article 92(1) of MiCAR mandates that persons professionally arranging or executing transactions (PPAETs) in cryptoassets must have effective arrangements, systems and procedures to prevent and detect market abuse. These persons are required to report any reasonable suspicion of market abuse to the competent authority. This includes suspicions regarding an order or transaction, as well as other aspects of the functioning of the distributed ledger technology, where there may be indications that market abuse has been committed, is being committed or is likely to be committed. The Council of the EU and the European Parliament will now scrutinise the Delegated Regulation. The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal of the European Union.

The European Banking Authority (EBA) has issued its final report on draft regulatory technical standards (RTS) amending Commission Delegated Regulation (EU) 2018/1108, on the criteria for the appointment of central contact points for electronic money issuers and payment service providers and with rules on their functions under Article 45(10) of Directive (EU) 2015/849 (MLD4). The draft RTS extend the amended Delegated Regulation to define when cryptoasset service providers (CASPs) must appoint a central contact point. A central point contact can help to ensure compliance with local Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) obligations in cases where a CASP authorised in one EU Member State is providing services to another EU member state. The RTS set out: (i) the conditions under which CASPs should appoint a central contact point; and (ii) the roles and responsibilities of that central contact point. The draft RTS will be submitted to the Commission for endorsement, following which it will be put to the European Parliament and the Council for scrutiny, before being published in the Official Journal of the European Union.

The Financial Services Regulatory Initiatives Forum (the Forum) has published the Regulatory Initiatives Forum Grid (the Grid), with the UK Financial Conduct Authority (FCA) also updating its webpage. The previous Grid was due to be published in May 2024 but was postponed due to the General Election, meaning the Forum published only an interim update in October 2024.

The 2025 Grid sets out the regulatory pipeline for the next 24 months and reflects the reprioritisation that has taken place since the new government came into power. Notable initiatives include:

• motor finance commission review: the FCA intends to confirm, within six weeks of the Supreme Court's decision on past use of discretionary commission arrangements by motor finance firms, whether it will propose a redress scheme;
• liquidity risk management in funds: the FCA will consult on refined proposals regarding liquidity risk management in funds to implement FSB and IOSCO guidelines;
• Consumer Composite Investments (CCI) Regulation: the FCA published a second consultation paper on the new CCI regime on 16 April (see our update) and plans to issue a Policy Statement with final rules in late 2025;

Read more.

The UK Financial Conduct Authority (FCA) has updated its webpage on cash-based money laundering and confirmed its intention to carry out a multi-firm review in this area in the financial year 2025/2026. The webpage sets out an overview of the FCA's work to reduce money laundering through cash deposit services such as those provided by the Post Office under the terms of the Banking Framework Agreement. The FCA sets out its expectations for firms who are part of the Banking Framework Agreement, including measures in relation to transaction verification and monitoring, deposit limits, suspicious activity reports, intelligence sharing and training. More broadly, the FCA expects firms to focus on communication with their customers. As mentioned above, the FCA also confirms that it is planning a multi-firm review in the financial year 2025/2026 in relation to the financial crime risks from cash-based money laundering. This review will be broader in scope than the Post Office and will consider other routes by which cash enters the financial system.

The UK Financial Intelligence Unit (UKFIU) has published its annual report on suspicious activity reports (SARs) for the period between April 2023 and March 2024. The annual report structure has been updated due to a number of key changes, including the new reporting portal which was introduced in September 2023, and changes to the UK anti-money laundering regulatory framework. Key points noted in the report were the uptick in the number of defence against money laundering (DAML) requests refused, indicating better quality DAML SARs were being submitted, and wider use of account freezing orders by law enforcement. In terms of the sector breakdown, banking and financial services firms (including e-money, payments and crypto) continue to comprise the majority of SAR reporters, being responsible for over 95% of SAR reports. The report also confirms that the UKFIU will continue to work towards delivery of the new SARs Digital Service, which will provide greater analytical capabilities.

The International Organization of Securities Commissions (IOSCO) has announced the launch of a new alert portal, which is aimed at strengthening the global fight against retail investment fraud. The International Securities & Commodities Alerts Network (I-SCAN) allows investors, online platform providers, banks and institutions to check if a financial regulator has a suspicious activity flag for a particular company or potential investment. I-SCAN is part of IOSCO's roadmap for retail investor online safety, which sets strategic initiatives for safeguarding retail investors worldwide from fraud, excessive risk and misinformation as digital trading and social media reshape the retail financial market.

The fourth commencement regulations made under the Economic Crime and Corporate Transparency Act 2023 (ECCTA) have been published. Regulation 2 brought into force on 18 March certain provisions in Parts 1 and 2 of the Act. Regulation 3 brings measures creating the new offence of failing to prevent fraud fully into force in all of the United Kingdom on 1 September. Regulation 4 amends the third set of commencement regulations which failed to comply with the requirement that guidance must be published before regulations bringing section 199 (failure to prevent fraud) of the Act into force are made. Guidance was published on 6 November 2024, the day after the third commencement regulations were made. Regulation 5 replaces references in certain regulations to the commencement of a provision with a reference to the actual date on which the provision came into force. The explanatory note also contains a table listing provisions of the ECCTA which have been brought into force by previous commencement regulations.

The Financial Conduct Authority (FCA) has published its Primary Market Bulletin 54 in which it discusses strategic leaks and unlawful disclosure. The FCA reports that it has seen an increase in instances where material information on live M&A transactions appears to have been deliberately leaked to the press. The FCA reminds issuers and advisers of best practice in mitigating unlawful disclosure and limiting market abuse as set out in Primary Market Bulletin 42, Primary Market Bulletin 52, Article 14 of the Market Abuse Regulation and Rule 2.1(a) of the Takeover Code. Anyone unlawfully disclosing inside information, deliberately or otherwise, risks being investigated for market abuse. The FCA stresses that written policies and procedures for identifying and handling inside information can have limited effectiveness if they are not accompanied by culture and practices which actively discourage leaks.

The European Banking Authority (EBA) has published a consultation on proposed regulatory technical standards (RTS) under the EU's 2024 anti-money laundering (AML) package. The AML package consists of a Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (AML Regulation), a Regulation establishing the Anti-Money Laundering Authority (AMLA) and the Sixth Money Laundering Directive (MLD6). The EBA is consulting on draft RTS that will inform its response to the European Commission's (EC's) call for advice, which it intends to submit to the EC on 31 October.

Read more.

The Register of Overseas Entities (Protection and Trusts) (Amendment) Regulations 2025 were published, alongside an explanatory memorandum. The Regulations amend the Register of Overseas Entities (Delivery, Protection and Trust Services) Regulations 2022 to allow anyone whose information could be published or disclosed by the registrar under Register of Overseas Entities (ROE) to apply to Companies House to have their information protected. The ROE was established in 2022 mainly to improve transparency regarding the beneficial ownership of overseas entities holding land in the UK. Overseas entities owning or buying property in the UK must provide information to the Registrar of companies and most of that information is publicly available. There is protection of information of those at serious risk of violence or intimidation. Prior to this amendment, only a registrable beneficial owner or managing officer could apply for protection if they, or anyone they live with, would be at serious risk of intimidation or violence if the information about them is published.

The Regulations also allow trust information that is currently not publicly available to be accessed by application if certain requirements are met. The Regulations enter into force from 28 February, except for the provisions relating to trusts which will enter into force on 31 August. Companies House has published guidance on how to apply to protect details on the ROE.

The Financial Action Task Force (FATF) has published a consultation aimed at improving country and private sector understanding of current proliferation financing (PF) risks. This study will detail the evasion techniques used by those evading the targeted financial sanctions detailed in Recommendation 7 of the FATF Standards, as well as other national and supranational sanctions that are not covered by the FATF Standards. The resulting report will focus on providing a comprehensive up-to-date understanding of typologies in complex sanctions evasion schemes relevant to PF and identifying enforcement challenges and best practices, which helps to inform countries' PF risk assessment and risk mitigation.

The questions posed by the FATF include: (i) which unique products or services are most vulnerable to exploitation by sanctions evaders and PF actors; (ii) how risks related to vulnerable products or services and/or high-risk countries for sanctions evasion and/or PF activity are managed; (iii) measures (such as setting suspicious transaction report rules) that effectively detect potential sanctions evasion activity; (iv) best practices for information sharing with the public and/or private sectors; and (v) what public information the FATF can provide to assist the private sector and others in mitigating PF risk.

The deadline for responses is 21 March.

The UK Financial Conduct Authority (FCA) has published a portfolio letter explaining its current supervision priorities for asset management and alternatives. Firms must discuss this letter with their Board, Executive Committee and accountable Senior Managers to consider whether the risks of harm discussed exist in their firm and implement strategies for managing them.

The FCA's supervisory priorities include:

• Supporting confident investing in private assets. The FCA will shortly be releasing its multi-firm review on private market valuation practices. The FCA will also start a multi-firm review on conflicts of interest at firms managing private assets.
• Market integrity and avoiding disruption. Informed by the vulnerabilities identified in the System Wide Explanatory Scenario, the FCA will focus surveillance on prudent risk management, liquidity management and operational resilience.
• Consumer outcomes. The FCA will publish its findings from the ongoing multi-firm review of unit linked funds later this year and will also start a multi-firm review of model portfolio services (MPS). This review of MPS will look at how firms are applying the Consumer Duty, to provide confidence that investors are receiving good outcomes from MPS.

Read more.

The Unauthorised Co-ownership Alternative Investment Funds (Reserved Investor Fund) Regulations 2025 have been published, along with an explanatory memorandum. The regulations support the Government's introduction of the reserved investor fund (RIF) which will be a new type of UK-based investment fund vehicle legally structured as an unauthorised co-ownership alternative investment fund. The regulations will apply, with modifications, sections 261M to 261O and 261P(1) and (2) of the Financial Services and Markets Act 2000, which currently apply to investors in investment funds that are authorised contractual schemes, to investors in UK-based RIFs (or funds that were RIFs). The Regulations were made on 25 February and come into force when the Co-ownership Contractual Schemes (Tax) Regulations 2025 which establish RIFs come into force, that is 19 March.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on the procedures and policies, including the rights of clients, in the context of transfer services for cryptoassets under the Markets in Crypto-Assets Regulation (MiCAR) on investor protection. The guidelines apply to competent authorities and cryptoasset service providers (CASPs) that act as providers of transfer services for cryptoassets on behalf of clients within the meaning of Article 3(1)(26) of MiCAR. These guidelines aim to ensure the common, uniform and consistent application of the provisions in Article 82 of MiCAR. They include guidelines on: (i) the policies and procedures in the context of transfer services for cryptoassets; (ii) information requirements on individual transfers for cryptoassets; (iii) execution times and cut-off times; (iv) rejection or suspension of an instruction to transfer cryptoassets or return of cryptoassets transferred; and (v) the liability of the CASP.

The guidelines will apply from 27 April. National competent authorities must notify ESMA by 26 April whether they comply, do not comply but intend to comply or do not intend to comply with the guidelines. Cryptoasset service providers are not required to report whether they comply with the guidelines.

The Financial Action Task Force (FATF) has published an updated version of its anti-money laundering (AML) and counter-terrorist financing (CTF) standards after the February FATF Plenary approved changes to Recommendation 1 and its Interpretive Note, with corresponding amendments to Interpretive Notes to Recommendations 10 and 15, as well as related Glossary definitions to better support financial inclusion. The amendments aim to better promote financial inclusion through increased focus on proportionality and simplified measures under the risk-based approach. Alongside this, the FATF also published a consultation document on updating its Guidance on AML/CFT measures and financial inclusion, to equip policy makers and regulators with practical examples. Responses must be submitted by 4 April.

The Financial Action Task Force (FATF) has published a second consultation on payment transparency, and in particular proposed revisions to recommendation 16 (R.16). The revisions adapt the FATF Standards to the changes in payment business models and messaging standards, as well as to the evolving risks and vulnerabilities. This consultation picks up the main issues raised in the first consultation during February to May 2024, and how these have now been addressed. It also provides more information on the questions of policy intent and proportionality which were raised as overarching issues during that consultation. The revised proposal is attached as an annex to the consultation.

The deadline for responses is 18 April. The FATF will finalise the revisions in June, following which it will develop a guidance paper on payment transparency to facilitate consistent implementation of the updated standards.

The Wolfsberg Group has published FAQs on defining digital assets. The FAQs propose definitions to be used by financial institutions, policymakers, supervisors and regulators to understand the characteristics of digital assets, money laundering, terrorist financing and operational risks they generate, as well as serve as an input to financial institutions developing policies and appropriate controls. The Wolfsberg Group intends to supplement these FAQs in future with guidance on the risks and associated controls for digital assets in line with the concepts developed in the FAQs.

The Wolfsberg Group has also published guidance on payment transparency roles and responsibilities to supplement the Wolfsberg Group Payment Transparency Standards.

The Financial Services and Markets Act 2023 (Digital Securities Sandbox) (Amendment) Regulations 2025 were laid before parliament, together with an explanatory memorandum. The Regulations relate to the Digital Securities Sandbox, which is a temporary supervisory regime allowing firms to test certain innovative financial market infrastructure activities that launched on September 30, 2024. The Regulations amend the Sandbox by modifying the application of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 to Sandbox participants. This is to ensure that firms which may already be registered or authorized with the FCA for other activities need not register separately with the FCA as a cryptoasset business for the purpose of undertaking Sandbox activities. The explanatory memorandum accompanying the Regulations also confirms that a number of firms have successfully completed the approvals process for the Sandbox and passed through Gate 1 (the testing stage). The Regulations make certain other minor amendments, and come into force on March 3, 2025.

The Financial Conduct Authority has published a report on assessing and reducing the risk of Money Laundering Through the Markets. Money Laundering Through the Markets is the use of capital markets to launder criminally generated cash so that it appears legitimately generated. The report renews the risk assessment of Money Laundering Through the Markets and risks documented in the FCA's June 2019 thematic review. It also sets out the findings of the FCA follow-up review, which it believes will assist brokers and other firms operating in the capital markets to continue to improve their controls and ensure they meet the required standards. The FCA's report provides further insights through practical case studies and examples of good and poor practice.

Overall, the FCA saw good practice and progress in several financial crime systems and controls across larger and smaller firms. However, relevant firms needed to more rigorously tackle the issues raised in the previous thematic review. Key challenges observed include: (i) transaction monitoring; (ii) knowledge of the U.K. Financial Intelligence Unit Money Laundering Through the Markets suspicious activity reporting glossary code; (iii) information sharing; and (iv) documenting customer risk-assessment methods in enough detail. The FCA would like firms to continue reviewing their systems, controls, Money Laundering Through the Markets awareness and training. Moving forward, the FCA will use its supervisory work, to make sure firms are considering Money Laundering Through the Markets risks, and the points raised in this report to drive improvements and reduce risk across the markets. It will also encourage firms and third-party providers to innovate more, to tailor transaction monitoring systems and alerts to capital markets.

The U.K. Financial Conduct Authority has published a policy statement on changes to its financial crime guide, following its consultation in April. The changes cover the following areas: (i) sanctions—to reflect information learnt from assessments of firms' sanctions' systems and controls following Russia's invasion of Ukraine in 2022; (ii) proliferation financing—to ensure that proliferation financing is explicitly referenced throughout the guide, where appropriate. This includes highlighting a 2022 change to the MLRs, which requires firms to conduct proliferation financing risk assessments; (iii) transaction monitoring—to provide further guidance on how firms can implement and monitor transaction monitoring systems. This includes supporting responsible innovation and new technological approaches; (iv) cryptoasset businesses—to make clear that cryptoasset businesses registered under the MLRs should refer to the guide; (v) Consumer Duty—to clarify that firms should consider whether their systems and controls are consistent with their obligations under the Duty; and (vi) consequential changes—includes replacing expired links, updating outdated references to EU rules and refreshing case studies based on more recent FCA enforcement notices.

Read more.

The U.K. Financial Conduct Authority has published a speech by Emily Shepperd, FCA Chief Operating Officer, on the FCA's strategy for 2025 to 2030. In the speech, Ms. Shepperd sets out the four main themes of the FCA's strategy. Ms. Shepperd emphasises that trust in both the FCA and the financial services sector underpins these themes and will be crucial as the FCA looks to pursue growth, alongside ensuring proportionality in regulation and encouraging innovation. She also explains that the FCA has decided to set its ambitions on 2030, a five-year strategy, learning from its first 3-year strategy that it takes time to deliver and cement change.

Read more.

The Financial Conduct Authority has published finalized guidance for payment service providers that enables a risk-based approach to processing suspected fraudulent payments. Following the publication of the Payment Services (Amendment) Regulations 2024, the amount of time that a PSP has to process an outbound payment when there are reasonable grounds to suspect fraud or dishonesty was extended to up to four business days. To support these regulations, HM Treasury asked the FCA to issue guidance to explain how it expects PSPs to apply these legislative changes, taking into account feedback from stakeholders.

Following a consultation in September, the finalized guidance sets out:

• the requirements for delaying outbound payments and determining whether the threshold for "reasonable grounds to suspect" has been met;
• how PSPs should use the payment delay window;
• obligations on PSPs if they delay an outbound transaction; and
• the treatment of suspicious inbound payments.

The FCA has amended its payment services and electronic money approach document to include the new finalized guidance. The guidance came into effect on November 22, 2024.